Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

M1 mac sae builds #857

Merged
merged 6 commits into from
Jan 31, 2024
Merged

M1 mac sae builds #857

merged 6 commits into from
Jan 31, 2024

Conversation

prabhu
Copy link
Collaborator

@prabhu prabhu commented Jan 30, 2024
edited
Loading

Fixes #858
Adds container support with the latest plugins on Mac arm machines.

@Albertoimpl, could you kindly test if you are getting OS packages on a Mac with this branch? Don't forget to do a fresh npm install.

@prabhu
M1 mac sae builds
76cd09f 
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@Albertoimpl
Copy link

Sure thing, here it is @prabhu.

(base) ➜  cdxgen git:(master) git pull origin master
From https://github.com/CycloneDX/cdxgen
 * branch            master     -> FETCH_HEAD
Updating 4a427f7..7e1fc4c
Fast-forward
 .github/workflows/nodejs.yml |   5 +----
 docker.js                    |  46 ++++++++++++++++++++++++++++++++++++++++------
 index.js                     |  58 +++++++++++++++++++++++++++++++++-------------------------
 package-lock.json            |   4 ++--
 package.json                 |   2 +-
 utils.js                     | 100 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------
 6 files changed, 143 insertions(+), 72 deletions(-)
(base) ➜  cdxgen git:(master) git st
On branch master
Your branch is up to date with 'origin/master'.

nothing to commit, working tree clean
(base) ➜  cdxgen git:(master) git co feature/mac-m1
branch 'feature/mac-m1' set up to track 'origin/feature/mac-m1'.
Switched to a new branch 'feature/mac-m1'
(base) ➜  cdxgen git:(feature/mac-m1) git st
On branch feature/mac-m1
Your branch is up to date with 'origin/feature/mac-m1'.

nothing to commit, working tree clean
(base) ➜  cdxgen git:(feature/mac-m1) npm install

changed 1 package, and audited 1197 packages in 31s

158 packages are looking for funding
  run `npm fund` for details

8 vulnerabilities (7 moderate, 1 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

(base) ➜  cdxgen git:(feature/mac-m1) CDXGEN_DEBUG_MODE=debug node bin/cdxgen.js hello-java21:0.0.1-SNAPSHOT -o pack-docker-bom.json -t docker
Docker service in root mode detected. Consider switching to rootless mode to improve security. See https://docs.docker.com/engine/security/rootless/
About to export image hello-java21:0.0.1-SNAPSHOT to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM
Image hello-java21:0.0.1-SNAPSHOT successfully exported to directory /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM
Extracting layer 78f51b34cdb3f8fce65822127438b28dc7a32c76a7d85b1e507aeaa8c0ea2c81/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer b85fd81f91f59af38f617908ad471f11df6531e73fede4d96053466eadf6352c/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 48a167d0bf6ac2ab4d3ddb040b0315fe4609ca68e206a83114b290bde84d193a/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 7d4df159681613d7359315739d2f9e0af4262c10b5b4724c9e315215adc9f38a/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 0befdb38755861e69989351b952a31756b6ebfdd6dfb6059e3243b70e7f062a7/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 0e599c7ef3a39781a7a019ea2ca136d56d2c1d1fea034fe2a3742ef567be746b/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 627ab828402b764f37dbe4a63fba4b3011313dd5e3724e039cc28fad3e5eff83/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 0cee4fd24026a35991eedac884cd23291269e0473c5d7b15288c409e4e9ef770/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 9dbeb258318e0d177cdf4774a7bf6f09a1ce7ec62d2a13a333c3b093358e3b21/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 46baffb9b930cebb69679ac182444f93bd73f5351e6e4667cb8c6a3c806bcfce/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 2573b99cff35e9507bb0e8985c927cdbe82d11bb5e2379a396e745127c161069/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 18281f74c821882242f1e4a6c60b2dd55e7b9d04b4a155cf74dbbf4cd6637c95/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 7d99a4f3e9ee7dae6c827f53def51e765541ab0ad103f60c6893de06bfe22505/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 27da8124a07df66398ac07f4419eb42944bd344a4e0bbe6322bdac4efddf29ac/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer e2c3f91c74ace97935ad40ffd74d52e58df18f20e7208beb75b743d8b6827857/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer b929e5a5aee42c9a58c016029659ae285aa6dfd5898fcf3197c6df772eae121a/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Archive /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/b929e5a5aee42c9a58c016029659ae285aa6dfd5898fcf3197c6df772eae121a/layer.tar is empty. Skipping.
Extracting layer 914a23dab11c34c5b5a87dc1c70167eceb7e6e6f1e27fa1fec38aa8cba2b5220/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Skipping layer 52b6bbdde33b1672c98ac7a4b97adec7e027da75e4e255dbf593e55495d7c164/layer.tar since it is not a readable file.
Extracting layer 2db300fe990fae90bf707de6956145d91b817d8218123b6b029a7334d2b20055/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer cf40d5141df746950d97642f90dfaafa412f4b01d731bba074d68a8861b25d57/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Extracting layer 3f5d6c221615f7f54a9f8a437cd1c75cc353accb9bc14b6296b880198f5e3f3d/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
pathList [
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/local/go',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/local/lib',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/local/lib64',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/opt',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/home',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/share',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/src',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/var/www/html',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/var/lib',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/mnt',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/app',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/layers',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/data',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/srv',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/lib',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/lib64'
]
Executing /Users/rcallejarios/workspace/cdxgen/node_modules/@cyclonedx/cdxgen-plugins-bin/plugins/trivy/trivy-cdxgen-darwin-amd64 rootfs --skip-db-update --skip-java-db-update --offline-scan --skip-files **/*.jar --no-progress --exit-code 0 --format cyclonedx --cache-dir /Users/rcallejarios/.cache/trivy --output /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/trivy-cdxgen-Bodm0a/trivy-bom.json /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Found 0 OS packages at /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/local/go
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/local/lib
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/local/lib64
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/opt
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/home
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/share
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/src
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/var/www/html
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/var/lib
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/mnt
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/tomcat-embed-websocket-10.1.18.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/tomcat-embed-websocket-10.1.18.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/tomcat-embed-el-10.1.18.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/tomcat-embed-el-10.1.18.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/tomcat-embed-core-10.1.18.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/tomcat-embed-core-10.1.18.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-webmvc-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-webmvc-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-web-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-web-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-jcl-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-jcl-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-expression-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-expression-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-core-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-core-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-context-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-context-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-jarmode-layertools-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-boot-jarmode-layertools-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-autoconfigure-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-boot-autoconfigure-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-actuator-autoconfigure-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-boot-actuator-autoconfigure-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-actuator-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-boot-actuator-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-boot-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-beans-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-beans-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-aop-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/spring-aop-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/snakeyaml-2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/snakeyaml-2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/slf4j-api-2.0.11.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/slf4j-api-2.0.11.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-observation-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/micrometer-observation-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-jakarta9-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/micrometer-jakarta9-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-core-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/micrometer-core-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-commons-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/micrometer-commons-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/logback-core-1.4.14.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/logback-core-1.4.14.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/logback-classic-1.4.14.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/logback-classic-1.4.14.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/log4j-to-slf4j-2.21.1.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/log4j-to-slf4j-2.21.1.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/log4j-api-2.21.1.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/log4j-api-2.21.1.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jul-to-slf4j-2.0.11.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jul-to-slf4j-2.0.11.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jakarta.annotation-api-2.1.1.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jakarta.annotation-api-2.1.1.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-module-parameter-names-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jackson-module-parameter-names-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-datatype-jsr310-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jackson-datatype-jsr310-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-datatype-jdk8-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jackson-datatype-jdk8-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-databind-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jackson-databind-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-core-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jackson-core-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-annotations-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/jackson-annotations-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/LatencyUtils-2.0.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/LatencyUtils-2.0.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/HdrHistogram-2.1.12.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-FzdQwj/HdrHistogram-2.1.12.jar
Found 36 jar packages at /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/app
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/layers
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/layers/paketo-buildpacks_spring-boot/spring-cloud-bindings/spring-cloud-bindings-2.0.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-TIw4cv/spring-cloud-bindings-2.0.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/layers/paketo-buildpacks_bellsoft-liberica/jre/lib/jrt-fs.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-TIw4cv/jrt-fs.jar
Found 2 jar packages at /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/layers
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/data
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/srv
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/lib
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/usr/lib64
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/tomcat-embed-websocket-10.1.18.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/tomcat-embed-websocket-10.1.18.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/tomcat-embed-el-10.1.18.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/tomcat-embed-el-10.1.18.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/tomcat-embed-core-10.1.18.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/tomcat-embed-core-10.1.18.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-webmvc-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-webmvc-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-web-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-web-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-jcl-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-jcl-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-expression-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-expression-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-core-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-core-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-context-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-context-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-jarmode-layertools-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-boot-jarmode-layertools-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-autoconfigure-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-boot-autoconfigure-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-actuator-autoconfigure-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-boot-actuator-autoconfigure-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-actuator-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-boot-actuator-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-boot-3.2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-boot-3.2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-beans-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-beans-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/spring-aop-6.1.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/spring-aop-6.1.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/snakeyaml-2.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/snakeyaml-2.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/slf4j-api-2.0.11.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/slf4j-api-2.0.11.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-observation-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/micrometer-observation-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-jakarta9-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/micrometer-jakarta9-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-core-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/micrometer-core-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/micrometer-commons-1.12.2.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/micrometer-commons-1.12.2.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/logback-core-1.4.14.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/logback-core-1.4.14.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/logback-classic-1.4.14.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/logback-classic-1.4.14.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/log4j-to-slf4j-2.21.1.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/log4j-to-slf4j-2.21.1.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/log4j-api-2.21.1.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/log4j-api-2.21.1.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jul-to-slf4j-2.0.11.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jul-to-slf4j-2.0.11.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jakarta.annotation-api-2.1.1.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jakarta.annotation-api-2.1.1.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-module-parameter-names-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jackson-module-parameter-names-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-datatype-jsr310-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jackson-datatype-jsr310-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-datatype-jdk8-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jackson-datatype-jdk8-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-databind-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jackson-databind-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-core-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jackson-core-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/jackson-annotations-2.15.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/jackson-annotations-2.15.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/LatencyUtils-2.0.3.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/LatencyUtils-2.0.3.jar
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace/BOOT-INF/lib/HdrHistogram-2.1.12.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-ymtmnN/HdrHistogram-2.1.12.jar
Found 36 jar packages at /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM/all-layers/workspace
BOM includes 38 components and 1 dependencies after dedupe
Cleaning up /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-s3TMzM

pack-docker-bom.json

cat pack-docker-bom.json | grep '"bom-ref": "pkg:maven/' | wc -l
      38

As a note, my machine is not an M1 is a MacBook Pro 16-inch, 2019 2,4 GHz 8-Core Intel Core i9.

@prabhu
Copy link
Collaborator Author

prabhu commented Jan 31, 2024

@Albertoimpl same as mine. I am also stuck with intel, but the new plugins are built only for arm64 for the modern kids out there. Let me try to find another user to test this. Thank you for being so helpful!

@Albertoimpl
Copy link

I have seen M1 support for GitHub actions https://github.blog/2023-10-02-introducing-the-new-apple-silicon-powered-m1-macos-larger-runner-for-github-actions/. I am not sure if this may help you automate your setup.

@prabhu
Copy link
Collaborator Author

prabhu commented Jan 31, 2024

I have seen M1 support for GitHub actions https://github.blog/2023-10-02-introducing-the-new-apple-silicon-powered-m1-macos-larger-runner-for-github-actions/. I am not sure if this may help you automate your setup.

docker doesn't seem to be supported yet due to licensing issues. I wasted a lot of time yesterday on this. Now working on darwin amd64 support so that we can just test this on ancient machines like ours.

CycloneDX/cdxgen-plugins-bin#14

@prabhu
darwin amd64
0d57492 
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@prabhu
darwin amd64
a818a62 
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@prabhu
darwin amd64
d308a70 
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@prabhu
Copy link
Collaborator Author

prabhu commented Jan 31, 2024

@Albertoimpl, could you kindly take the latest and test docker on an intel Mac?

@Albertoimpl
Copy link 

(base) ➜  cdxgen git:(feature/mac-m1) git pull origin feature/mac-m1
From https://github.com/CycloneDX/cdxgen
 * branch            feature/mac-m1 -> FETCH_HEAD
Updating 76cd09f..d308a70
Fast-forward
 binary.js         |  7 +++++++
 package-lock.json | 61 +++++++++++++++++++++++++++++++++++++------------------------
 package.json      | 13 +++++++------
 utils.test.js     |  4 ++--
 4 files changed, 53 insertions(+), 32 deletions(-)
(base) ➜  cdxgen git:(feature/mac-m1) npm install

added 1 package, changed 1 package, and audited 1198 packages in 32s

158 packages are looking for funding
  run `npm fund` for details

8 vulnerabilities (7 moderate, 1 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.
(base) ➜  cdxgen git:(feature/mac-m1) CDXGEN_DEBUG_MODE=debug node bin/cdxgen.js app-21:latest -o basic-docker-bom.json -t docker
Docker service in root mode detected. Consider switching to rootless mode to improve security. See https://docs.docker.com/engine/security/rootless/
About to export image app-21:latest to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK
Image app-21:latest successfully exported to directory /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK
Extracting layer 41da1d066941ce0d755ea3fb38a91100b0ea8e0ef12d679f82f70abd9fc48fd1/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers
Extracting layer 0f254b7e26a5de186dee6f19d5b7a99dae571d3fb0cc7d58ff5999b72aa9ce4f/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers
Extracting layer d440061725569ab6e1bafbb00b89c89dd61742572797cc6afe6e03f026db30c1/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers
Extracting layer 1dc6ba0876339d343b358e0698fa861f32da43806e4754ad26f1953f211dfb73/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers
Extracting layer f48a7529db652084dcb8640ab0b13b9004dda429b62fb6c030119f5e912ec3e7/layer.tar to /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers
Archive /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/f48a7529db652084dcb8640ab0b13b9004dda429b62fb6c030119f5e912ec3e7/layer.tar is empty. Skipping.
pathList [
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/local/go',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/local/lib',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/local/lib64',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/opt',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/home',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/share',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/src',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/var/www/html',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/var/lib',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/mnt',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/app',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/layers',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/data',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/srv',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/lib',
  '/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/lib64'
]
Executing /Users/rcallejarios/workspace/cdxgen/node_modules/@cyclonedx/cdxgen-plugins-bin-darwin-amd64/plugins/trivy/trivy-cdxgen-darwin-amd64 rootfs --skip-db-update --skip-java-db-update --offline-scan --skip-files **/*.jar --no-progress --exit-code 0 --format cyclonedx --cache-dir /Users/rcallejarios/.cache/trivy --output /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/trivy-cdxgen-wCOP0I/trivy-bom.json /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers
Cleaning up /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/trivy-cdxgen-wCOP0I
{}
Found 151 OS packages at /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/local/go
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/local/lib
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/local/lib64
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/opt
Parsing /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/opt/hello-java21/hello-java21-0.0.1-SNAPSHOT.jar
List of jars: /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/tomcat-embed-websocket-10.1.18.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/tomcat-embed-el-10.1.18.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/tomcat-embed-core-10.1.18.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-webmvc-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-web-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-jcl-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-expression-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-core-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-context-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-boot-jarmode-layertools-3.2.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-boot-autoconfigure-3.2.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-boot-actuator-autoconfigure-3.2.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-boot-actuator-3.2.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-boot-3.2.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-beans-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/spring-aop-6.1.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/snakeyaml-2.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/slf4j-api-2.0.11.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/micrometer-observation-1.12.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/micrometer-jakarta9-1.12.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/micrometer-core-1.12.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/micrometer-commons-1.12.2.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/logback-core-1.4.14.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/logback-classic-1.4.14.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/log4j-to-slf4j-2.21.1.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/log4j-api-2.21.1.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jul-to-slf4j-2.0.11.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jakarta.annotation-api-2.1.1.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jackson-module-parameter-names-2.15.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jackson-datatype-jsr310-2.15.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jackson-datatype-jdk8-2.15.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jackson-databind-2.15.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jackson-core-2.15.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/jackson-annotations-2.15.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/LatencyUtils-2.0.3.jar,/var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/jar-deps-X9zZl0/BOOT-INF/lib/HdrHistogram-2.1.12.jar
Found 36 jar packages at /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/opt
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/home
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/share
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/src
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/var/www/html
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/var/lib
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/mnt
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/app
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/layers
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/data
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/srv
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/lib
Scanning /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK/all-layers/usr/lib64
BOM includes 181 components and 113 dependencies after dedupe
Cleaning up /var/folders/3q/1946fvt16msg8737dbkqlm700000gr/T/docker-images-xuJwVK
(base) ➜  cdxgen git:(feature/mac-m1) ✗ cat basic-docker-bom.json | grep '"bom-ref": "pkg:maven/' | wc -l
      36

basic-docker-bom.json

@prabhu
osquery darwin
1da140c 
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@prabhu
fix osquery args in darwin
22e62a7 
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@prabhu prabhu merged commit 31410e9 into master Jan 31, 2024
17 of 18 checks passed
@prabhu prabhu deleted the feature/mac-m1 branch January 31, 2024 13:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Ready for QA
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[obom] Add support for vscode_extensions
2 participants
@prabhu @Albertoimpl