GitHub / CycloneDX/cyclonedx-cli issues and pull requests
#443 - Bump coverlet.collector and 8 others
Pull Request -
State: open - Opened by dependabot[bot] 17 days ago
Labels: dependencies, .NET
#441 - Bump coverlet.collector and 8 others
Pull Request -
State: closed - Opened by dependabot[bot] 18 days ago
- 1 comment
Labels: dependencies, .NET
#426 - spdx to cyclondx conversion failure
Issue -
State: open - Opened by trekcampy 2 months ago
#425 - Validation of sbom file fails when externalReferences url is ssh from GitHub
Issue -
State: open - Opened by owegelid 2 months ago
#424 - SPDX to Cyclonedx: no purl in converted component
Issue -
State: open - Opened by pstoeckle 4 months ago
#423 - Convert command bug for vulnerability versions affected status
Issue -
State: open - Opened by tommyrousey 5 months ago
- 3 comments
#422 - Give option to add added files as dependencies
Issue -
State: open - Opened by Whathecode 5 months ago
#421 - Error when converting GitHub's SPDXv2.3 JSON -> CycloneDX JSON
Issue -
State: open - Opened by stefanstojanovskin26 5 months ago
- 1 comment
#420 - La dernière version linux Cyclonedx-cli valide avec succés le fichier json cycloneDX alors que CyberWatch détecte une erreur fatale lors de l'import
Issue -
State: open - Opened by freygagne 5 months ago
- 1 comment
#419 - Duplicate components are valid with sbom in json format but not in xml
Issue -
State: open - Opened by Frazerus 7 months ago
- 3 comments
#418 - Switch to .NET 8
Pull Request -
State: open - Opened by andreas-hilti 7 months ago
#417 - VirusTotal detects cyclonedx-win-x64.exe version 0.27.2 24 Nov 2024 as a Malicious file notified by SecureAge Acronis (Static ML)
Issue -
State: open - Opened by freygagne 7 months ago
- 1 comment
#416 - Update DotNet version
Issue -
State: open - Opened by xanderio 8 months ago
#415 - Fix command line documentation
Pull Request -
State: open - Opened by andreas-hilti 8 months ago
- 2 comments
#414 - [docs] Clarify Option Placement in verify file Command Help
Issue -
State: open - Opened by viveksahu26 9 months ago
- 2 comments
#413 - Fix verification of signature with namespace prefix
Pull Request -
State: closed - Opened by andreas-hilti 9 months ago
#412 - XML signature with namespace prefix can not be verified
Issue -
State: closed - Opened by andreas-hilti 9 months ago
#411 - Bump actions/setup-dotnet from 3.0.2 to 4.1.0
Pull Request -
State: open - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions
#410 - Bump actions/checkout from 3.1.0 to 4.2.2
Pull Request -
State: open - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions
#409 - Merge produces incorrect ratings.method Null values
Issue -
State: open - Opened by wkoot 9 months ago
- 2 comments
#408 - `metadata.tools` not merged correctly when one SBOM uses legacy format and the other uses the newer format
Issue -
State: open - Opened by WIStudent 10 months ago
- 2 comments
#407 - Error validating CycloneDX format in version 1.6
Issue -
State: open - Opened by simonfrancaix 10 months ago
- 3 comments
#405 - Bump System.Security.Cryptography.Xml from 6.0.1 to 8.0.2
Pull Request -
State: open - Opened by dependabot[bot] 10 months ago
Labels: dependencies, .NET
#404 - Bump actions/checkout from 3.1.0 to 4.2.1
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#403 - Unable to Validate CycloneDX Format Versions 1.5 and 1.6 with ModelCard and Data Elements
Issue -
State: open - Opened by cbsMartin 10 months ago
- 1 comment
#402 - Bump actions/checkout from 3.1.0 to 4.2.0
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#401 - Support CycloneDX v1.6
Pull Request -
State: closed - Opened by andreas-hilti 11 months ago
#400 - Bump CycloneDX-Library to version 8.0.0
Pull Request -
State: closed - Opened by mtsfoni 11 months ago
#399 - Merge does not deduplicate components with differing bom-ref
Issue -
State: open - Opened by wkoot 11 months ago
- 1 comment
#398 - Regression: 'cyclonedx-cli convert' fails to convert an xml to json that is declared as valid by 'cyclonedx-cli validate', worked with 0.25.1
Issue -
State: open - Opened by schlenk 11 months ago
- 2 comments
#397 - Add OCI image annotation, sbom, provenance to docker images
Pull Request -
State: open - Opened by candrews 12 months ago
#396 - Introduce "cyclonedx rename-entity" command (bis)
Pull Request -
State: open - Opened by jimklimov 12 months ago
- 1 comment
#395 - Bump actions/checkout from 3.1.0 to 4.1.7
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, github_actions
#394 - Bump actions/setup-dotnet from 3.0.2 to 4.0.1
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, github_actions
#393 - Bump dotnet/runtime-deps from 6.0 to 8.0
Pull Request -
State: open - Opened by dependabot[bot] 12 months ago
Labels: dependencies, docker
#392 - Bump System.Security.Cryptography.Xml from 6.0.1 to 8.0.1
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, .NET
#391 - Bump CsvHelper from 29.0.0 to 33.0.1
Pull Request -
State: open - Opened by dependabot[bot] 12 months ago
Labels: dependencies, .NET
#390 - Bump coverlet.collector from 3.1.2 to 6.0.2
Pull Request -
State: open - Opened by dependabot[bot] 12 months ago
Labels: dependencies, .NET
#389 - Bump Snapshooter.Xunit from 0.7.1 to 0.14.1
Pull Request -
State: open - Opened by dependabot[bot] 12 months ago
Labels: dependencies, .NET
#388 - Add output version argument to merge command
Pull Request -
State: closed - Opened by mtsfoni 12 months ago
#387 - Update snapshots
Pull Request -
State: closed - Opened by andreas-hilti 12 months ago
#386 - chore: bump CycloneDX Library to 7.1.0
Pull Request -
State: closed - Opened by mtsfoni 12 months ago
- 3 comments
#385 - SBOM conversion issue.
Issue -
State: open - Opened by mbower10 12 months ago
- 1 comment
#384 - `cyclonedx` does not know about all SPDX license IDs
Issue -
State: closed - Opened by tmuehlbacher about 1 year ago
- 2 comments
#383 - `cyclonedx convert` causes `cyclonedx validate` to fail
Issue -
State: closed - Opened by tmuehlbacher about 1 year ago
- 2 comments
#382 - Help is in the wrong order?
Issue -
State: open - Opened by Gilesey about 1 year ago
- 1 comment
#381 - converting issues
Issue -
State: open - Opened by AJquetta about 1 year ago
- 10 comments
#380 - Using diff command always produces empty output even if there are changes in SBOM's provided as inputs.
Issue -
State: open - Opened by bharathkolanda about 1 year ago
- 3 comments
#379 - How to sign a SBOM which is in xml format facing this issue
Issue -
State: open - Opened by itmanju about 1 year ago
- 1 comment
#378 - How to run cyclonedx-cli
Issue -
State: open - Opened by spnzig about 1 year ago
- 3 comments
#377 - Merging vcpkg created sboms
Issue -
State: closed - Opened by KUGA2 about 1 year ago
- 5 comments
#376 - cyclonedx merge command does not support v1.6 format
Issue -
State: open - Opened by ferben about 1 year ago
- 7 comments
#375 - Support for CycloneDX schema version 1.6
Issue -
State: open - Opened by V3ct0r-v about 1 year ago
- 7 comments
#374 - Cyclonedx win x64 startup crash
Issue -
State: closed - Opened by wujunhuge about 1 year ago
- 2 comments
#373 - Converting spdx (obtained via docker-scout) to cyclonedx results in empty file
Issue -
State: open - Opened by ghost about 1 year ago
- 2 comments
#372 - Validation failure: Invalid CycloneDX JSON generated for specific images like "monetdb/monetdb:Jun2023-SP1" and "redis"
Issue -
State: closed - Opened by Parisha7 about 1 year ago
- 1 comment
#371 - cyclonedx-cli merge Command Produces SBOM with Null Values for Tools
Issue -
State: closed - Opened by anubhav-tyagi1 about 1 year ago
- 1 comment
#370 - Unable to convert from Github Generated SPDX to CycloneDX
Issue -
State: open - Opened by bhafner13 about 1 year ago
- 4 comments
#369 - Bump CDX library to 7.0.0
Pull Request -
State: closed - Opened by nodeax about 1 year ago
- 1 comment
#368 - Tests on MacOS fail due issue with snapshooter
Issue -
State: open - Opened by andreas-hilti about 1 year ago
#367 - Fix build
Pull Request -
State: closed - Opened by andreas-hilti about 1 year ago
- 1 comment
#366 - Add output version argument to merge command
Pull Request -
State: closed - Opened by andreas-hilti about 1 year ago
- 1 comment
#365 - Component type null causing validation error
Issue -
State: closed - Opened by DudusB over 1 year ago
- 1 comment
#364 - Bug in merging json SBOMs with empty component lists
Issue -
State: open - Opened by Taha-cmd over 1 year ago
- 3 comments
#363 - Invalid sbom json
Issue -
State: closed - Opened by ObraztsovOleg over 1 year ago
- 3 comments
#362 - We are searching for additional .NET-maintainer!
Issue -
State: open - Opened by jasonparallel over 1 year ago
- 7 comments
#361 - Conversion creates invalid SPDX JSON
Issue -
State: open - Opened by vargenau over 1 year ago
- 3 comments
#360 - Converting json SBOM to xml produces invalid SBOM when there is a component with multiple licenses
Issue -
State: closed - Opened by Taha-cmd over 1 year ago
- 3 comments
#359 - Produces invalid SBOM file when CVSSv31 method is used in input
Issue -
State: closed - Opened by lazka over 1 year ago
- 3 comments
#358 - Incorrect Purl element instead of purl in evidence section
Issue -
State: closed - Opened by dominikdesmit over 1 year ago
- 2 comments
#357 - Shows inccorect licesnse Id for "TTWL"
Issue -
State: closed - Opened by boravinod145 over 1 year ago
- 2 comments
#356 - Merging SBOMs doesn’t get rid of duplicates
Issue -
State: open - Opened by yaourabi over 1 year ago
- 6 comments
#355 - Overwrite existing files when a new SBOM is saved
Pull Request -
State: closed - Opened by trilleplay over 1 year ago
- 1 comment
#354 - Take care of "special" spdx metadata when converting from spdx to cyclonedx
Issue -
State: open - Opened by savek-cc over 1 year ago
- 1 comment
#353 - Merge command - inconsistent dependencies tree with/without name or version parameters
Issue -
State: open - Opened by Prochy over 1 year ago
#352 - Fix the tool metadata
Pull Request -
State: closed - Opened by andreas-hilti over 1 year ago
- 2 comments
#351 - When I Upload this BOM Ver 1.5 it is not getting parse in Depedency-track V 4.9.1
Issue -
State: closed - Opened by Linish2020 over 1 year ago
- 1 comment
#350 - Fix typo in Readme
Pull Request -
State: closed - Opened by apupier over 1 year ago
#349 - cyclonedx merge defaults to specVersion 1.5 even when merging two v1.4 files
Issue -
State: closed - Opened by aja08379 over 1 year ago
- 6 comments
#348 - Can't get --exclude to work
Issue -
State: open - Opened by sphengle almost 2 years ago
- 1 comment
#347 - Missing version numbers
Issue -
State: open - Opened by sphengle almost 2 years ago
- 1 comment
#346 - Introduce "cyclonedx rename-entity" command
Pull Request -
State: closed - Opened by jimklimov almost 2 years ago
- 4 comments
#344 - Vadation failure: The value 'Kazlib' is invalid according to its datatype 'http://cyclonedx.org/schema/spdx:licenseId'
Issue -
State: closed - Opened by DavidJuanes almost 2 years ago
- 4 comments
#341 - ✏️ Change docs for cyclonedx 1.5 version update
Pull Request -
State: closed - Opened by leec94 almost 2 years ago
- 1 comment
#339 - False Validation of Syft/Grype SBOM
Issue -
State: open - Opened by pkiesslingsonatype almost 2 years ago
- 5 comments
#334 - MergeCommand.cs: ensure a timestamp and use new cyclonedx-dotnet-library features…
Pull Request -
State: open - Opened by jimklimov almost 2 years ago
#332 - Update example.csv
Pull Request -
State: closed - Opened by khadersaad almost 2 years ago
- 3 comments
#329 - When outputting to existing file, it is not truncated
Issue -
State: closed - Opened by jimklimov about 2 years ago
- 1 comment
#326 - Merged SBOMs contain duplicates
Issue -
State: open - Opened by alexthemark about 2 years ago
- 6 comments
#324 - Spec 1.5 is not supported
Issue -
State: closed - Opened by andreycha about 2 years ago
- 11 comments
#322 - When converting cyclonedx xml to json and a dependency has multiple licenses, only the first license is taken into account
Issue -
State: closed - Opened by mawl about 2 years ago
- 2 comments
#318 - Feature request --ignore-symlinks for add files
Issue -
State: open - Opened by DavidLambertCyber over 2 years ago
#317 - Improve JSON validation
Pull Request -
State: closed - Opened by andreas-hilti over 2 years ago
- 1 comment
#316 - referenceCategory error converting from SPDX to CycloneDX
Issue -
State: open - Opened by beltran-rubo over 2 years ago
- 10 comments
#315 - Fix truncating pre-existing output file when overwritten
Pull Request -
State: closed - Opened by andreas-hilti over 2 years ago
- 2 comments
#314 - cylconedx diff two json files error
Issue -
State: open - Opened by RicardoAReyes over 2 years ago
- 1 comment
#313 - Binaries do not have published hashsums
Issue -
State: open - Opened by Andrew-Russell-fingo over 2 years ago
- 1 comment
#312 - cyclonedx-cli binaries are unsigned
Issue -
State: open - Opened by Andrew-Russell-fingo over 2 years ago
#311 - Lots of missing metadata required by EO 14028
Issue -
State: closed - Opened by sej7278 over 2 years ago
- 2 comments
#310 - Documention: Hierarchical merge metadata requirement
Issue -
State: open - Opened by robertlagrant over 2 years ago
- 5 comments