Skip to main content

What is an SBOM?

A Software Bill of Materials is a formal inventory of all software components, libraries, and dependencies used in a product. Under the EU Cyber Resilience Act (CRA), manufacturers of products with digital elements must maintain and provide an SBOM.

TinyBell platform components

Backend (PHP 8.2)

Frontend (JavaScript)

Pixel script (loaded on hotel websites)

The pixel script has zero external dependencies. It is a self-contained JavaScript file that does not load any third-party libraries on hotel websites.

Infrastructure services

External APIs (free, no authentication)

SBOM format

This SBOM follows the CycloneDX standard recommendations. A machine-readable version in CycloneDX JSON format is available upon request at info@thetinybell.com.

Update policy

This SBOM is updated with every major release of the TinyBell platform. Last update: April 2026.

Vulnerability monitoring

We monitor all listed dependencies for known vulnerabilities using automated tools. When a vulnerability is discovered in a dependency:
  1. We assess the impact on TinyBell within 24 hours
  2. We apply patches or mitigations within 7 days for critical issues
  3. We notify affected customers if their data may have been at risk