Skip to content

[WIP] CycloneDX v2.0 Specification #652

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
stevespringett wants to merge 103 commits into
base: master
Choose a base branch
from

Merge remote-tracking branch 'origin/2.0-dev' into 2.0-dev

522d5b7
Select commit
Loading
Failed to load commit list.
Draft

[WIP] CycloneDX v2.0 Specification #652

Merge remote-tracking branch 'origin/2.0-dev' into 2.0-dev
522d5b7
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Mar 31, 2026 in 3s

11 new alerts including 11 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 11 high

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 169 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 170 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 190 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 203 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 217 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 325 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 326 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 339 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 340 in tools/src/main/js/bundler/bundle-schemas.js

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Check failure on line 101 in tools/src/main/js/linter/checks/description-full-stop.check.js

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings starting with 'http://' and with many repetitions of 'http://'.

Check failure on line 101 in tools/src/main/js/linter/checks/description-full-stop.check.js

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings starting with '](' and with many repetitions of ']('.