mirror of
https://github.com/anchore/grype
synced 2024-09-20 14:31:59 +00:00
385 B
385 B
CycloneDX Schemas
grype generates a CycloneDX BOm output with the vulnerability extension. This validation is similar to what is done in syft, validating output against CycloneDX schemas.
Validation is done with xmllint, which requires a copy of all schemas because it can't work with HTTP references. The schemas are modified to reference local copies of dependent schemas.