-
Notifications
You must be signed in to change notification settings - Fork 1
/
cbom.json
67 lines (67 loc) · 1.54 KB
/
cbom.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
{
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:e070c598-5874-406f-a7a7-3d6ef5838b7e",
"version": 1,
"metadata": {
"timestamp": "2024-09-20T08:12:07Z",
"tools": {
"services": [
{
"provider": {
"name": "IBM"
},
"name": "Sonar Cryptography Plugin",
"version": "1.3.0"
}
]
},
"properties": [
{
"name": "git-url",
"value": "https://github.com/IBM/cbomkit"
},
{
"name": "git-branch",
"value": "main"
},
{
"name": "commit",
"value": "4243a05538e996073df292e4c9f096e94ed5d9f7"
},
{
"name": "purl",
"value": "pkg:github/IBM/cbomkit"
}
]
},
"components": [
{
"type": "cryptographic-asset",
"bom-ref": "f2f120b1-6f94-4a02-81d1-d490fa538393",
"name": "SHA256",
"evidence": {
"occurrences": [
{
"line": 80,
"offset": 31,
"additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;",
"location": "src/main/java/com/ibm/git/GitService.java"
}
]
},
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"primitive": "hash",
"parameterSetIdentifier": "256",
"cryptoFunctions": [
"digest"
]
},
"oid": "2.16.840.1.101.3.4.2.1"
}
}
],
"dependencies": []
}