[commons-parent] branch master updated: Add SPDX SBOM generation

Sun, 07 Aug 2022 17:17:46 -0700 

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-parent.git


The following commit(s) were added to refs/heads/master by this push:
     new 97f2e53  Add SPDX SBOM generation
97f2e53 is described below

commit 97f2e5397c63e56b84ca48c821d08b017771cdae
Author: Gary Gregory <garydgreg...@gmail.com>
AuthorDate: Sun Aug 7 20:17:32 2022 -0400

    Add SPDX SBOM generation
---
 pom.xml                 | 22 ++++++++++++++++++++++
 src/changes/changes.xml |  1 +
 2 files changed, 23 insertions(+)

diff --git a/pom.xml b/pom.xml
index c8ee9b7..293ac7f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -852,6 +852,24 @@
             
<outputName>${project.artifactId}-${project.version}-bom</outputName>
           </configuration>
         </plugin>
+        <plugin>
+          <groupId>org.spdx</groupId>
+          <artifactId>spdx-maven-plugin</artifactId>
+          <version>0.5.5</version>
+          <executions>
+            <execution>
+              <id>build-spdx</id>
+              <goals>
+                <goal>createSPDX</goal>
+              </goals>
+            </execution>
+          </executions>
+          <configuration>
+            <excludedFilePatterns>
+              <param>*.spdx</param>
+            </excludedFilePatterns>
+          </configuration>
+        </plugin>        
       </plugins>
     </pluginManagement>
     <plugins>
@@ -1092,6 +1110,10 @@
         <groupId>org.cyclonedx</groupId>
         <artifactId>cyclonedx-maven-plugin</artifactId>
       </plugin>
+      <plugin>
+        <groupId>org.spdx</groupId>
+        <artifactId>spdx-maven-plugin</artifactId>
+      </plugin>
     </plugins>
   </build>
 
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 0ce12e9..346e782 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -66,6 +66,7 @@ The <action> type attribute can be add,update,fix,remove.
            <action type="add" dev="ggregory" due-to="Dependabot">Add property 
commons.javadoc18.java.link.</action>
            <action type="add" dev="ggregory">Add JUnit BOM to dependency 
management.</action>
            <action type="add" dev="ggregory" due-to="Steve Springett">Add 
CycloneDX SBOM generation #122.</action>
+           <action type="add" dev="ggregory" due-to="Gary Gregory">Add SPDX 
SBOM generation.</action>
            <!-- REMOVE -->
            <action type="remove" dev="ggregory" due-to="Gary Gregory">Remove 
org.codehaus.mojo:jdepend-maven-plugin 2.0; it does not work with current 
versions of RAT and site plugins.</action>
            <action type="remove" dev="ggregory" due-to="Gary Gregory">Remove 
FindBugs properties, use SpotBugs instead.</action>

Reply via email to