Skip to content
play

GitHub Action

CycloneDX .NET Generate SBOM

v1.0.1 Latest version

CycloneDX .NET Generate SBOM

play

CycloneDX .NET Generate SBOM

Github action to generate a CycloneDX BOM for .NET projects

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: CycloneDX .NET Generate SBOM

              
  uses: CycloneDX/gh-dotnet-generate-sbom@v1.0.1
Learn more about this action in CycloneDX/gh-dotnet-generate-sbom

Choose a version

Website Slack Invite Group Discussion Twitter

GitHub action to generate a CycloneDX SBOM for .NET

Inputs

path

Required The path to a .sln, .csproj, .vbproj, or packages.config file or the path to a directory which will be recursively analyzed for packages.config files.

Be sure to quote paths with spaces.

out

Output directory, default is "./"

Be sure to quote paths with spaces.

json

Produce a JSON BOM instead of XML, set to any value instead of false.

github-bearer-token

Optionally provide the GitHub action bearer token for license resolution (example below).

Example usage

- name: Generate XML SBOM
  uses: CycloneDX/gh-dotnet-generate-sbom@v1
  with:
    path: ./CycloneDX.sln
    github-bearer-token: ${{ secrets.GITHUB_TOKEN }}

- name: Generate JSON SBOM
  uses: CycloneDX/gh-dotnet-generate-sbom@master
  with:
    path: ./CycloneDX.sln
    json: true
    github-bearer-token: ${{ secrets.GITHUB_TOKEN }}