Skip to content
View jkowalleck's full-sized avatar
🐢
🐢
68 followers · 29 following
  • Open for hire
  • Nuremberg, Germany
  • 20:43 (UTC +02:00)
  • LinkedIn in/jankowalleck

Achievements

Achievement: Starstruckx2Achievement: Galaxy Brainx2Achievement: Pair Extraordinairex3Achievement: Pull Sharkx4Achievement: QuickdrawAchievement: YOLOAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Starstruckx2Achievement: Galaxy Brainx2Achievement: Pair Extraordinairex3Achievement: Pull Sharkx4Achievement: QuickdrawAchievement: YOLOAchievement: Arctic Code Vault Contributor

Highlights

Organizations

@k4cg @CycloneDX @package-url @Ecma-TC54 @Digital-Nomad-Guild

Block or report jkowalleck

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jkowalleck/README.md

Hi there 👋, I'm Jan.

Open-source maintainer focused on system transparency and software supply-chain security.

Co-lead of OWASP CycloneDX, working on the specification and tooling ecosystem.

Helping systems explain what they actually contain, instead of leaving everyone to guess and hope for the best.

Contact via GitHub   Contact on LinkedIn

CycloneDX & System Transparency

I contribute to the CycloneDX specification and maintain tooling that generates CycloneDX SBOMs and other system transparency artifacts across multiple ecosystems.

CycloneDX goes beyond traditional Software Bills of Materials (SBOMs) and supports system transparency across modern software supply chains.

My tools support projects built with:

  • Python (venv, Poetry, Pipenv, uv, PDM, Conda, etc.)
  • Node.js (npm, yarn, etc.)
  • PHP (Composer)
  • Build systems such as Webpack, esbuild, Bun-build, and similar tooling

Helping developers and organizations understand what actually runs inside their software, which is more difficult than it should be.

Some open-source projects I maintain or co-maintain

Project Ecosystem Description
cyclonedx-python Python Generate CycloneDX SBOMs for everything Python
cyclonedx-python-lib Python CycloneDX library
cyclonedx-node-npm Node.js Generate CycloneDX SBOMs for npm
cyclonedx-node-yarn Node.js Generate CycloneDX SBOMs for yarn
cyclonedx-webpack-plugin Webpack SBOM generation during builds with Webpack
cyclonedx-esbuild esbuild & Bun SBOM generation for esbuild-compatible build systems
cyclonedx-javascript-library JavaScript/TypeScript CycloneDX library
cyclonedx-php-composer PHP Generate CycloneDX SBOMs for Composer
cyclonedx-php-library PHP CycloneDX library
cyclonedx-node-module Node.js Hub for Node.js CycloneDX SBOM tooling and documentation
packageurl-php PHP PackageURL library
rfc3987-syntax Python RFC 3987 (IRI) library
py-serializable Python Serialization utilities

Support my work

If you rely on the tools or libraries I maintain, consider sponsoring the work.

Because servers, CI pipelines, dependency updates, and security fixes are not powered by appreciation alone.

Sponsor me

… those dumb metrics that barely mean anything …

Language by repo Language by commits
Stats Commits/dh

… those oh-so-impressive skills everyone can't stop flaunting …

Skillicons

Pinned Loading

  1. CycloneDX/specification CycloneDX/specification Public

    OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, an…

    XSLT 505 84

  2. CycloneDX/cyclonedx-python CycloneDX/cyclonedx-python Public

    CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

    Python 373 93

  3. CycloneDX/cyclonedx-python-lib CycloneDX/cyclonedx-python-lib Public

    Functionality and DataModels of OWASP CycloneDX for Python

    Python 108 63

  4. CycloneDX/cyclonedx-php-composer CycloneDX/cyclonedx-php-composer Public

    Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects

    PHP 84 7

  5. CycloneDX/cyclonedx-javascript-library CycloneDX/cyclonedx-javascript-library Public

    Functionality and DataModels of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.

    TypeScript 24 16

  6. CycloneDX/cyclonedx-php-library CycloneDX/cyclonedx-php-library Public

    Functionality and DataModels of OWASP CycloneDX for PHP

    PHP 13