이제 REST API의 버전이 지정됩니다. 자세한 내용은 "API 버전 관리 정보"를 참조하세요.
소프트웨어 자료 청구서(SBOM)
REST API를 사용하여 리포지토리에 대한 SBOM(소프트웨어 청구서)을 내보냅니다.
If you have at least read access to the repository, you can export the dependency graph for the repository as an SPDX-compatible, Software Bill of Materials (SBOM), via the GitHub UI or GitHub REST API. For more information, see "Exporting a software bill of materials for your repository."
This article gives details about the REST API endpoint.
Export a software bill of materials (SBOM) for a repository.
Exports the software bill of materials (SBOM) for a repository in SPDX JSON format.
"Export a software bill of materials (SBOM) for a repository."에 대한 매개 변수
이름, Type, 설명 |
---|
accept string Setting to |
이름, Type, 설명 |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
"Export a software bill of materials (SBOM) for a repository."에 대한 HTTP 응답 상태 코드
상태 코드 | 설명 |
---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
"Export a software bill of materials (SBOM) for a repository."에 대한 코드 샘플
get /repos /{owner} /{repo} /dependency-graph /sbom
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/dependency-graph/sbom
Response
Status: 200
{
"sbom": {
"SPDXID": "SPDXRef-DOCUMENT",
"spdxVersion": "SPDX-2.3",
"creationInfo": {
"created": "2021-09-01T00:00:00Z",
"creators": [
"Tool: GitHub.com-Dependency-Graph"
]
},
"name": "github/example",
"dataLicense": "CC0-1.0",
"documentDescribes": [
"github/example"
],
"documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456",
"packages": [
{
"SPDXID": "SPDXRef-Package",
"name": "rubygems:rails",
"versionInfo": "1.0.0",
"downloadLocation": "NOASSERTION",
"filesAnalyzed": false,
"licenseConcluded": "MIT",
"licenseDeclared": "MIT"
}
]
}
}