npm - @cdxgen/cdxgen-plugins-bin-linuxmusl-arm64 - Versions diffs - 2.0.2 → 2.0.3 - Mend

@cdxgen/cdxgen-plugins-bin-linuxmusl-arm64 2.0.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cdxgen/cdxgen-plugins-bin-linuxmusl-arm64",
-  "version": "2.0.2",
+  "version": "2.0.3",
   "description": "Linux musl arm64 binary plugins to supercharge @cdxgen/cdxgen npm package",
   "main": "index.js",
   "repository": {

package/plugins/sbom-postbuild.cdx.json ADDED Viewed

@@ -0,0 +1 @@

+ {"bomFormat":"CycloneDX","specVersion":"1.7","version":1,"metadata":{"timestamp":"2026-03-12T00:05:50Z","lifecycles":[{"phase":"post-build"}]},"components":[{"type":"application","name":"trivy","version":"v0.68.2","description":"Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more. This is a custom wrapper maintained by the cdxgen team.","purl":"pkg:generic/github.com/cdxgen/cdxgen-plugins-bin/trivy-cdxgen@v0.68.2","bom-ref":"pkg:generic/github.com/cdxgen/cdxgen-plugins-bin/trivy-cdxgen@v0.68.2","licenses":[{"license":{"id":"Apache-2.0"}}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"attestation","confidence":1}]}]},"externalReferences":[{"url":"https://github.com/cdxgen/cdxgen-plugins-bin/tree/main/thirdparty/trivy","type":"vcs"},{"url":"https://github.com/cdxgen/cdxgen/issues","type":"issue-tracker"}],"properties":[{"name":"internal:binary_path","value":"plugins/trivy/trivy-cdxgen-linuxmusl-arm64"}],"hashes":[{"alg":"SHA-256","content":"e99a1e9fe208ba95cfd340601cb8328814a81c40701d0689211ba908dd381db5"}]},{"group":"github.com/apple","name":"swift-argument-parser","version":"1.5.1","purl":"pkg:swift/github.com/apple/swift-argument-parser@1.5.1","externalReferences":[{"type":"vcs","url":"https://github.com/apple/swift-argument-parser.git"}],"type":"library","bom-ref":"pkg:swift/github.com/apple/swift-argument-parser@1.5.1","properties":[{"name":"SrcFile","value":"Package.resolved"},{"name":"cdx:swift:localCheckoutPath","value":".build/checkouts/swift-argument-parser"}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"Package.resolved"}],"concludedValue":"Package.resolved"}]},"tags":["parse"]},{"group":"github.com/drmohundro","name":"SWXMLHash","version":"7.0.2","purl":"pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","externalReferences":[{"type":"vcs","url":"https://github.com/drmohundro/SWXMLHash.git"}],"type":"library","bom-ref":"pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","properties":[{"name":"SrcFile","value":"Package.resolved"},{"name":"cdx:swift:localCheckoutPath","value":".build/checkouts/SWXMLHash"}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"Package.resolved"}],"concludedValue":"Package.resolved"}]},"tags":["xml"]},{"group":"github.com/jpsim","name":"Yams","version":"6.0.1","purl":"pkg:swift/github.com/jpsim/Yams@6.0.1","externalReferences":[{"type":"vcs","url":"https://github.com/jpsim/Yams.git"}],"type":"library","bom-ref":"pkg:swift/github.com/jpsim/Yams@6.0.1","properties":[{"name":"SrcFile","value":"Package.resolved"},{"name":"cdx:swift:localCheckoutPath","value":".build/checkouts/Yams"}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"Package.resolved"}],"concludedValue":"Package.resolved"}]}},{"type":"application","name":"dosai","version":"2.1.1","description":"Dotnet Source and Assembly Inspector (Dosai) is a tool to list details about the namespaces and methods from sources and assemblies.","purl":"pkg:github/owasp-dep-scan/dosai@2.1.1","bom-ref":"pkg:github/owasp-dep-scan/dosai@2.1.1","licenses":[{"license":{"id":"MIT"}}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"attestation","confidence":1}]}]},"externalReferences":[{"url":"https://github.com/owasp-dep-scan/dosai","type":"vcs"},{"url":"https://github.com/owasp-dep-scan/dosai/releases","type":"distribution"}],"properties":[{"name":"internal:binary_path","value":"plugins/dosai/dosai"}],"hashes":[{"alg":"SHA-256","content":"29723d231ccbbdf85964e33ae6eb3754ae488bbd087e9da826ff037e5c2da5c8"}]}],"dependencies":[{"ref":"pkg:swift/github.com/apple/swift-argument-parser@1.5.1","dependsOn":[]},{"ref":"pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","dependsOn":[]},{"ref":"pkg:swift/github.com/jpsim/Yams@6.0.1","dependsOn":[]},{"ref":"pkg:github/jpsim/sourcekitten@0.37.2","dependsOn":["pkg:swift/github.com/apple/swift-argument-parser@1.5.1","pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","pkg:swift/github.com/jpsim/Yams@6.0.1"]}]}

package/plugins/trivy/sbom-sourcekitten-postbuild.cdx.json ADDED Viewed

@@ -0,0 +1 @@

+ {"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:2f074009-7658-435d-93d1-40e7be879321","version":1,"metadata":{"timestamp":"2026-03-11T23:28:55Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.2","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.2","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.2","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"group":"","name":"SourceKitten","version":"latest","type":"application","bom-ref":"pkg:swift/SourceKitten@latest","purl":"pkg:swift/SourceKitten@latest"},"properties":[{"name":"cdx:bom:componentTypes","value":"swift"},{"name":"cdx:bom:componentNamespaces","value":"github.com/apple\\ngithub.com/drmohundro\\ngithub.com/jpsim"},{"name":"cdx:bom:componentSrcFiles","value":"Package.resolved\\nPackage.swift"}]},"components":[{"group":"github.com/apple","name":"swift-argument-parser","version":"1.5.1","purl":"pkg:swift/github.com/apple/swift-argument-parser@1.5.1","externalReferences":[{"type":"vcs","url":"https://github.com/apple/swift-argument-parser.git"}],"type":"library","bom-ref":"pkg:swift/github.com/apple/swift-argument-parser@1.5.1","properties":[{"name":"SrcFile","value":"Package.resolved"},{"name":"cdx:swift:localCheckoutPath","value":".build/checkouts/swift-argument-parser"}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"Package.resolved"}],"concludedValue":"Package.resolved"}]},"tags":["parse"]},{"group":"github.com/drmohundro","name":"SWXMLHash","version":"7.0.2","purl":"pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","externalReferences":[{"type":"vcs","url":"https://github.com/drmohundro/SWXMLHash.git"}],"type":"library","bom-ref":"pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","properties":[{"name":"SrcFile","value":"Package.resolved"},{"name":"cdx:swift:localCheckoutPath","value":".build/checkouts/SWXMLHash"}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"Package.resolved"}],"concludedValue":"Package.resolved"}]},"tags":["xml"]},{"group":"github.com/jpsim","name":"Yams","version":"6.0.1","purl":"pkg:swift/github.com/jpsim/Yams@6.0.1","externalReferences":[{"type":"vcs","url":"https://github.com/jpsim/Yams.git"}],"type":"library","bom-ref":"pkg:swift/github.com/jpsim/Yams@6.0.1","properties":[{"name":"SrcFile","value":"Package.resolved"},{"name":"cdx:swift:localCheckoutPath","value":".build/checkouts/Yams"}],"evidence":{"identity":[{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"Package.resolved"}],"concludedValue":"Package.resolved"}]}},{"group":"","name":"SourceKitten","version":"unspecified","purl":"pkg:swift/SourceKitten@unspecified","type":"application","bom-ref":"pkg:swift/SourceKitten@unspecified","properties":[{"name":"SrcPath","value":"/home/runner/work/cdxgen-plugins-bin/cdxgen-plugins-bin/thirdparty/sourcekitten/SourceKitten"},{"name":"SrcFile","value":"Package.swift"}]}],"dependencies":[{"ref":"pkg:swift/github.com/apple/swift-argument-parser@1.5.1","dependsOn":[]},{"ref":"pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","dependsOn":[]},{"ref":"pkg:swift/github.com/jpsim/Yams@6.0.1","dependsOn":[]},{"ref":"pkg:swift/SourceKitten@unspecified","dependsOn":["pkg:swift/github.com/apple/swift-argument-parser@1.5.1","pkg:swift/github.com/drmohundro/SWXMLHash@7.0.2","pkg:swift/github.com/jpsim/Yams@6.0.1"]}],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:swift/SourceKitten@latest"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.2","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.2","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.2","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-03-11T23:28:55Z","text":"This Software Bill-of-Materials (SBOM) document was created on Wednesday, March 11, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'SourceKitten'. There are 4 components. The package type in this SBOM is swift with 3 purl namespaces described under components. The components were identified from the source files: Package.resolved, Package.swift."}]}

package/plugins/trivy/trivy-cdxgen-linuxmusl-arm64 CHANGED Viewed

Binary file

package/plugins/trivy/trivy-cdxgen-linuxmusl-arm64.sha256 CHANGED Viewed

	@@ -1 +1 @@
1	- ~~e5a02002f9a8d73bdbc61a6eb65bc45e401b1513882fef19ecd59fc447265fc4~~ trivy-cdxgen-linuxmusl-arm64
1	+ e99a1e9fe208ba95cfd340601cb8328814a81c40701d0689211ba908dd381db5 ./build/trivy-cdxgen-linuxmusl-arm64