Last active
December 10, 2023 11:31
-
-
Save satoshi256kbyte/9256d8a23be81163f4210612d66242f0 to your computer and use it in GitHub Desktop.
Trivy ouput SBOM
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "spdxVersion": "SPDX-2.3", | |
| "dataLicense": "CC0-1.0", | |
| "SPDXID": "SPDXRef-DOCUMENT", | |
| "name": ".", | |
| "documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/.-a21f4f50-b246-4874-94fc-dd614897f513", | |
| "creationInfo": { | |
| "creators": [ | |
| "Organization: aquasecurity", | |
| "Tool: trivy-0.48.0" | |
| ], | |
| "created": "2023-12-10T00:53:30Z" | |
| }, | |
| "packages": [ | |
| { | |
| "name": ".", | |
| "SPDXID": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "attributionTexts": [ | |
| "SchemaVersion: 2" | |
| ], | |
| "primaryPackagePurpose": "SOURCE" | |
| }, | |
| { | |
| "name": "blinker", | |
| "SPDXID": "SPDXRef-Package-dbe84e3dd9b6394d", | |
| "versionInfo": "1.7.0", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/blinker@1.7.0" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "click", | |
| "SPDXID": "SPDXRef-Package-779788813985732a", | |
| "versionInfo": "8.1.7", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/click@8.1.7" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "flask", | |
| "SPDXID": "SPDXRef-Package-1900dc034389c35b", | |
| "versionInfo": "3.0.0", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/flask@3.0.0" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "itsdangerous", | |
| "SPDXID": "SPDXRef-Package-5319bd8e09c0486f", | |
| "versionInfo": "2.1.2", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/itsdangerous@2.1.2" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "jinja2", | |
| "SPDXID": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
| "versionInfo": "3.1.2", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/jinja2@3.1.2" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "markupsafe", | |
| "SPDXID": "SPDXRef-Package-2637b3c9d2b42be6", | |
| "versionInfo": "2.1.3", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/markupsafe@2.1.3" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "pipenv", | |
| "SPDXID": "SPDXRef-Application-a7d170ab39c108ae", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "sourceInfo": "Pipfile.lock", | |
| "primaryPackagePurpose": "APPLICATION" | |
| }, | |
| { | |
| "name": "werkzeug", | |
| "SPDXID": "SPDXRef-Package-5e471b4523180902", | |
| "versionInfo": "3.0.1", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/werkzeug@3.0.1" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| } | |
| ], | |
| "relationships": [ | |
| { | |
| "spdxElementId": "SPDXRef-DOCUMENT", | |
| "relatedSpdxElement": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
| "relationshipType": "DESCRIBES" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
| "relatedSpdxElement": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-dbe84e3dd9b6394d", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-779788813985732a", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-1900dc034389c35b", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-5319bd8e09c0486f", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-2637b3c9d2b42be6", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-5e471b4523180902", | |
| "relationshipType": "CONTAINS" | |
| } | |
| ] | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "spdxVersion": "SPDX-2.3", | |
| "dataLicense": "CC0-1.0", | |
| "SPDXID": "SPDXRef-DOCUMENT", | |
| "name": ".", | |
| "documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/.-b3e8a1c0-5f5d-40c5-b8c9-8c4322503e91", | |
| "creationInfo": { | |
| "creators": [ | |
| "Organization: aquasecurity", | |
| "Tool: trivy-0.48.0" | |
| ], | |
| "created": "2023-12-10T00:36:09Z" | |
| }, | |
| "packages": [ | |
| { | |
| "name": ".", | |
| "SPDXID": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "attributionTexts": [ | |
| "SchemaVersion: 2" | |
| ], | |
| "primaryPackagePurpose": "SOURCE" | |
| }, | |
| { | |
| "name": "blinker", | |
| "SPDXID": "SPDXRef-Package-dbe84e3dd9b6394d", | |
| "versionInfo": "1.7.0", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/blinker@1.7.0" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "click", | |
| "SPDXID": "SPDXRef-Package-779788813985732a", | |
| "versionInfo": "8.1.7", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/click@8.1.7" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "flask", | |
| "SPDXID": "SPDXRef-Package-2b8b83ad929a375a", | |
| "versionInfo": "2.3.1", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/flask@2.3.1" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "itsdangerous", | |
| "SPDXID": "SPDXRef-Package-5319bd8e09c0486f", | |
| "versionInfo": "2.1.2", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/itsdangerous@2.1.2" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "jinja2", | |
| "SPDXID": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
| "versionInfo": "3.1.2", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/jinja2@3.1.2" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "markupsafe", | |
| "SPDXID": "SPDXRef-Package-2637b3c9d2b42be6", | |
| "versionInfo": "2.1.3", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/markupsafe@2.1.3" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| }, | |
| { | |
| "name": "pipenv", | |
| "SPDXID": "SPDXRef-Application-a7d170ab39c108ae", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "sourceInfo": "Pipfile.lock", | |
| "primaryPackagePurpose": "APPLICATION" | |
| }, | |
| { | |
| "name": "werkzeug", | |
| "SPDXID": "SPDXRef-Package-5e471b4523180902", | |
| "versionInfo": "3.0.1", | |
| "supplier": "NOASSERTION", | |
| "downloadLocation": "NONE", | |
| "filesAnalyzed": false, | |
| "licenseConcluded": "NONE", | |
| "licenseDeclared": "NONE", | |
| "externalRefs": [ | |
| { | |
| "referenceCategory": "PACKAGE-MANAGER", | |
| "referenceType": "purl", | |
| "referenceLocator": "pkg:pypi/werkzeug@3.0.1" | |
| } | |
| ], | |
| "primaryPackagePurpose": "LIBRARY" | |
| } | |
| ], | |
| "relationships": [ | |
| { | |
| "spdxElementId": "SPDXRef-DOCUMENT", | |
| "relatedSpdxElement": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
| "relationshipType": "DESCRIBES" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
| "relatedSpdxElement": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-dbe84e3dd9b6394d", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-779788813985732a", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-2b8b83ad929a375a", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-5319bd8e09c0486f", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-2637b3c9d2b42be6", | |
| "relationshipType": "CONTAINS" | |
| }, | |
| { | |
| "spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
| "relatedSpdxElement": "SPDXRef-Package-5e471b4523180902", | |
| "relationshipType": "CONTAINS" | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment