> SBOM (Software Bill of Materials) – a machine-readable directory of all software components and dependencies used

This sounds like a really good idea all around, not only for open source.