github.com/CycloneDX/sbom-utility@v0.16.0/test/cyclonedx/cdx-1-3-resource-list.json (about) 1 { 2 "bomFormat": "CycloneDX", 3 "specVersion": "1.3", 4 "version": 1, 5 "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7e0", 6 "metadata": { 7 "component": { 8 "type": "application", 9 "bom-ref": "pkg:app/sample@1.0.0", 10 "purl": "pkg:app/sample@1.0.0", 11 "name": "ACME Application", 12 "version": "2.0.0", 13 "description": "ACME sample application", 14 "licenses": [ 15 { 16 "license": { 17 "id": "MIT" 18 } 19 }, 20 { 21 "license": { 22 "name": "UFL" 23 } 24 } 25 ] 26 }, 27 "licenses": [ 28 { 29 "license": { 30 "id": "Apache-2.0" 31 } 32 } 33 ] 34 }, 35 "services":[ 36 { 37 "bom-ref": "service:example.com/myservices/foo", 38 "name": "Foo", 39 "description": "Foo service", 40 "endpoints": [ 41 "https://example.com/myservice/foo" 42 ], 43 "licenses": [ 44 { 45 "license": { 46 "id": "ADSL" 47 } 48 } 49 ] 50 }, 51 { 52 "bom-ref": "service:example.com/myservices/bar", 53 "name": "Bar", 54 "description": "Bar service", 55 "endpoints": [ 56 "https://example.com/myservice/bar" 57 ] 58 } 59 ], 60 "components": [ 61 { 62 "type": "library", 63 "bom-ref": "pkg:lib/libraryA@1.0.0", 64 "purl": "pkg:lib/libraryA@1.0.0", 65 "name": "Library A", 66 "version": "1.0.0", 67 "description": "Library A description", 68 "copyright": "Copyright 2024 Apache Software Foundation", 69 "licenses": [ 70 { 71 "license": { 72 "id": "MIT" 73 } 74 }, 75 { 76 "license": { 77 "id": "Apache-2.0", 78 "text": { 79 "contentType": "text/plain", 80 "encoding": "base64", 81 "content": "CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFwYWNoZSBMaWNlbnNlCiAgICAgICAgICAgICAgICAgICAgICAgICAgIFZlcnNpb24gMi4wLCBKYW51YXJ5IDIwMDQKICAgICAgICAgICAgICAgICAgICAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzLwoKICAgVEVSTVMgQU5EIENPTkRJVElPTlMgRk9SIFVTRSwgUkVQUk9EVUNUSU9OLCBBTkQgRElTVFJJQlVUSU9OCgogICAxLiBEZWZpbml0aW9ucy4KCiAgICAgICJMaWNlbnNlIiBzaGFsbCBtZWFuIHRoZSB0ZXJtcyAiW10iCiAgICAgIHJlcGxhY2VkIHdpdGggeW91ciBvd24gaWRlbnRpZnlpbmcgaW5mb3JtYXRpb24uIChEb24ndCBpbmNsdWRlCiAgICAgIHRoZSBicmFja2V0cyEpICBUaGUgdGV4dCBzaG91bGQgYmUgZW5jbG9zZWQgaWBlcm1pc3Npb25zIGFuZAogICBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS4=" 82 }, 83 "url": "https://www.apache.org/licenses/LICENSE-2.0.txt" 84 } 85 } 86 ] 87 }, 88 { 89 "type": "library", 90 "group": "blue", 91 "bom-ref": "pkg:lib/libraryB@1.0.0", 92 "purl": "pkg:lib/libraryB@1.0.0", 93 "name": "Library B", 94 "version": "1.0.0", 95 "description": "Library B description.", 96 "licenses": [ 97 { 98 "license": { 99 "name": "Apache", 100 "text": { 101 "contentType": "text/plain", 102 "encoding": "base64", 103 "content": "CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFwYWNoZSBMaWNlbnNlCiAgICAgICAgICAgICAgICAgICAgICAgICAgIFZlcnNpb24gMi4wLCBKYW51YXJ5IDIwMDQKICAgICAgICAgICAgICAgICAgICAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzLwoKICAgVEVSTVMgQU5EIENPTkRJVElPTlMgRk9SIFVTRSwgUkVQUk9EVUNUSU9OLCBBTkQgRElTVFJJQlVUSU9OCgogICAxLiBEZWZpbml0aW9ucy4KCiAgICAgICJMaWNlbnNlIiBzaGFsbCBtZWFuIHRoZSB0ZXJtcyAiW10iCiAgICAgIHJlcGxhY2VkIHdpdGggeW91ciBvd24gaWRlbnRpZnlpbmcgaW5mb3JtYXRpb24uIChEb24ndCBpbmNsdWRlCiAgICAgIHRoZSBicmFja2V0cyEpICBUaGUgdGV4dCBzaG91bGQgYmUgZW5jbG9zZWQgaWBlcm1pc3Npb25zIGFuZAogICBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS4=" 104 }, 105 "url": "https://www.apache.org/licenses/LICENSE-2.0-variant.txt" 106 } 107 }, 108 { 109 "expression": "Apache-2.0 AND (MIT OR BSD-2-Clause)" 110 } 111 ] 112 }, 113 { 114 "type": "library", 115 "bom-ref": "pkg:lib/libraryC@1.0.0", 116 "purl": "pkg:lib/libraryC@1.0.0", 117 "name": "Library C", 118 "version": "1.0.0", 119 "description": "Library C description.", 120 "licenses": [ 121 { 122 "license": { 123 "id": "GPL-2.0-only" 124 } 125 } 126 ] 127 }, 128 { 129 "type": "library", 130 "bom-ref": "pkg:lib/libraryD@1.0.0", 131 "purl": "pkg:lib/libraryD@1.0.0", 132 "name": "Library D", 133 "version": "1.0.0", 134 "group": "green", 135 "description": "Library D description.", 136 "licenses": [ 137 { 138 "license": { 139 "id": "GPL-3.0-only" 140 } 141 } 142 ] 143 }, 144 { 145 "type": "library", 146 "group": "blue", 147 "bom-ref": "pkg:lib/libraryE@1.0.0", 148 "purl": "pkg:lib/libraryE@1.0.0", 149 "name": "Library E", 150 "version": "1.0.0", 151 "description": "Library E description.", 152 "copyright": "© E. Enterprises", 153 "licenses": [ 154 { 155 "license": { 156 "id": "Apache-1.0" 157 } 158 } 159 ] 160 }, 161 { 162 "type": "library", 163 "bom-ref": "pkg:lib/libraryF@1.0.0", 164 "purl": "pkg:lib/libraryF@1.0.0", 165 "name": "Library F", 166 "version": "1.0.0", 167 "description": "Library F description.", 168 "licenses": [ 169 { 170 "license": { 171 "id": "Apache-2.0" 172 } 173 } 174 ] 175 }, 176 { 177 "type": "library", 178 "bom-ref": "pkg:lib/libraryG@1.0.0", 179 "purl": "pkg:lib/libraryG@1.0.0", 180 "name": "Library G", 181 "version": "1.0.0", 182 "description": "Library G description.", 183 "licenses": [ 184 { 185 "license": { 186 "name": "CC-BY-NC" 187 } 188 } 189 ] 190 }, 191 { 192 "type": "library", 193 "bom-ref": "pkg:lib/libraryH@1.0.0", 194 "purl": "pkg:lib/libraryH@1.0.0", 195 "name": "Library H", 196 "version": "1.0.0", 197 "description": "Library H description.", 198 "licenses": [ 199 { 200 "license": { 201 "name": "GPL" 202 } 203 } 204 ] 205 }, 206 { 207 "type": "library", 208 "bom-ref": "pkg:lib/libraryJ@1.0.0", 209 "purl": "pkg:lib/libraryJ@1.0.0", 210 "name": "Library J", 211 "version": "1.0.0", 212 "group": "green", 213 "description": "Library J description.", 214 "licenses": [ 215 { 216 "license": { 217 "name": "BSD", 218 "family": "BSD" 219 } 220 }, 221 { 222 "license": { 223 "name": "AGPL", 224 "family": "AGPL" 225 } 226 } 227 ] 228 }, 229 { 230 "type": "library", 231 "bom-ref": "pkg:lib/libraryNoLicense@1.0.0", 232 "purl": "pkg:lib/libraryNoLicense@1.0.0", 233 "name": "Library NoLicense", 234 "version": "1.0.0", 235 "description": "Library \"NoLicense\" description." 236 } 237 ] 238 }