github.com/CycloneDX/sbom-utility@v0.16.0/test/cyclonedx/1.6/specification/valid-bom-1.6.json (about) 1 { 2 "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", 3 "bomFormat": "CycloneDX", 4 "specVersion": "1.6", 5 "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", 6 "version": 1, 7 "metadata": { 8 "timestamp": "2020-04-13T20:20:39+00:00", 9 "tools": [ 10 { 11 "vendor": "Awesome Vendor", 12 "name": "Awesome Tool", 13 "version": "9.1.2", 14 "hashes": [ 15 { 16 "alg": "SHA-1", 17 "content": "25ed8e31b995bb927966616df2a42b979a2717f0" 18 }, 19 { 20 "alg": "SHA-256", 21 "content": "a74f733635a19aefb1f73e5947cef59cd7440c6952ef0f03d09d974274cbd6df" 22 } 23 ] 24 } 25 ], 26 "authors": [ 27 { 28 "name": "Samantha Wright", 29 "email": "samantha.wright@example.com", 30 "phone": "800-555-1212" 31 } 32 ], 33 "component": { 34 "type": "application", 35 "authors": [ 36 { 37 "name": "J. Hozier", 38 "email": "jhozier@example.com" 39 } 40 ], 41 "name": "Acme Application", 42 "version": "9.1.1", 43 "swid": { 44 "tagId": "swidgen-242eb18a-503e-ca37-393b-cf156ef09691_9.1.1", 45 "name": "Acme Application", 46 "version": "9.1.1", 47 "text": { 48 "contentType": "text/xml", 49 "encoding": "base64", 50 "content": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==" 51 } 52 } 53 }, 54 "manufacturer": { 55 "name": "Acme, Inc.", 56 "url": [ 57 "https://example.com" 58 ], 59 "contact": [ 60 { 61 "name": "Acme Professional Services", 62 "email": "professional.services@example.com" 63 } 64 ] 65 }, 66 "supplier": { 67 "name": "Acme, Inc.", 68 "url": [ 69 "https://example.com" 70 ], 71 "contact": [ 72 { 73 "name": "Acme Distribution", 74 "email": "distribution@example.com" 75 } 76 ] 77 } 78 }, 79 "components": [ 80 { 81 "bom-ref": "pkg:npm/acme/component@1.0.0", 82 "type": "library", 83 "author": "J. Doe et al.", 84 "publisher": "Acme Inc", 85 "group": "com.acme", 86 "name": "tomcat-catalina", 87 "version": "9.0.14", 88 "hashes": [ 89 { 90 "alg": "MD5", 91 "content": "3942447fac867ae5cdb3229b658f4d48" 92 }, 93 { 94 "alg": "SHA-1", 95 "content": "e6b1000b94e835ffd37f4c6dcbdad43f4b48a02a" 96 }, 97 { 98 "alg": "SHA-256", 99 "content": "f498a8ff2dd007e29c2074f5e4b01a9a01775c3ff3aeaf6906ea503bc5791b7b" 100 }, 101 { 102 "alg": "SHA-512", 103 "content": "e8f33e424f3f4ed6db76a482fde1a5298970e442c531729119e37991884bdffab4f9426b7ee11fccd074eeda0634d71697d6f88a460dce0ac8d627a29f7d1282" 104 } 105 ], 106 "licenses": [ 107 { 108 "license": { 109 "id": "Apache-2.0", 110 "text": { 111 "contentType": "text/plain", 112 "encoding": "base64", 113 "content": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==" 114 }, 115 "url": "https://www.apache.org/licenses/LICENSE-2.0.txt" 116 } 117 } 118 ], 119 "purl": "pkg:npm/acme/component@1.0.0", 120 "pedigree": { 121 "ancestors": [ 122 { 123 "type": "library", 124 "publisher": "Acme Inc", 125 "group": "com.acme", 126 "name": "tomcat-catalina", 127 "version": "9.0.14" 128 }, 129 { 130 "type": "library", 131 "publisher": "Acme Inc", 132 "group": "com.acme", 133 "name": "tomcat-catalina", 134 "version": "9.0.14" 135 } 136 ], 137 "commits": [ 138 { 139 "uid": "7638417db6d59f3c431d3e1f261cc637155684cd", 140 "url": "https://location/to/7638417db6d59f3c431d3e1f261cc637155684cd", 141 "author": { 142 "timestamp": "2018-11-13T20:20:39+00:00", 143 "name": "me", 144 "email": "me@acme.org" 145 } 146 } 147 ] 148 } 149 }, 150 { 151 "type": "library", 152 "supplier": { 153 "name": "Example, Inc.", 154 "url": [ 155 "https://example.com", 156 "https://example.net" 157 ], 158 "contact": [ 159 { 160 "name": "Example Support AMER Distribution", 161 "email": "support@example.com", 162 "phone": "800-555-1212" 163 }, 164 { 165 "name": "Example Support APAC", 166 "email": "support@apac.example.com" 167 } 168 ] 169 }, 170 "manufacturer": { 171 "name": "Example-2, Inc.", 172 "url": [ 173 "https://example.org" 174 ], 175 "contact": [ 176 { 177 "email": "support@example.org" 178 } 179 ] 180 }, 181 "authors": [ 182 { 183 "name": "Anthony Edward Stark", 184 "phone": "555-212-970-4133", 185 "email": "ironman@example.org" 186 }, 187 { 188 "name": "Peter Benjamin Parker", 189 "email": "spiderman@example.org" 190 } 191 ], 192 "pedigree": { 193 "ancestors": [ 194 { 195 } 196 ] 197 }, 198 "group": "org.example", 199 "name": "mylibrary", 200 "version": "1.0.0", 201 "scope": "required" 202 } 203 ], 204 "dependencies": [ 205 { 206 "ref": "pkg:npm/acme/component@1.0.0", 207 "dependsOn": [ 208 "pkg:npm/acme/component@1.0.0" 209 ] 210 } 211 ] 212 }