Skip to content

Commit 5db7ed0

Browse files
IlyaKhDIlyaKhD
authored
Update to sbom-toolkit v0.3.0 (#31993)
1 parent 3179e2b commit 5db7ed0

File tree

4 files changed

+82
-77
lines changed

4 files changed

+82
-77
lines changed

packages/sbom/README.md

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
# SBOM Generator
2+
3+
Generates Software Bill of Materials (SBOM) files in CycloneDX format for DevExtreme packages.
4+
5+
## Prerequisites
6+
7+
- GitHub personal access token (classic) with package read permissions ([GitHub Packages authentication guide](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry#authenticating-with-a-personal-access-token))
8+
9+
## Usage
10+
11+
### Build SBOM for All Public Packages
12+
13+
```shell
14+
pnpm nx build sbom
15+
```
16+
17+
Generates SBOM files for all public packages:
18+
- `devextreme`
19+
- `devextreme-react`
20+
- `devextreme-angular`
21+
- `devextreme-vue`
22+
- `devextreme-themebuilder`
23+
24+
**Output:** `dist/*.sbom.json`
25+
26+
### Generate SBOM for Specific Package (development)
27+
28+
```shell
29+
pnpm nx make sbom <package-name> [--debug]
30+
```
31+
32+
Generates SBOM for a single package. Use `--debug` to preserve the raw output from [cdxgen](https://github.com/cdxgen/cdxgen).
33+
34+
**Example:**
35+
36+
```shell
37+
pnpm nx make sbom devextreme --debug
38+
```
39+
40+
## Notes
41+
42+
- This workspace operates as an isolated pnpm workspace due to GitHub Packages access constraints and requires separate `pnpm install` or `pnpm add` commands
43+
- Dependencies are installed automatically before each build via the `install-dependencies` target
44+
- The `devextreme-dist.sbom.json` file is identical to `devextreme.sbom.json`

packages/sbom/package.json

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,13 @@
33
"version": "25.2.3",
44
"private": true,
55
"devDependencies": {
6-
"@devexpress/sbom-toolkit": "0.2.0"
6+
"@devexpress/sbom-toolkit": "0.3.0"
77
},
8-
"packageManager": "[email protected]"
8+
"packageManager": "[email protected]",
9+
"pnpm": {
10+
"overrides": {
11+
"body-parser@>=2.2.0 <2.2.1": ">=2.2.1",
12+
"jws@=4.0.0": ">=4.0.1"
13+
}
14+
}
915
}

packages/sbom/pnpm-lock.yaml

Lines changed: 18 additions & 14 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/sbom/project.json

Lines changed: 12 additions & 61 deletions
Original file line numberDiff line numberDiff line change
@@ -2,34 +2,6 @@
22
"name": "sbom",
33
"projectType": "library",
44
"targets": {
5-
"build": {
6-
"executor": "nx:noop",
7-
"dependsOn": [
8-
"install-dependencies",
9-
"make-devextreme-sbom",
10-
"make-devextreme-dist-sbom",
11-
"make-devextreme-react-sbom",
12-
"make-devextreme-angular-sbom",
13-
"make-devextreme-vue-sbom"
14-
],
15-
"cache": false
16-
},
17-
"prepare": {
18-
"dependsOn": [
19-
"install-dependencies",
20-
"clean"
21-
],
22-
"executor": "nx:noop",
23-
"cache": false
24-
},
25-
"clean": {
26-
"executor": "nx:run-commands",
27-
"options": {
28-
"cwd": "{projectRoot}",
29-
"command": "rm -rf dist/"
30-
},
31-
"cache": false
32-
},
335
"install-dependencies": {
346
"executor": "nx:run-commands",
357
"options": {
@@ -38,48 +10,27 @@
3810
},
3911
"cache": false
4012
},
41-
"make-devextreme-sbom": {
42-
"dependsOn": ["prepare"],
43-
"executor": "nx:run-commands",
44-
"options": {
45-
"cwd": "{projectRoot}",
46-
"command": "pnpm dx-make-sbom ../../ dist/ devextreme"
47-
},
48-
"cache": false
49-
},
50-
"make-devextreme-dist-sbom": {
51-
"dependsOn": ["prepare", "make-devextreme-sbom"],
52-
"executor": "nx:run-commands",
53-
"options": {
54-
"cwd": "{projectRoot}",
55-
"command": "cp dist/devextreme.sbom.json dist/devextreme-dist.sbom.json"
56-
},
57-
"cache": false
58-
},
59-
"make-devextreme-react-sbom": {
60-
"dependsOn": ["prepare"],
61-
"executor": "nx:run-commands",
62-
"options": {
63-
"cwd": "{projectRoot}",
64-
"command": "pnpm dx-make-sbom ../../ dist/ devextreme-react"
65-
},
66-
"cache": false
67-
},
68-
"make-devextreme-angular-sbom": {
69-
"dependsOn": ["prepare"],
13+
"build": {
7014
"executor": "nx:run-commands",
15+
"dependsOn": ["install-dependencies"],
7116
"options": {
7217
"cwd": "{projectRoot}",
73-
"command": "pnpm dx-make-sbom ../../ dist/ devextreme-angular"
18+
"parallel": false,
19+
"commands": [
20+
"rm -rf dist/",
21+
"pnpm dx-make-sbom ../../ dist/ devextreme,devextreme-react,devextreme-angular,devextreme-vue,devextreme-themebuilder",
22+
"cp dist/devextreme.sbom.json dist/devextreme-dist.sbom.json"
23+
]
7424
},
7525
"cache": false
7626
},
77-
"make-devextreme-vue-sbom": {
78-
"dependsOn": ["prepare"],
27+
"make": {
7928
"executor": "nx:run-commands",
29+
"dependsOn": ["install-dependencies"],
8030
"options": {
8131
"cwd": "{projectRoot}",
82-
"command": "pnpm dx-make-sbom ../../ dist/ devextreme-vue"
32+
"parallel": false,
33+
"commands": ["pnpm dx-make-sbom ../../ dist/"]
8334
},
8435
"cache": false
8536
}

0 commit comments

Comments
 (0)