cdxgen
cdxgen copied to clipboard
CycloneDX
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission t...
https://github.com/sfackler/rust-openssl https://github.com/actix/actix-web Have to find a way to report the native libraries, which may not appear in the lock files.
The parser for minified JavaScript files sometimes calculate the name of the package incorrectly. This issue seems to occurred in two cases 1. The format of the comment with the...
cc: @ajmalab https://github.com/apache/kafka GRADLE_MULTI_THREADED=true Use Java 17 ``` Executing /Volumes/Work/sandbox/kafka/gradlew --console plain --build-cache dependencies :examples:dependencies :server-common:dependencies :connect:dependencies :clients:dependencies :shell:dependencies :raft:dependencies :metadata:dependencies :log4j-appender:dependencies :server:dependencies :core:dependencies :generator:dependencies :tools:dependencies :group-coordinator:dependencies :streams:dependencies :trogdor:dependencies :jmh-benchmarks:dependencies...
Command Run get *Python CBOM*: `node /opt/cdxgen/bin/cdxgen.js -t python --include-crypto -o bom.json .` Output:  Expected Output to contain following references: https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/securedrop/secure_tempfile.py#L92 https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/admin/securedrop_admin/__init__.py#L808 https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/securedrop/models.py#L453 https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/securedrop/two_factor.py#L33 Environment: OS: `22.04.1-Ubuntu` node: `v20.9.0`...
We have many [repotests](https://github.com/CycloneDX/cdxgen/blob/master/.github/workflows/repotests.yml) that invoke cdxgen with a range of repos but don't validate the results :) This issue is to seek community help to setup a snapshot testing...
Command>> cdxgen --deep node:buffer:599 slice: (buf, start, end) => buf.utf8Slice(start, end), ^ Error: Cannot create a string longer than 0x1fffffe8 characters at Object.slice (node:buffer:599:37) at Buffer.toString (node:buffer:818:14) at readFileSync (node:fs:512:41)...
Possible locations: /usr/lib/systemd/system /run/systemd/system /etc/systemd/system
https://github.com/chains-project/maven-lockfile
https://cyclonedx.org/docs/1.6/json/#components_items_pedigree_ancestors cc: @setchy
Need to check the got related calls that attempt to detect the service to use