The CycloneDX core module provides a model representation of the BOM along with utilities to assist in creating, validating, and parsing BOMs. CycloneDX is a lightweight BoM specification that is easily created, human readable, and simple to parse. The resulting bom.xml can be used with tools such as OWASP Dependency-Track for the continuous analysis of components.
<dependency>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-core-java</artifactId>
<version>2.1.1</version>
</dependency>
CycloneDX Core (Java) is Copyright (c) Steve Springett. All Rights Reserved.
Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.