added auditing tools
This commit is contained in:
parent
ce65fefcba
commit
cf67bf73eb
2 changed files with 196 additions and 0 deletions
4
deny.toml
Normal file
4
deny.toml
Normal file
|
@ -0,0 +1,4 @@
|
|||
[licenses]
|
||||
allow = [ "MIT" ]
|
||||
|
||||
|
192
sbom.xml
Normal file
192
sbom.xml
Normal file
|
@ -0,0 +1,192 @@
|
|||
{
|
||||
"SPDXID": "SPDXRef-DOCUMENT",
|
||||
"creationInfo": {
|
||||
"created": "2024-07-09T18:21:25.518Z",
|
||||
"creators": [
|
||||
"Tool: cargo-sbom-v0.8.4"
|
||||
]
|
||||
},
|
||||
"dataLicense": "CC0-1.0",
|
||||
"documentNamespace": "https://spdx.org/spdxdocs/qm-0541a043-2174-483b-9558-35c5390ec42e",
|
||||
"files": [
|
||||
{
|
||||
"SPDXID": "SPDXRef-File-qm",
|
||||
"checksums": [],
|
||||
"fileName": "qm",
|
||||
"fileTypes": [
|
||||
"BINARY"
|
||||
]
|
||||
}
|
||||
],
|
||||
"name": "qm",
|
||||
"packages": [
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-redox_termios-0.1.3",
|
||||
"description": "A Rust library to access Redox termios functions",
|
||||
"downloadLocation": "registry+https://github.com/rust-lang/crates.io-index",
|
||||
"externalRefs": [
|
||||
{
|
||||
"referenceCategory": "PACKAGE-MANAGER",
|
||||
"referenceLocator": "pkg:cargo/redox_termios@0.1.3",
|
||||
"referenceType": "purl"
|
||||
}
|
||||
],
|
||||
"licenseConcluded": "MIT",
|
||||
"licenseDeclared": "MIT",
|
||||
"name": "redox_termios",
|
||||
"versionInfo": "0.1.3"
|
||||
},
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-bitflags-1.3.2",
|
||||
"description": "A macro to generate structures which behave like bitflags.\n",
|
||||
"downloadLocation": "registry+https://github.com/rust-lang/crates.io-index",
|
||||
"externalRefs": [
|
||||
{
|
||||
"referenceCategory": "PACKAGE-MANAGER",
|
||||
"referenceLocator": "pkg:cargo/bitflags@1.3.2",
|
||||
"referenceType": "purl"
|
||||
}
|
||||
],
|
||||
"homepage": "https://github.com/bitflags/bitflags",
|
||||
"licenseConcluded": "MIT OR Apache-2.0",
|
||||
"licenseDeclared": "MIT/Apache-2.0",
|
||||
"name": "bitflags",
|
||||
"versionInfo": "1.3.2"
|
||||
},
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-libc-0.2.155",
|
||||
"description": "Raw FFI bindings to platform libraries like libc.\n",
|
||||
"downloadLocation": "registry+https://github.com/rust-lang/crates.io-index",
|
||||
"externalRefs": [
|
||||
{
|
||||
"referenceCategory": "PACKAGE-MANAGER",
|
||||
"referenceLocator": "pkg:cargo/libc@0.2.155",
|
||||
"referenceType": "purl"
|
||||
}
|
||||
],
|
||||
"homepage": "https://github.com/rust-lang/libc",
|
||||
"licenseConcluded": "MIT OR Apache-2.0",
|
||||
"licenseDeclared": "MIT OR Apache-2.0",
|
||||
"name": "libc",
|
||||
"versionInfo": "0.2.155"
|
||||
},
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-numtoa-0.1.0",
|
||||
"description": "Convert numbers into stack-allocated byte arrays",
|
||||
"downloadLocation": "registry+https://github.com/rust-lang/crates.io-index",
|
||||
"externalRefs": [
|
||||
{
|
||||
"referenceCategory": "PACKAGE-MANAGER",
|
||||
"referenceLocator": "pkg:cargo/numtoa@0.1.0",
|
||||
"referenceType": "purl"
|
||||
}
|
||||
],
|
||||
"licenseConcluded": "MIT OR Apache-2.0",
|
||||
"licenseDeclared": "MIT OR Apache-2.0",
|
||||
"name": "numtoa",
|
||||
"versionInfo": "0.1.0"
|
||||
},
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-evalexpr-11.3.0",
|
||||
"description": "A powerful arithmetic and boolean expression evaluator",
|
||||
"downloadLocation": "registry+https://github.com/rust-lang/crates.io-index",
|
||||
"externalRefs": [
|
||||
{
|
||||
"referenceCategory": "PACKAGE-MANAGER",
|
||||
"referenceLocator": "pkg:cargo/evalexpr@11.3.0",
|
||||
"referenceType": "purl"
|
||||
}
|
||||
],
|
||||
"homepage": "https://github.com/ISibboI/evalexpr",
|
||||
"licenseConcluded": "MIT",
|
||||
"licenseDeclared": "MIT",
|
||||
"name": "evalexpr",
|
||||
"versionInfo": "11.3.0"
|
||||
},
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-quickmath-0.2.3",
|
||||
"description": "A quick command-line math evaluator.",
|
||||
"downloadLocation": "NONE",
|
||||
"homepage": "https://git.vwolfe.io/valerie/qm",
|
||||
"licenseConcluded": "MIT",
|
||||
"licenseDeclared": "MIT",
|
||||
"name": "quickmath",
|
||||
"versionInfo": "0.2.3"
|
||||
},
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-redox_syscall-0.2.16",
|
||||
"description": "A Rust library to access raw Redox system calls",
|
||||
"downloadLocation": "registry+https://github.com/rust-lang/crates.io-index",
|
||||
"externalRefs": [
|
||||
{
|
||||
"referenceCategory": "PACKAGE-MANAGER",
|
||||
"referenceLocator": "pkg:cargo/redox_syscall@0.2.16",
|
||||
"referenceType": "purl"
|
||||
}
|
||||
],
|
||||
"licenseConcluded": "MIT",
|
||||
"licenseDeclared": "MIT",
|
||||
"name": "redox_syscall",
|
||||
"versionInfo": "0.2.16"
|
||||
},
|
||||
{
|
||||
"SPDXID": "SPDXRef-Package-termion-1.5.6",
|
||||
"description": "A bindless library for manipulating terminals.",
|
||||
"downloadLocation": "registry+https://github.com/rust-lang/crates.io-index",
|
||||
"externalRefs": [
|
||||
{
|
||||
"referenceCategory": "PACKAGE-MANAGER",
|
||||
"referenceLocator": "pkg:cargo/termion@1.5.6",
|
||||
"referenceType": "purl"
|
||||
}
|
||||
],
|
||||
"licenseConcluded": "MIT",
|
||||
"licenseDeclared": "MIT",
|
||||
"name": "termion",
|
||||
"versionInfo": "1.5.6"
|
||||
}
|
||||
],
|
||||
"relationships": [
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-evalexpr-11.3.0",
|
||||
"relationshipType": "DEPENDS_ON",
|
||||
"spdxElementId": "SPDXRef-Package-quickmath-0.2.3"
|
||||
},
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-redox_syscall-0.2.16",
|
||||
"relationshipType": "DEPENDS_ON",
|
||||
"spdxElementId": "SPDXRef-Package-termion-1.5.6"
|
||||
},
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-numtoa-0.1.0",
|
||||
"relationshipType": "DEPENDS_ON",
|
||||
"spdxElementId": "SPDXRef-Package-termion-1.5.6"
|
||||
},
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-redox_termios-0.1.3",
|
||||
"relationshipType": "DEPENDS_ON",
|
||||
"spdxElementId": "SPDXRef-Package-termion-1.5.6"
|
||||
},
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-bitflags-1.3.2",
|
||||
"relationshipType": "DEPENDS_ON",
|
||||
"spdxElementId": "SPDXRef-Package-redox_syscall-0.2.16"
|
||||
},
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-quickmath-0.2.3",
|
||||
"relationshipType": "GENERATED_FROM",
|
||||
"spdxElementId": "SPDXRef-File-qm"
|
||||
},
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-termion-1.5.6",
|
||||
"relationshipType": "DEPENDS_ON",
|
||||
"spdxElementId": "SPDXRef-Package-quickmath-0.2.3"
|
||||
},
|
||||
{
|
||||
"relatedSpdxElement": "SPDXRef-Package-libc-0.2.155",
|
||||
"relationshipType": "DEPENDS_ON",
|
||||
"spdxElementId": "SPDXRef-Package-termion-1.5.6"
|
||||
}
|
||||
],
|
||||
"spdxVersion": "SPDX-2.3"
|
||||
}
|
Loading…
Reference in a new issue