Skip to content

CycloneDX/gh-dotnet-generate-sbom

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
.github
.github
 
 
node_modules/@actions/core
node_modules/@actions/core
 
 
LICENSE
LICENSE
 
 
NOTICE
NOTICE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 

Repository files navigation

Website Slack Invite Group Discussion Twitter

GitHub action to generate a CycloneDX SBOM for .NET

Inputs

path

Required The path to a .sln, .csproj, .vbproj, or packages.config file or the path to a directory which will be recursively analyzed for packages.config files.

Be sure to quote paths with spaces.

out

Output directory, default is "./"

Be sure to quote paths with spaces.

json

Produce a JSON BOM instead of XML, set to any value instead of false.

github-bearer-token

Optionally provide the GitHub action bearer token for license resolution (example below).

Example usage

- name: Generate XML SBOM
  uses: CycloneDX/gh-dotnet-generate-sbom@v1
  with:
    path: ./CycloneDX.sln
    github-bearer-token: ${{ secrets.GITHUB_TOKEN }}

- name: Generate JSON SBOM
  uses: CycloneDX/gh-dotnet-generate-sbom@master
  with:
    path: ./CycloneDX.sln
    json: true
    github-bearer-token: ${{ secrets.GITHUB_TOKEN }}

About

GitHub action to generate a CycloneDX SBOM for .NET

Topics

dotnet owasp bom bill-of-materials software-bill-of-materials sbom github-action cyclonedx sbom-generator

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

11 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases 1

Maintenance release Latest
Oct 9, 2020

Sponsor this project

Packages

No packages published

Contributors 2

  •  
  •  

Languages