Metadata-Version: 2.4
Name: cyclonedx-editor-validator
Version: 0.30.12
Summary: Tool for creating, modifying and validating CycloneDX SBOMs.
Project-URL: Documentation, https://festo-se.github.io/cyclonedx-editor-validator/
Project-URL: Repository, https://github.com/Festo-se/cyclonedx-editor-validator/
Project-URL: Issues, https://github.com/Festo-se/cyclonedx-editor-validator/issues
Project-URL: Changelog, https://github.com/Festo-se/cyclonedx-editor-validator/releases
Author-email: Aleg Vilinski <aleg.vilinski@festo.com>, Christian Beck <christian.beck@festo.com>, Moritz Marseu <moritz.marseu@festo.com>
License-Expression: GPL-3.0-or-later
License-File: LICENSE
License-File: NOTICE
Requires-Python: <4,>=3.10.0
Requires-Dist: charset-normalizer<4,>=3.3.2
Requires-Dist: cyclonedx-python-lib==11.7.0
Requires-Dist: docstring-parser<0.19,>=0.16
Requires-Dist: email-validator==2.3.0
Requires-Dist: jsonschema[format]==4.26.0
Requires-Dist: natsort<9,>=8.4.0
Requires-Dist: pyicu<3,>=2.13.1; sys_platform == 'darwin'
Requires-Dist: pyicu<3,>=2.13.1; sys_platform == 'linux'
Requires-Dist: python-dateutil==2.9.0.post0
Requires-Dist: univers==32.0.1
Description-Content-Type: text/markdown


[![build and test](https://github.com/Festo-se/cyclonedx-editor-validator/actions/workflows/main.yml/badge.svg)](https://github.com/Festo-se/cyclonedx-editor-validator/actions/workflows/main.yml)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/Festo-se/cyclonedx-editor-validator/badge)](https://scorecard.dev/viewer/?uri=github.com/Festo-se/cyclonedx-editor-validator)
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/10485/badge)](https://www.bestpractices.dev/projects/10485)
[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
[![Checked with mypy](http://www.mypy-lang.org/static/mypy_badge.svg)](http://mypy-lang.org/)
[![Static Badge](https://img.shields.io/badge/CycloneDX-v1.2%2C1.3%2C1.4%2C1.5%2C1.6-blue?link=https%3A%2F%2Fcyclonedx.org%2Fdocs%2F1.6%2Fjson%2F%23)](https://cyclonedx.org/docs/1.6/json/)

# CycloneDX Editor/Validator

This command-line tool performs various actions on [CycloneDX](https://cyclonedx.org/) SBOMs. It allows you to modify, merge and validate your Software Bill of Materials (SBOM).

The tool is built with automation in mind, i.e. usage within CI/CD. We try to be as scriptable as possible with various command-line flags, avoiding interactive prompts, providing multiple output options and fine-grained exit codes.

## Command overview

|   Command | Description |
| :-- | :-- |
| [amend](https://festo-se.github.io/cyclonedx-editor-validator/usage/amend.html) | Accepts a single input file and will apply one or multiple *operations* to it. Each operation modifies certain aspects of the SBOM. These modifications cannot be targeted at individual components in the SBOM which sets the *amend* command apart from [*set*](https://festo-se.github.io/cyclonedx-editor-validator/usage/set.html). Its use-case is ensuring an SBOM fulfils certain requirements in an automated fashion. |
| [build-public](https://festo-se.github.io/cyclonedx-editor-validator/usage/build-public.html) | Creates a redacted version of an SBOM fit for publication. |
| [init-sbom](https://festo-se.github.io/cyclonedx-editor-validator/usage/init-sbom.html) | Provides a first draft of an SBOM for manual completion. |
| [list](https://festo-se.github.io/cyclonedx-editor-validator/usage/list.html) | Lists content of the SBOM. |
| [merge](https://festo-se.github.io/cyclonedx-editor-validator/usage/merge.html) | Merges two or more CycloneDX documents into one. |
| [set](https://festo-se.github.io/cyclonedx-editor-validator/usage/set.html) | Sets properties on specified components to specified values. If a component in an SBOM is missing a particular property or the property is present but has a wrong value, this command can be used to modify just the affected properties without changing the rest of the SBOM. |
| [validate](https://festo-se.github.io/cyclonedx-editor-validator/usage/validate.html) | Validate the SBOM against a built-in or user-provided JSON schema. |
| [vex](https://festo-se.github.io/cyclonedx-editor-validator/usage/vex.html) | Apply different operations on VEX-files. |

## Installation and usage

This tool is published on [PyPi](https://pypi.org/project/cyclonedx-editor-validator/).

For detailed installation and usage guides, please refer to our [official documentation](https://festo-se.github.io/cyclonedx-editor-validator).

## Contributing

See our [contribution guidelines](https://festo-se.github.io/cyclonedx-editor-validator/CONTRIBUTING).

## License

This software is made available under the GNU General Public License v3 (GPL-3.0-or-later).
