Modelling
You can create a BOM Model from either a cyclonedx.parser
instance or manually using the methods available
directly on the cyclonedx.model.bom.Bom
class.
Vulnerabilities are supported by the Model as of version 0.3.0.
Note: Known vulnerabilities associated with Components can be sourced from various data sources, but this library will not source them for you. Perhaps look at Jake if you’re interested in this.
Example BOM using a Parser
Note: Concreate parser implementations were moved out of this library and into CycloneDX Python as of version
1.0.0
.
from cyclonedx.model.bom import Bom
from cyclonedx_py.parser.environment import EnvironmentParser
parser = EnvironmentParser()
bom = Bom.from_parser(parser=parser)
Example BOM created programmatically
Note
It is recommended that you have a good understanding of the CycloneDX Schema before attempting to create a BOM programmatically with this library.
For the most up-to-date in-depth examples, look at our Unit Tests.