CycloneDX/cdxgen issues and pull requests

#1382 - refactor: project structure PR

Pull Request - State: open - Opened by aryan-rajoria 12 days ago

#1380 - [Gradle] Added deep-scanning of gradle modules

Pull Request - State: closed - Opened by malice00 13 days ago - 11 comments
Labels: Ready for QA, breaking, gradle

#1379 - [Gradle] Fixed a problem with scoped NPM packages while resolving modules from NPM

Pull Request - State: closed - Opened by malice00 14 days ago - 4 comments
Labels: gradle

#1378 - Do not create empty component.components

Pull Request - State: closed - Opened by prabhu 14 days ago - 2 comments

#1377 - Feat: Include components from pnpm-lock.yaml importers

Pull Request - State: open - Opened by aryan-rajoria 16 days ago - 1 comment

#1376 - [Gradle] Don't use full multi-threading, SBOMs can be completely wrong

Pull Request - State: closed - Opened by malice00 17 days ago - 2 comments

#1375 - Doc: bump version to 10.9.11

Pull Request - State: closed - Opened by aryan-rajoria 17 days ago

#1374 - Recover dependency tree from nuspec files

Pull Request - State: closed - Opened by prabhu 18 days ago - 2 comments
Labels: sponsored, lang:dotnet

#1373 - Fix: #1370 - restrict bazel projects to pattern `BUILD{,.bazel}`

Pull Request - State: closed - Opened by heubeck 19 days ago

#1371 - Handling sub-components of the root component the same as all other components

Pull Request - State: closed - Opened by malice00 19 days ago - 4 comments

#1370 - Bazel build being run for non-Bazel projects, causing errors

Issue - State: open - Opened by MCDong 19 days ago - 3 comments

#1369 - bump version to 10.9.10

Pull Request - State: closed - Opened by aryan-rajoria 20 days ago

#1368 - [Gradle] Resolve gradle module from npm package

Pull Request - State: closed - Opened by malice00 21 days ago - 5 comments
Labels: Ready for QA, gradle

#1367 - use package import method in tests

Pull Request - State: closed - Opened by prabhu 21 days ago

#1366 - Fix gitClone error logging and improve code quality

Pull Request - State: closed - Opened by amuravski 21 days ago - 4 comments

#1365 - [Gradle] Correctly identify all modules' group and version

Pull Request - State: closed - Opened by malice00 21 days ago - 2 comments
Labels: Ready for QA, gradle

#1364 - [pixi] dependency tree support for python pixi

Issue - State: open - Opened by prabhu 22 days ago

#1363 - Lint fixes

Pull Request - State: closed - Opened by prabhu 22 days ago - 1 comment

#1362 - Fix: `nvm tests` in `envcontext.test.js`

Pull Request - State: closed - Opened by aryan-rajoria 23 days ago - 5 comments

#1361 - test: ensure all *.test.js files are being run

Pull Request - State: open - Opened by setchy 23 days ago - 4 comments
Labels: test

#1360 - refactor: project structure

Pull Request - State: open - Opened by setchy 23 days ago - 4 comments

#1358 - [publish] Generate .map and .ts.map before publish

Issue - State: open - Opened by prabhu 25 days ago

#1357 - Feat: Add support for different Node versions (NVM support)

Pull Request - State: closed - Opened by aryan-rajoria 25 days ago - 4 comments
Labels: sponsored, lang:node

#1356 - Improve partial dependency tree detection

Pull Request - State: closed - Opened by prabhu 25 days ago
Labels: sponsored, lang:python

#1355 - [container] Error while generating SBOM for cdxgen image

Issue - State: closed - Opened by prabhu 26 days ago - 1 comment
Labels: help wanted, lang:container

#1354 - feat: gomod direct detection

Pull Request - State: closed - Opened by prabhu 26 days ago - 1 comment
Labels: sponsored, possibly breaking, lang:go

#1353 - Only a single instance of a dependency component reported in the SBOM when there are multiple instances

Issue - State: open - Opened by prabhu 27 days ago
Labels: needs contributor, lang:node

#1352 - Tune down a log

Pull Request - State: closed - Opened by prabhu 27 days ago
Labels: lang:java

#1351 - Use java8 type in snapshot tests

Pull Request - State: closed - Opened by prabhu 27 days ago - 1 comment

#1350 - Update packages. Tuned down a warning

Pull Request - State: closed - Opened by prabhu 27 days ago
Labels: Ready for QA, lang:node

#1349 - Force go mod graph even when go list errors out

Pull Request - State: closed - Opened by prabhu 29 days ago
Labels: sponsored, lang:go

#1348 - Fix: update glibc with more library headers

Pull Request - State: closed - Opened by aryan-rajoria 30 days ago

#1347 - Fix: update glibc with more library headers

Pull Request - State: closed - Opened by aryan-rajoria 30 days ago

#1346 - Revert "Feat: Add support for pixi package manager"

Pull Request - State: closed - Opened by cerrussell about 1 month ago - 1 comment

#1345 - Revert "Feat: Add support for pixi package manager"

Pull Request - State: closed - Opened by cerrussell about 1 month ago

#1344 - 5

Pull Request - State: closed - Opened by UgniusV about 1 month ago - 1 comment

#1343 - Specify Environments for Pixi or Python Projects

Issue - State: open - Opened by aryan-rajoria about 1 month ago

#1342 - Add atom support for pixi projects

Issue - State: closed - Opened by aryan-rajoria about 1 month ago - 1 comment

#1341 - Test/yikes

Pull Request - State: closed - Opened by UgniusV about 1 month ago

#1338 - [Documentation] Moved the example to the correct EnvVar

Pull Request - State: closed - Opened by malice00 about 1 month ago - 4 comments

#1337 - Fixed multithreaded gradle

Pull Request - State: closed - Opened by malice00 about 1 month ago - 18 comments

#1336 - [Gradle] Fixed incorrect PURLs & BOM-REFs

Pull Request - State: closed - Opened by malice00 about 1 month ago - 4 comments

#1335 - [Gradle] GRADLE_MULTI_THREADED throws an error

Issue - State: closed - Opened by malice00 about 1 month ago - 2 comments

#1334 - [bazel] Support for lock files

Issue - State: open - Opened by prabhu about 1 month ago
Labels: Consider Funding, needs contributor

#1333 - 8.6.0 version started requiring new major Node version

Issue - State: closed - Opened by ncucinotta-reply about 1 month ago - 6 comments

#1332 - [c] Support for cmake ExternalProject

Issue - State: open - Opened by prabhu about 1 month ago
Labels: lang:c

#1329 - Update README.md - Server parameters

Pull Request - State: closed - Opened by wlargou about 1 month ago - 1 comment

#1328 - [Security] Code execution risk when running cdxgen against untrusted repos

Issue - State: open - Opened by prabhu about 1 month ago - 1 comment
Labels: Consider Funding, security

#1327 - Feat: add projects to cdxgen test/diff/repos.csv

Pull Request - State: closed - Opened by aryan-rajoria about 1 month ago

#1326 - Update SERVER.md

Pull Request - State: closed - Opened by wlargou about 1 month ago

#1325 - Make sure composer.lock dependency package version is a string

Pull Request - State: closed - Opened by marob about 1 month ago

#1324 - detection of license for ua-parser-js is MIT instead of AGPL-3.0-or-later

Issue - State: open - Opened by jdalton about 1 month ago - 4 comments

#1322 - fixed null error in utils.js

Pull Request - State: closed - Opened by almaz045 about 1 month ago

#1320 - Feat: Add support for pixi package manager

Pull Request - State: closed - Opened by aryan-rajoria about 1 month ago - 6 comments
Labels: lang:python, pixi

#1319 - Update index.js

Pull Request - State: closed - Opened by leoliaolei about 1 month ago - 1 comment

#1318 - Delete log "No components got filtered with the given criteria." 2 (#1315)

Pull Request - State: closed - Opened by metametadata about 2 months ago - 2 comments

#1317 - Update packages

Issue - State: open - Opened by prabhu about 2 months ago - 1 comment

#1316 - Delete log "No components got filtered with the given criteria." (#1315)

Pull Request - State: closed - Opened by metametadata about 2 months ago - 2 comments

#1315 - Confusing log `No components got filtered with the given criteria.`

Issue - State: closed - Opened by metametadata about 2 months ago - 1 comment

#1314 - Unable to extract and archiving Read Error

Issue - State: open - Opened by arkajnag23 about 2 months ago - 18 comments

#1312 - build: use labels for changleog release section generation

Pull Request - State: closed - Opened by setchy about 2 months ago
Labels: build

#1311 - Better release changelog generator

Issue - State: closed - Opened by prabhu about 2 months ago - 3 comments

#1310 - IncludeLicenses and gradleToMaven features

Pull Request - State: closed - Opened by amuravski about 2 months ago

#1309 - Fix: Match OS packages for stdlib

Pull Request - State: closed - Opened by aryan-rajoria about 2 months ago - 5 comments
Labels: lang:c

#1308 - container: support passing registry aliases for substitution in pre-bom stage

Issue - State: open - Opened by setchy about 2 months ago - 1 comment
Labels: enhancement, lang:container

#1307 - Add support for build arguments in FROM instruction

Pull Request - State: closed - Opened by Bizordec about 2 months ago - 1 comment

#1306 - Required only filter for python was too aggressive

Pull Request - State: closed - Opened by prabhu about 2 months ago
Labels: bug, Ready for QA, lang:python

#1305 - fix: dependencies for root component where missing with --required_only

Pull Request - State: closed - Opened by StefanFl about 2 months ago

#1303 - Adds occurrence evidence for poetry projects

Pull Request - State: closed - Opened by prabhu about 2 months ago
Labels: lang:python

#1302 - Pom.xml build failed when trying to create a jar file using jenkins

Issue - State: closed - Opened by TestsGene about 2 months ago - 1 comment

#1301 - sdkman in container

Pull Request - State: closed - Opened by prabhu about 2 months ago
Labels: possibly breaking, lang:python, lang:java, mode:container

#1300 - Fix repo tests sdkman

Pull Request - State: closed - Opened by prabhu about 2 months ago

#1299 - sdkman support

Pull Request - State: closed - Opened by prabhu about 2 months ago - 2 comments
Labels: sponsored, lang:java

#1298 - Support for excluding individual package managers in java

Pull Request - State: closed - Opened by prabhu about 2 months ago
Labels: sponsored, lang:java

#1295 - How exclude bazel

Issue - State: closed - Opened by evyaroshevich about 2 months ago

#1293 - Support for Spack

Issue - State: open - Opened by prabhu about 2 months ago

#1292 - build: add lint-staged

Pull Request - State: closed - Opened by setchy about 2 months ago
Labels: build

#1291 - docs: remove duplication between README and website

Issue - State: open - Opened by setchy about 2 months ago
Labels: documentation

#1290 - Invoke atom parsedeps only in deep mode or as a fallback

Pull Request - State: closed - Opened by prabhu about 2 months ago
Labels: sponsored, possibly breaking, lang:python

#1289 - Improvements to csproj target framework detection

Pull Request - State: closed - Opened by prabhu about 2 months ago
Labels: sponsored, lang:dotnet, lang:java, bazel

#1288 - feature : add an 'insecure' option to not check certificate validity

Pull Request - State: closed - Opened by jecuendet about 2 months ago - 4 comments

#1287 - Add --insecure option to disable TLS verification

Pull Request - State: closed - Opened by jecuendet about 2 months ago - 2 comments

#1286 - feat(server): support passing `fetchLicense`

Pull Request - State: open - Opened by setchy about 2 months ago
Labels: mode:server

#1285 - Snapshot tests update

Pull Request - State: closed - Opened by cerrussell 2 months ago

#1284 - [evinse] Occurrence evidence is empty for blint repo

Issue - State: closed - Opened by prabhu 2 months ago - 1 comment
Labels: lang:python, evinse

#1283 - yarn v1 lockfile with quoted keys were not working

Pull Request - State: closed - Opened by prabhu 2 months ago
Labels: lang:node, yarn

#1282 - add all java archive files to trivy skip statement

Pull Request - State: closed - Opened by maur1 2 months ago

#1281 - spec: update default specVersion to v1.6

Issue - State: open - Opened by setchy 2 months ago - 2 comments

#1280 - Feat: New safe pip install to recover partial dependency tree

Pull Request - State: closed - Opened by prabhu 2 months ago - 3 comments
Labels: Ready for QA, sponsored, lang:python

#1279 - Add missing variable defaultProps

Pull Request - State: closed - Opened by ajmalab 2 months ago

#1277 - docs(server): update to highlight that comma separated types are supported

Pull Request - State: closed - Opened by setchy 2 months ago
Labels: documentation, mode:server

#1276 - docs: update server arguments

Issue - State: closed - Opened by setchy 2 months ago
Labels: documentation

#1275 - build: restore vscode settings

Pull Request - State: closed - Opened by setchy 2 months ago - 1 comment
Labels: build

#1274 - feat(server): improve logging

Pull Request - State: closed - Opened by setchy 2 months ago
Labels: enhancement, mode:server

#1273 - Allow Conan references with user and channel in conan.lock files

Pull Request - State: closed - Opened by Khubajsn 2 months ago - 2 comments

#1271 - Added support for lifecycle and other args to server

Pull Request - State: closed - Opened by prabhu 2 months ago - 7 comments
Labels: mode:server

#1269 - Simplified iri validation

Pull Request - State: open - Opened by prabhu 2 months ago - 4 comments

#1268 - [windows] universal mode results in numerous oci errors

Issue - State: open - Opened by prabhu 2 months ago

#1267 - Tweaks

Pull Request - State: closed - Opened by prabhu 2 months ago

#1266 - Fixes 1264

Pull Request - State: closed - Opened by prabhu 2 months ago
Labels: Ready for QA, lang:java

GitHub / CycloneDX/cdxgen issues and pull requests