This project publishes a CycloneDX Software Bill of Materials (SBOM).
From the repo root:
corepack enable
npm_config_yes=true npx @cyclonedx/cyclonedx-npm --output-file sbom.cdx.json --output-format jsonCommit the updated sbom.cdx.json to the repository.
Parse the file and print key fields:
node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync('sbom.cdx.json','utf8'));console.log('bomFormat:',d.bomFormat);console.log('specVersion:',d.specVersion);console.log('version:',d.version);console.log('components:',(d.components||[]).length);"sbom.cdx.json(CycloneDX JSON format)