github.com/CycloneDX/sbom-utility@v0.16.0/examples/cyclonedx/usecases/cdx-use-case-pedigree.json

github.com/CycloneDX/sbom-utility@v0.16.0/examples/cyclonedx/usecases/cdx-use-case-pedigree.json (about)

     1  {
     2      "bomFormat":"CycloneDX",
     3      "specVersion":"1.4",
     4      "serialNumber":"urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",
     5      "version":1,
     6      "components":[
     7          {
     8              "type":"library",
     9              "group":"com.acme",
    10              "name":"sample-library",
    11              "version":"1.0.0",
    12              "pedigree":{
    13                  "ancestors":[
    14                      {
    15                          "type":"library",
    16                          "group":"org.example",
    17                          "name":"sample-library",
    18                          "version":"1.0.0"
    19                      }
    20                  ],
    21                  "commits":[
    22                      {
    23                          "uid":"7638417db6d59f3c431d3e1f261cc637155684cd",
    24                          "url":"https://location/to/7638417db6d59f3c431d3e1f261cc637155684cd",
    25                          "author":{
    26                              "timestamp":"2018-11-13T20:20:39+00:00",
    27                              "name":"John Doe",
    28                              "email":"john.doe@example.com"
    29                          },
    30                          "committer":{
    31                              "timestamp":"2018-11-13T20:20:39+00:00",
    32                              "name":"Jane Doe",
    33                              "email":"jane.doe@example.com"
    34                          },
    35                          "message":"Initial commit"
    36                      }
    37                  ],
    38                  "patches":[
    39                      {
    40                          "type":"unofficial",
    41                          "diff":{
    42                              "text":{
    43                                  "contentType":"text/plain",
    44                                  "encoding":"base64",
    45                                  "content":"ZXhhbXBsZSBkaWZmIGhlcmU="
    46                              },
    47                              "url":"uri/to/changes.diff"
    48                          },
    49                          "resolves":[
    50                              {
    51                                  "type":"enhancement",
    52                                  "id":"JIRA-17240",
    53                                  "description":"Great new feature that does something",
    54                                  "source":{
    55                                      "name":"Acme Org",
    56                                      "url":"https://issues.acme.org/17240"
    57                                  }
    58                              }
    59                          ]
    60                      },
    61                      {
    62                          "type":"backport",
    63                          "diff":{
    64                              "text":{
    65                                  "contentType":"text/plain",
    66                                  "encoding":"base64",
    67                                  "content":"ZXhhbXBsZSBkaWZmIGhlcmU="
    68                              },
    69                              "url":"uri/to/changes.diff"
    70                          },
    71                          "resolves":[
    72                              {
    73                                  "type":"security",
    74                                  "id":"CVE-2019-9997",
    75                                  "name":"CVE-2019-9997",
    76                                  "description":"Issue description here",
    77                                  "source":{
    78                                      "name":"NVD",
    79                                      "url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9997"
    80                                  },
    81                                  "references":[
    82                                      "http://some/other/site-1",
    83                                      "http://some/other/site-2"
    84                                  ]
    85                              },
    86                              {
    87                                  "type":"defect",
    88                                  "id":"JIRA-874319",
    89                                  "description":"Description of fix here",
    90                                  "source":{
    91                                      "name":"Example Org",
    92                                      "url":"https://issues.example.org/874319"
    93                                  },
    94                                  "references":[
    95                                      "http://some/other/site-1",
    96                                      "http://some/other/site-2"
    97                                  ]
    98                              }
    99                          ]
   100                      }
   101                  ]
   102              }
   103          }
   104      ]
   105  }