https://github.com/cyclonedx/gh-dotnet-generate-sbom
GitHub action to generate a CycloneDX SBOM for .NET
https://github.com/cyclonedx/gh-dotnet-generate-sbom
bill-of-materials bom cyclonedx dotnet github-action owasp sbom sbom-generator software-bill-of-materials
Last synced: 25 days ago
JSON representation
GitHub action to generate a CycloneDX SBOM for .NET
- Host: GitHub
- URL: https://github.com/cyclonedx/gh-dotnet-generate-sbom
- Owner: CycloneDX
- License: apache-2.0
- Created: 2020-06-22T11:21:19.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2023-11-02T05:50:19.000Z (over 1 year ago)
- Last Synced: 2025-04-12T18:04:47.535Z (28 days ago)
- Topics: bill-of-materials, bom, cyclonedx, dotnet, github-action, owasp, sbom, sbom-generator, software-bill-of-materials
- Language: JavaScript
- Homepage:
- Size: 44.9 KB
- Stars: 10
- Watchers: 3
- Forks: 4
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://cyclonedx.org/)
[](https://cyclonedx.org/slack/invite)
[](https://groups.io/g/CycloneDX)
[](https://twitter.com/CycloneDX_Spec)
# GitHub action to generate a CycloneDX SBOM for .NET
## Inputs
### `path`
**Required** The path to a .sln, .csproj, .vbproj, or packages.config file or the path to a directory which will be recursively analyzed for packages.config files.
Be sure to quote paths with spaces.
### `out`
Output directory, default is "./"
Be sure to quote paths with spaces.
### `json`
Produce a JSON BOM instead of XML, set to any value instead of false.
### `github-bearer-token`
Optionally provide the GitHub action bearer token for license resolution (example below).
## Example usage
```
- name: Generate XML SBOM
uses: CycloneDX/gh-dotnet-generate-sbom@v1
with:
path: ./CycloneDX.sln
github-bearer-token: ${{ secrets.GITHUB_TOKEN }}
- name: Generate JSON SBOM
uses: CycloneDX/gh-dotnet-generate-sbom@master
with:
path: ./CycloneDX.sln
json: true
github-bearer-token: ${{ secrets.GITHUB_TOKEN }}
```