Gwendal Laurent developed CycloneDX SBOM generation for Erlang Rebar3 projects within the oss-review-toolkit/ort repository. He implemented the rebar3_sbom plugin, leveraging Docker and Shell scripting to automate SBOM creation and packaging through a bombom wrapper. The workflow incorporated cosign-based signature verification, ensuring the integrity of generated SBOMs and supporting secure dependency management. This solution addressed the need for transparent supply chain practices in Erlang ecosystems and enabled integration with SBOM-driven pipelines, such as future package manager plugins. Gwendal’s work demonstrated depth in Docker, Erlang, and SBOM generation, focusing on robust automation and security for open source projects.