NAME

SBOM::CycloneDX::Composition - Composition

SYNOPSIS

SBOM::CycloneDX::Composition->new();

DESCRIPTION

SBOM::CycloneDX::Composition describe constituent parts (including components, services, and dependency relationships) and their completeness. The completeness of vulnerabilities expressed in a BOM may also be described.

METHODS

SBOM::CycloneDX::Composition->new( %PARAMS )

Properties:

aggregate, Specifies an aggregate type that describes how complete a relationship is.
assemblies, The bom-ref identifiers of the components or services being described. Assemblies refer to nested relationships whereby a constituent part may include other constituent parts. References do not cascade to child parts. References are explicit for the specified constituent part only.
bom_ref, An identifier which can be used to reference the composition elsewhere in the BOM. Every bom-ref must be unique within the BOM.

Value SHOULD not start with the BOM-Link intro 'urn:cdx:' to avoid conflicts with BOM-Links.
dependencies, The bom-ref identifiers of the components or services being described. Dependencies refer to a relationship whereby an independent constituent part requires another independent constituent part. References do not cascade to transitive dependencies. References are explicit for the specified dependency only.
signature, Enveloped signature in JSON Signature Format (JSF) (https://cyberphone.github.io/doc/security/jsf.html).
vulnerabilities, The bom-ref identifiers of the vulnerabilities being described.

$composition->aggregate

$composition->assemblies

$composition->bom_ref

$composition->dependencies

$composition->signature

$composition->vulnerabilities

SUPPORT

Bugs / Feature Requests

Please report any bugs or feature requests through the issue tracker at https://github.com/giterlizzi/perl-SBOM-CycloneDX/issues. You will be notified automatically of any progress on your issue.

Source Code

This is open source software. The code repository is available for public review and contribution under the terms of the license.

https://github.com/giterlizzi/perl-SBOM-CycloneDX

git clone https://github.com/giterlizzi/perl-SBOM-CycloneDX.git

AUTHOR

Giuseppe Di Terlizzi <gdt@cpan.org>

LICENSE AND COPYRIGHT

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install SBOM::CycloneDX, copy and paste the appropriate command in to your terminal.

cpanm

cpanm SBOM::CycloneDX

CPAN shell

perl -MCPAN -e shell
install SBOM::CycloneDX

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)