Support for CycloneDX schema version 1.6 #375

V3ct0r-v · 2024-06-26T13:43:41Z

currently the tool support schema 1.4 only:

Validating JSON BOM... Incorrect schema version: expected 1.4 actual 1.6 BOM is not valid.

Is there a timeline for schema version 1.6 support?

The text was updated successfully, but these errors were encountered:

mtsfoni · 2024-06-26T15:41:19Z

1.5 is supported.

1.6 might still take some weeks.

V3ct0r-v · 2024-06-26T15:54:19Z

Thank you for the info!

Although, I tested with a 1.5 formatted SBOM but got the same error message:

Validating JSON BOM...
Incorrect schema version: expected 1.4 actual 1.5
BOM is not valid.

version of the exe I am using:

.\cyclonedx-win-x64.exe --version | out-default
0.25.1+03b8019b24e847b6fdc91822eae2e9a220d525fa

mtsfoni · 2024-06-26T16:16:24Z

Is it possible to provide the sbom? I would step through the code and check what's going wrong then.

ferben · 2024-06-26T18:48:08Z

cyclonedx merge command does not support 1.6 format see #376

GalaxyGorilla · 2024-09-06T09:37:19Z

Is there any update on a future release with the schema support? We really want to use attestations in a project :).

Maybe @mtsfoni knows?

mtsfoni · 2024-09-06T09:43:14Z

We are close, mostly some clean up work is left.

This or next weekend.

mtsfoni · 2024-09-16T19:59:59Z

V3ct0r-v changed the title ~~Support for CycloneDX schema version 1,6~~ Support for CycloneDX schema version 1.6 Jun 26, 2024

wkoot mentioned this issue Sep 9, 2024

Support cdx 1.6 CycloneDX/cyclonedx-dotnet-library#284

Closed

5 tasks

Provide feedback