Hello,
I am currently using CycloneDx in my build plans to generate BOMs. I am considering to switch to PgUtil but I am missing a feature: the possibility to exclude test projects and the Nuke build project. Those projects often use vulnerable libraries but I do not want to see them in the reports as they are only used during the build process. Is there already a way to exclude specific csproj from the BOM generation of the analyzed solution? If not, could this be added in future versions?
S
Posts made by sebastien.gamby_3349
-
pgutil exclude test and build projects