Last active
December 10, 2023 11:31
-
-
Save satoshi256kbyte/9256d8a23be81163f4210612d66242f0 to your computer and use it in GitHub Desktop.
Trivy ouput SBOM
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"spdxVersion": "SPDX-2.3", | |
"dataLicense": "CC0-1.0", | |
"SPDXID": "SPDXRef-DOCUMENT", | |
"name": ".", | |
"documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/.-a21f4f50-b246-4874-94fc-dd614897f513", | |
"creationInfo": { | |
"creators": [ | |
"Organization: aquasecurity", | |
"Tool: trivy-0.48.0" | |
], | |
"created": "2023-12-10T00:53:30Z" | |
}, | |
"packages": [ | |
{ | |
"name": ".", | |
"SPDXID": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"attributionTexts": [ | |
"SchemaVersion: 2" | |
], | |
"primaryPackagePurpose": "SOURCE" | |
}, | |
{ | |
"name": "blinker", | |
"SPDXID": "SPDXRef-Package-dbe84e3dd9b6394d", | |
"versionInfo": "1.7.0", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/blinker@1.7.0" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "click", | |
"SPDXID": "SPDXRef-Package-779788813985732a", | |
"versionInfo": "8.1.7", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/click@8.1.7" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "flask", | |
"SPDXID": "SPDXRef-Package-1900dc034389c35b", | |
"versionInfo": "3.0.0", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/flask@3.0.0" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "itsdangerous", | |
"SPDXID": "SPDXRef-Package-5319bd8e09c0486f", | |
"versionInfo": "2.1.2", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/itsdangerous@2.1.2" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "jinja2", | |
"SPDXID": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
"versionInfo": "3.1.2", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/jinja2@3.1.2" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "markupsafe", | |
"SPDXID": "SPDXRef-Package-2637b3c9d2b42be6", | |
"versionInfo": "2.1.3", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/markupsafe@2.1.3" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "pipenv", | |
"SPDXID": "SPDXRef-Application-a7d170ab39c108ae", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"sourceInfo": "Pipfile.lock", | |
"primaryPackagePurpose": "APPLICATION" | |
}, | |
{ | |
"name": "werkzeug", | |
"SPDXID": "SPDXRef-Package-5e471b4523180902", | |
"versionInfo": "3.0.1", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/werkzeug@3.0.1" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
} | |
], | |
"relationships": [ | |
{ | |
"spdxElementId": "SPDXRef-DOCUMENT", | |
"relatedSpdxElement": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
"relationshipType": "DESCRIBES" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
"relatedSpdxElement": "SPDXRef-Application-a7d170ab39c108ae", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-dbe84e3dd9b6394d", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-779788813985732a", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-1900dc034389c35b", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-5319bd8e09c0486f", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-2637b3c9d2b42be6", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-5e471b4523180902", | |
"relationshipType": "CONTAINS" | |
} | |
] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"spdxVersion": "SPDX-2.3", | |
"dataLicense": "CC0-1.0", | |
"SPDXID": "SPDXRef-DOCUMENT", | |
"name": ".", | |
"documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/.-b3e8a1c0-5f5d-40c5-b8c9-8c4322503e91", | |
"creationInfo": { | |
"creators": [ | |
"Organization: aquasecurity", | |
"Tool: trivy-0.48.0" | |
], | |
"created": "2023-12-10T00:36:09Z" | |
}, | |
"packages": [ | |
{ | |
"name": ".", | |
"SPDXID": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"attributionTexts": [ | |
"SchemaVersion: 2" | |
], | |
"primaryPackagePurpose": "SOURCE" | |
}, | |
{ | |
"name": "blinker", | |
"SPDXID": "SPDXRef-Package-dbe84e3dd9b6394d", | |
"versionInfo": "1.7.0", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/blinker@1.7.0" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "click", | |
"SPDXID": "SPDXRef-Package-779788813985732a", | |
"versionInfo": "8.1.7", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/click@8.1.7" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "flask", | |
"SPDXID": "SPDXRef-Package-2b8b83ad929a375a", | |
"versionInfo": "2.3.1", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/flask@2.3.1" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "itsdangerous", | |
"SPDXID": "SPDXRef-Package-5319bd8e09c0486f", | |
"versionInfo": "2.1.2", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/itsdangerous@2.1.2" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "jinja2", | |
"SPDXID": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
"versionInfo": "3.1.2", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/jinja2@3.1.2" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "markupsafe", | |
"SPDXID": "SPDXRef-Package-2637b3c9d2b42be6", | |
"versionInfo": "2.1.3", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/markupsafe@2.1.3" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
}, | |
{ | |
"name": "pipenv", | |
"SPDXID": "SPDXRef-Application-a7d170ab39c108ae", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"sourceInfo": "Pipfile.lock", | |
"primaryPackagePurpose": "APPLICATION" | |
}, | |
{ | |
"name": "werkzeug", | |
"SPDXID": "SPDXRef-Package-5e471b4523180902", | |
"versionInfo": "3.0.1", | |
"supplier": "NOASSERTION", | |
"downloadLocation": "NONE", | |
"filesAnalyzed": false, | |
"licenseConcluded": "NONE", | |
"licenseDeclared": "NONE", | |
"externalRefs": [ | |
{ | |
"referenceCategory": "PACKAGE-MANAGER", | |
"referenceType": "purl", | |
"referenceLocator": "pkg:pypi/werkzeug@3.0.1" | |
} | |
], | |
"primaryPackagePurpose": "LIBRARY" | |
} | |
], | |
"relationships": [ | |
{ | |
"spdxElementId": "SPDXRef-DOCUMENT", | |
"relatedSpdxElement": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
"relationshipType": "DESCRIBES" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Filesystem-1465386cfbe4e9c7", | |
"relatedSpdxElement": "SPDXRef-Application-a7d170ab39c108ae", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-dbe84e3dd9b6394d", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-779788813985732a", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-2b8b83ad929a375a", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-5319bd8e09c0486f", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-4a59d7f5d2ad4f39", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-2637b3c9d2b42be6", | |
"relationshipType": "CONTAINS" | |
}, | |
{ | |
"spdxElementId": "SPDXRef-Application-a7d170ab39c108ae", | |
"relatedSpdxElement": "SPDXRef-Package-5e471b4523180902", | |
"relationshipType": "CONTAINS" | |
} | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment