Dependency Graph SBoM export for older repository versions?

[ap0mpur4FIS]

Select Topic Area

Question

Body

As the title suggests, I am wondering if there is support for downloading Dependency Graph SBoMs for older repo versions, as the one located at https://github.com/{owner}/{repo}/network/dependencies for each repo seems to be for the current version only.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[ppeters0502]

Wanted to reply to restart the discussion about this feature. This would be incredibly helpful if a user could export an SBOM from a specific release/tag point for a repository. I use this Export SBOM functionality quite extensively when performing security reviews of Open Source Tools and packages, and being able to check the dependencies around a specific version of a tool would be fantastic!

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[Loki-Afro]

another use case is that when tagging a version, an SBOM should be created, thus one needs more flexibility here to create sboms for references other than main branch head commits ..