kc3-lang/brotli/sbom.cdx.json

Branch : - branch - master - tag - dev/null go/brotli/v1.1.1-rc0 go/cbrotli/v1.1.0 go/cbrotli/v1.1.0.bcr.0 go/cbrotli/v1.1.0.bcr.1 go/cbrotli/v1.1.1-rc0 v0.1.0 v0.2.0 v0.3.0 v0.4.0 v0.6.0 v1.0.0 v1.0.1 v1.0.2 v1.0.3 v1.0.4 v1.0.5 v1.0.6 v1.0.7 v1.0.8 v1.0.9 v1.1.0 v1.1.0rc v1.2.0rc1 v1.2.0rc2

• Show log

  Commit

• Author : Richard Hughes
  Date : 2025-05-27 08:50:34
  Hash : e9668c8c
  Message : Add a SBOM template in CycloneDX format (#1224) Improve supply chain security by including a SBOM file with substituted values. This will be used to construct a composite platform SBOM. Signed-off-by: Richard Hughes <rhughes@redhat.com> Co-authored-by: Eugene Kliuchnikov <eustas.ru@gmail.com>

• sbom.cdx.json

• {
    "_comment": "See https://cyclonedx.org/ for more details",
    "bomFormat": "CycloneDX",
    "specVersion": "1.6",
    "version": 1,
    "metadata": {
      "authors": [
        {
          "name": "@VCS_SBOM_AUTHORS@"
        }
      ]
    },
    "components": [
      {
        "type": "library",
        "bom-ref": "pkg:github/google/brotli@@VCS_TAG@",
        "cpe": "cpe:2.3:a:google:brotli:@VCS_TAG@:*:*:*:*:*:*:*",
        "name": "Brotli",
        "version": "@VCS_VERSION@",
        "description": "A generic-purpose lossless compression algorithm",
        "authors": [
          {
            "name": "@VCS_AUTHORS@"
          }
        ],
        "supplier": {
          "name": "Brotli developers"
        },
        "licenses": [
          {
            "license": {
              "id": "MIT"
            }
          }
        ],
        "externalReferences": [
          {
            "type": "vcs",
            "url": "https://github.com/google/brotli"
          }
        ]
      }
    ]
  }