Modern digital ecosystems, spanning software, hardware, learning models, datasets, and cryptographic products, continue to grow in complexity, making it difficult for organizations to understand and manage component dependencies. Bills of Materials (BOMs) have emerged as a structured way to document product components, their interrelationships, and key metadata, improving visibility and security across digital supply chains. This survey provides the first comprehensive cross-domain review of BOM developments and practices. We start by examining the evolution of BOM frameworks in three stages (i.e., pre-development, initial, and accelerated) and summarizing their core principles, key stakeholders, and standardization efforts for hardware, software, artificial intelligence (AI) models, datasets, and cryptographic assets. We then review industry practices for generating BOM data, evaluating its quality, and securely sharing it. Next, we review practical downstream uses of BOM data, including dependency modeling, compliance verification, operational risk assessment, and vulnerability tracking. We also discuss academic efforts to address limitations in current BOM frameworks through refinements, extensions, or new models tailored to emerging domains such as data ecosystems and AI supply chains. Finally, we identify four key gaps that limit the usability and reliability of today's BOM frameworks, motivating future research directions.

翻译：现代数字生态系统涵盖软件、硬件、学习模型、数据集与加密产品，其复杂性持续增长，使得组织机构难以理解和管理组件依赖关系。物料清单（BOMs）作为一种结构化文档方法应运而生，用于记录产品组件、其相互关系及关键元数据，从而提升数字供应链的可视性与安全性。本综述首次对BOM的发展与实践进行了跨领域的全面回顾。我们首先通过三个阶段（即前期发展、初始阶段与加速阶段）考察BOM框架的演进历程，并总结其在硬件、软件、人工智能（AI）模型、数据集及加密资产领域的核心原则、关键参与方与标准化工作。随后，我们审视了生成BOM数据、评估其质量以及安全共享数据的行业实践。接着，我们回顾了BOM数据在实际下游应用中的使用场景，包括依赖建模、合规性验证、操作风险评估与漏洞追踪。此外，我们探讨了学术界通过改进现有BOM框架、扩展其功能或针对数据生态系统与AI供应链等新兴领域构建新模型，以解决当前BOM框架局限性的研究努力。最后，我们指出了制约当前BOM框架可用性与可靠性的四个关键缺口，并以此提出未来的研究方向。