55de32d925
- Add sbom/sbom.cdx.json generated via Syft - Add scripts/gen-sbom.sh for regenerating SBOM - Add sbom/README.md with disclaimer - Update .gitignore to track gen-sbom.sh
17 lines
379 B
Bash
Executable File
17 lines
379 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# Generate CycloneDX JSON SBOM using Syft
|
|
# Output: sbom.cdx.json in project root
|
|
|
|
cd "$(dirname "$0")/.."
|
|
|
|
if ! command -v syft &> /dev/null; then
|
|
echo "Error: syft is not installed. Install from https://github.com/anchore/syft" >&2
|
|
exit 1
|
|
fi
|
|
|
|
syft . -o cyclonedx-json=sbom/sbom.cdx.json
|
|
|
|
echo "SBOM generated: sbom/sbom.cdx.json"
|