Missing version numbers

[sphengle]

When I create a new SBOM with the tool using the add files option I am finding that the version numbers are of the form 0.0.0-. Mostly I'm OK with this but I'm finding that for DLL files it is the same format - rather than listing the actual version of the file. The version of the DLLs is important to me. It's the main reason I need to have an SBOM.

Am I using the tool incorrectly or should I be using a different tool to generate the SBOM?

[carolinexpenn]

I have the same issue - we are using the SBOM primarily to check dll versioning. As a workaround, try adding this to the Commands/Add/AddFilesCommand, starts at line 138.

Edit: slight tweak of the if statement as certain file names were causing exceptions:

                    if (fileComponent.Name.ToLower().EndsWith(".dll"))
                    {
                        FileVersionInfo fileVersionInfo = FileVersionInfo.GetVersionInfo(fullPath);
                        fileComponent.Version = fileVersionInfo.ProductVersion;
                    }
                    else
                    {
                        var shortHash = fileComponent.Hashes.First(h => h.Alg == Hash.HashAlgorithm.SHA_1).Content.Substring(0, 12);
                        fileComponent.Version = $"0.0.0-{shortHash}";
                    }