mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-02-14 00:40:50 +00:00
84c2d69b03
Improve supply chain security by including a SBOM file with substituted values. This will be used to construct a composite platform SBOM. Signed-off-by: Richard Hughes <richard@hughsie.com>
49 lines
1.0 KiB
JSON
49 lines
1.0 KiB
JSON
{
|
|
"bomFormat": "CycloneDX",
|
|
"specVersion": "1.6",
|
|
"version": 1,
|
|
"metadata": {
|
|
"authors": [
|
|
{
|
|
"name": "@VCS_SBOM_AUTHORS@"
|
|
}
|
|
]
|
|
},
|
|
"components": [
|
|
{
|
|
"type": "library",
|
|
"bom-ref": "pkg:github/Mbed-TLS/mbedtls@@VCS_TAG@",
|
|
"cpe": "cpe:2.3:a:trustedfirmware:mbed_tls:@VCS_TAG@:*:*:*:*:*:*:*",
|
|
"name": "mbedtls",
|
|
"version": "@VCS_VERSION@",
|
|
"description": "Implements cryptographic primitives, X.509 certificate manipulation and SSL/TLS and DTLS protocols",
|
|
"authors": [
|
|
{
|
|
"name": "@VCS_AUTHORS@"
|
|
}
|
|
],
|
|
"supplier": {
|
|
"name": "Trusted Firmware"
|
|
},
|
|
"licenses": [
|
|
{
|
|
"license": {
|
|
"id": "Apache-2.0"
|
|
}
|
|
},
|
|
{
|
|
"license": {
|
|
"id": "GPL-2.0-or-later"
|
|
}
|
|
}
|
|
],
|
|
"externalReferences": [
|
|
{
|
|
"type": "vcs",
|
|
"url": "https://github.com/Mbed-TLS/mbedtls"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|