{"id":17744940,"url":"https://github.com/bitbomdev/minefield","last_synced_at":"2025-03-14T20:31:58.391Z","repository":{"id":251072340,"uuid":"810915611","full_name":"bitbomdev/minefield","owner":"bitbomdev","description":"Graphing SBOM's Fast.","archived":false,"fork":false,"pushed_at":"2025-01-19T20:01:46.000Z","size":2940,"stargazers_count":704,"open_issues_count":7,"forks_count":25,"subscribers_count":27,"default_branch":"main","last_synced_at":"2025-01-19T21:15:09.826Z","etag":null,"topics":["ai","airgap","graph","llm","roaring-bitmaps","sbom","supply-chain-security"],"latest_commit_sha":null,"homepage":"https://bitbom.dev","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bitbomdev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-06-05T15:35:52.000Z","updated_at":"2025-01-19T20:01:47.000Z","dependencies_parsed_at":"2024-09-16T02:36:55.372Z","dependency_job_id":"7e5e8af2-ffe0-4f19-bcfc-4f229529260f","html_url":"https://github.com/bitbomdev/minefield","commit_stats":null,"previous_names":["bit-bom/minefield","bit-bom/bitbom","bitbomdev/minefield"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitbomdev%2Fminefield","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitbomdev%2Fminefield/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitbomdev%2Fminefield/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitbomdev%2Fminefield/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bitbomdev","download_url":"https://codeload.github.com/bitbomdev/minefield/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243642300,"owners_count":20324001,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","airgap","graph","llm","roaring-bitmaps","sbom","supply-chain-security"],"created_at":"2024-10-26T07:01:25.946Z","updated_at":"2025-03-14T20:31:58.385Z","avatar_url":"https://github.com/bitbomdev.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/bitbom-long-logo.png\" alt=\"BitBom Long Logo\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://goreportcard.com/report/github.com/bitbomdev/minefield\"\u003e\n    \u003cimg src=\"https://goreportcard.com/badge/github.com/bitbomdev/minefield\" alt=\"Go Report Card\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/bitbomdev/minefield/actions/workflows/build.yaml\"\u003e\n    \u003cimg src=\"https://github.com/bitbomdev/minefield/actions/workflows/build.yaml/badge.svg\" alt=\"Build and Test\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://bitbom.dev\"\u003e🌐 Web\u003c/a\u003e •\n  \u003ca href=\"https://bitbom.dev/demos/starting-up-minefield/\"\u003e📝 Demos\u003c/a\u003e •\n  \u003ca href=\"https://bitbom.dev/docs\"\u003e📚 Docs\u003c/a\u003e •\n  \u003ca href=\"https://bitbom.dev/blog\"\u003e📰 Blog\u003c/a\u003e\n\u003c/p\u003e\n\n**BitBom** Minefield uses roaring **Bit**maps to graph S**BOM**s with four main fundamentals:\n\n* **Speed**: Optimized for rapid data processing.\n* **Air-Gapped**: Operates securely in isolated environments.\n* **Scalable**: Supports millions of nodes effortlessly.\n* **Customizable**: Allows users to extend the project without relying on upstream changes.\n\n![Terminal Output](images/terminal.png)\n\u003e An example of Minefield caching ***10,000*** SBOMs packages transitive dependents in ***30 seconds***.\n\n---\n\n\u003eBefore moving on, please consider giving us a GitHub star ⭐️. Thank you!\n\n---\n\n## Table of Contents\n\n1. [Quickstart Guide](#quickstart-guide)\n2. [Example](#example)\n3. [To Start Using Minefield](#to-start-using-minefield)\n   - [Using Docker](#using-docker)\n   - [Building From Source](#building-from-source)\n4. [How Minefield Works](#how-minefield-works)\n   - [Air-Gapped Design Philosophy](#air-gapped-design-philosophy)\n5. [Visualization of a Query](#visualization-of-a-query)\n6. [Documentation](#documentation)\n7. [Blog](#blog)\n8. [Star History](#star-history)\n9. [Acknowledgements](#acknowledgements)\n\n[View Minefield demo on asciinema](https://asciinema.org/a/674302)\n\n## Quickstart Guide\n1. **Start the server**\n   ```sh\n   minefield server\n   ```\n\n2. **Ingest some data:**\n   ```sh\n   minefield ingest sbom \u003csbom_file or sbom_dir\u003e\n   ```\n3. **Cache the data:**\n   ```sh\n   minefield cache\n   ```\n4. **Run a query:**\n   ```sh\n   minefield query \u003cquery_string\u003e\n   ```\n\n### Example\n\n1. **Start the API server:**\n   ```sh\n   minefield server \n   ```\n\n2. **Ingest the `testdata/small` SBOM directory:**\n    ```sh\n    minefield ingest sbom testdata/small\n    ```\n3. **Cache the data:**\n    ```sh\n    minefield cache\n    ```\n4. **Run the leaderboard custom with \"dependents library\":**\n   - This command generates a ranked list of packages, ordered by the number of other packages that depend on them.\n    ```sh\n    minefield leaderboard custom \"dependents library\"\n    ```\n5. **Run a query on the top value from the leaderboard:**\n   - This command queries the dependents for a specific package, in this case `dep2`.\n    ```sh\n    minefield query custom \"dependents library pkg:dep2@1.0.0\"\n    ```\n6. **Run queries to see the shared dependencies of `lib-A` and `dep1`, and `lib-A` and `lib-B`:**\n   - These queries output the intersection of two queries, finding package dependencies shared between each pair.\n    ```sh\n    minefield query custom \"dependencies library pkg:lib-B@1.0.0 and dependencies library pkg:lib-A@1.0.0\"\n    ```\n## To Start Using Minefield\n\n### Using Docker\n\n```sh\ndocker pull ghcr.io/bitbomdev/minefield:latest\ndocker run -it ghcr.io/bitbomdev/minefield:latest\n```\n\n### Building From Source\n\n```sh\ngit clone git@github.com:bitbomdev/minefield.git\ncd minefield\ngo build -o minefield main.go\n./minefield\n```\n\n## How Minefield Works\n\nThe design decisions and architecture of Minefield can be found [here](paper.md).\n\n### Air-Gapped Design Philosophy\n\nMinefield is primarily designed as an air-gapped solution, operating seamlessly without internet connectivity. It makes it ideal for secure environments that require complete isolation from external networks.\n\n- **Offline Operation**: All functionalities, including data ingestion, caching, querying, and visualization, are performed locally without external dependencies.\n\n- **Enhanced Security**: Operating in an air-gapped environment minimizes the risk of data breaches and unauthorized access, ensuring that sensitive information remains within your controlled infrastructure.\n\n- **Data Sovereignty**: Users have complete control over their data, with no external transmissions, adhering to strict compliance and regulatory requirements.\n\n- **Efficiency**: Minefield is optimized for performance and can handle large datasets quickly even without network resources.\n\nMinefield makes it easy to securely and efficiently manage and explore your software dependencies within isolated environments by offline processing and analyzing SBOMs (Software Bill of Materials).\n\n## Visualization of a Query\n\n![Query Visualization](images/img.png)\n\n## Blog\n\nStay updated with the latest news and insights by visiting our [Blog](https://bitbom.dev/blog).\n\n## Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=bitbomdev/minefield\u0026type=Date)](https://star-history.com/#bitbomdev/minefield\u0026Date)\n\n## Acknowledgements\n\n- https://github.com/RoaringBitmap/roaring\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitbomdev%2Fminefield","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbitbomdev%2Fminefield","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitbomdev%2Fminefield/lists"}