From c3d430654b9020b2cc9bd96f8fb86fef6944415f Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Thu, 17 Oct 2024 10:33:17 +0200 Subject: [PATCH 01/20] - Implement support for custom licenses. Signed-off-by: HeyeOpenSource --- internal/licenses/parser.go | 21 ++++++++++++-- .../common/spdxhelpers/to_format_model.go | 11 +++++-- .../cyclonedxutil/helpers/licenses.go | 29 +++++++++++++++---- .../internal/spdxutil/helpers/license.go | 24 ++++++++++----- syft/format/syftjson/model/package.go | 1 + syft/format/syftjson/to_format_model.go | 1 + syft/format/syftjson/to_syft_model.go | 1 + syft/pkg/license.go | 1 + 8 files changed, 72 insertions(+), 17 deletions(-) diff --git a/internal/licenses/parser.go b/internal/licenses/parser.go index c9f77d56784..b58a51b4243 100644 --- a/internal/licenses/parser.go +++ b/internal/licenses/parser.go @@ -1,6 +1,8 @@ package licenses import ( + "crypto/sha256" + "fmt" "io" "github.com/google/licensecheck" @@ -11,10 +13,16 @@ import ( ) const ( - coverageThreshold = 75 - unknownLicenseType = "UNKNOWN" + coverageThreshold = 75 + unknownLicenseType = "UNKNOWN" + UnknownLicensePrefix = unknownLicenseType + "_" ) +func getCustomLicenseContentHash(contents []byte) string { + hash := sha256.Sum256(contents) + return fmt.Sprintf("%x", hash[:]) +} + // Parse scans the contents of a license file to attempt to determine the type of license it is func Parse(reader io.Reader, l file.Location) (licenses []pkg.License, err error) { licenses = make([]pkg.License, 0) @@ -31,6 +39,15 @@ func Parse(reader io.Reader, l file.Location) (licenses []pkg.License, err error cov := scanner.Scan(contents) if cov.Percent < coverageThreshold { // unknown or no licenses here? + if len(contents) > 0 { + lic := pkg.NewLicenseFromLocations(unknownLicenseType, l) + lic.SPDXExpression = UnknownLicensePrefix + getCustomLicenseContentHash(contents) + lic.Contents = string(contents) + lic.Type = license.Declared + + licenses = append(licenses, lic) + } + return licenses, nil } diff --git a/syft/format/common/spdxhelpers/to_format_model.go b/syft/format/common/spdxhelpers/to_format_model.go index 3f93883cf1b..9c99828eecb 100644 --- a/syft/format/common/spdxhelpers/to_format_model.go +++ b/syft/format/common/spdxhelpers/to_format_model.go @@ -14,6 +14,7 @@ import ( "github.com/spdx/tools-golang/spdx" "github.com/anchore/packageurl-go" + internallicenses "github.com/anchore/syft/internal/licenses" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/internal/mimetype" "github.com/anchore/syft/internal/relationship" @@ -742,10 +743,16 @@ func toOtherLicenses(catalog *pkg.Collection) []*spdx.OtherLicense { slices.Sort(ids) for _, id := range ids { license := licenses[id] - result = append(result, &spdx.OtherLicense{ + other := &spdx.OtherLicense{ LicenseIdentifier: license.ID, ExtractedText: license.Value, - }) + } + customPrefix := spdxlicense.LicenseRefPrefix + helpers.SanitizeElementID(internallicenses.UnknownLicensePrefix) + if strings.HasPrefix(license.ID, customPrefix) { + other.LicenseName = strings.TrimPrefix(license.ID, customPrefix) + other.LicenseComment = strings.Trim(internallicenses.UnknownLicensePrefix, "-_") + } + result = append(result, other) } return result } diff --git a/syft/format/internal/cyclonedxutil/helpers/licenses.go b/syft/format/internal/cyclonedxutil/helpers/licenses.go index 24c5d6ffb79..d9cfd0f6183 100644 --- a/syft/format/internal/cyclonedxutil/helpers/licenses.go +++ b/syft/format/internal/cyclonedxutil/helpers/licenses.go @@ -1,11 +1,13 @@ package helpers import ( + "encoding/base64" "fmt" "strings" "github.com/CycloneDX/cyclonedx-go" + "github.com/anchore/syft/internal/licenses" "github.com/anchore/syft/internal/spdxlicense" "github.com/anchore/syft/syft/pkg" ) @@ -123,11 +125,28 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression processLicenseURLs(l, "", &otherc) continue } - otherc = append(otherc, cyclonedx.LicenseChoice{ - License: &cyclonedx.License{ - Name: l.Value, - }, - }) + + if strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { + cyclonedxLicense := &cyclonedx.License{ + Name: strings.TrimPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix), + } + if len(l.Contents) > 0 { + cyclonedxLicense.Text = &cyclonedx.AttachedText{ + Content: base64.StdEncoding.EncodeToString([]byte(l.Contents)), + } + cyclonedxLicense.Text.ContentType = "text/plain" + cyclonedxLicense.Text.Encoding = "base64" + } + otherc = append(otherc, cyclonedx.LicenseChoice{ + License: cyclonedxLicense, + }) + } else { + otherc = append(otherc, cyclonedx.LicenseChoice{ + License: &cyclonedx.License{ + Name: l.Value, + }, + }) + } } return spdxc, otherc, ex } diff --git a/syft/format/internal/spdxutil/helpers/license.go b/syft/format/internal/spdxutil/helpers/license.go index b01539f2d0c..ad1cea6ec24 100644 --- a/syft/format/internal/spdxutil/helpers/license.go +++ b/syft/format/internal/spdxutil/helpers/license.go @@ -5,6 +5,7 @@ import ( "fmt" "strings" + "github.com/anchore/syft/internal/licenses" "github.com/anchore/syft/internal/spdxlicense" "github.com/anchore/syft/syft/license" "github.com/anchore/syft/syft/pkg" @@ -69,19 +70,26 @@ func ParseLicenses(raw []pkg.License) (concluded, declared []SPDXLicense) { } candidate := SPDXLicense{} - if l.SPDXExpression != "" { + if l.SPDXExpression != "" && !strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { candidate.ID = l.SPDXExpression } else { + candidate.Value = l.Value // we did not find a valid SPDX license ID so treat as separate license - if len(l.Value) <= 64 { - // if the license text is less than the size of the hash, - // just use it directly so the id is more readable - candidate.ID = spdxlicense.LicenseRefPrefix + SanitizeElementID(l.Value) + if strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { + candidate.ID = spdxlicense.LicenseRefPrefix + SanitizeElementID(l.SPDXExpression) + if len(l.Contents) > 0 { + candidate.Value = l.Contents + } } else { - hash := sha256.Sum256([]byte(l.Value)) - candidate.ID = fmt.Sprintf("%s%x", spdxlicense.LicenseRefPrefix, hash) + if len(l.Value) <= 64 { + // if the license text is less than the size of the hash, + // just use it directly so the id is more readable + candidate.ID = spdxlicense.LicenseRefPrefix + SanitizeElementID(l.Value) + } else { + hash := sha256.Sum256([]byte(l.Value)) + candidate.ID = fmt.Sprintf("%s%x", spdxlicense.LicenseRefPrefix, hash) + } } - candidate.Value = l.Value } switch l.Type { diff --git a/syft/format/syftjson/model/package.go b/syft/format/syftjson/model/package.go index 503709d1f16..69d0d251f50 100644 --- a/syft/format/syftjson/model/package.go +++ b/syft/format/syftjson/model/package.go @@ -51,6 +51,7 @@ type License struct { Type license.Type `json:"type"` URLs []string `json:"urls"` Locations []file.Location `json:"locations"` + Contents string `json:"contents,omitempty"` } func newModelLicensesFromValues(licenses []string) (ml []License) { diff --git a/syft/format/syftjson/to_format_model.go b/syft/format/syftjson/to_format_model.go index a5cd128a8b4..49583a370e0 100644 --- a/syft/format/syftjson/to_format_model.go +++ b/syft/format/syftjson/to_format_model.go @@ -234,6 +234,7 @@ func toLicenseModel(pkgLicenses []pkg.License) (modelLicenses []model.License) { Type: l.Type, URLs: urls, Locations: locations, + Contents: l.Contents, }) } return diff --git a/syft/format/syftjson/to_syft_model.go b/syft/format/syftjson/to_syft_model.go index 154b8fa8e65..3d616597da8 100644 --- a/syft/format/syftjson/to_syft_model.go +++ b/syft/format/syftjson/to_syft_model.go @@ -164,6 +164,7 @@ func toSyftLicenses(m []model.License) (p []pkg.License) { Type: l.Type, URLs: l.URLs, Locations: file.NewLocationSet(l.Locations...), + Contents: l.Contents, }) } return diff --git a/syft/pkg/license.go b/syft/pkg/license.go index ae311a13c35..11c3dab5099 100644 --- a/syft/pkg/license.go +++ b/syft/pkg/license.go @@ -29,6 +29,7 @@ type License struct { Type license.Type URLs []string `hash:"ignore"` Locations file.LocationSet `hash:"ignore"` + Contents string // The optional binary contents of the license file } type Licenses []License From 19611defbbf3608185f2d19a15bb7ed8927e03e0 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Thu, 17 Oct 2024 11:51:36 +0200 Subject: [PATCH 02/20] - Make sure custom licenses are also exported for the CycloneDX format. Signed-off-by: HeyeOpenSource --- syft/format/internal/cyclonedxutil/helpers/licenses.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/syft/format/internal/cyclonedxutil/helpers/licenses.go b/syft/format/internal/cyclonedxutil/helpers/licenses.go index d9cfd0f6183..0a27ff7e33c 100644 --- a/syft/format/internal/cyclonedxutil/helpers/licenses.go +++ b/syft/format/internal/cyclonedxutil/helpers/licenses.go @@ -113,7 +113,7 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression continue } - if l.SPDXExpression != "" { + if l.SPDXExpression != "" && !strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { // COMPLEX EXPRESSION CASE ex = append(ex, l.SPDXExpression) continue @@ -121,14 +121,14 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression // license string that are not valid spdx expressions or ids // we only use license Name here since we cannot guarantee that the license is a valid SPDX expression - if len(l.URLs) > 0 { + if len(l.URLs) > 0 && !strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { processLicenseURLs(l, "", &otherc) continue } if strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { cyclonedxLicense := &cyclonedx.License{ - Name: strings.TrimPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix), + Name: l.SPDXExpression, } if len(l.Contents) > 0 { cyclonedxLicense.Text = &cyclonedx.AttachedText{ From 6ebc5fa92a2730517d00930ebdc14ec1ff3c6bf1 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Thu, 17 Oct 2024 11:52:56 +0200 Subject: [PATCH 03/20] - Export license URL for custom licenses in the CycloneDX format, if available. Signed-off-by: HeyeOpenSource --- syft/format/internal/cyclonedxutil/helpers/licenses.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/syft/format/internal/cyclonedxutil/helpers/licenses.go b/syft/format/internal/cyclonedxutil/helpers/licenses.go index 0a27ff7e33c..fca659a0b5e 100644 --- a/syft/format/internal/cyclonedxutil/helpers/licenses.go +++ b/syft/format/internal/cyclonedxutil/helpers/licenses.go @@ -130,6 +130,9 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression cyclonedxLicense := &cyclonedx.License{ Name: l.SPDXExpression, } + if len(l.URLs) > 0 { + cyclonedxLicense.URL = l.URLs[0] + } if len(l.Contents) > 0 { cyclonedxLicense.Text = &cyclonedx.AttachedText{ Content: base64.StdEncoding.EncodeToString([]byte(l.Contents)), From 1ba23934f853e697383abfb36d349ec97285e1bb Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Thu, 17 Oct 2024 12:06:18 +0200 Subject: [PATCH 04/20] - Retain custom license contents for golang licenses. Signed-off-by: HeyeOpenSource --- syft/pkg/cataloger/golang/licenses.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/syft/pkg/cataloger/golang/licenses.go b/syft/pkg/cataloger/golang/licenses.go index 0b02c6581c1..73918b7593c 100644 --- a/syft/pkg/cataloger/golang/licenses.go +++ b/syft/pkg/cataloger/golang/licenses.go @@ -35,6 +35,7 @@ type goLicense struct { Type license.Type `json:"type,omitempty"` URLs []string `json:"urls,omitempty"` Locations []string `json:"locations,omitempty"` + Contents string `json:"contents,omitempty"` } type goLicenseResolver struct { @@ -392,6 +393,7 @@ func toPkgLicenses(goLicenses []goLicense) []pkg.License { Type: l.Type, URLs: l.URLs, Locations: toPkgLocations(l.Locations), + Contents: l.Contents, }) } return requireCollection(out) @@ -414,6 +416,7 @@ func toGoLicenses(pkgLicenses []pkg.License) []goLicense { Type: l.Type, URLs: l.URLs, Locations: toGoLocations(l.Locations), + Contents: l.Contents, }) } return out From 64a433e129d33377df5226abb9e37ba3d54b6cd7 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Fri, 18 Oct 2024 08:20:04 +0200 Subject: [PATCH 05/20] - Harmonize custom license line endings to UNIX style before registration in order to avoid incompatibilities (and multiple instances of the same license). Signed-off-by: HeyeOpenSource --- internal/licenses/parser.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/internal/licenses/parser.go b/internal/licenses/parser.go index b58a51b4243..8e510569654 100644 --- a/internal/licenses/parser.go +++ b/internal/licenses/parser.go @@ -4,6 +4,7 @@ import ( "crypto/sha256" "fmt" "io" + "strings" "github.com/google/licensecheck" @@ -40,6 +41,11 @@ func Parse(reader io.Reader, l file.Location) (licenses []pkg.License, err error if cov.Percent < coverageThreshold { // unknown or no licenses here? if len(contents) > 0 { + // harmonize line endings to unix compatible first: + // 1. \r\n => \n (Windows => UNIX) + // 2. \r => \n (Macintosh => UNIX) + contents = []byte(strings.ReplaceAll(strings.ReplaceAll(string(contents), "\r\n", "\n"), "\r", "\n")) + lic := pkg.NewLicenseFromLocations(unknownLicenseType, l) lic.SPDXExpression = UnknownLicensePrefix + getCustomLicenseContentHash(contents) lic.Contents = string(contents) From 48254a2a9a84d800ad1704bb0b272a85f128a2fd Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Fri, 18 Oct 2024 14:07:53 +0200 Subject: [PATCH 06/20] - Fix for static analysis. Signed-off-by: HeyeOpenSource --- .../cyclonedxutil/helpers/licenses.go | 52 +++++++++++-------- 1 file changed, 29 insertions(+), 23 deletions(-) diff --git a/syft/format/internal/cyclonedxutil/helpers/licenses.go b/syft/format/internal/cyclonedxutil/helpers/licenses.go index fca659a0b5e..4e2575e9626 100644 --- a/syft/format/internal/cyclonedxutil/helpers/licenses.go +++ b/syft/format/internal/cyclonedxutil/helpers/licenses.go @@ -126,32 +126,38 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression continue } - if strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { - cyclonedxLicense := &cyclonedx.License{ - Name: l.SPDXExpression, - } - if len(l.URLs) > 0 { - cyclonedxLicense.URL = l.URLs[0] - } - if len(l.Contents) > 0 { - cyclonedxLicense.Text = &cyclonedx.AttachedText{ - Content: base64.StdEncoding.EncodeToString([]byte(l.Contents)), - } - cyclonedxLicense.Text.ContentType = "text/plain" - cyclonedxLicense.Text.Encoding = "base64" + otherc = append(otherc, processCustomLicense(l)...) + } + return spdxc, otherc, ex +} + +func processCustomLicense(l pkg.License) cyclonedx.Licenses { + result := cyclonedx.Licenses{} + if strings.HasPrefix(l.SPDXExpression, licenses.UnknownLicensePrefix) { + cyclonedxLicense := &cyclonedx.License{ + Name: l.SPDXExpression, + } + if len(l.URLs) > 0 { + cyclonedxLicense.URL = l.URLs[0] + } + if len(l.Contents) > 0 { + cyclonedxLicense.Text = &cyclonedx.AttachedText{ + Content: base64.StdEncoding.EncodeToString([]byte(l.Contents)), } - otherc = append(otherc, cyclonedx.LicenseChoice{ - License: cyclonedxLicense, - }) - } else { - otherc = append(otherc, cyclonedx.LicenseChoice{ - License: &cyclonedx.License{ - Name: l.Value, - }, - }) + cyclonedxLicense.Text.ContentType = "text/plain" + cyclonedxLicense.Text.Encoding = "base64" } + result = append(result, cyclonedx.LicenseChoice{ + License: cyclonedxLicense, + }) + } else { + result = append(result, cyclonedx.LicenseChoice{ + License: &cyclonedx.License{ + Name: l.Value, + }, + }) } - return spdxc, otherc, ex + return result } func processLicenseURLs(l pkg.License, spdxID string, populate *cyclonedx.Licenses) { From cbb9dddfbeba34499aa68e40f0efeb048955a990 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Tue, 22 Oct 2024 14:42:53 +0200 Subject: [PATCH 07/20] - Ignore custom license contents in hash. Signed-off-by: HeyeOpenSource --- syft/pkg/license.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/syft/pkg/license.go b/syft/pkg/license.go index 11c3dab5099..08604013807 100644 --- a/syft/pkg/license.go +++ b/syft/pkg/license.go @@ -29,7 +29,7 @@ type License struct { Type license.Type URLs []string `hash:"ignore"` Locations file.LocationSet `hash:"ignore"` - Contents string // The optional binary contents of the license file + Contents string `hash:"ignore"` // The optional binary contents of the license file } type Licenses []License From 02efff799428a6ec29785f91fd3dfdd4f3fecf02 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 10:53:44 +0200 Subject: [PATCH 08/20] - Added some Unit Tests. Signed-off-by: HeyeOpenSource --- internal/licenses/scanner_test.go | 264 +++++++++++++++++++++++++++ internal/licenses/search_test.go | 290 ++++++++++++++++++++++++++++++ 2 files changed, 554 insertions(+) create mode 100644 internal/licenses/scanner_test.go create mode 100644 internal/licenses/search_test.go diff --git a/internal/licenses/scanner_test.go b/internal/licenses/scanner_test.go new file mode 100644 index 00000000000..3372dcd63f9 --- /dev/null +++ b/internal/licenses/scanner_test.go @@ -0,0 +1,264 @@ +package licenses_test + +import ( + "bytes" + "testing" + + "github.com/stretchr/testify/require" + + "github.com/anchore/syft/internal/licenses" +) + +func TestIdentifyLicenseIDs(t *testing.T) { + type expectation struct { + yieldError bool + ids []string + content []byte + } + tests := []struct { + name string + in string + expected expectation + }{ + { + name: "apache license 2.0", + in: ` Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License.`, + expected: expectation{ + yieldError: false, + ids: []string{"Apache-2.0"}, + content: []byte{}, + }, + }, + { + name: "custom license", + in: "NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement", + expected: expectation{ + yieldError: false, + ids: []string{}, + content: []byte("NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement"), + }, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + ids, content, err := licenses.TestingOnlyScanner().IdentifyLicenseIDs(nil, bytes.NewBuffer([]byte(test.in))) + if test.expected.yieldError { + require.Error(t, err) + } else { + require.NoError(t, err) + + require.Len(t, ids, len(test.expected.ids)) + require.Len(t, content, len(test.expected.content)) + + if len(test.expected.ids) > 0 { + require.Equal(t, ids, test.expected.ids) + } + + if len(test.expected.content) > 0 { + require.Equal(t, content, test.expected.content) + } + } + }) + } +} diff --git a/internal/licenses/search_test.go b/internal/licenses/search_test.go new file mode 100644 index 00000000000..8f461215a71 --- /dev/null +++ b/internal/licenses/search_test.go @@ -0,0 +1,290 @@ +package licenses_test + +import ( + "bytes" + "testing" + + "github.com/anchore/syft/internal/licenses" + "github.com/anchore/syft/syft/file" + "github.com/anchore/syft/syft/pkg" + "github.com/stretchr/testify/require" +) + +type bytesReadCloser struct { + bytes.Buffer +} + +func (brc *bytesReadCloser) Close() error { + return nil +} + +func newBytesReadCloser(data []byte) *bytesReadCloser { + return &bytesReadCloser{ + Buffer: *bytes.NewBuffer(data), + } +} + +func TestSearch(t *testing.T) { + type expectation struct { + yieldError bool + licenses []pkg.License + } + testLocation := file.NewLocation("LICENSE") + tests := []struct { + name string + in string + expected expectation + }{ + { + name: "apache license 2.0", + in: ` Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License.`, + expected: expectation{ + yieldError: false, + licenses: []pkg.License{ + { + Value: "Apache-2.0", + SPDXExpression: "Apache-2.0", + Type: "concluded", + URLs: nil, + Locations: file.NewLocationSet(testLocation), + Contents: "", + }, + }, + }, + }, + { + name: "custom license", + in: "NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement", + expected: expectation{ + yieldError: false, + licenses: []pkg.License{ + { + Value: "UNKNOWN", + SPDXExpression: "UNKNOWN_4d1cffe420916f2b706300ab63fcafaf35226a0ad3725cb9f95b26036cefae32", + Type: "declared", + URLs: nil, + Locations: file.NewLocationSet(testLocation), + Contents: "NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement", + }, + }, + }, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + result, err := licenses.Search(nil, licenses.TestingOnlyScanner(), file.NewLocationReadCloser(file.NewLocation("LICENSE"), newBytesReadCloser([]byte(test.in)))) + if test.expected.yieldError { + require.Error(t, err) + } else { + require.NoError(t, err) + + require.Len(t, result, len(test.expected.licenses)) + + if len(test.expected.licenses) > 0 { + require.Equal(t, result, test.expected.licenses) + } + } + }) + } +} From 83613ccdacdf781b76e2716d46f1f8b05e9862ad Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 11:21:26 +0200 Subject: [PATCH 09/20] - Added Golang license specific conversion test. Signed-off-by: HeyeOpenSource --- syft/pkg/cataloger/golang/licenses_test.go | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/syft/pkg/cataloger/golang/licenses_test.go b/syft/pkg/cataloger/golang/licenses_test.go index 0acde6de95c..88b23da663c 100644 --- a/syft/pkg/cataloger/golang/licenses_test.go +++ b/syft/pkg/cataloger/golang/licenses_test.go @@ -312,3 +312,30 @@ func Test_noLocalGoModDir(t *testing.T) { }) } } + +func TestLicenseConversion(t *testing.T) { + inputLicenses := []pkg.License{ + { + Value: "Apache-2.0", + SPDXExpression: "Apache-2.0", + Type: "concluded", + URLs: nil, + Locations: file.NewLocationSet(file.NewLocation("LICENSE")), + Contents: "", + }, + { + Value: "UNKNOWN", + SPDXExpression: "UNKNOWN_4d1cffe420916f2b706300ab63fcafaf35226a0ad3725cb9f95b26036cefae32", + Type: "declared", + URLs: nil, + Locations: file.NewLocationSet(file.NewLocation("LICENSE2")), + Contents: "NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement", + }, + } + + goLicenses := toGoLicenses(inputLicenses) + + result := toPkgLicenses(goLicenses) + + require.Equal(t, inputLicenses, result) +} From 1dd8c87c19d8ca999bee3460a71ce3a4c706a6c2 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 15:28:30 +0200 Subject: [PATCH 10/20] - Merge licenses_test package into licenses package to try to fix static analysis. Signed-off-by: HeyeOpenSource --- internal/licenses/scanner_test.go | 6 ++---- internal/licenses/search_test.go | 5 ++--- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/internal/licenses/scanner_test.go b/internal/licenses/scanner_test.go index 3372dcd63f9..9a616fe4bce 100644 --- a/internal/licenses/scanner_test.go +++ b/internal/licenses/scanner_test.go @@ -1,12 +1,10 @@ -package licenses_test +package licenses import ( "bytes" "testing" "github.com/stretchr/testify/require" - - "github.com/anchore/syft/internal/licenses" ) func TestIdentifyLicenseIDs(t *testing.T) { @@ -242,7 +240,7 @@ func TestIdentifyLicenseIDs(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - ids, content, err := licenses.TestingOnlyScanner().IdentifyLicenseIDs(nil, bytes.NewBuffer([]byte(test.in))) + ids, content, err := TestingOnlyScanner().IdentifyLicenseIDs(nil, bytes.NewBuffer([]byte(test.in))) if test.expected.yieldError { require.Error(t, err) } else { diff --git a/internal/licenses/search_test.go b/internal/licenses/search_test.go index 8f461215a71..7800c749b0a 100644 --- a/internal/licenses/search_test.go +++ b/internal/licenses/search_test.go @@ -1,10 +1,9 @@ -package licenses_test +package licenses import ( "bytes" "testing" - "github.com/anchore/syft/internal/licenses" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/require" @@ -273,7 +272,7 @@ func TestSearch(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - result, err := licenses.Search(nil, licenses.TestingOnlyScanner(), file.NewLocationReadCloser(file.NewLocation("LICENSE"), newBytesReadCloser([]byte(test.in)))) + result, err := Search(nil, TestingOnlyScanner(), file.NewLocationReadCloser(file.NewLocation("LICENSE"), newBytesReadCloser([]byte(test.in)))) if test.expected.yieldError { require.Error(t, err) } else { From b177b4e45eea23ed4d0d5c814145a4c599d579cb Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 15:53:58 +0200 Subject: [PATCH 11/20] - Increment JSONSchemaVersion. Signed-off-by: HeyeOpenSource --- internal/constants.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/constants.go b/internal/constants.go index 4dd27cf7953..469f075c89c 100644 --- a/internal/constants.go +++ b/internal/constants.go @@ -3,5 +3,5 @@ package internal const ( // JSONSchemaVersion is the current schema version output by the JSON encoder // This is roughly following the "SchemaVer" guidelines for versioning the JSON schema. Please see schema/json/README.md for details on how to increment. - JSONSchemaVersion = "16.0.18" + JSONSchemaVersion = "16.0.19" ) From beda1b6dea590650554002ccc72aa49b3b0b6b01 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 16:03:11 +0200 Subject: [PATCH 12/20] - Adapt JSON schema. Signed-off-by: HeyeOpenSource --- schema/json/schema-16.0.19.json | 2730 +++++++++++++++++++++++++++++++ schema/json/schema-latest.json | 3 + 2 files changed, 2733 insertions(+) create mode 100644 schema/json/schema-16.0.19.json diff --git a/schema/json/schema-16.0.19.json b/schema/json/schema-16.0.19.json new file mode 100644 index 00000000000..296ff5d7065 --- /dev/null +++ b/schema/json/schema-16.0.19.json @@ -0,0 +1,2730 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "anchore.io/schema/syft/json/16.0.18/document", + "$ref": "#/$defs/Document", + "$defs": { + "AlpmDbEntry": { + "properties": { + "basepackage": { + "type": "string" + }, + "package": { + "type": "string" + }, + "version": { + "type": "string" + }, + "description": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "packager": { + "type": "string" + }, + "url": { + "type": "string" + }, + "validation": { + "type": "string" + }, + "reason": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "backup": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "basepackage", + "package", + "version", + "description", + "architecture", + "size", + "packager", + "url", + "validation", + "reason", + "files", + "backup" + ] + }, + "AlpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "type": { + "type": "string" + }, + "uid": { + "type": "string" + }, + "gid": { + "type": "string" + }, + "time": { + "type": "string", + "format": "date-time" + }, + "size": { + "type": "string" + }, + "link": { + "type": "string" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object" + }, + "ApkDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "originPackage": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "version": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "url": { + "type": "string" + }, + "description": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "installedSize": { + "type": "integer" + }, + "pullDependencies": { + "items": { + "type": "string" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "pullChecksum": { + "type": "string" + }, + "gitCommitOfApkPort": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/ApkFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "originPackage", + "maintainer", + "version", + "architecture", + "url", + "description", + "size", + "installedSize", + "pullDependencies", + "provides", + "pullChecksum", + "gitCommitOfApkPort", + "files" + ] + }, + "ApkFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "ownerUid": { + "type": "string" + }, + "ownerGid": { + "type": "string" + }, + "permissions": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "BinarySignature": { + "properties": { + "matches": { + "items": { + "$ref": "#/$defs/ClassifierMatch" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "matches" + ] + }, + "CConanFileEntry": { + "properties": { + "ref": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanInfoEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + }, + "prev": { + "type": "string" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "build_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "py_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "$ref": "#/$defs/KeyValues" + }, + "path": { + "type": "string" + }, + "context": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockV2Entry": { + "properties": { + "ref": { + "type": "string" + }, + "packageID": { + "type": "string" + }, + "username": { + "type": "string" + }, + "channel": { + "type": "string" + }, + "recipeRevision": { + "type": "string" + }, + "packageRevision": { + "type": "string" + }, + "timestamp": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CPE": { + "properties": { + "cpe": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "cpe" + ] + }, + "ClassifierMatch": { + "properties": { + "classifier": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Location" + } + }, + "type": "object", + "required": [ + "classifier", + "location" + ] + }, + "CocoaPodfileLockEntry": { + "properties": { + "checksum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "checksum" + ] + }, + "Coordinates": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "DartPubspecLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "hosted_url": { + "type": "string" + }, + "vcs_url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Descriptor": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "configuration": true + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Digest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "Document": { + "properties": { + "artifacts": { + "items": { + "$ref": "#/$defs/Package" + }, + "type": "array" + }, + "artifactRelationships": { + "items": { + "$ref": "#/$defs/Relationship" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/File" + }, + "type": "array" + }, + "source": { + "$ref": "#/$defs/Source" + }, + "distro": { + "$ref": "#/$defs/LinuxRelease" + }, + "descriptor": { + "$ref": "#/$defs/Descriptor" + }, + "schema": { + "$ref": "#/$defs/Schema" + } + }, + "type": "object", + "required": [ + "artifacts", + "artifactRelationships", + "source", + "distro", + "descriptor", + "schema" + ] + }, + "DotnetDepsEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "path": { + "type": "string" + }, + "sha512": { + "type": "string" + }, + "hashPath": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "path", + "sha512", + "hashPath" + ] + }, + "DotnetPortableExecutableEntry": { + "properties": { + "assemblyVersion": { + "type": "string" + }, + "legalCopyright": { + "type": "string" + }, + "comments": { + "type": "string" + }, + "internalName": { + "type": "string" + }, + "companyName": { + "type": "string" + }, + "productName": { + "type": "string" + }, + "productVersion": { + "type": "string" + } + }, + "type": "object", + "required": [ + "assemblyVersion", + "legalCopyright", + "companyName", + "productName", + "productVersion" + ] + }, + "DpkgDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "source": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "installedSize": { + "type": "integer" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "preDepends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/DpkgFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "source", + "version", + "sourceVersion", + "architecture", + "maintainer", + "installedSize", + "files" + ] + }, + "DpkgFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "isConfigFile": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "path", + "isConfigFile" + ] + }, + "ELFSecurityFeatures": { + "properties": { + "symbolTableStripped": { + "type": "boolean" + }, + "stackCanary": { + "type": "boolean" + }, + "nx": { + "type": "boolean" + }, + "relRO": { + "type": "string" + }, + "pie": { + "type": "boolean" + }, + "dso": { + "type": "boolean" + }, + "safeStack": { + "type": "boolean" + }, + "cfi": { + "type": "boolean" + }, + "fortify": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "symbolTableStripped", + "nx", + "relRO", + "pie", + "dso" + ] + }, + "ElfBinaryPackageNoteJsonPayload": { + "properties": { + "type": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "osCPE": { + "type": "string" + }, + "os": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "system": { + "type": "string" + }, + "vendor": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "commit": { + "type": "string" + } + }, + "type": "object" + }, + "ElixirMixLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "ErlangRebarLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "Executable": { + "properties": { + "format": { + "type": "string" + }, + "hasExports": { + "type": "boolean" + }, + "hasEntrypoint": { + "type": "boolean" + }, + "importedLibraries": { + "items": { + "type": "string" + }, + "type": "array" + }, + "elfSecurityFeatures": { + "$ref": "#/$defs/ELFSecurityFeatures" + } + }, + "type": "object", + "required": [ + "format", + "hasExports", + "hasEntrypoint", + "importedLibraries" + ] + }, + "File": { + "properties": { + "id": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Coordinates" + }, + "metadata": { + "$ref": "#/$defs/FileMetadataEntry" + }, + "contents": { + "type": "string" + }, + "digests": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/FileLicense" + }, + "type": "array" + }, + "executable": { + "$ref": "#/$defs/Executable" + }, + "unknowns": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "id", + "location" + ] + }, + "FileLicense": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "evidence": { + "$ref": "#/$defs/FileLicenseEvidence" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type" + ] + }, + "FileLicenseEvidence": { + "properties": { + "confidence": { + "type": "integer" + }, + "offset": { + "type": "integer" + }, + "extent": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "confidence", + "offset", + "extent" + ] + }, + "FileMetadataEntry": { + "properties": { + "mode": { + "type": "integer" + }, + "type": { + "type": "string" + }, + "linkDestination": { + "type": "string" + }, + "userID": { + "type": "integer" + }, + "groupID": { + "type": "integer" + }, + "mimeType": { + "type": "string" + }, + "size": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "mode", + "type", + "userID", + "groupID", + "mimeType", + "size" + ] + }, + "GoModuleBuildinfoEntry": { + "properties": { + "goBuildSettings": { + "$ref": "#/$defs/KeyValues" + }, + "goCompiledVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "h1Digest": { + "type": "string" + }, + "mainModule": { + "type": "string" + }, + "goCryptoSettings": { + "items": { + "type": "string" + }, + "type": "array" + }, + "goExperiments": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "goCompiledVersion", + "architecture" + ] + }, + "GoModuleEntry": { + "properties": { + "h1Digest": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackEntry": { + "properties": { + "pkgHash": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackLockEntry": { + "properties": { + "pkgHash": { + "type": "string" + }, + "snapshotURL": { + "type": "string" + } + }, + "type": "object" + }, + "IDLikes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "JavaArchive": { + "properties": { + "virtualPath": { + "type": "string" + }, + "manifest": { + "$ref": "#/$defs/JavaManifest" + }, + "pomProperties": { + "$ref": "#/$defs/JavaPomProperties" + }, + "pomProject": { + "$ref": "#/$defs/JavaPomProject" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "virtualPath" + ] + }, + "JavaJvmInstallation": { + "properties": { + "release": { + "$ref": "#/$defs/JavaVMRelease" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "release", + "files" + ] + }, + "JavaManifest": { + "properties": { + "main": { + "$ref": "#/$defs/KeyValues" + }, + "sections": { + "items": { + "$ref": "#/$defs/KeyValues" + }, + "type": "array" + } + }, + "type": "object" + }, + "JavaPomParent": { + "properties": { + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "type": "object", + "required": [ + "groupId", + "artifactId", + "version" + ] + }, + "JavaPomProject": { + "properties": { + "path": { + "type": "string" + }, + "parent": { + "$ref": "#/$defs/JavaPomParent" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "groupId", + "artifactId", + "version", + "name" + ] + }, + "JavaPomProperties": { + "properties": { + "path": { + "type": "string" + }, + "name": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "scope": { + "type": "string" + }, + "extraFields": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "name", + "groupId", + "artifactId", + "version" + ] + }, + "JavaVMRelease": { + "properties": { + "implementor": { + "type": "string" + }, + "implementorVersion": { + "type": "string" + }, + "javaRuntimeVersion": { + "type": "string" + }, + "javaVersion": { + "type": "string" + }, + "javaVersionDate": { + "type": "string" + }, + "libc": { + "type": "string" + }, + "modules": { + "items": { + "type": "string" + }, + "type": "array" + }, + "osArch": { + "type": "string" + }, + "osName": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "source": { + "type": "string" + }, + "buildSource": { + "type": "string" + }, + "buildSourceRepo": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "fullVersion": { + "type": "string" + }, + "semanticVersion": { + "type": "string" + }, + "buildInfo": { + "type": "string" + }, + "jvmVariant": { + "type": "string" + }, + "jvmVersion": { + "type": "string" + }, + "imageType": { + "type": "string" + }, + "buildType": { + "type": "string" + } + }, + "type": "object" + }, + "JavascriptNpmPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "private": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "homepage", + "description", + "url", + "private" + ] + }, + "JavascriptNpmPackageLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "JavascriptYarnLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "KeyValue": { + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "key", + "value" + ] + }, + "KeyValues": { + "items": { + "$ref": "#/$defs/KeyValue" + }, + "type": "array" + }, + "License": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "urls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "contents": { + "type": "string" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type", + "urls", + "locations" + ] + }, + "LinuxKernelArchive": { + "properties": { + "name": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "version": { + "type": "string" + }, + "extendedVersion": { + "type": "string" + }, + "buildTime": { + "type": "string" + }, + "author": { + "type": "string" + }, + "format": { + "type": "string" + }, + "rwRootFS": { + "type": "boolean" + }, + "swapDevice": { + "type": "integer" + }, + "rootDevice": { + "type": "integer" + }, + "videoMode": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "architecture", + "version" + ] + }, + "LinuxKernelModule": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "path": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "license": { + "type": "string" + }, + "kernelVersion": { + "type": "string" + }, + "versionMagic": { + "type": "string" + }, + "parameters": { + "patternProperties": { + ".*": { + "$ref": "#/$defs/LinuxKernelModuleParameter" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "LinuxKernelModuleParameter": { + "properties": { + "type": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object" + }, + "LinuxRelease": { + "properties": { + "prettyName": { + "type": "string" + }, + "name": { + "type": "string" + }, + "id": { + "type": "string" + }, + "idLike": { + "$ref": "#/$defs/IDLikes" + }, + "version": { + "type": "string" + }, + "versionID": { + "type": "string" + }, + "versionCodename": { + "type": "string" + }, + "buildID": { + "type": "string" + }, + "imageID": { + "type": "string" + }, + "imageVersion": { + "type": "string" + }, + "variant": { + "type": "string" + }, + "variantID": { + "type": "string" + }, + "homeURL": { + "type": "string" + }, + "supportURL": { + "type": "string" + }, + "bugReportURL": { + "type": "string" + }, + "privacyPolicyURL": { + "type": "string" + }, + "cpeName": { + "type": "string" + }, + "supportEnd": { + "type": "string" + } + }, + "type": "object" + }, + "Location": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + }, + "accessPath": { + "type": "string" + }, + "annotations": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "accessPath" + ] + }, + "LuarocksPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "dependencies": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "name", + "version", + "license", + "homepage", + "description", + "url", + "dependencies" + ] + }, + "MicrosoftKbPatch": { + "properties": { + "product_id": { + "type": "string" + }, + "kb": { + "type": "string" + } + }, + "type": "object", + "required": [ + "product_id", + "kb" + ] + }, + "NixStoreEntry": { + "properties": { + "outputHash": { + "type": "string" + }, + "output": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "outputHash", + "files" + ] + }, + "OpamPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "licenses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "url": { + "type": "string" + }, + "checksum": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "licenses", + "url", + "checksum", + "homepage", + "dependencies" + ] + }, + "Package": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "foundBy": { + "type": "string" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "licenses": { + "$ref": "#/$defs/licenses" + }, + "language": { + "type": "string" + }, + "cpes": { + "$ref": "#/$defs/cpes" + }, + "purl": { + "type": "string" + }, + "metadataType": { + "type": "string" + }, + "metadata": { + "anyOf": [ + { + "type": "null" + }, + { + "$ref": "#/$defs/AlpmDbEntry" + }, + { + "$ref": "#/$defs/ApkDbEntry" + }, + { + "$ref": "#/$defs/BinarySignature" + }, + { + "$ref": "#/$defs/CConanFileEntry" + }, + { + "$ref": "#/$defs/CConanInfoEntry" + }, + { + "$ref": "#/$defs/CConanLockEntry" + }, + { + "$ref": "#/$defs/CConanLockV2Entry" + }, + { + "$ref": "#/$defs/CocoaPodfileLockEntry" + }, + { + "$ref": "#/$defs/DartPubspecLockEntry" + }, + { + "$ref": "#/$defs/DotnetDepsEntry" + }, + { + "$ref": "#/$defs/DotnetPortableExecutableEntry" + }, + { + "$ref": "#/$defs/DpkgDbEntry" + }, + { + "$ref": "#/$defs/ElfBinaryPackageNoteJsonPayload" + }, + { + "$ref": "#/$defs/ElixirMixLockEntry" + }, + { + "$ref": "#/$defs/ErlangRebarLockEntry" + }, + { + "$ref": "#/$defs/GoModuleBuildinfoEntry" + }, + { + "$ref": "#/$defs/GoModuleEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackLockEntry" + }, + { + "$ref": "#/$defs/JavaArchive" + }, + { + "$ref": "#/$defs/JavaJvmInstallation" + }, + { + "$ref": "#/$defs/JavascriptNpmPackage" + }, + { + "$ref": "#/$defs/JavascriptNpmPackageLockEntry" + }, + { + "$ref": "#/$defs/JavascriptYarnLockEntry" + }, + { + "$ref": "#/$defs/LinuxKernelArchive" + }, + { + "$ref": "#/$defs/LinuxKernelModule" + }, + { + "$ref": "#/$defs/LuarocksPackage" + }, + { + "$ref": "#/$defs/MicrosoftKbPatch" + }, + { + "$ref": "#/$defs/NixStoreEntry" + }, + { + "$ref": "#/$defs/OpamPackage" + }, + { + "$ref": "#/$defs/PhpComposerInstalledEntry" + }, + { + "$ref": "#/$defs/PhpComposerLockEntry" + }, + { + "$ref": "#/$defs/PhpPeclEntry" + }, + { + "$ref": "#/$defs/PortageDbEntry" + }, + { + "$ref": "#/$defs/PythonPackage" + }, + { + "$ref": "#/$defs/PythonPipRequirementsEntry" + }, + { + "$ref": "#/$defs/PythonPipfileLockEntry" + }, + { + "$ref": "#/$defs/PythonPoetryLockEntry" + }, + { + "$ref": "#/$defs/RDescription" + }, + { + "$ref": "#/$defs/RpmArchive" + }, + { + "$ref": "#/$defs/RpmDbEntry" + }, + { + "$ref": "#/$defs/RubyGemspec" + }, + { + "$ref": "#/$defs/RustCargoAuditEntry" + }, + { + "$ref": "#/$defs/RustCargoLockEntry" + }, + { + "$ref": "#/$defs/SwiftPackageManagerLockEntry" + }, + { + "$ref": "#/$defs/SwiplpackPackage" + }, + { + "$ref": "#/$defs/WordpressPluginEntry" + } + ] + } + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "foundBy", + "locations", + "licenses", + "language", + "cpes", + "purl" + ] + }, + "PhpComposerAuthors": { + "properties": { + "name": { + "type": "string" + }, + "email": { + "type": "string" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name" + ] + }, + "PhpComposerExternalReference": { + "properties": { + "type": { + "type": "string" + }, + "url": { + "type": "string" + }, + "reference": { + "type": "string" + }, + "shasum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "type", + "url", + "reference" + ] + }, + "PhpComposerInstalledEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpComposerLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpPeclEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "PortageDbEntry": { + "properties": { + "installedSize": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/PortageFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "installedSize", + "files" + ] + }, + "PortageFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonDirectURLOriginInfo": { + "properties": { + "url": { + "type": "string" + }, + "commitId": { + "type": "string" + }, + "vcs": { + "type": "string" + } + }, + "type": "object", + "required": [ + "url" + ] + }, + "PythonFileDigest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "PythonFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/PythonFileDigest" + }, + "size": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "platform": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/PythonFileRecord" + }, + "type": "array" + }, + "sitePackagesRootPath": { + "type": "string" + }, + "topLevelPackages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "directUrlOrigin": { + "$ref": "#/$defs/PythonDirectURLOriginInfo" + }, + "requiresPython": { + "type": "string" + }, + "requiresDist": { + "items": { + "type": "string" + }, + "type": "array" + }, + "providesExtra": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "platform", + "sitePackagesRootPath" + ] + }, + "PythonPipRequirementsEntry": { + "properties": { + "name": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + }, + "versionConstraint": { + "type": "string" + }, + "url": { + "type": "string" + }, + "markers": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "versionConstraint" + ] + }, + "PythonPipfileLockEntry": { + "properties": { + "hashes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "index": { + "type": "string" + } + }, + "type": "object", + "required": [ + "hashes", + "index" + ] + }, + "PythonPoetryLockDependencyEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "optional": { + "type": "boolean" + }, + "markers": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "optional" + ] + }, + "PythonPoetryLockEntry": { + "properties": { + "index": { + "type": "string" + }, + "dependencies": { + "items": { + "$ref": "#/$defs/PythonPoetryLockDependencyEntry" + }, + "type": "array" + }, + "extras": { + "items": { + "$ref": "#/$defs/PythonPoetryLockExtraEntry" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "index", + "dependencies" + ] + }, + "PythonPoetryLockExtraEntry": { + "properties": { + "name": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "dependencies" + ] + }, + "RDescription": { + "properties": { + "title": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "url": { + "items": { + "type": "string" + }, + "type": "array" + }, + "repository": { + "type": "string" + }, + "built": { + "type": "string" + }, + "needsCompilation": { + "type": "boolean" + }, + "imports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "suggests": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "Relationship": { + "properties": { + "parent": { + "type": "string" + }, + "child": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "parent", + "child", + "type" + ] + }, + "RpmArchive": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmDbEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "mode": { + "type": "integer" + }, + "size": { + "type": "integer" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "userName": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "flags": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "mode", + "size", + "digest", + "userName", + "groupName", + "flags" + ] + }, + "RubyGemspec": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "RustCargoAuditEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source" + ] + }, + "RustCargoLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + }, + "checksum": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "checksum", + "dependencies" + ] + }, + "Schema": { + "properties": { + "version": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "version", + "url" + ] + }, + "Source": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "metadata" + ] + }, + "SwiftPackageManagerLockEntry": { + "properties": { + "revision": { + "type": "string" + } + }, + "type": "object", + "required": [ + "revision" + ] + }, + "SwiplpackPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "packager": { + "type": "string" + }, + "packagerEmail": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "packager", + "packagerEmail", + "homepage", + "dependencies" + ] + }, + "WordpressPluginEntry": { + "properties": { + "pluginInstallDirectory": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorUri": { + "type": "string" + } + }, + "type": "object", + "required": [ + "pluginInstallDirectory" + ] + }, + "cpes": { + "items": { + "$ref": "#/$defs/CPE" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/License" + }, + "type": "array" + } + } +} diff --git a/schema/json/schema-latest.json b/schema/json/schema-latest.json index 936582e2d22..296ff5d7065 100644 --- a/schema/json/schema-latest.json +++ b/schema/json/schema-latest.json @@ -1265,6 +1265,9 @@ "$ref": "#/$defs/Location" }, "type": "array" + }, + "contents": { + "type": "string" } }, "type": "object", From 52e1fab4e0bd8d6f85d8c6e64985387ff279bfd2 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 16:10:14 +0200 Subject: [PATCH 13/20] Revert "- Adapt JSON schema." This reverts commit beda1b6dea590650554002ccc72aa49b3b0b6b01. Signed-off-by: HeyeOpenSource --- schema/json/schema-16.0.19.json | 2730 ------------------------------- schema/json/schema-latest.json | 3 - 2 files changed, 2733 deletions(-) delete mode 100644 schema/json/schema-16.0.19.json diff --git a/schema/json/schema-16.0.19.json b/schema/json/schema-16.0.19.json deleted file mode 100644 index 296ff5d7065..00000000000 --- a/schema/json/schema-16.0.19.json +++ /dev/null @@ -1,2730 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "anchore.io/schema/syft/json/16.0.18/document", - "$ref": "#/$defs/Document", - "$defs": { - "AlpmDbEntry": { - "properties": { - "basepackage": { - "type": "string" - }, - "package": { - "type": "string" - }, - "version": { - "type": "string" - }, - "description": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "packager": { - "type": "string" - }, - "url": { - "type": "string" - }, - "validation": { - "type": "string" - }, - "reason": { - "type": "integer" - }, - "files": { - "items": { - "$ref": "#/$defs/AlpmFileRecord" - }, - "type": "array" - }, - "backup": { - "items": { - "$ref": "#/$defs/AlpmFileRecord" - }, - "type": "array" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "depends": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "basepackage", - "package", - "version", - "description", - "architecture", - "size", - "packager", - "url", - "validation", - "reason", - "files", - "backup" - ] - }, - "AlpmFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "type": { - "type": "string" - }, - "uid": { - "type": "string" - }, - "gid": { - "type": "string" - }, - "time": { - "type": "string", - "format": "date-time" - }, - "size": { - "type": "string" - }, - "link": { - "type": "string" - }, - "digest": { - "items": { - "$ref": "#/$defs/Digest" - }, - "type": "array" - } - }, - "type": "object" - }, - "ApkDbEntry": { - "properties": { - "package": { - "type": "string" - }, - "originPackage": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "version": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "url": { - "type": "string" - }, - "description": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "installedSize": { - "type": "integer" - }, - "pullDependencies": { - "items": { - "type": "string" - }, - "type": "array" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "pullChecksum": { - "type": "string" - }, - "gitCommitOfApkPort": { - "type": "string" - }, - "files": { - "items": { - "$ref": "#/$defs/ApkFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "package", - "originPackage", - "maintainer", - "version", - "architecture", - "url", - "description", - "size", - "installedSize", - "pullDependencies", - "provides", - "pullChecksum", - "gitCommitOfApkPort", - "files" - ] - }, - "ApkFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "ownerUid": { - "type": "string" - }, - "ownerGid": { - "type": "string" - }, - "permissions": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/Digest" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "BinarySignature": { - "properties": { - "matches": { - "items": { - "$ref": "#/$defs/ClassifierMatch" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "matches" - ] - }, - "CConanFileEntry": { - "properties": { - "ref": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CConanInfoEntry": { - "properties": { - "ref": { - "type": "string" - }, - "package_id": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CConanLockEntry": { - "properties": { - "ref": { - "type": "string" - }, - "package_id": { - "type": "string" - }, - "prev": { - "type": "string" - }, - "requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "build_requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "py_requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "options": { - "$ref": "#/$defs/KeyValues" - }, - "path": { - "type": "string" - }, - "context": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CConanLockV2Entry": { - "properties": { - "ref": { - "type": "string" - }, - "packageID": { - "type": "string" - }, - "username": { - "type": "string" - }, - "channel": { - "type": "string" - }, - "recipeRevision": { - "type": "string" - }, - "packageRevision": { - "type": "string" - }, - "timestamp": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CPE": { - "properties": { - "cpe": { - "type": "string" - }, - "source": { - "type": "string" - } - }, - "type": "object", - "required": [ - "cpe" - ] - }, - "ClassifierMatch": { - "properties": { - "classifier": { - "type": "string" - }, - "location": { - "$ref": "#/$defs/Location" - } - }, - "type": "object", - "required": [ - "classifier", - "location" - ] - }, - "CocoaPodfileLockEntry": { - "properties": { - "checksum": { - "type": "string" - } - }, - "type": "object", - "required": [ - "checksum" - ] - }, - "Coordinates": { - "properties": { - "path": { - "type": "string" - }, - "layerID": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "DartPubspecLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "hosted_url": { - "type": "string" - }, - "vcs_url": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "Descriptor": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "configuration": true - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "Digest": { - "properties": { - "algorithm": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "type": "object", - "required": [ - "algorithm", - "value" - ] - }, - "Document": { - "properties": { - "artifacts": { - "items": { - "$ref": "#/$defs/Package" - }, - "type": "array" - }, - "artifactRelationships": { - "items": { - "$ref": "#/$defs/Relationship" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/File" - }, - "type": "array" - }, - "source": { - "$ref": "#/$defs/Source" - }, - "distro": { - "$ref": "#/$defs/LinuxRelease" - }, - "descriptor": { - "$ref": "#/$defs/Descriptor" - }, - "schema": { - "$ref": "#/$defs/Schema" - } - }, - "type": "object", - "required": [ - "artifacts", - "artifactRelationships", - "source", - "distro", - "descriptor", - "schema" - ] - }, - "DotnetDepsEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "path": { - "type": "string" - }, - "sha512": { - "type": "string" - }, - "hashPath": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "path", - "sha512", - "hashPath" - ] - }, - "DotnetPortableExecutableEntry": { - "properties": { - "assemblyVersion": { - "type": "string" - }, - "legalCopyright": { - "type": "string" - }, - "comments": { - "type": "string" - }, - "internalName": { - "type": "string" - }, - "companyName": { - "type": "string" - }, - "productName": { - "type": "string" - }, - "productVersion": { - "type": "string" - } - }, - "type": "object", - "required": [ - "assemblyVersion", - "legalCopyright", - "companyName", - "productName", - "productVersion" - ] - }, - "DpkgDbEntry": { - "properties": { - "package": { - "type": "string" - }, - "source": { - "type": "string" - }, - "version": { - "type": "string" - }, - "sourceVersion": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "installedSize": { - "type": "integer" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "depends": { - "items": { - "type": "string" - }, - "type": "array" - }, - "preDepends": { - "items": { - "type": "string" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/DpkgFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "package", - "source", - "version", - "sourceVersion", - "architecture", - "maintainer", - "installedSize", - "files" - ] - }, - "DpkgFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/Digest" - }, - "isConfigFile": { - "type": "boolean" - } - }, - "type": "object", - "required": [ - "path", - "isConfigFile" - ] - }, - "ELFSecurityFeatures": { - "properties": { - "symbolTableStripped": { - "type": "boolean" - }, - "stackCanary": { - "type": "boolean" - }, - "nx": { - "type": "boolean" - }, - "relRO": { - "type": "string" - }, - "pie": { - "type": "boolean" - }, - "dso": { - "type": "boolean" - }, - "safeStack": { - "type": "boolean" - }, - "cfi": { - "type": "boolean" - }, - "fortify": { - "type": "boolean" - } - }, - "type": "object", - "required": [ - "symbolTableStripped", - "nx", - "relRO", - "pie", - "dso" - ] - }, - "ElfBinaryPackageNoteJsonPayload": { - "properties": { - "type": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "osCPE": { - "type": "string" - }, - "os": { - "type": "string" - }, - "osVersion": { - "type": "string" - }, - "system": { - "type": "string" - }, - "vendor": { - "type": "string" - }, - "sourceRepo": { - "type": "string" - }, - "commit": { - "type": "string" - } - }, - "type": "object" - }, - "ElixirMixLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "pkgHash": { - "type": "string" - }, - "pkgHashExt": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "pkgHash", - "pkgHashExt" - ] - }, - "ErlangRebarLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "pkgHash": { - "type": "string" - }, - "pkgHashExt": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "pkgHash", - "pkgHashExt" - ] - }, - "Executable": { - "properties": { - "format": { - "type": "string" - }, - "hasExports": { - "type": "boolean" - }, - "hasEntrypoint": { - "type": "boolean" - }, - "importedLibraries": { - "items": { - "type": "string" - }, - "type": "array" - }, - "elfSecurityFeatures": { - "$ref": "#/$defs/ELFSecurityFeatures" - } - }, - "type": "object", - "required": [ - "format", - "hasExports", - "hasEntrypoint", - "importedLibraries" - ] - }, - "File": { - "properties": { - "id": { - "type": "string" - }, - "location": { - "$ref": "#/$defs/Coordinates" - }, - "metadata": { - "$ref": "#/$defs/FileMetadataEntry" - }, - "contents": { - "type": "string" - }, - "digests": { - "items": { - "$ref": "#/$defs/Digest" - }, - "type": "array" - }, - "licenses": { - "items": { - "$ref": "#/$defs/FileLicense" - }, - "type": "array" - }, - "executable": { - "$ref": "#/$defs/Executable" - }, - "unknowns": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "id", - "location" - ] - }, - "FileLicense": { - "properties": { - "value": { - "type": "string" - }, - "spdxExpression": { - "type": "string" - }, - "type": { - "type": "string" - }, - "evidence": { - "$ref": "#/$defs/FileLicenseEvidence" - } - }, - "type": "object", - "required": [ - "value", - "spdxExpression", - "type" - ] - }, - "FileLicenseEvidence": { - "properties": { - "confidence": { - "type": "integer" - }, - "offset": { - "type": "integer" - }, - "extent": { - "type": "integer" - } - }, - "type": "object", - "required": [ - "confidence", - "offset", - "extent" - ] - }, - "FileMetadataEntry": { - "properties": { - "mode": { - "type": "integer" - }, - "type": { - "type": "string" - }, - "linkDestination": { - "type": "string" - }, - "userID": { - "type": "integer" - }, - "groupID": { - "type": "integer" - }, - "mimeType": { - "type": "string" - }, - "size": { - "type": "integer" - } - }, - "type": "object", - "required": [ - "mode", - "type", - "userID", - "groupID", - "mimeType", - "size" - ] - }, - "GoModuleBuildinfoEntry": { - "properties": { - "goBuildSettings": { - "$ref": "#/$defs/KeyValues" - }, - "goCompiledVersion": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "h1Digest": { - "type": "string" - }, - "mainModule": { - "type": "string" - }, - "goCryptoSettings": { - "items": { - "type": "string" - }, - "type": "array" - }, - "goExperiments": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "goCompiledVersion", - "architecture" - ] - }, - "GoModuleEntry": { - "properties": { - "h1Digest": { - "type": "string" - } - }, - "type": "object" - }, - "HaskellHackageStackEntry": { - "properties": { - "pkgHash": { - "type": "string" - } - }, - "type": "object" - }, - "HaskellHackageStackLockEntry": { - "properties": { - "pkgHash": { - "type": "string" - }, - "snapshotURL": { - "type": "string" - } - }, - "type": "object" - }, - "IDLikes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "JavaArchive": { - "properties": { - "virtualPath": { - "type": "string" - }, - "manifest": { - "$ref": "#/$defs/JavaManifest" - }, - "pomProperties": { - "$ref": "#/$defs/JavaPomProperties" - }, - "pomProject": { - "$ref": "#/$defs/JavaPomProject" - }, - "digest": { - "items": { - "$ref": "#/$defs/Digest" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "virtualPath" - ] - }, - "JavaJvmInstallation": { - "properties": { - "release": { - "$ref": "#/$defs/JavaVMRelease" - }, - "files": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "release", - "files" - ] - }, - "JavaManifest": { - "properties": { - "main": { - "$ref": "#/$defs/KeyValues" - }, - "sections": { - "items": { - "$ref": "#/$defs/KeyValues" - }, - "type": "array" - } - }, - "type": "object" - }, - "JavaPomParent": { - "properties": { - "groupId": { - "type": "string" - }, - "artifactId": { - "type": "string" - }, - "version": { - "type": "string" - } - }, - "type": "object", - "required": [ - "groupId", - "artifactId", - "version" - ] - }, - "JavaPomProject": { - "properties": { - "path": { - "type": "string" - }, - "parent": { - "$ref": "#/$defs/JavaPomParent" - }, - "groupId": { - "type": "string" - }, - "artifactId": { - "type": "string" - }, - "version": { - "type": "string" - }, - "name": { - "type": "string" - }, - "description": { - "type": "string" - }, - "url": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path", - "groupId", - "artifactId", - "version", - "name" - ] - }, - "JavaPomProperties": { - "properties": { - "path": { - "type": "string" - }, - "name": { - "type": "string" - }, - "groupId": { - "type": "string" - }, - "artifactId": { - "type": "string" - }, - "version": { - "type": "string" - }, - "scope": { - "type": "string" - }, - "extraFields": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object", - "required": [ - "path", - "name", - "groupId", - "artifactId", - "version" - ] - }, - "JavaVMRelease": { - "properties": { - "implementor": { - "type": "string" - }, - "implementorVersion": { - "type": "string" - }, - "javaRuntimeVersion": { - "type": "string" - }, - "javaVersion": { - "type": "string" - }, - "javaVersionDate": { - "type": "string" - }, - "libc": { - "type": "string" - }, - "modules": { - "items": { - "type": "string" - }, - "type": "array" - }, - "osArch": { - "type": "string" - }, - "osName": { - "type": "string" - }, - "osVersion": { - "type": "string" - }, - "source": { - "type": "string" - }, - "buildSource": { - "type": "string" - }, - "buildSourceRepo": { - "type": "string" - }, - "sourceRepo": { - "type": "string" - }, - "fullVersion": { - "type": "string" - }, - "semanticVersion": { - "type": "string" - }, - "buildInfo": { - "type": "string" - }, - "jvmVariant": { - "type": "string" - }, - "jvmVersion": { - "type": "string" - }, - "imageType": { - "type": "string" - }, - "buildType": { - "type": "string" - } - }, - "type": "object" - }, - "JavascriptNpmPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "author": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "description": { - "type": "string" - }, - "url": { - "type": "string" - }, - "private": { - "type": "boolean" - } - }, - "type": "object", - "required": [ - "name", - "version", - "author", - "homepage", - "description", - "url", - "private" - ] - }, - "JavascriptNpmPackageLockEntry": { - "properties": { - "resolved": { - "type": "string" - }, - "integrity": { - "type": "string" - } - }, - "type": "object", - "required": [ - "resolved", - "integrity" - ] - }, - "JavascriptYarnLockEntry": { - "properties": { - "resolved": { - "type": "string" - }, - "integrity": { - "type": "string" - } - }, - "type": "object", - "required": [ - "resolved", - "integrity" - ] - }, - "KeyValue": { - "properties": { - "key": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "type": "object", - "required": [ - "key", - "value" - ] - }, - "KeyValues": { - "items": { - "$ref": "#/$defs/KeyValue" - }, - "type": "array" - }, - "License": { - "properties": { - "value": { - "type": "string" - }, - "spdxExpression": { - "type": "string" - }, - "type": { - "type": "string" - }, - "urls": { - "items": { - "type": "string" - }, - "type": "array" - }, - "locations": { - "items": { - "$ref": "#/$defs/Location" - }, - "type": "array" - }, - "contents": { - "type": "string" - } - }, - "type": "object", - "required": [ - "value", - "spdxExpression", - "type", - "urls", - "locations" - ] - }, - "LinuxKernelArchive": { - "properties": { - "name": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "version": { - "type": "string" - }, - "extendedVersion": { - "type": "string" - }, - "buildTime": { - "type": "string" - }, - "author": { - "type": "string" - }, - "format": { - "type": "string" - }, - "rwRootFS": { - "type": "boolean" - }, - "swapDevice": { - "type": "integer" - }, - "rootDevice": { - "type": "integer" - }, - "videoMode": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "architecture", - "version" - ] - }, - "LinuxKernelModule": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "sourceVersion": { - "type": "string" - }, - "path": { - "type": "string" - }, - "description": { - "type": "string" - }, - "author": { - "type": "string" - }, - "license": { - "type": "string" - }, - "kernelVersion": { - "type": "string" - }, - "versionMagic": { - "type": "string" - }, - "parameters": { - "patternProperties": { - ".*": { - "$ref": "#/$defs/LinuxKernelModuleParameter" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "LinuxKernelModuleParameter": { - "properties": { - "type": { - "type": "string" - }, - "description": { - "type": "string" - } - }, - "type": "object" - }, - "LinuxRelease": { - "properties": { - "prettyName": { - "type": "string" - }, - "name": { - "type": "string" - }, - "id": { - "type": "string" - }, - "idLike": { - "$ref": "#/$defs/IDLikes" - }, - "version": { - "type": "string" - }, - "versionID": { - "type": "string" - }, - "versionCodename": { - "type": "string" - }, - "buildID": { - "type": "string" - }, - "imageID": { - "type": "string" - }, - "imageVersion": { - "type": "string" - }, - "variant": { - "type": "string" - }, - "variantID": { - "type": "string" - }, - "homeURL": { - "type": "string" - }, - "supportURL": { - "type": "string" - }, - "bugReportURL": { - "type": "string" - }, - "privacyPolicyURL": { - "type": "string" - }, - "cpeName": { - "type": "string" - }, - "supportEnd": { - "type": "string" - } - }, - "type": "object" - }, - "Location": { - "properties": { - "path": { - "type": "string" - }, - "layerID": { - "type": "string" - }, - "accessPath": { - "type": "string" - }, - "annotations": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object", - "required": [ - "path", - "accessPath" - ] - }, - "LuarocksPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "license": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "description": { - "type": "string" - }, - "url": { - "type": "string" - }, - "dependencies": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object", - "required": [ - "name", - "version", - "license", - "homepage", - "description", - "url", - "dependencies" - ] - }, - "MicrosoftKbPatch": { - "properties": { - "product_id": { - "type": "string" - }, - "kb": { - "type": "string" - } - }, - "type": "object", - "required": [ - "product_id", - "kb" - ] - }, - "NixStoreEntry": { - "properties": { - "outputHash": { - "type": "string" - }, - "output": { - "type": "string" - }, - "files": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "outputHash", - "files" - ] - }, - "OpamPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "licenses": { - "items": { - "type": "string" - }, - "type": "array" - }, - "url": { - "type": "string" - }, - "checksum": { - "items": { - "type": "string" - }, - "type": "array" - }, - "homepage": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "licenses", - "url", - "checksum", - "homepage", - "dependencies" - ] - }, - "Package": { - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "type": { - "type": "string" - }, - "foundBy": { - "type": "string" - }, - "locations": { - "items": { - "$ref": "#/$defs/Location" - }, - "type": "array" - }, - "licenses": { - "$ref": "#/$defs/licenses" - }, - "language": { - "type": "string" - }, - "cpes": { - "$ref": "#/$defs/cpes" - }, - "purl": { - "type": "string" - }, - "metadataType": { - "type": "string" - }, - "metadata": { - "anyOf": [ - { - "type": "null" - }, - { - "$ref": "#/$defs/AlpmDbEntry" - }, - { - "$ref": "#/$defs/ApkDbEntry" - }, - { - "$ref": "#/$defs/BinarySignature" - }, - { - "$ref": "#/$defs/CConanFileEntry" - }, - { - "$ref": "#/$defs/CConanInfoEntry" - }, - { - "$ref": "#/$defs/CConanLockEntry" - }, - { - "$ref": "#/$defs/CConanLockV2Entry" - }, - { - "$ref": "#/$defs/CocoaPodfileLockEntry" - }, - { - "$ref": "#/$defs/DartPubspecLockEntry" - }, - { - "$ref": "#/$defs/DotnetDepsEntry" - }, - { - "$ref": "#/$defs/DotnetPortableExecutableEntry" - }, - { - "$ref": "#/$defs/DpkgDbEntry" - }, - { - "$ref": "#/$defs/ElfBinaryPackageNoteJsonPayload" - }, - { - "$ref": "#/$defs/ElixirMixLockEntry" - }, - { - "$ref": "#/$defs/ErlangRebarLockEntry" - }, - { - "$ref": "#/$defs/GoModuleBuildinfoEntry" - }, - { - "$ref": "#/$defs/GoModuleEntry" - }, - { - "$ref": "#/$defs/HaskellHackageStackEntry" - }, - { - "$ref": "#/$defs/HaskellHackageStackLockEntry" - }, - { - "$ref": "#/$defs/JavaArchive" - }, - { - "$ref": "#/$defs/JavaJvmInstallation" - }, - { - "$ref": "#/$defs/JavascriptNpmPackage" - }, - { - "$ref": "#/$defs/JavascriptNpmPackageLockEntry" - }, - { - "$ref": "#/$defs/JavascriptYarnLockEntry" - }, - { - "$ref": "#/$defs/LinuxKernelArchive" - }, - { - "$ref": "#/$defs/LinuxKernelModule" - }, - { - "$ref": "#/$defs/LuarocksPackage" - }, - { - "$ref": "#/$defs/MicrosoftKbPatch" - }, - { - "$ref": "#/$defs/NixStoreEntry" - }, - { - "$ref": "#/$defs/OpamPackage" - }, - { - "$ref": "#/$defs/PhpComposerInstalledEntry" - }, - { - "$ref": "#/$defs/PhpComposerLockEntry" - }, - { - "$ref": "#/$defs/PhpPeclEntry" - }, - { - "$ref": "#/$defs/PortageDbEntry" - }, - { - "$ref": "#/$defs/PythonPackage" - }, - { - "$ref": "#/$defs/PythonPipRequirementsEntry" - }, - { - "$ref": "#/$defs/PythonPipfileLockEntry" - }, - { - "$ref": "#/$defs/PythonPoetryLockEntry" - }, - { - "$ref": "#/$defs/RDescription" - }, - { - "$ref": "#/$defs/RpmArchive" - }, - { - "$ref": "#/$defs/RpmDbEntry" - }, - { - "$ref": "#/$defs/RubyGemspec" - }, - { - "$ref": "#/$defs/RustCargoAuditEntry" - }, - { - "$ref": "#/$defs/RustCargoLockEntry" - }, - { - "$ref": "#/$defs/SwiftPackageManagerLockEntry" - }, - { - "$ref": "#/$defs/SwiplpackPackage" - }, - { - "$ref": "#/$defs/WordpressPluginEntry" - } - ] - } - }, - "type": "object", - "required": [ - "id", - "name", - "version", - "type", - "foundBy", - "locations", - "licenses", - "language", - "cpes", - "purl" - ] - }, - "PhpComposerAuthors": { - "properties": { - "name": { - "type": "string" - }, - "email": { - "type": "string" - }, - "homepage": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name" - ] - }, - "PhpComposerExternalReference": { - "properties": { - "type": { - "type": "string" - }, - "url": { - "type": "string" - }, - "reference": { - "type": "string" - }, - "shasum": { - "type": "string" - } - }, - "type": "object", - "required": [ - "type", - "url", - "reference" - ] - }, - "PhpComposerInstalledEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "dist": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "require": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "provide": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "require-dev": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "suggest": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "license": { - "items": { - "type": "string" - }, - "type": "array" - }, - "type": { - "type": "string" - }, - "notification-url": { - "type": "string" - }, - "bin": { - "items": { - "type": "string" - }, - "type": "array" - }, - "authors": { - "items": { - "$ref": "#/$defs/PhpComposerAuthors" - }, - "type": "array" - }, - "description": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "keywords": { - "items": { - "type": "string" - }, - "type": "array" - }, - "time": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source", - "dist" - ] - }, - "PhpComposerLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "dist": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "require": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "provide": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "require-dev": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "suggest": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "license": { - "items": { - "type": "string" - }, - "type": "array" - }, - "type": { - "type": "string" - }, - "notification-url": { - "type": "string" - }, - "bin": { - "items": { - "type": "string" - }, - "type": "array" - }, - "authors": { - "items": { - "$ref": "#/$defs/PhpComposerAuthors" - }, - "type": "array" - }, - "description": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "keywords": { - "items": { - "type": "string" - }, - "type": "array" - }, - "time": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source", - "dist" - ] - }, - "PhpPeclEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "license": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "PortageDbEntry": { - "properties": { - "installedSize": { - "type": "integer" - }, - "files": { - "items": { - "$ref": "#/$defs/PortageFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "installedSize", - "files" - ] - }, - "PortageFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/Digest" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "PythonDirectURLOriginInfo": { - "properties": { - "url": { - "type": "string" - }, - "commitId": { - "type": "string" - }, - "vcs": { - "type": "string" - } - }, - "type": "object", - "required": [ - "url" - ] - }, - "PythonFileDigest": { - "properties": { - "algorithm": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "type": "object", - "required": [ - "algorithm", - "value" - ] - }, - "PythonFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/PythonFileDigest" - }, - "size": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "PythonPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "author": { - "type": "string" - }, - "authorEmail": { - "type": "string" - }, - "platform": { - "type": "string" - }, - "files": { - "items": { - "$ref": "#/$defs/PythonFileRecord" - }, - "type": "array" - }, - "sitePackagesRootPath": { - "type": "string" - }, - "topLevelPackages": { - "items": { - "type": "string" - }, - "type": "array" - }, - "directUrlOrigin": { - "$ref": "#/$defs/PythonDirectURLOriginInfo" - }, - "requiresPython": { - "type": "string" - }, - "requiresDist": { - "items": { - "type": "string" - }, - "type": "array" - }, - "providesExtra": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "author", - "authorEmail", - "platform", - "sitePackagesRootPath" - ] - }, - "PythonPipRequirementsEntry": { - "properties": { - "name": { - "type": "string" - }, - "extras": { - "items": { - "type": "string" - }, - "type": "array" - }, - "versionConstraint": { - "type": "string" - }, - "url": { - "type": "string" - }, - "markers": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "versionConstraint" - ] - }, - "PythonPipfileLockEntry": { - "properties": { - "hashes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "index": { - "type": "string" - } - }, - "type": "object", - "required": [ - "hashes", - "index" - ] - }, - "PythonPoetryLockDependencyEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "optional": { - "type": "boolean" - }, - "markers": { - "type": "string" - }, - "extras": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "optional" - ] - }, - "PythonPoetryLockEntry": { - "properties": { - "index": { - "type": "string" - }, - "dependencies": { - "items": { - "$ref": "#/$defs/PythonPoetryLockDependencyEntry" - }, - "type": "array" - }, - "extras": { - "items": { - "$ref": "#/$defs/PythonPoetryLockExtraEntry" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "index", - "dependencies" - ] - }, - "PythonPoetryLockExtraEntry": { - "properties": { - "name": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "dependencies" - ] - }, - "RDescription": { - "properties": { - "title": { - "type": "string" - }, - "description": { - "type": "string" - }, - "author": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "url": { - "items": { - "type": "string" - }, - "type": "array" - }, - "repository": { - "type": "string" - }, - "built": { - "type": "string" - }, - "needsCompilation": { - "type": "boolean" - }, - "imports": { - "items": { - "type": "string" - }, - "type": "array" - }, - "depends": { - "items": { - "type": "string" - }, - "type": "array" - }, - "suggests": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "Relationship": { - "properties": { - "parent": { - "type": "string" - }, - "child": { - "type": "string" - }, - "type": { - "type": "string" - }, - "metadata": true - }, - "type": "object", - "required": [ - "parent", - "child", - "type" - ] - }, - "RpmArchive": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "epoch": { - "oneOf": [ - { - "type": "integer" - }, - { - "type": "null" - } - ] - }, - "architecture": { - "type": "string" - }, - "release": { - "type": "string" - }, - "sourceRpm": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "vendor": { - "type": "string" - }, - "modularityLabel": { - "type": "string" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/RpmFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "epoch", - "architecture", - "release", - "sourceRpm", - "size", - "vendor", - "files" - ] - }, - "RpmDbEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "epoch": { - "oneOf": [ - { - "type": "integer" - }, - { - "type": "null" - } - ] - }, - "architecture": { - "type": "string" - }, - "release": { - "type": "string" - }, - "sourceRpm": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "vendor": { - "type": "string" - }, - "modularityLabel": { - "type": "string" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/RpmFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "epoch", - "architecture", - "release", - "sourceRpm", - "size", - "vendor", - "files" - ] - }, - "RpmFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "mode": { - "type": "integer" - }, - "size": { - "type": "integer" - }, - "digest": { - "$ref": "#/$defs/Digest" - }, - "userName": { - "type": "string" - }, - "groupName": { - "type": "string" - }, - "flags": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path", - "mode", - "size", - "digest", - "userName", - "groupName", - "flags" - ] - }, - "RubyGemspec": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "files": { - "items": { - "type": "string" - }, - "type": "array" - }, - "authors": { - "items": { - "type": "string" - }, - "type": "array" - }, - "homepage": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "RustCargoAuditEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source" - ] - }, - "RustCargoLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "type": "string" - }, - "checksum": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source", - "checksum", - "dependencies" - ] - }, - "Schema": { - "properties": { - "version": { - "type": "string" - }, - "url": { - "type": "string" - } - }, - "type": "object", - "required": [ - "version", - "url" - ] - }, - "Source": { - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "type": { - "type": "string" - }, - "metadata": true - }, - "type": "object", - "required": [ - "id", - "name", - "version", - "type", - "metadata" - ] - }, - "SwiftPackageManagerLockEntry": { - "properties": { - "revision": { - "type": "string" - } - }, - "type": "object", - "required": [ - "revision" - ] - }, - "SwiplpackPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "author": { - "type": "string" - }, - "authorEmail": { - "type": "string" - }, - "packager": { - "type": "string" - }, - "packagerEmail": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "author", - "authorEmail", - "packager", - "packagerEmail", - "homepage", - "dependencies" - ] - }, - "WordpressPluginEntry": { - "properties": { - "pluginInstallDirectory": { - "type": "string" - }, - "author": { - "type": "string" - }, - "authorUri": { - "type": "string" - } - }, - "type": "object", - "required": [ - "pluginInstallDirectory" - ] - }, - "cpes": { - "items": { - "$ref": "#/$defs/CPE" - }, - "type": "array" - }, - "licenses": { - "items": { - "$ref": "#/$defs/License" - }, - "type": "array" - } - } -} diff --git a/schema/json/schema-latest.json b/schema/json/schema-latest.json index 296ff5d7065..936582e2d22 100644 --- a/schema/json/schema-latest.json +++ b/schema/json/schema-latest.json @@ -1265,9 +1265,6 @@ "$ref": "#/$defs/Location" }, "type": "array" - }, - "contents": { - "type": "string" } }, "type": "object", From bb5a0eb3210ad6d6f4a90956a84fdceb330d3dde Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 16:33:41 +0200 Subject: [PATCH 14/20] - Add schema-16.0.19.json again. Signed-off-by: HeyeOpenSource --- schema/json/schema-16.0.19.json | 2730 +++++++++++++++++++++++++++++++ 1 file changed, 2730 insertions(+) create mode 100644 schema/json/schema-16.0.19.json diff --git a/schema/json/schema-16.0.19.json b/schema/json/schema-16.0.19.json new file mode 100644 index 00000000000..296ff5d7065 --- /dev/null +++ b/schema/json/schema-16.0.19.json @@ -0,0 +1,2730 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "anchore.io/schema/syft/json/16.0.18/document", + "$ref": "#/$defs/Document", + "$defs": { + "AlpmDbEntry": { + "properties": { + "basepackage": { + "type": "string" + }, + "package": { + "type": "string" + }, + "version": { + "type": "string" + }, + "description": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "packager": { + "type": "string" + }, + "url": { + "type": "string" + }, + "validation": { + "type": "string" + }, + "reason": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "backup": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "basepackage", + "package", + "version", + "description", + "architecture", + "size", + "packager", + "url", + "validation", + "reason", + "files", + "backup" + ] + }, + "AlpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "type": { + "type": "string" + }, + "uid": { + "type": "string" + }, + "gid": { + "type": "string" + }, + "time": { + "type": "string", + "format": "date-time" + }, + "size": { + "type": "string" + }, + "link": { + "type": "string" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object" + }, + "ApkDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "originPackage": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "version": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "url": { + "type": "string" + }, + "description": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "installedSize": { + "type": "integer" + }, + "pullDependencies": { + "items": { + "type": "string" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "pullChecksum": { + "type": "string" + }, + "gitCommitOfApkPort": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/ApkFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "originPackage", + "maintainer", + "version", + "architecture", + "url", + "description", + "size", + "installedSize", + "pullDependencies", + "provides", + "pullChecksum", + "gitCommitOfApkPort", + "files" + ] + }, + "ApkFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "ownerUid": { + "type": "string" + }, + "ownerGid": { + "type": "string" + }, + "permissions": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "BinarySignature": { + "properties": { + "matches": { + "items": { + "$ref": "#/$defs/ClassifierMatch" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "matches" + ] + }, + "CConanFileEntry": { + "properties": { + "ref": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanInfoEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + }, + "prev": { + "type": "string" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "build_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "py_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "$ref": "#/$defs/KeyValues" + }, + "path": { + "type": "string" + }, + "context": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockV2Entry": { + "properties": { + "ref": { + "type": "string" + }, + "packageID": { + "type": "string" + }, + "username": { + "type": "string" + }, + "channel": { + "type": "string" + }, + "recipeRevision": { + "type": "string" + }, + "packageRevision": { + "type": "string" + }, + "timestamp": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CPE": { + "properties": { + "cpe": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "cpe" + ] + }, + "ClassifierMatch": { + "properties": { + "classifier": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Location" + } + }, + "type": "object", + "required": [ + "classifier", + "location" + ] + }, + "CocoaPodfileLockEntry": { + "properties": { + "checksum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "checksum" + ] + }, + "Coordinates": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "DartPubspecLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "hosted_url": { + "type": "string" + }, + "vcs_url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Descriptor": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "configuration": true + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Digest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "Document": { + "properties": { + "artifacts": { + "items": { + "$ref": "#/$defs/Package" + }, + "type": "array" + }, + "artifactRelationships": { + "items": { + "$ref": "#/$defs/Relationship" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/File" + }, + "type": "array" + }, + "source": { + "$ref": "#/$defs/Source" + }, + "distro": { + "$ref": "#/$defs/LinuxRelease" + }, + "descriptor": { + "$ref": "#/$defs/Descriptor" + }, + "schema": { + "$ref": "#/$defs/Schema" + } + }, + "type": "object", + "required": [ + "artifacts", + "artifactRelationships", + "source", + "distro", + "descriptor", + "schema" + ] + }, + "DotnetDepsEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "path": { + "type": "string" + }, + "sha512": { + "type": "string" + }, + "hashPath": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "path", + "sha512", + "hashPath" + ] + }, + "DotnetPortableExecutableEntry": { + "properties": { + "assemblyVersion": { + "type": "string" + }, + "legalCopyright": { + "type": "string" + }, + "comments": { + "type": "string" + }, + "internalName": { + "type": "string" + }, + "companyName": { + "type": "string" + }, + "productName": { + "type": "string" + }, + "productVersion": { + "type": "string" + } + }, + "type": "object", + "required": [ + "assemblyVersion", + "legalCopyright", + "companyName", + "productName", + "productVersion" + ] + }, + "DpkgDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "source": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "installedSize": { + "type": "integer" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "preDepends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/DpkgFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "source", + "version", + "sourceVersion", + "architecture", + "maintainer", + "installedSize", + "files" + ] + }, + "DpkgFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "isConfigFile": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "path", + "isConfigFile" + ] + }, + "ELFSecurityFeatures": { + "properties": { + "symbolTableStripped": { + "type": "boolean" + }, + "stackCanary": { + "type": "boolean" + }, + "nx": { + "type": "boolean" + }, + "relRO": { + "type": "string" + }, + "pie": { + "type": "boolean" + }, + "dso": { + "type": "boolean" + }, + "safeStack": { + "type": "boolean" + }, + "cfi": { + "type": "boolean" + }, + "fortify": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "symbolTableStripped", + "nx", + "relRO", + "pie", + "dso" + ] + }, + "ElfBinaryPackageNoteJsonPayload": { + "properties": { + "type": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "osCPE": { + "type": "string" + }, + "os": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "system": { + "type": "string" + }, + "vendor": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "commit": { + "type": "string" + } + }, + "type": "object" + }, + "ElixirMixLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "ErlangRebarLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "Executable": { + "properties": { + "format": { + "type": "string" + }, + "hasExports": { + "type": "boolean" + }, + "hasEntrypoint": { + "type": "boolean" + }, + "importedLibraries": { + "items": { + "type": "string" + }, + "type": "array" + }, + "elfSecurityFeatures": { + "$ref": "#/$defs/ELFSecurityFeatures" + } + }, + "type": "object", + "required": [ + "format", + "hasExports", + "hasEntrypoint", + "importedLibraries" + ] + }, + "File": { + "properties": { + "id": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Coordinates" + }, + "metadata": { + "$ref": "#/$defs/FileMetadataEntry" + }, + "contents": { + "type": "string" + }, + "digests": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/FileLicense" + }, + "type": "array" + }, + "executable": { + "$ref": "#/$defs/Executable" + }, + "unknowns": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "id", + "location" + ] + }, + "FileLicense": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "evidence": { + "$ref": "#/$defs/FileLicenseEvidence" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type" + ] + }, + "FileLicenseEvidence": { + "properties": { + "confidence": { + "type": "integer" + }, + "offset": { + "type": "integer" + }, + "extent": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "confidence", + "offset", + "extent" + ] + }, + "FileMetadataEntry": { + "properties": { + "mode": { + "type": "integer" + }, + "type": { + "type": "string" + }, + "linkDestination": { + "type": "string" + }, + "userID": { + "type": "integer" + }, + "groupID": { + "type": "integer" + }, + "mimeType": { + "type": "string" + }, + "size": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "mode", + "type", + "userID", + "groupID", + "mimeType", + "size" + ] + }, + "GoModuleBuildinfoEntry": { + "properties": { + "goBuildSettings": { + "$ref": "#/$defs/KeyValues" + }, + "goCompiledVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "h1Digest": { + "type": "string" + }, + "mainModule": { + "type": "string" + }, + "goCryptoSettings": { + "items": { + "type": "string" + }, + "type": "array" + }, + "goExperiments": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "goCompiledVersion", + "architecture" + ] + }, + "GoModuleEntry": { + "properties": { + "h1Digest": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackEntry": { + "properties": { + "pkgHash": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackLockEntry": { + "properties": { + "pkgHash": { + "type": "string" + }, + "snapshotURL": { + "type": "string" + } + }, + "type": "object" + }, + "IDLikes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "JavaArchive": { + "properties": { + "virtualPath": { + "type": "string" + }, + "manifest": { + "$ref": "#/$defs/JavaManifest" + }, + "pomProperties": { + "$ref": "#/$defs/JavaPomProperties" + }, + "pomProject": { + "$ref": "#/$defs/JavaPomProject" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "virtualPath" + ] + }, + "JavaJvmInstallation": { + "properties": { + "release": { + "$ref": "#/$defs/JavaVMRelease" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "release", + "files" + ] + }, + "JavaManifest": { + "properties": { + "main": { + "$ref": "#/$defs/KeyValues" + }, + "sections": { + "items": { + "$ref": "#/$defs/KeyValues" + }, + "type": "array" + } + }, + "type": "object" + }, + "JavaPomParent": { + "properties": { + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "type": "object", + "required": [ + "groupId", + "artifactId", + "version" + ] + }, + "JavaPomProject": { + "properties": { + "path": { + "type": "string" + }, + "parent": { + "$ref": "#/$defs/JavaPomParent" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "groupId", + "artifactId", + "version", + "name" + ] + }, + "JavaPomProperties": { + "properties": { + "path": { + "type": "string" + }, + "name": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "scope": { + "type": "string" + }, + "extraFields": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "name", + "groupId", + "artifactId", + "version" + ] + }, + "JavaVMRelease": { + "properties": { + "implementor": { + "type": "string" + }, + "implementorVersion": { + "type": "string" + }, + "javaRuntimeVersion": { + "type": "string" + }, + "javaVersion": { + "type": "string" + }, + "javaVersionDate": { + "type": "string" + }, + "libc": { + "type": "string" + }, + "modules": { + "items": { + "type": "string" + }, + "type": "array" + }, + "osArch": { + "type": "string" + }, + "osName": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "source": { + "type": "string" + }, + "buildSource": { + "type": "string" + }, + "buildSourceRepo": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "fullVersion": { + "type": "string" + }, + "semanticVersion": { + "type": "string" + }, + "buildInfo": { + "type": "string" + }, + "jvmVariant": { + "type": "string" + }, + "jvmVersion": { + "type": "string" + }, + "imageType": { + "type": "string" + }, + "buildType": { + "type": "string" + } + }, + "type": "object" + }, + "JavascriptNpmPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "private": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "homepage", + "description", + "url", + "private" + ] + }, + "JavascriptNpmPackageLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "JavascriptYarnLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "KeyValue": { + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "key", + "value" + ] + }, + "KeyValues": { + "items": { + "$ref": "#/$defs/KeyValue" + }, + "type": "array" + }, + "License": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "urls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "contents": { + "type": "string" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type", + "urls", + "locations" + ] + }, + "LinuxKernelArchive": { + "properties": { + "name": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "version": { + "type": "string" + }, + "extendedVersion": { + "type": "string" + }, + "buildTime": { + "type": "string" + }, + "author": { + "type": "string" + }, + "format": { + "type": "string" + }, + "rwRootFS": { + "type": "boolean" + }, + "swapDevice": { + "type": "integer" + }, + "rootDevice": { + "type": "integer" + }, + "videoMode": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "architecture", + "version" + ] + }, + "LinuxKernelModule": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "path": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "license": { + "type": "string" + }, + "kernelVersion": { + "type": "string" + }, + "versionMagic": { + "type": "string" + }, + "parameters": { + "patternProperties": { + ".*": { + "$ref": "#/$defs/LinuxKernelModuleParameter" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "LinuxKernelModuleParameter": { + "properties": { + "type": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object" + }, + "LinuxRelease": { + "properties": { + "prettyName": { + "type": "string" + }, + "name": { + "type": "string" + }, + "id": { + "type": "string" + }, + "idLike": { + "$ref": "#/$defs/IDLikes" + }, + "version": { + "type": "string" + }, + "versionID": { + "type": "string" + }, + "versionCodename": { + "type": "string" + }, + "buildID": { + "type": "string" + }, + "imageID": { + "type": "string" + }, + "imageVersion": { + "type": "string" + }, + "variant": { + "type": "string" + }, + "variantID": { + "type": "string" + }, + "homeURL": { + "type": "string" + }, + "supportURL": { + "type": "string" + }, + "bugReportURL": { + "type": "string" + }, + "privacyPolicyURL": { + "type": "string" + }, + "cpeName": { + "type": "string" + }, + "supportEnd": { + "type": "string" + } + }, + "type": "object" + }, + "Location": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + }, + "accessPath": { + "type": "string" + }, + "annotations": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "accessPath" + ] + }, + "LuarocksPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "dependencies": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "name", + "version", + "license", + "homepage", + "description", + "url", + "dependencies" + ] + }, + "MicrosoftKbPatch": { + "properties": { + "product_id": { + "type": "string" + }, + "kb": { + "type": "string" + } + }, + "type": "object", + "required": [ + "product_id", + "kb" + ] + }, + "NixStoreEntry": { + "properties": { + "outputHash": { + "type": "string" + }, + "output": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "outputHash", + "files" + ] + }, + "OpamPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "licenses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "url": { + "type": "string" + }, + "checksum": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "licenses", + "url", + "checksum", + "homepage", + "dependencies" + ] + }, + "Package": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "foundBy": { + "type": "string" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "licenses": { + "$ref": "#/$defs/licenses" + }, + "language": { + "type": "string" + }, + "cpes": { + "$ref": "#/$defs/cpes" + }, + "purl": { + "type": "string" + }, + "metadataType": { + "type": "string" + }, + "metadata": { + "anyOf": [ + { + "type": "null" + }, + { + "$ref": "#/$defs/AlpmDbEntry" + }, + { + "$ref": "#/$defs/ApkDbEntry" + }, + { + "$ref": "#/$defs/BinarySignature" + }, + { + "$ref": "#/$defs/CConanFileEntry" + }, + { + "$ref": "#/$defs/CConanInfoEntry" + }, + { + "$ref": "#/$defs/CConanLockEntry" + }, + { + "$ref": "#/$defs/CConanLockV2Entry" + }, + { + "$ref": "#/$defs/CocoaPodfileLockEntry" + }, + { + "$ref": "#/$defs/DartPubspecLockEntry" + }, + { + "$ref": "#/$defs/DotnetDepsEntry" + }, + { + "$ref": "#/$defs/DotnetPortableExecutableEntry" + }, + { + "$ref": "#/$defs/DpkgDbEntry" + }, + { + "$ref": "#/$defs/ElfBinaryPackageNoteJsonPayload" + }, + { + "$ref": "#/$defs/ElixirMixLockEntry" + }, + { + "$ref": "#/$defs/ErlangRebarLockEntry" + }, + { + "$ref": "#/$defs/GoModuleBuildinfoEntry" + }, + { + "$ref": "#/$defs/GoModuleEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackLockEntry" + }, + { + "$ref": "#/$defs/JavaArchive" + }, + { + "$ref": "#/$defs/JavaJvmInstallation" + }, + { + "$ref": "#/$defs/JavascriptNpmPackage" + }, + { + "$ref": "#/$defs/JavascriptNpmPackageLockEntry" + }, + { + "$ref": "#/$defs/JavascriptYarnLockEntry" + }, + { + "$ref": "#/$defs/LinuxKernelArchive" + }, + { + "$ref": "#/$defs/LinuxKernelModule" + }, + { + "$ref": "#/$defs/LuarocksPackage" + }, + { + "$ref": "#/$defs/MicrosoftKbPatch" + }, + { + "$ref": "#/$defs/NixStoreEntry" + }, + { + "$ref": "#/$defs/OpamPackage" + }, + { + "$ref": "#/$defs/PhpComposerInstalledEntry" + }, + { + "$ref": "#/$defs/PhpComposerLockEntry" + }, + { + "$ref": "#/$defs/PhpPeclEntry" + }, + { + "$ref": "#/$defs/PortageDbEntry" + }, + { + "$ref": "#/$defs/PythonPackage" + }, + { + "$ref": "#/$defs/PythonPipRequirementsEntry" + }, + { + "$ref": "#/$defs/PythonPipfileLockEntry" + }, + { + "$ref": "#/$defs/PythonPoetryLockEntry" + }, + { + "$ref": "#/$defs/RDescription" + }, + { + "$ref": "#/$defs/RpmArchive" + }, + { + "$ref": "#/$defs/RpmDbEntry" + }, + { + "$ref": "#/$defs/RubyGemspec" + }, + { + "$ref": "#/$defs/RustCargoAuditEntry" + }, + { + "$ref": "#/$defs/RustCargoLockEntry" + }, + { + "$ref": "#/$defs/SwiftPackageManagerLockEntry" + }, + { + "$ref": "#/$defs/SwiplpackPackage" + }, + { + "$ref": "#/$defs/WordpressPluginEntry" + } + ] + } + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "foundBy", + "locations", + "licenses", + "language", + "cpes", + "purl" + ] + }, + "PhpComposerAuthors": { + "properties": { + "name": { + "type": "string" + }, + "email": { + "type": "string" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name" + ] + }, + "PhpComposerExternalReference": { + "properties": { + "type": { + "type": "string" + }, + "url": { + "type": "string" + }, + "reference": { + "type": "string" + }, + "shasum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "type", + "url", + "reference" + ] + }, + "PhpComposerInstalledEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpComposerLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpPeclEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "PortageDbEntry": { + "properties": { + "installedSize": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/PortageFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "installedSize", + "files" + ] + }, + "PortageFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonDirectURLOriginInfo": { + "properties": { + "url": { + "type": "string" + }, + "commitId": { + "type": "string" + }, + "vcs": { + "type": "string" + } + }, + "type": "object", + "required": [ + "url" + ] + }, + "PythonFileDigest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "PythonFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/PythonFileDigest" + }, + "size": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "platform": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/PythonFileRecord" + }, + "type": "array" + }, + "sitePackagesRootPath": { + "type": "string" + }, + "topLevelPackages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "directUrlOrigin": { + "$ref": "#/$defs/PythonDirectURLOriginInfo" + }, + "requiresPython": { + "type": "string" + }, + "requiresDist": { + "items": { + "type": "string" + }, + "type": "array" + }, + "providesExtra": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "platform", + "sitePackagesRootPath" + ] + }, + "PythonPipRequirementsEntry": { + "properties": { + "name": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + }, + "versionConstraint": { + "type": "string" + }, + "url": { + "type": "string" + }, + "markers": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "versionConstraint" + ] + }, + "PythonPipfileLockEntry": { + "properties": { + "hashes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "index": { + "type": "string" + } + }, + "type": "object", + "required": [ + "hashes", + "index" + ] + }, + "PythonPoetryLockDependencyEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "optional": { + "type": "boolean" + }, + "markers": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "optional" + ] + }, + "PythonPoetryLockEntry": { + "properties": { + "index": { + "type": "string" + }, + "dependencies": { + "items": { + "$ref": "#/$defs/PythonPoetryLockDependencyEntry" + }, + "type": "array" + }, + "extras": { + "items": { + "$ref": "#/$defs/PythonPoetryLockExtraEntry" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "index", + "dependencies" + ] + }, + "PythonPoetryLockExtraEntry": { + "properties": { + "name": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "dependencies" + ] + }, + "RDescription": { + "properties": { + "title": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "url": { + "items": { + "type": "string" + }, + "type": "array" + }, + "repository": { + "type": "string" + }, + "built": { + "type": "string" + }, + "needsCompilation": { + "type": "boolean" + }, + "imports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "suggests": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "Relationship": { + "properties": { + "parent": { + "type": "string" + }, + "child": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "parent", + "child", + "type" + ] + }, + "RpmArchive": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmDbEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "mode": { + "type": "integer" + }, + "size": { + "type": "integer" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "userName": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "flags": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "mode", + "size", + "digest", + "userName", + "groupName", + "flags" + ] + }, + "RubyGemspec": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "RustCargoAuditEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source" + ] + }, + "RustCargoLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + }, + "checksum": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "checksum", + "dependencies" + ] + }, + "Schema": { + "properties": { + "version": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "version", + "url" + ] + }, + "Source": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "metadata" + ] + }, + "SwiftPackageManagerLockEntry": { + "properties": { + "revision": { + "type": "string" + } + }, + "type": "object", + "required": [ + "revision" + ] + }, + "SwiplpackPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "packager": { + "type": "string" + }, + "packagerEmail": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "packager", + "packagerEmail", + "homepage", + "dependencies" + ] + }, + "WordpressPluginEntry": { + "properties": { + "pluginInstallDirectory": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorUri": { + "type": "string" + } + }, + "type": "object", + "required": [ + "pluginInstallDirectory" + ] + }, + "cpes": { + "items": { + "$ref": "#/$defs/CPE" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/License" + }, + "type": "array" + } + } +} From ef8875f3a036e17df37d3664d6c1a8985b688ffe Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 16:36:30 +0200 Subject: [PATCH 15/20] Revert "- Add schema-16.0.19.json again." This reverts commit 9b903788163331d8d728a7e117475fa5207bfdb8. Signed-off-by: HeyeOpenSource --- schema/json/schema-16.0.19.json | 2730 ------------------------------- 1 file changed, 2730 deletions(-) delete mode 100644 schema/json/schema-16.0.19.json diff --git a/schema/json/schema-16.0.19.json b/schema/json/schema-16.0.19.json deleted file mode 100644 index 296ff5d7065..00000000000 --- a/schema/json/schema-16.0.19.json +++ /dev/null @@ -1,2730 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "anchore.io/schema/syft/json/16.0.18/document", - "$ref": "#/$defs/Document", - "$defs": { - "AlpmDbEntry": { - "properties": { - "basepackage": { - "type": "string" - }, - "package": { - "type": "string" - }, - "version": { - "type": "string" - }, - "description": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "packager": { - "type": "string" - }, - "url": { - "type": "string" - }, - "validation": { - "type": "string" - }, - "reason": { - "type": "integer" - }, - "files": { - "items": { - "$ref": "#/$defs/AlpmFileRecord" - }, - "type": "array" - }, - "backup": { - "items": { - "$ref": "#/$defs/AlpmFileRecord" - }, - "type": "array" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "depends": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "basepackage", - "package", - "version", - "description", - "architecture", - "size", - "packager", - "url", - "validation", - "reason", - "files", - "backup" - ] - }, - "AlpmFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "type": { - "type": "string" - }, - "uid": { - "type": "string" - }, - "gid": { - "type": "string" - }, - "time": { - "type": "string", - "format": "date-time" - }, - "size": { - "type": "string" - }, - "link": { - "type": "string" - }, - "digest": { - "items": { - "$ref": "#/$defs/Digest" - }, - "type": "array" - } - }, - "type": "object" - }, - "ApkDbEntry": { - "properties": { - "package": { - "type": "string" - }, - "originPackage": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "version": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "url": { - "type": "string" - }, - "description": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "installedSize": { - "type": "integer" - }, - "pullDependencies": { - "items": { - "type": "string" - }, - "type": "array" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "pullChecksum": { - "type": "string" - }, - "gitCommitOfApkPort": { - "type": "string" - }, - "files": { - "items": { - "$ref": "#/$defs/ApkFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "package", - "originPackage", - "maintainer", - "version", - "architecture", - "url", - "description", - "size", - "installedSize", - "pullDependencies", - "provides", - "pullChecksum", - "gitCommitOfApkPort", - "files" - ] - }, - "ApkFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "ownerUid": { - "type": "string" - }, - "ownerGid": { - "type": "string" - }, - "permissions": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/Digest" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "BinarySignature": { - "properties": { - "matches": { - "items": { - "$ref": "#/$defs/ClassifierMatch" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "matches" - ] - }, - "CConanFileEntry": { - "properties": { - "ref": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CConanInfoEntry": { - "properties": { - "ref": { - "type": "string" - }, - "package_id": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CConanLockEntry": { - "properties": { - "ref": { - "type": "string" - }, - "package_id": { - "type": "string" - }, - "prev": { - "type": "string" - }, - "requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "build_requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "py_requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "options": { - "$ref": "#/$defs/KeyValues" - }, - "path": { - "type": "string" - }, - "context": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CConanLockV2Entry": { - "properties": { - "ref": { - "type": "string" - }, - "packageID": { - "type": "string" - }, - "username": { - "type": "string" - }, - "channel": { - "type": "string" - }, - "recipeRevision": { - "type": "string" - }, - "packageRevision": { - "type": "string" - }, - "timestamp": { - "type": "string" - } - }, - "type": "object", - "required": [ - "ref" - ] - }, - "CPE": { - "properties": { - "cpe": { - "type": "string" - }, - "source": { - "type": "string" - } - }, - "type": "object", - "required": [ - "cpe" - ] - }, - "ClassifierMatch": { - "properties": { - "classifier": { - "type": "string" - }, - "location": { - "$ref": "#/$defs/Location" - } - }, - "type": "object", - "required": [ - "classifier", - "location" - ] - }, - "CocoaPodfileLockEntry": { - "properties": { - "checksum": { - "type": "string" - } - }, - "type": "object", - "required": [ - "checksum" - ] - }, - "Coordinates": { - "properties": { - "path": { - "type": "string" - }, - "layerID": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "DartPubspecLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "hosted_url": { - "type": "string" - }, - "vcs_url": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "Descriptor": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "configuration": true - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "Digest": { - "properties": { - "algorithm": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "type": "object", - "required": [ - "algorithm", - "value" - ] - }, - "Document": { - "properties": { - "artifacts": { - "items": { - "$ref": "#/$defs/Package" - }, - "type": "array" - }, - "artifactRelationships": { - "items": { - "$ref": "#/$defs/Relationship" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/File" - }, - "type": "array" - }, - "source": { - "$ref": "#/$defs/Source" - }, - "distro": { - "$ref": "#/$defs/LinuxRelease" - }, - "descriptor": { - "$ref": "#/$defs/Descriptor" - }, - "schema": { - "$ref": "#/$defs/Schema" - } - }, - "type": "object", - "required": [ - "artifacts", - "artifactRelationships", - "source", - "distro", - "descriptor", - "schema" - ] - }, - "DotnetDepsEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "path": { - "type": "string" - }, - "sha512": { - "type": "string" - }, - "hashPath": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "path", - "sha512", - "hashPath" - ] - }, - "DotnetPortableExecutableEntry": { - "properties": { - "assemblyVersion": { - "type": "string" - }, - "legalCopyright": { - "type": "string" - }, - "comments": { - "type": "string" - }, - "internalName": { - "type": "string" - }, - "companyName": { - "type": "string" - }, - "productName": { - "type": "string" - }, - "productVersion": { - "type": "string" - } - }, - "type": "object", - "required": [ - "assemblyVersion", - "legalCopyright", - "companyName", - "productName", - "productVersion" - ] - }, - "DpkgDbEntry": { - "properties": { - "package": { - "type": "string" - }, - "source": { - "type": "string" - }, - "version": { - "type": "string" - }, - "sourceVersion": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "installedSize": { - "type": "integer" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "depends": { - "items": { - "type": "string" - }, - "type": "array" - }, - "preDepends": { - "items": { - "type": "string" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/DpkgFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "package", - "source", - "version", - "sourceVersion", - "architecture", - "maintainer", - "installedSize", - "files" - ] - }, - "DpkgFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/Digest" - }, - "isConfigFile": { - "type": "boolean" - } - }, - "type": "object", - "required": [ - "path", - "isConfigFile" - ] - }, - "ELFSecurityFeatures": { - "properties": { - "symbolTableStripped": { - "type": "boolean" - }, - "stackCanary": { - "type": "boolean" - }, - "nx": { - "type": "boolean" - }, - "relRO": { - "type": "string" - }, - "pie": { - "type": "boolean" - }, - "dso": { - "type": "boolean" - }, - "safeStack": { - "type": "boolean" - }, - "cfi": { - "type": "boolean" - }, - "fortify": { - "type": "boolean" - } - }, - "type": "object", - "required": [ - "symbolTableStripped", - "nx", - "relRO", - "pie", - "dso" - ] - }, - "ElfBinaryPackageNoteJsonPayload": { - "properties": { - "type": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "osCPE": { - "type": "string" - }, - "os": { - "type": "string" - }, - "osVersion": { - "type": "string" - }, - "system": { - "type": "string" - }, - "vendor": { - "type": "string" - }, - "sourceRepo": { - "type": "string" - }, - "commit": { - "type": "string" - } - }, - "type": "object" - }, - "ElixirMixLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "pkgHash": { - "type": "string" - }, - "pkgHashExt": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "pkgHash", - "pkgHashExt" - ] - }, - "ErlangRebarLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "pkgHash": { - "type": "string" - }, - "pkgHashExt": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "pkgHash", - "pkgHashExt" - ] - }, - "Executable": { - "properties": { - "format": { - "type": "string" - }, - "hasExports": { - "type": "boolean" - }, - "hasEntrypoint": { - "type": "boolean" - }, - "importedLibraries": { - "items": { - "type": "string" - }, - "type": "array" - }, - "elfSecurityFeatures": { - "$ref": "#/$defs/ELFSecurityFeatures" - } - }, - "type": "object", - "required": [ - "format", - "hasExports", - "hasEntrypoint", - "importedLibraries" - ] - }, - "File": { - "properties": { - "id": { - "type": "string" - }, - "location": { - "$ref": "#/$defs/Coordinates" - }, - "metadata": { - "$ref": "#/$defs/FileMetadataEntry" - }, - "contents": { - "type": "string" - }, - "digests": { - "items": { - "$ref": "#/$defs/Digest" - }, - "type": "array" - }, - "licenses": { - "items": { - "$ref": "#/$defs/FileLicense" - }, - "type": "array" - }, - "executable": { - "$ref": "#/$defs/Executable" - }, - "unknowns": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "id", - "location" - ] - }, - "FileLicense": { - "properties": { - "value": { - "type": "string" - }, - "spdxExpression": { - "type": "string" - }, - "type": { - "type": "string" - }, - "evidence": { - "$ref": "#/$defs/FileLicenseEvidence" - } - }, - "type": "object", - "required": [ - "value", - "spdxExpression", - "type" - ] - }, - "FileLicenseEvidence": { - "properties": { - "confidence": { - "type": "integer" - }, - "offset": { - "type": "integer" - }, - "extent": { - "type": "integer" - } - }, - "type": "object", - "required": [ - "confidence", - "offset", - "extent" - ] - }, - "FileMetadataEntry": { - "properties": { - "mode": { - "type": "integer" - }, - "type": { - "type": "string" - }, - "linkDestination": { - "type": "string" - }, - "userID": { - "type": "integer" - }, - "groupID": { - "type": "integer" - }, - "mimeType": { - "type": "string" - }, - "size": { - "type": "integer" - } - }, - "type": "object", - "required": [ - "mode", - "type", - "userID", - "groupID", - "mimeType", - "size" - ] - }, - "GoModuleBuildinfoEntry": { - "properties": { - "goBuildSettings": { - "$ref": "#/$defs/KeyValues" - }, - "goCompiledVersion": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "h1Digest": { - "type": "string" - }, - "mainModule": { - "type": "string" - }, - "goCryptoSettings": { - "items": { - "type": "string" - }, - "type": "array" - }, - "goExperiments": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "goCompiledVersion", - "architecture" - ] - }, - "GoModuleEntry": { - "properties": { - "h1Digest": { - "type": "string" - } - }, - "type": "object" - }, - "HaskellHackageStackEntry": { - "properties": { - "pkgHash": { - "type": "string" - } - }, - "type": "object" - }, - "HaskellHackageStackLockEntry": { - "properties": { - "pkgHash": { - "type": "string" - }, - "snapshotURL": { - "type": "string" - } - }, - "type": "object" - }, - "IDLikes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "JavaArchive": { - "properties": { - "virtualPath": { - "type": "string" - }, - "manifest": { - "$ref": "#/$defs/JavaManifest" - }, - "pomProperties": { - "$ref": "#/$defs/JavaPomProperties" - }, - "pomProject": { - "$ref": "#/$defs/JavaPomProject" - }, - "digest": { - "items": { - "$ref": "#/$defs/Digest" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "virtualPath" - ] - }, - "JavaJvmInstallation": { - "properties": { - "release": { - "$ref": "#/$defs/JavaVMRelease" - }, - "files": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "release", - "files" - ] - }, - "JavaManifest": { - "properties": { - "main": { - "$ref": "#/$defs/KeyValues" - }, - "sections": { - "items": { - "$ref": "#/$defs/KeyValues" - }, - "type": "array" - } - }, - "type": "object" - }, - "JavaPomParent": { - "properties": { - "groupId": { - "type": "string" - }, - "artifactId": { - "type": "string" - }, - "version": { - "type": "string" - } - }, - "type": "object", - "required": [ - "groupId", - "artifactId", - "version" - ] - }, - "JavaPomProject": { - "properties": { - "path": { - "type": "string" - }, - "parent": { - "$ref": "#/$defs/JavaPomParent" - }, - "groupId": { - "type": "string" - }, - "artifactId": { - "type": "string" - }, - "version": { - "type": "string" - }, - "name": { - "type": "string" - }, - "description": { - "type": "string" - }, - "url": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path", - "groupId", - "artifactId", - "version", - "name" - ] - }, - "JavaPomProperties": { - "properties": { - "path": { - "type": "string" - }, - "name": { - "type": "string" - }, - "groupId": { - "type": "string" - }, - "artifactId": { - "type": "string" - }, - "version": { - "type": "string" - }, - "scope": { - "type": "string" - }, - "extraFields": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object", - "required": [ - "path", - "name", - "groupId", - "artifactId", - "version" - ] - }, - "JavaVMRelease": { - "properties": { - "implementor": { - "type": "string" - }, - "implementorVersion": { - "type": "string" - }, - "javaRuntimeVersion": { - "type": "string" - }, - "javaVersion": { - "type": "string" - }, - "javaVersionDate": { - "type": "string" - }, - "libc": { - "type": "string" - }, - "modules": { - "items": { - "type": "string" - }, - "type": "array" - }, - "osArch": { - "type": "string" - }, - "osName": { - "type": "string" - }, - "osVersion": { - "type": "string" - }, - "source": { - "type": "string" - }, - "buildSource": { - "type": "string" - }, - "buildSourceRepo": { - "type": "string" - }, - "sourceRepo": { - "type": "string" - }, - "fullVersion": { - "type": "string" - }, - "semanticVersion": { - "type": "string" - }, - "buildInfo": { - "type": "string" - }, - "jvmVariant": { - "type": "string" - }, - "jvmVersion": { - "type": "string" - }, - "imageType": { - "type": "string" - }, - "buildType": { - "type": "string" - } - }, - "type": "object" - }, - "JavascriptNpmPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "author": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "description": { - "type": "string" - }, - "url": { - "type": "string" - }, - "private": { - "type": "boolean" - } - }, - "type": "object", - "required": [ - "name", - "version", - "author", - "homepage", - "description", - "url", - "private" - ] - }, - "JavascriptNpmPackageLockEntry": { - "properties": { - "resolved": { - "type": "string" - }, - "integrity": { - "type": "string" - } - }, - "type": "object", - "required": [ - "resolved", - "integrity" - ] - }, - "JavascriptYarnLockEntry": { - "properties": { - "resolved": { - "type": "string" - }, - "integrity": { - "type": "string" - } - }, - "type": "object", - "required": [ - "resolved", - "integrity" - ] - }, - "KeyValue": { - "properties": { - "key": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "type": "object", - "required": [ - "key", - "value" - ] - }, - "KeyValues": { - "items": { - "$ref": "#/$defs/KeyValue" - }, - "type": "array" - }, - "License": { - "properties": { - "value": { - "type": "string" - }, - "spdxExpression": { - "type": "string" - }, - "type": { - "type": "string" - }, - "urls": { - "items": { - "type": "string" - }, - "type": "array" - }, - "locations": { - "items": { - "$ref": "#/$defs/Location" - }, - "type": "array" - }, - "contents": { - "type": "string" - } - }, - "type": "object", - "required": [ - "value", - "spdxExpression", - "type", - "urls", - "locations" - ] - }, - "LinuxKernelArchive": { - "properties": { - "name": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "version": { - "type": "string" - }, - "extendedVersion": { - "type": "string" - }, - "buildTime": { - "type": "string" - }, - "author": { - "type": "string" - }, - "format": { - "type": "string" - }, - "rwRootFS": { - "type": "boolean" - }, - "swapDevice": { - "type": "integer" - }, - "rootDevice": { - "type": "integer" - }, - "videoMode": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "architecture", - "version" - ] - }, - "LinuxKernelModule": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "sourceVersion": { - "type": "string" - }, - "path": { - "type": "string" - }, - "description": { - "type": "string" - }, - "author": { - "type": "string" - }, - "license": { - "type": "string" - }, - "kernelVersion": { - "type": "string" - }, - "versionMagic": { - "type": "string" - }, - "parameters": { - "patternProperties": { - ".*": { - "$ref": "#/$defs/LinuxKernelModuleParameter" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "LinuxKernelModuleParameter": { - "properties": { - "type": { - "type": "string" - }, - "description": { - "type": "string" - } - }, - "type": "object" - }, - "LinuxRelease": { - "properties": { - "prettyName": { - "type": "string" - }, - "name": { - "type": "string" - }, - "id": { - "type": "string" - }, - "idLike": { - "$ref": "#/$defs/IDLikes" - }, - "version": { - "type": "string" - }, - "versionID": { - "type": "string" - }, - "versionCodename": { - "type": "string" - }, - "buildID": { - "type": "string" - }, - "imageID": { - "type": "string" - }, - "imageVersion": { - "type": "string" - }, - "variant": { - "type": "string" - }, - "variantID": { - "type": "string" - }, - "homeURL": { - "type": "string" - }, - "supportURL": { - "type": "string" - }, - "bugReportURL": { - "type": "string" - }, - "privacyPolicyURL": { - "type": "string" - }, - "cpeName": { - "type": "string" - }, - "supportEnd": { - "type": "string" - } - }, - "type": "object" - }, - "Location": { - "properties": { - "path": { - "type": "string" - }, - "layerID": { - "type": "string" - }, - "accessPath": { - "type": "string" - }, - "annotations": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object", - "required": [ - "path", - "accessPath" - ] - }, - "LuarocksPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "license": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "description": { - "type": "string" - }, - "url": { - "type": "string" - }, - "dependencies": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object", - "required": [ - "name", - "version", - "license", - "homepage", - "description", - "url", - "dependencies" - ] - }, - "MicrosoftKbPatch": { - "properties": { - "product_id": { - "type": "string" - }, - "kb": { - "type": "string" - } - }, - "type": "object", - "required": [ - "product_id", - "kb" - ] - }, - "NixStoreEntry": { - "properties": { - "outputHash": { - "type": "string" - }, - "output": { - "type": "string" - }, - "files": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "outputHash", - "files" - ] - }, - "OpamPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "licenses": { - "items": { - "type": "string" - }, - "type": "array" - }, - "url": { - "type": "string" - }, - "checksum": { - "items": { - "type": "string" - }, - "type": "array" - }, - "homepage": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "licenses", - "url", - "checksum", - "homepage", - "dependencies" - ] - }, - "Package": { - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "type": { - "type": "string" - }, - "foundBy": { - "type": "string" - }, - "locations": { - "items": { - "$ref": "#/$defs/Location" - }, - "type": "array" - }, - "licenses": { - "$ref": "#/$defs/licenses" - }, - "language": { - "type": "string" - }, - "cpes": { - "$ref": "#/$defs/cpes" - }, - "purl": { - "type": "string" - }, - "metadataType": { - "type": "string" - }, - "metadata": { - "anyOf": [ - { - "type": "null" - }, - { - "$ref": "#/$defs/AlpmDbEntry" - }, - { - "$ref": "#/$defs/ApkDbEntry" - }, - { - "$ref": "#/$defs/BinarySignature" - }, - { - "$ref": "#/$defs/CConanFileEntry" - }, - { - "$ref": "#/$defs/CConanInfoEntry" - }, - { - "$ref": "#/$defs/CConanLockEntry" - }, - { - "$ref": "#/$defs/CConanLockV2Entry" - }, - { - "$ref": "#/$defs/CocoaPodfileLockEntry" - }, - { - "$ref": "#/$defs/DartPubspecLockEntry" - }, - { - "$ref": "#/$defs/DotnetDepsEntry" - }, - { - "$ref": "#/$defs/DotnetPortableExecutableEntry" - }, - { - "$ref": "#/$defs/DpkgDbEntry" - }, - { - "$ref": "#/$defs/ElfBinaryPackageNoteJsonPayload" - }, - { - "$ref": "#/$defs/ElixirMixLockEntry" - }, - { - "$ref": "#/$defs/ErlangRebarLockEntry" - }, - { - "$ref": "#/$defs/GoModuleBuildinfoEntry" - }, - { - "$ref": "#/$defs/GoModuleEntry" - }, - { - "$ref": "#/$defs/HaskellHackageStackEntry" - }, - { - "$ref": "#/$defs/HaskellHackageStackLockEntry" - }, - { - "$ref": "#/$defs/JavaArchive" - }, - { - "$ref": "#/$defs/JavaJvmInstallation" - }, - { - "$ref": "#/$defs/JavascriptNpmPackage" - }, - { - "$ref": "#/$defs/JavascriptNpmPackageLockEntry" - }, - { - "$ref": "#/$defs/JavascriptYarnLockEntry" - }, - { - "$ref": "#/$defs/LinuxKernelArchive" - }, - { - "$ref": "#/$defs/LinuxKernelModule" - }, - { - "$ref": "#/$defs/LuarocksPackage" - }, - { - "$ref": "#/$defs/MicrosoftKbPatch" - }, - { - "$ref": "#/$defs/NixStoreEntry" - }, - { - "$ref": "#/$defs/OpamPackage" - }, - { - "$ref": "#/$defs/PhpComposerInstalledEntry" - }, - { - "$ref": "#/$defs/PhpComposerLockEntry" - }, - { - "$ref": "#/$defs/PhpPeclEntry" - }, - { - "$ref": "#/$defs/PortageDbEntry" - }, - { - "$ref": "#/$defs/PythonPackage" - }, - { - "$ref": "#/$defs/PythonPipRequirementsEntry" - }, - { - "$ref": "#/$defs/PythonPipfileLockEntry" - }, - { - "$ref": "#/$defs/PythonPoetryLockEntry" - }, - { - "$ref": "#/$defs/RDescription" - }, - { - "$ref": "#/$defs/RpmArchive" - }, - { - "$ref": "#/$defs/RpmDbEntry" - }, - { - "$ref": "#/$defs/RubyGemspec" - }, - { - "$ref": "#/$defs/RustCargoAuditEntry" - }, - { - "$ref": "#/$defs/RustCargoLockEntry" - }, - { - "$ref": "#/$defs/SwiftPackageManagerLockEntry" - }, - { - "$ref": "#/$defs/SwiplpackPackage" - }, - { - "$ref": "#/$defs/WordpressPluginEntry" - } - ] - } - }, - "type": "object", - "required": [ - "id", - "name", - "version", - "type", - "foundBy", - "locations", - "licenses", - "language", - "cpes", - "purl" - ] - }, - "PhpComposerAuthors": { - "properties": { - "name": { - "type": "string" - }, - "email": { - "type": "string" - }, - "homepage": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name" - ] - }, - "PhpComposerExternalReference": { - "properties": { - "type": { - "type": "string" - }, - "url": { - "type": "string" - }, - "reference": { - "type": "string" - }, - "shasum": { - "type": "string" - } - }, - "type": "object", - "required": [ - "type", - "url", - "reference" - ] - }, - "PhpComposerInstalledEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "dist": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "require": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "provide": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "require-dev": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "suggest": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "license": { - "items": { - "type": "string" - }, - "type": "array" - }, - "type": { - "type": "string" - }, - "notification-url": { - "type": "string" - }, - "bin": { - "items": { - "type": "string" - }, - "type": "array" - }, - "authors": { - "items": { - "$ref": "#/$defs/PhpComposerAuthors" - }, - "type": "array" - }, - "description": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "keywords": { - "items": { - "type": "string" - }, - "type": "array" - }, - "time": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source", - "dist" - ] - }, - "PhpComposerLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "dist": { - "$ref": "#/$defs/PhpComposerExternalReference" - }, - "require": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "provide": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "require-dev": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "suggest": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "license": { - "items": { - "type": "string" - }, - "type": "array" - }, - "type": { - "type": "string" - }, - "notification-url": { - "type": "string" - }, - "bin": { - "items": { - "type": "string" - }, - "type": "array" - }, - "authors": { - "items": { - "$ref": "#/$defs/PhpComposerAuthors" - }, - "type": "array" - }, - "description": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "keywords": { - "items": { - "type": "string" - }, - "type": "array" - }, - "time": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source", - "dist" - ] - }, - "PhpPeclEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "license": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "PortageDbEntry": { - "properties": { - "installedSize": { - "type": "integer" - }, - "files": { - "items": { - "$ref": "#/$defs/PortageFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "installedSize", - "files" - ] - }, - "PortageFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/Digest" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "PythonDirectURLOriginInfo": { - "properties": { - "url": { - "type": "string" - }, - "commitId": { - "type": "string" - }, - "vcs": { - "type": "string" - } - }, - "type": "object", - "required": [ - "url" - ] - }, - "PythonFileDigest": { - "properties": { - "algorithm": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "type": "object", - "required": [ - "algorithm", - "value" - ] - }, - "PythonFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$ref": "#/$defs/PythonFileDigest" - }, - "size": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path" - ] - }, - "PythonPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "author": { - "type": "string" - }, - "authorEmail": { - "type": "string" - }, - "platform": { - "type": "string" - }, - "files": { - "items": { - "$ref": "#/$defs/PythonFileRecord" - }, - "type": "array" - }, - "sitePackagesRootPath": { - "type": "string" - }, - "topLevelPackages": { - "items": { - "type": "string" - }, - "type": "array" - }, - "directUrlOrigin": { - "$ref": "#/$defs/PythonDirectURLOriginInfo" - }, - "requiresPython": { - "type": "string" - }, - "requiresDist": { - "items": { - "type": "string" - }, - "type": "array" - }, - "providesExtra": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "author", - "authorEmail", - "platform", - "sitePackagesRootPath" - ] - }, - "PythonPipRequirementsEntry": { - "properties": { - "name": { - "type": "string" - }, - "extras": { - "items": { - "type": "string" - }, - "type": "array" - }, - "versionConstraint": { - "type": "string" - }, - "url": { - "type": "string" - }, - "markers": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "versionConstraint" - ] - }, - "PythonPipfileLockEntry": { - "properties": { - "hashes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "index": { - "type": "string" - } - }, - "type": "object", - "required": [ - "hashes", - "index" - ] - }, - "PythonPoetryLockDependencyEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "optional": { - "type": "boolean" - }, - "markers": { - "type": "string" - }, - "extras": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "optional" - ] - }, - "PythonPoetryLockEntry": { - "properties": { - "index": { - "type": "string" - }, - "dependencies": { - "items": { - "$ref": "#/$defs/PythonPoetryLockDependencyEntry" - }, - "type": "array" - }, - "extras": { - "items": { - "$ref": "#/$defs/PythonPoetryLockExtraEntry" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "index", - "dependencies" - ] - }, - "PythonPoetryLockExtraEntry": { - "properties": { - "name": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "dependencies" - ] - }, - "RDescription": { - "properties": { - "title": { - "type": "string" - }, - "description": { - "type": "string" - }, - "author": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "url": { - "items": { - "type": "string" - }, - "type": "array" - }, - "repository": { - "type": "string" - }, - "built": { - "type": "string" - }, - "needsCompilation": { - "type": "boolean" - }, - "imports": { - "items": { - "type": "string" - }, - "type": "array" - }, - "depends": { - "items": { - "type": "string" - }, - "type": "array" - }, - "suggests": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "Relationship": { - "properties": { - "parent": { - "type": "string" - }, - "child": { - "type": "string" - }, - "type": { - "type": "string" - }, - "metadata": true - }, - "type": "object", - "required": [ - "parent", - "child", - "type" - ] - }, - "RpmArchive": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "epoch": { - "oneOf": [ - { - "type": "integer" - }, - { - "type": "null" - } - ] - }, - "architecture": { - "type": "string" - }, - "release": { - "type": "string" - }, - "sourceRpm": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "vendor": { - "type": "string" - }, - "modularityLabel": { - "type": "string" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/RpmFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "epoch", - "architecture", - "release", - "sourceRpm", - "size", - "vendor", - "files" - ] - }, - "RpmDbEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "epoch": { - "oneOf": [ - { - "type": "integer" - }, - { - "type": "null" - } - ] - }, - "architecture": { - "type": "string" - }, - "release": { - "type": "string" - }, - "sourceRpm": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "vendor": { - "type": "string" - }, - "modularityLabel": { - "type": "string" - }, - "provides": { - "items": { - "type": "string" - }, - "type": "array" - }, - "requires": { - "items": { - "type": "string" - }, - "type": "array" - }, - "files": { - "items": { - "$ref": "#/$defs/RpmFileRecord" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "epoch", - "architecture", - "release", - "sourceRpm", - "size", - "vendor", - "files" - ] - }, - "RpmFileRecord": { - "properties": { - "path": { - "type": "string" - }, - "mode": { - "type": "integer" - }, - "size": { - "type": "integer" - }, - "digest": { - "$ref": "#/$defs/Digest" - }, - "userName": { - "type": "string" - }, - "groupName": { - "type": "string" - }, - "flags": { - "type": "string" - } - }, - "type": "object", - "required": [ - "path", - "mode", - "size", - "digest", - "userName", - "groupName", - "flags" - ] - }, - "RubyGemspec": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "files": { - "items": { - "type": "string" - }, - "type": "array" - }, - "authors": { - "items": { - "type": "string" - }, - "type": "array" - }, - "homepage": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version" - ] - }, - "RustCargoAuditEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "type": "string" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source" - ] - }, - "RustCargoLockEntry": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "type": "string" - }, - "checksum": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "source", - "checksum", - "dependencies" - ] - }, - "Schema": { - "properties": { - "version": { - "type": "string" - }, - "url": { - "type": "string" - } - }, - "type": "object", - "required": [ - "version", - "url" - ] - }, - "Source": { - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "type": { - "type": "string" - }, - "metadata": true - }, - "type": "object", - "required": [ - "id", - "name", - "version", - "type", - "metadata" - ] - }, - "SwiftPackageManagerLockEntry": { - "properties": { - "revision": { - "type": "string" - } - }, - "type": "object", - "required": [ - "revision" - ] - }, - "SwiplpackPackage": { - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "author": { - "type": "string" - }, - "authorEmail": { - "type": "string" - }, - "packager": { - "type": "string" - }, - "packagerEmail": { - "type": "string" - }, - "homepage": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object", - "required": [ - "name", - "version", - "author", - "authorEmail", - "packager", - "packagerEmail", - "homepage", - "dependencies" - ] - }, - "WordpressPluginEntry": { - "properties": { - "pluginInstallDirectory": { - "type": "string" - }, - "author": { - "type": "string" - }, - "authorUri": { - "type": "string" - } - }, - "type": "object", - "required": [ - "pluginInstallDirectory" - ] - }, - "cpes": { - "items": { - "$ref": "#/$defs/CPE" - }, - "type": "array" - }, - "licenses": { - "items": { - "$ref": "#/$defs/License" - }, - "type": "array" - } - } -} From 3e546de65a4e093bf6c0a892bc6b2ea037886743 Mon Sep 17 00:00:00 2001 From: HeyeOpenSource Date: Wed, 23 Oct 2024 16:45:18 +0200 Subject: [PATCH 16/20] - Added new schema as created by 'make generate-json-schema'. Signed-off-by: HeyeOpenSource --- schema/json/schema-16.0.19.json | 2730 +++++++++++++++++++++++++++++++ schema/json/schema-latest.json | 5 +- 2 files changed, 2734 insertions(+), 1 deletion(-) create mode 100644 schema/json/schema-16.0.19.json diff --git a/schema/json/schema-16.0.19.json b/schema/json/schema-16.0.19.json new file mode 100644 index 00000000000..3a2e660306e --- /dev/null +++ b/schema/json/schema-16.0.19.json @@ -0,0 +1,2730 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "anchore.io/schema/syft/json/16.0.19/document", + "$ref": "#/$defs/Document", + "$defs": { + "AlpmDbEntry": { + "properties": { + "basepackage": { + "type": "string" + }, + "package": { + "type": "string" + }, + "version": { + "type": "string" + }, + "description": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "packager": { + "type": "string" + }, + "url": { + "type": "string" + }, + "validation": { + "type": "string" + }, + "reason": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "backup": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "basepackage", + "package", + "version", + "description", + "architecture", + "size", + "packager", + "url", + "validation", + "reason", + "files", + "backup" + ] + }, + "AlpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "type": { + "type": "string" + }, + "uid": { + "type": "string" + }, + "gid": { + "type": "string" + }, + "time": { + "type": "string", + "format": "date-time" + }, + "size": { + "type": "string" + }, + "link": { + "type": "string" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object" + }, + "ApkDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "originPackage": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "version": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "url": { + "type": "string" + }, + "description": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "installedSize": { + "type": "integer" + }, + "pullDependencies": { + "items": { + "type": "string" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "pullChecksum": { + "type": "string" + }, + "gitCommitOfApkPort": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/ApkFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "originPackage", + "maintainer", + "version", + "architecture", + "url", + "description", + "size", + "installedSize", + "pullDependencies", + "provides", + "pullChecksum", + "gitCommitOfApkPort", + "files" + ] + }, + "ApkFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "ownerUid": { + "type": "string" + }, + "ownerGid": { + "type": "string" + }, + "permissions": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "BinarySignature": { + "properties": { + "matches": { + "items": { + "$ref": "#/$defs/ClassifierMatch" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "matches" + ] + }, + "CConanFileEntry": { + "properties": { + "ref": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanInfoEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + }, + "prev": { + "type": "string" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "build_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "py_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "$ref": "#/$defs/KeyValues" + }, + "path": { + "type": "string" + }, + "context": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockV2Entry": { + "properties": { + "ref": { + "type": "string" + }, + "packageID": { + "type": "string" + }, + "username": { + "type": "string" + }, + "channel": { + "type": "string" + }, + "recipeRevision": { + "type": "string" + }, + "packageRevision": { + "type": "string" + }, + "timestamp": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CPE": { + "properties": { + "cpe": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "cpe" + ] + }, + "ClassifierMatch": { + "properties": { + "classifier": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Location" + } + }, + "type": "object", + "required": [ + "classifier", + "location" + ] + }, + "CocoaPodfileLockEntry": { + "properties": { + "checksum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "checksum" + ] + }, + "Coordinates": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "DartPubspecLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "hosted_url": { + "type": "string" + }, + "vcs_url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Descriptor": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "configuration": true + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Digest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "Document": { + "properties": { + "artifacts": { + "items": { + "$ref": "#/$defs/Package" + }, + "type": "array" + }, + "artifactRelationships": { + "items": { + "$ref": "#/$defs/Relationship" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/File" + }, + "type": "array" + }, + "source": { + "$ref": "#/$defs/Source" + }, + "distro": { + "$ref": "#/$defs/LinuxRelease" + }, + "descriptor": { + "$ref": "#/$defs/Descriptor" + }, + "schema": { + "$ref": "#/$defs/Schema" + } + }, + "type": "object", + "required": [ + "artifacts", + "artifactRelationships", + "source", + "distro", + "descriptor", + "schema" + ] + }, + "DotnetDepsEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "path": { + "type": "string" + }, + "sha512": { + "type": "string" + }, + "hashPath": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "path", + "sha512", + "hashPath" + ] + }, + "DotnetPortableExecutableEntry": { + "properties": { + "assemblyVersion": { + "type": "string" + }, + "legalCopyright": { + "type": "string" + }, + "comments": { + "type": "string" + }, + "internalName": { + "type": "string" + }, + "companyName": { + "type": "string" + }, + "productName": { + "type": "string" + }, + "productVersion": { + "type": "string" + } + }, + "type": "object", + "required": [ + "assemblyVersion", + "legalCopyright", + "companyName", + "productName", + "productVersion" + ] + }, + "DpkgDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "source": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "installedSize": { + "type": "integer" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "preDepends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/DpkgFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "source", + "version", + "sourceVersion", + "architecture", + "maintainer", + "installedSize", + "files" + ] + }, + "DpkgFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "isConfigFile": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "path", + "isConfigFile" + ] + }, + "ELFSecurityFeatures": { + "properties": { + "symbolTableStripped": { + "type": "boolean" + }, + "stackCanary": { + "type": "boolean" + }, + "nx": { + "type": "boolean" + }, + "relRO": { + "type": "string" + }, + "pie": { + "type": "boolean" + }, + "dso": { + "type": "boolean" + }, + "safeStack": { + "type": "boolean" + }, + "cfi": { + "type": "boolean" + }, + "fortify": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "symbolTableStripped", + "nx", + "relRO", + "pie", + "dso" + ] + }, + "ElfBinaryPackageNoteJsonPayload": { + "properties": { + "type": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "osCPE": { + "type": "string" + }, + "os": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "system": { + "type": "string" + }, + "vendor": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "commit": { + "type": "string" + } + }, + "type": "object" + }, + "ElixirMixLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "ErlangRebarLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "Executable": { + "properties": { + "format": { + "type": "string" + }, + "hasExports": { + "type": "boolean" + }, + "hasEntrypoint": { + "type": "boolean" + }, + "importedLibraries": { + "items": { + "type": "string" + }, + "type": "array" + }, + "elfSecurityFeatures": { + "$ref": "#/$defs/ELFSecurityFeatures" + } + }, + "type": "object", + "required": [ + "format", + "hasExports", + "hasEntrypoint", + "importedLibraries" + ] + }, + "File": { + "properties": { + "id": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Coordinates" + }, + "metadata": { + "$ref": "#/$defs/FileMetadataEntry" + }, + "contents": { + "type": "string" + }, + "digests": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/FileLicense" + }, + "type": "array" + }, + "executable": { + "$ref": "#/$defs/Executable" + }, + "unknowns": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "id", + "location" + ] + }, + "FileLicense": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "evidence": { + "$ref": "#/$defs/FileLicenseEvidence" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type" + ] + }, + "FileLicenseEvidence": { + "properties": { + "confidence": { + "type": "integer" + }, + "offset": { + "type": "integer" + }, + "extent": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "confidence", + "offset", + "extent" + ] + }, + "FileMetadataEntry": { + "properties": { + "mode": { + "type": "integer" + }, + "type": { + "type": "string" + }, + "linkDestination": { + "type": "string" + }, + "userID": { + "type": "integer" + }, + "groupID": { + "type": "integer" + }, + "mimeType": { + "type": "string" + }, + "size": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "mode", + "type", + "userID", + "groupID", + "mimeType", + "size" + ] + }, + "GoModuleBuildinfoEntry": { + "properties": { + "goBuildSettings": { + "$ref": "#/$defs/KeyValues" + }, + "goCompiledVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "h1Digest": { + "type": "string" + }, + "mainModule": { + "type": "string" + }, + "goCryptoSettings": { + "items": { + "type": "string" + }, + "type": "array" + }, + "goExperiments": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "goCompiledVersion", + "architecture" + ] + }, + "GoModuleEntry": { + "properties": { + "h1Digest": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackEntry": { + "properties": { + "pkgHash": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackLockEntry": { + "properties": { + "pkgHash": { + "type": "string" + }, + "snapshotURL": { + "type": "string" + } + }, + "type": "object" + }, + "IDLikes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "JavaArchive": { + "properties": { + "virtualPath": { + "type": "string" + }, + "manifest": { + "$ref": "#/$defs/JavaManifest" + }, + "pomProperties": { + "$ref": "#/$defs/JavaPomProperties" + }, + "pomProject": { + "$ref": "#/$defs/JavaPomProject" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "virtualPath" + ] + }, + "JavaJvmInstallation": { + "properties": { + "release": { + "$ref": "#/$defs/JavaVMRelease" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "release", + "files" + ] + }, + "JavaManifest": { + "properties": { + "main": { + "$ref": "#/$defs/KeyValues" + }, + "sections": { + "items": { + "$ref": "#/$defs/KeyValues" + }, + "type": "array" + } + }, + "type": "object" + }, + "JavaPomParent": { + "properties": { + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "type": "object", + "required": [ + "groupId", + "artifactId", + "version" + ] + }, + "JavaPomProject": { + "properties": { + "path": { + "type": "string" + }, + "parent": { + "$ref": "#/$defs/JavaPomParent" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "groupId", + "artifactId", + "version", + "name" + ] + }, + "JavaPomProperties": { + "properties": { + "path": { + "type": "string" + }, + "name": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "scope": { + "type": "string" + }, + "extraFields": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "name", + "groupId", + "artifactId", + "version" + ] + }, + "JavaVMRelease": { + "properties": { + "implementor": { + "type": "string" + }, + "implementorVersion": { + "type": "string" + }, + "javaRuntimeVersion": { + "type": "string" + }, + "javaVersion": { + "type": "string" + }, + "javaVersionDate": { + "type": "string" + }, + "libc": { + "type": "string" + }, + "modules": { + "items": { + "type": "string" + }, + "type": "array" + }, + "osArch": { + "type": "string" + }, + "osName": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "source": { + "type": "string" + }, + "buildSource": { + "type": "string" + }, + "buildSourceRepo": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "fullVersion": { + "type": "string" + }, + "semanticVersion": { + "type": "string" + }, + "buildInfo": { + "type": "string" + }, + "jvmVariant": { + "type": "string" + }, + "jvmVersion": { + "type": "string" + }, + "imageType": { + "type": "string" + }, + "buildType": { + "type": "string" + } + }, + "type": "object" + }, + "JavascriptNpmPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "private": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "homepage", + "description", + "url", + "private" + ] + }, + "JavascriptNpmPackageLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "JavascriptYarnLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "KeyValue": { + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "key", + "value" + ] + }, + "KeyValues": { + "items": { + "$ref": "#/$defs/KeyValue" + }, + "type": "array" + }, + "License": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "urls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "contents": { + "type": "string" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type", + "urls", + "locations" + ] + }, + "LinuxKernelArchive": { + "properties": { + "name": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "version": { + "type": "string" + }, + "extendedVersion": { + "type": "string" + }, + "buildTime": { + "type": "string" + }, + "author": { + "type": "string" + }, + "format": { + "type": "string" + }, + "rwRootFS": { + "type": "boolean" + }, + "swapDevice": { + "type": "integer" + }, + "rootDevice": { + "type": "integer" + }, + "videoMode": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "architecture", + "version" + ] + }, + "LinuxKernelModule": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "path": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "license": { + "type": "string" + }, + "kernelVersion": { + "type": "string" + }, + "versionMagic": { + "type": "string" + }, + "parameters": { + "patternProperties": { + ".*": { + "$ref": "#/$defs/LinuxKernelModuleParameter" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "LinuxKernelModuleParameter": { + "properties": { + "type": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object" + }, + "LinuxRelease": { + "properties": { + "prettyName": { + "type": "string" + }, + "name": { + "type": "string" + }, + "id": { + "type": "string" + }, + "idLike": { + "$ref": "#/$defs/IDLikes" + }, + "version": { + "type": "string" + }, + "versionID": { + "type": "string" + }, + "versionCodename": { + "type": "string" + }, + "buildID": { + "type": "string" + }, + "imageID": { + "type": "string" + }, + "imageVersion": { + "type": "string" + }, + "variant": { + "type": "string" + }, + "variantID": { + "type": "string" + }, + "homeURL": { + "type": "string" + }, + "supportURL": { + "type": "string" + }, + "bugReportURL": { + "type": "string" + }, + "privacyPolicyURL": { + "type": "string" + }, + "cpeName": { + "type": "string" + }, + "supportEnd": { + "type": "string" + } + }, + "type": "object" + }, + "Location": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + }, + "accessPath": { + "type": "string" + }, + "annotations": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "accessPath" + ] + }, + "LuarocksPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "dependencies": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "name", + "version", + "license", + "homepage", + "description", + "url", + "dependencies" + ] + }, + "MicrosoftKbPatch": { + "properties": { + "product_id": { + "type": "string" + }, + "kb": { + "type": "string" + } + }, + "type": "object", + "required": [ + "product_id", + "kb" + ] + }, + "NixStoreEntry": { + "properties": { + "outputHash": { + "type": "string" + }, + "output": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "outputHash", + "files" + ] + }, + "OpamPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "licenses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "url": { + "type": "string" + }, + "checksum": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "licenses", + "url", + "checksum", + "homepage", + "dependencies" + ] + }, + "Package": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "foundBy": { + "type": "string" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "licenses": { + "$ref": "#/$defs/licenses" + }, + "language": { + "type": "string" + }, + "cpes": { + "$ref": "#/$defs/cpes" + }, + "purl": { + "type": "string" + }, + "metadataType": { + "type": "string" + }, + "metadata": { + "anyOf": [ + { + "type": "null" + }, + { + "$ref": "#/$defs/AlpmDbEntry" + }, + { + "$ref": "#/$defs/ApkDbEntry" + }, + { + "$ref": "#/$defs/BinarySignature" + }, + { + "$ref": "#/$defs/CConanFileEntry" + }, + { + "$ref": "#/$defs/CConanInfoEntry" + }, + { + "$ref": "#/$defs/CConanLockEntry" + }, + { + "$ref": "#/$defs/CConanLockV2Entry" + }, + { + "$ref": "#/$defs/CocoaPodfileLockEntry" + }, + { + "$ref": "#/$defs/DartPubspecLockEntry" + }, + { + "$ref": "#/$defs/DotnetDepsEntry" + }, + { + "$ref": "#/$defs/DotnetPortableExecutableEntry" + }, + { + "$ref": "#/$defs/DpkgDbEntry" + }, + { + "$ref": "#/$defs/ElfBinaryPackageNoteJsonPayload" + }, + { + "$ref": "#/$defs/ElixirMixLockEntry" + }, + { + "$ref": "#/$defs/ErlangRebarLockEntry" + }, + { + "$ref": "#/$defs/GoModuleBuildinfoEntry" + }, + { + "$ref": "#/$defs/GoModuleEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackLockEntry" + }, + { + "$ref": "#/$defs/JavaArchive" + }, + { + "$ref": "#/$defs/JavaJvmInstallation" + }, + { + "$ref": "#/$defs/JavascriptNpmPackage" + }, + { + "$ref": "#/$defs/JavascriptNpmPackageLockEntry" + }, + { + "$ref": "#/$defs/JavascriptYarnLockEntry" + }, + { + "$ref": "#/$defs/LinuxKernelArchive" + }, + { + "$ref": "#/$defs/LinuxKernelModule" + }, + { + "$ref": "#/$defs/LuarocksPackage" + }, + { + "$ref": "#/$defs/MicrosoftKbPatch" + }, + { + "$ref": "#/$defs/NixStoreEntry" + }, + { + "$ref": "#/$defs/OpamPackage" + }, + { + "$ref": "#/$defs/PhpComposerInstalledEntry" + }, + { + "$ref": "#/$defs/PhpComposerLockEntry" + }, + { + "$ref": "#/$defs/PhpPeclEntry" + }, + { + "$ref": "#/$defs/PortageDbEntry" + }, + { + "$ref": "#/$defs/PythonPackage" + }, + { + "$ref": "#/$defs/PythonPipRequirementsEntry" + }, + { + "$ref": "#/$defs/PythonPipfileLockEntry" + }, + { + "$ref": "#/$defs/PythonPoetryLockEntry" + }, + { + "$ref": "#/$defs/RDescription" + }, + { + "$ref": "#/$defs/RpmArchive" + }, + { + "$ref": "#/$defs/RpmDbEntry" + }, + { + "$ref": "#/$defs/RubyGemspec" + }, + { + "$ref": "#/$defs/RustCargoAuditEntry" + }, + { + "$ref": "#/$defs/RustCargoLockEntry" + }, + { + "$ref": "#/$defs/SwiftPackageManagerLockEntry" + }, + { + "$ref": "#/$defs/SwiplpackPackage" + }, + { + "$ref": "#/$defs/WordpressPluginEntry" + } + ] + } + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "foundBy", + "locations", + "licenses", + "language", + "cpes", + "purl" + ] + }, + "PhpComposerAuthors": { + "properties": { + "name": { + "type": "string" + }, + "email": { + "type": "string" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name" + ] + }, + "PhpComposerExternalReference": { + "properties": { + "type": { + "type": "string" + }, + "url": { + "type": "string" + }, + "reference": { + "type": "string" + }, + "shasum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "type", + "url", + "reference" + ] + }, + "PhpComposerInstalledEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpComposerLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpPeclEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "PortageDbEntry": { + "properties": { + "installedSize": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/PortageFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "installedSize", + "files" + ] + }, + "PortageFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonDirectURLOriginInfo": { + "properties": { + "url": { + "type": "string" + }, + "commitId": { + "type": "string" + }, + "vcs": { + "type": "string" + } + }, + "type": "object", + "required": [ + "url" + ] + }, + "PythonFileDigest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "PythonFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/PythonFileDigest" + }, + "size": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "platform": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/PythonFileRecord" + }, + "type": "array" + }, + "sitePackagesRootPath": { + "type": "string" + }, + "topLevelPackages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "directUrlOrigin": { + "$ref": "#/$defs/PythonDirectURLOriginInfo" + }, + "requiresPython": { + "type": "string" + }, + "requiresDist": { + "items": { + "type": "string" + }, + "type": "array" + }, + "providesExtra": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "platform", + "sitePackagesRootPath" + ] + }, + "PythonPipRequirementsEntry": { + "properties": { + "name": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + }, + "versionConstraint": { + "type": "string" + }, + "url": { + "type": "string" + }, + "markers": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "versionConstraint" + ] + }, + "PythonPipfileLockEntry": { + "properties": { + "hashes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "index": { + "type": "string" + } + }, + "type": "object", + "required": [ + "hashes", + "index" + ] + }, + "PythonPoetryLockDependencyEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "optional": { + "type": "boolean" + }, + "markers": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "optional" + ] + }, + "PythonPoetryLockEntry": { + "properties": { + "index": { + "type": "string" + }, + "dependencies": { + "items": { + "$ref": "#/$defs/PythonPoetryLockDependencyEntry" + }, + "type": "array" + }, + "extras": { + "items": { + "$ref": "#/$defs/PythonPoetryLockExtraEntry" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "index", + "dependencies" + ] + }, + "PythonPoetryLockExtraEntry": { + "properties": { + "name": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "dependencies" + ] + }, + "RDescription": { + "properties": { + "title": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "url": { + "items": { + "type": "string" + }, + "type": "array" + }, + "repository": { + "type": "string" + }, + "built": { + "type": "string" + }, + "needsCompilation": { + "type": "boolean" + }, + "imports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "suggests": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "Relationship": { + "properties": { + "parent": { + "type": "string" + }, + "child": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "parent", + "child", + "type" + ] + }, + "RpmArchive": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmDbEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "mode": { + "type": "integer" + }, + "size": { + "type": "integer" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "userName": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "flags": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "mode", + "size", + "digest", + "userName", + "groupName", + "flags" + ] + }, + "RubyGemspec": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "RustCargoAuditEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source" + ] + }, + "RustCargoLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + }, + "checksum": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "checksum", + "dependencies" + ] + }, + "Schema": { + "properties": { + "version": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "version", + "url" + ] + }, + "Source": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "metadata" + ] + }, + "SwiftPackageManagerLockEntry": { + "properties": { + "revision": { + "type": "string" + } + }, + "type": "object", + "required": [ + "revision" + ] + }, + "SwiplpackPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "packager": { + "type": "string" + }, + "packagerEmail": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "packager", + "packagerEmail", + "homepage", + "dependencies" + ] + }, + "WordpressPluginEntry": { + "properties": { + "pluginInstallDirectory": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorUri": { + "type": "string" + } + }, + "type": "object", + "required": [ + "pluginInstallDirectory" + ] + }, + "cpes": { + "items": { + "$ref": "#/$defs/CPE" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/License" + }, + "type": "array" + } + } +} diff --git a/schema/json/schema-latest.json b/schema/json/schema-latest.json index 936582e2d22..3a2e660306e 100644 --- a/schema/json/schema-latest.json +++ b/schema/json/schema-latest.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "anchore.io/schema/syft/json/16.0.18/document", + "$id": "anchore.io/schema/syft/json/16.0.19/document", "$ref": "#/$defs/Document", "$defs": { "AlpmDbEntry": { @@ -1265,6 +1265,9 @@ "$ref": "#/$defs/Location" }, "type": "array" + }, + "contents": { + "type": "string" } }, "type": "object", From 4af799e7abd765c0920b0ac82f258d68c04b0a6d Mon Sep 17 00:00:00 2001 From: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Date: Tue, 28 Jan 2025 11:15:19 -0500 Subject: [PATCH 17/20] chore: bump schema to 16.0.21 Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> --- internal/constants.go | 2 +- internal/licenses/search_test.go | 3 +- schema/json/schema-16.0.21.json | 2785 +++++++++++++++++ schema/json/schema-latest.json | 5 +- .../cyclonedxutil/helpers/licenses.go | 4 +- 5 files changed, 2794 insertions(+), 5 deletions(-) create mode 100644 schema/json/schema-16.0.21.json diff --git a/internal/constants.go b/internal/constants.go index bbeb78a2d79..7fc5f135056 100644 --- a/internal/constants.go +++ b/internal/constants.go @@ -3,5 +3,5 @@ package internal const ( // JSONSchemaVersion is the current schema version output by the JSON encoder // This is roughly following the "SchemaVer" guidelines for versioning the JSON schema. Please see schema/json/README.md for details on how to increment. - JSONSchemaVersion = "16.0.20" + JSONSchemaVersion = "16.0.21" ) diff --git a/internal/licenses/search_test.go b/internal/licenses/search_test.go index 7800c749b0a..ca742037462 100644 --- a/internal/licenses/search_test.go +++ b/internal/licenses/search_test.go @@ -4,9 +4,10 @@ import ( "bytes" "testing" + "github.com/stretchr/testify/require" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" - "github.com/stretchr/testify/require" ) type bytesReadCloser struct { diff --git a/schema/json/schema-16.0.21.json b/schema/json/schema-16.0.21.json new file mode 100644 index 00000000000..c53a978be65 --- /dev/null +++ b/schema/json/schema-16.0.21.json @@ -0,0 +1,2785 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "anchore.io/schema/syft/json/16.0.21/document", + "$ref": "#/$defs/Document", + "$defs": { + "AlpmDbEntry": { + "properties": { + "basepackage": { + "type": "string" + }, + "package": { + "type": "string" + }, + "version": { + "type": "string" + }, + "description": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "packager": { + "type": "string" + }, + "url": { + "type": "string" + }, + "validation": { + "type": "string" + }, + "reason": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "backup": { + "items": { + "$ref": "#/$defs/AlpmFileRecord" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "basepackage", + "package", + "version", + "description", + "architecture", + "size", + "packager", + "url", + "validation", + "reason", + "files", + "backup" + ] + }, + "AlpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "type": { + "type": "string" + }, + "uid": { + "type": "string" + }, + "gid": { + "type": "string" + }, + "time": { + "type": "string", + "format": "date-time" + }, + "size": { + "type": "string" + }, + "link": { + "type": "string" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object" + }, + "ApkDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "originPackage": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "version": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "url": { + "type": "string" + }, + "description": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "installedSize": { + "type": "integer" + }, + "pullDependencies": { + "items": { + "type": "string" + }, + "type": "array" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "pullChecksum": { + "type": "string" + }, + "gitCommitOfApkPort": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/ApkFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "originPackage", + "maintainer", + "version", + "architecture", + "url", + "description", + "size", + "installedSize", + "pullDependencies", + "provides", + "pullChecksum", + "gitCommitOfApkPort", + "files" + ] + }, + "ApkFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "ownerUid": { + "type": "string" + }, + "ownerGid": { + "type": "string" + }, + "permissions": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "BinarySignature": { + "properties": { + "matches": { + "items": { + "$ref": "#/$defs/ClassifierMatch" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "matches" + ] + }, + "CConanFileEntry": { + "properties": { + "ref": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanInfoEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockEntry": { + "properties": { + "ref": { + "type": "string" + }, + "package_id": { + "type": "string" + }, + "prev": { + "type": "string" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "build_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "py_requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "$ref": "#/$defs/KeyValues" + }, + "path": { + "type": "string" + }, + "context": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CConanLockV2Entry": { + "properties": { + "ref": { + "type": "string" + }, + "packageID": { + "type": "string" + }, + "username": { + "type": "string" + }, + "channel": { + "type": "string" + }, + "recipeRevision": { + "type": "string" + }, + "packageRevision": { + "type": "string" + }, + "timestamp": { + "type": "string" + } + }, + "type": "object", + "required": [ + "ref" + ] + }, + "CPE": { + "properties": { + "cpe": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "cpe" + ] + }, + "ClassifierMatch": { + "properties": { + "classifier": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Location" + } + }, + "type": "object", + "required": [ + "classifier", + "location" + ] + }, + "CocoaPodfileLockEntry": { + "properties": { + "checksum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "checksum" + ] + }, + "Coordinates": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "DartPubspecLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "hosted_url": { + "type": "string" + }, + "vcs_url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Descriptor": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "configuration": true + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "Digest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "Document": { + "properties": { + "artifacts": { + "items": { + "$ref": "#/$defs/Package" + }, + "type": "array" + }, + "artifactRelationships": { + "items": { + "$ref": "#/$defs/Relationship" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/File" + }, + "type": "array" + }, + "source": { + "$ref": "#/$defs/Source" + }, + "distro": { + "$ref": "#/$defs/LinuxRelease" + }, + "descriptor": { + "$ref": "#/$defs/Descriptor" + }, + "schema": { + "$ref": "#/$defs/Schema" + } + }, + "type": "object", + "required": [ + "artifacts", + "artifactRelationships", + "source", + "distro", + "descriptor", + "schema" + ] + }, + "DotnetDepsEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "path": { + "type": "string" + }, + "sha512": { + "type": "string" + }, + "hashPath": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "path", + "sha512", + "hashPath" + ] + }, + "DotnetPackagesLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "contentHash": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "contentHash", + "type" + ] + }, + "DotnetPortableExecutableEntry": { + "properties": { + "assemblyVersion": { + "type": "string" + }, + "legalCopyright": { + "type": "string" + }, + "comments": { + "type": "string" + }, + "internalName": { + "type": "string" + }, + "companyName": { + "type": "string" + }, + "productName": { + "type": "string" + }, + "productVersion": { + "type": "string" + } + }, + "type": "object", + "required": [ + "assemblyVersion", + "legalCopyright", + "companyName", + "productName", + "productVersion" + ] + }, + "DpkgDbEntry": { + "properties": { + "package": { + "type": "string" + }, + "source": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "installedSize": { + "type": "integer" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "preDepends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/DpkgFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "package", + "source", + "version", + "sourceVersion", + "architecture", + "maintainer", + "installedSize", + "files" + ] + }, + "DpkgFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "isConfigFile": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "path", + "isConfigFile" + ] + }, + "ELFSecurityFeatures": { + "properties": { + "symbolTableStripped": { + "type": "boolean" + }, + "stackCanary": { + "type": "boolean" + }, + "nx": { + "type": "boolean" + }, + "relRO": { + "type": "string" + }, + "pie": { + "type": "boolean" + }, + "dso": { + "type": "boolean" + }, + "safeStack": { + "type": "boolean" + }, + "cfi": { + "type": "boolean" + }, + "fortify": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "symbolTableStripped", + "nx", + "relRO", + "pie", + "dso" + ] + }, + "ElfBinaryPackageNoteJsonPayload": { + "properties": { + "type": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "osCPE": { + "type": "string" + }, + "os": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "system": { + "type": "string" + }, + "vendor": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "commit": { + "type": "string" + } + }, + "type": "object" + }, + "ElixirMixLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "ErlangRebarLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "pkgHash": { + "type": "string" + }, + "pkgHashExt": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "pkgHash", + "pkgHashExt" + ] + }, + "Executable": { + "properties": { + "format": { + "type": "string" + }, + "hasExports": { + "type": "boolean" + }, + "hasEntrypoint": { + "type": "boolean" + }, + "importedLibraries": { + "items": { + "type": "string" + }, + "type": "array" + }, + "elfSecurityFeatures": { + "$ref": "#/$defs/ELFSecurityFeatures" + } + }, + "type": "object", + "required": [ + "format", + "hasExports", + "hasEntrypoint", + "importedLibraries" + ] + }, + "File": { + "properties": { + "id": { + "type": "string" + }, + "location": { + "$ref": "#/$defs/Coordinates" + }, + "metadata": { + "$ref": "#/$defs/FileMetadataEntry" + }, + "contents": { + "type": "string" + }, + "digests": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/FileLicense" + }, + "type": "array" + }, + "executable": { + "$ref": "#/$defs/Executable" + }, + "unknowns": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "id", + "location" + ] + }, + "FileLicense": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "evidence": { + "$ref": "#/$defs/FileLicenseEvidence" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type" + ] + }, + "FileLicenseEvidence": { + "properties": { + "confidence": { + "type": "integer" + }, + "offset": { + "type": "integer" + }, + "extent": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "confidence", + "offset", + "extent" + ] + }, + "FileMetadataEntry": { + "properties": { + "mode": { + "type": "integer" + }, + "type": { + "type": "string" + }, + "linkDestination": { + "type": "string" + }, + "userID": { + "type": "integer" + }, + "groupID": { + "type": "integer" + }, + "mimeType": { + "type": "string" + }, + "size": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "mode", + "type", + "userID", + "groupID", + "mimeType", + "size" + ] + }, + "GoModuleBuildinfoEntry": { + "properties": { + "goBuildSettings": { + "$ref": "#/$defs/KeyValues" + }, + "goCompiledVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "h1Digest": { + "type": "string" + }, + "mainModule": { + "type": "string" + }, + "goCryptoSettings": { + "items": { + "type": "string" + }, + "type": "array" + }, + "goExperiments": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "goCompiledVersion", + "architecture" + ] + }, + "GoModuleEntry": { + "properties": { + "h1Digest": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackEntry": { + "properties": { + "pkgHash": { + "type": "string" + } + }, + "type": "object" + }, + "HaskellHackageStackLockEntry": { + "properties": { + "pkgHash": { + "type": "string" + }, + "snapshotURL": { + "type": "string" + } + }, + "type": "object" + }, + "IDLikes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "JavaArchive": { + "properties": { + "virtualPath": { + "type": "string" + }, + "manifest": { + "$ref": "#/$defs/JavaManifest" + }, + "pomProperties": { + "$ref": "#/$defs/JavaPomProperties" + }, + "pomProject": { + "$ref": "#/$defs/JavaPomProject" + }, + "digest": { + "items": { + "$ref": "#/$defs/Digest" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "virtualPath" + ] + }, + "JavaJvmInstallation": { + "properties": { + "release": { + "$ref": "#/$defs/JavaVMRelease" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "release", + "files" + ] + }, + "JavaManifest": { + "properties": { + "main": { + "$ref": "#/$defs/KeyValues" + }, + "sections": { + "items": { + "$ref": "#/$defs/KeyValues" + }, + "type": "array" + } + }, + "type": "object" + }, + "JavaPomParent": { + "properties": { + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "type": "object", + "required": [ + "groupId", + "artifactId", + "version" + ] + }, + "JavaPomProject": { + "properties": { + "path": { + "type": "string" + }, + "parent": { + "$ref": "#/$defs/JavaPomParent" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "groupId", + "artifactId", + "version", + "name" + ] + }, + "JavaPomProperties": { + "properties": { + "path": { + "type": "string" + }, + "name": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "scope": { + "type": "string" + }, + "extraFields": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "name", + "groupId", + "artifactId", + "version" + ] + }, + "JavaVMRelease": { + "properties": { + "implementor": { + "type": "string" + }, + "implementorVersion": { + "type": "string" + }, + "javaRuntimeVersion": { + "type": "string" + }, + "javaVersion": { + "type": "string" + }, + "javaVersionDate": { + "type": "string" + }, + "libc": { + "type": "string" + }, + "modules": { + "items": { + "type": "string" + }, + "type": "array" + }, + "osArch": { + "type": "string" + }, + "osName": { + "type": "string" + }, + "osVersion": { + "type": "string" + }, + "source": { + "type": "string" + }, + "buildSource": { + "type": "string" + }, + "buildSourceRepo": { + "type": "string" + }, + "sourceRepo": { + "type": "string" + }, + "fullVersion": { + "type": "string" + }, + "semanticVersion": { + "type": "string" + }, + "buildInfo": { + "type": "string" + }, + "jvmVariant": { + "type": "string" + }, + "jvmVersion": { + "type": "string" + }, + "imageType": { + "type": "string" + }, + "buildType": { + "type": "string" + } + }, + "type": "object" + }, + "JavascriptNpmPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "private": { + "type": "boolean" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "homepage", + "description", + "url", + "private" + ] + }, + "JavascriptNpmPackageLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "JavascriptYarnLockEntry": { + "properties": { + "resolved": { + "type": "string" + }, + "integrity": { + "type": "string" + } + }, + "type": "object", + "required": [ + "resolved", + "integrity" + ] + }, + "KeyValue": { + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "key", + "value" + ] + }, + "KeyValues": { + "items": { + "$ref": "#/$defs/KeyValue" + }, + "type": "array" + }, + "License": { + "properties": { + "value": { + "type": "string" + }, + "spdxExpression": { + "type": "string" + }, + "type": { + "type": "string" + }, + "urls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "contents": { + "type": "string" + } + }, + "type": "object", + "required": [ + "value", + "spdxExpression", + "type", + "urls", + "locations" + ] + }, + "LinuxKernelArchive": { + "properties": { + "name": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "version": { + "type": "string" + }, + "extendedVersion": { + "type": "string" + }, + "buildTime": { + "type": "string" + }, + "author": { + "type": "string" + }, + "format": { + "type": "string" + }, + "rwRootFS": { + "type": "boolean" + }, + "swapDevice": { + "type": "integer" + }, + "rootDevice": { + "type": "integer" + }, + "videoMode": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "architecture", + "version" + ] + }, + "LinuxKernelModule": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "path": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "license": { + "type": "string" + }, + "kernelVersion": { + "type": "string" + }, + "versionMagic": { + "type": "string" + }, + "parameters": { + "patternProperties": { + ".*": { + "$ref": "#/$defs/LinuxKernelModuleParameter" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "LinuxKernelModuleParameter": { + "properties": { + "type": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object" + }, + "LinuxRelease": { + "properties": { + "prettyName": { + "type": "string" + }, + "name": { + "type": "string" + }, + "id": { + "type": "string" + }, + "idLike": { + "$ref": "#/$defs/IDLikes" + }, + "version": { + "type": "string" + }, + "versionID": { + "type": "string" + }, + "versionCodename": { + "type": "string" + }, + "buildID": { + "type": "string" + }, + "imageID": { + "type": "string" + }, + "imageVersion": { + "type": "string" + }, + "variant": { + "type": "string" + }, + "variantID": { + "type": "string" + }, + "homeURL": { + "type": "string" + }, + "supportURL": { + "type": "string" + }, + "bugReportURL": { + "type": "string" + }, + "privacyPolicyURL": { + "type": "string" + }, + "cpeName": { + "type": "string" + }, + "supportEnd": { + "type": "string" + } + }, + "type": "object" + }, + "Location": { + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + }, + "accessPath": { + "type": "string" + }, + "annotations": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "path", + "accessPath" + ] + }, + "LuarocksPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + }, + "dependencies": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "required": [ + "name", + "version", + "license", + "homepage", + "description", + "url", + "dependencies" + ] + }, + "MicrosoftKbPatch": { + "properties": { + "product_id": { + "type": "string" + }, + "kb": { + "type": "string" + } + }, + "type": "object", + "required": [ + "product_id", + "kb" + ] + }, + "NixStoreEntry": { + "properties": { + "outputHash": { + "type": "string" + }, + "output": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "outputHash", + "files" + ] + }, + "OpamPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "licenses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "url": { + "type": "string" + }, + "checksum": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "licenses", + "url", + "checksum", + "homepage", + "dependencies" + ] + }, + "Package": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "foundBy": { + "type": "string" + }, + "locations": { + "items": { + "$ref": "#/$defs/Location" + }, + "type": "array" + }, + "licenses": { + "$ref": "#/$defs/licenses" + }, + "language": { + "type": "string" + }, + "cpes": { + "$ref": "#/$defs/cpes" + }, + "purl": { + "type": "string" + }, + "metadataType": { + "type": "string" + }, + "metadata": { + "anyOf": [ + { + "type": "null" + }, + { + "$ref": "#/$defs/AlpmDbEntry" + }, + { + "$ref": "#/$defs/ApkDbEntry" + }, + { + "$ref": "#/$defs/BinarySignature" + }, + { + "$ref": "#/$defs/CConanFileEntry" + }, + { + "$ref": "#/$defs/CConanInfoEntry" + }, + { + "$ref": "#/$defs/CConanLockEntry" + }, + { + "$ref": "#/$defs/CConanLockV2Entry" + }, + { + "$ref": "#/$defs/CocoaPodfileLockEntry" + }, + { + "$ref": "#/$defs/DartPubspecLockEntry" + }, + { + "$ref": "#/$defs/DotnetDepsEntry" + }, + { + "$ref": "#/$defs/DotnetPackagesLockEntry" + }, + { + "$ref": "#/$defs/DotnetPortableExecutableEntry" + }, + { + "$ref": "#/$defs/DpkgDbEntry" + }, + { + "$ref": "#/$defs/ElfBinaryPackageNoteJsonPayload" + }, + { + "$ref": "#/$defs/ElixirMixLockEntry" + }, + { + "$ref": "#/$defs/ErlangRebarLockEntry" + }, + { + "$ref": "#/$defs/GoModuleBuildinfoEntry" + }, + { + "$ref": "#/$defs/GoModuleEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackEntry" + }, + { + "$ref": "#/$defs/HaskellHackageStackLockEntry" + }, + { + "$ref": "#/$defs/JavaArchive" + }, + { + "$ref": "#/$defs/JavaJvmInstallation" + }, + { + "$ref": "#/$defs/JavascriptNpmPackage" + }, + { + "$ref": "#/$defs/JavascriptNpmPackageLockEntry" + }, + { + "$ref": "#/$defs/JavascriptYarnLockEntry" + }, + { + "$ref": "#/$defs/LinuxKernelArchive" + }, + { + "$ref": "#/$defs/LinuxKernelModule" + }, + { + "$ref": "#/$defs/LuarocksPackage" + }, + { + "$ref": "#/$defs/MicrosoftKbPatch" + }, + { + "$ref": "#/$defs/NixStoreEntry" + }, + { + "$ref": "#/$defs/OpamPackage" + }, + { + "$ref": "#/$defs/PhpComposerInstalledEntry" + }, + { + "$ref": "#/$defs/PhpComposerLockEntry" + }, + { + "$ref": "#/$defs/PhpPeclEntry" + }, + { + "$ref": "#/$defs/PortageDbEntry" + }, + { + "$ref": "#/$defs/PythonPackage" + }, + { + "$ref": "#/$defs/PythonPipRequirementsEntry" + }, + { + "$ref": "#/$defs/PythonPipfileLockEntry" + }, + { + "$ref": "#/$defs/PythonPoetryLockEntry" + }, + { + "$ref": "#/$defs/RDescription" + }, + { + "$ref": "#/$defs/RpmArchive" + }, + { + "$ref": "#/$defs/RpmDbEntry" + }, + { + "$ref": "#/$defs/RubyGemspec" + }, + { + "$ref": "#/$defs/RustCargoAuditEntry" + }, + { + "$ref": "#/$defs/RustCargoLockEntry" + }, + { + "$ref": "#/$defs/SwiftPackageManagerLockEntry" + }, + { + "$ref": "#/$defs/SwiplpackPackage" + }, + { + "$ref": "#/$defs/TerraformLockProviderEntry" + }, + { + "$ref": "#/$defs/WordpressPluginEntry" + } + ] + } + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "foundBy", + "locations", + "licenses", + "language", + "cpes", + "purl" + ] + }, + "PhpComposerAuthors": { + "properties": { + "name": { + "type": "string" + }, + "email": { + "type": "string" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name" + ] + }, + "PhpComposerExternalReference": { + "properties": { + "type": { + "type": "string" + }, + "url": { + "type": "string" + }, + "reference": { + "type": "string" + }, + "shasum": { + "type": "string" + } + }, + "type": "object", + "required": [ + "type", + "url", + "reference" + ] + }, + "PhpComposerInstalledEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpComposerLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "dist": { + "$ref": "#/$defs/PhpComposerExternalReference" + }, + "require": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "provide": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "require-dev": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "suggest": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "notification-url": { + "type": "string" + }, + "bin": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "$ref": "#/$defs/PhpComposerAuthors" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "keywords": { + "items": { + "type": "string" + }, + "type": "array" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "dist" + ] + }, + "PhpPeclEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "PortageDbEntry": { + "properties": { + "installedSize": { + "type": "integer" + }, + "files": { + "items": { + "$ref": "#/$defs/PortageFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "installedSize", + "files" + ] + }, + "PortageFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/Digest" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonDirectURLOriginInfo": { + "properties": { + "url": { + "type": "string" + }, + "commitId": { + "type": "string" + }, + "vcs": { + "type": "string" + } + }, + "type": "object", + "required": [ + "url" + ] + }, + "PythonFileDigest": { + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "required": [ + "algorithm", + "value" + ] + }, + "PythonFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$ref": "#/$defs/PythonFileDigest" + }, + "size": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "PythonPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "platform": { + "type": "string" + }, + "files": { + "items": { + "$ref": "#/$defs/PythonFileRecord" + }, + "type": "array" + }, + "sitePackagesRootPath": { + "type": "string" + }, + "topLevelPackages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "directUrlOrigin": { + "$ref": "#/$defs/PythonDirectURLOriginInfo" + }, + "requiresPython": { + "type": "string" + }, + "requiresDist": { + "items": { + "type": "string" + }, + "type": "array" + }, + "providesExtra": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "platform", + "sitePackagesRootPath" + ] + }, + "PythonPipRequirementsEntry": { + "properties": { + "name": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + }, + "versionConstraint": { + "type": "string" + }, + "url": { + "type": "string" + }, + "markers": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "versionConstraint" + ] + }, + "PythonPipfileLockEntry": { + "properties": { + "hashes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "index": { + "type": "string" + } + }, + "type": "object", + "required": [ + "hashes", + "index" + ] + }, + "PythonPoetryLockDependencyEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "optional": { + "type": "boolean" + }, + "markers": { + "type": "string" + }, + "extras": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "optional" + ] + }, + "PythonPoetryLockEntry": { + "properties": { + "index": { + "type": "string" + }, + "dependencies": { + "items": { + "$ref": "#/$defs/PythonPoetryLockDependencyEntry" + }, + "type": "array" + }, + "extras": { + "items": { + "$ref": "#/$defs/PythonPoetryLockExtraEntry" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "index", + "dependencies" + ] + }, + "PythonPoetryLockExtraEntry": { + "properties": { + "name": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "dependencies" + ] + }, + "RDescription": { + "properties": { + "title": { + "type": "string" + }, + "description": { + "type": "string" + }, + "author": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "url": { + "items": { + "type": "string" + }, + "type": "array" + }, + "repository": { + "type": "string" + }, + "built": { + "type": "string" + }, + "needsCompilation": { + "type": "boolean" + }, + "imports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "depends": { + "items": { + "type": "string" + }, + "type": "array" + }, + "suggests": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "Relationship": { + "properties": { + "parent": { + "type": "string" + }, + "child": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "parent", + "child", + "type" + ] + }, + "RpmArchive": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmDbEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "vendor": { + "type": "string" + }, + "modularityLabel": { + "type": "string" + }, + "provides": { + "items": { + "type": "string" + }, + "type": "array" + }, + "requires": { + "items": { + "type": "string" + }, + "type": "array" + }, + "files": { + "items": { + "$ref": "#/$defs/RpmFileRecord" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "vendor", + "files" + ] + }, + "RpmFileRecord": { + "properties": { + "path": { + "type": "string" + }, + "mode": { + "type": "integer" + }, + "size": { + "type": "integer" + }, + "digest": { + "$ref": "#/$defs/Digest" + }, + "userName": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "flags": { + "type": "string" + } + }, + "type": "object", + "required": [ + "path", + "mode", + "size", + "digest", + "userName", + "groupName", + "flags" + ] + }, + "RubyGemspec": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version" + ] + }, + "RustCargoAuditEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source" + ] + }, + "RustCargoLockEntry": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + }, + "checksum": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "source", + "checksum", + "dependencies" + ] + }, + "Schema": { + "properties": { + "version": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object", + "required": [ + "version", + "url" + ] + }, + "Source": { + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": true + }, + "type": "object", + "required": [ + "id", + "name", + "version", + "type", + "metadata" + ] + }, + "SwiftPackageManagerLockEntry": { + "properties": { + "revision": { + "type": "string" + } + }, + "type": "object", + "required": [ + "revision" + ] + }, + "SwiplpackPackage": { + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "packager": { + "type": "string" + }, + "packagerEmail": { + "type": "string" + }, + "homepage": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "name", + "version", + "author", + "authorEmail", + "packager", + "packagerEmail", + "homepage", + "dependencies" + ] + }, + "TerraformLockProviderEntry": { + "properties": { + "url": { + "type": "string" + }, + "constraints": { + "type": "string" + }, + "version": { + "type": "string" + }, + "hashes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "required": [ + "url", + "constraints", + "version", + "hashes" + ] + }, + "WordpressPluginEntry": { + "properties": { + "pluginInstallDirectory": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorUri": { + "type": "string" + } + }, + "type": "object", + "required": [ + "pluginInstallDirectory" + ] + }, + "cpes": { + "items": { + "$ref": "#/$defs/CPE" + }, + "type": "array" + }, + "licenses": { + "items": { + "$ref": "#/$defs/License" + }, + "type": "array" + } + } +} diff --git a/schema/json/schema-latest.json b/schema/json/schema-latest.json index b0b27d60cc7..c53a978be65 100644 --- a/schema/json/schema-latest.json +++ b/schema/json/schema-latest.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "anchore.io/schema/syft/json/16.0.20/document", + "$id": "anchore.io/schema/syft/json/16.0.21/document", "$ref": "#/$defs/Document", "$defs": { "AlpmDbEntry": { @@ -1288,6 +1288,9 @@ "$ref": "#/$defs/Location" }, "type": "array" + }, + "contents": { + "type": "string" } }, "type": "object", diff --git a/syft/format/internal/cyclonedxutil/helpers/licenses.go b/syft/format/internal/cyclonedxutil/helpers/licenses.go index 939b4ce082c..eafccc6d076 100644 --- a/syft/format/internal/cyclonedxutil/helpers/licenses.go +++ b/syft/format/internal/cyclonedxutil/helpers/licenses.go @@ -205,7 +205,7 @@ func reduceOuter(expression string) string { if isBalanced(trimmed) { return reduceOuter(trimmed) // Recursively reduce the trimmed expression. } - } + } return expression } @@ -219,7 +219,7 @@ func isBalanced(expression string) bool { count-- if count < 0 { return false - } + } } } return count == 0 From aef45c87155bea4145d62f0910f0cfcbe3536039 Mon Sep 17 00:00:00 2001 From: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Date: Tue, 28 Jan 2025 11:54:27 -0500 Subject: [PATCH 18/20] test: migrate fixtures to their own files Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> --- internal/licenses/scanner_test.go | 221 ++---------------- .../licenses/test-fixtures/apache-license-2.0 | 169 ++++++++++++++ .../nvidia-software-and-cuda-supplement | 5 + 3 files changed, 191 insertions(+), 204 deletions(-) create mode 100644 internal/licenses/test-fixtures/apache-license-2.0 create mode 100644 internal/licenses/test-fixtures/nvidia-software-and-cuda-supplement diff --git a/internal/licenses/scanner_test.go b/internal/licenses/scanner_test.go index 9a616fe4bce..2733dc290aa 100644 --- a/internal/licenses/scanner_test.go +++ b/internal/licenses/scanner_test.go @@ -2,6 +2,8 @@ package licenses import ( "bytes" + "context" + "os" "testing" "github.com/stretchr/testify/require" @@ -20,207 +22,7 @@ func TestIdentifyLicenseIDs(t *testing.T) { }{ { name: "apache license 2.0", - in: ` Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License.`, + in: `test-fixtures/apache-license-2.0`, expected: expectation{ yieldError: false, ids: []string{"Apache-2.0"}, @@ -229,18 +31,20 @@ func TestIdentifyLicenseIDs(t *testing.T) { }, { name: "custom license", - in: "NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement", + in: "test-fixtures/nvidia-software-and-cuda-supplement", expected: expectation{ yieldError: false, ids: []string{}, - content: []byte("NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement"), + content: mustOpen("test-fixtures/nvidia-software-and-cuda-supplement"), }, }, } for _, test := range tests { t.Run(test.name, func(t *testing.T) { - ids, content, err := TestingOnlyScanner().IdentifyLicenseIDs(nil, bytes.NewBuffer([]byte(test.in))) + content, err := os.ReadFile(test.in) + require.NoError(t, err) + ids, content, err := TestingOnlyScanner().IdentifyLicenseIDs(context.TODO(), bytes.NewReader(content)) if test.expected.yieldError { require.Error(t, err) } else { @@ -260,3 +64,12 @@ func TestIdentifyLicenseIDs(t *testing.T) { }) } } + +func mustOpen(fixture string) []byte { + content, err := os.ReadFile(fixture) + if err != nil { + panic(err) + } + + return content +} diff --git a/internal/licenses/test-fixtures/apache-license-2.0 b/internal/licenses/test-fixtures/apache-license-2.0 new file mode 100644 index 00000000000..5bd33c47e12 --- /dev/null +++ b/internal/licenses/test-fixtures/apache-license-2.0 @@ -0,0 +1,169 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + 1. Definitions. + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + END OF TERMS AND CONDITIONS + APPENDIX: How to apply the Apache License to your work. + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + Copyright [yyyy] [name of copyright owner] + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/internal/licenses/test-fixtures/nvidia-software-and-cuda-supplement b/internal/licenses/test-fixtures/nvidia-software-and-cuda-supplement new file mode 100644 index 00000000000..5dd3bf8d404 --- /dev/null +++ b/internal/licenses/test-fixtures/nvidia-software-and-cuda-supplement @@ -0,0 +1,5 @@ +End User License Agreement +-------------------------- + +NVIDIA Software License Agreement and CUDA Supplement to +Software License Agreement. Last updated: October 8, 2021 From 76d6d8de7d1b393d4cad1cec410a9db6ddc0fcaa Mon Sep 17 00:00:00 2001 From: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Date: Tue, 28 Jan 2025 12:15:22 -0500 Subject: [PATCH 19/20] test: refactor tests to use new test-fixtures Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> --- internal/licenses/scanner.go | 9 -- internal/licenses/scanner_test.go | 10 ++ internal/licenses/search.go | 3 + internal/licenses/search_test.go | 217 ++---------------------------- 4 files changed, 24 insertions(+), 215 deletions(-) diff --git a/internal/licenses/scanner.go b/internal/licenses/scanner.go index 7286f085c07..b3c4a053ec4 100644 --- a/internal/licenses/scanner.go +++ b/internal/licenses/scanner.go @@ -35,15 +35,6 @@ func NewDefaultScanner() Scanner { } } -// TestingOnlyScanner returns a scanner that uses the built-in license scanner from the licensecheck package. -// THIS IS ONLY MEANT FOR TEST CODE, NOT PRODUCTION CODE. -func TestingOnlyScanner() Scanner { - return &scanner{ - coverageThreshold: coverageThreshold, - scanner: licensecheck.Scan, - } -} - func (s scanner) IdentifyLicenseIDs(_ context.Context, reader io.Reader) ([]string, []byte, error) { if s.scanner == nil { return nil, nil, nil diff --git a/internal/licenses/scanner_test.go b/internal/licenses/scanner_test.go index 2733dc290aa..94d491f457f 100644 --- a/internal/licenses/scanner_test.go +++ b/internal/licenses/scanner_test.go @@ -6,6 +6,7 @@ import ( "os" "testing" + "github.com/google/licensecheck" "github.com/stretchr/testify/require" ) @@ -65,6 +66,15 @@ func TestIdentifyLicenseIDs(t *testing.T) { } } +// TestingOnlyScanner returns a scanner that uses the built-in license scanner from the licensecheck package. +// THIS IS ONLY MEANT FOR TEST CODE, NOT PRODUCTION CODE. +func TestingOnlyScanner() Scanner { + return &scanner{ + coverageThreshold: coverageThreshold, + scanner: licensecheck.Scan, + } +} + func mustOpen(fixture string) []byte { content, err := os.ReadFile(fixture) if err != nil { diff --git a/internal/licenses/search.go b/internal/licenses/search.go index ee919e7942c..efab2d99cf7 100644 --- a/internal/licenses/search.go +++ b/internal/licenses/search.go @@ -30,6 +30,9 @@ func Search(ctx context.Context, scanner Scanner, reader file.LocationReadCloser return nil, err } + // IdentifyLicenseIDs can only return a list of ID or content + // These return values are mutually exclusive. + // If the scanner threshold for matching scores < 75% then we return the license full content if len(ids) > 0 { for _, id := range ids { lic := pkg.NewLicenseFromLocations(id, reader.Location) diff --git a/internal/licenses/search_test.go b/internal/licenses/search_test.go index ca742037462..fcb542fa0b4 100644 --- a/internal/licenses/search_test.go +++ b/internal/licenses/search_test.go @@ -2,6 +2,9 @@ package licenses import ( "bytes" + "context" + "io" + "os" "testing" "github.com/stretchr/testify/require" @@ -37,207 +40,7 @@ func TestSearch(t *testing.T) { }{ { name: "apache license 2.0", - in: ` Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License.`, + in: "test-fixtures/apache-license-2.0", expected: expectation{ yieldError: false, licenses: []pkg.License{ @@ -254,17 +57,17 @@ func TestSearch(t *testing.T) { }, { name: "custom license", - in: "NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement", + in: "test-fixtures/nvidia-software-and-cuda-supplement", expected: expectation{ yieldError: false, licenses: []pkg.License{ { Value: "UNKNOWN", - SPDXExpression: "UNKNOWN_4d1cffe420916f2b706300ab63fcafaf35226a0ad3725cb9f95b26036cefae32", + SPDXExpression: "UNKNOWN_eebcea3ab1d1a28e671de90119ffcfb35fe86951e4af1b17af52b7a82fcf7d0a", Type: "declared", URLs: nil, Locations: file.NewLocationSet(testLocation), - Contents: "NVIDIA Software License Agreement and CUDA Supplement to Software License Agreement", + Contents: string(mustOpen("test-fixtures/nvidia-software-and-cuda-supplement")), }, }, }, @@ -273,7 +76,9 @@ func TestSearch(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - result, err := Search(nil, TestingOnlyScanner(), file.NewLocationReadCloser(file.NewLocation("LICENSE"), newBytesReadCloser([]byte(test.in)))) + content, err := os.ReadFile(test.in) + require.NoError(t, err) + result, err := Search(context.TODO(), TestingOnlyScanner(), file.NewLocationReadCloser(file.NewLocation("LICENSE"), io.NopCloser(bytes.NewReader(content)))) if test.expected.yieldError { require.Error(t, err) } else { @@ -282,7 +87,7 @@ func TestSearch(t *testing.T) { require.Len(t, result, len(test.expected.licenses)) if len(test.expected.licenses) > 0 { - require.Equal(t, result, test.expected.licenses) + require.Equal(t, test.expected.licenses, result) } } }) From e08c868366b2f6458095dbef64038301e9df561d Mon Sep 17 00:00:00 2001 From: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Date: Tue, 28 Jan 2025 12:52:08 -0500 Subject: [PATCH 20/20] test: decouple catalogers from TestingOnlyScanner Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> --- internal/licenses/scanner.go | 7 +++++++ internal/licenses/scanner_test.go | 6 ++---- internal/licenses/search_test.go | 2 +- syft/pkg/cataloger/golang/licenses_test.go | 8 ++++---- syft/pkg/cataloger/golang/parse_go_binary_test.go | 3 ++- syft/pkg/cataloger/java/archive_parser_test.go | 7 ++++--- 6 files changed, 20 insertions(+), 13 deletions(-) diff --git a/internal/licenses/scanner.go b/internal/licenses/scanner.go index b3c4a053ec4..6ab7663e09d 100644 --- a/internal/licenses/scanner.go +++ b/internal/licenses/scanner.go @@ -35,6 +35,13 @@ func NewDefaultScanner() Scanner { } } +func NewScanner(scan func([]byte) licensecheck.Coverage, coverage float64) Scanner { + return scanner{ + coverageThreshold: coverage, + scanner: scan, + } +} + func (s scanner) IdentifyLicenseIDs(_ context.Context, reader io.Reader) ([]string, []byte, error) { if s.scanner == nil { return nil, nil, nil diff --git a/internal/licenses/scanner_test.go b/internal/licenses/scanner_test.go index 94d491f457f..923b310d804 100644 --- a/internal/licenses/scanner_test.go +++ b/internal/licenses/scanner_test.go @@ -45,7 +45,7 @@ func TestIdentifyLicenseIDs(t *testing.T) { t.Run(test.name, func(t *testing.T) { content, err := os.ReadFile(test.in) require.NoError(t, err) - ids, content, err := TestingOnlyScanner().IdentifyLicenseIDs(context.TODO(), bytes.NewReader(content)) + ids, content, err := testScanner().IdentifyLicenseIDs(context.TODO(), bytes.NewReader(content)) if test.expected.yieldError { require.Error(t, err) } else { @@ -66,9 +66,7 @@ func TestIdentifyLicenseIDs(t *testing.T) { } } -// TestingOnlyScanner returns a scanner that uses the built-in license scanner from the licensecheck package. -// THIS IS ONLY MEANT FOR TEST CODE, NOT PRODUCTION CODE. -func TestingOnlyScanner() Scanner { +func testScanner() Scanner { return &scanner{ coverageThreshold: coverageThreshold, scanner: licensecheck.Scan, diff --git a/internal/licenses/search_test.go b/internal/licenses/search_test.go index fcb542fa0b4..83afec1fdb0 100644 --- a/internal/licenses/search_test.go +++ b/internal/licenses/search_test.go @@ -78,7 +78,7 @@ func TestSearch(t *testing.T) { t.Run(test.name, func(t *testing.T) { content, err := os.ReadFile(test.in) require.NoError(t, err) - result, err := Search(context.TODO(), TestingOnlyScanner(), file.NewLocationReadCloser(file.NewLocation("LICENSE"), io.NopCloser(bytes.NewReader(content)))) + result, err := Search(context.TODO(), testScanner(), file.NewLocationReadCloser(file.NewLocation("LICENSE"), io.NopCloser(bytes.NewReader(content)))) if test.expected.yieldError { require.Error(t, err) } else { diff --git a/syft/pkg/cataloger/golang/licenses_test.go b/syft/pkg/cataloger/golang/licenses_test.go index c006c6fce74..c3e783d4ffd 100644 --- a/syft/pkg/cataloger/golang/licenses_test.go +++ b/syft/pkg/cataloger/golang/licenses_test.go @@ -14,6 +14,7 @@ import ( "strings" "testing" + "github.com/google/licensecheck" "github.com/stretchr/testify/require" "github.com/anchore/syft/internal/licenses" @@ -70,7 +71,7 @@ func Test_LicenseSearch(t *testing.T) { localVendorDir := filepath.Join(wd, "test-fixtures", "licenses-vendor") - licenseScanner := licenses.TestingOnlyScanner() + licenseScanner := licenses.NewScanner(licensecheck.Scan, float64(75)) tests := []struct { name string @@ -295,7 +296,7 @@ func Test_findVersionPath(t *testing.T) { func Test_walkDirErrors(t *testing.T) { resolver := newGoLicenseResolver("", CatalogerConfig{}) - _, err := resolver.findLicensesInFS(context.Background(), licenses.TestingOnlyScanner(), "somewhere", badFS{}) + _, err := resolver.findLicensesInFS(context.Background(), licenses.NewScanner(licensecheck.Scan, float64(75)), "somewhere", badFS{}) require.Error(t, err) } @@ -313,8 +314,7 @@ func Test_noLocalGoModDir(t *testing.T) { validTmp := t.TempDir() require.NoError(t, os.MkdirAll(filepath.Join(validTmp, "mod@ver"), 0700|os.ModeDir)) - licenseScanner := licenses.TestingOnlyScanner() - + licenseScanner := licenses.NewScanner(licensecheck.Scan, float64(75)) tests := []struct { name string dir string diff --git a/syft/pkg/cataloger/golang/parse_go_binary_test.go b/syft/pkg/cataloger/golang/parse_go_binary_test.go index fb5242efa0e..62d804d7f8c 100644 --- a/syft/pkg/cataloger/golang/parse_go_binary_test.go +++ b/syft/pkg/cataloger/golang/parse_go_binary_test.go @@ -15,6 +15,7 @@ import ( "syscall" "testing" + "github.com/google/licensecheck" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -169,7 +170,7 @@ func TestBuildGoPkgInfo(t *testing.T) { }, } - licenseScanner := licenses.TestingOnlyScanner() + licenseScanner := licenses.NewScanner(licensecheck.Scan, float64(75)) tests := []struct { name string diff --git a/syft/pkg/cataloger/java/archive_parser_test.go b/syft/pkg/cataloger/java/archive_parser_test.go index b1779bbf185..2b389c441e7 100644 --- a/syft/pkg/cataloger/java/archive_parser_test.go +++ b/syft/pkg/cataloger/java/archive_parser_test.go @@ -14,6 +14,7 @@ import ( "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" + "github.com/google/licensecheck" "github.com/gookit/color" "github.com/scylladb/go-set/strset" "github.com/stretchr/testify/assert" @@ -32,7 +33,7 @@ import ( func TestSearchMavenForLicenses(t *testing.T) { url := maventest.MockRepo(t, "internal/maven/test-fixtures/maven-repo") - ctx := licenses.SetContextLicenseScanner(context.Background(), licenses.TestingOnlyScanner()) + ctx := licenses.SetContextLicenseScanner(context.Background(), licenses.NewScanner(licensecheck.Scan, float64(75))) tests := []struct { name string @@ -91,7 +92,7 @@ func TestSearchMavenForLicenses(t *testing.T) { } func TestParseJar(t *testing.T) { - ctx := licenses.SetContextLicenseScanner(context.Background(), licenses.TestingOnlyScanner()) + ctx := licenses.SetContextLicenseScanner(context.Background(), licenses.NewScanner(licensecheck.Scan, float64(75))) tests := []struct { name string @@ -1374,7 +1375,7 @@ func Test_parseJavaArchive_regressions(t *testing.T) { } func Test_deterministicMatchingPomProperties(t *testing.T) { - ctx := licenses.SetContextLicenseScanner(context.Background(), licenses.TestingOnlyScanner()) + ctx := licenses.SetContextLicenseScanner(context.Background(), licenses.NewScanner(licensecheck.Scan, float64(75))) tests := []struct { fixture string