protected void execute(Set<Component> components, Set<Dependency> dependencies) throws MojoExecutionException{
    try {
        getLog().info(MESSAGE_CREATING_BOM);
        final Bom bom = new Bom();
        if (CycloneDxSchema.Version.VERSION_10 != schemaVersion() && includeBomSerialNumber) {
            bom.setSerialNumber("urn:uuid:" + UUID.randomUUID().toString());
        }
        bom.setComponents(new ArrayList<>(components));
        if (getIncludeDependencyGraph() && dependencies != null && !dependencies.isEmpty()) {
            bom.setDependencies(new ArrayList<>(dependencies));
        }
        final BomGenerator bomGenerator = BomGeneratorFactory.create(schemaVersion(), bom);
        bomGenerator.generate();
        final String bomString = bomGenerator.toXmlString();
        final File bomFile = new File(project.getBasedir(), "target/bom.xml");
        getLog().info(MESSAGE_WRITING_BOM);
        FileUtils.write(bomFile, bomString, Charset.forName("UTF-8"), false);

        getLog().info(MESSAGE_VALIDATING_BOM);
        final BomParser bomParser = new BomParser();
        if (!bomParser.isValid(bomFile, schemaVersion())) {
            throw new MojoExecutionException(MESSAGE_VALIDATION_FAILURE);
        }
        if (!skipAttach) {
            mavenProjectHelper.attachArtifact(project, "xml", "cyclonedx", bomFile);
        }
    } catch (ParserConfigurationException | TransformerException | IOException | SAXException e) {
        throw new MojoExecutionException("An error occurred executing " + this.getClass().getName() + ": " + e.getMessage(), e);
    }
}
 

/**
 * Converts a parsed Bom to a native list of Dependency-Track component object
 * @param bom the Bom to convert
 * @return a List of Component object
 */
public static List<Component> convert(final QueryManager qm, final Bom bom) {
    final List<Component> components = new ArrayList<>();
    for (int i = 0; i < bom.getComponents().size(); i++) {
        final org.cyclonedx.model.Component cycloneDxComponent = bom.getComponents().get(i);
        if (cycloneDxComponent != null) {
            components.add(convert(qm, cycloneDxComponent));
        }
    }
    return components;
}
 

@GET
@Path("/cyclonedx/project/{uuid}")
@Produces(MediaType.APPLICATION_XML)
@ApiOperation(
        value = "Returns dependency metadata for a project in CycloneDX format",
        response = String.class
)
@ApiResponses(value = {
        @ApiResponse(code = 401, message = "Unauthorized"),
        @ApiResponse(code = 404, message = "The project could not be found")
})
@PermissionRequired(Permissions.Constants.PORTFOLIO_MANAGEMENT)
public Response exportProjectAsCycloneDx (
        @ApiParam(value = "The UUID of the project to export", required = true)
        @PathParam("uuid") String uuid) {
    try (QueryManager qm = new QueryManager()) {
        final Project project = qm.getObjectByUuid(Project.class, uuid);
        if (project == null) {
            return Response.status(Response.Status.NOT_FOUND).entity("The project could not be found.").build();
        }
        final List<Dependency> dependencies = qm.getAllDependencies(project);
        final List<Component> components = dependencies.stream().map(Dependency::getComponent).collect(Collectors.toList());
        final List<org.cyclonedx.model.Component> cycloneComponents = components.stream().map(component -> ModelConverter.convert(qm, component)).collect(Collectors.toList());
        try {
            Bom bom = new Bom();
            bom.setSerialNumber("url:uuid:" + UUID.randomUUID().toString());
            bom.setVersion(1);
            bom.setComponents(cycloneComponents);
            final BomGenerator bomGenerator = BomGeneratorFactory.create(CycloneDxSchema.Version.VERSION_11, bom);
            bomGenerator.generate();
            return Response.ok(bomGenerator.toXmlString()).build();
        } catch (ParserConfigurationException | TransformerException e) {
            LOGGER.error("An error occurred while building a CycloneDX document for export", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }
}
 

@GET
@Path("/cyclonedx/components")
@Produces(MediaType.APPLICATION_XML)
@ApiOperation(
        value = "Returns dependency metadata for all components in CycloneDX format",
        response = String.class
)
@ApiResponses(value = {
        @ApiResponse(code = 401, message = "Unauthorized")
})
@PermissionRequired(Permissions.Constants.PORTFOLIO_MANAGEMENT)
public Response exportComponentsAsCycloneDx () {
    try (QueryManager qm = new QueryManager()) {
        final List<Component> components = qm.getAllComponents();
        final List<org.cyclonedx.model.Component> cycloneComponents = components.stream().map(component -> ModelConverter.convert(qm, component)).collect(Collectors.toList());
        try {
            Bom bom = new Bom();
            bom.setSerialNumber("url:uuid:" + UUID.randomUUID().toString());
            bom.setVersion(1);
            bom.setComponents(cycloneComponents);
            final BomGenerator bomGenerator = BomGeneratorFactory.create(CycloneDxSchema.Version.VERSION_11, bom);
            bomGenerator.generate();
            return Response.ok(bomGenerator.toXmlString()).build();
        } catch (ParserConfigurationException | TransformerException e) {
            LOGGER.error("An error occurred while building a CycloneDX document for export", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }
}
 

@GET
@Path("/cyclonedx/component/{uuid}")
@Produces(MediaType.APPLICATION_XML)
@ApiOperation(
        value = "Returns dependency metadata for a specific component in CycloneDX format",
        response = String.class
)
@ApiResponses(value = {
        @ApiResponse(code = 401, message = "Unauthorized"),
        @ApiResponse(code = 404, message = "The component could not be found")
})
@PermissionRequired(Permissions.Constants.PORTFOLIO_MANAGEMENT)
public Response exportComponentAsCycloneDx (
        @ApiParam(value = "The UUID of the project to export", required = true)
        @PathParam("uuid") String uuid) {
    try (QueryManager qm = new QueryManager()) {
        final Component component = qm.getObjectByUuid(Component.class, uuid);
        if (component == null) {
            return Response.status(Response.Status.NOT_FOUND).entity("The component could not be found.").build();
        }
        try {
            final List<org.cyclonedx.model.Component> cycloneComponents = new ArrayList<>();
            cycloneComponents.add(ModelConverter.convert(qm, component));
            Bom bom = new Bom();
            bom.setSerialNumber("url:uuid:" + UUID.randomUUID().toString());
            bom.setVersion(1);
            bom.setComponents(cycloneComponents);
            final BomGenerator bomGenerator = BomGeneratorFactory.create(CycloneDxSchema.Version.VERSION_11, bom);
            bomGenerator.generate();
            return Response.ok(bomGenerator.toXmlString()).build();
        } catch (ParserConfigurationException | TransformerException e) {
            LOGGER.error("An error occurred while building a CycloneDX document for export", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }
}