Skip to content
View jkowalleck's full-sized avatar
🐢
🐢
62 followers · 27 following

Highlights

Organizations

@k4cg @CycloneDX @package-url @Ecma-TC54

Block or report jkowalleck

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jkowalleck/README.md

Hi there 👋, I'm Jan.

Open-source maintainer focused on system transparency and software supply-chain security.

Project Co-Lead of OWASP CycloneDX, working on the specification and tooling ecosystem.

Helping software systems explain what they actually contain — instead of everyone guessing and hoping for the best.

CycloneDX & System Transparency

I contribute to the CycloneDX specification and maintain tooling that generates CycloneDX SBOMs and other system transparency artifacts across multiple ecosystems.

CycloneDX goes beyond traditional Software Bills of Materials (SBOMs) and supports system transparency across modern software supply chains.

My tools support projects built with:

  • Python (poetry, pipenv, uv,PDM, conda, etc)
  • Node.js (npm, yarn)
  • PHP (Composer)
  • build systems such as webpack, esbuild and bun-build
  • ...

Helping developers and organizations understand what actually runs inside their software — which turns out to be surprisingly non-trivial.

Some open-source projects I maintain or co-maintain
Project Ecosystem Description
cyclonedx-python Python Generate CycloneDX SBOMs
cyclonedx-python-lib Python CycloneDX data model implementation
cyclonedx-node-npm Node.js Generate CycloneDX SBOMs
cyclonedx-node-yarn Node.js Generate CycloneDX SBOMs
cyclonedx-webpack-plugin Webpack SBOM generation during builds
cyclonedx-esbuild esbuild SBOM generation during builds
cyclonedx-php-composer PHP Composer SBOM plugin
cyclonedx-javascript-library JavaScript CycloneDX library
cyclonedx-php-library PHP CycloneDX library
packageurl-php PHP Package URL implementation
serializable Python Serialization utilities

Support my work

If you rely on the tools or libraries I maintain, consider sponsoring the work.

Because servers, CI pipelines, dependency updates, and security fixes unfortunately are not powered by appreciation alone.

Sponsor me LinkedIn

… those dumb metrics that barely mean anything …

Language by repo Language by commits
Stats Commits/dh

… those oh-so-impressive skills everyone can't stop flaunting …

Skillicons

Pinned Loading

  1. CycloneDX/cyclonedx-javascript-library CycloneDX/cyclonedx-javascript-library Public

    Functionality and DataModels of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.

    TypeScript 22 15

  2. CycloneDX/cyclonedx-php-library CycloneDX/cyclonedx-php-library Public

    Functionality and DataModels of OWASP CycloneDX for PHP

    PHP 13

  3. CycloneDX/cyclonedx-python-lib CycloneDX/cyclonedx-python-lib Public

    Functionality and DataModels of OWASP CycloneDX for Python

    Python 102 59

  4. k4cg/nichtparasoup k4cg/nichtparasoup Public

    nichtparasoup is a web-based hackspaces entertainment system. It continuously displays random images from Reddit & Pr0gramm in your web-browser. Image sources are highly customizable.

    Python 39 11