Version: v0.19.0

analyzer.sbom

Title: analyzer.sbom


Type	`object`
Additional properties

Description: Software Bill of Materials extracted from a container image using Trivy (CycloneDX).

Property	Pattern	Type	Deprecated	Definition	Title/Description
+ analyzer	No	const	No	-	Unique identifier for the SBOM analyzer.
+ repository	No	string	No	-	The image repository that was analyzed.
+ tag	No	string	No	-	The image tag that was analyzed.
+ has_sbom	No	boolean	No	-	True if an SBOM was successfully generated.
+ sbom_format	No	string	No	-	The format of the generated SBOM (e.g., CycloneDX).
+ sbom_version	No	string	No	-	Version of the SBOM specification used.
+ total_components	No	integer	No	-	Total number of software components found (OS packages, apps, etc.).
+ component_types	No	object	No	-	Count of components grouped by type (library, application, framework, …).
+ total_dependencies	No	integer	No	-	Total number of dependency relationships found.
+ licenses	No	array of string	No	-	Sorted unique license identifiers found across all components.
+ copyleft_licenses	No	array of string	No	-	Sorted subset of licenses that are known copyleft (GPL, LGPL, AGPL, MPL, EPL, etc.).
+ components	No	array of object	No	-	List of software components identified in the image.

1. Property `analyzer`


Type	`const`

Description: Unique identifier for the SBOM analyzer.

Specific value: "sbom"

2. Property `repository`


Type	`string`

Description: The image repository that was analyzed.

3. Property `tag`


Type	`string`

Description: The image tag that was analyzed.

4. Property `has_sbom`


Type	`boolean`

Description: True if an SBOM was successfully generated.

5. Property `sbom_format`


Type	`string`

Description: The format of the generated SBOM (e.g., CycloneDX).

6. Property `sbom_version`


Type	`string`

Description: Version of the SBOM specification used.

7. Property `total_components`


Type	`integer`

Description: Total number of software components found (OS packages, apps, etc.).

Restrictions
Minimum	≥ 0

8. Property `component_types`


Type	`object`
Additional properties

Description: Count of components grouped by type (library, application, framework, …).

Property	Pattern	Type	Deprecated	Definition	Title/Description
-	No	integer	No	-	-

8.1. Property `additionalProperties`


Type	`integer`

Restrictions
Minimum	≥ 0

9. Property `total_dependencies`


Type	`integer`

Description: Total number of dependency relationships found.

Restrictions
Minimum	≥ 0

10. Property `licenses`


Type	`array of string`

Description: Sorted unique license identifiers found across all components.

	Array restrictions
Min items	N/A
Max items	N/A
Items unicity	False
Additional items	False
Tuple validation	See below

Each item of this array must be	Description
licenses items	-

10.1. licenses items


Type	`string`

11. Property `copyleft_licenses`


Type	`array of string`

Description: Sorted subset of licenses that are known copyleft (GPL, LGPL, AGPL, MPL, EPL, CDDL, EUPL, SSPL). This field is pre-computed as the intersection between licenses and the built-in copyleft reference list. It is empty when no copyleft license is detected.

	Array restrictions
Min items	N/A
Max items	N/A
Items unicity	False
Additional items	False
Tuple validation	See below

Each item of this array must be	Description
copyleft_licenses items	-

11.1. copyleft_licenses items


Type	`string`

12. Property `components`


Type	`array of object`

Description: List of software components identified in the image.

	Array restrictions
Min items	N/A
Max items	N/A
Items unicity	False
Additional items	False
Tuple validation	See below

Each item of this array must be	Description
components items	-

11.1. components items


Type	`object`
Additional properties

Property	Pattern	Type	Deprecated	Definition	Title/Description
+ name	No	string	No	-	Name of the component.
- version	No	string or null	No	-	Installed version of the component.
+ type	No	string	No	-	Type of component (library, application, etc.).
- purl	No	string or null	No	-	Package URL (purl) for standard identification.
- licenses	No	array of string	No	-	List of licenses associated with this component.

11.1.1. Property `name`


Type	`string`

Description: Name of the component.

11.1.2. Property `version`


Type	`string or null`

Description: Installed version of the component.

11.1.3. Property `type`


Type	`string`

Description: Type of component (library, application, etc.).

11.1.4. Property `purl`


Type	`string or null`

Description: Package URL (purl) for standard identification.

11.1.5. Property `licenses`


Type	`array of string`

Description: List of licenses associated with this component.

	Array restrictions
Min items	N/A
Max items	N/A
Items unicity	False
Additional items	False
Tuple validation	See below

Each item of this array must be	Description
licenses items	-

11.1.5.1. licenses items


Type	`string`

Generated using json-schema-for-humans on 2026-03-20 at 04:11:48 +0100

1. Property analyzer​

2. Property repository​

3. Property tag​

4. Property has_sbom​

5. Property sbom_format​

6. Property sbom_version​

7. Property total_components​

8. Property component_types​

8.1. Property additionalProperties​

9. Property total_dependencies​

10. Property licenses​

10.1. licenses items​

11. Property copyleft_licenses​

11.1. copyleft_licenses items​

12. Property components​

11.1. components items​

11.1.1. Property name​

11.1.2. Property version​

11.1.3. Property type​

11.1.4. Property purl​

11.1.5. Property licenses​

11.1.5.1. licenses items​