Skip to content

Commit

Permalink
#12 Added example bom conforming to v1.1-DRAFT-1 spec
Browse files Browse the repository at this point in the history
  • Loading branch information
@stevespringett
stevespringett committed Feb 7, 2019
1 parent 6d2c34e commit 1531b3d
Showing 1 changed file with 105 additions and 0 deletions.
105 changes: 105 additions & 0 deletions examples/1.1-draft/bom.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
<?xml version="1.0" encoding="UTF-8"?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.1" version="1" serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79">
<components>
<component type="application">
<publisher>Acme Inc</publisher>
<group>com.acme</group>
<name>tomcat-catalina</name>
<version>9.0.14</version>
<hashes>
<hash alg="MD5">3942447fac867ae5cdb3229b658f4d48</hash>
<hash alg="SHA-1">e6b1000b94e835ffd37f4c6dcbdad43f4b48a02a</hash>
<hash alg="SHA-256">f498a8ff2dd007e29c2074f5e4b01a9a01775c3ff3aeaf6906ea503bc5791b7b</hash>
<hash alg="SHA-512">e8f33e424f3f4ed6db76a482fde1a5298970e442c531729119e37991884bdffab4f9426b7ee11fccd074eeda0634d71697d6f88a460dce0ac8d627a29f7d1282</hash>
</hashes>
<licenses>
<license>
<id>Apache-2.0</id>
</license>
</licenses>
<purl>pkg:maven/com.acme/[email protected]?packaging=jar</purl>
<pedigree>
<ancestors>
<component type="application">
<publisher>Apache</publisher>
<group>org.apache.tomcat</group>
<name>tomcat-catalina</name>
<version>9.0.14</version>
<licenses>
<license>
<id>Apache-2.0</id>
</license>
</licenses>
<purl>pkg:maven/org.apache.tomcat/[email protected]?packaging=jar</purl>
</component>
</ancestors>
<commits>
<commit>
<uid>7638417db6d59f3c431d3e1f261cc637155684cd</uid>
<url>https://location/to/7638417db6d59f3c431d3e1f261cc637155684cd</url>
<author>
<timestamp>2018-11-07T22:01:45Z</timestamp>
<name>John Doe</name>
<email>[email protected]</email>
</author>
<committer>
<timestamp>2018-11-07T22:01:45Z</timestamp>
<name>John Doe</name>
<email>[email protected]</email>
</committer>
<message>Initial commit</message>
</commit>
</commits>
</pedigree>
</component>
<component type="library">
<group>org.example</group>
<name>mylibrary</name>
<version>1.0.0</version>
<scope>required</scope>
<hashes>
<hash alg="MD5">2342c2eaf1feb9a80195dbaddf2ebaa3</hash>
<hash alg="SHA-1">68b78babe00a053f9e35ec6a2d9080f5b90122b0</hash>
<hash alg="SHA-256">708f1f53b41f11f02d12a11b1a38d2905d47b099afc71a0f1124ef8582ec7313</hash>
<hash alg="SHA-512">387b7ae16b9cae45f830671541539bf544202faae5aac544a93b7b0a04f5f846fa2f4e81ef3f1677e13aed7496408a441f5657ab6d54423e56bf6f38da124aef</hash>
</hashes>
<licenses>
<license>
<id>Apache-2.0</id>
</license>
</licenses>
<copyright>Copyright Example Inc. All rights reserved.</copyright>
<cpe>cpe:/a:example:myapplication:1.0.0</cpe>
<purl>pkg:maven/com.example/[email protected]?packaging=war</purl>
<modified>false</modified>
</component>
<component type="framework">
<group>com.example</group>
<name>myframework</name>
<version>1.0.0</version>
<description>Example Inc, enterprise framework</description>
<scope>required</scope>
<hashes>
<hash alg="MD5">cfcb0b64aacd2f81c1cd546543de965a</hash>
<hash alg="SHA-1">7fbeef2346c45d565c3341f037bce4e088af8a52</hash>
<hash alg="SHA-256">0384db3cec55d86a6898c489fdb75a8e75fe66b26639634983d2f3c3558493d1</hash>
<hash alg="SHA-512">854909cdb9e3ca183056837144aab6d8069b377bd66445087cc7157bf0c3f620418705dd0b83bdc2f73a508c2bdb316ca1809d75ee6972d02023a3e7dd655c79</hash>
</hashes>
<licenses>
<license>
<id>Apache-2.0</id>
</license>
</licenses>
<purl>pkg:maven/com.example/[email protected]?packaging=war</purl>
<modified>false</modified>
<externalReferences>
<reference type="website">
<url>http://example.com/myframework</url>
</reference>
<reference type="advisories">
<url>http://example.com/security</url>
</reference>
</externalReferences>
</component>
</components>
</bom>

0 comments on commit 1531b3d

Please sign in to comment.