Skip to content

Adds SBOM generation using cmake-sbom #1066

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gittiver merged 5 commits into from
Aug 17, 2025
Merged

Adds SBOM generation using cmake-sbom #1066

gittiver merged 5 commits into from
Aug 17, 2025

Conversation

@StefanoPetrilli
Copy link
Contributor

@StefanoPetrilli StefanoPetrilli commented Jul 27, 2025
edited
Loading

This PR implements the generation of SBOM as request in #1043.

It adds https://github.com/DEMCON/cmake-sbom as a submodule and uses it to create the SBOM file which contains all the dependencies.
To control whether to generate the SBOM or not, a new compilation flag has been added.

@StefanoPetrilli StefanoPetrilli changed the title Adds SBOM Adds SBOM generation using cmake-sbom Jul 27, 2025
@StefanoPetrilli StefanoPetrilli marked this pull request as ready for review July 27, 2025 16:13
@StefanoPetrilli
Copy link
Contributor Author

StefanoPetrilli commented Jul 27, 2025

I set specific dependency versions in the CMake but I noticed that this breaks macos and windows builds. I will need to fix it

@StefanoPetrilli StefanoPetrilli mentioned this pull request Aug 1, 2025
Closed
@StefanoPetrilli
Copy link
Contributor Author

StefanoPetrilli commented Aug 2, 2025

The PR is now ready for review 😄

gittiver
gittiver reviewed Aug 7, 2025
View reviewed changes
gittiver
gittiver reviewed Aug 7, 2025
View reviewed changes
gittiver
gittiver requested changes Aug 7, 2025
View reviewed changes
Copy link
Member

@gittiver gittiver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wanted to request to use cpm instead of a git submodule and there seems to be a small typo.

@gittiver gittiver linked an issue Aug 17, 2025 that may be closed by this pull request
SBOM (software bill of materials) for Crow #1043
Closed
@gittiver gittiver merged commit fd9d24a into CrowCpp:master Aug 17, 2025
13 checks passed
aumuell added a commit to aumuell/Crow that referenced this pull request Aug 22, 2025
@aumuell
include CPM via CMAKE_CURRENT_SOURCE_DIR
5d7871e 
This again allows crow to be used as a CMake subproject.
This broke in CrowCpp#1066, as CMAKE_SOURCE_DIR refers to the directory of the
root CMakeLists.txt. And when being used from a toplevel project,
${CMAKE_SOURCE_DIR}/cmake/CPM.cmake would not refer to crow's copy of CPM.
This change makes the reference relative to the location of the
CMakeLists.txt requiring the include.
@aumuell aumuell mentioned this pull request Aug 22, 2025
Merged
gittiver pushed a commit that referenced this pull request Aug 24, 2025
@aumuell @gittiver
include CPM via CMAKE_CURRENT_SOURCE_DIR
105a290 
This again allows crow to be used as a CMake subproject.
This broke in #1066, as CMAKE_SOURCE_DIR refers to the directory of the
root CMakeLists.txt. And when being used from a toplevel project,
${CMAKE_SOURCE_DIR}/cmake/CPM.cmake would not refer to crow's copy of CPM.
This change makes the reference relative to the location of the
CMakeLists.txt requiring the include.
@StefanoPetrilli StefanoPetrilli deleted the adds-sbom branch August 30, 2025 15:02
@BrewTestBot BrewTestBot mentioned this pull request Oct 12, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gittiver gittiver gittiver approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

SBOM (software bill of materials) for Crow

2 participants

@StefanoPetrilli @gittiver