CLI Reference¶
Complete command-line interface documentation for CBOM Generator.
Usage¶
./build/cbom-generator [OPTIONS] [PATHS...]
If no paths are specified, scans default system locations.
Option Categories¶
| Category | Description |
|---|---|
| Output Options | File output, format selection |
| Privacy Options | GDPR/CCPA compliance controls |
| Display Options | TUI, reports, error logging |
| Performance Options | Threading, determinism, cross-arch |
| Deduplication | Duplicate handling modes |
| Service Discovery | Plugin-based service detection |
| Crypto Registry | Library detection configuration |
| Attestation | SLSA provenance and signing |
Quick Reference¶
# Basic scan
./build/cbom-generator --output cbom.json
# Privacy-compliant scan
./build/cbom-generator --no-personal-data --output cbom.json
# Service discovery with plugins
./build/cbom-generator --discover-services --plugin-dir plugins --output cbom.json
# CycloneDX 1.7 with dependencies
./build/cbom-generator --cyclonedx-spec 1.7 --output cbom.json
# TUI mode with error logging
./build/cbom-generator --tui --error-log errors.log --output cbom.json
# Cross-architecture (Yocto/embedded)
./build/cbom-generator --cross-arch --crypto-registry crypto-registry-yocto.yaml \
--output rootfs-cbom.json /path/to/rootfs
Common Combinations¶
Production Scan¶
./build/cbom-generator \
--no-personal-data \
--discover-services \
--plugin-dir plugins \
--dedup-mode safe \
--format cyclonedx --cyclonedx-spec 1.7 \
--output production-cbom.json
Compliance Audit¶
./build/cbom-generator \
--no-personal-data \
--no-network \
--deterministic \
--pqc-report pqc-migration.txt \
--output audit-cbom.json
Embedded/Yocto Scan¶
ROOTFS=/path/to/yocto/rootfs
./build/cbom-generator \
--cross-arch \
--discover-services \
--plugin-dir plugins/embedded \
--crypto-registry crypto-registry-yocto.yaml \
--format cyclonedx --cyclonedx-spec 1.7 \
--output yocto-cbom.json \
$ROOTFS/usr/bin $ROOTFS/usr/sbin $ROOTFS/usr/lib $ROOTFS/etc