Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

@cyclonedx/cdxgen

Ecosystem:
npm
Package URL:
pkg:npm/@cyclonedx/cdxgen
Total PRs:
38 Dependabot PRs
Latest PR:
17 days ago
Unique Repositories:
15 repositories
Unique Repos (30 days):
3 repositories
Security Advisories
@cyclonedx/cdxgen: Docker registry auth substring match forwards credentials to a different registry
GHSA-qhh4-458h-xwh2 MODERATE published about 1 month ago • updated 17 days ago
# Docker registry auth substring match forwards credentials to a different registry ## Repository `cdxgen/cdxgen` ## Affected product/package -...
CycloneDX cdxgen may execute code contained within build-related files
GHSA-hxf3-vgpm-fv9p CVE-2024-50611 MODERATE published over 1 year ago • updated 22 days ago
CycloneDX cdxgen prior to 11.1.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradl...
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
chore(deps-dev): bump @cyclonedx/cdxgen from 12.4.1 to 12.4.3

hoangsnowy/loopbridge #32

12.4.1 → 12.4.3 Patch PR
Open 25 days ago 1 comment
hoangsnowy
chore(deps): bump the development group with 2 updates

Kuonirad/MCOP-Framework-2.0 #614

12.3.0 → 12.3.2 Patch PR
Open about 2 months ago 2 comments
Kuonirad
chore(deps)(deps-dev): bump the development-dependencies group with 5 updates

localgod/polaris #254

12.1.2 → 12.1.3 Patch PR
Open 3 months ago 1 comment
localgod
chore(deps): bump the production-dependencies group with 3 updates

appwarden/middleware #262

12.1.1 → 12.1.2 Patch PR
Open 3 months ago 1 comment
appwarden
chore(deps-dev): bump @cyclonedx/cdxgen from 12.1.1 to 12.1.2

jlov7/runwright #18

12.1.1 → 12.1.2 Patch PR
Closed 3 months ago 1 comment
jlov7
chore(deps-dev): bump the production-dependencies group with 2 updates

appwarden/middleware #183

12.1.0 → 12.1.1 Patch PR
Open 4 months ago 1 comment
appwarden
chore(deps): bump @cyclonedx/cdxgen from 11.2.3 to 11.2.7

rlmestre/herodevs-cli #19

11.2.3 → 11.2.7 Patch PR
Closed about 1 year ago 1 comment
rlmestre
chore(deps): bump @cyclonedx/cdxgen from 11.2.6 to 11.2.7

herodevs/cli #217

11.2.6 → 11.2.7 Patch PR
Merged about 1 year ago
herodevs
Package Details
Name: @cyclonedx/cdxgen
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/@cyclonedx/cdxgen
JSON API: View JSON
Security Advisories

2

Active advisories
MODERATE 2
View All npm Advisories
Package Information
Description:

Creates CycloneDX Software Bill of Materials (SBOM) from source or container image

Repository: https://github.com/CycloneDX/cdxgen
Homepage: http://github.com/cyclonedx/cdxgen
Latest Release: 11.3.2
about 1 year ago
Dependent Repos: 1
Dependent Packages: 0
Downloads: 249,006
Ranking: Top 10.7024% by dependent repos Top 0.3693% by downloads Top 52.6392% by dependent pkgs
PR Status
Open 19 (50.0%)
Merged 1 (2.6%)
Closed 15 (39.5%)
PR Types
Major 3 (7.9%)
Minor 24 (63.2%)
Patch 8 (21.1%)