{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2025-07-10T20:43:08Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/document/package-nativesdk-ninja","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/nativesdk-ninja/package-nativesdk-ninja/nativesdk-ninja/UNIHASH/document/package-nativesdk-ninja","https://rdf.openembedded.org/spdx/3.0/link-name":"374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8"}],"name":"package-nativesdk-ninja","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja","creationInfo":"_:CreationInfo1","description":"Ninja is a small build system with a focus on speed. It differs from other build systems in two major respects: it is designed to have its input files generated by a higher-level build system, and it is designed to run builds as fast as possible.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8/nativesdk-ninja/UNIHASH/package/nativesdk-ninja"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:ninja:1.13.1:*:*:*:*:*:*:*"}],"name":"nativesdk-ninja","summary":"Ninja is a small build system with a focus on speed.","software_primaryPurpose":"install","software_homePage":"https://ninja-build.org/","software_packageVersion":"1.13.1"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja/file/1","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8/nativesdk-ninja/UNIHASH/package/nativesdk-ninja/file/1"}],"name":"usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-tdxsdk-linux/usr/bin/ninja","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"d0cb7eccc35a64baf467884840cdbfe203fc4272b9713c02d9bdd27ede95be4d"}]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/16a324ed36cc2bebab47548607cfc1ea","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8/nativesdk-ninja/UNIHASH/relationship/16a324ed36cc2bebab47548607cfc1ea"}],"from":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/vulnerability/CVE-2021-4336"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/4c58f8dd1cd0443d3601a5a268073a87","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8/nativesdk-ninja/UNIHASH/relationship/4c58f8dd1cd0443d3601a5a268073a87"}],"from":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja","relationshipType":"contains","to":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja/file/1"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/9dbfebf55abcc6dd2dd2e30c5922ebf2","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8/nativesdk-ninja/UNIHASH/relationship/9dbfebf55abcc6dd2dd2e30c5922ebf2"}],"from":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/license/3_27_0/Apache-2_0"]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/b1082c1d7fa1d91eaaa3be272217e93b","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8/nativesdk-ninja/UNIHASH/relationship/b1082c1d7fa1d91eaaa3be272217e93b"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja"],"scope":"build"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/vex-not-affected/22bc0cc0bc407589112b73cf1e6fc832","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/374cfd3d2ccb5d4c5ec6f9af0e7f22a7c5efc62e7d39245514f62d8f9d342db8/nativesdk-ninja/UNIHASH/vex-not-affected/22bc0cc0bc407589112b73cf1e6fc832"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/vulnerability/CVE-2021-4336","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja"],"security_vexVersion":"1.0.0","security_impactStatement":"This is a different Ninja"}]}