Starting a simple V24.7 Spring-Boot (3.4.4) application with AppsecKit fails to the following error. There is no package.json in the project since, I think, it is having a pre-compiled frontend bundle.
[DEBUG] env: __CFBundleIdentifier=com.jetbrains.intellij
[DEBUG] env: __CF_USER_TEXT_ENCODING=0x1F5:0x0:0x0
[DEBUG] Executing command line: [npx, @cyclonedx/cyclonedx-npm, --output-file, /Users/.../dev/idea/simple_v247/target/classes/resources/bom-npm.json, --output-format, JSON]
Error: missing project's manifest file: /Users/.../dev/idea/simple_v247/package.json
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
This command succeeded npx --package @cyclonedx/cyclonedx-npm --call exit
<java.version>17</java.version>
<vaadin.version>24.7.5</vaadin.version>
...
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>appsec-kit-starter</artifactId>
<version>3.3.0</version>
</dependency>
...
<build>
<defaultGoal>spring-boot:run</defaultGoal>
<plugins>
<plugin>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<version>2.9.1</version>
<executions>
<execution>
<phase>generate-resources</phase>
<configuration>
<projectType>library</projectType>
<schemaVersion>1.4</schemaVersion>
<includeBomSerialNumber>true</includeBomSerialNumber>
<includeCompileScope>true</includeCompileScope>
<includeProvidedScope>true</includeProvidedScope>
<includeRuntimeScope>true</includeRuntimeScope>
<includeSystemScope>true</includeSystemScope>
<includeTestScope>false</includeTestScope>
<includeLicenseText>false</includeLicenseText>
<outputReactorProjects>true</outputReactorProjects>
<outputFormat>json</outputFormat>
<outputName>bom</outputName>
<outputDirectory>${project.build.outputDirectory}/resources</outputDirectory>
<verbose>false</verbose>
</configuration>
<goals>
<goal>makeAggregateBom</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<version>1.3.2</version>
<executions>
<execution>
<id>cyclonedx-npm</id>
<goals>
<goal>exec</goal>
</goals>
<phase>generate-resources</phase>
<configuration>
<executable>npx</executable>
<arguments>
<argument>@cyclonedx/cyclonedx-npm</argument>
<argument>--output-file</argument>
<argument>${project.build.outputDirectory}/resources/bom-npm.json</argument>
<argument>--output-format</argument>
<argument>JSON</argument>
</arguments>
</configuration>
</execution>
</executions>
</plugin>
Starting a simple V24.7 Spring-Boot (3.4.4) application with AppsecKit fails to the following error. There is no package.json in the project since, I think, it is having a pre-compiled frontend bundle.
This command succeeded
npx --package @cyclonedx/cyclonedx-npm --call exit