valitydev/rebar3_sbom
14
0
Fork 0
mirror of https://github.com/valitydev/rebar3_sbom.git synced 2024-11-06 00:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Rebar3 plugin to generate CycloneDX SBoM
4 Commits 2 Branches 0 Tags 39 KiB
Erlang 100%
master
Go to file
Andrew Mayorov b6a4b64d2f
Make purl work with dot-git-less repos (#1)
2020-07-02 13:55:48 +03:00
src Make purl work with dot-git-less repos (#1) 2020-07-02 13:55:48 +03:00
.gitignore Initial commit 2019-11-19 17:30:15 +02:00
LICENSE Initial commit 2019-11-19 09:53:07 +02:00
README.md Improve README 2019-11-20 09:07:37 +02:00
rebar.config Initial commit 2019-11-19 09:53:07 +02:00
rebar.lock Initial commit 2019-11-19 09:53:07 +02:00

README.md

rebar3_sbom

Generates a Software Bill-of-Materials (SBoM) in CycloneDX format

Use

Add rebar3_sbom to your rebar config, either in a project or globally in ~/.config/rebar3/rebar.config:

{plugins, [rebar3_sbom]}.

Then run the 'sbom' task on a project:

$ rebar3 sbom
===> Verifying dependencies...
===> CycloneDX SBoM written to bom.xml

The following command line options are supported:

-o, --output  the full path to the SBoM output file [default: bom.xml]
-f, --force   overwite existing files without prompting for confirmation
              [default: false]

By default only dependencies in the 'default' profile are included. To generate an SBoM covering development environments specify the relevant profiles using 'as':

$ rebar3 as default,test,docs sbom -o dev_bom.xml