cyclonedx-dotnet
cyclonedx-dotnet copied to clipboard
CycloneDX
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
The GitHub runner kept timing out with functional tests that I added. Log didn't give useful information. After adding `[assembly: CollectionBehavior(DisableTestParallelization = true)]`, the problem was solved. Since I stripped...
Suggestion: Use a folder path as entry point instead of Project/Solution files recursively search in the folder for the following files * project.assets.json or * packages.lock.json Background: Our MSBuild based...
Hi, I just stumbled about an error while trying to create SBOM from nuget packages not found on public nuget.org. The error message was "Central Directory corrupt." because the package...
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.5. Release notes Sourced from actions/checkout's releases. v4.1.5 What's Changed Update NPM dependencies by @cory-miller in actions/checkout#1703 Bump github/codeql-action from 2 to 3 by @dependabot...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [xunit.runner.visualstudio](https://github.com/xunit/visualstudio.xunit) from 2.5.7 to 2.8.0. Commits 6438bb8 v2.8.0 2afd4cd Pick up latest dependencies b8be108 Add multiplier format support to RunSettings 3c2e493 Update to 2.7.2-pre.17 and support Xunit.ParallelAlgorithm in RunSetttings...
Bumps [xunit](https://github.com/xunit/xunit) from 2.7.0 to 2.8.0. Commits be260b3 v2.8.0 a8ceb66 #783: Add -useansicolor flag to console runner (v2) 7b0ff93 Don't show /aggressive with unlimited threads 46cdf06 Support parallel algorithm in...
The AssemblyInfo file for VB has a different file path and syntax than C#, so assembly version information for VB projects was not getting picked up by the ProjectFileService.
Bumps dotnet/sdk from 8.0.101 to 8.0.204. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
It seems that the CycloneDX tools generates invalid URL when generating the SBOM which fails the schema validation when trying to upload the BOM to dependency-track. This is the error...
