BuildStream is a software integration tool that allows building software aggregated from multiple sources in a single pipeline to produce a final output. This final output could be a container image, an operating system image or anything that you can write a plugin for.

In this talk, I present buildstream-sbom. It's a tool that extracts information from a BuildStream project and uses it to generate an SPDX-formatted SBoM. I also discuss the issues that I had translating from BuildStream concepts to SPDX.