@zakodium/sbom-tools

![NPM version](https://www.npmjs.com/package/@zakodium/sbom-tools)
![npm download](https://www.npmjs.com/package/@zakodium/sbom-tools)
![test coverage](https://codecov.io/gh/zakodium/sbom-tools)
![license](https://github.com/zakodium/sbom-tools/blob/main/LICENSE)

Tools to analyse CycloneDX SBOM files.

Installation

``console npm install @zakodium/sbom-tools`

`Usage`

`$3`

The tools expect a SBOM file in CycloneDX JSON format, version 1.6.

#### npm

See .

A compatible SBOM can be generated with:

`shell npx --package @cyclonedx/cyclonedx-npm cyclonedx-npm --omit=dev --spec-version=1.6 --gather-license-texts --output-reproducible --output-file=sbom.json`

#### Yarn

See

A compatible SBOM can be generated with:

`shell yarn dlx -q @cyclonedx/yarn-plugin-cyclonedx --production --spec-version=1.6 --gather-license-texts --output-reproducible --output-file=sbom.json``

License

MIT

@zakodium/sbom-tools

Tools to analyse CycloneDX SBOM files.

Installation

``console npm install @zakodium/sbom-tools`

`Usage`

`$3`

The tools expect a SBOM file in CycloneDX JSON format, version 1.6.

#### npm

See .

A compatible SBOM can be generated with:

`shell npx --package @cyclonedx/cyclonedx-npm cyclonedx-npm --omit=dev --spec-version=1.6 --gather-license-texts --output-reproducible --output-file=sbom.json`

#### Yarn

See

A compatible SBOM can be generated with:

`shell yarn dlx -q @cyclonedx/yarn-plugin-cyclonedx --production --spec-version=1.6 --gather-license-texts --output-reproducible --output-file=sbom.json``

License

MIT