cyclonedx2report 0.1.0

CycloneDX JSON to interactive HTML report generator

cyclonedx2report

cyclonedx2report is a Python CLI that converts a CycloneDX JSON SBOM into an interactive HTML report. It is the core used on cyclonedx2report.github.io.

Features

• Converts CycloneDX JSON into self-contained report HTML
• Embeds SBOM payload into URL hash (#pako) for offline usage
• Copies required runtime asset (report-core.js) next to generated report
• Supports report title and template selection

Installation

Install from PyPI:

pip install cyclonedx2report

Install from source (editable):

pip install -e .

CLI Usage

cyclonedx2report INPUT_JSON [-o OUTPUT_HTML] [--title TITLE] [--template {main,light}]

Examples:

cyclonedx2report cyclonedx-example.json
cyclonedx2report cyclonedx-example.json -o report.generated.html --title "My SBOM" --template light

Development

Create distributions locally:

python -m pip install --upgrade build twine
python -m build
python -m twine check dist/*

Upload manually (optional):

python -m twine upload dist/*

Publishing From GitHub Actions

This repository includes:

• .github/workflows/ci.yml for CI checks on PR/push
• .github/workflows/publish.yml for trusted publishing to PyPI on GitHub Release

One-time setup

1. Create a PyPI project named cyclonedx2report (or rename project.name if needed).
2. In PyPI, configure Trusted Publisher for this GitHub repository and workflow .github/workflows/publish.yml.
3. In GitHub, create an environment named pypi (optional but recommended) and allow deployment.

Release flow

1. Bump version in pyproject.toml.
2. Push changes to GitHub.
3. Create a GitHub Release (tag like v0.1.1).
4. publish.yml builds and uploads package to PyPI.

License

MIT