{"id":32596,"date":"2023-03-22T15:28:17","date_gmt":"2023-06-04T23:34:37","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/"},"modified":"2024-04-29T20:03:49","modified_gmt":"2024-04-29T12:03:49","slug":"%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/","title":{"rendered":"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528"},"content":{"rendered":"

\u9996\u5148<\/h2>\n

\u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u5f00\u53d1\u8005\u5b89\u5168\u7684\u6587\u7ae0\uff0c\u7528Snyk\u8fdb\u884c\u6295\u7a3f\u7684\u201cSnyk Advent Calendar 2022\u201d\u7b2c21\u5929\u7684\u6587\u7ae0\u3002<\/p>\n

 <\/p>\n

\u6211\u5c06\u4e3a\u60a8\u7533\u8bf7\u4e00\u4e2a\u4e13\u5c5e\u7684\u81ea\u52a8\u53a8\u5e08\u5956\uff01\uff08\u5728Snyk\u7684\u65e5\u5386\u5e16\u5b50\u4e0a\u53ef\u80fd\u83b7\u5f97\u8c6a\u534e\u793c\u54c1\uff01\u53ef\u4ee5\u56de\u6eaf\u5230\u4ee5\u524d\u7684\u5e16\u5b50\u4e0a\u53d1\u5e03\u3002\uff09<\/p>\n

\u6211\u5011\u5c07\u9a57\u8b49\u4e00\u4e0b\u5f15\u4eba\u671f\u5f85\u7684SBOM API\u7684Beta\u7248\u672c\uff082022-12-15~beta\uff09\uff0c\u9019\u662f\u672c\u6587\u7684\u4e3b\u984c\u3002<\/p>\n

SBOM \u662f\u6307\u8f6f\u4ef6\u6784\u5efa\u6750\u6599\u6e05\u5355\u3002<\/h2>\n

SBOM\uff08\u8f6f\u4ef6\u7269\u6599\u6e05\u5355\uff1a\u8f6f\u4ef6\u90e8\u4ef6\u8868\uff09\u662f\u4e00\u4efd\u5305\u542b\u6784\u6210\u8f6f\u4ef6\u7684\u5e93\u3001\u6a21\u5757\u4ee5\u53ca\u5176\u4f9d\u8d56\u5173\u7cfb\u7b49\u4fe1\u606f\u7684\u6e05\u5355\u3002\u901a\u8fc7SBOM\uff0c\u53ef\u4ee5\u66f4\u5bb9\u6613\u5730\u4e86\u89e3\u6784\u5efa\u6216\u4f7f\u7528\u7684\u8f6f\u4ef6\u76f8\u5173\u7684\u8bb8\u53ef\u548c\u5b89\u5168\u98ce\u9669\u3002<\/p>\n

\u5728\u7f8e\u56fd\u56fd\u5bb6\u7535\u4fe1\u548c\u4fe1\u606f\u7ba1\u7406\u5c40\uff08NTIA\uff09\u7684\u7f51\u7ad9\u4e0a\uff0c\u5982\u4e0b\u6240\u5b9a\u4e49\u3002<\/p>\n

\u4e00\u4e2a”\u8f6f\u4ef6\u6750\u6599\u6e05\u5355”\uff08SBOM\uff09\u662f\u8f6f\u4ef6\u7684\u5d4c\u5957\u6e05\u5355\uff0c\u5217\u51fa\u4e86\u6784\u6210\u8f6f\u4ef6\u7ec4\u4ef6\u7684\u6210\u5206\u5217\u8868\u3002<\/p><\/blockquote>\n

 <\/p>\n

\u7531\u4e8e2021\u5e74\u7684\u7f8e\u56fd\u603b\u7edf\u4ee4\u5173\u4e8e\u7f51\u7edc\u5b89\u5168\u4ee5\u53ca\u6700\u8fd1\u5907\u53d7\u5173\u6ce8\u7684Apache Log4j\u7684\u6f0f\u6d1e\u7b49\u4e8b\u4ef6\uff0c\u518d\u6b21\u5f15\u53d1\u4e86\u5bf9\u8f6f\u4ef6\u4f9b\u5e94\u94fe\u5b89\u5168\u91cd\u8981\u6027\u7684\u8ba4\u8bc6\uff0c\u56e0\u6b64\u73b0\u5728\u5927\u5bb6\u5f00\u59cb\u5173\u6ce8\u8f6f\u4ef6\u7ec4\u4ef6\u6e05\u5355\uff08SBOM\uff09\u3002<\/p>\n

\u4ee5\u4e0b\u7684\u6587\u7ae0\u4e5f\u662f\u5173\u4e8e\u8f6f\u4ef6\u6784\u6210\u6e05\u5355\u65b9\u9762\u7684\u53c2\u8003\u6587\u732e\uff1a<\/p>\n

 <\/p>\n

\u5728\u8fd9\u79cd\u8d8b\u52bf\u4e0b\uff0c\u5404\u4e2a\u516c\u53f8\u7684\u8f6f\u4ef6\u7ec4\u5408\u5206\u6790\uff08SCA\uff09\u5de5\u5177\u4e5f\u5728\u9010\u6e10\u5b8c\u5584\u5176\u8f93\u51fa\u8f6f\u4ef6\u6784\u6210\u6e05\u5355\uff08SBOM\uff09\u7684\u529f\u80fd\u3002<\/p>\n

Snyk\u8f6f\u4ef6\u6784\u4ef6\u6e05\u5355\uff08SBOM\uff09API<\/h2>\n

\u57282022\u5e7411\u67088\u65e5\u7684SnykLaunch\u6d3b\u52a8\u4e2d\uff0c\u5ba3\u5e03\u4e86SBOM API\u548cCLI\u7b49SBOM\u5de5\u5177\u3002\u611f\u8c22Snyk Japan\u53d1\u5e03\u4e86\u65e5\u672c\u8bed\u7684\u603b\u7ed3\u6587\u7ae0\u3002<\/p>\n

 <\/p>\n

\u622a\u81f32022\u5e7412\u670821\u65e5\u7684\u65f6\u95f4\u70b9\uff0cSBOM API\u4ecd\u5904\u4e8eBeta\u72b6\u6001\uff0cCLI\u751f\u6210\u529f\u80fd\u5c1a\u672a\u53d1\u5e03\u3002\u672c\u6b21\u6211\u4eec\u5c06\u5c1d\u8bd5\u76f4\u63a5\u8c03\u7528Beta\u7248\u672c\u7684SBOM API\u3002<\/p>\n

\u8bf7\u6ce8\u610f\uff0c\u6211\u518d\u6b21\u5f3a\u8c03\uff0cSBOM API \u622a\u81f32022\u5e7412\u670821\u65e5\u4ecd\u5904\u4e8eBeta\u72b6\u6001\u3002\u5728\u6b63\u5f0f\u53d1\u5e03\u4e4b\u524d\uff0c\u5176\u54cd\u5e94\u5185\u5bb9\u548c\u64cd\u4f5c\u53ef\u80fd\u4f1a\u53d1\u751f\u53d8\u5316\uff0c\u8bf7\u6ce8\u610f\u3002<\/div>\n

SBOM API\uff08\u6d4b\u8bd5\u7248\uff09\u7684\u9650\u5236<\/h3>\n
    \n
  • \n
      \u6709\u511f\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u3092\u5951\u7d04\u3057\u3066\u3044\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059<\/ul>\n<\/li>\n<\/ul>\n

      Free \u30d7\u30e9\u30f3 \u3067 API \u3092\u5229\u7528\u3057\u305f\u5834\u5408\u306f 403 Forbidden \u3068\u306a\u308a\u307e\u3059<\/p>\n

      \u51fa\u529b\u3067\u304d\u308b\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u306f CycloneDX \u306e\u307f\u3092\u30b5\u30dd\u30fc\u30c8\u3057\u3066\u3044\u307e\u3059<\/p>\n

      \u4ee3\u8868\u7684\u306a SBOM \u306e\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3068\u3057\u3066 SPDX \u3084 CycloneDX \u304c\u3042\u308a\u307e\u3059<\/p>\n

      \u6572\u8bd5\u4e00\u4e0b<\/h2>\n

      \u6839\u636e\u4ee5\u4e0b\u7684 Snyk REST API \u6587\u6863\uff0c\u5c1d\u8bd5\u6267\u884c cURL \u547d\u4ee4\u3002API \u7248\u672c\u4e3a 2022-12-15~beta\u3002<\/p>\n

       <\/p>\n

      \u8fd9\u6b21\u6211\u4eec\u6309\u7167\u4ee5\u4e0b\u65b9\u5f0f\u8f93\u51fa\u4e86 nodejs-goof \u7684\u8f6f\u4ef6\u7ec4\u4ef6\u6e05\u5355\uff08SBOM\uff09\u3002\u8bf7\u5c06 Organization ID \u8f93\u5165\u5230 ORG_ID \u4e2d\uff0c\u5c06\u8981\u8f93\u51fa SBOM \u7684\u9879\u76ee ID \u8f93\u5165\u5230 PROJECT_ID \u4e2d\u3002SNYK_TOKEN \u662fSNYK\u8d26\u6237\u7684API Token\u3002<\/p>\n

      nodejs-goof\u662f\u4e00\u4e2a\u8106\u5f31\u7684Node.js\u5e94\u7528\u7a0b\u5e8f\uff0c\u7531snyk-labs\u7528\u4e8e\u6f14\u793a\u53d1\u5e03\u3002<\/div>\n
      export <\/span>ORG_ID<\/span>=<\/span>\"your-organization-id\"<\/span>\r\nexport <\/span>PROJECT_ID<\/span>=<\/span>\"your-project-id\"<\/span>\r\nexport <\/span>SNYK_TOKEN<\/span>=<\/span>\"your-api-token\"<\/span>\r\nexport <\/span>VERSION<\/span>=<\/span>\"2022-12-15%7Ebeta\"<\/span>\r\n\r\ncurl -X<\/span> GET \"https:\/\/api.snyk.io\/rest\/orgs\/<\/span>${<\/span>ORG_ID<\/span>}<\/span>\/projects\/<\/span>${<\/span>PROJECT_ID<\/span>}<\/span>\/sbom?version=<\/span>${<\/span>VERSION<\/span>}<\/span>&format=cyclonedx%2Bjson\"<\/span> \\<\/span>\r\n -H<\/span> \"Accept: application\/vnd.api+json\"<\/span> \\<\/span>\r\n -H<\/span> \"Authorization: Token <\/span>${<\/span>SNYK_TOKEN<\/span>}<\/span>\"<\/span> \\<\/span>\r\n -H<\/span> \"Accept: application\/vnd.cyclonedx+json\"<\/span> | jq .<\/span> ><\/span> nodejs-goof-sbom.json\r\n<\/code><\/pre>\n
      \u53ea\u8981\u80fd\u591f\u6210\u529f\u5730\u8f93\u51fa JSON \u6587\u4ef6\u800c\u6ca1\u6709\u51fa\u9519\uff0c\u5c31\u7b97\u6210\u529f\u4e86\u3002<\/p>\n
      \u6211\u8ba4\u4e3a\u5728Snyk REST API\u6587\u6863\u4e0a\u5c1d\u8bd5API\u8bf7\u6c42\u7684\u65b9\u6cd5\u5f88\u7b80\u5355\uff0c\u9664\u4e86cURL\u4e4b\u5916\u7684\u5de5\u5177\u3002<\/p>\n
      \"\"<\/div>\n
      \u4f7f\u7528\u8f70\u70b8\u673a\u6765\u8fdb\u884cSBOM\u626b\u63cf\u3002<\/h2>\n
      \u70b8\u5f39\u662f\u4e00\u4e2a\u652f\u6301SBOM\u7684\u6f0f\u6d1e\u626b\u63cf\u5668\u3002<\/p>\n
       <\/p>\n
      \u5b83\u652f\u6301\u591a\u4e2a\u8106\u5f31\u6027\u4fe1\u606f\u4f9b\u5e94\u5546\uff0c\u5176\u4e2d Snyk \u662f\u5176\u4e2d\u4e4b\u4e00\uff0c\u5e76\u4e14\u4f3c\u4e4e\u5728 SnykLaunch \u4e2d\u4e5f\u5ba3\u5e03\u4e86\u652f\u6301\u3002\u4e3a\u4e86\u65b9\u4fbf\u8d77\u89c1\uff0c\u6211\u4eec\u5c06\u4f7f\u7528 Snyk \u4f5c\u4e3a\u4f9b\u5e94\u5546\uff0c\u5e76\u5c1d\u8bd5\u4f7f\u7528 Snyk API \u626b\u63cf\u751f\u6210\u7684 SBOM\u3002<\/p>\n
      \u4ece\u53d1\u5e03\u9875\u9762\u5b89\u88c5\u6700\u65b0\u53d1\u5e03\u7684\u5e73\u53f0\u3002<\/p>\n
      sudo <\/span>yum install<\/span> -y<\/span> https:\/\/github.com\/devops-kung-fu\/bomber\/releases\/download\/v0.4.0\/bomber_0.4.0_linux_amd64.rpm\r\n<\/code><\/pre>\n
      \u53ea\u9700\u8981\u5c06\u63d0\u4f9b\u8005\u6307\u5b9a\u4e3aSnyk\uff0c\u7136\u540e\u6267\u884c\u626b\u63cf\u5373\u53ef\u3002Bomber\u5c06\u4f1a\u8bc6\u522b\u73af\u5883\u53d8\u91cfSNYK_TOKEN\u3002<\/p>\n
      export <\/span>SNYK_TOKEN<\/span>=<\/span>\"your-api-token\"<\/span>\r\nbomber scan --provider<\/span> snyk nodejs-goof-sbom.json\r\n<\/code><\/pre>\n
      \u6211\u5011\u53ef\u4ee5\u5f9eSBOM\u4e2d\u9032\u884c\u5f31\u9ede\u6383\u63cf\uff01<\/p>\n
      $ <\/span>bomber scan --provider<\/span> snyk nodejs-goof-sbom.json\r\n\r\n \u2588\u2588\u2584 \u2584\u2580\u2584 \u2588\u2584 \u2584\u2588 \u2588\u2588\u2584 \u2588\u2588\u2580 \u2588\u2580\u2584\r\n \u2588\u2584\u2588 \u2580\u2584\u2580 \u2588 \u2580 \u2588 \u2588\u2584\u2588 \u2588\u2584\u2584 \u2588\u2580\u2584\r\n\r\nDKFM - DevOps Kung Fu Mafia\r\nhttps:\/\/github.com\/devops-kung-fu\/bomber\r\nVersion: 0.4.0\r\n\r\n\u25a0 Ecosystems detected: npm\r\n\u25a0 Scanning 980 packages for <\/span>vulnerabilities...\r\n\u25a0 Vulnerability Provider: Snyk (<\/span>https:\/\/security.snyk.io)<\/span> \r\n\r\n\u25a0 Files Scanned\r\n        nodejs-goof-sbom.json (<\/span>sha256:c420d3936c5c00287a7ae1423e57203358a41360027f34e95d450d0ea1c1086d)<\/span>\r\n\u256d\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u256e\r\n\u2502 TYPE \u2502 NAME                  \u2502 VERSION \u2502 SEVERITY \u2502 VULNERABILITY                           \u2502 EPSS % \u2502\r\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502 npm  \u2502 yargs-parser          \u2502 9.0.2   \u2502 MODERATE \u2502 SNYK-JS-YARGSPARSER-560381              \u2502 N\/A    \u2502\r\n\u2502      \u2502                       \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502      \u2502                       \u2502 8.1.0   \u2502 MODERATE \u2502 SNYK-JS-YARGSPARSER-560381              \u2502 N\/A    \u2502\r\n\u2502      \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502      \u2502 y18n                  \u2502 4.0.0   \u2502 HIGH     \u2502 SNYK-JS-Y18N-1021887                    \u2502 N\/A    \u2502\r\n\u2502      \u2502                       \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502      \u2502                       \u2502 3.2.1   \u2502 HIGH     \u2502 SNYK-JS-Y18N-1021887                    \u2502 N\/A    \u2502\r\n\u2502      \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u4e2d\u7565---------------------------------------------------------------------------------------------------\r\n\r\nTotal vulnerabilities found: 182\r\n\r\n\u256d\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u256e\r\n\u2502 RATING   \u2502 COUNT \u2502\r\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502 CRITICAL \u2502     4 \u2502\r\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502 HIGH     \u2502    86 \u2502\r\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502 MODERATE \u2502    79 \u2502\r\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\r\n\u2502 LOW      \u2502    13 \u2502\r\n\u2570\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u256f\r\n\r\nNOTES:\r\n\r\n1. The list of vulnerabilities displayed may differ from provider to provider. This list\r\n   may not contain all possible vulnerabilities. Please try the other providers that bomber\r\n   supports (<\/span>osv, ossindex, snyk)<\/span>\r\n2. EPSS Percentage indicates the % chance that the vulnerability will be exploited. This\r\n   value will assist in <\/span>prioritizing remediation. For more information on EPSS, refer to\r\n   https:\/\/www.first.org\/epss\/\r\n<\/code><\/pre>\n
      \u6211\u8ba4\u4e3a\u4e0d\u4e45\u4e4b\u540e\uff0cSnyk CLI\u4e5f\u53ef\u4ee5\u8f7b\u677e\u5730\u8f93\u51faSBOM\u3002\u8fd9\u6837\u4e00\u6765\uff0c\u53ef\u4ee5\u5728CI\/CD\u6d41\u7a0b\u4e2d\u751f\u6210SBOM\u5e76\u4e14\u6269\u5927\u5229\u7528\u8303\u56f4\u3002<\/p>\n
      \u5e0c\u671b\u6211\u7684\u56de\u7b54\u5bf9\u60a8\u6709\u6240\u5e2e\u52a9\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
      \u9996\u5148 \u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u5f00\u53d1\u8005\u5b89\u5168\u7684\u6587\u7ae0\uff0c\u7528Snyk\u8fdb\u884c\u6295\u7a3f\u7684\u201cSnyk Advent Calendar 2022 […]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-32596","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u6211\u8bd5\u7740\u4f7f\u7528snyk-sbom-api-beta\u8fdb\u884c\u8c03\u7528\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528\" \/>\n<meta property=\"og:description\" content=\"\u9996\u5148 \u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u5f00\u53d1\u8005\u5b89\u5168\u7684\u6587\u7ae0\uff0c\u7528Snyk\u8fdb\u884c\u6295\u7a3f\u7684\u201cSnyk Advent Calendar 2022 […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u6211\u8bd5\u7740\u4f7f\u7528snyk-sbom-api-beta\u8fdb\u884c\u8c03\u7528\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-04T23:34:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-29T12:03:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d12cc37434c4406bf72e3\/30-0.png\" \/>\n<meta name=\"author\" content=\"\u9038, \u79d1\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u9038, \u79d1\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/\",\"name\":\"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-06-04T23:34:37+00:00\",\"dateModified\":\"2024-04-29T12:03:49+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\",\"name\":\"\u9038, \u79d1\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"caption\":\"\u9038, \u79d1\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u6211\u8bd5\u7740\u4f7f\u7528snyk-sbom-api-beta\u8fdb\u884c\u8c03\u7528\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528","og_description":"\u9996\u5148 \u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u5f00\u53d1\u8005\u5b89\u5168\u7684\u6587\u7ae0\uff0c\u7528Snyk\u8fdb\u884c\u6295\u7a3f\u7684\u201cSnyk Advent Calendar 2022 […]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u6211\u8bd5\u7740\u4f7f\u7528snyk-sbom-api-beta\u8fdb\u884c\u8c03\u7528\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-06-04T23:34:37+00:00","article_modified_time":"2024-04-29T12:03:49+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d12cc37434c4406bf72e3\/30-0.png"}],"author":"\u9038, \u79d1","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u9038, \u79d1","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"2 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/","name":"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-06-04T23:34:37+00:00","dateModified":"2024-04-29T12:03:49+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u6211\u8bd5\u7740\u4f7f\u7528Snyk SBOM API (Beta)\u8fdb\u884c\u8c03\u7528"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487","name":"\u9038, \u79d1","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","caption":"\u9038, \u79d1"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e6%88%91%e8%af%95%e7%9d%80%e4%bd%bf%e7%94%a8snyk-sbom-api-beta%e8%bf%9b%e8%a1%8c%e8%b0%83%e7%94%a8%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/32596","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=32596"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/32596\/revisions"}],"predecessor-version":[{"id":87355,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/32596\/revisions\/87355"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=32596"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=32596"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=32596"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}