@cyclonedx/cdxgen 8.0.4 → 8.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +10 -6
- package/bin/cdxgen +4 -1
- package/package.json +1 -1
- package/utils.js +1 -1
package/README.md
CHANGED
|
@@ -78,7 +78,7 @@ sudo npm install -g @cyclonedx/cdxgen
|
|
|
78
78
|
You can also use the cdxgen container image
|
|
79
79
|
|
|
80
80
|
```bash
|
|
81
|
-
docker run --rm -
|
|
81
|
+
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen -r /app -o /app/bom.json
|
|
82
82
|
```
|
|
83
83
|
|
|
84
84
|
## Getting Help
|
|
@@ -163,7 +163,7 @@ cdxgen --server
|
|
|
163
163
|
Or use the container image.
|
|
164
164
|
|
|
165
165
|
```bash
|
|
166
|
-
docker run --rm -
|
|
166
|
+
docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen -r /app --server
|
|
167
167
|
```
|
|
168
168
|
|
|
169
169
|
Use curl or your favourite tool to pass arguments to the `/sbom` route.
|
|
@@ -348,10 +348,14 @@ Use the [CycloneDX CLI](https://github.com/CycloneDX/cyclonedx-cli) tool for adv
|
|
|
348
348
|
Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the [LICENSE](LICENSE) file for the full license.
|
|
349
349
|
|
|
350
350
|
[license]: https://github.com/cyclonedx/cdxgen/blob/master/LICENSE
|
|
351
|
+
[cyclonedx-homepage]: https://cyclonedx.org
|
|
351
352
|
|
|
352
|
-
##
|
|
353
|
-
|
|
354
|
-
The developers could be reached via the [discord](https://discord.gg/DCNxzaeUpd) channel.
|
|
353
|
+
## Contributing
|
|
355
354
|
|
|
355
|
+
Follow the usual PR process but prior to raising a PR run the following commands.
|
|
356
356
|
|
|
357
|
-
|
|
357
|
+
```bash
|
|
358
|
+
npm run lint
|
|
359
|
+
npm run pretty
|
|
360
|
+
npm test
|
|
361
|
+
```
|
package/bin/cdxgen
CHANGED
|
@@ -155,7 +155,10 @@ let options = {
|
|
|
155
155
|
}
|
|
156
156
|
const bomNSData = (await bom.createBom(filePath, options)) || {};
|
|
157
157
|
|
|
158
|
-
if (
|
|
158
|
+
if (
|
|
159
|
+
args.output &&
|
|
160
|
+
(typeof args.output === "string" || args.output instanceof String)
|
|
161
|
+
) {
|
|
159
162
|
if (bomNSData.bomXmlFiles) {
|
|
160
163
|
console.log("BOM files produced:", bomNSData.bomXmlFiles);
|
|
161
164
|
} else {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "8.0.
|
|
3
|
+
"version": "8.0.5",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill-of-Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|
package/utils.js
CHANGED
|
@@ -485,7 +485,7 @@ const yarnLockToIdentMap = function (lockData) {
|
|
|
485
485
|
if (group) {
|
|
486
486
|
group = `${group}/`;
|
|
487
487
|
}
|
|
488
|
-
if (range.startsWith("npm:")) {
|
|
488
|
+
if (range && range.startsWith("npm:")) {
|
|
489
489
|
range = range.replace("npm:", "");
|
|
490
490
|
}
|
|
491
491
|
currentIdents.push(`${group || ""}${name}@${range}`);
|