The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction
<dependency>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-core-java</artifactId>
<version>9.0.4</version>
</dependency>The following table provides information on the version of this node module, the CycloneDX schema version supported, as well as the output format options. Use the latest possible version of this library that is the compatible with the CycloneDX version supported by the target system.
| Version | Schema Version | Format(s) |
|---|---|---|
| 9.x | CycloneDX v1.6 | XML/JSON |
| 8.x | CycloneDX v1.5 | XML/JSON |
| 7.x | CycloneDX v1.4 | XML/JSON |
| 6.x | CycloneDX v1.4 | XML/JSON |
| 5.x | CycloneDX v1.3 | XML/JSON |
| 4.x | CycloneDX v1.2 | XML/JSON |
| 3.x | CycloneDX v1.2 | XML/JSON |
| 2.x | CycloneDX v1.1 | XML |
| 1.x | CycloneDX v1.0 | XML |
The library API documentation can be viewed online at https://cyclonedx.github.io/cyclonedx-core-java/.
CycloneDX Core (Java) is Copyright (c) OWASP Foundation. All Rights Reserved.
Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the License file for the full license.