A plugin for PHP's Composer that generates Bill of Materials in CycloneDX format.
The plugin supports PHP 7.1 and later.
composer require --dev cyclonedx/cyclonedx-php-composer
After successful installation, the composer command make-bom is available.
$ composer make-bom -h
Usage:
make-bom [options]
Options:
--output-file=OUTPUT-FILE Path to the output file (default is bom.xml or bom.json)
--exclude-dev Exclude dev dependencies
--exclude-plugins Exclude composer plugins
--json Produce the BOM in JSON format (preview support)
-h, --help Display this help message
-q, --quiet Do not output any message
-V, --version Display this application version
--ansi Force ANSI output
--no-ansi Disable ANSI output
-n, --no-interaction Do not ask any interactive question
--profile Display timing and memory usage information
--no-plugins Whether to disable plugins.
-d, --working-dir=WORKING-DIR If specified, use the given directory as working directory.
--no-cache Prevent use of the cache
-v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
Help:
Generate a CycloneDX Bill of MaterialsPermission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.