New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generate SBOM during build/release process #3540
Comments
There are several SBOM formats. Apparently, there has not yet been a decision made on which format we will be using. I have found 2 tools that generate SBOM files, Syft and CycloneDX. The first one can generate an SBOM in several formats (including CycloneDX format) and the second one can generate an SBOM in CycloneDX format. Both of them seem to require a definition of a virtual environment, either in a In order to use them I created an empty virtual environment, activated it, ran
|
Here is the SBOM generated by {
"spdxVersion": "SPDX-2.3",
"dataLicense": "CC0-1.0",
"SPDXID": "SPDXRef-DOCUMENT",
"name": "requirements.txt",
"documentNamespace": "https://anchore.com/syft/file/requirements.txt-dcfbadbe-ed1c-43ed-a528-cd15ddecd2e2",
"creationInfo": {
"licenseListVersion": "3.22",
"creators": [
"Organization: Anchore, Inc",
"Tool: syft-0.97.1"
],
"created": "2023-11-22T21:01:15Z"
},
"packages": [
{
"name": "Deprecated",
"SPDXID": "SPDXRef-Package-python-Deprecated-b9349acfea423cc8",
"versionInfo": "1.2.14",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-Deprecated:python-Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-Deprecated:python_Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_Deprecated:python-Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_Deprecated:python_Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:Deprecated:python-Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:Deprecated:python_Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-Deprecated:Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_Deprecated:Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:Deprecated:Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:Deprecated:1.2.14:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "importlib-metadata",
"SPDXID": "SPDXRef-Package-python-importlib-metadata-7c9061ffe414a833",
"versionInfo": "6.8.0",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib-metadata:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib-metadata:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib_metadata:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib_metadata:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib-metadata:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib-metadata:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib_metadata:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib_metadata:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib-metadata:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib-metadata:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib_metadata:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib_metadata:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib-metadata:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib-metadata:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib_metadata:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib_metadata:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-importlib:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_importlib:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:importlib:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:importlib-metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:importlib_metadata:6.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "opentelemetry-api",
"SPDXID": "SPDXRef-Package-python-opentelemetry-api-8a1a0144584a645d",
"versionInfo": "1.21.0",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-api:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-api:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_api:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_api:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-api:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-api:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_api:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_api:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-api:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-api:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_api:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_api:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-api:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-api:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_api:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_api:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:opentelemetry-api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:opentelemetry_api:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "opentelemetry-sdk",
"SPDXID": "SPDXRef-Package-python-opentelemetry-sdk-df22b2101a1f74ab",
"versionInfo": "1.21.0",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-sdk:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-sdk:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_sdk:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_sdk:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-sdk:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-sdk:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_sdk:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_sdk:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-sdk:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-sdk:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_sdk:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_sdk:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-sdk:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-sdk:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_sdk:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_sdk:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:opentelemetry-sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:opentelemetry_sdk:1.21.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "opentelemetry-semantic-conventions",
"SPDXID": "SPDXRef-Package-python-opentelemetry-semantic-conventions-7e02f34adf49fa5d",
"versionInfo": "0.42b0",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic-conventions:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic-conventions:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic_conventions:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic_conventions:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic-conventions:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic-conventions:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic_conventions:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic_conventions:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic-conventions:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic-conventions:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic_conventions:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic_conventions:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic-conventions:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic-conventions:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic_conventions:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic_conventions:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry-semantic:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry_semantic:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry-semantic:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry_semantic:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-opentelemetry:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_opentelemetry:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:opentelemetry:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:opentelemetry-semantic-conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:opentelemetry_semantic_conventions:0.42b0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "typing_extensions",
"SPDXID": "SPDXRef-Package-python-typing-extensions-9976a931403afcc0",
"versionInfo": "4.8.0",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing-extensions:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing-extensions:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing-extensions:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing_extensions:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing_extensions:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing_extensions:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing_extensions:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing_extensions:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing_extensions:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing-extensions:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing-extensions:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing_extensions:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing_extensions:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing_extensions:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing_extensions:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing-extensions:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing-extensions:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing-extensions:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing_extensions:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing_extensions:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing_extensions:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing-extensions:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing-extensions:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing_extensions:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing_extensions:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-typing:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_typing:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing:python-typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing:python-typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing:python_typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing:typing-extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:typing:typing_extensions:4.8.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "wrapt",
"SPDXID": "SPDXRef-Package-python-wrapt-5af9998eaf99d099",
"versionInfo": "1.16.0",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-wrapt:python-wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-wrapt:python_wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_wrapt:python-wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_wrapt:python_wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-wrapt:wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_wrapt:wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:wrapt:python-wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:wrapt:python_wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:wrapt:wrapt:1.16.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "zipp",
"SPDXID": "SPDXRef-Package-python-zipp-e115bd45a84dd182",
"versionInfo": "3.17.0",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"sourceInfo": "acquired package info from installed python package manifest file: /requirements.txt",
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION",
"copyrightText": "NOASSERTION",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-zipp:python-zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-zipp:python_zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_zipp:python-zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_zipp:python_zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python-zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:python_zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python-zipp:zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python_zipp:zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:zipp:python-zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:zipp:python_zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:python:zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "SECURITY",
"referenceType": "cpe23Type",
"referenceLocator": "cpe:2.3:a:zipp:zipp:3.17.0:*:*:*:*:*:*:*"
},
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:pypi/[email protected]"
}
]
},
{
"name": "requirements.txt",
"SPDXID": "SPDXRef-DocumentRoot-File-requirements.txt",
"versionInfo": "sha256:e2e7cc2e58dc0e8df2092ae5d18411b785473ab066d5ea65b28a30820515c45a",
"supplier": "NOASSERTION",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"checksums": [
{
"algorithm": "SHA256",
"checksumValue": "e2e7cc2e58dc0e8df2092ae5d18411b785473ab066d5ea65b28a30820515c45a"
}
],
"primaryPackagePurpose": "FILE"
}
],
"files": [
{
"fileName": "/requirements.txt",
"SPDXID": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
}
],
"licenseConcluded": "NOASSERTION",
"copyrightText": ""
}
],
"relationships": [
{
"spdxElementId": "SPDXRef-Package-python-wrapt-5af9998eaf99d099",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-Package-python-importlib-metadata-7c9061ffe414a833",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-Package-python-opentelemetry-semantic-conventions-7e02f34adf49fa5d",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-Package-python-opentelemetry-api-8a1a0144584a645d",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-Package-python-typing-extensions-9976a931403afcc0",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-Package-python-Deprecated-b9349acfea423cc8",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-Package-python-opentelemetry-sdk-df22b2101a1f74ab",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-Package-python-zipp-e115bd45a84dd182",
"relatedSpdxElement": "SPDXRef-File-requirements.txt-26ca2b7dc025d550",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-Deprecated-b9349acfea423cc8",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-importlib-metadata-7c9061ffe414a833",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-opentelemetry-api-8a1a0144584a645d",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-opentelemetry-sdk-df22b2101a1f74ab",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-opentelemetry-semantic-conventions-7e02f34adf49fa5d",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-typing-extensions-9976a931403afcc0",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-wrapt-5af9998eaf99d099",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DocumentRoot-File-requirements.txt",
"relatedSpdxElement": "SPDXRef-Package-python-zipp-e115bd45a84dd182",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-DOCUMENT",
"relatedSpdxElement": "SPDXRef-DocumentRoot-File-requirements.txt",
"relationshipType": "DESCRIBES"
}
]
} |
Here is the SBOM generated by {
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"serialNumber": "urn:uuid:831d3437-c3aa-460b-a67c-ac55bba11480",
"version": 1,
"metadata": {
"timestamp": "2023-11-22T20:54:32.344373+00:00",
"tools": [
{
"vendor": "CycloneDX",
"name": "cyclonedx-bom",
"version": "3.11.7"
},
{
"vendor": "CycloneDX",
"name": "cyclonedx-python-lib",
"version": "3.1.5",
"externalReferences": [
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions",
"type": "build-system"
},
{
"url": "https://pypi.org/project/cyclonedx-python-lib/",
"type": "distribution"
},
{
"url": "https://cyclonedx.github.io/cyclonedx-python-lib/",
"type": "documentation"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues",
"type": "issue-tracker"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE",
"type": "license"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md",
"type": "release-notes"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib",
"type": "vcs"
},
{
"url": "https://cyclonedx.org",
"type": "website"
}
]
}
]
},
"components": [
{
"type": "library",
"bom-ref": "bb28016f-abf2-4f97-8d7b-af856e89c3c4",
"name": "Deprecated",
"version": "1.2.14",
"purl": "pkg:pypi/[email protected]"
},
{
"type": "library",
"bom-ref": "938920c8-cb46-4645-a0a7-9a8753f37d36",
"name": "importlib-metadata",
"version": "6.8.0",
"purl": "pkg:pypi/[email protected]"
},
{
"type": "library",
"bom-ref": "62690dfb-9008-42af-b2b6-c4991f86e7ec",
"name": "opentelemetry-api",
"version": "1.21.0",
"purl": "pkg:pypi/[email protected]"
},
{
"type": "library",
"bom-ref": "99d46d34-f490-454d-9078-d96aea854831",
"name": "opentelemetry-sdk",
"version": "1.21.0",
"purl": "pkg:pypi/[email protected]"
},
{
"type": "library",
"bom-ref": "82a89dcd-5c1d-4da2-a740-c8998f006af2",
"name": "opentelemetry-semantic-conventions",
"version": "0.42b0",
"purl": "pkg:pypi/[email protected]"
},
{
"type": "library",
"bom-ref": "a60afba2-52fc-43ac-ba68-82b39f0552ac",
"name": "typing_extensions",
"version": "4.8.0",
"purl": "pkg:pypi/[email protected]"
},
{
"type": "library",
"bom-ref": "5755c15d-c3c4-4391-b027-06a09c8622a6",
"name": "wrapt",
"version": "1.16.0",
"purl": "pkg:pypi/[email protected]"
},
{
"type": "library",
"bom-ref": "24f3ceeb-3631-4170-85db-55e3ecca8097",
"name": "zipp",
"version": "3.17.0",
"purl": "pkg:pypi/[email protected]"
}
],
"dependencies": [
{
"ref": "bb28016f-abf2-4f97-8d7b-af856e89c3c4",
"dependsOn": []
},
{
"ref": "938920c8-cb46-4645-a0a7-9a8753f37d36",
"dependsOn": []
},
{
"ref": "62690dfb-9008-42af-b2b6-c4991f86e7ec",
"dependsOn": []
},
{
"ref": "99d46d34-f490-454d-9078-d96aea854831",
"dependsOn": []
},
{
"ref": "82a89dcd-5c1d-4da2-a740-c8998f006af2",
"dependsOn": []
},
{
"ref": "a60afba2-52fc-43ac-ba68-82b39f0552ac",
"dependsOn": []
},
{
"ref": "5755c15d-c3c4-4391-b027-06a09c8622a6",
"dependsOn": []
},
{
"ref": "24f3ceeb-3631-4170-85db-55e3ecca8097",
"dependsOn": []
}
]
} |
As per this.
The text was updated successfully, but these errors were encountered: