getSbomLibraries

Fetches a list of libraries found in SBOM scans with detailed information.

Examples

query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) {
  getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) {
    sbomLibs {
      id
      references {
        triggerPackage
        location
        locationLink
        dependencyType
        dependencyLevel
        commit {
          commitedAt
          committerName
          committerEmail
        }
        fileName
      }
      language
      libraryName
      libraryVersion
      license
      appName
      location
      dependencyType
      source
      appId
      locationLink
      appLink
      pkgName
      copyWriteInfo
      copyWriteInfoLink
      libLink
      vulnerabilityCounts {
        appox
        critical
        high
        medium
        low
        info
      }
      triggerPackage
      vulnerabilities {
        issueId
        oxSeverity
        severityNumberFromTool
        severityFromTool
        cve
        cveLink
        cvsVer
        cvssVersion
        epss
        percentile
        libName
        dependencyChain
        libVersion
        chainDepth
        exploitInTheWild
        exploitInTheWildLink
        description
        dateDiscovered
        minorVerWithFix
        majorVerWithFix
        exploitRequirement
        exploitCode
        originalSeverity
      }
      latestVersion
      latestVersionDate
      stars
      forks
      openIssues
      packageManager
      packageManagerLink
      maintainers
      contributors
      downloads
      sourceLink
      notPopular
      licenseIssue
      malicious
      malwareType
      osVname
      notMaintained
      isDeprecated
      notImported
      notUpdated
      dependencyLevel
      requestId
      licenseLink
      artifactInSbomLibs {
        image
        imageLink
        imageCreatedAt
        sha
        os
        osVersion
        baseImage
        baseImageVersion
        tag
        layer
        registryName
        source
      }
      sha
      maintainersList {
        name
        email
      }
    }
    total
    offset
    totalFilteredSbomLibs
  }
}

Variables

This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.

{
  "getApplicationsSbom": {
    "scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
    "limit": 100,
    "offset": 0,
    "search": "example",
    "filters": {
      "libraryNames": ["example"],
      "libraryVersions": ["example"],
      "apps": ["example"],
      "appIds": ["30966426"],
      "source": ["example"],
      "dependencyTypes": ["example"],
      "licenses": ["example"],
      "packageNames": ["example"],
      "copyrights": ["example"],
      "severities": ["example"],
      "packageInfos": ["example"],
      "malicious": ["example"],
      "packageManagers": ["example"],
      "cve": ["example"],
      "languages": ["example"],
      "os": ["example"],
      "registryName": ["example"],
      "baseImage": ["example"],
      "image": ["example"],
      "reachability": ["example"],
      "tags": ["example"],
      "imageSource": ["example"],
      "licenseIssue": [true]
    },
    "sbomSearch": [
      {
        "fieldName": "example",
        "value": ["example"]
      }
    ],
    "owners": ["example"],
    "tagIds": ["example"],
    "openItems": ["digest"],
    "sort": {
      "fields": ["LibraryName"],
      "order": ["ASC"]
    }
  }
}

curl -X POST \
https://api.cloud.ox.security/api/apollo-gateway \
-H 'Content-Type: application/json' \
-H 'Authorization: YOUR_API_TOKEN' \
-d '{
 "query": "query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) { getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) { sbomLibs { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } } total offset totalFilteredSbomLibs } }",
 "variables": {
    "getApplicationsSbom": {
      "scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
      "limit": 100,
      "offset": 0,
      "search": "example",
      "filters": {
        "libraryNames": ["example"],
        "libraryVersions": ["example"],
        "apps": ["example"],
        "appIds": ["30966426"],
        "source": ["example"],
        "dependencyTypes": ["example"],
        "licenses": ["example"],
        "packageNames": ["example"],
        "copyrights": ["example"],
        "severities": ["example"],
        "packageInfos": ["example"],
        "malicious": ["example"],
        "packageManagers": ["example"],
        "cve": ["example"],
        "languages": ["example"],
        "os": ["example"],
        "registryName": ["example"],
        "baseImage": ["example"],
        "image": ["example"],
        "reachability": ["example"],
        "tags": ["example"],
        "imageSource": ["example"],
        "licenseIssue": [true]
      },
      "sbomSearch": [
        {
          "fieldName": "example",
          "value": ["example"]
        }
      ],
      "owners": ["example"],
      "tagIds": ["example"],
      "openItems": ["digest"],
      "sort": {
        "fields": ["LibraryName"],
        "order": ["ASC"]
      }
    }
  }
}'

const query = 'query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) { getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) { sbomLibs { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } } total offset totalFilteredSbomLibs } }';

fetch("https://api.cloud.ox.security/api/apollo-gateway", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": "YOUR_API_TOKEN"
  },
  body: JSON.stringify({
    query: query,
    // This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
    variables: {
      getApplicationsSbom: {
        scanId: "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
        limit: 100,
        offset: 0,
        search: "example",
        filters: {
          libraryNames: ["example"],
          libraryVersions: ["example"],
          apps: ["example"],
          appIds: ["30966426"],
          source: ["example"],
          dependencyTypes: ["example"],
          licenses: ["example"],
          packageNames: ["example"],
          copyrights: ["example"],
          severities: ["example"],
          packageInfos: ["example"],
          malicious: ["example"],
          packageManagers: ["example"],
          cve: ["example"],
          languages: ["example"],
          os: ["example"],
          registryName: ["example"],
          baseImage: ["example"],
          image: ["example"],
          reachability: ["example"],
          tags: ["example"],
          imageSource: ["example"],
          licenseIssue: [true]
        },
        sbomSearch: [
          {
            fieldName: "example",
            value: ["example"]
          }
        ],
        owners: ["example"],
        tagIds: ["example"],
        openItems: ["digest"],
        sort: {
          fields: ["LibraryName"],
          order: ["ASC"]
        }
      }
    }
  })
})
.then(response => response.json())
.then(result => console.log(JSON.stringify(result, null, 2)))
.catch(error => console.error('Error:', error));

import requests

query = 'query GetSbomLibraries($getApplicationsSbom: GetApplicationsSbom) { getSbomLibraries(getApplicationsSbom: $getApplicationsSbom) { sbomLibs { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } } total offset totalFilteredSbomLibs } }'

response = requests.post(
  "https://api.cloud.ox.security/api/apollo-gateway",
  headers={
    "Content-Type": "application/json",
    "Authorization": "YOUR_API_TOKEN"
  },
  json={
    "query": query,
    # This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
    "variables": {
      "getApplicationsSbom": {
        "scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
        "limit": 100,
        "offset": 0,
        "search": "example",
        "filters": {
          "libraryNames": ["example"],
          "libraryVersions": ["example"],
          "apps": ["example"],
          "appIds": ["30966426"],
          "source": ["example"],
          "dependencyTypes": ["example"],
          "licenses": ["example"],
          "packageNames": ["example"],
          "copyrights": ["example"],
          "severities": ["example"],
          "packageInfos": ["example"],
          "malicious": ["example"],
          "packageManagers": ["example"],
          "cve": ["example"],
          "languages": ["example"],
          "os": ["example"],
          "registryName": ["example"],
          "baseImage": ["example"],
          "image": ["example"],
          "reachability": ["example"],
          "tags": ["example"],
          "imageSource": ["example"],
          "licenseIssue": [true]
        },
        "sbomSearch": [
          {
            "fieldName": "example",
            "value": ["example"]
          }
        ],
        "owners": ["example"],
        "tagIds": ["example"],
        "openItems": ["digest"],
        "sort": {
          "fields": ["LibraryName"],
          "order": ["ASC"]
        }
      }
    }
  }
)

if response.status_code == 200:
    result = response.json()
    print(result)
else:
    print(f"Error: {response.status_code}")
    print(response.text)

Arguments

You can use the following argument(s) to customize your getSbomLibraries query.

Argument

Description

Supported fields

getApplicationsSbom GetApplicationsSbom

Parameters for filtering and paginating the SBOM libraries

scanId String limit Int offset Int search String filters SBOMLibFilters sbomSearch [AutoCompleteSearch] owners [String] tagIds [String] openItems [FilterTypes] sort SbomLibSortInput

Fields

Return type: SbomLibResponse

You can use the following field(s) to specify what information your getSbomLibraries query will return. Please note that some fields may have their own subfields.

Field

Description

Supported fields

sbomLibs [SbomLib]

List of SBOM libraries found in the scan

id String references [SbomReference] appType String language String libId String libraryName String libraryVersion String license String appName String location String dependencyType String source String appId String locationLink String appLink String pkgName String copyWriteInfo [String] copyWriteInfoLink String libLink String vulnerabilityCounts IssuesBySeverity triggerPackage String vulnerabilities [SCAVulnerability] latestVersion String latestVersionDate String stars Int forks Int openIssues Int packageManager String packageManagerLink String maintainers Int contributors Int downloads Int sourceLink String notPopular Boolean licenseIssue Boolean malicious Boolean malwareType String osVname String notMaintained Boolean isDeprecated Boolean notImported Boolean notUsed Boolean notUpdated Boolean dependencyLevel Int requestId String licenseLink String artifactInSbomLibs [ArtifactInSbomLibs] sha String maintainersList [Maintainer]

total Int

Total number of libraries available

offset Int

Current pagination offset

totalFilteredSbomLibs Int

Total number of libraries after applying filters

Last updated 10 days ago