Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add plugin for Swift Package Manager #217

Merged
merged 1 commit into from
Jul 26, 2021
Merged

Add plugin for Swift Package Manager #217

merged 1 commit into from
Jul 26, 2021

Conversation

mattt
Copy link
Contributor

@mattt mattt commented Jul 23, 2021
edited
Loading

This PR adds SBOM generation support for Swift Package Manager, a package manager for the Swift programming language.

To try this out, install Swift and run the following commands:

$ git clone https://github.com/apple/example-package-dealer.git path/to/example-package-dealer
$ swift build --package-path path/to/example-package-dealer
$ ARGS="--path path/to/example-package-dealer" make generate

bom-swift.spdx:

SPDXVersion: SPDX-2.2
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: dealer-2.0.0
DocumentNamespace: http://spdx.org/spdxpackages/dealer-2.0.0-71cfdcae-458d-4428-bc56-4a866f34f79e
Creator: Tool: spdx-sbom-generator-source-code
Created: 2021-07-26T17:27:02Z

##### Package representing the dealer

PackageName: dealer
SPDXID: SPDXRef-Package-dealer
PackageVersion: 2.0.0
PackageSupplier: NOASSERTION
PackageDownloadLocation: NOASSERTION
FilesAnalyzed: false
PackageChecksum: SHA1: 22e26b7ba613a2de93b0d0e906e31aed5b41e6a2

PackageHomePage: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageLicenseDeclared: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageLicenseComments: NOASSERTION
PackageComment: NOASSERTION

Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-Package-dealer 

##### Package representing the DeckOfPlayingCards

PackageName: DeckOfPlayingCards
SPDXID: SPDXRef-Package-DeckOfPlayingCards-3.0.4
PackageVersion: 3.0.4
PackageSupplier: NOASSERTION
PackageDownloadLocation: git+https://github.com/apple/example-package-deckofplayingcards.git
FilesAnalyzed: false
PackageChecksum: SHA1: 2c0e5ac3e10216151fc78ac1ec6bd9c2c0111a3a

PackageHomePage: https://github.com/apple/example-package-deckofplayingcards
PackageLicenseConcluded: NOASSERTION
PackageLicenseDeclared: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageLicenseComments: NOASSERTION
PackageComment: NOASSERTION

@mattt mattt marked this pull request as ready for review July 26, 2021 17:27
@niravpatel27 niravpatel27 merged commit b279b96 into opensbom-generator:main Jul 26, 2021
@mattt mattt deleted the swift branch July 26, 2021 18:55
@palaniraja palaniraja mentioned this pull request Sep 9, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@niravpatel27 niravpatel27 niravpatel27 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mattt @niravpatel27