@cyclonedx/cdxgen 10.3.3 → 10.3.5

package/bin/cdxgen.js

@@ -299,11 +299,23 @@ if (process.argv[1].includes("obom") && !args.type) {
   args.type = "os";
 }
 
+/**
+ * Command line options
+ */
+const options = Object.assign({}, args, {
+  projectType: args.type,
+  multiProject: args.recurse,
+  noBabel: args.noBabel || args.babel === false,
+  project: args.projectId,
+  deep: args.deep || args.evidence
+});
+
 if (process.argv[1].includes("cbom")) {
   options.includeCrypto = true;
   options.includeFormulation = true;
   options.evidence = true;
   options.specVersion = 1.6;
+  options.deep = true;
 }
 
 /**
@@ -374,16 +386,6 @@ const applyAdvancedOptions = (options) => {
   return options;
 };
 
-/**
- * Command line options
- */
-const options = Object.assign({}, args, {
-  projectType: args.type,
-  multiProject: args.recurse,
-  noBabel: args.noBabel || args.babel === false,
-  project: args.projectId,
-  deep: args.deep || args.evidence
-});
 applyAdvancedOptions(options);
 
 /**

package/index.js

@@ -1204,7 +1204,7 @@ export async function createJavaBom(path, options) {
     ) {
       const cdxMavenPlugin =
         process.env.CDX_MAVEN_PLUGIN ||
-        "org.cyclonedx:cyclonedx-maven-plugin:2.7.11";
+        "org.cyclonedx:cyclonedx-maven-plugin:2.8.0";
       const cdxMavenGoal = process.env.CDX_MAVEN_GOAL || "makeAggregateBom";
       let mvnArgs = [`${cdxMavenPlugin}:${cdxMavenGoal}`, "-DoutputName=bom"];
       if (includeMavenTestScope) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen",
-  "version": "10.3.3",
+  "version": "10.3.5",
   "description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
   "homepage": "http://github.com/cyclonedx/cdxgen",
   "author": "Prabhu Subramanian <prabhu@appthreat.com>",