Спецификация программного обеспечения (SBOM)

Используйте REST API для экспорта спецификации программного обеспечения (SBOM) для репозитория.

Export a software bill of materials (SBOM) for a repository.

Exports the software bill of materials (SBOM) for a repository in SPDX JSON format.

Параметры для "Export a software bill of materials (SBOM) for a repository."

Заголовки
Имя, Тип, Описание
`accept` string Setting to `application/vnd.github+json` is recommended.
Параметры пути
Имя, Тип, Описание
`owner` string Обязательно The account owner of the repository. The name is not case sensitive.
`repo` string Обязательно The name of the repository. The name is not case sensitive.

Коды состояния HTTP-ответа для "Export a software bill of materials (SBOM) for a repository."

Код состояния	Описание
`200`	OK
`403`	Forbidden
`404`	Resource not found

Примеры кода для "Export a software bill of materials (SBOM) for a repository."

get/repos/{owner}/{repo}/dependency-graph/sbom

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>"\
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/repos/OWNER/REPO/dependency-graph/sbom

Response

Status: 200

{
  "sbom": {
    "SPDXID": "SPDXRef-DOCUMENT",
    "spdxVersion": "SPDX-2.3",
    "creationInfo": {
      "created": "2021-09-01T00:00:00Z",
      "creators": [
        "Tool: GitHub.com-Dependency-Graph"
      ]
    },
    "name": "github/example",
    "dataLicense": "CC0-1.0",
    "documentDescribes": [
      "github/example"
    ],
    "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456",
    "packages": [
      {
        "SPDXID": "SPDXRef-Package",
        "name": "rubygems:rails",
        "versionInfo": "1.0.0",
        "downloadLocation": "NOASSERTION",
        "filesAnalyzed": false,
        "licenseConcluded": "NOASSERTION",
        "licenseDeclared": "NOASSERTION"
      }
    ]
  }
}