https://github.com/cyclonedx/gh-php-composer-generate-sbom

GitHub action to generate a CycloneDX SBOM for PHP Composer
https://github.com/cyclonedx/gh-php-composer-generate-sbom

bill-of-materials bom cyclonedx github-action owasp php php-composer sbom sbom-generator software-bill-of-materials

Last synced: 7 days ago
JSON representation

GitHub action to generate a CycloneDX SBOM for PHP Composer

• Host: GitHub
• URL: https://github.com/cyclonedx/gh-php-composer-generate-sbom
• Owner: CycloneDX
• License: apache-2.0
• Created: 2020-07-13T13:02:10.000Z (almost 5 years ago)
• Default Branch: master
• Last Pushed: 2025-01-10T12:05:27.000Z (6 months ago)
• Last Synced: 2025-06-13T06:51:34.401Z (14 days ago)
• Topics: bill-of-materials, bom, cyclonedx, github-action, owasp, php, php-composer, sbom, sbom-generator, software-bill-of-materials
• Language: JavaScript
• Homepage:
• Size: 147 KB
• Stars: 0
• Watchers: 3
• Forks: 0
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
> [!NOTE]

> This GitHub Action is considered deprecated.  

> Instead, you may use the underlying tool directly: [cyclonedx/cyclonedx-php-composer](https://packagist.org/packages/cyclonedx/cyclonedx-php-composer)

>

> ```yaml

> # setup you PHP and composer first - here is an example:

> - name: Setup PHP

>   uses: shivammathur/setup-php@v2

>   with:

>     extensions: dom,json,libxml

>     tools: 'composer:v2'

> 

> - name: Install SBOM composer plugin 

>   run: |-

>     composer global config --no-plugins allow-plugins.cyclonedx/cyclonedx-php-composer true

>     composer global require cyclonedx/cyclonedx-php-composer

> - name: Create SBOM step

>   # see for usage: https://packagist.org/packages/cyclonedx/cyclonedx-php-composer

>   run: composer CycloneDX:make-sbom --help

> ```

----

# GitHub action to generate a CycloneDX SBOM for PHP Composer projects

[![Website](https://img.shields.io/badge/https://-cyclonedx.org-blue.svg)](https://cyclonedx.org/)

[![Slack Invite](https://img.shields.io/badge/Slack-Join-blue?logo=slack&labelColor=393939)](https://cyclonedx.org/slack/invite)

[![Group Discussion](https://img.shields.io/badge/discussion-groups.io-blue.svg)](https://groups.io/g/CycloneDX)

[![Twitter](https://img.shields.io/twitter/url/http/shields.io.svg?style=social&label=Follow)](https://twitter.com/CycloneDX_Spec)

## Example usage

```yaml

uses: CycloneDX/gh-php-composer-generate-sbom@v1

```

## Internals

This action utilizes `cyclonedx/cyclonedx-php-composer:<4`. See [`cyclonedx/cyclonedx-php-composer` on Packagist](https://packagist.org/packages/cyclonedx/cyclonedx-php-composer).