Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
ProGet SCA - Support for CycloneDX Spec Version 1.5
-
When trying to upload a SBOM JSON file create with recent tooling to ProGet 2023.30 (Build 16) the following error is returned:
(500) Server Error Unsupported specification version: 1.5Are there any plans to support this spec version?
-
Hello @jw,
We are currently in the process of testing the change to include the updated CycloneDX Specs. It is expected to be released in ProGet 2023.31.
Thanks,
Rich
-
Thanks for the update, looking forward to the next release.
-
CycloneDX .NET Runner 4.0.0 was just released and produces spec version 1.6 by default.
Do you guys already have plans for supporting this?
-
Hi @jw,
I have added this to our ProGet 2025 roadmap. If there is a more immediate need for this, please let us know and I can discuss this with the products team.
Thanks,
Rich
-
Thanks for adding it to the roadmap.
From what I can see so far, there haven't been that many changes in the spec. For us mainly the author field changed.
Right now there is no immediate need. It might arise in the future if improvements or fixes are only being made available in the CycloneDX 4.x tooling.
