Vesper: Sipping Bill of Materials

Curious what this is about? In honor of the NTIA Software Transparency / Software Bill of Materials (SBOM) project, we have chosen to make these Sipping Bill of Materials available. Please consult your local hacker economist to learn how you can get involved with the NTIA SBOM project.

CycloneDX Format

<?xml version="1.0"?>
<bom serialNumber="url:https://narwhal.be/2019/sbom/vesper/" version="1" xmlns="http://cyclonedx.org/schema/bom/1.1" xmlns:prep="urn:prep:instructions">
    <components>  
        <component type="library">
            <publisher>The Hendrick's Gin Distillery Ltd</publisher>
            <name>Hendrick's Gin</name>
            <description></description>
            <scope>2 oz</scope>
        </component>  
        <component type="library">
            <publisher>Chopin Imports Ltd.</publisher>
            <name>Chopin Potato Vodka</name>
            <description></description>
            <scope>0.5 oz</scope>
        </component>  
        <component type="library">
            <publisher>Giulio Cocchi Spumanti Srl</publisher>
            <name>Cocchi Americano</name>
            <description></description>
            <scope>0.25 oz</scope>
        </component> 
    </components>
    <prep:instructions>Shake with ice a whole lot, strain into glass. Garnish with lemon peel.</prep:instructions>
</bom>

SWID Format

<?xml version="1.0"?>
<SoftwareIdentity
    name="Vesper"
    tagId="urn:vesper"
    tagVersion="1"
    xml:lang="en"	
    xmlns:vTag="http://tagvault.org/xsd/swid-extensions-2015.xsd"
    xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" 
    xmlns:n8060="http://csrc.nist.gov/schema/swid/2015-extensions/swid-2015-extensions-1.0.xsd">
    <Entity name="Narwhal" role="tagCreator" />
  
    <Link rel="requires" href="urn:the-hendrick-s-gin-distillery-ltd-hendrick-s-gin" />   
    <Link rel="requires" href="urn:chopin-imports-ltd-chopin-potato-vodka" />   
    <Link rel="requires" href="urn:giulio-cocchi-spumanti-srl-cocchi-americano" /> 
    <Meta entitlementDataRequired="false" summary="Shake with ice a whole lot, strain into glass. Garnish with lemon peel." />
</SoftwareIdentity>

 
<SoftwareIdentity
    name="Hendrick's Gin"
    tagId="urn:the-hendrick-s-gin-distillery-ltd-hendrick-s-gin"
    tagVersion="1"
    xml:lang="en"	
    xmlns:vTag="http://tagvault.org/xsd/swid-extensions-2015.xsd"
    xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" 
    xmlns:n8060="http://csrc.nist.gov/schema/swid/2015-extensions/swid-2015-extensions-1.0.xsd">
    <Entity name="Narwhal" role="tagCreator" />
    <Entity name="The Hendrick's Gin Distillery Ltd" role="softwareCreator" />
    <Meta entitlementDataRequired="false" summary="2 oz" />
</SoftwareIdentity>
 
<SoftwareIdentity
    name="Chopin Potato Vodka"
    tagId="urn:chopin-imports-ltd-chopin-potato-vodka"
    tagVersion="1"
    xml:lang="en"	
    xmlns:vTag="http://tagvault.org/xsd/swid-extensions-2015.xsd"
    xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" 
    xmlns:n8060="http://csrc.nist.gov/schema/swid/2015-extensions/swid-2015-extensions-1.0.xsd">
    <Entity name="Narwhal" role="tagCreator" />
    <Entity name="Chopin Imports Ltd." role="softwareCreator" />
    <Meta entitlementDataRequired="false" summary="0.5 oz" />
</SoftwareIdentity>
 
<SoftwareIdentity
    name="Cocchi Americano"
    tagId="urn:giulio-cocchi-spumanti-srl-cocchi-americano"
    tagVersion="1"
    xml:lang="en"	
    xmlns:vTag="http://tagvault.org/xsd/swid-extensions-2015.xsd"
    xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" 
    xmlns:n8060="http://csrc.nist.gov/schema/swid/2015-extensions/swid-2015-extensions-1.0.xsd">
    <Entity name="Narwhal" role="tagCreator" />
    <Entity name="Giulio Cocchi Spumanti Srl" role="softwareCreator" />
    <Meta entitlementDataRequired="false" summary="0.25 oz" />
</SoftwareIdentity>

SPDX Format

DocumentName: Vesper
SPDXID: vesper
DocumentComment: <text>Shake with ice a whole lot, strain into glass. Garnish with lemon peel.</text>
## Creation Information
Creator: Tool: Jekyll
Creator: Organization: Narwhal
 
FileName: Hendrick's Gin
SPDXID: hendrick-s-gin
FileComment: <text>2 oz</text>
FileContributor: The Hendrick's Gin Distillery Ltd
 
FileName: Chopin Potato Vodka
SPDXID: chopin-potato-vodka
FileComment: <text>0.5 oz</text>
FileContributor: Chopin Imports Ltd.
 
FileName: Cocchi Americano
SPDXID: cocchi-americano
FileComment: <text>0.25 oz</text>
FileContributor: Giulio Cocchi Spumanti Srl


JSON Format

{
    "shortname": "vesper",
    "name": "Vesper",
    "ingredients": [  
        {
            "name": "Hendrick's Gin",
            "manufacturer": "The Hendrick's Gin Distillery Ltd",
            "notes": "",
            "quantity": 2,
            "unit": "oz"
        },  
        {
            "name": "Chopin Potato Vodka",
            "manufacturer": "Chopin Imports Ltd.",
            "notes": "",
            "quantity": 0.5,
            "unit": "oz"
        },  
        {
            "name": "Cocchi Americano",
            "manufacturer": "Giulio Cocchi Spumanti Srl",
            "notes": "",
            "quantity": 0.25,
            "unit": "oz"
        }, 
    ],
    "instructions": "Shake with ice a whole lot, strain into glass. Garnish with lemon peel."
}