build: add CycloneDX SBOM generation support #440
build: add CycloneDX SBOM generation support #440NelsonMeleth wants to merge 1 commit intodocling-project:mainfrom
Conversation
:java_duke: JaCoCo coverage report
|
|
||||||||||||||
|
HTML test reports are available as workflow artifacts (zipped HTML). • Download: Artifacts for this run |
gradle/libs.versions.toml
Outdated
| quarkus-github-api = "1.330.0" | ||
| quarkus-wiremock = "1.6.1" | ||
| wiremock = "3.13.2" | ||
| cyclonedx = "3.2.2" |
There was a problem hiding this comment.
I think 3.2.3 is the latest version.
There was a problem hiding this comment.
Upgrading to 3.2.3 is giving me error
Could not determine the dependencies of task ':docling-testcontainers:cyclonedxBom'.
> Could not create task ':docling-testcontainers:cyclonedxDirectBom'.
> Cannot mutate the artifacts of configuration ':docling-testcontainers:cyclonedxDirectBom' after the configuration was consumed as a variant. After a configuration has been observed, it should not be modified.
There was a problem hiding this comment.
We should try and figure out what the issue is. Is it an incompatibility between the cycloneDx gradle plugin & the overall Gradle and/or jvm version? Is the cyclonedx plugin not being applied properly? Does it not support Gradle's configuration cache?
edeandrea
left a comment
edeandrea
left a comment
There was a problem hiding this comment.
Thanks for this @NelsonMeleth ! I've added a few inline comments.
|
HTML test reports are available as workflow artifacts (zipped HTML). • Download: Artifacts for this run |
NelsonMeleth
force-pushed
the
main
branch
2 times, most recently
from
b0f1fcd to
b18748c
Compare
|
HTML test reports are available as workflow artifacts (zipped HTML). • Download: Artifacts for this run |
|
HTML test reports are available as workflow artifacts (zipped HTML). • Download: Artifacts for this run |
|
HTML test reports are available as workflow artifacts (zipped HTML). • Download: Artifacts for this run |
- Add docling-sbom.gradle.kts plugin for SBOM generation - Integrate SBOM artifacts into Maven publications - Add CycloneDX Gradle plugin dependency - Configure cyclonedxDirectBom task in build group Signed-off-by: Nelson Baby <nelson.b@ibm.com>
NelsonMeleth
changed the title
|
HTML test reports are available as workflow artifacts (zipped HTML). • Download: Artifacts for this run |
2 participants
Uh oh!
There was an error while loading. Please reload this page.