Changguo's SIT Tool Integrated into GitHub & AtomGit

Published: Oct 31, 2025 by Ruiqiao Qiu

To address the widespread issues of inaccuracy, non-compliance, and incompleteness in the SBOMs generated by existing mainstream tools, we design and implement an automated SBOM generation tool based on incremental construction.

The tool introduces an SBOM IR to unify and transform multiple SBOM standards during the generation process, employs schema validation to ensure output compliance, and applies a double cross-validation technique to enhance the precision and consistency of dependency identification.

Experimental results demonstrate significant improvements in the accuracy, compliance, and completeness of generated SBOMs.

🔧 SIT tool has now been integrated into platforms such as GitHub and AtomGit.

SITtool

Latest Posts

Changguo's SIT Tool Integrated into GitHub & AtomGit

To address the widespread issues of inaccuracy, non-compliance, and incompleteness in the SBOMs generated by existing mainstream tools, we design and implement an automated SBOM generation tool based on incremental construction.

Read more

Published: Oct 31, 2025

Two papers accepted by ICSE 2026!

Weiwei’s study on license variants in the PyPI ecosystem and Yiliang’s study on the CVE ecosystem have been accepted by ICSE 2026!

Read more

Published: Oct 18, 2025

One paper accepted by FSE 2025!

Fabs and Runzhi’s study on release note generation has been accepted by FSE 2025! Congratulations!

Read more