APPSEC-2855: add generation of SBOMs to maven based Java projects

confluentinc / common

Common utilities library containing metrics, config and utils

Apache License 2.0

4 stars 243 forks source link

APPSEC-2855: add generation of SBOMs to maven based Java projects #544

Closed janjwerner-confluent closed 1 year ago

janjwerner-confluent commented 1 year ago

This PR adds the CycloneDX SBOM generator plugin to the list of build plugins. This addition allows us to automatically generate SBOMs during the build time. The SBOMs are stored in $project/target/bom.[json/xml]