Skip to content

Commit d1d445a

Browse files
ShnatselShnatsel
authored
README.md: add auditable2cdx, more consistency in text
1 parent aa48eed commit d1d445a

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

README.md

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -49,15 +49,16 @@ If you're using a shell other than bash, or if using an alias is not an option,
4949

5050
* [cargo audit](https://crates.io/crates/cargo-audit) v0.17.3+ can detect this data in binaries and report on vulnerabilities. See [here](https://github.com/rustsec/rustsec/tree/main/cargo-audit#cargo-audit-bin-subcommand) for details.
5151
* [trivy](https://github.com/aquasecurity/trivy) v0.31.0+ detects this data in binaries and reports on vulnerabilities. See the [v0.31.0 release notes](https://github.com/aquasecurity/trivy/discussions/2716) for an end-to-end example.
52-
* [osv-scanner](https://github.com/google/osv-scanner/) v2.0.1 [reads this data](https://github.com/google/osv-scalibr/pull/377) when scanning container images.
52+
* [osv-scanner](https://github.com/google/osv-scanner/) v2.0.1+ [reads this data](https://github.com/google/osv-scalibr/pull/377) when scanning container images.
5353

5454
#### Recovering the dependency list
5555

5656
* [syft](https://github.com/anchore/syft) v0.53.0+ has experimental support for detecting this data in binaries.
5757
When used on images or directories, Rust audit support must be enabled by adding the `--catalogers all` CLI option, e.g `syft --catalogers all <container image containing Rust auditable binary>`.
58-
* [blint](https://github.com/owasp-dep-scan/blint) v2.1.3 and later can recover this data and output it as CycloneDX.
59-
* [wasm-tools](https://github.com/bytecodealliance/wasm-tools) v1.227.0 and later can recover this data from WebAssembly. Try `wasm-tools metadata show`.
58+
* [blint](https://github.com/owasp-dep-scan/blint) v2.1.3+ can recover this data and output it as CycloneDX.
59+
* [wasm-tools](https://github.com/bytecodealliance/wasm-tools) v1.227.0+ can recover this data from WebAssembly. Try `wasm-tools metadata show`.
6060
* [rust-audit-info](https://crates.io/crates/rust-audit-info) recovers the dependency list from a binary and prints it in JSON.
61+
* [auditable2cdx](https://crates.io/crates/auditable2cdx) recovers the dependency list from a binary and prints it in CycloneDX.
6162

6263
### Can I read this data using a tool written in a different language?
6364

0 commit comments

Comments
 (0)