Creates CycloneDX BOMs from .NET Projects
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
CycloneDX
.gitignore
.travis.yml
CycloneDX.sln
LICENSE
README.md
build.sh
push.sh
semver.txt

README.md

Build Status License Website Twitter

CycloneDX module for .NET

The CycloneDX module for .NET creates a valid CycloneDX bill-of-material document containing an aggregate of all project dependencies. CycloneDX is a lightweight BoM specification that is easily created, human readable, and simple to parse. The resulting bom.xml can be used with tools such as OWASP Dependency-Track for the continuous analysis of components.

Usage

Installing

dotnet tool install --global CycloneDX

If you already have a previous version of CycloneDX installed, you can upgrade to the latest version using the following command:

dotnet tool update --global CycloneDX

Options

Usage: cyclonedx [path] -o [outputDirectory]

Arguments:
  Path            The path to a .sln, .csproj or .vbproj file

Options:
  -o|--outputDirectory <OUTPUT_DIRECTORY> The directorty to write the BOM
  -?|-h|--help                            Show help information

Example

To run the CycloneDX tool you need to specify a solution or project file. In case you pass a solution, the tool will aggregate all the projects.

cyclonedx YourSolution.sln -o /output/path

License

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.