diff --git a/build.gradle.kts b/build.gradle.kts index 2fa6022..4825eeb 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -21,6 +21,7 @@ plugins { alias(libs.plugins.release) alias(libs.plugins.publish) apply false alias(libs.plugins.kover) + alias(libs.plugins.cyclonedx) } allprojects { diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 08f868c..52daa9f 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -19,6 +19,7 @@ dokka = "2.2.0" publish = "0.36.0" release = "3.1.0" kover = "0.9.8" +cyclonedx = "3.2.4" [libraries] kaitai-runtime = { module = "io.kaitai:kaitai-struct-runtime", version.ref = "kaitai" } @@ -48,3 +49,4 @@ dokka = { id = "org.jetbrains.dokka", version.ref = "dokka" } publish = { id = "com.vanniktech.maven.publish", version.ref = "publish" } release = { id = "net.researchgate.release", version.ref = "release" } kover = { id = "org.jetbrains.kotlinx.kover", version.ref = "kover" } +cyclonedx = { id = "org.cyclonedx.bom", version.ref = "cyclonedx" } diff --git a/protocol/build.gradle.kts b/protocol/build.gradle.kts index 7c8ed23..6adeb6a 100644 --- a/protocol/build.gradle.kts +++ b/protocol/build.gradle.kts @@ -21,6 +21,7 @@ plugins { alias(libs.plugins.kotlin.jvm) alias(libs.plugins.publish) alias(libs.plugins.dokka) + alias(libs.plugins.cyclonedx) `java-library` } @@ -101,6 +102,23 @@ dokka { } } +tasks.cyclonedxDirectBom { + includeConfigs.set(listOf("runtimeClasspath")) + includeLicenseText.set(true) + jsonOutput.set(layout.buildDirectory.file("reports/cyclonedx-direct/${project.name}-bom.json")) +} + +publishing { + publications { + withType().configureEach { + artifact(tasks.cyclonedxDirectBom.flatMap { it.jsonOutput }) { + classifier = "cyclonedx" + extension = "json" + } + } + } +} + mavenPublishing { publishToMavenCentral(automaticRelease = true, validateDeployment = DeploymentValidation.PUBLISHED) signAllPublications() diff --git a/sshlib/build.gradle.kts b/sshlib/build.gradle.kts index 65265b3..f48498b 100644 --- a/sshlib/build.gradle.kts +++ b/sshlib/build.gradle.kts @@ -24,6 +24,7 @@ plugins { alias(libs.plugins.dokka) alias(libs.plugins.metalava) alias(libs.plugins.kover) + alias(libs.plugins.cyclonedx) `java-library` } @@ -122,6 +123,23 @@ dokka { } } +tasks.cyclonedxDirectBom { + includeConfigs.set(listOf("runtimeClasspath")) + includeLicenseText.set(true) + jsonOutput.set(layout.buildDirectory.file("reports/cyclonedx-direct/${project.name}-bom.json")) +} + +publishing { + publications { + withType().configureEach { + artifact(tasks.cyclonedxDirectBom.flatMap { it.jsonOutput }) { + classifier = "cyclonedx" + extension = "json" + } + } + } +} + mavenPublishing { publishToMavenCentral(automaticRelease = true, validateDeployment = DeploymentValidation.PUBLISHED) signAllPublications()