You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The CycloneDX(SBOM) file passed to this command is generated by the bom:generatecommand. This file contains the Bill of Materials including the package URL.
This command will use the CycloneDX file to check each package what the current version is. It will use the packge URL for finding out what the current version is and which date it was released.
graph LR;
subgraph what it should query
queries-.-latest[What's the latest version? And it's release date?]
queries-.-current[What's the currents version release date?]
end
subgraph different repositories
Repositories-.-Composer
Repositories-.-Bundler
Repositories-.-Carton
Repositories-.-Pip
Repositories-.-NuGet
end
subgraph the flow
purl[Package URL]-->Repository
Repository-->query[Query info, find out where the code lives github.com etc.]
query-->git[Ask git for the repository's tags and what date they were published]
git-->calc[Calculate lib year]
end
Loading
Command parameters
filepath: Filepath of CycloneDX file containing the BOM history.
Notes
Fetching repository info with bundler:
root ➜ /code (calculate-libyear) $ bundle info sqlite3
* sqlite3 (1.4.2)
Summary: This module allows Ruby programs to interface with the SQLite3 database engine (http://www.sqlite.org)
Homepage: https://github.com/sparklemotion/sqlite3-ruby
Path: /usr/local/bundle/gems/sqlite3-1.4.2
compute libyear
What does this command do?
The CycloneDX(SBOM) file passed to this command is generated by the
bom:generate
command. This file contains the Bill of Materials including the package URL.This command will use the CycloneDX file to check each package what the current version is. It will use the packge URL for finding out what the current version is and which date it was released.
Command parameters
filepath
: Filepath of CycloneDX file containing the BOM history.Notes
Fetching repository info with bundler:
Fetching repository info with carton (https://metacpan.org/dist/carton/view/lib/Carton/Doc/Show.pod):
The text was updated successfully, but these errors were encountered: