WpBom

WordPress integration with OWASP CycloneDX and Dependency Track

Author:	Vitor Guia (profile at wordpress.org)
WordPress version required:	4.7
WordPress version tested:	6.4.3
Plugin version:	1.2.1
Added to WordPress repository:	20-12-2021
Last updated:	08-03-2024
Rating, %:	0
Rated by:	0
Plugin URI:	https://gitlab.com/sepbit/wpbom
Total downloads:	1 827
Active installs:	100+
Click to start download

This package is compatible with WordPress Coding Standards, PSR-4.

WordPress integration with OWASP CycloneDX and Dependency Track

Features:

Automatic BOM submission to OWASP Dependency Track
Manual BOM submission to OWASP Dependency Track
Download BOM JSON in OWASP CycloneDX format

Screenshots
FAQ

Add CPE from BOM

add_filter(
    'wpbom_bom',
    function( $bom ) {
        foreach ( $bom['components'] as $key => $component ) {
            if ( 'woocommerce' === $component['name'] ) {
                $bom['components'][ $key ]['cpe'] = 'cpe:2.3:a:woocommerce:woocommerce:' . $component['version'] . ':*:*:*:*:wordpress:*:*';
            }
        }
        return $bom;
    }
);

We are building a feature to automate this

Remove component from BOM

add_filter(
    'wpbom_bom',
    function( $bom ) {
        foreach ( $bom['components'] as $key => $component ) {
            if ( 'woocommerce' === $component['name'] ) {
                unset( $bom['components'][ $key ] );
            }
        }
        return $bom;
    }
);

Add component from BOM

add_filter(
    'wpbom_bom',
    function( $bom ) {
        global $wpdb;
        $db_server_info      = explode( '-', $wpdb->db_server_info() );
        $bom['components'][] = array(
            'type'     => 'application',
            'bom-ref'  => 'pkg:deb/debian/' . strtolower( $db_server_info[2] ) . '@' . $db_server_info[1],
            'name'     => strtolower( $db_server_info[2] ),
            'version'  => $db_server_info[1],
            'purl'     => 'pkg:deb/debian/' . strtolower( $db_server_info[2] ) . '@' . $db_server_info[1],
            'licenses' => array(
                array(
                    'license' => array(
                        'id' => 'GPL-2.0-or-later',
                    ),
                ),
            ),
        );
        return $bom;
    }
);

Hide FAQ

ChangeLog

Choose right WordPress plugin from thousands others in a moment

1.2.0

1.1.0

1.0.2

1.0.0