I have created the following call to export the JFrog X-ray SBOM data
curl -u $USER_NAME:$API_KEY -X POST $ARTIFACT_DOMAIN_URL/xray/api/v1/component/exportDetails \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-o "test.json" \
-d '{
"component_name": "docker://test-docker-image:latest",
"package_type": "docker",
"sha_256": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"violations": true,
"include_ignored_violations": false,
"license": true,
"exclude_unknown": false,
"security": true,
"malicious_code": false,
"iac": false,
"services": false,
"applications": false,
"output_format": "json",
"spdx": false,
"cyclonedx": true,
"cyclonedx_format": "json",
"vex": false,
"operational_risk": false
}'
The output is written on the test.json file, but it is in the binary format and I couldn't read it and also couldn't see the results on the terminal.
If I try to see the output on the terminal, I am getting the following waring message
Warning: Binary output can mess up your terminal. Use "--output -" to tell
Warning: curl to output it to your terminal anyway, or consider "--output
Warning: <FILE>" to save to a file.
If anyone knows the solution for this or any other method except from UI to export the X-ray SBOM data, please let me know.
The JFrog REST-API export component details is exporting a zip file (thus a binary file) inside it you'll have all the files that you set as true (In your case cyclonedx)