hoppr-cyclonedx-models 0.5.5__tar.gz → 0.6.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of hoppr-cyclonedx-models might be problematic. Click here for more details.
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/PKG-INFO +7 -4
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/hoppr_cyclonedx_models/__init__.py +1 -1
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/hoppr_cyclonedx_models/cyclonedx_1_3.py +2 -2
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/hoppr_cyclonedx_models/cyclonedx_1_4.py +2 -2
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/hoppr_cyclonedx_models/cyclonedx_1_5.py +57 -39
- hoppr_cyclonedx_models-0.6.2/hoppr_cyclonedx_models/cyclonedx_1_6.py +5841 -0
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/hoppr_cyclonedx_models/spdx.py +93 -2
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/pyproject.toml +16 -11
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/LICENSE +0 -0
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/README.md +0 -0
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/hoppr_cyclonedx_models/base.py +0 -0
- {hoppr_cyclonedx_models-0.5.5 → hoppr_cyclonedx_models-0.6.2}/hoppr_cyclonedx_models/py.typed +0 -0
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
Metadata-Version: 2.
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
2
|
Name: hoppr-cyclonedx-models
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.6.2
|
|
4
4
|
Summary: CycloneDX Pydantic models for easy use in your Python project.
|
|
5
|
-
Home-page: https://gitlab.com/hoppr/hoppr-cyclonedx-models
|
|
6
5
|
License: MIT
|
|
6
|
+
License-File: LICENSE
|
|
7
7
|
Keywords: pydantic,models,cyclonedx,software bill of materials
|
|
8
8
|
Author: LMCO Open Source
|
|
9
9
|
Author-email: open.source@lmco.com
|
|
10
|
-
Requires-Python: >=3.
|
|
10
|
+
Requires-Python: >=3.8.0,<4.0.0
|
|
11
11
|
Classifier: Development Status :: 2 - Pre-Alpha
|
|
12
12
|
Classifier: Framework :: Pydantic
|
|
13
13
|
Classifier: Framework :: Pytest
|
|
@@ -19,9 +19,12 @@ Classifier: Programming Language :: Python :: 3.9
|
|
|
19
19
|
Classifier: Programming Language :: Python :: 3.10
|
|
20
20
|
Classifier: Programming Language :: Python :: 3.11
|
|
21
21
|
Classifier: Programming Language :: Python :: 3.12
|
|
22
|
+
Classifier: Programming Language :: Python :: 3.13
|
|
23
|
+
Classifier: Programming Language :: Python :: 3.14
|
|
22
24
|
Classifier: Topic :: Software Development :: Code Generators
|
|
23
25
|
Classifier: Typing :: Typed
|
|
24
26
|
Requires-Dist: pydantic[email] (>=1.10.2,<2.0.0)
|
|
27
|
+
Requires-Dist: typing-extensions (>=4.7.1,<5.0.0)
|
|
25
28
|
Project-URL: Repository, https://gitlab.com/hoppr/hoppr-cyclonedx-models
|
|
26
29
|
Description-Content-Type: text/markdown
|
|
27
30
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"""
|
|
2
2
|
--------------------------------------------------------------------------------
|
|
3
|
-
SPDX-FileCopyrightText: Copyright ©
|
|
3
|
+
SPDX-FileCopyrightText: Copyright © 2024 Lockheed Martin <open.source@lmco.com>
|
|
4
4
|
SPDX-FileName: hoppr_cyclonedx_models/cyclonedx_1_3.py
|
|
5
5
|
SPDX-FileType: SOURCE
|
|
6
6
|
SPDX-License-Identifier: MIT
|
|
@@ -25,7 +25,7 @@ THE SOFTWARE.
|
|
|
25
25
|
--------------------------------------------------------------------------------
|
|
26
26
|
This file was generated by datamodel-codegen:
|
|
27
27
|
filename: bom-1.3.schema.json
|
|
28
|
-
timestamp:
|
|
28
|
+
timestamp: 2024-07-15T17:53:40+00:00
|
|
29
29
|
version: 0.21.5
|
|
30
30
|
"""
|
|
31
31
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"""
|
|
2
2
|
--------------------------------------------------------------------------------
|
|
3
|
-
SPDX-FileCopyrightText: Copyright ©
|
|
3
|
+
SPDX-FileCopyrightText: Copyright © 2024 Lockheed Martin <open.source@lmco.com>
|
|
4
4
|
SPDX-FileName: hoppr_cyclonedx_models/cyclonedx_1_4.py
|
|
5
5
|
SPDX-FileType: SOURCE
|
|
6
6
|
SPDX-License-Identifier: MIT
|
|
@@ -25,7 +25,7 @@ THE SOFTWARE.
|
|
|
25
25
|
--------------------------------------------------------------------------------
|
|
26
26
|
This file was generated by datamodel-codegen:
|
|
27
27
|
filename: bom-1.4.schema.json
|
|
28
|
-
timestamp:
|
|
28
|
+
timestamp: 2024-07-15T17:53:40+00:00
|
|
29
29
|
version: 0.21.5
|
|
30
30
|
"""
|
|
31
31
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"""
|
|
2
2
|
--------------------------------------------------------------------------------
|
|
3
|
-
SPDX-FileCopyrightText: Copyright ©
|
|
3
|
+
SPDX-FileCopyrightText: Copyright © 2024 Lockheed Martin <open.source@lmco.com>
|
|
4
4
|
SPDX-FileName: hoppr_cyclonedx_models/cyclonedx_1_5.py
|
|
5
5
|
SPDX-FileType: SOURCE
|
|
6
6
|
SPDX-License-Identifier: MIT
|
|
@@ -25,7 +25,7 @@ THE SOFTWARE.
|
|
|
25
25
|
--------------------------------------------------------------------------------
|
|
26
26
|
This file was generated by datamodel-codegen:
|
|
27
27
|
filename: bom-1.5.schema.json
|
|
28
|
-
timestamp:
|
|
28
|
+
timestamp: 2024-07-15T17:53:40+00:00
|
|
29
29
|
version: 0.21.5
|
|
30
30
|
"""
|
|
31
31
|
|
|
@@ -33,7 +33,7 @@ from __future__ import annotations
|
|
|
33
33
|
|
|
34
34
|
from datetime import datetime
|
|
35
35
|
from enum import Enum
|
|
36
|
-
from typing import List, Optional, Union
|
|
36
|
+
from typing import Any, List, Optional, Union
|
|
37
37
|
|
|
38
38
|
from pydantic import AnyUrl, EmailStr, Extra, Field
|
|
39
39
|
from typing_extensions import Annotated, Literal
|
|
@@ -386,6 +386,17 @@ class Licensing(CycloneDXBaseModel):
|
|
|
386
386
|
] = None
|
|
387
387
|
|
|
388
388
|
|
|
389
|
+
LicenseChoice2 = Annotated[
|
|
390
|
+
List[Any],
|
|
391
|
+
Field(
|
|
392
|
+
description="A tuple of exactly one SPDX License Expression.",
|
|
393
|
+
max_items=1,
|
|
394
|
+
min_items=1,
|
|
395
|
+
title="SPDX License Expression",
|
|
396
|
+
),
|
|
397
|
+
]
|
|
398
|
+
|
|
399
|
+
|
|
389
400
|
class Type1(Enum):
|
|
390
401
|
"""
|
|
391
402
|
Specifies the purpose for the patch including the resolution of defects, security issues, or new behavior or functionality.
|
|
@@ -821,39 +832,6 @@ class Callstack(CycloneDXBaseModel):
|
|
|
821
832
|
frames: Annotated[Optional[List[Frame]], Field(title="Methods")] = None
|
|
822
833
|
|
|
823
834
|
|
|
824
|
-
class ComponentEvidence(CycloneDXBaseModel):
|
|
825
|
-
"""
|
|
826
|
-
Provides the ability to document evidence collected through various forms of extraction or analysis.
|
|
827
|
-
"""
|
|
828
|
-
|
|
829
|
-
class Config:
|
|
830
|
-
extra = Extra.forbid
|
|
831
|
-
|
|
832
|
-
identity: Annotated[
|
|
833
|
-
Optional[Identity], Field(description="Evidence that substantiates the identity of a component.")
|
|
834
|
-
] = None
|
|
835
|
-
occurrences: Annotated[
|
|
836
|
-
Optional[List[Occurrence]],
|
|
837
|
-
Field(
|
|
838
|
-
description="Evidence of individual instances of a component spread across multiple locations.",
|
|
839
|
-
title="Occurrences",
|
|
840
|
-
),
|
|
841
|
-
] = None
|
|
842
|
-
callstack: Annotated[
|
|
843
|
-
Optional[Callstack], Field(description="Evidence of the components use through the callstack.")
|
|
844
|
-
] = None
|
|
845
|
-
licenses: Annotated[
|
|
846
|
-
Optional[List],
|
|
847
|
-
Field(
|
|
848
|
-
description=(
|
|
849
|
-
"EITHER (list of SPDX licenses and/or named licenses) OR (tuple of one SPDX License Expression)"
|
|
850
|
-
),
|
|
851
|
-
title="Component License(s)",
|
|
852
|
-
),
|
|
853
|
-
] = None
|
|
854
|
-
copyright: Annotated[Optional[List[Copyright]], Field(title="Copyright")] = None
|
|
855
|
-
|
|
856
|
-
|
|
857
835
|
class AggregateType(Enum):
|
|
858
836
|
COMPLETE = complete = "complete"
|
|
859
837
|
INCOMPLETE = incomplete = "incomplete"
|
|
@@ -1876,6 +1854,13 @@ class License(CycloneDXBaseModel):
|
|
|
1876
1854
|
] = None
|
|
1877
1855
|
|
|
1878
1856
|
|
|
1857
|
+
class LicenseChoice1(CycloneDXBaseModel):
|
|
1858
|
+
class Config:
|
|
1859
|
+
extra = Extra.forbid
|
|
1860
|
+
|
|
1861
|
+
license: License
|
|
1862
|
+
|
|
1863
|
+
|
|
1879
1864
|
class Commit(CycloneDXBaseModel):
|
|
1880
1865
|
"""
|
|
1881
1866
|
Specifies an individual commit
|
|
@@ -2050,6 +2035,39 @@ class ExternalReference(CycloneDXBaseModel):
|
|
|
2050
2035
|
] = None
|
|
2051
2036
|
|
|
2052
2037
|
|
|
2038
|
+
class ComponentEvidence(CycloneDXBaseModel):
|
|
2039
|
+
"""
|
|
2040
|
+
Provides the ability to document evidence collected through various forms of extraction or analysis.
|
|
2041
|
+
"""
|
|
2042
|
+
|
|
2043
|
+
class Config:
|
|
2044
|
+
extra = Extra.forbid
|
|
2045
|
+
|
|
2046
|
+
identity: Annotated[
|
|
2047
|
+
Optional[Identity], Field(description="Evidence that substantiates the identity of a component.")
|
|
2048
|
+
] = None
|
|
2049
|
+
occurrences: Annotated[
|
|
2050
|
+
Optional[List[Occurrence]],
|
|
2051
|
+
Field(
|
|
2052
|
+
description="Evidence of individual instances of a component spread across multiple locations.",
|
|
2053
|
+
title="Occurrences",
|
|
2054
|
+
),
|
|
2055
|
+
] = None
|
|
2056
|
+
callstack: Annotated[
|
|
2057
|
+
Optional[Callstack], Field(description="Evidence of the components use through the callstack.")
|
|
2058
|
+
] = None
|
|
2059
|
+
licenses: Annotated[
|
|
2060
|
+
Optional[Union[List[LicenseChoice1], LicenseChoice2]],
|
|
2061
|
+
Field(
|
|
2062
|
+
description=(
|
|
2063
|
+
"EITHER (list of SPDX licenses and/or named licenses) OR (tuple of one SPDX License Expression)"
|
|
2064
|
+
),
|
|
2065
|
+
title="Component License(s)",
|
|
2066
|
+
),
|
|
2067
|
+
] = None
|
|
2068
|
+
copyright: Annotated[Optional[List[Copyright]], Field(title="Copyright")] = None
|
|
2069
|
+
|
|
2070
|
+
|
|
2053
2071
|
class Rating(CycloneDXBaseModel):
|
|
2054
2072
|
"""
|
|
2055
2073
|
Defines the severity or risk ratings of a vulnerability.
|
|
@@ -2848,7 +2866,7 @@ class Service(CycloneDXBaseModel):
|
|
|
2848
2866
|
),
|
|
2849
2867
|
] = None
|
|
2850
2868
|
licenses: Annotated[
|
|
2851
|
-
Optional[List],
|
|
2869
|
+
Optional[Union[List[LicenseChoice1], LicenseChoice2]],
|
|
2852
2870
|
Field(
|
|
2853
2871
|
description=(
|
|
2854
2872
|
"EITHER (list of SPDX licenses and/or named licenses) OR (tuple of one SPDX License Expression)"
|
|
@@ -3572,7 +3590,7 @@ class Metadata(CycloneDXBaseModel):
|
|
|
3572
3590
|
),
|
|
3573
3591
|
] = None
|
|
3574
3592
|
licenses: Annotated[
|
|
3575
|
-
Optional[List],
|
|
3593
|
+
Optional[Union[List[LicenseChoice1], LicenseChoice2]],
|
|
3576
3594
|
Field(
|
|
3577
3595
|
description=(
|
|
3578
3596
|
"EITHER (list of SPDX licenses and/or named licenses) OR (tuple of one SPDX License Expression)"
|
|
@@ -3816,7 +3834,7 @@ class Component(CycloneDXBaseModel):
|
|
|
3816
3834
|
] = Scope.required
|
|
3817
3835
|
hashes: Annotated[Optional[List[Hash]], Field(title="Component Hashes")] = None
|
|
3818
3836
|
licenses: Annotated[
|
|
3819
|
-
Optional[List],
|
|
3837
|
+
Optional[Union[List[LicenseChoice1], LicenseChoice2]],
|
|
3820
3838
|
Field(
|
|
3821
3839
|
description=(
|
|
3822
3840
|
"EITHER (list of SPDX licenses and/or named licenses) OR (tuple of one SPDX License Expression)"
|