Patrick Dwyer
Patrick Dwyer
There's a few use cases I'd like to cover off: - [x] generate BOM for files in a directory - [x] add files in directory to existing BOM (where they...
When a component has been included with hashes it would be great to be able to report on component hashes compared to publicly available component hashes. i.e. a component with...
Original issue in node.js implementation https://github.com/CycloneDX/cyclonedx-node-module/issues/113 Setting name and version of top level component as minimum first implementation. Additionally, it would be good to be able to set/add to the...
The CLI tool should support automatic resolving and augmentation of license information, when it is missing, for components in an SBOM. For components with an external reference to a GitHub...
As part of the release process there should be some basic tests run using the created single file executable for all platforms. The perfect example for this is issue #85
This is a more specific continuation of #31 The output should indicate any component licenses that have been added, removed or modified when evaluated at the assembled software level.
Add option to check for updates, and, if possible, an in place upgrade. It should be simple for *nix but I think on windows file locking will mean needing a...
At first glance, MS Component Detection appears to use the same mechanism to resolve what packages have been used. This issue is being raised to garner feedback from the community....
- [x] dependency graph support - [x] drop support for .NET Core 2.1 runtime - [ ] migrate to `System.CommandLine` from `McMaster.Extensions.CommandLineUtils` - [ ] refactor Program.cs - [ ]...