mteu / sbom-parser
Installs: 87
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
Type:package
Requires
- php: ~8.3.0 || ~8.4.0
- cuyz/valinor: ^2.0
Requires (Dev)
- armin/editorconfig-cli: ^2.1
- cyclonedx/cyclonedx-php-composer: ^5.2
- ergebnis/composer-normalize: ^2.28
- friendsofphp/php-cs-fixer: ^3.8
- mteu/zealous-stan: ^0.6.3
- phpstan/extension-installer: *
- phpstan/phpstan: ^2.1
- phpstan/phpstan-phpunit: ^2.0
- phpunit/phpcov: ^10.0 || ^11.0.0
- phpunit/phpunit: ^11.5 || ^12.1
- shipmonk/composer-dependency-analyser: *
This package is auto-updated.
Last update: 2025-09-25 14:42:39 UTC
README
CycloneDX SBOM Parser
CycloneDX SBOM (Software Bill of Materials) parser for PHP 8.3+. Supports CycloneDX 1.4+ specifications including components, vulnerabilities, and metadata with full immutable entity design using Valinor for type mapping.
⚡️ Quick Start
use mteu\SbomParser\Parser\CycloneDxParser; $parser = new CycloneDxParser(); $bom = $parser->parseFromFile('/path/to/sbom.json'); // Access components and vulnerabilities $components = $bom->getAllComponents(); $vulnerabilities = $bom->vulnerabilities;
See detailed documentation for complete usage examples and API reference.
🤝 Contributing
Contributions are very welcome! Please have a look at the Contribution Guide. It lays out the workflow of submitting new features or bugfixes.
🔒 Security
Please refer to our security policy if you discover a security vulnerability in this extension. Be warned, though. I cannot afford bounty. This is private project.
⭐ License
This extension is licensed under the GPL-3.0-or-later license.
💬 Support
For issues and feature requests, please use the GitHub issue tracker.