cyclonedx-cli
cyclonedx-cli copied to clipboard
Published
20 hours ago •
CycloneDX
CycloneDX
cylconedx diff two json files error
cyclonedx diff api-json/jenkins.json json/jenkins-cyclonedx.json --component-versions
Unhandled exception: System.Text.Json.JsonException: The JSON value could not be converted to CycloneDX.Models.Bom. Path: $ | LineNumber: 0 | BytePositionInLine: 1.
at System.Text.Json.ThrowHelper.ThrowJsonException_DeserializeUnableToConvertValue(Type )
at System.Text.Json.Serialization.Converters.ObjectDefaultConverter`1.OnTryRead(Utf8JsonReader& , Type , JsonSerializerOptions , ReadStack& , T& )
at System.Text.Json.Serialization.JsonConverter`1.TryRead(Utf8JsonReader& , Type , JsonSerializerOptions , ReadStack& , T& )
at System.Text.Json.Serialization.JsonConverter`1.ReadCore(Utf8JsonReader& , JsonSerializerOptions , ReadStack& )
at System.Text.Json.JsonSerializer.ReadCore[TValue](JsonConverter , Utf8JsonReader& , JsonSerializerOptions , ReadStack& )
at System.Text.Json.JsonSerializer.ReadCore[TValue](JsonReaderState& , Boolean , ReadOnlySpan`1 , JsonSerializerOptions , ReadStack& , JsonConverter )
at System.Text.Json.JsonSerializer.ContinueDeserialize[TValue](ReadBufferState& , JsonReaderState& , ReadStack& , JsonConverter , JsonSerializerOptions )
at System.Text.Json.JsonSerializer.ReadAllAsync[TValue](Stream , JsonTypeInfo , CancellationToken )
at CycloneDX.Json.Serializer.DeserializeAsync(Stream jsonStream)
at CycloneDX.Cli.CliUtils.InputBomHelper(String filename, CycloneDXBomFormat format)
at CycloneDX.Cli.Commands.DiffCommand.Diff(DiffCommandOptions options)
at System.CommandLine.Invocation.CommandHandler.GetExitCodeAsync(Object value, InvocationContext context)
at System.CommandLine.Invocation.ModelBindingCommandHandler.InvokeAsync(InvocationContext context)
at System.CommandLine.Invocation.InvocationPipeline.<>c__DisplayClass4_0.<<BuildInvocationChain>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass23_0.<<UseParseErrorReporting>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass16_0.<<UseHelp>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass27_0.<<UseVersionOption>b__1>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass25_0.<<UseTypoCorrections>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<UseSuggestDirective>b__24_0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass22_0.<<UseParseDirective>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass11_0.<<UseDebugDirective>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<RegisterWithDotnetSuggest>b__10_0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass14_0.<<UseExceptionHandler>b__0>d.MoveNext()
I am comparing two CycloneDX JSON SBOM files from reputable sources.
It looks the like cyclonedx diff only works with xml file formats.
% cyclonedx diff api-xml/elasticsearch-cyclonedx.xml xml/elasticsearch-cyclonedx.xml.xml --from-format xml --to-format xml --component-versions
Component versions that have changed:
+ aiohttp @ 3.7.4.post0
+ asgiref @ 3.3.4
+ async-timeout @ 3.0.1
+ attrs @ 21.2.0
+ certifi @ 2022.9.24
+ certifi @ 2021.5.30
- chardet @ 3.0.4
+ chardet @ 4.0.0
+ click @ 8.0.1
+ elastic-apm @ 6.2.1
- elasticsearch @ 8.6.0
+ elasticsearch @ 8.5.2
+ elasticsearch @ 7.13.1
+ elastic-transport @
+ elastic-transport @ 8.4.0
+ fastapi @ 0.65.1
+ h11 @ 0.12.0
- idna @ 2.5
+ idna @ 3.2
+ multidict @ 5.1.0
+ pydantic @ 1.8.2
+ starlette @ 0.14.2