Dr. Stefan Pfeiffer

icon company IEM GmbH icon location Aachen, Germany icon location Software Team Lead at IEM GmbH

Results 3 comments of Dr. Stefan Pfeiffer

[BUG] `--omit=dev` and `--omit=optional` flags don't exclude `devOptional` dependencies, causing misleading output

@jkowalleck Given that NPM won't fix the issue, is there a way to provide a workaround for this? Currently we are publishing SBOMs which claim we ship dependencies having security...

[BUG] `--omit=dev` and `--omit=optional` flags don't exclude `devOptional` dependencies, causing misleading output

> for now, running with the `--package-lock-only` switch should report/exclude the dev/optionals properly in the SBOM. Thanks, i was not aware this is also an option to the plugin itself,...

Feature: License overrides

Coming from SPDX to CycloneDX, we would love to have such a feature, too. @jakub-bochenski As a (dirty) workaround, we use a script executed after the SBOM generation that modifies...