Jan Kowalleck

Thanks @TheDiveO could you share what you see VS what you expect? Which package did you find in the bom, but expect it not to be in there? what does...

YARN support was added via #282 this should close the issue, then.

reproduced the report ---- ran ``` yarn install yarn install v1.22.18 [1/4] Resolving packages... [2/4] Fetching packages... [3/4] Linking dependencies... warning " > @babel/[email protected]" has unmet peer dependency "@babel/core@^7.0.0-0". warning...

looking at lock files is still dump. need to have the actual env as evidence. so need to check the data in the `node_modules` dir of the project and globally....

:exclamation: the yarn support got a dedicated project in the making: https://github.com/CycloneDX/cyclonedx-node-yarn

@weyert Eventually there will be support for `pnpm`. I am planning to divide this project in multiple independent parts that are dedicated to the specific ecosystems.

@DrMueller spec v1.4 support is already available as a library: https://www.npmjs.com/package/%40cyclonedx/cyclonedx-library and for NPM projects a generator exists: https://github.com/CycloneDX/cyclonedx-node-npm

Thanks for the report, @CompartMSL . could you sign your commits according to the DCO job? - see https://github.com/CycloneDX/cyclonedx-node-module/pull/257/checks?check_run_id=5228311231 This will mark that you acknowledge to share your code under...

took the hint and added a proper setup for the integration tests. see #260 will see if i can setup an integration tests that ships with a README or LICENSE...

this PR is continued/doubled via #272