my $bom = SBOM::CycloneDX->new;
my $root_component = SBOM::CycloneDX::Component->new(
type => 'application',
name => 'MyApp',
licenses => [SBOM::CycloneDX::License->new('Artistic-2.0')],
bom_ref => 'MyApp'
);
my $metadata = $bom->metadata;
$metadata->tools->add(cyclonedx_tool);
$metadata->component($root_component);
my $component1 = SBOM::CycloneDX::Component->new(
type => 'library',
name => 'some-component',
group => 'acme',
version => '1.33.7-beta.1',
licenses => [SBOM::CycloneDX::License->new(name => '(c) 2021 Acme inc.')],
bom_ref => '[email protected]',
purl => URI::PackageURL->new(
type => 'generic',
namespace => 'acme',
name => 'some-component',
version => '1.33.7-beta.1'
),
);
$bom->components->add($component1);
$bom->add_dependency($root_component, [$component1]);
my $component2 = SBOM::CycloneDX::Component->new(
type => 'library',
name => 'some-library',
licenses => [SBOM::CycloneDX::License->new(expression => 'GPL-3.0-only WITH Classpath-exception-2.0')],
bom_ref => 'some-lib',
);
$bom->components->add($component2);
$bom->add_dependency($root_component, [$component2]);
my @errors = $bom->validate;
if (@errors) {
say $_ for (@errors);
Carp::croak 'Validation error';
}
say $bom->to_string;
Using Makefile.PL:
To install SBOM-CycloneDX
distribution, run the following commands.
perl Makefile.PL
make
make test
make install
Using App::cpanminus
:
cpanm SBOM::CycloneDX
perldoc SBOM::CycloneDX
- https://metacpan.org/release/SBOM-CycloneDX
- https://cyclonedx.org/
- Copyright 2025 © Giuseppe Di Terlizzi