Crate vex2pdf

vex2pdf library

Core functionality for converting CycloneDX VEX documents to PDF format.

CycloneDX Compatibility

This library fully supports CycloneDX schema version 1.5 and provides compatibility for version 1.6 documents that only use 1.5 fields. Documents using 1.6-specific fields may not process correctly.

Features

This library provides:

• PDF generation capabilities for CycloneDX VEX documents
• Support for various VEX elements including vulnerabilities, components, and metadata
• Flexible font configuration with environment variable support

Vulnerabilities Section Behavior

By default, the library will:

• Display a “Vulnerabilities” section with vulnerability details when vulnerabilities exist
• Display a “Vulnerabilities” section with a “No Vulnerabilities reported” message when no vulnerabilities exist
• The “No Vulnerabilities” message display can be controlled with the VEX2PDF_NOVULNS_MSG environment variable (set to “false” to hide the section entirely when no vulnerabilities exist)

Font Configuration

Liberation Sans Fonts are embedded and no extra configuration is needed for fonts

Architecture

The library is organized into modules:

• pdf: PDF generation functionality
  • font_config: Font configuration and discovery
  • generator: PDF document generation
• lib_utils: Utilities and data models used in this library and accompanying runnable

Re-exports

pub use cyclonedx_bom as model;

Modules

lib_utils

pdf

Functions

run

Processes CycloneDX VEX documents according to the provided configuration.