Skip to content
Creates CycloneDX BOMs from Node.js projects
Branch: master
Clone or download
Latest commit 1cd7811 Nov 28, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
bin Finalized filenames, symlinks, etc. Updated version May 23, 2018
.travis.yml
LICENSE
README.md Update README.md Jul 21, 2018
index.js Support multiple licenses and SPDX expressions Jul 2, 2018
package-lock.json
package.json
release.sh Prepring for release. Changing executable name May 22, 2018
spdx-licenses.json Updated to SPDX 3.3 Nov 27, 2018

README.md

Build Status License Website Twitter

CycloneDX Node.js Module

The CycloneDX module for Node.js creates a valid CycloneDX bill-of-material document containing an aggregate of all project dependencies. CycloneDX is a lightweight BoM specification that is easily created, human readable, and simple to parse. The resulting bom.xml can be used with tools such as OWASP Dependency-Track for the continuous analysis of components.

Usage

Installing

npm install -g @cyclonedx/bom

Getting Help

$ cyclonedx-bom -h
Usage:  cyclonedx-bom [OPTIONS] [path]
Options:
  -h        - this help
  -a <path> - merge in additional modules from other scanner
  -o <path> - write to file instead of stdout

Example

cyclonedx-bom -o bom.xml

License

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.

You can’t perform that action at this time.