DevExpress
diff --git a/‎.github/workflows/build_all.yml‎
Lines changed: 25 additions & 1 deletion b/‎.github/workflows/build_all.yml‎
Lines changed: 25 additions & 1 deletion
diff --git a/‎.github/workflows/packages_publishing.yml‎
Lines changed: 7 additions & 0 deletions b/‎.github/workflows/packages_publishing.yml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎packages/sbom/.npmrc‎
Lines changed: 1 addition & 0 deletions b/‎packages/sbom/.npmrc‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎packages/sbom/package.json‎
Lines changed: 9 additions & 0 deletions b/‎packages/sbom/package.json‎
Lines changed: 9 additions & 0 deletions
@@ -6,6 +6,13 @@ on:
       - 'apps/**/*.md'
   push:
     branches: [25_2]
+  workflow_dispatch:
+    inputs:
+      SBOM:
+        description: 'Build SBOM'
+        required: false
+        default: false
+        type: boolean
 
 jobs:
   build:
@@ -45,14 +52,31 @@ jobs:
       - name: Build npm packages
         run: pnpm run all:build
 
-      - name: Copy build artifacts
+      - name: Upload build artifacts
         uses: actions/upload-artifact@v4
         with:
           name: devextreme-npm-packages
           path: |
             artifacts/npm/*.tgz
           retention-days: 1
 
+      - name: Build SBOMs
+        if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }}
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN";
+          pnpm nx build sbom;
+
+      - name: Upload SBOM artifacts
+        if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: sbom
+          path: |
+            packages/sbom/dist/**/*
+          retention-days: 1
+
   custom_bundles:
     runs-on: devextreme-shr2
     needs: build
 
@@ -86,6 +86,13 @@ jobs:
           mkdir -p ./artifacts/deps-scanner
           cp reportGithub.json ./artifacts/deps-scanner/
 
+      - name: Build SBOMs
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN";
+          pnpm nx build sbom;
+
       - name: Build artifacts package
         run: npx ts-node tools/scripts/make-artifacts-package
 
 
@@ -0,0 +1 @@
+@devexpress:registry=https://npm.pkg.github.com
@@ -0,0 +1,9 @@
+{
+  "name": "sbom",
+  "version": "25.2.2",
+  "private": true,
+  "devDependencies": {
+    "@devexpress/sbom-toolkit": "0.2.0"
+  },
+  "packageManager": "[email protected]"
+}
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+@devexpress:registry=https://npm.pkg.github.com`