# getSingleSbomLibrary
Gets detailed information about a specific library in an SBOM.
### Examples
{% tabs %}
{% tab title="GraphQL" %}
```graphql
query GetSingleSbomLibrary($getSingleSbomLibraryInput: GetSingleSbomLibraryInput) {
getSingleSbomLibrary(getSingleSbomLibraryInput: $getSingleSbomLibraryInput) {
id
references {
triggerPackage
location
locationLink
dependencyType
dependencyLevel
commit {
commitedAt
committerName
committerEmail
}
fileName
}
language
libraryName
libraryVersion
license
appName
location
dependencyType
source
appId
locationLink
appLink
pkgName
copyWriteInfo
copyWriteInfoLink
libLink
vulnerabilityCounts {
appox
critical
high
medium
low
info
}
triggerPackage
vulnerabilities {
issueId
oxSeverity
severityNumberFromTool
severityFromTool
cve
cveLink
cvsVer
cvssVersion
epss
percentile
libName
dependencyChain
runtimeStatus
libVersion
chainDepth
exploitInTheWild
exploitInTheWildLink
description
dateDiscovered
minorVerWithFix
majorVerWithFix
exploitRequirement
exploitCode
originalSeverity
}
latestVersion
latestVersionDate
stars
forks
openIssues
packageManager
packageManagerLink
maintainers
contributors
downloads
sourceLink
notPopular
licenseIssue
malicious
malwareType
osVname
notMaintained
isDeprecated
notImported
notUpdated
dependencyLevel
requestId
licenseLink
artifactInSbomLibs {
image
imageLink
imageCreatedAt
sha
os
osVersion
baseImage
baseImageVersion
tag
layer
registryName
source
}
sha
maintainersList {
name
email
}
runtimeStatus
usedVersionReleaseDate
projectDescription
firstSeenDate
}
}
```
**Variables**
This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
```json
{
"getSingleSbomLibraryInput": {
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
"appId": "30966426",
"library": "example",
"libraryName": "example",
"triggerPackage": "example",
"libId": "example"
}
}
```
{% endtab %}
{% tab title="cURL" %}
```shell
curl -X POST \
https://api.cloud.ox.security/api/apollo-gateway \
-H 'Content-Type: application/json' \
-H 'Authorization: YOUR_API_TOKEN' \
-d '{
"query": "query GetSingleSbomLibrary($getSingleSbomLibraryInput: GetSingleSbomLibraryInput) { getSingleSbomLibrary(getSingleSbomLibraryInput: $getSingleSbomLibraryInput) { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus usedVersionReleaseDate projectDescription firstSeenDate } }",
"variables": {
"getSingleSbomLibraryInput": {
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
"appId": "30966426",
"library": "example",
"libraryName": "example",
"triggerPackage": "example",
"libId": "example"
}
}
}'
```
{% endtab %}
{% tab title="Node.js" %}
```javascript
const query = 'query GetSingleSbomLibrary($getSingleSbomLibraryInput: GetSingleSbomLibraryInput) { getSingleSbomLibrary(getSingleSbomLibraryInput: $getSingleSbomLibraryInput) { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus usedVersionReleaseDate projectDescription firstSeenDate } }';
fetch("https://api.cloud.ox.security/api/apollo-gateway", {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
body: JSON.stringify({
query: query,
// This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
variables: {
getSingleSbomLibraryInput: {
scanId: "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
appId: "30966426",
library: "example",
libraryName: "example",
triggerPackage: "example",
libId: "example"
}
}
})
})
.then(response => response.json())
.then(result => console.log(JSON.stringify(result, null, 2)))
.catch(error => console.error('Error:', error));
```
{% endtab %}
{% tab title="Python" %}
```python
import requests
query = 'query GetSingleSbomLibrary($getSingleSbomLibraryInput: GetSingleSbomLibraryInput) { getSingleSbomLibrary(getSingleSbomLibraryInput: $getSingleSbomLibraryInput) { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus usedVersionReleaseDate projectDescription firstSeenDate } }'
response = requests.post(
"https://api.cloud.ox.security/api/apollo-gateway",
headers={
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
json={
"query": query,
# This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
"variables": {
"getSingleSbomLibraryInput": {
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
"appId": "30966426",
"library": "example",
"libraryName": "example",
"triggerPackage": "example",
"libId": "example"
}
}
}
)
if response.status_code == 200:
result = response.json()
print(result)
else:
print(f"Error: {response.status_code}")
print(response.text)
```
{% endtab %}
{% endtabs %}
### Arguments
You can use the following argument(s) to customize your `getSingleSbomLibrary` query.
| Argument | Description | Supported fields |
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| getSingleSbomLibraryInput [`GetSingleSbomLibraryInput`](https://docs.ox.security/api-documentation/api-reference/api--sbom/types/inputs/get-single-sbom-library-input) | Parameters identifying which specific library to retrieve | scanId String
appId String
library String
libraryName String
triggerPackage String
libId String
|
### Fields
Return type: [`SbomLib`](https://docs.ox.security/api-documentation/api-reference/api--issue/types/objects/sbom-lib)
You can use the following field(s) to specify what information your `getSingleSbomLibrary` query will return. Please note that some fields may have their own subfields.
| Field | Description | Supported fields |
| ---------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| id `String` | Unique identifier of the SBOM library | |
| references [`[SbomReference]`](https://docs.ox.security/api-documentation/api-reference/api--issue/types/objects/sbom-reference) | List of references associated with this library | triggerPackage String
location String
locationLink String
dependencyType String
dependencyLevel Int
commit SbomCommit
fileName String
|
| ~~appType `String`~~ ⚠️ | **Deprecated**: This field is not used anymore | |
| language `String` | Programming language of the library | |
| ~~libId `String`~~ ⚠️ | **Deprecated**: This field is not used anymore | |
| libraryName `String` | Official name of the library | |
| libraryVersion `String` | Version string of the library | |
| license `String` | License type(s) of the library | |
| appName `String` | Name of the application that uses the library | |
| location `String` | Location path where the library is used or referenced | |
| dependencyType `String` | Type of dependency | |
| source `String` | Source of the library | |
| appId `String` | Application identifier using the library | |
| locationLink `String` | URL link to the location where the library is used | |
| appLink `String` | URL link to the application | |
| pkgName `String` | Package name of the library | |
| copyWriteInfo `[String]` | List of copyright notices associated with the library | |
| copyWriteInfoLink `String` | Link to the copyright information | |
| libLink `String` | URL link to the library source or homepage | |
| vulnerabilityCounts [`IssuesBySeverity`](https://docs.ox.security/api-documentation/api-reference/api--issue/types/objects/issues-by-severity) | Counts of vulnerabilities by severity | appox Int
critical Int
high Int
medium Int
low Int
info Int
|
| triggerPackage `String` | Package that triggered this library in the dependency graph | |
| vulnerabilities [`[SCAVulnerability]`](https://docs.ox.security/api-documentation/api-reference/api--issue/types/objects/sca-vulnerability) | List of software composition analysis vulnerabilities associated | issueId String
oxSeverity String
severityNumberFromTool String
severityFromTool String
cve String
cveLink String
cvsVer String
cvssVersion Float
epss Float
percentile Float
libName String
dependencyChain String
runtimeStatus String
libVersion String
chainDepth Int
exploitInTheWild Boolean
exploitInTheWildLink String
description String
dateDiscovered String
minorVerWithFix String
majorVerWithFix String
exploitRequirement String
exploitCode String
originalSeverity String
|
| latestVersion `String` | Latest available version of the library | |
| latestVersionDate `String` | Release date of the latest version | |
| stars `Int` | Number of stars (popularity metric) on the repository | |
| forks `Int` | Number of forks on the repository | |
| openIssues `Int` | Number of open issues in the repository | |
| packageManager `String` | Package manager name | |
| packageManagerLink `String` | URL link to the package manager page | |
| maintainers `Int` | Number of maintainers of the library | |
| contributors `Int` | Number of contributors to the library | |
| downloads `Int` | Number of downloads for the library | |
| sourceLink `String` | Source code link | |
| notPopular `Boolean` | Indicates if the library is considered not popular | |
| licenseIssue `Boolean` | Indicates if the library has license compliance issues | |
| malicious `Boolean` | Indicates if the library is malicious | |
| malwareType `String` | Malware type | |
| osVname `String` | Operating system | |
| notMaintained `Boolean` | Indicates if the library is not actively maintained | |
| isDeprecated `Boolean` | Indicates if the library is deprecated | |
| notImported `Boolean` | Deprecated: Indicates if the library is not imported (use other fields) | |
| ~~notUsed `Boolean`~~ ⚠️ | **Deprecated**: No longer supported | |
| notUpdated `Boolean` | Indicates if the library version is not up-to-date | |
| dependencyLevel `Int` | Dependency level in the graph | |
| requestId `String` | Request identifier associated with the data fetch | |
| licenseLink `String` | Link to the license details | |
| artifactInSbomLibs [`[ArtifactInSbomLibs]`](https://docs.ox.security/api-documentation/api-reference/api--issue/types/objects/artifact-in-sbom-libs) | List of artifacts that include this library | image String
imageLink String
imageCreatedAt String
sha String
os String
osVersion String
baseImage String
baseImageVersion String
tag String
layer String
registryName String
source String
|
| sha `String` | SHA hash associated with the library | |
| maintainersList [`[Maintainer]`](https://docs.ox.security/api-documentation/api-reference/api--issue/types/objects/maintainer) | List of maintainers with detailed info | name String
email String
|
| runtimeStatus `String` | Runtime status of the library indicating eBPF loading state | |
| usedVersionReleaseDate `String` | Used version release date | |
| projectDescription `String` | Project description | |
| firstSeenDate `String` | Date when this library was first seen by the scanner | |