meta-dependencytrack icon indicating copy to clipboard operation
meta-dependencytrack copied to clipboard

Published 20 hours ago verified publisher icon bgnetworks

Fix invalid bom format

Open Jasper-Ben opened this issue 9 months ago • 0 comments

According to https://cyclonedx.org/docs/1.4/json/#components_items_type each component must have a type defined for a bom to be valid cyclonedx. This definition was previously missing from the generated bom.

Since 4.11 of DT (https://github.com/DependencyTrack/dependency-track/pull/3522) uploaded boms are validated against the cyclonedx schema, thus causing meta-dependencytrack to fail.

Jasper-Ben avatar May 24 '24 20:05 Jasper-Ben