crusy
crusy
Second that. Took me quite a while to _find_ the generated files (my IDE skips the `build` folder when searching). So, for future generations: `./build/reports/bom.json`
Thanks @manfredweiss, a missing `group` was the reason for my error here as well. For future generations: I'm using `cyclonedx-gradle-plugin:1.7.4` to generate a JSON BOM.
More details of what I expected, and a more general explanation why I expected it: https://cyclonedx.org/use-cases/#license-compliance shows an example json which does not only contain `id` and `url`, but also...
PS: At https://cyclonedx.org/use-cases/#license-compliance I read about [SPDX](https://spdx.org/licenses/), so it maybe resolves the licenses' texts? You state in your README > ### Conversion to SPDX format > Use the [CycloneDX CLI](https://github.com/CycloneDX/cyclonedx-cli)...
I see, thank you for clarification. In the meantime I found some external libs based on SPDX. They have [their own repo](https://github.com/spdx/license-list-data), e.g. :smile: Including text and json formats. There...