github.com/CycloneDX/sbom-utility@v0.16.0/test/cyclonedx/cdx-1-3-license-list-complex.json (about) 1 { 2 "bomFormat": "CycloneDX", 3 "specVersion": "1.3", 4 "version": 1, 5 "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7e0", 6 "metadata": { 7 "component": { 8 "type": "application", 9 "bom-ref": "pkg:app/sample@1.0.0", 10 "purl": "pkg:app/sample@1.0.0", 11 "name": "ACME Application", 12 "version": "2.0.0", 13 "description": "ACME sample application", 14 "licenses": [ 15 { 16 "license": { 17 "id": "MIT" 18 } 19 }, 20 { 21 "license": { 22 "name": "UFL" 23 } 24 } 25 ] 26 }, 27 "licenses": [ 28 { 29 "license": { 30 "id": "Apache-2.0" 31 } 32 } 33 ] 34 }, 35 "services":[ 36 { 37 "bom-ref": "service:example.com/myservices/foo", 38 "name": "Foo", 39 "description": "Foo service", 40 "endpoints": [ 41 "https://example.com/myservice/foo" 42 ], 43 "licenses": [ 44 { 45 "license": { 46 "id": "ADSL" 47 } 48 } 49 ] 50 }, 51 { 52 "bom-ref": "service:example.com/myservices/bar", 53 "name": "Bar", 54 "description": "Bar service", 55 "endpoints": [ 56 "https://example.com/myservice/bar" 57 ] 58 } 59 ], 60 "components": [ 61 { 62 "type": "library", 63 "bom-ref": "pkg:lib/libraryA@1.0.0", 64 "purl": "pkg:lib/libraryA@1.0.0", 65 "name": "Library A", 66 "version": "1.0.0", 67 "description": "Library A description", 68 "licenses": [ 69 { 70 "license": { 71 "id": "MIT" 72 } 73 }, 74 { 75 "license": { 76 "id": "Apache-2.0", 77 "text": { 78 "contentType": "text/plain", 79 "encoding": "base64", 80 "content": "CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFwYWNoZSBMaWNlbnNlCiAgICAgICAgICAgICAgICAgICAgICAgICAgIFZlcnNpb24gMi4wLCBKYW51YXJ5IDIwMDQKICAgICAgICAgICAgICAgICAgICAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzLwoKICAgVEVSTVMgQU5EIENPTkRJVElPTlMgRk9SIFVTRSwgUkVQUk9EVUNUSU9OLCBBTkQgRElTVFJJQlVUSU9OCgogICAxLiBEZWZpbml0aW9ucy4KCiAgICAgICJMaWNlbnNlIiBzaGFsbCBtZWFuIHRoZSB0ZXJtcyAiW10iCiAgICAgIHJlcGxhY2VkIHdpdGggeW91ciBvd24gaWRlbnRpZnlpbmcgaW5mb3JtYXRpb24uIChEb24ndCBpbmNsdWRlCiAgICAgIHRoZSBicmFja2V0cyEpICBUaGUgdGV4dCBzaG91bGQgYmUgZW5jbG9zZWQgaWBlcm1pc3Npb25zIGFuZAogICBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS4=" 81 }, 82 "url": "https://www.apache.org/licenses/LICENSE-2.0.txt" 83 } 84 } 85 ] 86 }, 87 { 88 "type": "library", 89 "bom-ref": "pkg:lib/libraryB@1.0.0", 90 "purl": "pkg:lib/libraryB@1.0.0", 91 "name": "Library B", 92 "version": "1.0.0", 93 "description": "Library B description.", 94 "licenses": [ 95 { 96 "license": { 97 "name": "Apache", 98 "text": { 99 "contentType": "text/plain", 100 "encoding": "base64", 101 "content": "CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFwYWNoZSBMaWNlbnNlCiAgICAgICAgICAgICAgICAgICAgICAgICAgIFZlcnNpb24gMi4wLCBKYW51YXJ5IDIwMDQKICAgICAgICAgICAgICAgICAgICAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzLwoKICAgVEVSTVMgQU5EIENPTkRJVElPTlMgRk9SIFVTRSwgUkVQUk9EVUNUSU9OLCBBTkQgRElTVFJJQlVUSU9OCgogICAxLiBEZWZpbml0aW9ucy4KCiAgICAgICJMaWNlbnNlIiBzaGFsbCBtZWFuIHRoZSB0ZXJtcyAiW10iCiAgICAgIHJlcGxhY2VkIHdpdGggeW91ciBvd24gaWRlbnRpZnlpbmcgaW5mb3JtYXRpb24uIChEb24ndCBpbmNsdWRlCiAgICAgIHRoZSBicmFja2V0cyEpICBUaGUgdGV4dCBzaG91bGQgYmUgZW5jbG9zZWQgaWBlcm1pc3Npb25zIGFuZAogICBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS4=" 102 }, 103 "url": "https://www.apache.org/licenses/LICENSE-2.0-variant.txt" 104 } 105 }, 106 { 107 "expression": "Apache-2.0 AND (MIT OR BSD-2-Clause)" 108 } 109 ] 110 }, 111 { 112 "type": "library", 113 "bom-ref": "pkg:lib/libraryC@1.0.0", 114 "purl": "pkg:lib/libraryC@1.0.0", 115 "name": "Library C", 116 "version": "1.0.0", 117 "description": "Library C description.", 118 "licenses": [ 119 { 120 "license": { 121 "id": "GPL-2.0-only" 122 } 123 } 124 ] 125 }, 126 { 127 "type": "library", 128 "bom-ref": "pkg:lib/libraryD@1.0.0", 129 "purl": "pkg:lib/libraryD@1.0.0", 130 "name": "Library D", 131 "version": "1.0.0", 132 "description": "Library D description.", 133 "licenses": [ 134 { 135 "license": { 136 "id": "GPL-3.0-only" 137 } 138 } 139 ] 140 }, 141 { 142 "type": "library", 143 "bom-ref": "pkg:lib/libraryE@1.0.0", 144 "purl": "pkg:lib/libraryE@1.0.0", 145 "name": "Library E", 146 "version": "1.0.0", 147 "description": "Library E description.", 148 "licenses": [ 149 { 150 "license": { 151 "id": "Apache-1.0" 152 } 153 } 154 ] 155 }, 156 { 157 "type": "library", 158 "bom-ref": "pkg:lib/libraryF@1.0.0", 159 "purl": "pkg:lib/libraryF@1.0.0", 160 "name": "Library F", 161 "version": "1.0.0", 162 "description": "Library F description.", 163 "licenses": [ 164 { 165 "license": { 166 "id": "Apache-2.0" 167 } 168 } 169 ] 170 }, 171 { 172 "type": "library", 173 "bom-ref": "pkg:lib/libraryG@1.0.0", 174 "purl": "pkg:lib/libraryG@1.0.0", 175 "name": "Library G", 176 "version": "1.0.0", 177 "description": "Library G description.", 178 "licenses": [ 179 { 180 "license": { 181 "name": "CC-BY-NC" 182 } 183 } 184 ] 185 }, 186 { 187 "type": "library", 188 "bom-ref": "pkg:lib/libraryH@1.0.0", 189 "purl": "pkg:lib/libraryH@1.0.0", 190 "name": "Library H", 191 "version": "1.0.0", 192 "description": "Library H description.", 193 "licenses": [ 194 { 195 "license": { 196 "name": "GPL" 197 } 198 } 199 ] 200 }, 201 { 202 "type": "library", 203 "bom-ref": "pkg:lib/libraryJ@1.0.0", 204 "purl": "pkg:lib/libraryJ@1.0.0", 205 "name": "Library J", 206 "version": "1.0.0", 207 "description": "Library J description.", 208 "licenses": [ 209 { 210 "license": { 211 "name": "BSD", 212 "family": "BSD" 213 } 214 }, 215 { 216 "license": { 217 "name": "AGPL", 218 "family": "AGPL" 219 } 220 } 221 ] 222 }, 223 { 224 "type": "library", 225 "bom-ref": "pkg:lib/libraryNoLicense@1.0.0", 226 "purl": "pkg:lib/libraryNoLicense@1.0.0", 227 "name": "Library NoLicense", 228 "version": "1.0.0", 229 "description": "Library \"NoLicense\" description." 230 }, 231 { 232 "type": "library", 233 "bom-ref": "pkg:lib/libraryExpUndefined@1.0.0", 234 "purl": "pkg:lib/libraryExpUndefined@1.0.0", 235 "name": "Library ExpressionUndefined", 236 "version": "1.0.0", 237 "description": "Library with Undefined License Expression Term.", 238 "licenses": [ 239 { 240 "expression": "FOO OR GPL-2.0" 241 }, 242 { 243 "expression": "FOO AND GPL-2.0" 244 }, 245 { 246 "expression": "GPL-2.0 OR BAR" 247 }, 248 { 249 "expression": "GPL-2.0 AND BAR" 250 } 251 ] 252 } 253 ] 254 }