cyclonedx-cli
cyclonedx-cli copied to clipboard
CycloneDX
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
A command: cyclonedx-win-x64.exe merge --input-files Second.xml First.xml --name "Test" --version "1.0.0.0" --output-file sbom.json --output-format json creates a different dependencies tree than the following command: cyclonedx-win-x64.exe merge --input-files Second.xml First.xml --output-file...
[Cyclonedx (1).json](https://github.com/CycloneDX/cyclonedx-cli/files/13513416/Cyclonedx.1.json) When I upload this Cyclone dx bom in dependency track server V4.9.1 it is getting failed as per Dependency-track team Null is not allowing to parse file on...
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.3.0. Release notes Sourced from actions/checkout's releases. v3.3.0 What's Changed Implement branch list using callbacks from exec function by @cory-miller in actions/checkout#1045 Add in explicit...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Really struggling to exclude the .git repo folders. I've tried to exclude these folders using the recommended pattern and about a dozen variations on it. I'm running on Windows.
I created an SBOM using Syft/Grype and it should have created a valid CycloneDX 1.4 SBOM. The SBOM did not adhere to the CycloneDX 1.4 schema, however the CycloneDX CLI...
When I create a new SBOM with the tool using the add files option I am finding that the version numbers are of the form 0.0.0-. Mostly I'm OK with...
I'm using CLI to merge BOM files produces by several different CycloneDX tools. Some of them already generate BOM of version 1.5 and I merge throws an exception: ``` Unhandled...
Primarily written as a practical test case for `Bom.WalkThis()` and `Bom.RenameBomRef()` methods introduced in the library, but may be useful to have exposed for end-users. Relies on https://github.com/CycloneDX/cyclonedx-dotnet-library/pull/245 for the...
