Add CBOM model
mcombuechen opened this issue · comments
This issue is to track #142 #165, the addition of the CBOM model from CycloneDX spec version 1.6.
See:
https://cyclonedx.org/docs/1.6/json/#components_items_cryptoProperties
https://cyclonedx.org/guides/OWASP_CycloneDX-Authoritative-Guide-to-CBOM-en.pdf
Hi there, with @louison77 we were testing your code from https://github.com/Petzys/cyclonedx-go (this particular commit 988f215) that we found from your previous PR #142 .
Before that we were in fact testing branch spec/1.6, but we replaced it with your own PR: this is an extract of our go.mod
require (
github.com/CycloneDX/cyclonedx-go v0.8.1-0.20240508101843-e0e9c670e161
)
replace github.com/CycloneDX/cyclonedx-go v0.8.1-0.20240508101843-e0e9c670e161 => github.com/Petzys/cyclonedx-go v0.0.0-20240425125758-988f2157b048
We are testing this for a PoC that we will soon open source. We had good results so far generating CBOM artifacts in both JSON and XML.
We will try your new PR (#165) soon. And once we have the green light to open-source our PoC, we can keep in touch if you are interested.