@zakodium/sbom-tools

Tools to analyse CycloneDX SBOM files.

Installation

npm install @zakodium/sbom-tools

Usage

Generate SBOM file

The tools expect a SBOM file in CycloneDX JSON format, version 1.6.

npm

See https://github.com/CycloneDX/cyclonedx-node-npm.

A compatible SBOM can be generated with:

npx --package @cyclonedx/cyclonedx-npm cyclonedx-npm --omit=dev --spec-version=1.6 --gather-license-texts --output-reproducible --output-file=sbom.json

Yarn

See https://github.com/CycloneDX/cyclonedx-node-yarn

A compatible SBOM can be generated with:

yarn dlx -q @cyclonedx/yarn-plugin-cyclonedx --production --spec-version=1.6 --gather-license-texts --output-reproducible --output-file=sbom.json

License

MIT

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
.github/workflows		.github/workflows
fixtures		fixtures
src		src
.gitignore		.gitignore
.npmrc		.npmrc
.prettierignore		.prettierignore
.prettierrc.json		.prettierrc.json
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
eslint.config.js		eslint.config.js
package-lock.json		package-lock.json
package.json		package.json
tsconfig.build.json		tsconfig.build.json
tsconfig.json		tsconfig.json
vitest.config.ts		vitest.config.ts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

@zakodium/sbom-tools

Installation

Usage

Generate SBOM file

npm

Yarn

License

About

Uh oh!

Releases 2

Packages

Contributors 2

Uh oh!

Languages

License

zakodium/sbom-tools

Folders and files

Latest commit

History

Repository files navigation

@zakodium/sbom-tools

Installation

Usage

Generate SBOM file

npm

Yarn

License

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 2

Packages 0

Contributors 2

Uh oh!

Languages

Packages