-
-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Split the project into separate crates to support reuse #68
Labels
enhancement
New feature or request
Comments
amy-keibler
added a commit
that referenced
this issue
Dec 1, 2021
This is a part of the effort mentioned in #68 Signed-off-by: Amy Keibler <amelia.keibler@gmail.com>
Work on this is underway in the |
amy-keibler
added a commit
that referenced
this issue
Dec 5, 2021
This is a part of the effort mentioned in #68 Signed-off-by: Amy Keibler <amelia.keibler@gmail.com>
amy-keibler
added a commit
that referenced
this issue
Dec 9, 2021
This is a part of the effort mentioned in #68 Signed-off-by: Amy Keibler <amelia.keibler@gmail.com>
2 tasks
Closed
I know this is an old issue but do you happen to remember what's not available via |
I think this can be closed as it's been done. Any objections? @Shnatsel opinions? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Right now, the project is published under a single crate
cyclonedx-sbom
. The dependencies required for the full functionality of the CLI result in a very large dependency tree and large compile times (mostly due to the dependency oncargo
due to some things not being available viacargo_metadata
).We should split the project into two crates:
cyclonedx-sbom
: A lightweight library that implements the specification and provides small utilities (e.g. proposed merge algorithm implementations would live here)cargo-cyclonedx
: The current functionality, but structured in a way that makes the library easy to integrate with other rust applications and makes the binary as the first-party implementation on top.Proposed Approach
cargo-cyclonedx
cratecdx-automation
user with publish access to that cratecargo-cyclonedx/
cargo-cyclonedx
and other Rust applicationsKeats/validator
publish crates
action we currently use, but more research needs to be done to determine specifying major / minor / patch versions.README.md
for each crateConcerns
cargo install
command and might cause problems with users who have already installed the CLI tool1.0.0
versionThe text was updated successfully, but these errors were encountered: