{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2026-03-05T20:45:11Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/document/package-go-runtime","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/go-runtime/package-go-runtime/go-runtime/UNIHASH/document/package-go-runtime"}],"name":"package-go-runtime","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime","creationInfo":"_:CreationInfo0","description":"The Go programming language is an open source project to make  programmers more productive. Go is expressive, concise, clean, and efficient. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel type system enables flexible and modular program construction. Go compiles quickly to machine code yet has the convenience of garbage collection and the power of run-time reflection. It's a fast, statically typed, compiled language that feels like a dynamically typed, interpreted language.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/223ee097c75588305d1da4ad3eaef7d881451d8e9d29f38f5bf0caaff2c5db73/go-runtime/UNIHASH/package/go-runtime"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:golang:go:1.25.8:*:*:*:*:*:*:*"}],"name":"go-runtime","summary":"Go programming language compiler","software_primaryPurpose":"install","software_homePage":" http://golang.org/","software_packageVersion":"1.25.8"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime/file/1","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/223ee097c75588305d1da4ad3eaef7d881451d8e9d29f38f5bf0caaff2c5db73/go-runtime/UNIHASH/package/go-runtime/file/1"}],"name":"usr/lib/go/pkg/linux_arm64_dynlink/libstd.so","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"21fa3f2969eba697a8ac5549179cb6b73e086348d7296423493db417fe5ad27d"}]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/relationship/0c331345c4ff40e60011da1bdd37f607","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/223ee097c75588305d1da4ad3eaef7d881451d8e9d29f38f5bf0caaff2c5db73/go-runtime/UNIHASH/relationship/0c331345c4ff40e60011da1bdd37f607"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/46c2d2108878557792b12bc92786ea9487979383548d046eb1962602b58a9cef/go-runtime/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime"],"scope":"build"},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/relationship/40f3a321eae5fc98e39d580c6b75c77d","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/223ee097c75588305d1da4ad3eaef7d881451d8e9d29f38f5bf0caaff2c5db73/go-runtime/UNIHASH/relationship/40f3a321eae5fc98e39d580c6b75c77d"}],"from":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/46c2d2108878557792b12bc92786ea9487979383548d046eb1962602b58a9cef/go-runtime/UNIHASH/license/3_27_0/BSD-3-Clause"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/relationship/43acd4d70c0dcfe3267f35b0ee7d17f6","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/223ee097c75588305d1da4ad3eaef7d881451d8e9d29f38f5bf0caaff2c5db73/go-runtime/UNIHASH/relationship/43acd4d70c0dcfe3267f35b0ee7d17f6"}],"from":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime","relationshipType":"contains","to":["http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime/file/1"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/relationship/ca0c86a1b38f9d3a75f22b808ad058e6","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/223ee097c75588305d1da4ad3eaef7d881451d8e9d29f38f5bf0caaff2c5db73/go-runtime/UNIHASH/relationship/ca0c86a1b38f9d3a75f22b808ad058e6"}],"from":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/46c2d2108878557792b12bc92786ea9487979383548d046eb1962602b58a9cef/go-runtime/UNIHASH/vulnerability/CVE-2024-3566"]},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/vex-not-affected/34e9aadfa7aa1b3b160028e8ca3c4cd1","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/223ee097c75588305d1da4ad3eaef7d881451d8e9d29f38f5bf0caaff2c5db73/go-runtime/UNIHASH/vex-not-affected/34e9aadfa7aa1b3b160028e8ca3c4cd1"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/46c2d2108878557792b12bc92786ea9487979383548d046eb1962602b58a9cef/go-runtime/UNIHASH/vulnerability/CVE-2024-3566","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/go-runtime-4fdc8cd9-1f9c-57d7-b28c-d7cd9a6b38d6/afd4f74021d86cdb058f1bfa43328c547a3032e4a9e9913c044c913343e67d61/package/go-runtime"],"security_vexVersion":"1.0.0","security_impactStatement":"Issue only applies on Windows","security_justificationType":"vulnerableCodeNotPresent"}]}