CycloneDX Node.js Module
The CycloneDX module for Node.js creates a valid CycloneDX bill-of-material document containing an aggregate of all project dependencies. CycloneDX is a lightweight BoM specification that is easily created, human readable, and simple to parse. The resulting bom.xml can be used with tools such as OWASP Dependency-Track for the continuous analysis of components.
npm install -g @cyclonedx/bom
$ cyclonedx-bom -h Usage: cyclonedx-bom [OPTIONS] [path] Options: -h - this help -a <path> - merge in additional modules from other scanner -o <path> - write to file instead of stdout
cyclonedx-bom -o bom.xml
Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.