cdxgen icon indicating copy to clipboard operation
cdxgen copied to clipboard

Published 20 hours ago verified publisher icon CycloneDX

[Python CBOM] All python cryptography usages not detected

Open aryan-rajoria opened this issue 1 year ago • 1 comments

Command Run get Python CBOM: node /opt/cdxgen/bin/cdxgen.js -t python --include-crypto -o bom.json .

Output: image

Expected Output to contain following references: https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/securedrop/secure_tempfile.py#L92 https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/admin/securedrop_admin/init.py#L808 https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/securedrop/models.py#L453 https://github.com/freedomofpress/securedrop/blob/3a50273be99c78c78ea169854b2264f1edef3dab/securedrop/two_factor.py#L33

Environment: OS: 22.04.1-Ubuntu node: v20.9.0 npm: 10.1.0 cdxgen: form master 246e995

aryan-rajoria avatar May 06 '24 15:05 aryan-rajoria

PyCryptodome Cryptography, Fernet https://cryptography.io/en/latest/ PyNaCl PyOpenSSL Keyczar M2Crypto asn1crypto

any synergy with project https://github.com/advanced-security/cbom-action ?

sumetpong avatar May 31 '24 21:05 sumetpong