italvi
commented
5 months ago @cedricwritescode after discussing this internally, this should be the same use-case as described in #152. So in the future, we most probably will have this feature implemented, however this will not happen before summer, as we currently focus on other features like #146.
In the meantime you could take a look at the merge --hierarchical of the "official" CycloneDX CLI tool, so you don't have to create a solution on your own.
When merging multiple SBOMs with a main SBOM, there should be an option that automatically adds the
bom-refsof each metadata component from non-main SBOM files.This is helpful when the other SBOMs are actual dependencies of the main SBOM. Without this option I don't really understand the use case of the merge command.
feature_request.zip