Skip to content

Fix: Open TOML files in binary mode as required by tomllib#40

Merged
anthonyharrison merged 1 commit into
anthonyharrison:mainfrom
HalaAli198:fix-toml-binary-mode
Oct 2, 2025
Merged

Fix: Open TOML files in binary mode as required by tomllib#40
anthonyharrison merged 1 commit into
anthonyharrison:mainfrom
HalaAli198:fix-toml-binary-mode

Conversation

@HalaAli198

Copy link
Copy Markdown

Problem

When processing pyproject.toml and poetry.lock files, sbom4python fails with:
TypeError: File must be opened in binary mode, e.g. use open('foo.toml', 'rb')

Root Cause

Python's tomllib (introduced in Python 3.11) requires TOML files to be opened in binary mode,
but the code was opening them in text mode.

Solution

Changed file opening mode from 'r' (text) to 'rb' (binary) in two locations:

  • Line 650 in process_pyproject() method for pyproject.toml files
  • Line 716 in process_pylock() method for poetry.lock files

Testing

Successfully tested with BentoML's pyproject.toml file that previously caused TypeError.

Test command:

sbom4python -r pyproject.toml --sbom cyclonedx --format json -o output.json

Fixed two instances where TOML files were opened in text mode instead of binary mode:
- Line 650: process_pyproject() method
- Line 716: process_pylock() method

The tomllib parser requires files to be opened in binary mode ('rb').
This fixes the TypeError when processing pyproject.toml and poetry.lock files.
@feliwir

feliwir commented Sep 23, 2025

Copy link
Copy Markdown

We need this aswell. Currently we can't generate SPDX files for our pyproject.toml

@HalaAli198

Copy link
Copy Markdown
Author

I think there’s a bit of a misunderstanding — the root issue is just with reading TOML files (Python’s tomllib requires binary mode). I’ve already submitted a PR with a fix for this, and it works in my testing. Once merged, it should unblock SPDX generation from pyproject.toml as well.

Could you please review it?

Thanks!

@anthonyharrison anthonyharrison merged commit 09bcb07 into anthonyharrison:main Oct 2, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants