This is an automated email from the ASF dual-hosted git repository. asf-gitbox-commits pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ant-antlibs-common.git
commit 61572be36ce8cce5314b3f16fa3e9c6c17b3e3fe Author: Stefan Bodewig <[email protected]> AuthorDate: Fri Jun 19 10:28:28 2026 +0200 extract part of common CycloneDX logic --- build.xml | 2 + cyclonedx.xml | 138 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 140 insertions(+) diff --git a/build.xml b/build.xml index 0f15aee..b283f42 100644 --- a/build.xml +++ b/build.xml @@ -613,4 +613,6 @@ <delete dir="${dist.name}"/> </target> + <!-- SBOM generation--> + <import file="${common.basedir}/cyclonedx.xml"/> </project> diff --git a/cyclonedx.xml b/cyclonedx.xml new file mode 100644 index 0000000..eaba373 --- /dev/null +++ b/cyclonedx.xml @@ -0,0 +1,138 @@ +<?xml version="1.0"?> +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + +https://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> +<project name="cyclonedx" xmlns:ivy="antlib:org.apache.ivy.ant"> + + <!-- version of CycloneDX Antlib to use --> + <property name="cyclconedx.antlib.version" value="0.1"/> + + <target name="fetch-cyclonedx" depends="resolve" if="with.ivy"> + <ivy:cachepath organisation="org.apache.ant" + module="ant-cyclonedx" + revision="${cyclconedx.antlib.version}" + inline="true" + conf="default" + pathid="cyclonedx.classpath" + log="download-only"/> + <typedef uri="antlib:org.apache.ant.cyclonedx" + resource="org/apache/ant/cyclonedx/antlib.xml" + classpathref="cyclonedx.classpath"/> + </target> + + <target name="define-common-cyclonedx-references" + depends="fetch-cyclonedx" + xmlns:cdx="antlib:org.apache.ant.cyclonedx"> + <!-- common definitions for SBOMs --> + <cdx:organization + name="Apache Ant Project Management Committee" + id="ant-pmc"> + <url url="https://ant.apache.org/"/> + </cdx:organization> + <cdx:license + licenseId="Apache-2.0" + id="apache-2"> + <url url="https://www.apache.org/licenses/LICENSE-2.0.txt"/> + </cdx:license> + <cdx:externalreferenceset id="ant-common-refs"> + <externalReference + type="LICENSE" + url="https://www.apache.org/licenses/LICENSE-2.0.txt"/> + <externalReference + type="MAILING_LIST" + url="https://ant.apache.org/mail.html"/> + <externalReference + type="SECURITY_CONTACT" + url="https://www.apache.org/security/"/> + <externalReference + type="rfc-9116" + url="https://ant.apache.org/.well-known/security.txt"/> + </cdx:externalreferenceset> + <!-- external references common to all antlibs --> + <cdx:externalreferenceset id="antlibs-common-ext-refs"> + <externalReference + type="WEBSITE" + url="https://ant.apache.org/antlibs/${ant.project.name}/"/> + <externalReference + type="DISTRIBUTION" + url="https://ant.apache.org/antlibs/bindownload.cgi"/> + <externalReference + type="SOURCE_DISTRIBUTION" + url="https://ant.apache.org/antlibs/srcdownload.cgi"/> + </cdx:externalreferenceset> + <cdx:externalreferenceset id="ant-ext-refs"> + <externalReference + type="VCS" + url="https://gitbox.apache.org/repos/asf/ant.git"/> + <externalReference + type="BUILD_SYSTEM" + url="https://ci-builds.apache.org/job/Ant/"/> + <externalReference + type="ISSUE_TRACKER" + url="https://bz.apache.org/bugzilla/buglist.cgi?product=Ant"/> + <externalReference + type="WEBSITE" + url="https://ant.apache.org/"/> + <externalReference + type="ADVISORIES" + url="https://ant.apache.org/security.html#Apache%20Ant%20Security%20Vulnerabilities"/> + <externalReference + type="DOCUMENTATION" + url="https://ant.apache.org/manual/"/> + <externalReference + type="DISTRIBUTION" + url="https://ant.apache.org/bindownload.cgi"/> + <externalReference + type="SOURCE_DISTRIBUTION" + url="https://ant.apache.org/srcdownload.cgi"/> + <externalReference + type="RELEASE_NOTES" + url="https://github.com/apache/ant/blob/master/WHATSNEW"/> + </cdx:externalreferenceset> + </target> + + <target name="define-core-ant-components" + if="ant.core.version" + xmlns:cdx="antlib:org.apache.ant.cyclonedx" + depends="define-common-cyclonedx-references"> + <cdx:component + name="ant-launcher" + group="org.apache.ant" + version="${ant.core.version}" + isExternal="true" + id="ant-launcher"> + <supplier refid="ant-pmc"/> + <license refid="apache-2"/> + <externalReferenceSet refid="ant-common-refs"/> + <externalReferenceSet refid="ant-ext-refs"/> + </cdx:component> + <cdx:component + name="ant" + group="org.apache.ant" + version="${ant.core.version}" + isExternal="true" + id="ant"> + <supplier refid="ant-pmc"/> + <license refid="apache-2"/> + <externalReferenceSet refid="ant-common-refs"/> + <externalReferenceSet refid="ant-ext-refs"/> + <dependency componentRef="ant-launcher"/> + </cdx:component> + </target> + +</project>
