Skip to content

README.md

Latest commit

 

History

History
56 lines (38 loc) · 1.5 KB

README.md

File metadata and controls

56 lines (38 loc) · 1.5 KB

Note

This GitHub Action is considered deprecated.
Instead, you may use the underlying tool directly: cyclonedx-bom

- name: Install SBOM tool
  run: pipx install cyclonedx-bom
- name: Create SBOM step
  # see for usage: https://pypi.org/project/cyclonedx-bom/
  run: cyclonedx-py --help

GitHub action to generate a CycloneDX SBOM for Python

Website Slack Invite Group Discussion Twitter

Inputs

input

The path to a pip requirements file, default is "./requirements.txt"

Be sure to quote paths with spaces.

output

Output filename, default is "./bom.xml"

Be sure to quote paths with spaces.

format

Output format, one of "json"/"xml", default is "xml"

Example usage

- name: Generate Python SBOM
  uses: CycloneDX/gh-python-generate-sbom@v2
  with:
    input: ./requirements.txt
    output: ./bom.json
    format: json

Internals

This GitHub ation depends on cyclonedx-bom>=1.4.0,<4. See cyclonedx-bom on PyPI.