cyclonedx-ruby 1.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 789745148f02bbf9096f4cff69edd4bc685002a18963bc2aa884c8e9672ec20b
+  data.tar.gz: 60c926690951432f792e56ae26bbf0bcae47d79e2d080824b8a082a356743c27
+SHA512:
+  metadata.gz: 8f0b8e63d08b95c7a38faba23724bcad4767fdfd825088e9854ac33b1482d646834ff4fe5f1f6e891e852384293853a4b3d4a242950921df4ffa5451a46e537b
+  data.tar.gz: 19da07694e83e5ce056cfce3a35dc511dfae41969ff3ad443168ba38a40779f010b13998b72bd5f8bf3cce7fb51bfa0b26b930acb96ff45fa3e1836e2afef562

data/bin/cyclonedx-ruby

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+
+require 'bom_builder'
+Bombuilder.build(ARGV[0])

data/lib/bom_builder.rb

@@ -0,0 +1,145 @@
+require "bundler"
+require "fileutils"
+require "json"
+require "logger"
+require "nokogiri"
+require "optparse"
+require "ostruct"
+require "rest_client"
+require 'securerandom'
+require_relative "bom_helpers"
+
+class Bombuilder
+  def self.build(path)
+    original_working_directory = Dir.pwd
+    setup(path)
+    specs_list
+    bom = build_bom(@gems)
+
+    begin
+      @logger.info("Changing directory to the original working directory located at #{original_working_directory}")
+      Dir.chdir original_working_directory
+    rescue => e
+      @logger.error("Unable to change directory the original working directory located at #{original_working_directory}. #{e.message}: #{e.backtrace.join('\n')}")
+      abort
+    end
+
+    bom_directory = File.dirname(@bom_file_path)
+    begin
+      FileUtils.mkdir_p(bom_directory) unless File.directory?(bom_directory)
+    rescue => e
+      @logger.error("Unable to create the directory to hold the BOM output at #{@bom_directory}. #{e.message}: #{e.backtrace.join('\n')}")
+      abort
+    end
+
+    begin
+      @logger.info("Writing BOM to #{@bom_file_path}...")
+      File.open(@bom_file_path, "w") {|file| file.write(bom)}
+
+      if @options[:verbose]
+        @logger.info("#{@gems.size} gems were written to BOM located at #{@bom_file_path}")
+      else
+        puts "#{@gems.size} gems were written to BOM located at #{@bom_file_path}"
+      end
+    rescue => e
+      @logger.error("Unable to write BOM to #{@bom_file_path}. #{e.message}: #{e.backtrace.join('\n')}")
+      abort
+    end
+  end
+  private
+  def self.setup(path)
+    @options = {}
+    OptionParser.new do |opts|
+      opts.banner = "Usage: cyclonedx-ruby [options]"
+    
+      opts.on("-v", "--[no-]verbose", "Run verbosely") do |v|
+        @options[:verbose] = v
+      end
+      opts.on("-p", "--path path", "(Required) Path to Ruby project directory") do |path|
+        @options[:path] = path
+      end
+      opts.on("-o", "--output bom_file_path", "(Optional) Path to output the bom.xml file to") do |bom_file_path|
+        @options[:bom_file_path] = bom_file_path
+      end
+      opts.on_tail("-h", "--help", "Show help message") do
+        puts opts
+        exit
+      end
+    end.parse!
+
+    @logger = Logger.new(STDOUT)
+    if @options[:verbose]
+      @logger.level = Logger::INFO
+    else
+      @logger.level = Logger::ERROR
+    end
+
+    @gems = []
+    licenses_file = File.read "#{__dir__}/licenses.json"
+    @licenses_list = JSON.parse(licenses_file)
+
+    if @options[:path].nil?
+      @logger.error("missing path to project directory")
+      abort
+    end
+
+    if !File.directory?(@options[:path])
+      @logger.error("path provided is not a valid directory. path provided was: #{@options[:path]}")
+      abort
+    end
+
+    begin
+      @logger.info("Changing directory to Ruby project directory located at #{@options[:path]}")
+      Dir.chdir @options[:path]
+    rescue => e
+      @logger.error("Unable to change directory to Ruby project directory located at #{@options[:path]}. #{e.message}: #{e.backtrace.join('\n')}")
+      abort
+    end
+
+    if @options[:bom_file_path].nil?
+      @bom_file_path = "./bom.xml"
+    else
+      @bom_file_path = @options[:bom_file_path]
+    end
+
+    @logger.info("BOM will be written to #{@bom_file_path}")
+
+    begin
+      gemfile_path = @options[:path] + "/" + "Gemfile.lock"
+      @logger.info("Parsing specs from #{gemfile_path}...")
+      gemfile_contents = File.read(gemfile_path)
+      @specs = Bundler::LockfileParser.new(gemfile_contents).specs
+      @logger.info("Specs successfully parsed!")
+    rescue => e
+      @logger.error("Unable to parse specs from #{gemfile_path}. #{e.message}: #{e.backtrace.join('\n')}")
+      abort
+    end
+  end
+  
+  def self.specs_list
+    count = 0
+    @specs.each do |dependency|
+      object = OpenStruct.new
+      object.name = dependency.name 
+      object.version = dependency.version 
+      object.purl = purl(object.name, object.version)
+      gem = get_gem(object.name, object.version)
+      next if gem.nil?
+      
+      if gem["licenses"] and gem["licenses"].length > 0
+        if @licenses_list.include? gem["licenses"].first
+          object.license_id = gem["licenses"].first
+        else
+          object.license_name = gem["licenses"].first
+        end
+      end
+
+      object.author = gem["authors"]
+      object.description = gem["summary"] 
+      object.hash = gem["sha"]
+      @gems.push(object)
+      count += 1
+      @logger.info("#{object.name}:#{object.version} gem added")
+    end
+  end 
+end

data/lib/bom_helpers.rb

@@ -0,0 +1,54 @@
+def purl(name, version)
+    purl = "pkg:gem/" + name + "@" + version.to_s
+end
+
+def random_urn_uuid()
+  random_urn_uuid = "urn:uuid:" + SecureRandom.uuid
+end
+
+def build_bom(gems)
+  builder = Nokogiri::XML::Builder.new(:encoding => "UTF-8") do |xml|
+    attributes = {"xmlns" => "http://cyclonedx.org/schema/bom/1.1", "version" => "1", "serialNumber" => random_urn_uuid}
+    xml.bom(attributes) do
+      xml.components {
+        gems.each do |gem|
+          xml.component("type" => "library") {
+            xml.name gem["name"]
+            xml.version gem["version"]
+            xml.description gem["description"]
+            xml.hashes{
+              xml.hash_ gem["hash"], :alg => "SHA-256"
+            }
+            if gem["license_id"]
+              xml.licenses {
+                xml.license{
+                  xml.id gem["license_id"]
+                }
+              } 
+            elsif gem["license_name"]
+              xml.licenses {
+                xml.license{
+                  xml.name gem["license_name"]
+                }
+              }
+            end
+            xml.purl gem["purl"]
+          }
+        end
+      }
+    end
+  end 
+  builder.to_xml
+end 
+
+def get_gem(name, version)
+  url = "https://rubygems.org/api/v1/versions/#{name}.json"
+  begin
+    response = RestClient.get(url)
+    body = JSON.parse(response.body)
+    body.select {|item| item["number"] == version.to_s}.first
+  rescue 
+    @logger.warn("#{name} couldn't be fetched")
+    return nil
+  end
+end 

data/lib/licenses.json

@@ -0,0 +1,434 @@
+[
+  "0BSD",
+  "AAL",
+  "ADSL",
+  "AFL-1.1",
+  "AFL-1.2",
+  "AFL-2.0",
+  "AFL-2.1",
+  "AFL-3.0",
+  "AGPL-1.0",
+  "AGPL-1.0-only",
+  "AGPL-1.0-or-later",
+  "AGPL-3.0",
+  "AGPL-3.0-only",
+  "AGPL-3.0-or-later",
+  "AMDPLPA",
+  "AML",
+  "AMPAS",
+  "ANTLR-PD",
+  "APAFML",
+  "APL-1.0",
+  "APSL-1.0",
+  "APSL-1.1",
+  "APSL-1.2",
+  "APSL-2.0",
+  "Abstyles",
+  "Adobe-2006",
+  "Adobe-Glyph",
+  "Afmparse",
+  "Aladdin",
+  "Apache-1.0",
+  "Apache-1.1",
+  "Apache-2.0",
+  "Artistic-1.0",
+  "Artistic-1.0-Perl",
+  "Artistic-1.0-cl8",
+  "Artistic-2.0",
+  "BSD-1-Clause",
+  "BSD-2-Clause",
+  "BSD-2-Clause-FreeBSD",
+  "BSD-2-Clause-NetBSD",
+  "BSD-2-Clause-Patent",
+  "BSD-3-Clause",
+  "BSD-3-Clause-Attribution",
+  "BSD-3-Clause-Clear",
+  "BSD-3-Clause-LBNL",
+  "BSD-3-Clause-No-Nuclear-License",
+  "BSD-3-Clause-No-Nuclear-License-2014",
+  "BSD-3-Clause-No-Nuclear-Warranty",
+  "BSD-3-Clause-Open-MPI",
+  "BSD-4-Clause",
+  "BSD-4-Clause-UC",
+  "BSD-Protection",
+  "BSD-Source-Code",
+  "BSL-1.0",
+  "Bahyph",
+  "Barr",
+  "Beerware",
+  "BitTorrent-1.0",
+  "BitTorrent-1.1",
+  "BlueOak-1.0.0",
+  "Borceux",
+  "CATOSL-1.1",
+  "CC-BY-1.0",
+  "CC-BY-2.0",
+  "CC-BY-2.5",
+  "CC-BY-3.0",
+  "CC-BY-4.0",
+  "CC-BY-NC-1.0",
+  "CC-BY-NC-2.0",
+  "CC-BY-NC-2.5",
+  "CC-BY-NC-3.0",
+  "CC-BY-NC-4.0",
+  "CC-BY-NC-ND-1.0",
+  "CC-BY-NC-ND-2.0",
+  "CC-BY-NC-ND-2.5",
+  "CC-BY-NC-ND-3.0",
+  "CC-BY-NC-ND-4.0",
+  "CC-BY-NC-SA-1.0",
+  "CC-BY-NC-SA-2.0",
+  "CC-BY-NC-SA-2.5",
+  "CC-BY-NC-SA-3.0",
+  "CC-BY-NC-SA-4.0",
+  "CC-BY-ND-1.0",
+  "CC-BY-ND-2.0",
+  "CC-BY-ND-2.5",
+  "CC-BY-ND-3.0",
+  "CC-BY-ND-4.0",
+  "CC-BY-SA-1.0",
+  "CC-BY-SA-2.0",
+  "CC-BY-SA-2.5",
+  "CC-BY-SA-3.0",
+  "CC-BY-SA-4.0",
+  "CC-PDDC",
+  "CC0-1.0",
+  "CDDL-1.0",
+  "CDDL-1.1",
+  "CDLA-Permissive-1.0",
+  "CDLA-Sharing-1.0",
+  "CECILL-1.0",
+  "CECILL-1.1",
+  "CECILL-2.0",
+  "CECILL-2.1",
+  "CECILL-B",
+  "CECILL-C",
+  "CERN-OHL-1.1",
+  "CERN-OHL-1.2",
+  "CNRI-Jython",
+  "CNRI-Python",
+  "CNRI-Python-GPL-Compatible",
+  "CPAL-1.0",
+  "CPL-1.0",
+  "CPOL-1.02",
+  "CUA-OPL-1.0",
+  "Caldera",
+  "ClArtistic",
+  "Condor-1.1",
+  "Crossword",
+  "CrystalStacker",
+  "Cube",
+  "D-FSL-1.0",
+  "DOC",
+  "DSDP",
+  "Dotseqn",
+  "ECL-1.0",
+  "ECL-2.0",
+  "EFL-1.0",
+  "EFL-2.0",
+  "EPL-1.0",
+  "EPL-2.0",
+  "EUDatagrid",
+  "EUPL-1.0",
+  "EUPL-1.1",
+  "EUPL-1.2",
+  "Entessa",
+  "ErlPL-1.1",
+  "Eurosym",
+  "FSFAP",
+  "FSFUL",
+  "FSFULLR",
+  "FTL",
+  "Fair",
+  "Frameworx-1.0",
+  "FreeImage",
+  "GFDL-1.1",
+  "GFDL-1.1-only",
+  "GFDL-1.1-or-later",
+  "GFDL-1.2",
+  "GFDL-1.2-only",
+  "GFDL-1.2-or-later",
+  "GFDL-1.3",
+  "GFDL-1.3-only",
+  "GFDL-1.3-or-later",
+  "GL2PS",
+  "GPL-1.0",
+  "GPL-1.0+",
+  "GPL-1.0-only",
+  "GPL-1.0-or-later",
+  "GPL-2.0",
+  "GPL-2.0+",
+  "GPL-2.0-only",
+  "GPL-2.0-or-later",
+  "GPL-2.0-with-GCC-exception",
+  "GPL-2.0-with-autoconf-exception",
+  "GPL-2.0-with-bison-exception",
+  "GPL-2.0-with-classpath-exception",
+  "GPL-2.0-with-font-exception",
+  "GPL-3.0",
+  "GPL-3.0+",
+  "GPL-3.0-only",
+  "GPL-3.0-or-later",
+  "GPL-3.0-with-GCC-exception",
+  "GPL-3.0-with-autoconf-exception",
+  "Giftware",
+  "Glide",
+  "Glulxe",
+  "HPND",
+  "HPND-sell-variant",
+  "HaskellReport",
+  "IBM-pibs",
+  "ICU",
+  "IJG",
+  "IPA",
+  "IPL-1.0",
+  "ISC",
+  "ImageMagick",
+  "Imlib2",
+  "Info-ZIP",
+  "Intel",
+  "Intel-ACPI",
+  "Interbase-1.0",
+  "JPNIC",
+  "JSON",
+  "JasPer-2.0",
+  "LAL-1.2",
+  "LAL-1.3",
+  "LGPL-2.0",
+  "LGPL-2.0+",
+  "LGPL-2.0-only",
+  "LGPL-2.0-or-later",
+  "LGPL-2.1",
+  "LGPL-2.1+",
+  "LGPL-2.1-only",
+  "LGPL-2.1-or-later",
+  "LGPL-3.0",
+  "LGPL-3.0+",
+  "LGPL-3.0-only",
+  "LGPL-3.0-or-later",
+  "LGPLLR",
+  "LPL-1.0",
+  "LPL-1.02",
+  "LPPL-1.0",
+  "LPPL-1.1",
+  "LPPL-1.2",
+  "LPPL-1.3a",
+  "LPPL-1.3c",
+  "Latex2e",
+  "Leptonica",
+  "LiLiQ-P-1.1",
+  "LiLiQ-R-1.1",
+  "LiLiQ-Rplus-1.1",
+  "Libpng",
+  "Linux-OpenIB",
+  "MIT",
+  "MIT-0",
+  "MIT-CMU",
+  "MIT-advertising",
+  "MIT-enna",
+  "MIT-feh",
+  "MITNFA",
+  "MPL-1.0",
+  "MPL-1.1",
+  "MPL-2.0",
+  "MPL-2.0-no-copyleft-exception",
+  "MS-PL",
+  "MS-RL",
+  "MTLL",
+  "MakeIndex",
+  "MirOS",
+  "Motosoto",
+  "Multics",
+  "Mup",
+  "NASA-1.3",
+  "NBPL-1.0",
+  "NCSA",
+  "NGPL",
+  "NLOD-1.0",
+  "NLPL",
+  "NOSL",
+  "NPL-1.0",
+  "NPL-1.1",
+  "NPOSL-3.0",
+  "NRL",
+  "NTP",
+  "Naumen",
+  "Net-SNMP",
+  "NetCDF",
+  "Newsletr",
+  "Nokia",
+  "Noweb",
+  "Nunit",
+  "OCCT-PL",
+  "OCLC-2.0",
+  "ODC-By-1.0",
+  "ODbL-1.0",
+  "OFL-1.0",
+  "OFL-1.1",
+  "OGL-UK-1.0",
+  "OGL-UK-2.0",
+  "OGL-UK-3.0",
+  "OGTSL",
+  "OLDAP-1.1",
+  "OLDAP-1.2",
+  "OLDAP-1.3",
+  "OLDAP-1.4",
+  "OLDAP-2.0",
+  "OLDAP-2.0.1",
+  "OLDAP-2.1",
+  "OLDAP-2.2",
+  "OLDAP-2.2.1",
+  "OLDAP-2.2.2",
+  "OLDAP-2.3",
+  "OLDAP-2.4",
+  "OLDAP-2.5",
+  "OLDAP-2.6",
+  "OLDAP-2.7",
+  "OLDAP-2.8",
+  "OML",
+  "OPL-1.0",
+  "OSET-PL-2.1",
+  "OSL-1.0",
+  "OSL-1.1",
+  "OSL-2.0",
+  "OSL-2.1",
+  "OSL-3.0",
+  "OpenSSL",
+  "PDDL-1.0",
+  "PHP-3.0",
+  "PHP-3.01",
+  "Parity-6.0.0",
+  "Plexus",
+  "PostgreSQL",
+  "Python-2.0",
+  "QPL-1.0",
+  "Qhull",
+  "RHeCos-1.1",
+  "RPL-1.1",
+  "RPL-1.5",
+  "RPSL-1.0",
+  "RSA-MD",
+  "RSCPL",
+  "Rdisc",
+  "Ruby",
+  "SAX-PD",
+  "SCEA",
+  "SGI-B-1.0",
+  "SGI-B-1.1",
+  "SGI-B-2.0",
+  "SHL-0.5",
+  "SHL-0.51",
+  "SISSL",
+  "SISSL-1.2",
+  "SMLNJ",
+  "SMPPL",
+  "SNIA",
+  "SPL-1.0",
+  "SSPL-1.0",
+  "SWL",
+  "Saxpath",
+  "Sendmail",
+  "Sendmail-8.23",
+  "SimPL-2.0",
+  "Sleepycat",
+  "Spencer-86",
+  "Spencer-94",
+  "Spencer-99",
+  "StandardML-NJ",
+  "SugarCRM-1.1.3",
+  "TAPR-OHL-1.0",
+  "TCL",
+  "TCP-wrappers",
+  "TMate",
+  "TORQUE-1.1",
+  "TOSL",
+  "TU-Berlin-1.0",
+  "TU-Berlin-2.0",
+  "UPL-1.0",
+  "Unicode-DFS-2015",
+  "Unicode-DFS-2016",
+  "Unicode-TOU",
+  "Unlicense",
+  "VOSTROM",
+  "VSL-1.0",
+  "Vim",
+  "W3C",
+  "W3C-19980720",
+  "W3C-20150513",
+  "WTFPL",
+  "Watcom-1.0",
+  "Wsuipa",
+  "X11",
+  "XFree86-1.1",
+  "XSkat",
+  "Xerox",
+  "Xnet",
+  "YPL-1.0",
+  "YPL-1.1",
+  "ZPL-1.1",
+  "ZPL-2.0",
+  "ZPL-2.1",
+  "Zed",
+  "Zend-2.0",
+  "Zimbra-1.3",
+  "Zimbra-1.4",
+  "Zlib",
+  "blessing",
+  "bzip2-1.0.5",
+  "bzip2-1.0.6",
+  "copyleft-next-0.3.0",
+  "copyleft-next-0.3.1",
+  "curl",
+  "diffmark",
+  "dvipdfm",
+  "eCos-2.0",
+  "eGenix",
+  "gSOAP-1.3b",
+  "gnuplot",
+  "iMatix",
+  "libpng-2.0",
+  "libtiff",
+  "mpich2",
+  "psfrag",
+  "psutils",
+  "wxWindows",
+  "xinetd",
+  "xpp",
+  "zlib-acknowledgement",
+  "Libtool-exception",
+  "Linux-syscall-note",
+  "Autoconf-exception-3.0",
+  "OCCT-exception-1.0",
+  "openvpn-openssl-exception",
+  "gnu-javamail-exception",
+  "OpenJDK-assembly-exception-1.0",
+  "Bison-exception-2.2",
+  "i2p-gpl-java-exception",
+  "Universal-FOSS-exception-1.0",
+  "Qt-LGPL-exception-1.1",
+  "389-exception",
+  "Classpath-exception-2.0",
+  "Fawkes-Runtime-exception",
+  "PS-or-PDF-font-exception-20170817",
+  "Qt-GPL-exception-1.0",
+  "LZMA-exception",
+  "freertos-exception-2.0",
+  "Qwt-exception-1.0",
+  "CLISP-exception-2.0",
+  "FLTK-exception",
+  "Bootloader-exception",
+  "Nokia-Qt-exception-1.1",
+  "LLVM-exception",
+  "WxWindows-exception-3.1",
+  "DigiRule-FOSS-exception",
+  "Swift-exception",
+  "GCC-exception-3.1",
+  "eCos-exception-2.0",
+  "Autoconf-exception-2.0",
+  "GPL-CC-1.0",
+  "Font-exception-2.0",
+  "u-boot-exception-2.0",
+  "GCC-exception-2.0",
+  "mif-exception",
+  "OCaml-LGPL-linking-exception"
+]

metadata

@@ -0,0 +1,134 @@
+--- !ruby/object:Gem::Specification
+name: cyclonedx-ruby
+version: !ruby/object:Gem::Version
+  version: 1.1.0
+platform: ruby
+authors:
+- Joseph Kobti
+- Steve Springett
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-07-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: ostruct
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+description: CycloneDX is a lightweight software bill-of-material (SBOM) specification
+  designed for use in application security contexts and supply chain component analysis.
+  This Gem generates CycloneDX BOMs from Ruby projects.
+email: josephkobti@outlook.com
+executables:
+- cyclonedx-ruby
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/cyclonedx-ruby
+- lib/bom_builder.rb
+- lib/bom_helpers.rb
+- lib/licenses.json
+homepage: https://github.com/CycloneDX/cyclonedx-ruby-gem
+licenses:
+- Apache-2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: CycloneDX software bill-of-material (SBoM) generation utility
+test_files: []