Software Bill of Materials
EPPlus Software provides a Software Bill of Materials (SBOM) for each EPPlus release from version 8 and up. The SBOM lists all third-party dependencies included in EPPlus, along with their versions, licenses and checksums.
| Version | Release date | SHA-256 checksum | Download |
|---|---|---|---|
| 8.5.0 | 2026-03-06 |
57b57d240265d4a5…
|
SBOM (CycloneDX JSON) |
| 8.4.2 | 2026-02-04 |
3f8ebbea300b7868…
|
SBOM (CycloneDX JSON) |
| 8.4.1 | 2026-01-12 |
ac0de8a26febde86…
|
SBOM (CycloneDX JSON) |
Direct access
Each SBOM can be accessed directly via a URL. This is useful for automated tools and pipelines that consume SBOM data.
Specific version
https://epplussoftware.com/security/sbom/{version}.jsonLatest published version
https://epplussoftware.com/security/sbom/latest.jsonIndex of all versions
A machine-readable JSON index of all available SBOM files, including version, release date, download URL and SHA-256 checksum.
https://epplussoftware.com/security/sbom/all.jsonAbout the format
The SBOM is generated in CycloneDX JSON format, specification version 1.6. It includes all NuGet dependencies with versions, licenses and SHA-512 checksums.