{"id":18828639,"url":"https://github.com/dependencytrack/gh-upload-sbom","last_synced_at":"2025-10-12T14:12:40.166Z","repository":{"id":42499329,"uuid":"274174283","full_name":"DependencyTrack/gh-upload-sbom","owner":"DependencyTrack","description":"Publishes BOMs to Dependency-Track from GitHub Actions","archived":false,"fork":false,"pushed_at":"2024-10-07T15:52:27.000Z","size":127,"stargazers_count":52,"open_issues_count":7,"forks_count":28,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-30T01:12:20.327Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DependencyTrack.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-22T15:25:26.000Z","updated_at":"2025-03-26T15:35:41.000Z","dependencies_parsed_at":"2023-11-19T20:22:38.138Z","dependency_job_id":"be3165c0-0087-40e4-bc22-701d9f541856","html_url":"https://github.com/DependencyTrack/gh-upload-sbom","commit_stats":{"total_commits":36,"total_committers":13,"mean_commits":2.769230769230769,"dds":0.5833333333333333,"last_synced_commit":"48feab3080ff9e8f51f4d21861d9fc914eb744f5"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DependencyTrack%2Fgh-upload-sbom","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DependencyTrack%2Fgh-upload-sbom/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DependencyTrack%2Fgh-upload-sbom/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DependencyTrack%2Fgh-upload-sbom/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DependencyTrack","download_url":"https://codeload.github.com/DependencyTrack/gh-upload-sbom/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247423515,"owners_count":20936626,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T01:33:58.745Z","updated_at":"2025-10-12T14:12:35.140Z","avatar_url":"https://github.com/DependencyTrack.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Upload BOM to Dependency-Track action\n\nThis action uploads a software bill of materials file to a Dependency-Track server.\n\n## Inputs\n\n### `serverHostname`\n\n**Required** Dependency-Track hostname\n\n### `port`\n\nDefaults to `443`\n\n### `protocol`\n\nCan be `https` or `http`\n\nDefaults to `https`\n\n### `apiKey`\n\n**Required** Dependency-Track API key\n\n### `project`\n\n**Required, unless projectName and projectVersion are provided** Project uuid in Dependency-Track\n\n### `projectName`\n\n**Required, unless project is provided** Project name in Dependency-Track\n\n### `projectVersion`\n\n**Required, unless project is provided** Project version in Dependency-Track\n\n### `projectTags`\n\nComma-separated list of tags (available in DT v4.12 and later)\n\n### `autoCreate`\n\nAutomatically create project and version in Dependency-Track, default `false`\n\n### `bomFilename`\n\nPath and filename of the BOM, default `bom.xml`\n\n### `parent`\n\nParent project uuid in Dependency-Track (available in DT v4.8 and later)\n\n### `parentName`\n\n**parentVersion is also required** Parent project name in Dependency-Track (available in DT v4.8 and later)\n\n### `parentVersion`\n\n**parentName is also required** Parent project version in Dependency-Track (available in DT v4.8 and later)\n\n## Example usage\n\nWith project name and version:\n```yml\nuses: DependencyTrack/gh-upload-sbom@v3\nwith:\n  serverHostname: 'example.com'\n  apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }}\n  projectName: 'Example Project'\n  projectVersion: 'master'\n  bomFilename: \"/path/to/bom.xml\"\n  autoCreate: true\n```\n\nWith project name, version and tags:\n```yml\nuses: DependencyTrack/gh-upload-sbom@v3\nwith:\n  serverHostname: 'example.com'\n  apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }}\n  projectName: 'Example Project'\n  projectVersion: 'master'\n  projectTags: 'tag1,tag2'\n  bomFilename: \"/path/to/bom.xml\"\n  autoCreate: true\n```\n\nWith protocol, port and project name:\n```yml\nuses: DependencyTrack/gh-upload-sbom@v3\nwith:\n  protocol: ${{ secrets.DEPENDENCYTRACK_PROTOCOL }}\n  serverHostname: ${{ secrets.DEPENDENCYTRACK_HOSTNAME }}\n  port: ${{ secrets.DEPENDENCYTRACK_PORT }}\n  apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }}\n  projectName: 'Example Project'\n  projectVersion: 'master'\n  bomFilename: \"/path/to/bom.xml\"\n  autoCreate: true\n```\n\nWith project uuid:\n```yml\nuses: DependencyTrack/gh-upload-sbom@v3\nwith:\n  serverHostname: 'example.com'\n  apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }}\n  project: 'dadec8ad-7053-4e8c-8044-7b6ef698e08d'\n```\n\nWith protocol, port, project name and parent name:\n```yml\nuses: DependencyTrack/gh-upload-sbom@v3\nwith:\n  protocol: ${{ secrets.DEPENDENCYTRACK_PROTOCOL }}\n  serverHostname: ${{ secrets.DEPENDENCYTRACK_HOSTNAME }}\n  port: ${{ secrets.DEPENDENCYTRACK_PORT }}\n  apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }}\n  projectName: 'Example Project'\n  projectVersion: 'master'\n  bomFilename: \"/path/to/bom.xml\"\n  autoCreate: true\n  parentName: 'Example Parent'\n  parentVersion: 'master'\n```\n\nWith parent uuid:\n```yml\nuses: DependencyTrack/gh-upload-sbom@v3\nwith:\n  serverHostname: 'example.com'\n  apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }}\n  project: 'dadec8ad-7053-4e8c-8044-7b6ef698e08d'\n  parent: '6a5a3c33-3f8b-42ee-8d50-594bfd95dd32'\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdependencytrack%2Fgh-upload-sbom","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdependencytrack%2Fgh-upload-sbom","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdependencytrack%2Fgh-upload-sbom/lists"}