OpenSSF · GraphQL Specification

OpenSSF GraphQL API

GUAC aggregates software supply-chain security metadata (SBOMs, attestations, vulnerabilities, signatures) into a queryable graph. GUAC exposes a GraphQL API for supply-chain queries when self-hosted.

Documentation Endpoint View on GitHub Linux FoundationOpen SourceSecuritySupply ChainVulnerabilitiesGraphQL

Overview

OpenSSF GraphQL API is a GraphQL API specification published by OpenSSF on the APIs.io network.

GUAC aggregates software supply-chain security metadata (SBOMs, attestations, vulnerabilities, signatures) into a queryable graph. GUAC exposes a GraphQL API for supply-chain queries when self-hosted.

The GraphQL endpoint is available at https://guac.sh. documentation is published at https://guac.sh/.

The specification includes 1 reference link.

Tagged areas include Linux Foundation, Open Source, Security, Supply Chain, and Vulnerabilities.

Endpoint

https://guac.sh

References

Related API Specs

OSV (Open Source Vulnerabilities) API (OpenAPI) OpenSSF Scorecard API (OpenAPI)
Back to OpenSSF · All GraphQL Specs · GitHub