├── .envrc ├── .github ├── dependabot.yml └── workflows │ ├── codeql.yml │ ├── dependency-review.yml │ ├── release_sbomnix.yml │ ├── scorecards.yml │ └── test_sbomnix.yml ├── .gitignore ├── .gitlint ├── LICENSES ├── Apache-2.0.txt ├── BSD-3-Clause.txt ├── CC-BY-3.0.txt ├── CC-BY-SA-4.0.txt └── MIT.txt ├── Makefile ├── README.md ├── REUSE.toml ├── VERSION ├── default.nix ├── doc ├── img │ ├── c_hello_world_buildtime_d2.svg │ ├── c_hello_world_runtime.svg │ ├── git_r2_col.svg │ ├── git_r2_col_inv.svg │ ├── wget_b1.svg │ ├── wget_r1.svg │ ├── wget_r1_paths.svg │ ├── wget_r2.svg │ ├── wget_r2_col.svg │ ├── wget_r2_inv.svg │ └── wget_runtime.svg ├── nix_outdated.md ├── nixgraph.md ├── nixmeta.md ├── provenance.md ├── replogoy_cli.md └── vulnxscan.md ├── flake.lock ├── flake.nix ├── nix ├── apps.nix ├── checks.nix ├── default.nix ├── git-hooks.nix ├── packages.nix └── treefmt.nix ├── pytest.ini ├── setup.py ├── shell.nix ├── src ├── common │ ├── __init__.py │ └── utils.py ├── nixgraph │ ├── __init__.py │ ├── graph.py │ └── main.py ├── nixmeta │ ├── __init__.py │ ├── main.py │ └── scanner.py ├── nixupdate │ ├── __init__.py │ └── nix_outdated.py ├── provenance │ ├── __init__.py │ └── main.py ├── repology │ ├── __init__.py │ ├── exceptions.py │ ├── repology_cli.py │ └── repology_cve.py ├── sbomnix │ ├── __init__.py │ ├── cdx.py │ ├── cpe.py │ ├── derivation.py │ ├── dfcache.py │ ├── main.py │ ├── meta.py │ ├── nix.py │ └── sbomdb.py └── vulnxscan │ ├── __init__.py │ ├── osv.py │ ├── utils.py │ ├── vulnscan.py │ ├── vulnxscan_cli.py │ └── whitelist.py └── tests ├── compare_deps.py ├── compare_sboms.py ├── resources ├── README.md ├── cdx_bom-1.3.schema.json ├── cdx_bom-1.4.schema.json ├── provenance-1.0.schema.json ├── spdx_bom-2.3.schema.json ├── vulns.csv ├── whitelist.csv └── whitelist_all.csv └── test_sbomnix.py /.envrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.envrc -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/workflows/codeql.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.github/workflows/codeql.yml -------------------------------------------------------------------------------- /.github/workflows/dependency-review.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.github/workflows/dependency-review.yml -------------------------------------------------------------------------------- /.github/workflows/release_sbomnix.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.github/workflows/release_sbomnix.yml -------------------------------------------------------------------------------- /.github/workflows/scorecards.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.github/workflows/scorecards.yml -------------------------------------------------------------------------------- /.github/workflows/test_sbomnix.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.github/workflows/test_sbomnix.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.gitignore -------------------------------------------------------------------------------- /.gitlint: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/.gitlint -------------------------------------------------------------------------------- /LICENSES/Apache-2.0.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/LICENSES/Apache-2.0.txt -------------------------------------------------------------------------------- /LICENSES/BSD-3-Clause.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/LICENSES/BSD-3-Clause.txt -------------------------------------------------------------------------------- /LICENSES/CC-BY-3.0.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/LICENSES/CC-BY-3.0.txt -------------------------------------------------------------------------------- /LICENSES/CC-BY-SA-4.0.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/LICENSES/CC-BY-SA-4.0.txt -------------------------------------------------------------------------------- /LICENSES/MIT.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/LICENSES/MIT.txt -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/README.md -------------------------------------------------------------------------------- /REUSE.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/REUSE.toml -------------------------------------------------------------------------------- /VERSION: -------------------------------------------------------------------------------- 1 | 1.7.4 2 | -------------------------------------------------------------------------------- /default.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/default.nix -------------------------------------------------------------------------------- /doc/img/c_hello_world_buildtime_d2.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/c_hello_world_buildtime_d2.svg -------------------------------------------------------------------------------- /doc/img/c_hello_world_runtime.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/c_hello_world_runtime.svg -------------------------------------------------------------------------------- /doc/img/git_r2_col.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/git_r2_col.svg -------------------------------------------------------------------------------- /doc/img/git_r2_col_inv.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/git_r2_col_inv.svg -------------------------------------------------------------------------------- /doc/img/wget_b1.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/wget_b1.svg -------------------------------------------------------------------------------- /doc/img/wget_r1.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/wget_r1.svg -------------------------------------------------------------------------------- /doc/img/wget_r1_paths.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/wget_r1_paths.svg -------------------------------------------------------------------------------- /doc/img/wget_r2.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/wget_r2.svg -------------------------------------------------------------------------------- /doc/img/wget_r2_col.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/wget_r2_col.svg -------------------------------------------------------------------------------- /doc/img/wget_r2_inv.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/wget_r2_inv.svg -------------------------------------------------------------------------------- /doc/img/wget_runtime.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/img/wget_runtime.svg -------------------------------------------------------------------------------- /doc/nix_outdated.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/nix_outdated.md -------------------------------------------------------------------------------- /doc/nixgraph.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/nixgraph.md -------------------------------------------------------------------------------- /doc/nixmeta.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/nixmeta.md -------------------------------------------------------------------------------- /doc/provenance.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/provenance.md -------------------------------------------------------------------------------- /doc/replogoy_cli.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/replogoy_cli.md -------------------------------------------------------------------------------- /doc/vulnxscan.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/doc/vulnxscan.md -------------------------------------------------------------------------------- /flake.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/flake.lock -------------------------------------------------------------------------------- /flake.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/flake.nix -------------------------------------------------------------------------------- /nix/apps.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/nix/apps.nix -------------------------------------------------------------------------------- /nix/checks.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/nix/checks.nix -------------------------------------------------------------------------------- /nix/default.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/nix/default.nix -------------------------------------------------------------------------------- /nix/git-hooks.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/nix/git-hooks.nix -------------------------------------------------------------------------------- /nix/packages.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/nix/packages.nix -------------------------------------------------------------------------------- /nix/treefmt.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/nix/treefmt.nix -------------------------------------------------------------------------------- /pytest.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/pytest.ini -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/setup.py -------------------------------------------------------------------------------- /shell.nix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/shell.nix -------------------------------------------------------------------------------- /src/common/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/common/__init__.py -------------------------------------------------------------------------------- /src/common/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/common/utils.py -------------------------------------------------------------------------------- /src/nixgraph/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixgraph/__init__.py -------------------------------------------------------------------------------- /src/nixgraph/graph.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixgraph/graph.py -------------------------------------------------------------------------------- /src/nixgraph/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixgraph/main.py -------------------------------------------------------------------------------- /src/nixmeta/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixmeta/__init__.py -------------------------------------------------------------------------------- /src/nixmeta/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixmeta/main.py -------------------------------------------------------------------------------- /src/nixmeta/scanner.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixmeta/scanner.py -------------------------------------------------------------------------------- /src/nixupdate/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixupdate/__init__.py -------------------------------------------------------------------------------- /src/nixupdate/nix_outdated.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/nixupdate/nix_outdated.py -------------------------------------------------------------------------------- /src/provenance/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/provenance/__init__.py -------------------------------------------------------------------------------- /src/provenance/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/provenance/main.py -------------------------------------------------------------------------------- /src/repology/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/repology/__init__.py -------------------------------------------------------------------------------- /src/repology/exceptions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/repology/exceptions.py -------------------------------------------------------------------------------- /src/repology/repology_cli.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/repology/repology_cli.py -------------------------------------------------------------------------------- /src/repology/repology_cve.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/repology/repology_cve.py -------------------------------------------------------------------------------- /src/sbomnix/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/__init__.py -------------------------------------------------------------------------------- /src/sbomnix/cdx.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/cdx.py -------------------------------------------------------------------------------- /src/sbomnix/cpe.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/cpe.py -------------------------------------------------------------------------------- /src/sbomnix/derivation.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/derivation.py -------------------------------------------------------------------------------- /src/sbomnix/dfcache.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/dfcache.py -------------------------------------------------------------------------------- /src/sbomnix/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/main.py -------------------------------------------------------------------------------- /src/sbomnix/meta.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/meta.py -------------------------------------------------------------------------------- /src/sbomnix/nix.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/nix.py -------------------------------------------------------------------------------- /src/sbomnix/sbomdb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/sbomnix/sbomdb.py -------------------------------------------------------------------------------- /src/vulnxscan/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/vulnxscan/__init__.py -------------------------------------------------------------------------------- /src/vulnxscan/osv.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/vulnxscan/osv.py -------------------------------------------------------------------------------- /src/vulnxscan/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/vulnxscan/utils.py -------------------------------------------------------------------------------- /src/vulnxscan/vulnscan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/vulnxscan/vulnscan.py -------------------------------------------------------------------------------- /src/vulnxscan/vulnxscan_cli.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/vulnxscan/vulnxscan_cli.py -------------------------------------------------------------------------------- /src/vulnxscan/whitelist.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/src/vulnxscan/whitelist.py -------------------------------------------------------------------------------- /tests/compare_deps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/compare_deps.py -------------------------------------------------------------------------------- /tests/compare_sboms.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/compare_sboms.py -------------------------------------------------------------------------------- /tests/resources/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/README.md -------------------------------------------------------------------------------- /tests/resources/cdx_bom-1.3.schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/cdx_bom-1.3.schema.json -------------------------------------------------------------------------------- /tests/resources/cdx_bom-1.4.schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/cdx_bom-1.4.schema.json -------------------------------------------------------------------------------- /tests/resources/provenance-1.0.schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/provenance-1.0.schema.json -------------------------------------------------------------------------------- /tests/resources/spdx_bom-2.3.schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/spdx_bom-2.3.schema.json -------------------------------------------------------------------------------- /tests/resources/vulns.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/vulns.csv -------------------------------------------------------------------------------- /tests/resources/whitelist.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/whitelist.csv -------------------------------------------------------------------------------- /tests/resources/whitelist_all.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/resources/whitelist_all.csv -------------------------------------------------------------------------------- /tests/test_sbomnix.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tiiuae/sbomnix/HEAD/tests/test_sbomnix.py --------------------------------------------------------------------------------