Software Bill of Materials

The Software Bill of Materials (SBOM) is an inventory of components used in building Synadia Insights. The SBOM provides transparency into software dependencies, including versions and licensing, and allows for easier compliance and vulnerability identification.

Insights publishes its SBOM in the SPDX format as a release asset. The summary below is generated via Go-aware tooling, which produces fewer extra matches than the SPDX export. We exclude Synadia proprietary code from this summary.

synadia-io/insights

License	Dependencies
Apache-2.0	13 dependencies github.com/CAFxX/httpcompression github.com/klauspost/compress github.com/minio/highwayhash github.com/nats-io/jsm.go github.com/nats-io/jwt github.com/nats-io/nats-server github.com/nats-io/nats.go github.com/nats-io/nkeys github.com/nats-io/nuid github.com/prometheus/client_golang github.com/prometheus/client_model github.com/prometheus/common go.yaml.in/yaml/v2
BSD-3-Clause	16 dependencies github.com/andybalholm/brotli github.com/google/uuid github.com/gorilla/securecookie github.com/gorilla/sessions github.com/klauspost/compress github.com/munnerz/goautoneg github.com/nats-io/nats-server github.com/prometheus/client_golang golang.org/x/crypto golang.org/x/mod golang.org/x/net golang.org/x/sync golang.org/x/sys golang.org/x/text golang.org/x/time google.golang.org/protobuf
MIT	24 dependencies github.com/a-h/templ github.com/alecthomas/kong github.com/andybalholm/brotli github.com/antithesishq/antithesis-sdk-go github.com/benbjohnson/hashfs github.com/beorn7/perks github.com/cespare/xxhash github.com/duckdb/duckdb-go github.com/duckdb/duckdb-go-bindings github.com/dustin/go-humanize github.com/expr-lang/expr github.com/go-chi/chi github.com/go-chi/cors github.com/go-viper/mapstructure github.com/goccy/go-json github.com/golang-jwt/jwt github.com/hashicorp/go-metrics github.com/klauspost/compress github.com/starfederation/datastar-go github.com/tidwall/gjson github.com/tidwall/match github.com/tidwall/pretty github.com/valyala/bytebufferpool gopkg.in/yaml.v3
MPL-2.0	2 dependencies github.com/hashicorp/go-immutable-radix github.com/hashicorp/golang-lru