sbomLib

id String

Unique identifier of the SBOM library

references [SbomReference]

List of references associated with this library

triggerPackage String location String locationLink String dependencyType String dependencyLevel Int commit SbomCommit fileName String

appType String ⚠️

Deprecated: This field is not used anymore

language String

Programming language of the library

libId String ⚠️

Deprecated: This field is not used anymore

libraryName String

Official name of the library

libraryVersion String

Version string of the library

license String

License type(s) of the library

appName String

Name of the application that uses the library

location String

Location path where the library is used or referenced

dependencyType String

Type of dependency

source String

Source of the library

appId String

Application identifier using the library

locationLink String

URL link to the location where the library is used

appLink String

URL link to the application

pkgName String

Package name of the library

copyWriteInfo [String]

List of copyright notices associated with the library

copyWriteInfoLink String

Link to the copyright information

libLink String

URL link to the library source or homepage

vulnerabilityCounts IssuesBySeverity

Counts of vulnerabilities by severity

appox Int critical Int high Int medium Int low Int info Int

triggerPackage String

Package that triggered this library in the dependency graph

vulnerabilities [SCAVulnerability]

List of software composition analysis vulnerabilities associated

issueId String oxSeverity String severityNumberFromTool String severityFromTool String cve String cveLink String cvsVer String cvssVersion Float epss Float percentile Float libName String dependencyChain String libVersion String chainDepth Int exploitInTheWild Boolean exploitInTheWildLink String description String dateDiscovered String minorVerWithFix String majorVerWithFix String exploitRequirement String exploitCode String originalSeverity String

latestVersion String

Latest available version of the library

latestVersionDate String

Release date of the latest version

stars Int

Number of stars (popularity metric) on the repository

forks Int

Number of forks on the repository

openIssues Int

Number of open issues in the repository

packageManager String

Package manager name

packageManagerLink String

URL link to the package manager page

maintainers Int

Number of maintainers of the library

contributors Int

Number of contributors to the library

downloads Int

Number of downloads for the library

sourceLink String

Source code link

notPopular Boolean

Indicates if the library is considered not popular

licenseIssue Boolean

Indicates if the library has license compliance issues

malicious Boolean

Indicates if the library is malicious

malwareType String

Malware type

osVname String

Operating system

notMaintained Boolean

Indicates if the library is not actively maintained

isDeprecated Boolean

Indicates if the library is deprecated

notImported Boolean

Deprecated: Indicates if the library is not imported (use other fields)

notUsed Boolean ⚠️

Deprecated: No longer supported

notUpdated Boolean

Indicates if the library version is not up-to-date

dependencyLevel Int

Dependency level in the graph

requestId String

Request identifier associated with the data fetch

licenseLink String

Link to the license details

artifactInSbomLibs [ArtifactInSbomLibs]

List of artifacts that include this library

image String imageLink String imageCreatedAt String sha String os String osVersion String baseImage String baseImageVersion String tag String layer String registryName String source String

sha String

SHA hash associated with the library

maintainersList [Maintainer]

List of maintainers with detailed info

name String email String