sboms
2,942 rows
This data as json, CSV (advanced)
Suggested facets: component_name, package_type
| Link | rowid ▼ | component_name | package_name | version | current_version | package_type | package_url |
|---|---|---|---|---|---|---|---|
| 1 | 1 | clever-microplane.json | github.com/cpuguy83/go-md2man/v2 | 2.0.2 | 2.0.2 | golang | pkg:golang/github.com/cpuguy83/go-md2man/v2@2.0.2 |
| 2 | 2 | clever-microplane.json | github.com/davecgh/go-spew | 1.1.1 | 1.1.1 | golang | pkg:golang/github.com/davecgh/go-spew@1.1.1 |
| 3 | 3 | clever-microplane.json | github.com/facebookgo/ensure | 0.0.0-20200202191622-63f1cf65ac4c | 0.0.0-20200202191622-63f1cf65ac4c | golang | pkg:golang/github.com/facebookgo/ensure@0.0.0-20200202191622-63f1cf65ac4c |
| 4 | 4 | clever-microplane.json | github.com/facebookgo/errgroup | 0.0.0-20160209021148-779c8d7ef069 | 0.0.0-20160209021148-779c8d7ef069 | golang | pkg:golang/github.com/facebookgo/errgroup@0.0.0-20160209021148-779c8d7ef069 |
| 5 | 5 | clever-microplane.json | github.com/facebookgo/stack | 0.0.0-20160209184415-751773369052 | 0.0.0-20160209184415-751773369052 | golang | pkg:golang/github.com/facebookgo/stack@0.0.0-20160209184415-751773369052 |
| 6 | 6 | clever-microplane.json | github.com/facebookgo/subset | 0.0.0-20200203212716-c811ad88dec4 | 0.0.0-20200203212716-c811ad88dec4 | golang | pkg:golang/github.com/facebookgo/subset@0.0.0-20200203212716-c811ad88dec4 |
| 7 | 7 | clever-microplane.json | github.com/fatih/color | 1.15.0 | 1.15.0 | golang | pkg:golang/github.com/fatih/color@1.15.0 |
| 8 | 8 | clever-microplane.json | github.com/golang/protobuf | 1.5.3 | 1.5.3 | golang | pkg:golang/github.com/golang/protobuf@1.5.3 |
| 9 | 9 | clever-microplane.json | github.com/google/go-github/v35 | 35.3.0 | 35.3.0 | golang | pkg:golang/github.com/google/go-github/v35@35.3.0 |
| 10 | 10 | clever-microplane.json | github.com/google/go-querystring | 1.1.0 | 1.1.0 | golang | pkg:golang/github.com/google/go-querystring@1.1.0 |
| 11 | 11 | clever-microplane.json | github.com/hashicorp/go-cleanhttp | 0.5.2 | 0.5.2 | golang | pkg:golang/github.com/hashicorp/go-cleanhttp@0.5.2 |
| 12 | 12 | clever-microplane.json | github.com/hashicorp/go-retryablehttp | 0.7.2 | 0.7.2 | golang | pkg:golang/github.com/hashicorp/go-retryablehttp@0.7.2 |
| 13 | 13 | clever-microplane.json | github.com/inconshreveable/mousetrap | 1.1.0 | 1.1.0 | golang | pkg:golang/github.com/inconshreveable/mousetrap@1.1.0 |
| 14 | 14 | clever-microplane.json | github.com/kr/text | 0.2.0 | 0.2.0 | golang | pkg:golang/github.com/kr/text@0.2.0 |
| 15 | 15 | clever-microplane.json | github.com/mattn/go-colorable | 0.1.13 | 0.1.13 | golang | pkg:golang/github.com/mattn/go-colorable@0.1.13 |
| 16 | 16 | clever-microplane.json | github.com/mattn/go-isatty | 0.0.17 | 0.0.17 | golang | pkg:golang/github.com/mattn/go-isatty@0.0.17 |
| 17 | 17 | clever-microplane.json | github.com/pmezard/go-difflib | 1.0.0 | 1.0.0 | golang | pkg:golang/github.com/pmezard/go-difflib@1.0.0 |
| 18 | 18 | clever-microplane.json | github.com/russross/blackfriday/v2 | 2.1.0 | 2.1.0 | golang | pkg:golang/github.com/russross/blackfriday/v2@2.1.0 |
| 19 | 19 | clever-microplane.json | github.com/spf13/cobra | 1.7.0 | 1.7.0 | golang | pkg:golang/github.com/spf13/cobra@1.7.0 |
| 20 | 20 | clever-microplane.json | github.com/spf13/pflag | 1.0.5 | 1.0.5 | golang | pkg:golang/github.com/spf13/pflag@1.0.5 |
| 21 | 21 | clever-microplane.json | github.com/stretchr/testify | 1.8.4 | 1.8.4 | golang | pkg:golang/github.com/stretchr/testify@1.8.4 |
| 22 | 22 | clever-microplane.json | github.com/waigani/diffparser | 0.0.0-20190828052634-7391f219313d | 0.0.0-20190828052634-7391f219313d | golang | pkg:golang/github.com/waigani/diffparser@0.0.0-20190828052634-7391f219313d |
| 23 | 23 | clever-microplane.json | github.com/xanzy/go-gitlab | 0.91.1 | 0.91.1 | golang | pkg:golang/github.com/xanzy/go-gitlab@0.91.1 |
| 24 | 24 | clever-microplane.json | golang.org/x/crypto | 0.13.0 | 0.13.0 | golang | pkg:golang/golang.org/x/crypto@0.13.0 |
| 25 | 25 | clever-microplane.json | golang.org/x/net | 0.15.0 | 0.15.0 | golang | pkg:golang/golang.org/x/net@0.15.0 |
| 26 | 26 | clever-microplane.json | golang.org/x/oauth2 | 0.12.0 | 0.12.0 | golang | pkg:golang/golang.org/x/oauth2@0.12.0 |
| 27 | 27 | clever-microplane.json | golang.org/x/sync | 0.3.0 | 0.3.0 | golang | pkg:golang/golang.org/x/sync@0.3.0 |
| 28 | 28 | clever-microplane.json | golang.org/x/sys | 0.12.0 | 0.12.0 | golang | pkg:golang/golang.org/x/sys@0.12.0 |
| 29 | 29 | clever-microplane.json | golang.org/x/time | 0.3.0 | 0.3.0 | golang | pkg:golang/golang.org/x/time@0.3.0 |
| 30 | 30 | clever-microplane.json | google.golang.org/appengine | 1.6.7 | 1.6.7 | golang | pkg:golang/google.golang.org/appengine@1.6.7 |
| 31 | 31 | clever-microplane.json | google.golang.org/protobuf | 1.31.0 | 1.31.0 | golang | pkg:golang/google.golang.org/protobuf@1.31.0 |
| 32 | 32 | clever-microplane.json | gopkg.in/check.v1 | 1.0.0-20201130134442-10cb98267c6c | 1.0.0-20201130134442-10cb98267c6c | golang | pkg:golang/gopkg.in/check.v1@1.0.0-20201130134442-10cb98267c6c |
| 33 | 33 | clever-microplane.json | gopkg.in/yaml.v3 | 3.0.1 | 3.0.1 | golang | pkg:golang/gopkg.in/yaml.v3@3.0.1 |
| 34 | 34 | clever-microplane.json | Clever/ci-scripts/.github/workflows/reusable-auto-approve-merge.yml | master | master | githubactions | pkg:githubactions/Clever/ci-scripts/.github/workflows/reusable-auto-approve-merge.yml@master |
| 35 | 35 | deepmap-oapi-codegen.json | github.com/andybalholm/brotli | 1.0.5 | 1.0.5 | golang | pkg:golang/github.com/andybalholm/brotli@1.0.5 |
| 36 | 36 | deepmap-oapi-codegen.json | github.com/apapsch/go-jsonmerge/v2 | 2.0.0 | 2.0.0 | golang | pkg:golang/github.com/apapsch/go-jsonmerge/v2@2.0.0 |
| 37 | 37 | deepmap-oapi-codegen.json | github.com/aymerick/douceur | 0.2.0 | 0.2.0 | golang | pkg:golang/github.com/aymerick/douceur@0.2.0 |
| 38 | 38 | deepmap-oapi-codegen.json | github.com/burntsushi/toml | 1.3.2 | 1.3.2 | golang | pkg:golang/github.com/burntsushi/toml@1.3.2 |
| 39 | 39 | deepmap-oapi-codegen.json | github.com/bytedance/sonic | 1.9.1 | 1.9.1 | golang | pkg:golang/github.com/bytedance/sonic@1.9.1 |
| 40 | 40 | deepmap-oapi-codegen.json | github.com/chenzhuoyu/base64x | 0.0.0-20221115062448-fe3a3abad311 | 0.0.0-20221115062448-fe3a3abad311 | golang | pkg:golang/github.com/chenzhuoyu/base64x@0.0.0-20221115062448-fe3a3abad311 |
| 41 | 41 | deepmap-oapi-codegen.json | github.com/cloudykit/fastprinter | 0.0.0-20200109182630-33d98a066a53 | 0.0.0-20200109182630-33d98a066a53 | golang | pkg:golang/github.com/cloudykit/fastprinter@0.0.0-20200109182630-33d98a066a53 |
| 42 | 42 | deepmap-oapi-codegen.json | github.com/cloudykit/jet/v6 | 6.2.0 | 6.2.0 | golang | pkg:golang/github.com/cloudykit/jet/v6@6.2.0 |
| 43 | 43 | deepmap-oapi-codegen.json | github.com/davecgh/go-spew | 1.1.1 | 1.1.1 | golang | pkg:golang/github.com/davecgh/go-spew@1.1.1 |
| 44 | 44 | deepmap-oapi-codegen.json | github.com/fatih/structs | 1.1.0 | 1.1.0 | golang | pkg:golang/github.com/fatih/structs@1.1.0 |
| 45 | 45 | deepmap-oapi-codegen.json | github.com/flosch/pongo2/v4 | 4.0.2 | 4.0.2 | golang | pkg:golang/github.com/flosch/pongo2/v4@4.0.2 |
| 46 | 46 | deepmap-oapi-codegen.json | github.com/gabriel-vasile/mimetype | 1.4.2 | 1.4.2 | golang | pkg:golang/github.com/gabriel-vasile/mimetype@1.4.2 |
| 47 | 47 | deepmap-oapi-codegen.json | github.com/getkin/kin-openapi | 0.118.0 | 0.118.0 | golang | pkg:golang/github.com/getkin/kin-openapi@0.118.0 |
| 48 | 48 | deepmap-oapi-codegen.json | github.com/gin-contrib/sse | 0.1.0 | 0.1.0 | golang | pkg:golang/github.com/gin-contrib/sse@0.1.0 |
| 49 | 49 | deepmap-oapi-codegen.json | github.com/gin-gonic/gin | 1.9.1 | 1.9.1 | golang | pkg:golang/github.com/gin-gonic/gin@1.9.1 |
| 50 | 50 | deepmap-oapi-codegen.json | github.com/go-chi/chi/v5 | 5.0.10 | 5.0.10 | golang | pkg:golang/github.com/go-chi/chi/v5@5.0.10 |
| 51 | 51 | deepmap-oapi-codegen.json | github.com/go-openapi/jsonpointer | 0.19.5 | 0.19.5 | golang | pkg:golang/github.com/go-openapi/jsonpointer@0.19.5 |
| 52 | 52 | deepmap-oapi-codegen.json | github.com/go-openapi/swag | 0.19.5 | 0.19.5 | golang | pkg:golang/github.com/go-openapi/swag@0.19.5 |
| 53 | 53 | deepmap-oapi-codegen.json | github.com/go-playground/locales | 0.14.1 | 0.14.1 | golang | pkg:golang/github.com/go-playground/locales@0.14.1 |
| 54 | 54 | deepmap-oapi-codegen.json | github.com/go-playground/universal-translator | 0.18.1 | 0.18.1 | golang | pkg:golang/github.com/go-playground/universal-translator@0.18.1 |
| 55 | 55 | deepmap-oapi-codegen.json | github.com/go-playground/validator/v10 | 10.14.0 | 10.14.0 | golang | pkg:golang/github.com/go-playground/validator/v10@10.14.0 |
| 56 | 56 | deepmap-oapi-codegen.json | github.com/goccy/go-json | 0.10.2 | 0.10.2 | golang | pkg:golang/github.com/goccy/go-json@0.10.2 |
| 57 | 57 | deepmap-oapi-codegen.json | github.com/gofiber/fiber/v2 | 2.49.1 | 2.49.1 | golang | pkg:golang/github.com/gofiber/fiber/v2@2.49.1 |
| 58 | 58 | deepmap-oapi-codegen.json | github.com/golang-jwt/jwt | 3.2.2+incompatible | 3.2.2+incompatible | golang | pkg:golang/github.com/golang-jwt/jwt@3.2.2%2Bincompatible |
| 59 | 59 | deepmap-oapi-codegen.json | github.com/golang/snappy | 0.0.4 | 0.0.4 | golang | pkg:golang/github.com/golang/snappy@0.0.4 |
| 60 | 60 | deepmap-oapi-codegen.json | github.com/gomarkdown/markdown | 0.0.0-20230716120725-531d2d74bc12 | 0.0.0-20230716120725-531d2d74bc12 | golang | pkg:golang/github.com/gomarkdown/markdown@0.0.0-20230716120725-531d2d74bc12 |
| 61 | 61 | deepmap-oapi-codegen.json | github.com/google/uuid | 1.3.1 | 1.3.1 | golang | pkg:golang/github.com/google/uuid@1.3.1 |
| 62 | 62 | deepmap-oapi-codegen.json | github.com/gorilla/css | 1.0.0 | 1.0.0 | golang | pkg:golang/github.com/gorilla/css@1.0.0 |
| 63 | 63 | deepmap-oapi-codegen.json | github.com/gorilla/mux | 1.8.0 | 1.8.0 | golang | pkg:golang/github.com/gorilla/mux@1.8.0 |
| 64 | 64 | deepmap-oapi-codegen.json | github.com/invopop/yaml | 0.1.0 | 0.1.0 | golang | pkg:golang/github.com/invopop/yaml@0.1.0 |
| 65 | 65 | deepmap-oapi-codegen.json | github.com/iris-contrib/schema | 0.0.6 | 0.0.6 | golang | pkg:golang/github.com/iris-contrib/schema@0.0.6 |
| 66 | 66 | deepmap-oapi-codegen.json | github.com/joker/jade | 1.1.3 | 1.1.3 | golang | pkg:golang/github.com/joker/jade@1.1.3 |
| 67 | 67 | deepmap-oapi-codegen.json | github.com/josharian/intern | 1.0.0 | 1.0.0 | golang | pkg:golang/github.com/josharian/intern@1.0.0 |
| 68 | 68 | deepmap-oapi-codegen.json | github.com/json-iterator/go | 1.1.12 | 1.1.12 | golang | pkg:golang/github.com/json-iterator/go@1.1.12 |
| 69 | 69 | deepmap-oapi-codegen.json | github.com/kataras/blocks | 0.0.7 | 0.0.7 | golang | pkg:golang/github.com/kataras/blocks@0.0.7 |
| 70 | 70 | deepmap-oapi-codegen.json | github.com/kataras/golog | 0.1.9 | 0.1.9 | golang | pkg:golang/github.com/kataras/golog@0.1.9 |
| 71 | 71 | deepmap-oapi-codegen.json | github.com/kataras/iris/v12 | 12.2.5 | 12.2.5 | golang | pkg:golang/github.com/kataras/iris/v12@12.2.5 |
| 72 | 72 | deepmap-oapi-codegen.json | github.com/kataras/pio | 0.0.12 | 0.0.12 | golang | pkg:golang/github.com/kataras/pio@0.0.12 |
| 73 | 73 | deepmap-oapi-codegen.json | github.com/kataras/sitemap | 0.0.6 | 0.0.6 | golang | pkg:golang/github.com/kataras/sitemap@0.0.6 |
| 74 | 74 | deepmap-oapi-codegen.json | github.com/kataras/tunnel | 0.0.4 | 0.0.4 | golang | pkg:golang/github.com/kataras/tunnel@0.0.4 |
| 75 | 75 | deepmap-oapi-codegen.json | github.com/klauspost/compress | 1.16.7 | 1.16.7 | golang | pkg:golang/github.com/klauspost/compress@1.16.7 |
| 76 | 76 | deepmap-oapi-codegen.json | github.com/klauspost/cpuid/v2 | 2.2.4 | 2.2.4 | golang | pkg:golang/github.com/klauspost/cpuid/v2@2.2.4 |
| 77 | 77 | deepmap-oapi-codegen.json | github.com/labstack/echo/v4 | 4.11.1 | 4.11.1 | golang | pkg:golang/github.com/labstack/echo/v4@4.11.1 |
| 78 | 78 | deepmap-oapi-codegen.json | github.com/labstack/gommon | 0.4.0 | 0.4.0 | golang | pkg:golang/github.com/labstack/gommon@0.4.0 |
| 79 | 79 | deepmap-oapi-codegen.json | github.com/leodido/go-urn | 1.2.4 | 1.2.4 | golang | pkg:golang/github.com/leodido/go-urn@1.2.4 |
| 80 | 80 | deepmap-oapi-codegen.json | github.com/mailgun/raymond/v2 | 2.0.48 | 2.0.48 | golang | pkg:golang/github.com/mailgun/raymond/v2@2.0.48 |
| 81 | 81 | deepmap-oapi-codegen.json | github.com/mailru/easyjson | 0.7.7 | 0.7.7 | golang | pkg:golang/github.com/mailru/easyjson@0.7.7 |
| 82 | 82 | deepmap-oapi-codegen.json | github.com/mattn/go-colorable | 0.1.13 | 0.1.13 | golang | pkg:golang/github.com/mattn/go-colorable@0.1.13 |
| 83 | 83 | deepmap-oapi-codegen.json | github.com/mattn/go-isatty | 0.0.19 | 0.0.19 | golang | pkg:golang/github.com/mattn/go-isatty@0.0.19 |
| 84 | 84 | deepmap-oapi-codegen.json | github.com/mattn/go-runewidth | 0.0.15 | 0.0.15 | golang | pkg:golang/github.com/mattn/go-runewidth@0.0.15 |
| 85 | 85 | deepmap-oapi-codegen.json | github.com/microcosm-cc/bluemonday | 1.0.25 | 1.0.25 | golang | pkg:golang/github.com/microcosm-cc/bluemonday@1.0.25 |
| 86 | 86 | deepmap-oapi-codegen.json | github.com/modern-go/concurrent | 0.0.0-20180306012644-bacd9c7ef1dd | 0.0.0-20180306012644-bacd9c7ef1dd | golang | pkg:golang/github.com/modern-go/concurrent@0.0.0-20180306012644-bacd9c7ef1dd |
| 87 | 87 | deepmap-oapi-codegen.json | github.com/modern-go/reflect2 | 1.0.2 | 1.0.2 | golang | pkg:golang/github.com/modern-go/reflect2@1.0.2 |
| 88 | 88 | deepmap-oapi-codegen.json | github.com/mohae/deepcopy | 0.0.0-20170929034955-c48cc78d4826 | 0.0.0-20170929034955-c48cc78d4826 | golang | pkg:golang/github.com/mohae/deepcopy@0.0.0-20170929034955-c48cc78d4826 |
| 89 | 89 | deepmap-oapi-codegen.json | github.com/pelletier/go-toml/v2 | 2.0.8 | 2.0.8 | golang | pkg:golang/github.com/pelletier/go-toml/v2@2.0.8 |
| 90 | 90 | deepmap-oapi-codegen.json | github.com/perimeterx/marshmallow | 1.1.4 | 1.1.4 | golang | pkg:golang/github.com/perimeterx/marshmallow@1.1.4 |
| 91 | 91 | deepmap-oapi-codegen.json | github.com/pmezard/go-difflib | 1.0.0 | 1.0.0 | golang | pkg:golang/github.com/pmezard/go-difflib@1.0.0 |
| 92 | 92 | deepmap-oapi-codegen.json | github.com/rivo/uniseg | 0.2.0 | 0.2.0 | golang | pkg:golang/github.com/rivo/uniseg@0.2.0 |
| 93 | 93 | deepmap-oapi-codegen.json | github.com/russross/blackfriday/v2 | 2.1.0 | 2.1.0 | golang | pkg:golang/github.com/russross/blackfriday/v2@2.1.0 |
| 94 | 94 | deepmap-oapi-codegen.json | github.com/schollz/closestmatch | 2.1.0+incompatible | 2.1.0+incompatible | golang | pkg:golang/github.com/schollz/closestmatch@2.1.0%2Bincompatible |
| 95 | 95 | deepmap-oapi-codegen.json | github.com/shopify/goreferrer | 0.0.0-20220729165902-8cddb4f5de06 | 0.0.0-20220729165902-8cddb4f5de06 | golang | pkg:golang/github.com/shopify/goreferrer@0.0.0-20220729165902-8cddb4f5de06 |
| 96 | 96 | deepmap-oapi-codegen.json | github.com/sirupsen/logrus | 1.8.1 | 1.8.1 | golang | pkg:golang/github.com/sirupsen/logrus@1.8.1 |
| 97 | 97 | deepmap-oapi-codegen.json | github.com/stretchr/testify | 1.8.4 | 1.8.4 | golang | pkg:golang/github.com/stretchr/testify@1.8.4 |
| 98 | 98 | deepmap-oapi-codegen.json | github.com/tdewolff/minify/v2 | 2.12.8 | 2.12.8 | golang | pkg:golang/github.com/tdewolff/minify/v2@2.12.8 |
| 99 | 99 | deepmap-oapi-codegen.json | github.com/tdewolff/parse/v2 | 2.6.7 | 2.6.7 | golang | pkg:golang/github.com/tdewolff/parse/v2@2.6.7 |
| 100 | 100 | deepmap-oapi-codegen.json | github.com/twitchyliquid64/golang-asm | 0.15.1 | 0.15.1 | golang | pkg:golang/github.com/twitchyliquid64/golang-asm@0.15.1 |
Advanced export
JSON shape: default, array, newline-delimited
CREATE TABLE sboms ( -- component_name is the name of the component that this SBOM describes, as -- can be determined from the metadata. -- -- For instance: -- -- - in SPDX v2.3 this would be `$.name` -- - in CycloneDX v1.4 this would be `$.metadata.component.name` -- -- If no result can be found for the given SBOM, the basename of the filename -- will be used, for instance: -- -- filename: $HOME/Downloads/another-path/sample.spdx.json -- component_name: sample.spdx.json -- -- NOTE that the `component_name` is treated as the unique identifier for a -- given SBOM and is used to deduplicate findings. component_name TEXT NOT NULL, -- what package is this? package_name TEXT NOT NULL, -- version indicates the version of this dependency. -- -- NOTE this could be a version constraint, such as any of: -- -- <=1.3.4,>=1.3.0 -- "~> 0.9" -- latest -- ^2.0.6 -- =1.0.4 -- (NULL) -- -- As well as a specific value, such as: -- -- 1.0.4 -- 10 -- latest -- -- This versioning will be implementation-specific for the `package_manager` -- in use. -- -- NOTE that due to the quality of the tool producing the SBOM, this field -- may be NULL. version TEXT, -- current_version defines the current version that this package's `version` -- resolves to. -- -- If the `version` is an exact version number, such as `1.0.4`, then -- `current_version` will usually be the same value, `1.0.4`. -- -- NOTE that due to the quality of the tool producing the SBOM, this field -- may be NULL, or this may not be an exact value, but a version constraint -- similar to `version`. current_version TEXT, -- package_type most commonly relates to the "Type" field of a Package URL -- (as defined by https://github.com/package-url/purl-spec), which may be a -- package ecosystem or package manager type package_type TEXT NOT NULL, -- package_url is the Package URL (as defined by -- https://github.com/package-url/purl-spec), for the given dependency package_url TEXT NOT NULL, UNIQUE (component_name, package_name, package_type, package_url) ON CONFLICT REPLACE ); CREATE INDEX idx_sboms_package on sboms(package_name, version, current_version, package_type);