Software Bill of Materials (SBOM)
A Software Bill of Materials (SBOM) in the context of Ubuntu is a list of software components, applications, libraries, and modules that are installed by the operating system. Ubuntu consists of several packages that depend on other packages such as shared libraries. These are shipped on different forms such as debs and snaps. The following sections show how to get the list for each type of packages to assist you in keeping your systems up-to-date.
List of deb packages
To see the package dependencies in Ubuntu use:
$ dpkg -l
The output is a list of packages similarly to the following.
Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-================================================-=====================================-============-==============================================================> ii apparmor 3.0.3-0ubuntu1 amd64 user-space parser utility for AppArmor rc apparmor-utils 3.0.0-0ubuntu7.1 amd64 utilities for controlling AppArmor management ii apt 2.3.9 amd64 commandline package manager
List of snap packages
$ snap list
This outputs a list such as the one below.
Name Version Rev Tracking Publisher Notes bare 1.0 5 latest/stable canonical✓ base canonical-livepatch 10.1.2 126 latest/stable canonical✓ -