# 安装 cdxgen

查看 cdxgen 的安装路径、可执行文件、元数据以及面向 AI 代理工作流的安全说明。

## 安装

```sh
sudo av install brew:cdxgen
```

其他安装命令:

### macOS

- Homebrew (100%):

```sh
brew install cdxgen
```

  证据: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#cdxgen
```

  证据: nixpkgs package indexes: pkgs/by-name/cd/cdxgen/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

### Windows

- winget (92%):

```sh
winget install --id CycloneDX.cdxgen -e
```

  证据: Windows Package Manager source index: CycloneDX.cdxgen from https://cdn.winget.microsoft.com/cache/source.msix

## 软件包事实

- **软件包键:** brew:cdxgen
- **软件包管理器:** Homebrew
- **软件包管理器页面:** <https://formulae.brew.sh/formula/cdxgen>
- **版本:** 12.4.3
- **来源摘要:** Creates CycloneDX Software Bill-of-Materials (SBOM) for projects
- **主页:** <https://github.com/CycloneDX/cdxgen>
- **仓库:** <https://github.com/CycloneDX/cdxgen>
- **许可证:** Apache-2.0
- **源码归档:** <https://registry.npmjs.org/@cyclonedx/cdxgen/-/cdxgen-12.4.3.tgz>
- **更新:** 2026-05-24T01:42:11Z
- **生成来源:** 2026-05-26T17:25:59+00:00

## 可执行文件

- cbom (cli)
- cdx-audit (cli)
- cdx-convert (cli)
- cdx-sign (cli)
- cdx-validate (cli)
- cdx-verify (cli)
- cdxgen (cli)
- cdxgen-secure (cli)
- cdxi (cli)
- evinse (cli)
- hbom (cli)
- obom (cli)
- saasbom (cli)
- spdxgen (cli)
- cbom (别名)
- cdx-audit (别名)
- cdx-convert (别名)
- cdx-sign (别名)
- cdx-validate (别名)
- cdx-verify (别名)
- cdxgen (别名)
- cdxgen-secure (别名)
- cdxi (别名)
- evinse (别名)
- hbom (别名)
- obom (别名)
- saasbom (别名)
- spdxgen (别名)

## 依赖

- dotnet
- node
- ruby
- sourcekitten
- trivy

## 安装行为

- post-install 钩子: 未定义
- Bottle: 可用 于 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## 新鲜度

- 页面生成时间: 2026-05-26
- 管理器版本: 12.4.3
- 管理器更新时间: 2026-05-24
- 本地数据: ok
- 上游仓库: https://github.com/CycloneDX/cdxgen
- info: No cached GitHub release or tag data was available.

## 安全说明

no executable entrypoint in the package index.

- **Geiger 风险:** green / low
- no executable entrypoint in the package index

## 相关链接

- [node](https://www.automicvault.com/pkg/brew/node/) - Runtime dependency declared by Homebrew.
- [ruby](https://www.automicvault.com/pkg/brew/ruby/) - Runtime dependency declared by Homebrew.
- [trivy](https://www.automicvault.com/pkg/brew/trivy/) - Runtime dependency declared by Homebrew.
- [sourcekitten](https://www.automicvault.com/pkg/brew/sourcekitten/) - Runtime dependency declared by Homebrew.
- [dotnet](https://www.automicvault.com/pkg/brew/dotnet/) - Runtime dependency declared by Homebrew.

## 来源

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- package version freshness
- package relationship graph
- cross-ecosystem install command graph