A software bill of materials (SBOM) is a complete list of all software components used across an organization, including third-party open source libraries, vendor-provided packages, and first-party artifacts built by the organization. Maintaining an up-to-date SBOM is crucial to track license and security risks associated with software components, ensuring rapid software development can be kept up with changing components and their versions. The use of open source software has increased significantly, making it essential for developers to understand the impact on supply chain security. Security concerns include vulnerabilities in third-party libraries, such as event-stream and Log4Shell, which can lead to security incidents if not addressed promptly. Developers need to be aware of legal implications of using software components, including copyleft licenses like GPL, and ensure they are using permissive licenses like MIT. A software bill of materials is essential for standardizing open source library usage, providing insights into package health, and accelerating supply chain security readiness. By maintaining an up-to-date SBOM, developers can mitigate concerns of software supply chain security across their entire software development lifecycle. Tools like Snyk provide solutions for generating SBOMs and managing license compliance, ensuring secure open source dependencies.