search

CycloneDX / cyclonedx-go

Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)
https://cyclonedx.org/
Apache License 2.0
79 stars 32 forks source link

Import Cycle Not Allowed #132

Open asponzan opened 10 months ago

asponzan commented 10 months ago

I'm new to Golang so I may have missed or messed up but I'm recieving a import cycle not allowed error when trying to use this packge with the decode example

Error I'm receiving: 

package command-line-arguments
        imports github.com/CycloneDX/cyclonedx-go
        imports github.com/CycloneDX/cyclonedx-go: import cycle not allowed
// main.go
package main

import (
    "fmt"
    "net/http"

    cdx "github.com/CycloneDX/cyclonedx-go"
)

func main() {
    // Acquire a BOM (e.g. by downloading it)
    res, err := http.Get("https://github.com/DependencyTrack/dependency-track/releases/download/4.1.0/bom.json")
    if err != nil {
        panic(err)
    }
    defer res.Body.Close()

    // Decode the BOM
    bom := new(cdx.BOM)
    decoder := cdx.NewBOMDecoder(res.Body, cdx.BOMFileFormatJSON)
    if err = decoder.Decode(bom); err != nil {
        panic(err)
    }

    fmt.Printf("Successfully decoded BOM of %s\n", bom.Metadata.Component.PackageURL)
    fmt.Printf("- Generated: %s with %s\n", bom.Metadata.Timestamp, (*bom.Metadata.Tools.Tools)[0].Name)
    fmt.Printf("- Components: %d\n", len(*bom.Components))

}
//go.mod
module github.com/CycloneDX/cyclonedx-go

go 1.21.6
jamietanna commented 7 months ago

Your go.mod shouldn't be set to github.com/CycloneDX/cyclonedx-go as you want to be able to pull this library from it

I.e rename it to module example or module gitlab.com/path/to/your/repo and try again