{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2025-07-10T20:43:08Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/document/package-nativesdk-ninja-dbg","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/nativesdk-ninja/package-nativesdk-ninja-dbg/nativesdk-ninja/UNIHASH/document/package-nativesdk-ninja-dbg","https://rdf.openembedded.org/spdx/3.0/link-name":"ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909"}],"name":"package-nativesdk-ninja-dbg","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg","creationInfo":"_:CreationInfo1","description":"Ninja is a small build system with a focus on speed. It differs from other build systems in two major respects: it is designed to have its input files generated by a higher-level build system, and it is designed to run builds as fast as possible.  This package contains ELF symbols and related sources for debugging purposes.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909/nativesdk-ninja/UNIHASH/package/nativesdk-ninja-dbg"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:ninja:1.13.1:*:*:*:*:*:*:*"}],"name":"nativesdk-ninja-dbg","summary":"Ninja is a small build system with a focus on speed. - Debugging files","software_primaryPurpose":"install","software_homePage":"https://ninja-build.org/","software_packageVersion":"1.13.1"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg/file/1","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909/nativesdk-ninja/UNIHASH/package/nativesdk-ninja-dbg/file/1"}],"name":"usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-tdxsdk-linux/usr/bin/.debug/ninja","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"05b6bd25c380afec91c862be9494eee275b6848cbe2e20e93a15fb79877121e4"}]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/184455ef2ae4f90a969a0310241815f8","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909/nativesdk-ninja/UNIHASH/relationship/184455ef2ae4f90a969a0310241815f8"}],"from":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg","relationshipType":"contains","to":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg/file/1"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/3272ba8b3c5987417c8fe8cd61fca807","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909/nativesdk-ninja/UNIHASH/relationship/3272ba8b3c5987417c8fe8cd61fca807"}],"from":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/vulnerability/CVE-2021-4336"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/76a8e9cc99232e4db23032b69f7a5b87","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909/nativesdk-ninja/UNIHASH/relationship/76a8e9cc99232e4db23032b69f7a5b87"}],"from":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/license/3_27_0/Apache-2_0"]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/relationship/abbc5a973c80424929cc025bf6eb025e","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909/nativesdk-ninja/UNIHASH/relationship/abbc5a973c80424929cc025bf6eb025e"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg"],"scope":"build"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/vex-not-affected/06315810400e8eb48c47527a28d9f8c9","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/ae59962b7092bfee577e2350f6df8735e9ff10cc22669b3551bfb47e7b321909/nativesdk-ninja/UNIHASH/vex-not-affected/06315810400e8eb48c47527a28d9f8c9"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02d3a7d38edfb32b96a6097c3121abb27e49fc6432595f858766b353aeaff9a0/nativesdk-ninja/UNIHASH/vulnerability/CVE-2021-4336","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nativesdk-ninja-cd4ecc11-aa4a-5a00-933b-ef16de1a231a/6d382d9ed5d94263d3a8c165b87fac2c1f1e64751e06168fdef8b8f45da9ca9a/package/nativesdk-ninja-dbg"],"security_vexVersion":"1.0.0","security_impactStatement":"This is a different Ninja"}]}