Modelling

You can create a BOM Model from either a cyclonedx.parser instance or manually using the methods available directly on the cyclonedx.model.bom.Bom class.

Vulnerabilities are supported by the Model as of version 0.3.0.

Note: Known vulnerabilities associated with Components can be sourced from various data sources, but this library will not source them for you. Perhaps look at Jake if you’re interested in this.

Example BOM using a Parser

Note: Concreate parser implementations were moved out of this library and into CycloneDX Python as of version 1.0.0.

from cyclonedx.model.bom import Bom
from cyclonedx_py.parser.environment import EnvironmentParser

parser = EnvironmentParser()
bom = Bom.from_parser(parser=parser)

Example BOM created programmatically

Note

It is recommended that you have a good understanding of the CycloneDX Schema before attempting to create a BOM programmatically with this library.

For the most up-to-date in-depth examples, look at our Unit Tests.