Skip to content

Commit

Permalink
doc: Update README
Browse files Browse the repository at this point in the history
  • Loading branch information
@anthonyharrison
anthonyharrison committed Aug 17, 2023
1 parent 4796d0e commit 69e499c
Showing 1 changed file with 62 additions and 50 deletions.
112 changes: 62 additions & 50 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ the following filename conventions.
| CycloneDX | JSON | .json |

The `--output-file` option is used to control the destination of the output generated by the tool. The
default is to report to the console, but it can also be stored in a file (specified using `--output-file` option).
default is to report to the console, but it can also be stored in a JSON file (specified using `--output-file` option).

The `--include-license` option is used to indicate if the text for the licenses is to be included in the output.

Expand All @@ -70,99 +70,99 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-flask
DocumentNamespace: http://spdx.org/spdxdocs/Python-flask-0d6084b4-1a7b-42f7-97e2-65bc4b109783
LicenseListVersion: 3.20
Creator: Tool: sbom4python-0.9.0
Created: 2023-03-31T11:01:17Z
DocumentNamespace: http://spdx.org/spdxdocs/Python-flask-f95bd9a2-1442-4631-9b13-870422204ed4
LicenseListVersion: 3.21
Creator: Tool: sbom4python-0.10.0
Created: 2023-08-17T20:28:31Z
CreatorComment: <text>This document has been automatically generated.</text>
#####

PackageName: flask
SPDXID: SPDXRef-Package-1-flask
PackageVersion: 2.2.2
PrimaryPackagePurpose: APPLICATION
PackageSupplier: Person: Armin Ronacher ([email protected])
PackageDownloadLocation: https://pypi.org/project/Flask/2.2.2
FilesAnalyzed: false
PackageHomePage: https://palletsprojects.com/p/flask
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: A simple framework for building complex web applications.
PackageSummary: <text>A simple framework for building complex web applications.</text>
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:flask:2.2.2:*:*:*:*:*:*:*
#####

PackageName: click
SPDXID: SPDXRef-Package-2-click
PackageVersion: 8.0.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Armin Ronacher ([email protected])
PackageDownloadLocation: https://pypi.org/project/click/8.0.3
FilesAnalyzed: false
PackageHomePage: https://palletsprojects.com/p/click/
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: Composable command line interface toolkit
PackageSummary: <text>Composable command line interface toolkit</text>
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:click:8.0.3:*:*:*:*:*:*:*
#####

PackageName: itsdangerous
SPDXID: SPDXRef-Package-3-itsdangerous
PackageVersion: 2.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Armin Ronacher ([email protected])
PackageDownloadLocation: https://pypi.org/project/itsdangerous/2.1.2
FilesAnalyzed: false
PackageHomePage: https://palletsprojects.com/p/itsdangerous/
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: Safely pass data to untrusted environments and back.
PackageSummary: <text>Safely pass data to untrusted environments and back.</text>
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:itsdangerous:2.1.2:*:*:*:*:*:*:*
#####

PackageName: jinja2
SPDXID: SPDXRef-Package-4-jinja2
PackageVersion: 3.0.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Armin Ronacher ([email protected])
PackageDownloadLocation: https://pypi.org/project/Jinja2/3.0.2
FilesAnalyzed: false
PackageHomePage: https://palletsprojects.com/p/jinja/
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: A very fast and expressive template engine.
PackageSummary: <text>A very fast and expressive template engine.</text>
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:jinja2:3.0.2:*:*:*:*:*:*:*
#####

PackageName: markupsafe
SPDXID: SPDXRef-Package-5-markupsafe
PackageVersion: 2.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Armin Ronacher ([email protected])
PackageDownloadLocation: https://pypi.org/project/MarkupSafe/2.1.1
FilesAnalyzed: false
PackageHomePage: https://palletsprojects.com/p/markupsafe/
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: Safely add untrusted strings to HTML/XML markup.
PackageSummary: <text>Safely add untrusted strings to HTML/XML markup.</text>
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:markupsafe:2.1.1:*:*:*:*:*:*:*
#####

PackageName: werkzeug
SPDXID: SPDXRef-Package-6-werkzeug
PackageVersion: 2.2.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Armin Ronacher ([email protected])
PackageDownloadLocation: https://pypi.org/project/Werkzeug/2.2.2
FilesAnalyzed: false
PackageHomePage: https://palletsprojects.com/p/werkzeug/
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: The comprehensive WSGI web application library.
PackageSummary: <text>The comprehensive WSGI web application library.</text>
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:werkzeug:2.2.2:*:*:*:*:*:*:*
#####
Expand All @@ -181,44 +181,56 @@ The following commands will generate a summary of the contents of the SBOM to th
```bash
sbom2doc --input flask.spdx

╭──────────────╮
│ SBOM Summary │
╰──────────────╯
┏━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Item ┃ Details ┃
┡━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━┩
│ SBOM File │ /tmp/flask.spdx
│ SBOM Type │ spdx │
│ Version │ SPDX-2.3 │
│ Name │ Python-flask │
│ Creator │ Tool:sbom4python-0.9.0
│ Created │ 2023-03-31T11:01:17Z
│ Files │ 0 │
│ Packages │ 6 │
│ Relationships │ 7 │
└───────────────┴────────────────────────┘
┏━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━
┃ Item ┃ Details
┡━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━
│ SBOM File │ /root/Downloads/flask.spdx │
│ SBOM Type │ spdx
│ Version │ SPDX-2.3
│ Name │ Python-flask
│ Creator │ Tool:sbom4python-0.10.0
│ Created │ 2023-08-17T20:28:31Z
│ Files │ 0
│ Packages │ 6
│ Relationships │ 7
└───────────────┴────────────────────────────
╭─────────────────╮
│ Package Summary │
╰─────────────────╯
┏━━━━━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┓
┃ Name ┃ Version ┃ Supplier ┃ License ┃
┡━━━━━━━━━━━━━━╇━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━┩
│ flask │ 2.2.2 │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ click │ 8.0.3 │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ itsdangerous │ 2.1.2 │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ jinja2 │ 3.0.2 │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ markupsafe │ 2.1.1 │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ werkzeug │ 2.2.2 │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
└──────────────┴─────────┴──────────────────────────────────────────────┴──────────────┘
┏━━━━━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━┓
┃ Name ┃ Version ┃ Download ┃ Copyright ┃
┡━━━━━━━━━━━━━━╇━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━┩
│ flask │ 2.2.2 │ https://pypi.org/project/Flask/2.2.2 │ - │
│ click │ 8.0.3 │ https://pypi.org/project/click/8.0.3 │ - │
│ itsdangerous │ 2.1.2 │ https://pypi.org/project/itsdangerous/2.1.2 │ - │
│ jinja2 │ 3.0.2 │ https://pypi.org/project/Jinja2/3.0.2 │ - │
│ markupsafe │ 2.1.1 │ https://pypi.org/project/MarkupSafe/2.1.1 │ - │
│ werkzeug │ 2.2.2 │ https://pypi.org/project/Werkzeug/2.2.2 │ - │
└──────────────┴─────────┴─────────────────────────────────────────────┴───────────┘
┏━━━━━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┓
┃ Name ┃ Version ┃ Type ┃ Supplier ┃ License ┃
┡━━━━━━━━━━━━━━╇━━━━━━━━━╇━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━┩
│ flask │ 2.2.2 │ APPLICATION │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ click │ 8.0.3 │ LIBRARY │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ itsdangerous │ 2.1.2 │ LIBRARY │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ jinja2 │ 3.0.2 │ LIBRARY │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ markupsafe │ 2.1.1 │ LIBRARY │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
│ werkzeug │ 2.2.2 │ LIBRARY │ Armin Ronacher ([email protected]) │ BSD-3-Clause │
└──────────────┴─────────┴─────────────┴──────────────────────────────────────────────┴──────────────┘


┏━━━━━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━┓
┃ Name ┃ Version ┃ Ecosystem ┃ Download ┃ Copyright ┃
┡━━━━━━━━━━━━━━╇━━━━━━━━━╇━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━┩
│ flask │ 2.2.2 │ pypi │ https://pypi.org/project/Flask/2.2.2 │ NOASSERTION │
│ click │ 8.0.3 │ pypi │ https://pypi.org/project/click/8.0.3 │ NOASSERTION │
│ itsdangerous │ 2.1.2 │ pypi │ https://pypi.org/project/itsdangerous/2.1.2 │ NOASSERTION │
│ jinja2 │ 3.0.2 │ pypi │ https://pypi.org/project/Jinja2/3.0.2 │ NOASSERTION │
│ markupsafe │ 2.1.1 │ pypi │ https://pypi.org/project/MarkupSafe/2.1.1 │ NOASSERTION │
│ werkzeug │ 2.2.2 │ pypi │ https://pypi.org/project/Werkzeug/2.2.2 │ NOASSERTION │
└──────────────┴─────────┴───────────┴─────────────────────────────────────────────┴─────────────┘
╭────────────────────────╮
│ Component Type Summary │
╰────────────────────────╯
┏━━━━━━━━━━━━━┳━━━━━━━┓
┃ Type ┃ Count ┃
┡━━━━━━━━━━━━━╇━━━━━━━┩
│ APPLICATION │ 1 │
│ LIBRARY │ 5 │
└─────────────┴───────┘
╭─────────────────╮
│ License Summary │
╰─────────────────╯
Expand Down

0 comments on commit 69e499c

Please sign in to comment.