Generate sbom with research profile (#328)

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

.github/workflows/pythonapp.yml

@@ -19,6 +19,15 @@ jobs:
  uses: actions/setup-python@v5
  with:
  python-version: ${{ matrix.python-version }}
+ - name: Use Node.js
+ uses: actions/setup-node@v4
+ with:
+ node-version: '22.x'
+ - name: Set up JDK
+ uses: actions/setup-java@v4
+ with:
+ distribution: 'temurin'
+ java-version: '21'
  - name: Trim CI agent
  run: |
  chmod +x contrib/free_disk_space.sh
@@ -47,3 +56,10 @@ jobs:
  python depscan/cli.py --purl "pkg:npm/@biomejs/biome@1.8.1"
  env:
  PYTHONIOENCODING: utf-8
+ - name: Generate SBOM with cdxgen
+ run: |
+ npm install -g @cyclonedx/cdxgen
+ cdxgen -t python -o bom.json . -p --profile research --no-recurse
+ python depscan/cli.py --bom bom.json
+ env:
+ PYTHONIOENCODING: utf-8

Dockerfile

@@ -61,8 +61,8 @@ RUN set -e; \
  python${PYTHON_VERSION} python${PYTHON_VERSION}-devel python${PYTHON_VERSION}-pip ruby ruby-devel \
  libX11-devel libXext-devel libXrender-devel libjpeg-turbo-devel diffutils \
  pcre2 which tar zip unzip sudo nodejs ncurses glibc-common glibc-all-langpacks xorg-x11-fonts-75dpi xorg-x11-fonts-Type1 \
- && alternatives --install /usr/bin/python3 python /usr/bin/python${PYTHON_VERSION} 1 \
- && alternatives --install /usr/bin/python3 python3 /usr/bin/python${PYTHON_VERSION} 1 \
+ && alternatives --install /usr/bin/python3 python /usr/bin/python${PYTHON_VERSION} 10 \
+ && alternatives --install /usr/bin/python3 python3 /usr/bin/python${PYTHON_VERSION} 10 \
  && python3 --version \
  && node --version \
  && python3 -m pip install --upgrade pip \