Author: bodewig
Date: Tue May 26 16:33:02 2026
New Revision: 1934647
Log:
developer information for CycloneDX Antlib
Modified:
ant/site/ant/production/antlibs/cyclonedx/index.html
ant/site/ant/production/antlibs/cyclonedx/manual/component.html
ant/site/ant/production/antlibs/cyclonedx/manual/componentbom.html
ant/site/ant/sources/antlibs/cyclonedx/index.xml
Modified: ant/site/ant/production/antlibs/cyclonedx/index.html
==============================================================================
--- ant/site/ant/production/antlibs/cyclonedx/index.html Tue May 26
16:09:14 2026 (r1934646)
+++ ant/site/ant/production/antlibs/cyclonedx/index.html Tue May 26
16:33:02 2026 (r1934647)
@@ -196,6 +196,14 @@
corresponding library for projects using <a
href="https://ant.apache.org/ivy/";>Apache Ivy</a> is
planned.</p>
<h3 class="section">
+ <a name="Getting Involved"></a>
+ Getting Involved
+ </h3>
+ <p>The source code of the Anlib lives at <a
href="https://gitbox.apache.org/repos/asf/ant-antlibs-cyclonedx.git";>https://gitbox.apache.org/repos/asf/ant-antlibs-cyclonedx.git</a>.
For
+ discussions please join Ant's <a href="/mail.html">dev mailing
+ list</a>. For bug reports use the "CycloneDX" component in Ant's
+ <a href="/bugs.html">Bug Database</a>.</p>
+ <h3 class="section">
<a name="Current Manual"></a>
Current Manual
</h3>
Modified: ant/site/ant/production/antlibs/cyclonedx/manual/component.html
==============================================================================
--- ant/site/ant/production/antlibs/cyclonedx/manual/component.html Tue May
26 16:09:14 2026 (r1934646)
+++ ant/site/ant/production/antlibs/cyclonedx/manual/component.html Tue May
26 16:33:02 2026 (r1934647)
@@ -125,13 +125,13 @@
<td>No</td>
</tr>
<tr>
- <td>manufacturerIsSupplier</td>
+ <td>supplierIsManufacturer</td>
<td>Whether the
- nested <a href="#manufacturer">manufacturer</a> shall be used
- as supplier as well.</td>
+ nested <a href="#supplier">supplier</a> shall be used
+ as manufacturer as well.</td>
<td>No - defaults to <code>false</code>. Must not
be <code>true</code> if a
- nested <a href="#supplier">supplier</a> exists.</td>
+ nested <a href="#manufacturer">manufacturer</a> exists.</td>
</tr>
<tr>
<td>unknownDependencies</td>
@@ -166,7 +166,7 @@
<code>mimeType</code> and <code>manufacturer</code> are taken
from the SBOM's metadata component unless they are explicitly
specified on the component element itself.</li>
- <li><code>supplier</code> is taken from the SBOM's metadata
+ <li><code>manufacturer</code> is taken from the SBOM's metadata
component unless it is explicitly specified on the component
element itself or <code>manufacturerissupplier</code>
is <code>true</code>.</li>
@@ -190,7 +190,9 @@
group as one read from the linked SBOM, the linked component
will be ignored. Here the version is ignored, it is assumed
the component explicitly specified is the result of a process
- that resolved conflicts in dependency versions.
+ that resolved conflicts in dependency versions. Currently this
+ only applies to Components with <code>pkg:maven/</code> Package-URLs
+ as bom-ref.
</li>
</ul>
@@ -345,7 +347,7 @@
unknownDependencies="true"
id="ant"
xmlns:cdx="antlib:org.apache.ant.cyclonedx">
- <manufacturer refid="ant-team"/>
+ <supplier refid="ant-team"/>
<license refid="apache-2"/>
<externalReference
type="VCS"
@@ -360,10 +362,10 @@
version="0.1"
description="Apache CycloneDX Antlib"
publisher="The Apache Software Foundation"
- manufacturerIsSupplier="true"
+ supplierIsManufacturer="true"
xmlns:cdx="antlib:org.apache.ant.cyclonedx">
<file file="ant-antlibs-cyclonedx-0.1.jar"/>
- <manufacturer refid="ant-team"/>
+ <supplier refid="ant-team"/>
<license refid="apache-2"/>
<externalReferenceSet refid="antlib-ext-refs"/>
<dependency componentRef="ant"/>
Modified: ant/site/ant/production/antlibs/cyclonedx/manual/componentbom.html
==============================================================================
--- ant/site/ant/production/antlibs/cyclonedx/manual/componentbom.html Tue May
26 16:09:14 2026 (r1934646)
+++ ant/site/ant/production/antlibs/cyclonedx/manual/componentbom.html Tue May
26 16:33:02 2026 (r1934647)
@@ -39,7 +39,9 @@
task.</p>
<p>It is an error if any component specifies a dependency on a
- component that is not part of the generated SBOM.</p>
+ component that is not part of the generated SBOM. The bom-refs
+ of the all components inside the same SBOM file must be
+ unique.</p>
<h3>Attributes</h3>
@@ -152,6 +154,14 @@
<p>This is useful when describing the contents of a tarball for
example.</p>
+ <h4>toolComponent</h4>
+
+ <p><code>toolComponent</code> child elements
+ specify <a href="component.html">component</a>s that are added
+ to the <code>metadata.tools</code> section of the SBOM. This is
+ meant to be used to add other tools that also participated in
+ the formation of this SBOM (for example by providing component
+ instances).</p>
<h3>Examples</h3>
Modified: ant/site/ant/sources/antlibs/cyclonedx/index.xml
==============================================================================
--- ant/site/ant/sources/antlibs/cyclonedx/index.xml Tue May 26 16:09:14
2026 (r1934646)
+++ ant/site/ant/sources/antlibs/cyclonedx/index.xml Tue May 26 16:33:02
2026 (r1934647)
@@ -33,6 +33,14 @@
planned.</p>
</section>
+ <section name="Getting Involved">
+ <p>The source code of the Anlib lives at <a
+
href="https://gitbox.apache.org/repos/asf/ant-antlibs-cyclonedx.git";>https://gitbox.apache.org/repos/asf/ant-antlibs-cyclonedx.git</a>.
For
+ discussions please join Ant's <a href="/mail.html">dev mailing
+ list</a>. For bug reports use the "CycloneDX" component in Ant's
+ <a href="/bugs.html">Bug Database</a>.</p>
+ </section>
+
<section name="Current Manual">
<p>The pre-release manual can be found <a href="manual/">here</a>.</p>
</section>
