Currently the SBOM files for Qt 6.8.0 are shipped as part of the Qt binary packages, and can only be viewed after installing Qt locally via the online installer.

It could be beneficial to also host the SBOM files as plain text (non-archived) files in some well-defined location on the web, so that other projects that consume a specific version of prebuilt Qt, can link to the corresponding SBOMs.

It will likely also make it easier for any SBOM compliance tooling to automatically download and process the SBOM files based on knowing the Qt version and platform.

It also makes it easy to quickly look up information like dependency versions used for a specific Qt, urls to the dependencies, etc.

The location on the web should likely be behind a CDN, to protect against traffic that might come from automated tooling like CI, scanners, etc.