Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds convenience methods for using the Syft CLI to create SBoM information #104

Merged
merged 1 commit into from Nov 18, 2021
Merged

Adds convenience methods for using the Syft CLI to create SBoM information #104

merged 1 commit into from Nov 18, 2021
+476 −5

Commits on Nov 18, 2021

  1. Adds convenience methods for using the Syft CLI to create SBoM inform… 

    …ation

- Supports running syft against a directory & generating one or more output formats
- Automatically converts syft generated CycloneDX XML to JSON, which is what buildpacks require
- This is working around a couple features not present in syft at the moment, such as support for multiple output formats or conversion, and being able to output directly to CycloneDX JSON. When those features are added, we can trim this code back accordingly. The function signatures should not need to change for that.
- There is no official libcnb release yet, so this branch is pointing to the latest commit. When libcnb releases, we'll need to bump this dependency in go.mod back to a release

Signed-off-by: Daniel Mikusa <dmikusa@vmware.com>
    Daniel Mikusa committed Nov 18, 2021
    Configuration menu
    Copy the full SHA
    2576e59 View commit details
    Browse the repository at this point in the history