NAME
SBOM::CycloneDX::Lite - Simple accessors and helpers for SBOM::CycloneDX
SYNOPSIS
use SBOM::CycloneDX::Lite qw(:v1_7 :all);
my $bom = bom;
my $root_component = application_component(
name => 'MyApp',
licenses => [SBOM::CycloneDX::License->new('Artistic-2.0')],
bom_ref => 'MyApp'
);
my $metadata = $bom->metadata;
$metadata->tools->add(cyclonedx_tool);
$metadata->component($root_component);
my $component1 = library_component(
name => 'some-component',
group => 'acme',
version => '1.33.7-beta.1',
licenses => [license(name => '(c) 2021 Acme inc.')],
bom_ref => 'myComponent@1.33.7-beta.1',
purl => URI::PackageURL->new(
type => 'generic',
namespace => 'acme',
name => 'some-component',
version => '1.33.7-beta.1'
),
);
$bom->components->add($component1);
$bom->add_dependency($root_component, [$component1]);
my $component2 = library_component(
name => 'some-library',
licenses => [license('GPL-3.0-only WITH Classpath-exception-2.0')],
bom_ref => 'some-lib',
);
$bom->components->add($component2);
$bom->add_dependency($root_component, [$component2]);
my @errors = $bom->validate;
if (@errors) {
say $_ for (@errors);
Carp::croak 'Validation error';
}
say $bom->to_string;DESCRIPTION
SBOM::CycloneDX::Lite is an EXPERIMENTAL lightweight layer built on top of SBOM::CycloneDX to quickly create CycloneDX BOM files.
It focuses on the most commonly used BOM fields and provides a simple, low-boilerplate interface. It accepts friendly input and normalizes it into canonical CycloneDX structures.
EXPORTED TAGS
:latest-
Select the latest CycloneDX schema version supported by SBOM::CycloneDX distribution.
:v1_7-
Select the CycloneDX v1.7 schema version.
:v1_6-
Select the CycloneDX v1.6 schema version.
:v1_5-
Select the CycloneDX v1.5 schema version.
:v1_4-
Select the CycloneDX v1.4 schema version.
:v1_3-
Select the CycloneDX v1.3 schema version.
:v1_2-
Select the CycloneDX v1.2 schema version.
:all-
Export all functions.
EXPORTED FUNCTIONS
bom
Return a SBOM::CycloneDX object.
component
Return a SBOM::CycloneDX::Component object.
Component aliases:
- application_component
- framework_component
- library_component
- container_component
- platform_component
- operating_system_component
- device_component
- device_driver_component
- firmware_component
- file_component
- machine_learning_model_component
- data_component
- cryptographic_asset_component
license
Return a SBOM::CycloneDX::License object.
external_reference
Return a SBOM::CycloneDX::ExternalReference object.
property
Return a SBOM::CycloneDX::Property object.
organization
Return a SBOM::CycloneDX::OrganizationalEntity object.
contact
Return a SBOM::CycloneDX::OrganizationalContact object.
hash
Return a SBOM::CycloneDX::Hash object.
SUPPORT
Bugs / Feature Requests
Please report any bugs or feature requests through the issue tracker at https://github.com/giterlizzi/perl-SBOM-CycloneDX/issues. You will be notified automatically of any progress on your issue.
Source Code
This is open source software. The code repository is available for public review and contribution under the terms of the license.
https://github.com/giterlizzi/perl-SBOM-CycloneDX
git clone https://github.com/giterlizzi/perl-SBOM-CycloneDX.gitAUTHOR
Giuseppe Di Terlizzi <gdt@cpan.org>
LICENSE AND COPYRIGHT
This software is copyright (c) 2025-2026 by Giuseppe Di Terlizzi.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.