The REST API is now versioned. For more information, see "About API versioning."
Software bill of materials (SBOM)
Use the REST API to export the software bill of materials (SBOM) for a repository.
Export a software bill of materials (SBOM) for a repository.
Exports the software bill of materials (SBOM) for a repository in SPDX JSON format.
Parameters for "Export a software bill of materials (SBOM) for a repository."
Headers |
---|
Name, Type, Description |
accept string Setting to |
Path parameters |
Name, Type, Description |
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository. The name is not case sensitive. |
HTTP response status codes for "Export a software bill of materials (SBOM) for a repository."
Status code | Description |
---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Code samples for "Export a software bill of materials (SBOM) for a repository."
get /repos /{owner} /{repo} /dependency-graph /sbom
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>"\
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/dependency-graph/sbom
Response
Status: 200
{
"sbom": {
"SPDXID": "SPDXRef-DOCUMENT",
"spdxVersion": "SPDX-2.3",
"creationInfo": {
"created": "2021-09-01T00:00:00Z",
"creators": [
"Tool: GitHub.com-Dependency-Graph"
]
},
"name": "github/example",
"dataLicense": "CC0-1.0",
"documentDescribes": [
"github/example"
],
"documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456",
"packages": [
{
"SPDXID": "SPDXRef-Package",
"name": "rubygems:rails",
"versionInfo": "1.0.0",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"licenseConcluded": "NOASSERTION",
"licenseDeclared": "NOASSERTION"
}
]
}
}