Is your feature request related to a problem? Please describe.
i am detailing my runtime tonode via package.json::engines - see https://docs.npmjs.com/cli/v11/configuring-npm/package-json#engines
{
"engines": {
"node": ">=0.10.3 <15"
}
}I want this information being detailed in the SBOM generated by this very tool.
Describe the solution you'd like
the sourced information may stem from package manifest (package.json) or from lockfile or from npm-ls
- populate
$.metadata.component.properties with cdx:npm:package:constraint:engine:<name> = <version range> being whatever value found in the package manifest. as per https://cyclonedx.github.io/cyclonedx-property-taxonomy/cdx/npm.html
- optional, for known JS runtimes: for CycloneDX 1.7 add a component to the components list, that has the following attributes:
Describe alternatives you've considered
none
Additional context
docs:
Contribution
Is your feature request related to a problem? Please describe.
i am detailing my runtime to
nodeviapackage.json::engines- see https://docs.npmjs.com/cli/v11/configuring-npm/package-json#engines{ "engines": { "node": ">=0.10.3 <15" } }I want this information being detailed in the SBOM generated by this very tool.
Describe the solution you'd like
the sourced information may stem from package manifest (
package.json) or from lockfile or fromnpm-ls$.metadata.component.propertieswithcdx:npm:package:constraint:engine:<name> = <version range>being whatever value found in the package manifest. as per https://cyclonedx.github.io/cyclonedx-property-taxonomy/cdx/npm.htmlplatformfornode,deno, etc ...node, ordenoor whatever it is ...vers:npm/...- see https://github.com/package-url/vers-spec/blob/main/VERSION-RANGE-SPEC.mdtrue$metadata.componentDescribe alternatives you've considered
none
Additional context
docs:
cdx:npm:https://cyclonedx.github.io/cyclonedx-property-taxonomy/cdx/npm.htmlContribution