cyclonedx-ruby

Release 1.1.0

CycloneDX is a lightweight software bill-of-material (SBOM) specification designed for use in application security contexts and supply chain component analysis. This Gem generates CycloneDX BOMs from Ruby projects.

Homepage Rubygems Ruby Documentation Download

Keywords
bill-of-materials, bom, bundler, cyclonedx, gem, mbom, obom, owasp, package-url, purl, ruby, saasbom, sbom, sbom-generator, software-bill-of-materials, spdx, vex
License
Apache-2.0
Install
gem install cyclonedx-ruby -v 1.1.0

Documentation

Build Status Gem Version License Website Slack Invite Group Discussion Twitter

CycloneDX Ruby Gem

The CycloneDX Ruby Gem creates a valid CycloneDX Software Bill of Materials (SBOM) from all project dependencies. CycloneDX is a lightweight SBOM specification that is easily created, human readable, and simple to parse.

Installing from RubyGems

gem install cyclonedx-ruby

Building and Installing From Source

gem build cyclonedx-ruby.gemspec
gem install cyclonedx-ruby-x.x.x.gem

Usage

cyclonedx-ruby [options]

`-v, --[no-]verbose` Run verbosely
`-p, --path path` Path to Ruby project directory
`-f, --format` Bom output format
`-h, --help` Show help message

Output: bom.xml or bom.json file in project directory

Example

cyclonedx-ruby -p /path/to/ruby/project

Copyright & License

CycloneDX Ruby Gem is Copyright (c) OWASP Foundation. All Rights Reserved.

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.

Stats

Dependencies
4
Dependent packages
3
Dependent repositories
0
Total releases
1
Latest release
First release
Stars
18
Forks
18
Watchers
5
Contributors
10
Repository size
85.9 KB
SourceRank
9

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

1.1.0

Maintainers

sspringett

Contributors

Steve Springett M. Scott Ford jkobti Sören Sprößig josephkobti Jeffrey Zhang Chris Sansone jkbuster Patrick Dwyer Ryan Cammer


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2019-07-17 15:09:38 UTC

Login to resync this project