|
@@ -279,6 +279,10 @@ def main():
|
|
|
default=sys.stdout)
|
|
default=sys.stdout)
|
|
|
parser.add_argument("--virtual", default=False, action='store_true',
|
|
parser.add_argument("--virtual", default=False, action='store_true',
|
|
|
help="This option includes virtual packages to the CycloneDX output")
|
|
help="This option includes virtual packages to the CycloneDX output")
|
|
|
|
|
+ parser.add_argument("--project-name", type=str, default="buildroot",
|
|
|
|
|
+ help="Specify the project name to use in the SBOM metadata (default:'buildroot')")
|
|
|
|
|
+ parser.add_argument("--project-version", type=str, default=f"{BR2_VERSION_FULL}",
|
|
|
|
|
+ help="Specify the project version to use in the SBOM metadata (default: builroot version)")
|
|
|
|
|
|
|
|
args = parser.parse_args()
|
|
args = parser.parse_args()
|
|
|
|
|
|
|
@@ -299,11 +303,27 @@ def main():
|
|
|
"specVersion": f"{CYCLONEDX_VERSION}",
|
|
"specVersion": f"{CYCLONEDX_VERSION}",
|
|
|
"metadata": {
|
|
"metadata": {
|
|
|
"component": {
|
|
"component": {
|
|
|
- "bom-ref": "buildroot",
|
|
|
|
|
- "name": "buildroot",
|
|
|
|
|
|
|
+ "bom-ref": args.project_name,
|
|
|
|
|
+ "name": args.project_name,
|
|
|
|
|
+ "version": args.project_version,
|
|
|
"type": "firmware",
|
|
"type": "firmware",
|
|
|
- "version": f"{BR2_VERSION_FULL}",
|
|
|
|
|
},
|
|
},
|
|
|
|
|
+ "tools": {
|
|
|
|
|
+ "components": [
|
|
|
|
|
+ {
|
|
|
|
|
+ "type": "application",
|
|
|
|
|
+ "name": "Buildroot generate-cyclonedx",
|
|
|
|
|
+ "version": f"{BR2_VERSION_FULL}",
|
|
|
|
|
+ "licenses": [
|
|
|
|
|
+ {
|
|
|
|
|
+ "license": {
|
|
|
|
|
+ "id": "GPL-2.0"
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ ]
|
|
|
|
|
+ }
|
|
|
|
|
+ ],
|
|
|
|
|
+ }
|
|
|
},
|
|
},
|
|
|
"components": [
|
|
"components": [
|
|
|
cyclonedx_component(name, comp) for name, comp in filtered_show_info_dict.items()
|
|
cyclonedx_component(name, comp) for name, comp in filtered_show_info_dict.items()
|
Fabien Lehoussel