cyclonedx-php-composer
cyclonedx-php-composer copied to clipboard
CycloneDX
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
packages may come from local sources. packages may come from alternative registries. ## acc / crit - [ ] local components are marked with ` relative: true`, `path: /path/to/pod` -...
benefit: have the config in a file, so no CLI parameters are needed parameter defaults are read from the config-file, and may override system defaults. parameters can still be overridden...
describe the architecture of the plugin target audience: developers
Updates the requirements on [friendsofphp/php-cs-fixer](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer) to permit the latest version. Release notes Sourced from friendsofphp/php-cs-fixer's releases. v3.57.2 7th Gear What's Changed fix: PhpUnitTestClassRequiresCoversFixer - attribute detection when class is final...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Updates the requirements on [friendsofphp/php-cs-fixer](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer) to permit the latest version. Release notes Sourced from friendsofphp/php-cs-fixer's releases. v3.61.1 7th Gear What's Changed fix: NoSuperfluousPhpdocTagsFixer - fix "Undefined array key 0" error...
Updates the requirements on [friendsofphp/php-cs-fixer](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer) to permit the latest version. Release notes Sourced from friendsofphp/php-cs-fixer's releases. v3.64.0 Space Sets What's Changed feat: Update PSR2, PSR12 and PER-CS2 with single_space_after_... config...
## Is your feature request related to a problem? Please describe. Add official support for PHP8.4 ## Describe the solution you'd like assert PHP 8.4 support in CI unit tests...
## Is your feature request related to a problem? Please describe. packages manifests may declare package licenses. some license declarations are no final license texts, but templates - like "MIT"....
## Is your feature request related to a problem? Please describe. if i build a SBOM for a **library**, i do not want to have non-bundled component listed as if...