Modelling
You can create a BOM Model from either a cyclonedx.parser
instance or manually using the methods available
directly on the cyclonedx.model.bom.Bom
class.
Vulnerabilities are supported by the Model as of version 0.3.0.
Note: Known vulnerabilities associated with Components can be sourced from various data sources, but this library will not source them for you. Perhaps look at Jake if you’re interested in this.
Examples
From a Parser
from cyclonedx.model.bom import Bom
from cyclonedx.parser.environment import EnvironmentParser
parser = EnvironmentParser()
bom = Bom.from_parser(parser=parser)