Integrate the CycloneDX Python tool with Vulnetix. Generate a CycloneDX SBOM from your Python project using uv or pip, then upload to Vulnetix.
CLI toolCycloneDX
Install & scan
$ # Recommended: run without global install uv run --with cyclonedx-bom cyclonedx-py --help # Or install globally uv tool install cyclonedx-bom # or: pip install cyclonedx-bom $ uv run --with cyclonedx-bom cyclonedx-py environment --output-format JSON --output-file bom.json
Run CycloneDX Python in CI
Scan on every push and upload the results to Vulnetix:
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install dependencies
run: pip install -r requirements.txt
- name: Generate CycloneDX SBOM
run: uv run --with cyclonedx-bom cyclonedx-py environment --output-format JSON --output-file bom.json
- name: Upload to Vulnetix
run: vulnetix upload --file bom.json
Centralise CycloneDX Python results in Vulnetix
Upload CycloneDX Python CycloneDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.