Package org.cyclonedx.maven

Interface ProjectDependenciesConverter

All Known Implementing Classes:

DefaultProjectDependenciesConverter

public interface ProjectDependenciesConverter

Converts a Maven Project with its Maven dependencies resolution graph transformed into a SBOM dependencies list with their dependsOn.

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static class	ProjectDependenciesConverter.BomDependencies
static class	ProjectDependenciesConverter.MavenDependencyScopes

Method Summary

Modifier and Type	Method	Description
void	cleanupBomDependencies(org.cyclonedx.model.Metadata metadata, Map<String,org.cyclonedx.model.Component> components, Map<String,org.cyclonedx.model.Dependency> dependencies)	Check consistency between BOM components and BOM dependencies, and cleanup: drop components found while walking the Maven dependency resolution graph but that are finally not kept in the effective dependencies list.
ProjectDependenciesConverter.BomDependencies	extractBOMDependencies(org.apache.maven.project.MavenProject mavenProject, ProjectDependenciesConverter.MavenDependencyScopes include, String[] excludes)

Method Detail

extractBOMDependencies

ProjectDependenciesConverter.BomDependencies extractBOMDependencies(org.apache.maven.project.MavenProject mavenProject,
                                                                    ProjectDependenciesConverter.MavenDependencyScopes include,
                                                                    String[] excludes)
                                                             throws org.apache.maven.plugin.MojoExecutionException

Throws:

org.apache.maven.plugin.MojoExecutionException

cleanupBomDependencies

void cleanupBomDependencies(org.cyclonedx.model.Metadata metadata,
                            Map<String,org.cyclonedx.model.Component> components,
                            Map<String,org.cyclonedx.model.Dependency> dependencies)

Check consistency between BOM components and BOM dependencies, and cleanup: drop components found while walking the Maven dependency resolution graph but that are finally not kept in the effective dependencies list.