Query: SoftwareComponentInstance
Finds a SoftwareComponentInstance by id
A specific instance of a detected software component. This is used to represent a specific version of a component that has been detected in a product, project, or other software artifact.
Return Type
Related Types
Related Filters
- SoftwareComponentFilter
- SoftwareComponentFlexSearchFilter
- SoftwareComponentInstanceFilter
- SoftwareComponentInstanceFlexSearchFilter
Args
| Name | Type | Description |
|---|---|---|
| id | ID | An auto-generated string that identifies this root entity uniquely among others of the same type |
Properties
| Name | Type | Description |
|---|---|---|
| _commentsMeta | _QueryMeta | Comments made on this component. |
| _componentStatusMeta | _QueryMeta | The history of statuses related to this software component instance. |
| _copyrightsMeta | _QueryMeta | Copyright information that applies to this software component instance. When present, these are to be treated as 'overrides' for the copyrights listed on the underlying SoftwareCompoent. |
| _cursor | String | Provides a value that can be supplied to the |
| _destRelationshipsMeta | _QueryMeta | The relationships to other components where this component is the "dest" |
| _externalReferencesMeta | _QueryMeta | The external references of this component |
| _filesMeta | _QueryMeta | Files associated with this software component instance |
| _findingsMeta | _QueryMeta | The findings associated with this software component instance. |
| _hashesMeta | _QueryMeta | Independently reproducible mechanisms for identifying specific contents of a component or package based on the actual files |
| _licenseExceptionsMeta | _QueryMeta | License exceptions that apply to this software component instance. When present, these are to be treated as 'overrides' for the license exceptions listed on the underlying SoftwareCompoent. |
| _licenseExpressionsMeta | _QueryMeta | |
| _licensesMeta | _QueryMeta | Software licenses that apply to this software component instance. When present, these are to be treated as 'overrides' for the licenses listed on the underlying SoftwareCompoent. |
| _originalComponentsCommentsMeta | _QueryMeta | The aggregated list of comments for all component instances that are merged into this component instance |
| _originalComponentsComponentStatusesMeta | _QueryMeta | The aggregated list of statuses for all component instances that are merged into this component instance |
| _originalComponentsDestRelationshipsMeta | _QueryMeta | The aggregated list of all dest relationships for all original component instances that led to the creation of this merged component instance. |
| _originalComponentsMeta | _QueryMeta | If this Finding is a 'merged finding', this list contains the underlying component instances that this component instance represents |
| _originalComponentsSourceRelationshipsMeta | _QueryMeta | The aggregated list of all source relationships for all original component instances that led to the creation of this merged component instance. |
| _originalComponentsSourcesMeta | _QueryMeta | The collection of test tools associated with original components that led to the creation of this merged component |
| _processingStatusesMeta | _QueryMeta | Any kind of processing currently occurring on this component instance |
| _propertiesMeta | _QueryMeta | The properties associated with this component |
| _revision | ID | An identifier that is updated automatically on each update of this root entity (but not on relation changes) |
| _sourceRelationshipsMeta | _QueryMeta | The relationships to other components where this component is the "source" |
| absoluteRiskScore | Float | Absolute Risk Score |
| assetVersion | AssetVersion | The asset version this component is associated with |
| assetVersionRefId | ID | The asset version id this component is associated with |
| assignee | User | The user who is assigned to this component. This is an experimental field and subject to change. |
| author | String | The author of this component. When present, this is to be treated as an 'override' for the author listed on the underlying SoftwareCompoent. |
| buildDate | DateTime | The build date of this component |
| comments | [SoftwareComponentComment] | Comments made on this component. |
| componentStatus | [SoftwareComponentStatus] | The history of statuses related to this software component instance. |
| confidence | SoftwareComponentInstanceConfidence | The confidence value that Finite State analysis has assigned to this component. |
| copyrights | [Copyright] | Copyright information that applies to this software component instance. When present, these are to be treated as 'overrides' for the copyrights listed on the underlying SoftwareCompoent. |
| createdAt | DateTime | The instant this object has been created |
| createdBy | User | The user who created this component. If is user created. |
| ctx | RelationEntityCtx | Context contains fields that are accesible to the permissions profile. This is an internal field related to user permissions. |
| currentStatus | SoftwareComponentStatus | The current status for this software component instance. |
| date | DateTime | The date the software component was first discovered. |
| dedupeHash | String | A hash that is used for deduplication against other software component instances. |
| deletedAt | DateTime | Timestamp of when this software component instance was deleted |
| destRelationships | [SoftwareComponentInstanceRelationship] | The relationships to other components where this component is the "dest" |
| detailedDescription | String | The detailed description of this component |
| downloadLocation | String | The download URL, or a specific location within a version control system (VCS) for the component or package |
| externalReferences | [ExternalReference] | The external references of this component |
| fileName | String | The actual file name of the component or package, or path of the directory being treated as a package. |
| files | [File] | Files associated with this software component instance |
| filesAnalyzed | Boolean | Indicated whether the files were analyzed for this package |
| findings | [Finding] | The findings associated with this software component instance. |
| firstOrThirdParty | SoftwareComponentInstanceSource | First or third party source |
| group | String | The grouping name or identifier associated with this component. When present, this is to be treated as an 'override' for the group listed on the underlying SoftwareCompoent. |
| hashes | [Hash] | Independently reproducible mechanisms for identifying specific contents of a component or package based on the actual files |
| id | ID | An auto-generated string that identifies this root entity uniquely among others of the same type |
| licenseExceptions | [LicenseException] | License exceptions that apply to this software component instance. When present, these are to be treated as 'overrides' for the license exceptions listed on the underlying SoftwareCompoent. |
| licenseExpressions | [LicenseExpression] | |
| licenses | [License] | Software licenses that apply to this software component instance. When present, these are to be treated as 'overrides' for the licenses listed on the underlying SoftwareCompoent. |
| mergedComponent | SoftwareComponentInstance | If populated, this field points to the 'merged component instance' that represents this component instance. This field is related to deduplicating multiple instances of the same component that may be detected by different tests. |
| mergedComponentRefId | ID | If populated, this field points to the 'merged component id' that represents this component instance. This field is related to deduplicating multiple instances of the same component that may be detected by different tests. |
| mimeType | String | The mime-type of this component. Must match regular expression - |
| name | String | The name of the software component instance |
| origin | ComponentOrigin | The origin of this software component instance (e.g. test, user-added, generated by an automated or user merge, etc.) |
| originalComponents | [SoftwareComponentInstance] | If this Finding is a 'merged finding', this list contains the underlying component instances that this component instance represents |
| originalComponentsComments | [SoftwareComponentComment] | The aggregated list of comments for all component instances that are merged into this component instance |
| originalComponentsComponentStatuses | [SoftwareComponentStatus] | The aggregated list of statuses for all component instances that are merged into this component instance |
| originalComponentsDestRelationships | [SoftwareComponentInstanceRelationship] | The aggregated list of all dest relationships for all original component instances that led to the creation of this merged component instance. |
| originalComponentsSourceRelationships | [SoftwareComponentInstanceRelationship] | The aggregated list of all source relationships for all original component instances that led to the creation of this merged component instance. |
| originalComponentsSources | [TestingTool] | The collection of test tools associated with original components that led to the creation of this merged component |
| originator | String | Identifies from where or whom the package originally came. In some cases, a package may be created and originally distributed by a different third part than the Package Supplier of the package |
| patched | Boolean | The boolean aggregated patches of all Findings associated with this SoftwareComponentInstance True if there are patches that are not null |
| processingStatuses | [ProcessingStatus] | Any kind of processing currently occurring on this component instance |
| properties | [KeyValuePair] | The properties associated with this component |
| publisher | String | The publisher of this component. When present, this is to be treated as an 'override' for the publisher listed on the underlying SoftwareCompoent. |
| referenceId | String | The original tool-specific ID of the component. This ID is specific to the test tool itself, such as a bom-ref from a CycloneDX document or an SPDXRef from an SPDX SBOM. |
| releaseDate | DateTime | The release date of this component |
| releaseNotes | ReleaseNotes | The notes associated with the software component release |
| scope | ComponentScope | Specifies the scope of the component. If scope is not specified, 'required' scope SHOULD be assumed by the consumer of the BOM |
| softwareComponent | SoftwareComponent | The Software Component associated with this instance. The Software Component contains common information about the component that is not specific to a particular instance. |
| softwareIdentifiers | SoftwareIdentifiers | The software identifiers associated with this software component instance. |
| sourceRelationships | [SoftwareComponentInstanceRelationship] | The relationships to other components where this component is the "source" |
| summaryDescription | String | The summary description of this component |
| supplier | OrganizationalEntity | The supplier associated with this component. When present, this is to be treated as an 'override' for the supplier listed on the underlying SoftwareCompoent. |
| supportEol | DateTime | The support end-of-life for this component |
| test | Test | The test that detected or reported the presence of this software component instance |
| totalRisk | Float | The aggregated risk score of all Findings associated with this SoftwareComponentInstance |
| type | SoftwareComponentType | The type of software component instance (e.g. application, library, framework, etc) |
| updatedAt | DateTime | The instant this object has been updated the last time (not including relation updates) |
| updatedBy | User | The user who updated the component instance |
| url | String | The URL to the homepage of the provider of the software component instance |
| version | String | The version of the software component instance |
This page was generated: 2024-05-17