This is an automated email from the ASF dual-hosted git repository.
asf-gitbox-commits pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/ant-antlibs-cyclonedx.git
The following commit(s) were added to refs/heads/main by this push:
new 47b22af create SBOM for this antlib
47b22af is described below
commit 47b22af97f14b8c7ae40c84833345e900830690e
Author: Stefan Bodewig <[email protected]>
AuthorDate: Fri May 22 14:17:31 2026 +0200
create SBOM for this antlib
---
build.xml | 211 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
ivy.xml | 4 +-
2 files changed, 213 insertions(+), 2 deletions(-)
diff --git a/build.xml b/build.xml
index e50f595..cd10d31 100644
--- a/build.xml
+++ b/build.xml
@@ -28,5 +28,216 @@ under the License.
</copy>
</target>
+ <target name="define-cyclonedx-components" depends="antlib">
+ <typedef uri="antlib:org.apache.ant.cyclonedx"
+ resource="org/apache/ant/cyclonedx/antlib.xml">
+ <classpath>
+ <path refid="classpath.compile"/>
+ <pathelement location="${jarname}"/>
+ </classpath>
+ </typedef>
+ <!-- common definitions for SBOMs -->
+ <cdx:organization
+ name="Apache Ant Development Team"
+ id="ant-team"
+ xmlns:cdx="antlib:org.apache.ant.cyclonedx">
+ <url url="https://ant.apache.org/"/>
+ </cdx:organization>
+ <cdx:license
+ licenseId="Apache-2.0"
+ id="apache-2"
+ xmlns:cdx="antlib:org.apache.ant.cyclonedx">
+ <url url="https://www.apache.org/licenses/LICENSE-2.0.txt"/>
+ </cdx:license>
+ <cdx:externalreferenceset
+ id="ant-common-refs"
+ xmlns:cdx="antlib:org.apache.ant.cyclonedx">
+ <externalReference
+ type="LICENSE"
+ url="https://www.apache.org/licenses/LICENSE-2.0.txt"/>
+ <externalReference
+ type="MAILING_LIST"
+ url="https://ant.apache.org/mail.html"/>
+ <externalReference
+ type="SECURITY_CONTACT"
+ url="https://www.apache.org/security/"/>
+ </cdx:externalreferenceset>
+ <cdx:externalreferenceset
+ id="antlib-ext-refs"
+ xmlns:cdx="antlib:org.apache.ant.cyclonedx">
+ <externalReference
+ type="VCS"
+ url="https://github.com/apache/ant-antlibs-cyclonedx"/>
+ <externalReference
+ type="BUILD_SYSTEM"
+ url="https://ci-builds.apache.org/job/Ant/job/CycloneDX%20Antlib/"/>
+ <externalReference
+ type="ISSUE_TRACKER"
+
url="https://bz.apache.org/bugzilla/buglist.cgi?component=CycloneDX%20Antlib&product=Ant"/>
+ <externalReference
+ type="WEBSITE"
+ url="https://ant.apache.org/antlibs/cyclonedx/"/>
+ <externalReference
+ type="DISTRIBUTION"
+ url="https://ant.apache.org/antlibs/bindownload.cgi"/>
+ <externalReference
+ type="SOURCE_DISTRIBUTION"
+ url="https://ant.apache.org/antlibs/srcdownload.cgi"/>
+ </cdx:externalreferenceset>
+ <cdx:externalreferenceset
+ id="ant-ext-refs"
+ xmlns:cdx="antlib:org.apache.ant.cyclonedx">
+ <externalReference
+ type="VCS"
+ url="https://github.com/apache/ant"/>
+ <externalReference
+ type="BUILD_SYSTEM"
+ url="https://ci-builds.apache.org/job/Ant/"/>
+ <externalReference
+ type="ISSUE_TRACKER"
+ url="https://bz.apache.org/bugzilla/buglist.cgi?product=Ant"/>
+ <externalReference
+ type="WEBSITE"
+ url="https://ant.apache.org/"/>
+ <externalReference
+ type="DISTRIBUTION"
+ url="https://ant.apache.org/bindownload.cgi"/>
+ <externalReference
+ type="SOURCE_DISTRIBUTION"
+ url="https://ant.apache.org/srcdownload.cgi"/>
+ </cdx:externalreferenceset>
+ </target>
+
+ <target name="create-antlib-sbom" depends="define-cyclonedx-components">
+ <cdx:componentbom
+ bomName="${artifact.stub}-cyclonedx"
+ outputdirectory="${build.lib}"
+ format="all"
+ useComponentSupplier="true"
+ xmlns:cdx="antlib:org.apache.ant.cyclonedx">
+ <component
+ name="${artifact.name}"
+ group="org.apache.ant"
+ version="${artifact.version}"
+ description="Apache CycloneDX Antlib"
+ publisher="The Apache Software Foundation"
+ manufacturerIsSupplier="true">
+ <file file="${jarname}"/>
+ <manufacturer refid="ant-team"/>
+ <license refid="apache-2"/>
+ <externalReferenceSet refid="ant-common-refs"/>
+ <externalReferenceSet refid="antlib-ext-refs"/>
+ <dependency componentRef="ant"/>
+ <dependency componentRef="cyclonedx-core"/>
+ </component>
+ <additionalComponent
+ name="ant"
+ group="org.apache.ant"
+ version="1.10.17"
+ isExternal="true"
+ id="ant">
+ <manufacturer refid="ant-team"/>
+ <license refid="apache-2"/>
+ <externalReferenceSet refid="ant-common-refs"/>
+ <externalReferenceSet refid="ant-ext-refs"/>
+ <dependency componentRef="ant-launcher"/>
+ </additionalComponent>
+ <additionalComponent
+ name="ant-launcher"
+ group="org.apache.ant"
+ version="1.10.17"
+ isExternal="true"
+ id="ant-launcher">
+ <manufacturer refid="ant-team"/>
+ <license refid="apache-2"/>
+ <externalReferenceSet refid="ant-common-refs"/>
+ <externalReferenceSet refid="ant-ext-refs"/>
+ </additionalComponent>
+ <additionalComponent
+ publisher="OWASP Foundation"
+ group="org.cyclonedx"
+ name="cyclonedx-core-java"
+ version="12.2.0"
+ description="The CycloneDX core module provides a model
representation of the BOM along with utilities to assist in creating, parsing,
and validating BOMs."
+ id="cyclonedx-core">
+ <file file="${lib.dir.compile}/cyclonedx-core-java.jar"/>
+ <license refid="apache-2"/>
+ <externalReference
+ type="website"
+ url="https://github.com/CycloneDX/cyclonedx-core-java"/>
+ <externalReference
+ type="build-system"
+ url="https://github.com/CycloneDX/cyclonedx-core-java/actions"/>
+ <externalReference
+ type="distribution-intake"
+
url="https://oss.sonatype.org/service/local/staging/deploy/maven2/"/>
+ <externalReference
+ type="issue-tracker"
+ url="https://github.com/CycloneDX/cyclonedx-core-java/issues"/>
+ <externalReference
+ type="vcs"
+ url="https://github.com/CycloneDX/cyclonedx-core-java.git"/>
+ <dependency componentRef="commons-codec"/>
+ <dependency componentRef="commons-io"/>
+ <dependency componentRef="commons-lang3"/>
+ <dependency componentRef="commons-collections4"/>
+ <dependency componentRef="packageurl-java"/>
+ <dependency componentRef="jackson-dataformat-xml"/>
+ <dependency componentRef="json-schema-validator"/>
+ </additionalComponent>
+ <additionalComponent id="commons-codec">
+ <sbomLink>
+ <url
url="https://repo1.maven.org/maven2/commons-codec/commons-codec/1.21.0/commons-codec-1.21.0-cyclonedx.json"/>
+ </sbomLink>
+ <file file="${lib.dir.compile}/commons-codec.jar"/>
+ </additionalComponent>
+ <additionalComponent id="commons-io">
+ <sbomLink>
+ <url
url="https://repo1.maven.org/maven2/commons-io/commons-io/2.21.0/commons-io-2.21.0-cyclonedx.json"/>
+ </sbomLink>
+ <file file="${lib.dir.compile}/commons-io.jar"/>
+ </additionalComponent>
+ <additionalComponent id="commons-lang3">
+ <sbomLink>
+ <url
url="https://repo1.maven.org/maven2/org/apache/commons/commons-lang3/3.20.0/commons-lang3-3.20.0-cyclonedx.json"/>
+ </sbomLink>
+ <file file="${lib.dir.compile}/commons-lang3.jar"/>
+ </additionalComponent>
+ <additionalComponent id="commons-collections4">
+ <sbomLink>
+ <url
url="https://repo1.maven.org/maven2/org/apache/commons/commons-collections4/4.5.0/commons-collections4-4.5.0-cyclonedx.json"/>
+ </sbomLink>
+ <file file="${lib.dir.compile}/commons-collections4.jar"/>
+ </additionalComponent>
+ <additionalComponent
+ group="com.github.package-url"
+ name="packageurl-java"
+ version="1.5.0"
+ description='The official Java implementation of the PackageURL
specification. PackageURL (purl) is a minimal specification for describing a
package via a "mostly universal" URL'
+ id="packageurl-java">
+ <file file="${lib.dir.compile}/packageurl-java.jar"/>
+ <license licenseId="MIT">
+ <url url="https://opensource.org/licenses/MIT"/>
+ </license>
+ </additionalComponent>
+ <additionalComponent id="jackson-dataformat-xml">
+ <sbomLink>
+ <url
url="https://repo1.maven.org/maven2/com/fasterxml/jackson/dataformat/jackson-dataformat-xml/2.21.1/jackson-dataformat-xml-2.21.1-sbom-cyclonedx.json"/>
+ </sbomLink>
+ <file file="${lib.dir.compile}/jackson-dataformat-xml.jar"/>
+ </additionalComponent>
+ <additionalComponent
+ group="com.networknt"
+ name="json-schema-validator"
+ version="2.0.1"
+ description='A json schema validator that supports draft v4, v6, v7,
v2019-09 and v2020-12'
+ unknownDependencies="true"
+ id="json-schema-validator">
+ <file file="${lib.dir.compile}/json-schema-validator.jar"/>
+ <license refid="apache-2"/>
+ </additionalComponent>
+ </cdx:componentbom>
+ </target>
+
<import file="common/build.xml"/>
</project>
diff --git a/ivy.xml b/ivy.xml
index 06602c2..9f2e0a8 100644
--- a/ivy.xml
+++ b/ivy.xml
@@ -26,8 +26,8 @@
url="https://www.apache.org/licenses/LICENSE-2.0"/>
<ivyauthor name="Apache Ant Development Team"
url="https://ant.apache.org/"/>
- <description homepage="YOUR-ANTLIB_HOMEPAGE">
- YOUR_DESCRIPTION
+ <description homepage="https://ant.apache.org/antlibs/cyclonedx/";>
+ Apache CycloneDX Antlib
</description>
</info>
<configurations>
