@cyclonedx/cyclonedx-library 2.0.0 → 3.0.0

package/dist.web/lib.dev.js

@@ -79,7 +79,7 @@ var PackageUrlQualifierNames;
     PackageUrlQualifierNames["DownloadURL"] = "download_url";
     PackageUrlQualifierNames["VcsUrl"] = "vcs_url";
     PackageUrlQualifierNames["Checksum"] = "checksum";
-})(PackageUrlQualifierNames = exports.PackageUrlQualifierNames || (exports.PackageUrlQualifierNames = {}));
+})(PackageUrlQualifierNames || (exports.PackageUrlQualifierNames = PackageUrlQualifierNames = {}));
 
 
 /***/ }),
@@ -219,7 +219,7 @@ exports.AttachmentEncoding = void 0;
 var AttachmentEncoding;
 (function (AttachmentEncoding) {
     AttachmentEncoding["Base64"] = "base64";
-})(AttachmentEncoding = exports.AttachmentEncoding || (exports.AttachmentEncoding = {}));
+})(AttachmentEncoding || (exports.AttachmentEncoding = AttachmentEncoding = {}));
 
 
 /***/ }),
@@ -256,7 +256,7 @@ var ComponentScope;
     ComponentScope["Required"] = "required";
     ComponentScope["Optional"] = "optional";
     ComponentScope["Excluded"] = "excluded";
-})(ComponentScope = exports.ComponentScope || (exports.ComponentScope = {}));
+})(ComponentScope || (exports.ComponentScope = ComponentScope = {}));
 
 
 /***/ }),
@@ -294,11 +294,15 @@ var ComponentType;
     ComponentType["Framework"] = "framework";
     ComponentType["Library"] = "library";
     ComponentType["Container"] = "container";
+    ComponentType["Platform"] = "platform";
     ComponentType["OperatingSystem"] = "operating-system";
     ComponentType["Device"] = "device";
+    ComponentType["DeviceDriver"] = "device-driver";
     ComponentType["Firmware"] = "firmware";
     ComponentType["File"] = "file";
-})(ComponentType = exports.ComponentType || (exports.ComponentType = {}));
+    ComponentType["MachineLearningModel"] = "machine-learning-model";
+    ComponentType["Data"] = "data";
+})(ComponentType || (exports.ComponentType = ComponentType = {}));
 
 
 /***/ }),
@@ -343,12 +347,35 @@ var ExternalReferenceType;
     ExternalReferenceType["Documentation"] = "documentation";
     ExternalReferenceType["Support"] = "support";
     ExternalReferenceType["Distribution"] = "distribution";
+    ExternalReferenceType["DistributionIntake"] = "distribution-intake";
     ExternalReferenceType["License"] = "license";
     ExternalReferenceType["BuildMeta"] = "build-meta";
     ExternalReferenceType["BuildSystem"] = "build-system";
     ExternalReferenceType["ReleaseNotes"] = "release-notes";
+    ExternalReferenceType["SecurityContact"] = "security-contact";
+    ExternalReferenceType["ModelCard"] = "model-card";
+    ExternalReferenceType["Log"] = "log";
+    ExternalReferenceType["Configuration"] = "configuration";
+    ExternalReferenceType["Evidence"] = "evidence";
+    ExternalReferenceType["Formulation"] = "formulation";
+    ExternalReferenceType["Attestation"] = "attestation";
+    ExternalReferenceType["ThreatModel"] = "threat-model";
+    ExternalReferenceType["AdversaryModel"] = "adversary-model";
+    ExternalReferenceType["RiskAssessment"] = "risk-assessment";
+    ExternalReferenceType["VulnerabilityAssertion"] = "vulnerability-assertion";
+    ExternalReferenceType["ExploitabilityStatement"] = "exploitability-statement";
+    ExternalReferenceType["PentestReport"] = "pentest-report";
+    ExternalReferenceType["StaticAnalysisReport"] = "static-analysis-report";
+    ExternalReferenceType["DynamicAnalysisReport"] = "dynamic-analysis-report";
+    ExternalReferenceType["RuntimeAnalysisReport"] = "runtime-analysis-report";
+    ExternalReferenceType["ComponentAnalysisReport"] = "component-analysis-report";
+    ExternalReferenceType["MaturityReport"] = "maturity-report";
+    ExternalReferenceType["CertificationReport"] = "certification-report";
+    ExternalReferenceType["CodifiedInfrastructure"] = "codified-infrastructure";
+    ExternalReferenceType["QualityMetrics"] = "quality-metrics";
+    ExternalReferenceType["POAM"] = "poam";
     ExternalReferenceType["Other"] = "other";
-})(ExternalReferenceType = exports.ExternalReferenceType || (exports.ExternalReferenceType = {}));
+})(ExternalReferenceType || (exports.ExternalReferenceType = ExternalReferenceType = {}));
 
 
 /***/ }),
@@ -394,7 +421,7 @@ var HashAlgorithm;
     HashAlgorithm["BLAKE2b-384"] = "BLAKE2b-384";
     HashAlgorithm["BLAKE2b-512"] = "BLAKE2b-512";
     HashAlgorithm["BLAKE3"] = "BLAKE3";
-})(HashAlgorithm = exports.HashAlgorithm || (exports.HashAlgorithm = {}));
+})(HashAlgorithm || (exports.HashAlgorithm = HashAlgorithm = {}));
 
 
 /***/ }),
@@ -482,7 +509,7 @@ var AffectStatus;
     AffectStatus["Affected"] = "affected";
     AffectStatus["Unaffected"] = "unaffected";
     AffectStatus["Unknown"] = "unknown";
-})(AffectStatus = exports.AffectStatus || (exports.AffectStatus = {}));
+})(AffectStatus || (exports.AffectStatus = AffectStatus = {}));
 
 
 /***/ }),
@@ -525,7 +552,7 @@ var AnalysisJustification;
     AnalysisJustification["ProtectedAtRuntime"] = "protected_at_runtime";
     AnalysisJustification["ProtectedAtPerimeter"] = "protected_at_perimeter";
     AnalysisJustification["ProtectedByMitigatingControl"] = "protected_by_mitigating_control";
-})(AnalysisJustification = exports.AnalysisJustification || (exports.AnalysisJustification = {}));
+})(AnalysisJustification || (exports.AnalysisJustification = AnalysisJustification = {}));
 
 
 /***/ }),
@@ -565,7 +592,7 @@ var AnalysisResponse;
     AnalysisResponse["Update"] = "update";
     AnalysisResponse["Rollback"] = "rollback";
     AnalysisResponse["WorkaroundAvailable"] = "workaround_available";
-})(AnalysisResponse = exports.AnalysisResponse || (exports.AnalysisResponse = {}));
+})(AnalysisResponse || (exports.AnalysisResponse = AnalysisResponse = {}));
 class AnalysisResponseRepository extends sortable_1.SortableStringables {
 }
 exports.AnalysisResponseRepository = AnalysisResponseRepository;
@@ -608,7 +635,7 @@ var AnalysisState;
     AnalysisState["InTriage"] = "in_triage";
     AnalysisState["FalsePositive"] = "false_positive";
     AnalysisState["NotAffected"] = "not_affected";
-})(AnalysisState = exports.AnalysisState || (exports.AnalysisState = {}));
+})(AnalysisState || (exports.AnalysisState = AnalysisState = {}));
 
 
 /***/ }),
@@ -695,9 +722,11 @@ var RatingMethod;
     RatingMethod["CVSSv2"] = "CVSSv2";
     RatingMethod["CVSSv3"] = "CVSSv3";
     RatingMethod["CVSSv31"] = "CVSSv31";
+    RatingMethod["CVSSv4"] = "CVSSv4";
     RatingMethod["OWASP"] = "OWASP";
+    RatingMethod["SSVC"] = "SSVC";
     RatingMethod["Other"] = "other";
-})(RatingMethod = exports.RatingMethod || (exports.RatingMethod = {}));
+})(RatingMethod || (exports.RatingMethod = RatingMethod = {}));
 
 
 /***/ }),
@@ -738,7 +767,7 @@ var Severity;
     Severity["Info"] = "info";
     Severity["None"] = "none";
     Severity["Unknown"] = "unknown";
-})(Severity = exports.Severity || (exports.Severity = {}));
+})(Severity || (exports.Severity = Severity = {}));
 
 
 /***/ }),
@@ -1198,6 +1227,95 @@ exports.Bom = Bom;
 _Bom_version = new WeakMap(), _Bom_serialNumber = new WeakMap();
 
 
+/***/ }),
+
+/***/ "./src/models/bomLink.ts":
+/*!*******************************!*\
+  !*** ./src/models/bomLink.ts ***!
+  \*******************************/
+/***/ (function(__unused_webpack_module, exports) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _BomLinkBase_value, _a, _BomLinkDocument_pattern, _b, _BomLinkElement_pattern;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.BomLinkElement = exports.BomLinkDocument = void 0;
+class BomLinkBase {
+    constructor(value) {
+        _BomLinkBase_value.set(this, void 0);
+        this.value = value;
+    }
+    set value(value) {
+        if (!this._isValid(value)) {
+            throw new RangeError('invalid value');
+        }
+        __classPrivateFieldSet(this, _BomLinkBase_value, value, "f");
+    }
+    get value() {
+        return __classPrivateFieldGet(this, _BomLinkBase_value, "f");
+    }
+    compare(other) {
+        return this.toString().localeCompare(other.toString());
+    }
+    toString() {
+        return this.value;
+    }
+}
+_BomLinkBase_value = new WeakMap();
+class BomLinkDocument extends BomLinkBase {
+    static isValid(value) {
+        return typeof value === 'string' &&
+            __classPrivateFieldGet(this, _a, "f", _BomLinkDocument_pattern).test(value);
+    }
+    _isValid(value) {
+        return BomLinkDocument.isValid(value);
+    }
+}
+exports.BomLinkDocument = BomLinkDocument;
+_a = BomLinkDocument;
+_BomLinkDocument_pattern = { value: /^urn:cdx:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\/[1-9][0-9]*$/ };
+class BomLinkElement extends BomLinkBase {
+    static isValid(value) {
+        return typeof value === 'string' &&
+            __classPrivateFieldGet(this, _b, "f", _BomLinkElement_pattern).test(value);
+    }
+    _isValid(value) {
+        return BomLinkElement.isValid(value);
+    }
+}
+exports.BomLinkElement = BomLinkElement;
+_b = BomLinkElement;
+_BomLinkElement_pattern = { value: /^urn:cdx:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\/[1-9][0-9]*#.+$/ };
+
+
 /***/ }),
 
 /***/ "./src/models/bomRef.ts":
@@ -1510,6 +1628,7 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
 exports.Vulnerability = void 0;
 __exportStar(__webpack_require__(/*! ./attachment */ "./src/models/attachment.ts"), exports);
 __exportStar(__webpack_require__(/*! ./bom */ "./src/models/bom.ts"), exports);
+__exportStar(__webpack_require__(/*! ./bomLink */ "./src/models/bomLink.ts"), exports);
 __exportStar(__webpack_require__(/*! ./bomRef */ "./src/models/bomRef.ts"), exports);
 __exportStar(__webpack_require__(/*! ./component */ "./src/models/component.ts"), exports);
 __exportStar(__webpack_require__(/*! ./externalReference */ "./src/models/externalReference.ts"), exports);
@@ -2856,9 +2975,10 @@ class Factory {
 exports.Factory = Factory;
 _Factory_spec = new WeakMap();
 const schemaUrl = new Map([
-    [spec_1.Version.v1dot2, 'http://cyclonedx.org/schema/bom-1.2b.schema.json'],
+    [spec_1.Version.v1dot5, 'http://cyclonedx.org/schema/bom-1.5.schema.json'],
+    [spec_1.Version.v1dot4, 'http://cyclonedx.org/schema/bom-1.4.schema.json'],
     [spec_1.Version.v1dot3, 'http://cyclonedx.org/schema/bom-1.3a.schema.json'],
-    [spec_1.Version.v1dot4, 'http://cyclonedx.org/schema/bom-1.4.schema.json']
+    [spec_1.Version.v1dot2, 'http://cyclonedx.org/schema/bom-1.2b.schema.json']
 ]);
 class BaseJsonNormalizer {
     constructor(factory) {
@@ -3324,7 +3444,9 @@ class VulnerabilityRatingNormalizer extends BaseJsonNormalizer {
                 : this._factory.makeForVulnerabilitySource().normalize(data.source, options),
             score: data.score,
             severity: data.severity,
-            method: data.method,
+            method: this._factory.spec.supportsVulnerabilityRatingMethod(data.method)
+                ? data.method
+                : undefined,
             vector: data.vector,
             justification: data.justification
         };
@@ -3485,7 +3607,7 @@ var JsonSchema;
             value.length > 0;
     }
     JsonSchema.isIdnEmail = isIdnEmail;
-})(JsonSchema = exports.JsonSchema || (exports.JsonSchema = {}));
+})(JsonSchema || (exports.JsonSchema = JsonSchema = {}));
 
 
 /***/ }),
@@ -3658,7 +3780,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
 };
 var _Factory_spec, _BomNormalizer_instances, _BomNormalizer_isEligibleSerialNumber, _LicenseNormalizer_instances, _LicenseNormalizer_normalizeNamedLicense, _LicenseNormalizer_normalizeSpdxLicense, _LicenseNormalizer_normalizeLicenseExpression, _DependencyGraphNormalizer_instances, _DependencyGraphNormalizer_normalizeDependency, _VulnerabilityAffectedVersionNormalizer_instances, _VulnerabilityAffectedVersionNormalizer_normalizeAffectedSingleVersion, _VulnerabilityAffectedVersionNormalizer_normalizeAffectedVersionRange;
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.DependencyGraphNormalizer = exports.PropertyNormalizer = exports.AttachmentNormalizer = exports.ExternalReferenceNormalizer = exports.SWIDNormalizer = exports.LicenseNormalizer = exports.ComponentEvidenceNormalizer = exports.ComponentNormalizer = exports.OrganizationalEntityNormalizer = exports.OrganizationalContactNormalizer = exports.HashNormalizer = exports.ToolNormalizer = exports.MetadataNormalizer = exports.BomNormalizer = exports.Factory = void 0;
+exports.VulnerabilityAffectedVersionNormalizer = exports.VulnerabilityAffectNormalizer = exports.VulnerabilityAnalysisNormalizer = exports.VulnerabilityCreditsNormalizer = exports.VulnerabilityAdvisoryNormalizer = exports.VulnerabilityRatingNormalizer = exports.VulnerabilityReferenceNormalizer = exports.VulnerabilitySourceNormalizer = exports.VulnerabilityNormalizer = exports.DependencyGraphNormalizer = exports.PropertyNormalizer = exports.AttachmentNormalizer = exports.ExternalReferenceNormalizer = exports.SWIDNormalizer = exports.LicenseNormalizer = exports.ComponentEvidenceNormalizer = exports.ComponentNormalizer = exports.OrganizationalEntityNormalizer = exports.OrganizationalContactNormalizer = exports.HashNormalizer = exports.ToolNormalizer = exports.MetadataNormalizer = exports.BomNormalizer = exports.Factory = void 0;
 const notUndefined_1 = __webpack_require__(/*! ../../_helpers/notUndefined */ "./src/_helpers/notUndefined.ts");
 const tree_1 = __webpack_require__(/*! ../../_helpers/tree */ "./src/_helpers/tree.ts");
 const Models = __webpack_require__(/*! ../../models */ "./src/models/index.ts");
@@ -3746,9 +3868,12 @@ class Factory {
 exports.Factory = Factory;
 _Factory_spec = new WeakMap();
 const xmlNamespace = new Map([
-    [spec_1.Version.v1dot2, 'http://cyclonedx.org/schema/bom/1.2'],
+    [spec_1.Version.v1dot5, 'http://cyclonedx.org/schema/bom/1.5'],
+    [spec_1.Version.v1dot4, 'http://cyclonedx.org/schema/bom/1.4'],
     [spec_1.Version.v1dot3, 'http://cyclonedx.org/schema/bom/1.3'],
-    [spec_1.Version.v1dot4, 'http://cyclonedx.org/schema/bom/1.4']
+    [spec_1.Version.v1dot2, 'http://cyclonedx.org/schema/bom/1.2'],
+    [spec_1.Version.v1dot1, 'http://cyclonedx.org/schema/bom/1.1'],
+    [spec_1.Version.v1dot0, 'http://cyclonedx.org/schema/bom/1.0']
 ]);
 class BaseXmlNormalizer {
     constructor(factory) {
@@ -4348,6 +4473,7 @@ class VulnerabilityNormalizer extends BaseXmlNormalizer {
             : Array.from(data)).map(v => this.normalize(v, options, elementName));
     }
 }
+exports.VulnerabilityNormalizer = VulnerabilityNormalizer;
 class VulnerabilitySourceNormalizer extends BaseXmlNormalizer {
     normalize(data, options, elementName) {
         const url = data.url?.toString();
@@ -4363,6 +4489,7 @@ class VulnerabilitySourceNormalizer extends BaseXmlNormalizer {
         };
     }
 }
+exports.VulnerabilitySourceNormalizer = VulnerabilitySourceNormalizer;
 class VulnerabilityReferenceNormalizer extends BaseXmlNormalizer {
     normalize(data, options, elementName) {
         return {
@@ -4380,6 +4507,7 @@ class VulnerabilityReferenceNormalizer extends BaseXmlNormalizer {
             : Array.from(data)).map(r => this.normalize(r, options, elementName));
     }
 }
+exports.VulnerabilityReferenceNormalizer = VulnerabilityReferenceNormalizer;
 class VulnerabilityRatingNormalizer extends BaseXmlNormalizer {
     normalize(data, options, elementName) {
         return {
@@ -4391,7 +4519,9 @@ class VulnerabilityRatingNormalizer extends BaseXmlNormalizer {
                     : this._factory.makeForVulnerabilitySource().normalize(data.source, options, 'source'),
                 makeOptionalTextElement(data.score, 'score'),
                 makeOptionalTextElement(data.severity, 'severity'),
-                makeOptionalTextElement(data.method, 'method'),
+                this._factory.spec.supportsVulnerabilityRatingMethod(data.method)
+                    ? makeOptionalTextElement(data.method, 'method')
+                    : undefined,
                 makeOptionalTextElement(data.vector, 'vector'),
                 makeOptionalTextElement(data.justification, 'justification')
             ].filter(notUndefined_1.isNotUndefined)
@@ -4403,6 +4533,7 @@ class VulnerabilityRatingNormalizer extends BaseXmlNormalizer {
             : Array.from(data)).map(r => this.normalize(r, options, elementName));
     }
 }
+exports.VulnerabilityRatingNormalizer = VulnerabilityRatingNormalizer;
 class VulnerabilityAdvisoryNormalizer extends BaseXmlNormalizer {
     normalize(data, options, elementName) {
         const url = data.url.toString();
@@ -4424,6 +4555,7 @@ class VulnerabilityAdvisoryNormalizer extends BaseXmlNormalizer {
             : Array.from(data)).map(a => this.normalize(a, options, elementName)).filter(notUndefined_1.isNotUndefined);
     }
 }
+exports.VulnerabilityAdvisoryNormalizer = VulnerabilityAdvisoryNormalizer;
 class VulnerabilityCreditsNormalizer extends BaseXmlNormalizer {
     normalize(data, options, elementName) {
         const organizations = data.organizations.size > 0
@@ -4450,6 +4582,7 @@ class VulnerabilityCreditsNormalizer extends BaseXmlNormalizer {
         };
     }
 }
+exports.VulnerabilityCreditsNormalizer = VulnerabilityCreditsNormalizer;
 class VulnerabilityAnalysisNormalizer extends BaseXmlNormalizer {
     normalize(data, options, elementName) {
         const responses = data.response.size > 0
@@ -4473,6 +4606,7 @@ class VulnerabilityAnalysisNormalizer extends BaseXmlNormalizer {
         };
     }
 }
+exports.VulnerabilityAnalysisNormalizer = VulnerabilityAnalysisNormalizer;
 class VulnerabilityAffectNormalizer extends BaseXmlNormalizer {
     normalize(data, options, elementName) {
         const versions = data.versions.size > 0
@@ -4497,6 +4631,7 @@ class VulnerabilityAffectNormalizer extends BaseXmlNormalizer {
             : Array.from(data)).map(a => this.normalize(a, options, elementName));
     }
 }
+exports.VulnerabilityAffectNormalizer = VulnerabilityAffectNormalizer;
 class VulnerabilityAffectedVersionNormalizer extends BaseXmlNormalizer {
     constructor() {
         super(...arguments);
@@ -4518,6 +4653,7 @@ class VulnerabilityAffectedVersionNormalizer extends BaseXmlNormalizer {
             : Array.from(data)).map(av => this.normalize(av, options, elementName));
     }
 }
+exports.VulnerabilityAffectedVersionNormalizer = VulnerabilityAffectedVersionNormalizer;
 _VulnerabilityAffectedVersionNormalizer_instances = new WeakSet(), _VulnerabilityAffectedVersionNormalizer_normalizeAffectedSingleVersion = function _VulnerabilityAffectedVersionNormalizer_normalizeAffectedSingleVersion(data, elementName) {
     return {
         type: 'element',
@@ -4624,7 +4760,7 @@ var XmlSchema;
         return true;
     }
     XmlSchema.isAnyURI = isAnyURI;
-})(XmlSchema = exports.XmlSchema || (exports.XmlSchema = {}));
+})(XmlSchema || (exports.XmlSchema = XmlSchema = {}));
 
 
 /***/ }),
@@ -4875,34 +5011,36 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
-var _Spec_version, _Spec_formats, _Spec_componentTypes, _Spec_hashAlgorithms, _Spec_hashValuePattern, _Spec_externalReferenceTypes, _Spec_supportsDependencyGraph, _Spec_supportsToolReferences, _Spec_requiresComponentVersion, _Spec_supportsProperties, _Spec_supportsVulnerabilities, _Spec_supportsComponentEvidence;
+var _Spec_version, _Spec_formats, _Spec_componentTypes, _Spec_hashAlgorithms, _Spec_hashValuePattern, _Spec_externalReferenceTypes, _Spec_vulnerabilityRatingMethods, _Spec_supportsDependencyGraph, _Spec_supportsToolReferences, _Spec_requiresComponentVersion, _Spec_supportsProperties, _Spec_supportsVulnerabilities, _Spec_supportsComponentEvidence;
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.SpecVersionDict = exports.Spec1dot4 = exports.Spec1dot3 = exports.Spec1dot2 = exports.UnsupportedFormatError = exports.Format = exports.Version = void 0;
+exports.SpecVersionDict = exports.Spec1dot5 = exports.Spec1dot4 = exports.Spec1dot3 = exports.Spec1dot2 = exports.UnsupportedFormatError = exports.Format = exports.Version = void 0;
 const enums_1 = __webpack_require__(/*! ./enums */ "./src/enums/index.ts");
 var Version;
 (function (Version) {
-    Version["v1dot0"] = "1.0";
-    Version["v1dot1"] = "1.1";
-    Version["v1dot2"] = "1.2";
-    Version["v1dot3"] = "1.3";
+    Version["v1dot5"] = "1.5";
     Version["v1dot4"] = "1.4";
-})(Version = exports.Version || (exports.Version = {}));
+    Version["v1dot3"] = "1.3";
+    Version["v1dot2"] = "1.2";
+    Version["v1dot1"] = "1.1";
+    Version["v1dot0"] = "1.0";
+})(Version || (exports.Version = Version = {}));
 var Format;
 (function (Format) {
     Format["XML"] = "xml";
     Format["JSON"] = "json";
-})(Format = exports.Format || (exports.Format = {}));
+})(Format || (exports.Format = Format = {}));
 class UnsupportedFormatError extends Error {
 }
 exports.UnsupportedFormatError = UnsupportedFormatError;
 class Spec {
-    constructor(version, formats, componentTypes, hashAlgorithms, hashValuePattern, externalReferenceTypes, supportsDependencyGraph, supportsToolReferences, requiresComponentVersion, supportsProperties, supportsVulnerabilities, supportsComponentEvidence) {
+    constructor(version, formats, componentTypes, hashAlgorithms, hashValuePattern, externalReferenceTypes, supportsDependencyGraph, supportsToolReferences, requiresComponentVersion, supportsProperties, supportsVulnerabilities, vulnerabilityRatingMethods, supportsComponentEvidence) {
         _Spec_version.set(this, void 0);
         _Spec_formats.set(this, void 0);
         _Spec_componentTypes.set(this, void 0);
         _Spec_hashAlgorithms.set(this, void 0);
         _Spec_hashValuePattern.set(this, void 0);
         _Spec_externalReferenceTypes.set(this, void 0);
+        _Spec_vulnerabilityRatingMethods.set(this, void 0);
         _Spec_supportsDependencyGraph.set(this, void 0);
         _Spec_supportsToolReferences.set(this, void 0);
         _Spec_requiresComponentVersion.set(this, void 0);
@@ -4920,6 +5058,7 @@ class Spec {
         __classPrivateFieldSet(this, _Spec_requiresComponentVersion, requiresComponentVersion, "f");
         __classPrivateFieldSet(this, _Spec_supportsProperties, supportsProperties, "f");
         __classPrivateFieldSet(this, _Spec_supportsVulnerabilities, supportsVulnerabilities, "f");
+        __classPrivateFieldSet(this, _Spec_vulnerabilityRatingMethods, new Set(vulnerabilityRatingMethods), "f");
         __classPrivateFieldSet(this, _Spec_supportsComponentEvidence, supportsComponentEvidence, "f");
     }
     get version() {
@@ -4956,11 +5095,14 @@ class Spec {
     get supportsVulnerabilities() {
         return __classPrivateFieldGet(this, _Spec_supportsVulnerabilities, "f");
     }
+    supportsVulnerabilityRatingMethod(rm) {
+        return __classPrivateFieldGet(this, _Spec_vulnerabilityRatingMethods, "f").has(rm);
+    }
     get supportsComponentEvidence() {
         return __classPrivateFieldGet(this, _Spec_supportsComponentEvidence, "f");
     }
 }
-_Spec_version = new WeakMap(), _Spec_formats = new WeakMap(), _Spec_componentTypes = new WeakMap(), _Spec_hashAlgorithms = new WeakMap(), _Spec_hashValuePattern = new WeakMap(), _Spec_externalReferenceTypes = new WeakMap(), _Spec_supportsDependencyGraph = new WeakMap(), _Spec_supportsToolReferences = new WeakMap(), _Spec_requiresComponentVersion = new WeakMap(), _Spec_supportsProperties = new WeakMap(), _Spec_supportsVulnerabilities = new WeakMap(), _Spec_supportsComponentEvidence = new WeakMap();
+_Spec_version = new WeakMap(), _Spec_formats = new WeakMap(), _Spec_componentTypes = new WeakMap(), _Spec_hashAlgorithms = new WeakMap(), _Spec_hashValuePattern = new WeakMap(), _Spec_externalReferenceTypes = new WeakMap(), _Spec_vulnerabilityRatingMethods = new WeakMap(), _Spec_supportsDependencyGraph = new WeakMap(), _Spec_supportsToolReferences = new WeakMap(), _Spec_requiresComponentVersion = new WeakMap(), _Spec_supportsProperties = new WeakMap(), _Spec_supportsVulnerabilities = new WeakMap(), _Spec_supportsComponentEvidence = new WeakMap();
 exports.Spec1dot2 = Object.freeze(new Spec(Version.v1dot2, [
     Format.XML,
     Format.JSON
@@ -5002,7 +5144,7 @@ exports.Spec1dot2 = Object.freeze(new Spec(Version.v1dot2, [
     enums_1.ExternalReferenceType.BuildMeta,
     enums_1.ExternalReferenceType.BuildSystem,
     enums_1.ExternalReferenceType.Other
-], true, false, true, false, false, false));
+], true, false, true, false, false, [], false));
 exports.Spec1dot3 = Object.freeze(new Spec(Version.v1dot3, [
     Format.XML,
     Format.JSON
@@ -5044,7 +5186,7 @@ exports.Spec1dot3 = Object.freeze(new Spec(Version.v1dot3, [
     enums_1.ExternalReferenceType.BuildMeta,
     enums_1.ExternalReferenceType.BuildSystem,
     enums_1.ExternalReferenceType.Other
-], true, false, true, true, false, true));
+], true, false, true, true, false, [], true));
 exports.Spec1dot4 = Object.freeze(new Spec(Version.v1dot4, [
     Format.XML,
     Format.JSON
@@ -5087,11 +5229,96 @@ exports.Spec1dot4 = Object.freeze(new Spec(Version.v1dot4, [
     enums_1.ExternalReferenceType.BuildSystem,
     enums_1.ExternalReferenceType.ReleaseNotes,
     enums_1.ExternalReferenceType.Other
-], true, true, false, true, true, true));
+], true, true, false, true, true, [
+    enums_1.Vulnerability.RatingMethod.CVSSv2,
+    enums_1.Vulnerability.RatingMethod.CVSSv3,
+    enums_1.Vulnerability.RatingMethod.CVSSv31,
+    enums_1.Vulnerability.RatingMethod.OWASP,
+    enums_1.Vulnerability.RatingMethod.Other
+], true));
+exports.Spec1dot5 = Object.freeze(new Spec(Version.v1dot5, [
+    Format.XML,
+    Format.JSON
+], [
+    enums_1.ComponentType.Application,
+    enums_1.ComponentType.Framework,
+    enums_1.ComponentType.Library,
+    enums_1.ComponentType.Container,
+    enums_1.ComponentType.Platform,
+    enums_1.ComponentType.OperatingSystem,
+    enums_1.ComponentType.Device,
+    enums_1.ComponentType.DeviceDriver,
+    enums_1.ComponentType.Firmware,
+    enums_1.ComponentType.File,
+    enums_1.ComponentType.MachineLearningModel,
+    enums_1.ComponentType.Data
+], [
+    enums_1.HashAlgorithm.MD5,
+    enums_1.HashAlgorithm['SHA-1'],
+    enums_1.HashAlgorithm['SHA-256'],
+    enums_1.HashAlgorithm['SHA-384'],
+    enums_1.HashAlgorithm['SHA-512'],
+    enums_1.HashAlgorithm['SHA3-256'],
+    enums_1.HashAlgorithm['SHA3-384'],
+    enums_1.HashAlgorithm['SHA3-512'],
+    enums_1.HashAlgorithm['BLAKE2b-256'],
+    enums_1.HashAlgorithm['BLAKE2b-384'],
+    enums_1.HashAlgorithm['BLAKE2b-512'],
+    enums_1.HashAlgorithm.BLAKE3
+], /^([a-fA-F0-9]{32})$|^([a-fA-F0-9]{40})$|^([a-fA-F0-9]{64})$|^([a-fA-F0-9]{96})$|^([a-fA-F0-9]{128})$/, [
+    enums_1.ExternalReferenceType.VCS,
+    enums_1.ExternalReferenceType.IssueTracker,
+    enums_1.ExternalReferenceType.Website,
+    enums_1.ExternalReferenceType.Advisories,
+    enums_1.ExternalReferenceType.BOM,
+    enums_1.ExternalReferenceType.MailingList,
+    enums_1.ExternalReferenceType.Social,
+    enums_1.ExternalReferenceType.Chat,
+    enums_1.ExternalReferenceType.Documentation,
+    enums_1.ExternalReferenceType.Support,
+    enums_1.ExternalReferenceType.Distribution,
+    enums_1.ExternalReferenceType.DistributionIntake,
+    enums_1.ExternalReferenceType.License,
+    enums_1.ExternalReferenceType.BuildMeta,
+    enums_1.ExternalReferenceType.BuildSystem,
+    enums_1.ExternalReferenceType.ReleaseNotes,
+    enums_1.ExternalReferenceType.SecurityContact,
+    enums_1.ExternalReferenceType.ModelCard,
+    enums_1.ExternalReferenceType.Log,
+    enums_1.ExternalReferenceType.Configuration,
+    enums_1.ExternalReferenceType.Evidence,
+    enums_1.ExternalReferenceType.Formulation,
+    enums_1.ExternalReferenceType.Attestation,
+    enums_1.ExternalReferenceType.ThreatModel,
+    enums_1.ExternalReferenceType.AdversaryModel,
+    enums_1.ExternalReferenceType.RiskAssessment,
+    enums_1.ExternalReferenceType.VulnerabilityAssertion,
+    enums_1.ExternalReferenceType.ExploitabilityStatement,
+    enums_1.ExternalReferenceType.PentestReport,
+    enums_1.ExternalReferenceType.StaticAnalysisReport,
+    enums_1.ExternalReferenceType.DynamicAnalysisReport,
+    enums_1.ExternalReferenceType.RuntimeAnalysisReport,
+    enums_1.ExternalReferenceType.ComponentAnalysisReport,
+    enums_1.ExternalReferenceType.MaturityReport,
+    enums_1.ExternalReferenceType.CertificationReport,
+    enums_1.ExternalReferenceType.CodifiedInfrastructure,
+    enums_1.ExternalReferenceType.QualityMetrics,
+    enums_1.ExternalReferenceType.POAM,
+    enums_1.ExternalReferenceType.Other
+], true, true, false, true, true, [
+    enums_1.Vulnerability.RatingMethod.CVSSv2,
+    enums_1.Vulnerability.RatingMethod.CVSSv3,
+    enums_1.Vulnerability.RatingMethod.CVSSv31,
+    enums_1.Vulnerability.RatingMethod.CVSSv4,
+    enums_1.Vulnerability.RatingMethod.OWASP,
+    enums_1.Vulnerability.RatingMethod.SSVC,
+    enums_1.Vulnerability.RatingMethod.Other
+], true));
 exports.SpecVersionDict = Object.freeze({
-    [Version.v1dot2]: exports.Spec1dot2,
+    [Version.v1dot5]: exports.Spec1dot5,
+    [Version.v1dot4]: exports.Spec1dot4,
     [Version.v1dot3]: exports.Spec1dot3,
-    [Version.v1dot4]: exports.Spec1dot4
+    [Version.v1dot2]: exports.Spec1dot2
 });
 
 
@@ -5555,7 +5782,7 @@ module.exports = __WEBPACK_EXTERNAL_MODULE_spdx_expression_parse__;
   \**********************************************/
 /***/ ((module) => {
 
-module.exports = JSON.parse('{"$schema":"http://json-schema.org/draft-07/schema#","$id":"http://cyclonedx.org/schema/spdx.schema.json","$comment":"v1.0-3.17","type":"string","enum":["CC-BY-NC-ND-2.0","SGI-B-2.0","LPPL-1.3c","NIST-PD-fallback","libtiff","XSkat","PDDL-1.0","KiCad-libraries-exception","CC-BY-NC-SA-1.0","GFDL-1.1-no-invariants-only","Xerox","LPPL-1.1","VOSTROM","UCL-1.0","ADSL","OSL-2.0","AAL","FDK-AAC","W3C-20150513","AFL-1.1","W3C","Sleepycat","CECILL-1.1","mpich2","SISSL","NLOD-1.0","ANTLR-PD","GPL-3.0-only","gnuplot","NLOD-2.0","BSD-3-Clause-Open-MPI","LiLiQ-P-1.1","BSD-3-Clause-Clear","FSFUL","CC-BY-NC-SA-2.0-UK","CERN-OHL-S-2.0","Spencer-94","CERN-OHL-1.2","GFDL-1.1-or-later","AGPL-1.0-or-later","Wsuipa","AML","BSD-2-Clause","DSDP","CC-BY-2.5","MIT-CMU","Beerware","Sendmail","TU-Berlin-1.0","CNRI-Jython","mplus","CPOL-1.02","BSD-3-Clause-No-Nuclear-License-2014","ISC","CC-BY-SA-4.0","Eurosym","LGPL-3.0-only","OLDAP-1.3","GFDL-1.1-invariants-or-later","Glulxe","SimPL-2.0","CDLA-Permissive-2.0","GPL-2.0-with-font-exception","OGL-UK-2.0","CC-BY-SA-3.0-DE","CC-BY-ND-1.0","GFDL-1.1","CC-BY-4.0","OpenSSL","TU-Berlin-2.0","DOC","GFDL-1.2-no-invariants-or-later","QPL-1.0","OLDAP-2.8","OML","OLDAP-2.7","NIST-PD","Bitstream-Vera","GFDL-1.2-or-later","OFL-1.1-RFN","Bahyph","Barr","COIL-1.0","GFDL-1.3","CECILL-B","JPNIC","Zed","ICU","CC-BY-NC-SA-2.5","CC-BY-ND-3.0-DE","bzip2-1.0.5","SPL-1.0","YPL-1.0","OSET-PL-2.1","Noweb","RPSL-1.0","BSD-3-Clause-LBNL","CDLA-Sharing-1.0","CECILL-1.0","AMPAS","APAFML","CC-BY-ND-3.0","D-FSL-1.0","CC-BY-NC-3.0","libpng-2.0","PolyForm-Noncommercial-1.0.0","dvipdfm","GFDL-1.3-or-later","OGTSL","NPL-1.1","GPL-3.0","CERN-OHL-P-2.0","BlueOak-1.0.0","AGPL-3.0-or-later","blessing","ImageMagick","APSL-2.0","MIT-advertising","curl","CC0-1.0","Zimbra-1.4","SSPL-1.0","psutils","CC-BY-SA-2.0-UK","PSF-2.0","Net-SNMP","NAIST-2003","GFDL-1.2-invariants-or-later","SGI-B-1.0","NBPL-1.0","GFDL-1.2-invariants-only","W3C-19980720","OFL-1.0-no-RFN","NetCDF","TMate","NOSL","CNRI-Python-GPL-Compatible","BSD-1-Clause","CC-BY-NC-SA-3.0-DE","BSD-3-Clause-Modification","GLWTPL","GFDL-1.3-only","OLDAP-2.2","CC-BY-ND-4.0","CC-BY-NC-ND-3.0-DE","EUPL-1.0","Linux-OpenIB","LGPL-2.0-or-later","OSL-1.1","Spencer-86","LGPL-2.0","CC-PDDC","CC-BY-NC-ND-3.0","CDL-1.0","Elastic-2.0","CC-BY-2.0","BSD-3-Clause-No-Military-License","IJG","LPPL-1.3a","SAX-PD","BitTorrent-1.0","OLDAP-2.0","Giftware","C-UDA-1.0","LGPL-2.0+","Rdisc","GPL-2.0-with-classpath-exception","CC-BY-3.0-US","CDDL-1.0","Xnet","CPL-1.0","LGPL-3.0-or-later","NASA-1.3","BUSL-1.1","etalab-2.0","MIT-open-group","OLDAP-1.4","GFDL-1.1-invariants-only","RPL-1.1","CC-BY-NC-ND-2.5","FSFULLR","Saxpath","NTP-0","SISSL-1.2","GPL-3.0-or-later","Apache-1.1","CC-BY-SA-2.1-JP","AGPL-3.0-only","GPL-2.0-with-autoconf-exception","Artistic-2.0","App-s2p","Unicode-DFS-2015","diffmark","SNIA","CC-BY-SA-2.5","Linux-man-pages-copyleft","HPND-sell-variant","ZPL-2.1","BSD-4-Clause-UC","LAL-1.2","AGPL-1.0-only","MIT-enna","Condor-1.1","Naumen","GFDL-1.3-no-invariants-or-later","RPL-1.5","PolyForm-Small-Business-1.0.0","EFL-1.0","MirOS","CC-BY-2.5-AU","Afmparse","MPL-2.0-no-copyleft-exception","LiLiQ-Rplus-1.1","AFL-1.2","OSL-1.0","GPL-1.0-only","APSL-1.0","OGL-Canada-2.0","CPAL-1.0","Latex2e","Zend-2.0","Unlicense","xpp","CC-BY-NC-1.0","GPL-3.0-with-autoconf-exception","CC-BY-NC-SA-3.0","TCP-wrappers","SCEA","SSH-short","CC-BY-3.0-NL","SchemeReport","CC-BY-3.0","MPL-2.0","Unicode-TOU","CC-BY-NC-ND-1.0","Entessa","BSD-3-Clause-No-Nuclear-License","SWL","GFDL-1.2-no-invariants-only","Parity-7.0.0","OLDAP-2.2.1","SGI-B-1.1","FTL","OLDAP-2.4","CC-BY-NC-4.0","bzip2-1.0.6","copyleft-next-0.3.0","MakeIndex","NRL","GFDL-1.3-invariants-or-later","CC-BY-NC-2.0","SugarCRM-1.1.3","AFL-2.1","GPL-2.0-only","GFDL-1.3-invariants-only","TORQUE-1.1","Ruby","X11","Borceux","Libpng","X11-distribute-modifications-variant","Frameworx-1.0","NCGL-UK-2.0","CECILL-2.1","CC-BY-3.0-AT","CNRI-Python","NCSA","gSOAP-1.3b","EUPL-1.1","AMDPLPA","Imlib2","CDDL-1.1","WTFPL","LPL-1.0","EPL-1.0","BSD-3-Clause-Attribution","OSL-3.0","RHeCos-1.1","PHP-3.0","BSD-Protection","CC-BY-NC-3.0-DE","APL-1.0","EUDatagrid","GPL-1.0","SHL-0.5","CC-BY-SA-2.0","CC-BY-SA-3.0-AT","CC-BY-NC-SA-3.0-IGO","Adobe-2006","Newsletr","Nunit","Multics","OGL-UK-1.0","Vim","eCos-2.0","Zimbra-1.3","eGenix","IBM-pibs","BitTorrent-1.1","OFL-1.1-no-RFN","psfrag","CC-BY-ND-2.0","SHL-0.51","FreeBSD-DOC","Python-2.0","Mup","BSD-4-Clause-Shortened","CC-BY-NC-SA-4.0","HPND","OLDAP-2.6","MPL-1.1","GPL-2.0-with-GCC-exception","HaskellReport","ECL-1.0","LGPL-2.1-or-later","OFL-1.0","APSL-1.1","MITNFA","CECILL-2.0","Crossword","Aladdin","Baekmuk","XFree86-1.1","GPL-1.0-or-later","CERN-OHL-W-2.0","CC-BY-SA-1.0","NTP","PHP-3.01","OCLC-2.0","CC-BY-3.0-DE","CC-BY-NC-2.5","Zlib","CATOSL-1.1","LGPL-3.0+","CAL-1.0","NPL-1.0","SMLNJ","GPL-2.0+","OLDAP-2.5","JasPer-2.0","GPL-2.0-or-later","BSD-2-Clause-Patent","MS-RL","CUA-OPL-1.0","IPA","NLPL","O-UDA-1.0","MIT-Modern-Variant","OLDAP-1.2","BSD-2-Clause-FreeBSD","Info-ZIP","CC-BY-NC-SA-2.0-FR","0BSD","Unicode-DFS-2016","OFL-1.0-RFN","Intel","AFL-2.0","GL2PS","TAPR-OHL-1.0","Apache-1.0","MTLL","Motosoto","RSA-MD","Community-Spec-1.0","ODC-By-1.0","zlib-acknowledgement","DL-DE-BY-2.0","VSL-1.0","LiLiQ-R-1.1","OPL-1.0","GPL-3.0+","MulanPSL-2.0","APSL-1.2","OGDL-Taiwan-1.0","RSCPL","OGC-1.0","EFL-2.0","CAL-1.0-Combined-Work-Exception","MS-PL","Plexus","Sendmail-8.23","Cube","JSON","EUPL-1.2","Adobe-Glyph","FreeImage","Watcom-1.0","Jam","Hippocratic-2.1","OLDAP-2.0.1","CC-BY-NC-SA-2.0","Nokia","OCCT-PL","ErlPL-1.1","TOSL","OSL-2.1","ClArtistic","xinetd","GPL-3.0-with-GCC-exception","ODbL-1.0","MIT","LGPL-2.1+","LGPL-2.1-only","CrystalStacker","ECL-2.0","LPPL-1.0","iMatix","CC-BY-NC-ND-3.0-IGO","BSD-Source-Code","Parity-6.0.0","TCL","Arphic-1999","CC-BY-SA-3.0","Caldera","AGPL-1.0","IPL-1.0","LAL-1.3","EPICS","NGPL","DRL-1.0","BSD-2-Clause-NetBSD","ZPL-1.1","GD","LPPL-1.2","Dotseqn","Spencer-99","OLDAP-2.3","YPL-1.1","Fair","Qhull","GFDL-1.1-no-invariants-or-later","CECILL-C","MulanPSL-1.0","OLDAP-1.1","OLDAP-2.1","LPL-1.02","UPL-1.0","Abstyles","ZPL-2.0","MIT-0","LGPL-2.0-only","GFDL-1.3-no-invariants-only","AGPL-3.0","EPL-2.0","AFL-3.0","CDLA-Permissive-1.0","Artistic-1.0","CC-BY-NC-ND-4.0","HTMLTIDY","Glide","FSFAP","LGPLLR","OGL-UK-3.0","GFDL-1.2","SSH-OpenSSH","GFDL-1.1-only","MIT-feh","MPL-1.0","PostgreSQL","OLDAP-2.2.2","SMPPL","OFL-1.1","Leptonica","CERN-OHL-1.1","BSD-3-Clause-No-Nuclear-Warranty","CC-BY-ND-2.5","CC-BY-1.0","GFDL-1.2-only","OPUBL-1.0","libselinux-1.0","BSD-3-Clause","ANTLR-PD-fallback","copyleft-next-0.3.1","GPL-1.0+","wxWindows","LGPL-3.0","LGPL-2.1","StandardML-NJ","BSD-4-Clause","GPL-2.0-with-bison-exception","Apache-2.0","Artistic-1.0-cl8","GPL-2.0","Intel-ACPI","BSL-1.0","Artistic-1.0-Perl","BSD-2-Clause-Views","Interbase-1.0","NPOSL-3.0","FLTK-exception","Bootloader-exception","WxWindows-exception-3.1","Linux-syscall-note","Qt-LGPL-exception-1.1","LLVM-exception","PS-or-PDF-font-exception-20170817","GCC-exception-3.1","Autoconf-exception-3.0","LGPL-3.0-linking-exception","GCC-exception-2.0","Bison-exception-2.2","openvpn-openssl-exception","Libtool-exception","Autoconf-exception-2.0","GPL-3.0-linking-source-exception","GPL-CC-1.0","OCaml-LGPL-linking-exception","Universal-FOSS-exception-1.0","i2p-gpl-java-exception","CLISP-exception-2.0","OCCT-exception-1.0","Qwt-exception-1.0","gnu-javamail-exception","u-boot-exception-2.0","freertos-exception-2.0","Qt-GPL-exception-1.0","OpenJDK-assembly-exception-1.0","SHL-2.1","mif-exception","Fawkes-Runtime-exception","Swift-exception","GPL-3.0-linking-exception","SHL-2.0","Classpath-exception-2.0","LZMA-exception","Font-exception-2.0","Nokia-Qt-exception-1.1","DigiRule-FOSS-exception","eCos-exception-2.0","389-exception"]}');
+module.exports = JSON.parse('{"$schema":"http://json-schema.org/draft-07/schema#","$id":"http://cyclonedx.org/schema/spdx.schema.json","$comment":"v1.0-3.21","type":"string","enum":["0BSD","AAL","Abstyles","AdaCore-doc","Adobe-2006","Adobe-Glyph","ADSL","AFL-1.1","AFL-1.2","AFL-2.0","AFL-2.1","AFL-3.0","Afmparse","AGPL-1.0","AGPL-1.0-only","AGPL-1.0-or-later","AGPL-3.0","AGPL-3.0-only","AGPL-3.0-or-later","Aladdin","AMDPLPA","AML","AMPAS","ANTLR-PD","ANTLR-PD-fallback","Apache-1.0","Apache-1.1","Apache-2.0","APAFML","APL-1.0","App-s2p","APSL-1.0","APSL-1.1","APSL-1.2","APSL-2.0","Arphic-1999","Artistic-1.0","Artistic-1.0-cl8","Artistic-1.0-Perl","Artistic-2.0","ASWF-Digital-Assets-1.0","ASWF-Digital-Assets-1.1","Baekmuk","Bahyph","Barr","Beerware","Bitstream-Charter","Bitstream-Vera","BitTorrent-1.0","BitTorrent-1.1","blessing","BlueOak-1.0.0","Boehm-GC","Borceux","Brian-Gladman-3-Clause","BSD-1-Clause","BSD-2-Clause","BSD-2-Clause-FreeBSD","BSD-2-Clause-NetBSD","BSD-2-Clause-Patent","BSD-2-Clause-Views","BSD-3-Clause","BSD-3-Clause-Attribution","BSD-3-Clause-Clear","BSD-3-Clause-LBNL","BSD-3-Clause-Modification","BSD-3-Clause-No-Military-License","BSD-3-Clause-No-Nuclear-License","BSD-3-Clause-No-Nuclear-License-2014","BSD-3-Clause-No-Nuclear-Warranty","BSD-3-Clause-Open-MPI","BSD-4-Clause","BSD-4-Clause-Shortened","BSD-4-Clause-UC","BSD-4.3RENO","BSD-4.3TAHOE","BSD-Advertising-Acknowledgement","BSD-Attribution-HPND-disclaimer","BSD-Protection","BSD-Source-Code","BSL-1.0","BUSL-1.1","bzip2-1.0.5","bzip2-1.0.6","C-UDA-1.0","CAL-1.0","CAL-1.0-Combined-Work-Exception","Caldera","CATOSL-1.1","CC-BY-1.0","CC-BY-2.0","CC-BY-2.5","CC-BY-2.5-AU","CC-BY-3.0","CC-BY-3.0-AT","CC-BY-3.0-DE","CC-BY-3.0-IGO","CC-BY-3.0-NL","CC-BY-3.0-US","CC-BY-4.0","CC-BY-NC-1.0","CC-BY-NC-2.0","CC-BY-NC-2.5","CC-BY-NC-3.0","CC-BY-NC-3.0-DE","CC-BY-NC-4.0","CC-BY-NC-ND-1.0","CC-BY-NC-ND-2.0","CC-BY-NC-ND-2.5","CC-BY-NC-ND-3.0","CC-BY-NC-ND-3.0-DE","CC-BY-NC-ND-3.0-IGO","CC-BY-NC-ND-4.0","CC-BY-NC-SA-1.0","CC-BY-NC-SA-2.0","CC-BY-NC-SA-2.0-DE","CC-BY-NC-SA-2.0-FR","CC-BY-NC-SA-2.0-UK","CC-BY-NC-SA-2.5","CC-BY-NC-SA-3.0","CC-BY-NC-SA-3.0-DE","CC-BY-NC-SA-3.0-IGO","CC-BY-NC-SA-4.0","CC-BY-ND-1.0","CC-BY-ND-2.0","CC-BY-ND-2.5","CC-BY-ND-3.0","CC-BY-ND-3.0-DE","CC-BY-ND-4.0","CC-BY-SA-1.0","CC-BY-SA-2.0","CC-BY-SA-2.0-UK","CC-BY-SA-2.1-JP","CC-BY-SA-2.5","CC-BY-SA-3.0","CC-BY-SA-3.0-AT","CC-BY-SA-3.0-DE","CC-BY-SA-3.0-IGO","CC-BY-SA-4.0","CC-PDDC","CC0-1.0","CDDL-1.0","CDDL-1.1","CDL-1.0","CDLA-Permissive-1.0","CDLA-Permissive-2.0","CDLA-Sharing-1.0","CECILL-1.0","CECILL-1.1","CECILL-2.0","CECILL-2.1","CECILL-B","CECILL-C","CERN-OHL-1.1","CERN-OHL-1.2","CERN-OHL-P-2.0","CERN-OHL-S-2.0","CERN-OHL-W-2.0","CFITSIO","checkmk","ClArtistic","Clips","CMU-Mach","CNRI-Jython","CNRI-Python","CNRI-Python-GPL-Compatible","COIL-1.0","Community-Spec-1.0","Condor-1.1","copyleft-next-0.3.0","copyleft-next-0.3.1","Cornell-Lossless-JPEG","CPAL-1.0","CPL-1.0","CPOL-1.02","Crossword","CrystalStacker","CUA-OPL-1.0","Cube","curl","D-FSL-1.0","diffmark","DL-DE-BY-2.0","DOC","Dotseqn","DRL-1.0","DSDP","dtoa","dvipdfm","ECL-1.0","ECL-2.0","eCos-2.0","EFL-1.0","EFL-2.0","eGenix","Elastic-2.0","Entessa","EPICS","EPL-1.0","EPL-2.0","ErlPL-1.1","etalab-2.0","EUDatagrid","EUPL-1.0","EUPL-1.1","EUPL-1.2","Eurosym","Fair","FDK-AAC","Frameworx-1.0","FreeBSD-DOC","FreeImage","FSFAP","FSFUL","FSFULLR","FSFULLRWD","FTL","GD","GFDL-1.1","GFDL-1.1-invariants-only","GFDL-1.1-invariants-or-later","GFDL-1.1-no-invariants-only","GFDL-1.1-no-invariants-or-later","GFDL-1.1-only","GFDL-1.1-or-later","GFDL-1.2","GFDL-1.2-invariants-only","GFDL-1.2-invariants-or-later","GFDL-1.2-no-invariants-only","GFDL-1.2-no-invariants-or-later","GFDL-1.2-only","GFDL-1.2-or-later","GFDL-1.3","GFDL-1.3-invariants-only","GFDL-1.3-invariants-or-later","GFDL-1.3-no-invariants-only","GFDL-1.3-no-invariants-or-later","GFDL-1.3-only","GFDL-1.3-or-later","Giftware","GL2PS","Glide","Glulxe","GLWTPL","gnuplot","GPL-1.0","GPL-1.0+","GPL-1.0-only","GPL-1.0-or-later","GPL-2.0","GPL-2.0+","GPL-2.0-only","GPL-2.0-or-later","GPL-2.0-with-autoconf-exception","GPL-2.0-with-bison-exception","GPL-2.0-with-classpath-exception","GPL-2.0-with-font-exception","GPL-2.0-with-GCC-exception","GPL-3.0","GPL-3.0+","GPL-3.0-only","GPL-3.0-or-later","GPL-3.0-with-autoconf-exception","GPL-3.0-with-GCC-exception","Graphics-Gems","gSOAP-1.3b","HaskellReport","Hippocratic-2.1","HP-1986","HPND","HPND-export-US","HPND-Markus-Kuhn","HPND-sell-variant","HPND-sell-variant-MIT-disclaimer","HTMLTIDY","IBM-pibs","ICU","IEC-Code-Components-EULA","IJG","IJG-short","ImageMagick","iMatix","Imlib2","Info-ZIP","Inner-Net-2.0","Intel","Intel-ACPI","Interbase-1.0","IPA","IPL-1.0","ISC","Jam","JasPer-2.0","JPL-image","JPNIC","JSON","Kazlib","Knuth-CTAN","LAL-1.2","LAL-1.3","Latex2e","Latex2e-translated-notice","Leptonica","LGPL-2.0","LGPL-2.0+","LGPL-2.0-only","LGPL-2.0-or-later","LGPL-2.1","LGPL-2.1+","LGPL-2.1-only","LGPL-2.1-or-later","LGPL-3.0","LGPL-3.0+","LGPL-3.0-only","LGPL-3.0-or-later","LGPLLR","Libpng","libpng-2.0","libselinux-1.0","libtiff","libutil-David-Nugent","LiLiQ-P-1.1","LiLiQ-R-1.1","LiLiQ-Rplus-1.1","Linux-man-pages-1-para","Linux-man-pages-copyleft","Linux-man-pages-copyleft-2-para","Linux-man-pages-copyleft-var","Linux-OpenIB","LOOP","LPL-1.0","LPL-1.02","LPPL-1.0","LPPL-1.1","LPPL-1.2","LPPL-1.3a","LPPL-1.3c","LZMA-SDK-9.11-to-9.20","LZMA-SDK-9.22","MakeIndex","Martin-Birgmeier","metamail","Minpack","MirOS","MIT","MIT-0","MIT-advertising","MIT-CMU","MIT-enna","MIT-feh","MIT-Festival","MIT-Modern-Variant","MIT-open-group","MIT-Wu","MITNFA","Motosoto","mpi-permissive","mpich2","MPL-1.0","MPL-1.1","MPL-2.0","MPL-2.0-no-copyleft-exception","mplus","MS-LPL","MS-PL","MS-RL","MTLL","MulanPSL-1.0","MulanPSL-2.0","Multics","Mup","NAIST-2003","NASA-1.3","Naumen","NBPL-1.0","NCGL-UK-2.0","NCSA","Net-SNMP","NetCDF","Newsletr","NGPL","NICTA-1.0","NIST-PD","NIST-PD-fallback","NIST-Software","NLOD-1.0","NLOD-2.0","NLPL","Nokia","NOSL","Noweb","NPL-1.0","NPL-1.1","NPOSL-3.0","NRL","NTP","NTP-0","Nunit","O-UDA-1.0","OCCT-PL","OCLC-2.0","ODbL-1.0","ODC-By-1.0","OFFIS","OFL-1.0","OFL-1.0-no-RFN","OFL-1.0-RFN","OFL-1.1","OFL-1.1-no-RFN","OFL-1.1-RFN","OGC-1.0","OGDL-Taiwan-1.0","OGL-Canada-2.0","OGL-UK-1.0","OGL-UK-2.0","OGL-UK-3.0","OGTSL","OLDAP-1.1","OLDAP-1.2","OLDAP-1.3","OLDAP-1.4","OLDAP-2.0","OLDAP-2.0.1","OLDAP-2.1","OLDAP-2.2","OLDAP-2.2.1","OLDAP-2.2.2","OLDAP-2.3","OLDAP-2.4","OLDAP-2.5","OLDAP-2.6","OLDAP-2.7","OLDAP-2.8","OLFL-1.3","OML","OpenPBS-2.3","OpenSSL","OPL-1.0","OPL-UK-3.0","OPUBL-1.0","OSET-PL-2.1","OSL-1.0","OSL-1.1","OSL-2.0","OSL-2.1","OSL-3.0","Parity-6.0.0","Parity-7.0.0","PDDL-1.0","PHP-3.0","PHP-3.01","Plexus","PolyForm-Noncommercial-1.0.0","PolyForm-Small-Business-1.0.0","PostgreSQL","PSF-2.0","psfrag","psutils","Python-2.0","Python-2.0.1","Qhull","QPL-1.0","QPL-1.0-INRIA-2004","Rdisc","RHeCos-1.1","RPL-1.1","RPL-1.5","RPSL-1.0","RSA-MD","RSCPL","Ruby","SAX-PD","Saxpath","SCEA","SchemeReport","Sendmail","Sendmail-8.23","SGI-B-1.0","SGI-B-1.1","SGI-B-2.0","SGP4","SHL-0.5","SHL-0.51","SimPL-2.0","SISSL","SISSL-1.2","Sleepycat","SMLNJ","SMPPL","SNIA","snprintf","Spencer-86","Spencer-94","Spencer-99","SPL-1.0","SSH-OpenSSH","SSH-short","SSPL-1.0","StandardML-NJ","SugarCRM-1.1.3","SunPro","SWL","Symlinks","TAPR-OHL-1.0","TCL","TCP-wrappers","TermReadKey","TMate","TORQUE-1.1","TOSL","TPDL","TPL-1.0","TTWL","TU-Berlin-1.0","TU-Berlin-2.0","UCAR","UCL-1.0","Unicode-DFS-2015","Unicode-DFS-2016","Unicode-TOU","UnixCrypt","Unlicense","UPL-1.0","Vim","VOSTROM","VSL-1.0","W3C","W3C-19980720","W3C-20150513","w3m","Watcom-1.0","Widget-Workshop","Wsuipa","WTFPL","wxWindows","X11","X11-distribute-modifications-variant","Xdebug-1.03","Xerox","Xfig","XFree86-1.1","xinetd","xlock","Xnet","xpp","XSkat","YPL-1.0","YPL-1.1","Zed","Zend-2.0","Zimbra-1.3","Zimbra-1.4","Zlib","zlib-acknowledgement","ZPL-1.1","ZPL-2.0","ZPL-2.1","389-exception","Asterisk-exception","Autoconf-exception-2.0","Autoconf-exception-3.0","Autoconf-exception-generic","Autoconf-exception-macro","Bison-exception-2.2","Bootloader-exception","Classpath-exception-2.0","CLISP-exception-2.0","cryptsetup-OpenSSL-exception","DigiRule-FOSS-exception","eCos-exception-2.0","Fawkes-Runtime-exception","FLTK-exception","Font-exception-2.0","freertos-exception-2.0","GCC-exception-2.0","GCC-exception-3.1","GNAT-exception","gnu-javamail-exception","GPL-3.0-interface-exception","GPL-3.0-linking-exception","GPL-3.0-linking-source-exception","GPL-CC-1.0","GStreamer-exception-2005","GStreamer-exception-2008","i2p-gpl-java-exception","KiCad-libraries-exception","LGPL-3.0-linking-exception","libpri-OpenH323-exception","Libtool-exception","Linux-syscall-note","LLGPL","LLVM-exception","LZMA-exception","mif-exception","Nokia-Qt-exception-1.1","OCaml-LGPL-linking-exception","OCCT-exception-1.0","OpenJDK-assembly-exception-1.0","openvpn-openssl-exception","PS-or-PDF-font-exception-20170817","QPL-1.0-INRIA-2004-exception","Qt-GPL-exception-1.0","Qt-LGPL-exception-1.1","Qwt-exception-1.0","SHL-2.0","SHL-2.1","SWI-exception","Swift-exception","u-boot-exception-2.0","Universal-FOSS-exception-1.0","vsftpd-openssl-exception","WxWindows-exception-3.1","x11vnc-openssl-exception"]}');
 
 /***/ })