BartWullems's blog is a platform for sharing insights and expertise in Microsoft technologies, software development best practices, and programming tutorials. Through articles, code samples, and technical discussions, BartWullems offers insights into building scalable, maintainable, and performant software applications using Microsoft technologies such as .NET, Azure, and Visual Studio. Readers can learn about design patterns, development techniques, and tooling recommendations to enhance their skills and productivity as Microsoft developers. Additionally, BartWullems provides updates on the latest developments in Microsoft ecosystem, community events, and industry trends to help developers stay informed and engaged in the Microsoft developer community.

The Art of Simplicity

After upgrading the dotnet-CycloneDX tool, SBOM pipelines break with a 400 Bad Request error when uploading to Dependency-Track. The root cause is that the tool now generates CycloneDX 1.7 format by default, which Dependency-Track does not yet support. The fix is to explicitly pin the output to CycloneDX 1.6 by passing `--spec-version 1.6` to the CLI until Dependency-Track adds 1.7 support.

CycloneDX 1.7 not yet supported by Dependency-Track