Software Bill of Materials (BOM)

[drewhall]

Thank you for Hatch--I love it! Here is an idea for improvement that has been on my mind:

It would be nice to include a command within Hatch to generate SPDX-compatible software bill-of-materials files in JSON or XML format.

You could leverage tools such as those found at SPDX Tools to do most of the heavy lifting.

This would be a nice complement to the SPDX-compatible metadata comments that are automatically inserted into about.py and init.py files by default.

[ofek]

Hey there! I would recommend creating a third-party build hook: https://hatch.pypa.io/latest/plugins/build-hook/reference/

[drewhall]

Thank you--I will try to do that!