Closed VinodAnandan closed 2 years ago
@VinodAnandan Thank you for creating the PR, it works well and produces an SBOM for the aggregator POM. Before I proceed with merging, can you please sign Eclipse's contributor agreement?
@henrikplate I have signed Eclipse's contributor agreement
OWASP CycloneDX is a lightweight Software Bill of Materials (SBOM) standard designed to use in the application security contexts and supply chain component analysis. CycloneDX is an OWASP flagship project ( owasp.org/www-project-cyclonedx ). The Open Web Application Security Project is a non-profit foundation that works to improve the security of software. CycloneDX is already supported by many security vendors and projects ( cyclonedx.org/about/supporters ). It is also recommended in the Technology Radar Volume 26 ( thoughtworks.com/radar/platforms?blipid=202203034 )
More details about the plugin : https://github.com/CycloneDX/cyclonedx-maven-plugin#maven-usage