mirror of
https://github.com/anchore/grype
synced 2024-11-10 06:34:13 +00:00
a62a3a413e
grype currently produces CYCLONE-DX SBOM that are not compliant with the cyclone-dx tooling libraries. Rather than write the logic in two places, this PR moves grype to use syft's formatting functions as a library to produce valid CYCLONE-DX SBOM components along with the discovered vulnerabilities. For more context on impacted issues: https://github.com/anchore/grype/issues/796 https://github.com/anchore/grype/issues/951
2 lines
17 B
Text
2 lines
17 B
Text
bom.xml
|
|
bom.json
|