# getSbomLibraries
{% hint style="warning" %}
**Deprecated**: Use getSbom API instead
{% endhint %}
Fetches a list of libraries found in SBOM scans with detailed information.
### Examples
{% tabs %}
{% tab title="GraphQL" %}
```graphql
query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) {
getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) {
sbomLibs {
id
references {
triggerPackage
location
locationLink
dependencyType
dependencyLevel
commit {
commitedAt
committerName
committerEmail
}
fileName
}
language
libraryName
libraryVersion
license
appName
location
dependencyType
source
appId
locationLink
appLink
pkgName
copyWriteInfo
copyWriteInfoLink
libLink
vulnerabilityCounts {
appox
critical
high
medium
low
info
}
triggerPackage
vulnerabilities {
issueId
oxSeverity
severityNumberFromTool
severityFromTool
cve
cveLink
cvsVer
cvssVersion
epss
percentile
libName
dependencyChain
runtimeStatus
libVersion
chainDepth
exploitInTheWild
exploitInTheWildLink
description
dateDiscovered
minorVerWithFix
majorVerWithFix
exploitRequirement
exploitCode
originalSeverity
}
latestVersion
latestVersionDate
stars
forks
openIssues
packageManager
packageManagerLink
maintainers
contributors
downloads
sourceLink
notPopular
licenseIssue
malicious
malwareType
osVname
notMaintained
isDeprecated
notImported
notUpdated
dependencyLevel
requestId
licenseLink
artifactInSbomLibs {
image
imageLink
imageCreatedAt
sha
os
osVersion
baseImage
baseImageVersion
tag
layer
registryName
source
}
sha
maintainersList {
name
email
}
runtimeStatus
usedVersionReleaseDate
projectDescription
firstSeenDate
}
total
offset
totalFilteredSbomLibs
cursorValue
}
}
```
**Variables**
This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
```json
{
"getApplicationsSbom": {
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
"limit": 100,
"offset": 0,
"search": "example",
"filters": {
"libForSearch": ["example"],
"libraryNames": ["example"],
"libraryVersions": ["example"],
"apps": ["example"],
"appIds": ["30966426"],
"source": ["example"],
"dependencyTypes": ["example"],
"licenses": ["example"],
"packageNames": ["example"],
"copyrights": ["example"],
"severities": ["example"],
"packageInfos": ["example"],
"malicious": ["example"],
"packageManagers": ["example"],
"cve": ["example"],
"languages": ["example"],
"os": ["example"],
"registryName": ["example"],
"baseImage": ["example"],
"image": ["example"],
"reachability": ["example"],
"tags": ["example"],
"imageSource": ["example"],
"licenseIssue": [true],
"sbomImageTags": ["example"],
"runtimeStatus": ["example"]
},
"sbomSearch": [
{
"fieldName": "example",
"value": ["example"]
}
],
"owners": ["example"],
"tagIds": ["example"],
"openItems": ["digest"],
"sort": {
"fields": ["LibraryName"],
"order": ["ASC"]
}
}
}
```
{% endtab %}
{% tab title="cURL" %}
```shell
curl -X POST \
https://api.cloud.ox.security/api/apollo-gateway \
-H 'Content-Type: application/json' \
-H 'Authorization: YOUR_API_TOKEN' \
-d '{
"query": "query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) { getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) { sbomLibs { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus usedVersionReleaseDate projectDescription firstSeenDate } total offset totalFilteredSbomLibs cursorValue } }",
"variables": {
"getApplicationsSbom": {
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
"limit": 100,
"offset": 0,
"search": "example",
"filters": {
"libForSearch": ["example"],
"libraryNames": ["example"],
"libraryVersions": ["example"],
"apps": ["example"],
"appIds": ["30966426"],
"source": ["example"],
"dependencyTypes": ["example"],
"licenses": ["example"],
"packageNames": ["example"],
"copyrights": ["example"],
"severities": ["example"],
"packageInfos": ["example"],
"malicious": ["example"],
"packageManagers": ["example"],
"cve": ["example"],
"languages": ["example"],
"os": ["example"],
"registryName": ["example"],
"baseImage": ["example"],
"image": ["example"],
"reachability": ["example"],
"tags": ["example"],
"imageSource": ["example"],
"licenseIssue": [true],
"sbomImageTags": ["example"],
"runtimeStatus": ["example"]
},
"sbomSearch": [
{
"fieldName": "example",
"value": ["example"]
}
],
"owners": ["example"],
"tagIds": ["example"],
"openItems": ["digest"],
"sort": {
"fields": ["LibraryName"],
"order": ["ASC"]
}
}
}
}'
```
{% endtab %}
{% tab title="Node.js" %}
```javascript
const query = 'query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) { getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) { sbomLibs { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus usedVersionReleaseDate projectDescription firstSeenDate } total offset totalFilteredSbomLibs cursorValue } }';
fetch("https://api.cloud.ox.security/api/apollo-gateway", {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
body: JSON.stringify({
query: query,
// This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
variables: {
getApplicationsSbom: {
scanId: "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
limit: 100,
offset: 0,
search: "example",
filters: {
libForSearch: ["example"],
libraryNames: ["example"],
libraryVersions: ["example"],
apps: ["example"],
appIds: ["30966426"],
source: ["example"],
dependencyTypes: ["example"],
licenses: ["example"],
packageNames: ["example"],
copyrights: ["example"],
severities: ["example"],
packageInfos: ["example"],
malicious: ["example"],
packageManagers: ["example"],
cve: ["example"],
languages: ["example"],
os: ["example"],
registryName: ["example"],
baseImage: ["example"],
image: ["example"],
reachability: ["example"],
tags: ["example"],
imageSource: ["example"],
licenseIssue: [true],
sbomImageTags: ["example"],
runtimeStatus: ["example"]
},
sbomSearch: [
{
fieldName: "example",
value: ["example"]
}
],
owners: ["example"],
tagIds: ["example"],
openItems: ["digest"],
sort: {
fields: ["LibraryName"],
order: ["ASC"]
}
}
}
})
})
.then(response => response.json())
.then(result => console.log(JSON.stringify(result, null, 2)))
.catch(error => console.error('Error:', error));
```
{% endtab %}
{% tab title="Python" %}
```python
import requests
query = 'query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) { getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) { sbomLibs { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus usedVersionReleaseDate projectDescription firstSeenDate } total offset totalFilteredSbomLibs cursorValue } }'
response = requests.post(
"https://api.cloud.ox.security/api/apollo-gateway",
headers={
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
json={
"query": query,
# This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
"variables": {
"getApplicationsSbom": {
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
"limit": 100,
"offset": 0,
"search": "example",
"filters": {
"libForSearch": ["example"],
"libraryNames": ["example"],
"libraryVersions": ["example"],
"apps": ["example"],
"appIds": ["30966426"],
"source": ["example"],
"dependencyTypes": ["example"],
"licenses": ["example"],
"packageNames": ["example"],
"copyrights": ["example"],
"severities": ["example"],
"packageInfos": ["example"],
"malicious": ["example"],
"packageManagers": ["example"],
"cve": ["example"],
"languages": ["example"],
"os": ["example"],
"registryName": ["example"],
"baseImage": ["example"],
"image": ["example"],
"reachability": ["example"],
"tags": ["example"],
"imageSource": ["example"],
"licenseIssue": [true],
"sbomImageTags": ["example"],
"runtimeStatus": ["example"]
},
"sbomSearch": [
{
"fieldName": "example",
"value": ["example"]
}
],
"owners": ["example"],
"tagIds": ["example"],
"openItems": ["digest"],
"sort": {
"fields": ["LibraryName"],
"order": ["ASC"]
}
}
}
}
)
if response.status_code == 200:
result = response.json()
print(result)
else:
print(f"Error: {response.status_code}")
print(response.text)
```
{% endtab %}
{% endtabs %}
### Arguments
You can use the following argument(s) to customize your `getSbomLibraries` query.
| Argument | Description | Supported fields |
| -------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| getApplicationsSbom [`GetApplicationsSbom`](https://docs.ox.security/api-documentation/api-reference/api--sbom/types/inputs/get-applications-sbom) | Parameters for filtering and paginating the SBOM libraries | scanId String
limit Int
offset Int
search String
filters SBOMLibFilters
sbomSearch \[AutoCompleteSearch]
owners \[String]
tagIds \[String]
openItems \[FilterTypes]
sort SbomLibSortInput
|
### Fields
Return type: [`SbomLibResponse`](https://docs.ox.security/api-documentation/api-reference/api--sbom/types/objects/sbom-lib-response)
You can use the following field(s) to specify what information your `getSbomLibraries` query will return. Please note that some fields may have their own subfields.
| Field | Description | Supported fields |
| ------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| sbomLibs [`[SbomLib]`](https://docs.ox.security/api-documentation/api-reference/api--issue/types/objects/sbom-lib) | List of SBOM libraries found in the scan | id String
references \[SbomReference]
appType String ⚠️
language String
libId String ⚠️
libraryName String
libraryVersion String
license String
appName String
location String
dependencyType String
source String
appId String
locationLink String
appLink String
pkgName String
copyWriteInfo \[String]
copyWriteInfoLink String
libLink String
vulnerabilityCounts IssuesBySeverity
triggerPackage String
vulnerabilities \[SCAVulnerability]
latestVersion String
latestVersionDate String
stars Int
forks Int
openIssues Int
packageManager String
packageManagerLink String
maintainers Int
contributors Int
downloads Int
sourceLink String
notPopular Boolean
licenseIssue Boolean
malicious Boolean
malwareType String
osVname String
notMaintained Boolean
isDeprecated Boolean
notImported Boolean
notUsed Boolean ⚠️
notUpdated Boolean
dependencyLevel Int
requestId String
licenseLink String
artifactInSbomLibs \[ArtifactInSbomLibs]
sha String
maintainersList \[Maintainer]
runtimeStatus String
usedVersionReleaseDate String
projectDescription String
firstSeenDate String
|
| total `Int` | Total number of libraries available | |
| offset `Int` | Current pagination offset | |
| totalFilteredSbomLibs `Int` | Total number of libraries after applying filters | |
| cursorValue `String` | A value returned by the API that represents the position of the last item in the previous page. Use this value to paginate efficiently through the results. Pass the cursorValue from the previous API response to fetch the next page of results. If omitted, the API returns the first page. | |