cdxgen icon indicating copy to clipboard operation
cdxgen copied to clipboard

Published 20 hours ago verified publisher icon CycloneDX

Support for buildroot .mk files

Open prabhu opened this issue 1 year ago • 2 comments

buildroot/package directory has one directory per package.

Each package directory has a .mk file.

https://github.com/teslamotors/buildroot/blob/buildroot-2019.02/package/bison/bison.mk

The directory name is the package's name, and the *_VERSION in the .mk file is the version.

Map _SOURCE to pkg.distribution = {url: url}. index.js to be enhanced to set the externalReference based on pkg.distribution.url

https://github.com/CycloneDX/cdxgen/blob/master/index.js#L600

Map _LICENSE to pkg.license

prabhu avatar Sep 11 '23 00:09 prabhu

Note that Buildroot has a "make" target that provides the license information and a CSV listing of all packages used in the build in one folder. Executing "make legal-info" produces the folder containing loads of details that can be used for both SBOM and OSS License data. It is a feature of Buildroot.

ptdropper avatar Mar 11 '24 20:03 ptdropper

@ptdropper, could you share the output file from make legal-info?

prabhu avatar Mar 12 '24 10:03 prabhu