1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
<?xml version="1.0"?>
<bom serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79" version="1" xmlns="http://cyclonedx.org/schema/bom/1.4">
<components>
<component type="library">
<name>acme-example</name>
<version>1.0.0</version>
<releaseNotes>
<type>major</type>
<title>My new release</title>
<featuredImage>https://example.com/featured_image.png</featuredImage>
<socialImage>https://example.com/social_image.png</socialImage>
<description>The main description of your release</description>
<timestamp>2021-09-17T00:51:18+00:00</timestamp>
<aliases>
<alias>Project Orion</alias>
</aliases>
<tags>
<tag>CMS</tag>
<tag>SEO</tag>
<tag>wysiwyg</tag>
</tags>
<resolves>
<issue type="enhancement">
<id>JIRA-17240</id>
<description>Great new feature that does something</description>
<source>
<name>Acme Org</name>
<url>https://issues.example.com/17240</url>
</source>
</issue>
<issue type="security">
<id>CVE-2019-9997</id>
<name>CVE-2019-9997</name>
<description>A security issue was fixed that did something bad</description>
<source>
<name>NVD</name>
<url>https://nvd.nist.gov/vuln/detail/CVE-2019-9997</url>
</source>
<references>
<url>http://some/other/site-1</url>
<url>http://some/other/site-2</url>
</references>
</issue>
</resolves>
<notes>
<note>
<locale>en-US</locale>
<text content-type="text/html" encoding="base64">PGgxPk15IG5ldyByZWxlYXNlPGgxPgo8cD5SZWxlYXNlIG5vdGVzIGhlcmU8L3A+</text>
</note>
<note>
<locale>es</locale>
<text content-type="text/html" encoding="base64">PGgxPk15IG5ldyByZWxlYXNlPGgxPgo8cD5Ob3RhcyBkZSBsYSB2ZXJzacOzbiBhcXXDrTwvcD4=</text>
</note>
</notes>
</releaseNotes>
</component>
</components>
<services>
<service bom-ref="b2a46a4b-8367-4bae-9820-95557cfe03a8">
<provider>
<name>Partner Org</name>
<url>https://partner.org</url>
<contact>
<name>Support</name>
<email>support@partner</email>
<phone>800-555-1212</phone>
</contact>
</provider>
<group>org.partner</group>
<name>Stock ticker service</name>
<version>2020-Q2</version>
<description>Provides real-time stock information</description>
<endpoints>
<endpoint>https://partner.org/api/v1/lookup</endpoint>
<endpoint>https://partner.org/api/v1/stock</endpoint>
</endpoints>
<authenticated>true</authenticated>
<x-trust-boundary>true</x-trust-boundary>
<data>
<classification flow="inbound">PII</classification>
<classification flow="outbound">PIFI</classification>
<classification flow="bi-directional">pubic</classification>
<classification flow="unknown">partner-data</classification>
</data>
<licenses>
<license>
<name>Partner license</name>
</license>
</licenses>
<externalReferences>
<reference type="website">
<url>http://partner.org</url>
</reference>
<reference type="documentation">
<url>http://api.partner.org/swagger</url>
</reference>
</externalReferences>
<releaseNotes>
<type>major</type>
<title>My new release</title>
<featuredImage>https://example.com/featured_image.png</featuredImage>
<socialImage>https://example.com/social_image.png</socialImage>
<description>The main description of your release</description>
<timestamp>2021-09-17T00:51:18+00:00</timestamp>
<aliases>
<alias>Project Orion</alias>
</aliases>
<tags>
<tag>CMS</tag>
<tag>SEO</tag>
<tag>wysiwyg</tag>
</tags>
<resolves>
<issue type="enhancement">
<id>JIRA-17240</id>
<description>Great new feature that does something</description>
<source>
<name>Acme Org</name>
<url>https://issues.example.com/17240</url>
</source>
</issue>
<issue type="security">
<id>CVE-2019-9997</id>
<name>CVE-2019-9997</name>
<description>A security issue was fixed that did something bad</description>
<source>
<name>NVD</name>
<url>https://nvd.nist.gov/vuln/detail/CVE-2019-9997</url>
</source>
<references>
<url>http://some/other/site-1</url>
<url>http://some/other/site-2</url>
</references>
</issue>
</resolves>
<notes>
<note>
<locale>en-US</locale>
<text content-type="text/html" encoding="base64">PGgxPk15IG5ldyByZWxlYXNlPGgxPgo8cD5SZWxlYXNlIG5vdGVzIGhlcmU8L3A+</text>
</note>
<note>
<locale>es</locale>
<text content-type="text/html" encoding="base64">PGgxPk15IG5ldyByZWxlYXNlPGgxPgo8cD5Ob3RhcyBkZSBsYSB2ZXJzacOzbiBhcXXDrTwvcD4=</text>
</note>
</notes>
</releaseNotes>
</service>
</services>
</bom>
|
