.. | |||
.gitignore | Loading last commit info... | ||
Makefile | |||
README.md | |||
bd.xsd | |||
cyclonedx.xsd | |||
spdx.xsd | |||
vulnerability.xsd |
README.md
CycloneDX Schemas
grype
generates a CycloneDX BOm output with the vulnerability extension. This validation is similar to what is done in syft
, validating output against CycloneDX schemas.
Validation is done with xmllint
, which requires a copy of all schemas because it can't work with HTTP references. The schemas are modified to reference local copies of dependent schemas.