github CycloneDX/cdxgen v9.1.0
MINOR: Deno, evidences and python dependency tree. 1 BREAKING change
on GitHub

latest releases: v10.5.2, v10.5.1, v10.5.0...
11 months ago

What's Changed

  • Adds a container image based on the deno runtime
  • Fixes the virtualenv issue reported here
  • Offers component evidence with confidence for some ecosystem
  • Python dependency tree construction
  • New --validate cli argument and validateBom export to validate the generated SBoM using jsonschema
  • BREAKING: Makes jar scanning enabled by default. Previously, it required --deep explicitly. This would increase the number of components in the SBoM. Such jar-based components might lack precise group, name, or version, indicated under evidence => confidence.

Dependency Tree

2023-07-06_14-06-54

Jar scanning enabled

2023-07-06_14-33-13

Evidence with confidence

2023-07-06_15-00-28

Full Changelog: v9.0.1...v9.1.0

Check out latest releases or
releases around CycloneDX/cdxgen v9.1.0

Don't miss a new cdxgen release

NewReleases is sending notifications on new releases.

Get notifications