multiple project's modules sbom or pom files #1292
-
|
I use jenkins, the project is modular deployment, in the use of maven compile pom, DT will only generate sbom based on the parent pom file and commit, the pom of the submodule will not be committed, How to Consolidate multiple project's modules sbom or pom files into a single file commit to DT? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
|
The CycloneDX Maven plugin has a If your project isn't setup as a multi-module project, then you can merge boms using the CycloneDX CLI. |
Beta Was this translation helpful? Give feedback.
-
|
thanks |
Beta Was this translation helpful? Give feedback.
-
|
Use |
Beta Was this translation helpful? Give feedback.
The CycloneDX Maven plugin has a
makeAggregateBomgoal which can be executed on multi-module Maven projects. The result of themakeAggregateBomgoal will be individual boms for each module, as well as a bom containing the aggregate of all modules.If your project isn't setup as a multi-module project, then you can merge boms using the CycloneDX CLI.