python-ort 0.6.5__tar.gz → 0.7.0__tar.gz

{python_ort-0.6.5 → python_ort-0.7.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: python-ort
-Version: 0.6.5
+Version: 0.7.0
 Summary: A Python Ort model serialization library
 License-Expression: MIT
 License-File: LICENSE

{python_ort-0.6.5 → python_ort-0.7.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "uv_build"
 
 [project]
 name = "python-ort"
-version = "0.6.5"
+version = "0.7.0"
 description = "A Python Ort model serialization library"
 readme = "README.md"
 license = "MIT"
@@ -35,11 +35,11 @@ module-root = "src"
 
 [dependency-groups]
 dev = [
-    "datamodel-code-generator[http]>=0.54.0",
+    "datamodel-code-generator[http]>=0.55.0",
     "pytest>=9.0.2",
     "rich>=14.3.3",
-    "ruff>=0.15.4",
-    "ty>=0.0.20",
+    "ruff>=0.15.5",
+    "ty>=0.0.21",
     "types-pyyaml>=6.0.12.20250915",
 ]
 
@@ -159,9 +159,3 @@ dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$"
 quote-style = "double"
 indent-style = "space"
 skip-magic-trailing-comma = false
-
-[tool.pyrefly]
-project_includes = [
-    "src/ort/**",
-    "tests/**",
-]

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/__init__.py

@@ -5,9 +5,12 @@
 from .models.analyzer_result import AnalyzerResult
 from .models.config.repository_configuration import RepositoryConfiguration
 from .models.ort_result import OrtResult
+from .utils.yaml_loader import OrtYamlLoader, ort_yaml_load
 
 __all__ = [
     "AnalyzerResult",
+    "OrtYamlLoader",
     "RepositoryConfiguration",
     "OrtResult",
+    "ort_yaml_load",
 ]

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/advisor_capability.py

@@ -2,10 +2,10 @@
 # SPDX-License-Identifier: MIT
 
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class AdvisorCapability(IntEnum):
+class AdvisorCapability(ValidatedIntEnum):
     """
     An enum class that defines the capabilities of a specific advisor implementation.
 

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/advisor_details.py

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
+from pydantic import BaseModel, ConfigDict, Field
 
 from ort.models import AdvisorCapability
 
@@ -22,20 +22,3 @@ class AdvisorDetails(BaseModel):
         description="The capabilities of the used advisor. This property indicates, which kind of findings"
         "are retrieved by the advisor."
     )
-
-    @field_validator("capabilities", mode="before")
-    @classmethod
-    def convert_capability(cls, v):
-        def _convert(item):
-            if isinstance(item, str):
-                try:
-                    return AdvisorCapability[item]
-                except KeyError:
-                    raise ValueError(f"Invalid capability: {item}")
-            return item
-
-        if isinstance(v, (list, set)):
-            return {_convert(item) for item in v}
-        if isinstance(v, str):
-            return _convert(v)
-        return v

python_ort-0.7.0/src/ort/models/advisor_run.py

@@ -0,0 +1,25 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
+# SPDX-License-Identifier: MIT
+
+
+from pydantic import Field
+
+from .advisor_result import AdvisorResult
+from .base_run import BaseRun
+from .config.advisor_configuration import AdvisorConfiguration
+from .identifier import Identifier
+
+
+class AdvisorRun(BaseRun):
+    """
+    Type alias for a function that allows filtering of [AdvisorResult]s.
+
+    """
+
+    config: AdvisorConfiguration = Field(
+        description="The [AdvisorConfiguration] used for this run.",
+    )
+    results: dict[Identifier, list[AdvisorResult]] = Field(
+        default_factory=dict,
+        description="The result of this run.",
+    )

python_ort-0.7.0/src/ort/models/analyzer_run.py

@@ -0,0 +1,24 @@
+# SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <heliocastro@gmail.com>
+# SPDX-License-Identifier: MIT
+
+
+from pydantic import Field
+
+from .analyzer_result import AnalyzerResult
+from .base_run import BaseRun
+from .config.analyzer_configuration import AnalyzerConfiguration
+
+
+class AnalyzerRun(BaseRun):
+    """
+    The summary of a single run of the analyzer.
+
+    """
+
+    config: AnalyzerConfiguration = Field(
+        description="The [AnalyzerConfiguration] used for this run.",
+    )
+    result: AnalyzerResult | None = Field(
+        default=None,
+        description="The result of this run.",
+    )

python_ort-0.6.5/src/ort/models/analyzer_run.py → python_ort-0.7.0/src/ort/models/base_run.py

@@ -5,12 +5,10 @@ from datetime import datetime
 
 from pydantic import BaseModel, ConfigDict, Field
 
-from ort.models import AnalyzerResult
-from ort.models.config.analyzer_configuration import AnalyzerConfiguration
 from ort.utils.environment import Environment
 
 
-class AnalyzerRun(BaseModel):
+class BaseRun(BaseModel):
     """
     The summary of a single run of the analyzer.
 
@@ -28,10 +26,3 @@ class AnalyzerRun(BaseModel):
     environment: Environment = Field(
         description="The [Environment] in which the analyzer was executed.",
     )
-    config: AnalyzerConfiguration = Field(
-        description="The [AnalyzerConfiguration] used for this run.",
-    )
-    result: AnalyzerResult | None = Field(
-        default=None,
-        description="The result of this run.",
-    )

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/issue_resolution.py

@@ -2,9 +2,7 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
-
-from ort.utils import convert_enum
+from pydantic import BaseModel, ConfigDict, Field
 
 from .issue_resolution_reason import IssueResolutionReason
 
@@ -32,8 +30,3 @@ class IssueResolution(BaseModel):
     comment: str = Field(
         description="A comment to further explain why the [reason] is applicable here.",
     )
-
-    @field_validator("reason", mode="before")
-    @classmethod
-    def validate_reason(cls, value):
-        return convert_enum(IssueResolutionReason, value)

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/issue_resolution_reason.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class IssueResolutionReason(IntEnum):
+class IssueResolutionReason(ValidatedIntEnum):
     """
     Possible reasons for resolving an Issue using an IssueResolution.
 

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/path_exclude.py

@@ -2,9 +2,7 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
-
-from ort.utils import convert_enum
+from pydantic import BaseModel, ConfigDict, Field
 
 from .path_exclude_reason import PathExcludeReason
 
@@ -32,8 +30,3 @@ class PathExclude(BaseModel):
         default_factory=str,
         description="A comment to further explain why the [reason] is applicable here.",
     )
-
-    @field_validator("reason", mode="before")
-    @classmethod
-    def validate_reason(cls, value):
-        return convert_enum(PathExcludeReason, value)

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/path_exclude_reason.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class PathExcludeReason(IntEnum):
+class PathExcludeReason(ValidatedIntEnum):
     """
     Possible reasons for excluding a path.
 

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/path_include.py

@@ -2,9 +2,7 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
-
-from ort.utils import convert_enum
+from pydantic import BaseModel, ConfigDict, Field
 
 from .path_include_reason import PathIncludeReason
 
@@ -32,8 +30,3 @@ class PathInclude(BaseModel):
         default_factory=str,
         description="A comment to further explain why the [reason] is applicable here.",
     )
-
-    @field_validator("reason", mode="before")
-    @classmethod
-    def validate_reason(cls, value):
-        return convert_enum(PathIncludeReason, value)

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/path_include_reason.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class PathIncludeReason(IntEnum):
+class PathIncludeReason(ValidatedIntEnum):
     """
     Possible reasons for including a path.
 

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/repository_configuration.py

@@ -11,7 +11,7 @@ from .license_choice import LicenseChoice
 from .package_configuration import PackageConfiguration
 from .repository_analyzer_configuration import RepositoryAnalyzerConfiguration
 from .resolutions import Resolutions
-from .snippet.snippet_choice import SnippetChoice
+from .snippet.snippet_choices import SnippetChoices
 
 
 class RepositoryConfiguration(BaseModel):
@@ -60,7 +60,7 @@ class RepositoryConfiguration(BaseModel):
         None,
         description="A configuration to select a license from a multi-licensed package.",
     )
-    snippet_choices: list[SnippetChoice] = Field(
+    snippet_choices: list[SnippetChoices] = Field(
         default_factory=list,
         description="A configuration to select a snippet from a package with multiple snippet findings.",
     )

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/rule_violation_reason.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class RuleViolationResolutionReason(IntEnum):
+class RuleViolationResolutionReason(ValidatedIntEnum):
     """
     Properties:
         CANT_FIX_EXCEPTION:

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/rule_violation_resolution.py

@@ -2,9 +2,7 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
-
-from ort.utils import convert_enum
+from pydantic import BaseModel, ConfigDict, Field
 
 from .rule_violation_reason import RuleViolationResolutionReason
 
@@ -32,8 +30,3 @@ class RuleViolationResolution(BaseModel):
     comment: str = Field(
         description="A comment to further explain why the [reason] is applicable here.",
     )
-
-    @field_validator("reason", mode="before")
-    @classmethod
-    def validate_reason(cls, value):
-        return convert_enum(RuleViolationResolutionReason, value)

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/scope_exclude.py

@@ -2,10 +2,9 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
+from pydantic import BaseModel, ConfigDict, Field
 
 from ort.models.config.scope_exclude_reason import ScopeExcludeReason
-from ort.utils import convert_enum
 
 
 class ScopeExclude(BaseModel):
@@ -29,8 +28,3 @@ class ScopeExclude(BaseModel):
         default_factory=str,
         description="A comment to further explain why the [reason] is applicable here.",
     )
-
-    @field_validator("reason", mode="before")
-    @classmethod
-    def validate_reason(cls, value):
-        return convert_enum(ScopeExcludeReason, value)

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/scope_exclude_reason.py

@@ -2,10 +2,10 @@
 # SPDX-License-Identifier: MIT
 
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class ScopeExcludeReason(IntEnum):
+class ScopeExcludeReason(ValidatedIntEnum):
     """
     Possible reasons for excluding a scope.
 

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/snippet/snippet_choice_reason.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class SnippetChoiceReason(IntEnum):
+class SnippetChoiceReason(ValidatedIntEnum):
     """
     The reason for which the snippet choice has been made.
 

python_ort-0.7.0/src/ort/models/config/snippet/snippet_choices.py

@@ -0,0 +1,25 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
+# SPDX-License-Identifier: MIT
+
+from pydantic import BaseModel, ConfigDict, Field
+
+from .snippet_choice import SnippetChoice
+from .snippet_provenance import SnippetProvenance
+
+
+class SnippetChoices(BaseModel):
+    """
+    A collection of snippet choices for a given provenance.
+    """
+
+    model_config = ConfigDict(
+        extra="forbid",
+    )
+    provenance: SnippetProvenance = Field(
+        ...,
+        description="The source file for which the snippet choice is made.",
+    )
+    choices: list[SnippetChoice] = Field(
+        ...,
+        description="The snippet choice for the given source file.",
+    )

python_ort-0.6.5/src/ort/models/config/snippet/Provenance.py → python_ort-0.7.0/src/ort/models/config/snippet/snippet_provenance.py

@@ -1,9 +1,10 @@
 # SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
+#
 from pydantic import AnyUrl, BaseModel, ConfigDict, Field
 
 
-class Provenance(BaseModel):
+class SnippetProvenance(BaseModel):
     """
     The URL of the [RepositoryProvenance] the snippet choice applies to.
     """

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/vulnerability_resolution.py

@@ -2,9 +2,7 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
-
-from ort.utils import convert_enum
+from pydantic import BaseModel, ConfigDict, Field
 
 from .vulnerability_resolution_reason import VulnerabilityResolutionReason
 
@@ -31,8 +29,3 @@ class VulnerabilityResolution(BaseModel):
     comment: str = Field(
         description="A comment to further explain why the [reason] is applicable here.",
     )
-
-    @field_validator("reason", mode="before")
-    @classmethod
-    def validate_reason(cls, value):
-        return convert_enum(VulnerabilityResolutionReason, value)

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/config/vulnerability_resolution_reason.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class VulnerabilityResolutionReason(IntEnum):
+class VulnerabilityResolutionReason(ValidatedIntEnum):
     """
     Possible reasons for resolving a Vulnerability using a VulnerabilityResolution.
 

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/dependency_graph_node.py

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: MIT
 
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
+from pydantic import BaseModel, ConfigDict, Field
 
 from .issue import Issue
 from .package_linkage import PackageLinkage
@@ -42,13 +42,3 @@ class DependencyGraphNode(BaseModel):
     issues: list[Issue] = Field(
         default_factory=list, description="A list of Issue objects that occurred handling this dependency."
     )
-
-    @field_validator("linkage", mode="before")
-    @classmethod
-    def convert_linkage(cls, v):
-        if isinstance(v, str):
-            try:
-                return PackageLinkage[v]
-            except KeyError:
-                raise ValueError(f"Invalid linkage: {v}")
-        return v

python_ort-0.7.0/src/ort/models/evaluator_run.py

@@ -0,0 +1,19 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
+# SPDX-License-Identifier: MIT
+
+
+from pydantic import Field
+
+from .base_run import BaseRun
+from .rule_violation import RuleViolation
+
+
+class EvaluatorRun(BaseRun):
+    """
+    The summary of a single run of the evaluator.
+    """
+
+    violations: list[RuleViolation] = Field(
+        default_factory=list,
+        description="The list of rule violations found by the evaluator.",
+    )

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/issue.py

@@ -4,10 +4,9 @@
 
 from datetime import datetime
 
-from pydantic import BaseModel, ConfigDict, Field, field_validator
+from pydantic import BaseModel, ConfigDict, Field
 
 from ort.severity import Severity
-from ort.utils import convert_enum
 
 
 class Issue(BaseModel):
@@ -35,8 +34,3 @@ class Issue(BaseModel):
         default=None,
         description="The affected file or directory the issue is limited to, if any.",
     )
-
-    @field_validator("severity", mode="before")
-    @classmethod
-    def convert_severity(cls, v):
-        return convert_enum(Severity, v)

python_ort-0.7.0/src/ort/models/license_source.py

@@ -0,0 +1,23 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <dev@heliocastro.info>
+# SPDX-License-Identifier: MIT
+
+from ..utils.validated_enum import ValidatedIntEnum
+
+
+class LicenseSource(ValidatedIntEnum):
+    """
+    The source where a license originates from.
+
+    properties:
+        CONCLUDED:
+            Licenses which are part of the [concluded license][Package.concludedLicense] of a [Package].
+        DECLARED:
+            Licenses which are part of the [(processed)][Package.declaredLicensesProcessed]
+            [declared licenses][Package.declaredLicenses] of a [Package].
+        DETECTED:
+            Licenses which were detected by a license scanner.
+    """
+
+    CONCLUDED = 1
+    DECLARED = 2
+    DETECTED = 3

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/ort_result.py

@@ -1,4 +1,4 @@
-# SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <heliocastro@gmail.com>
+# SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <dev@heliocastro.info
 # SPDX-License-Identifier: MIT
 
 
@@ -6,6 +6,7 @@ from pydantic import BaseModel, ConfigDict, Field
 
 from .advisor_run import AdvisorRun
 from .analyzer_run import AnalyzerRun
+from .evaluator_run import EvaluatorRun
 from .repository import Repository
 
 
@@ -36,6 +37,11 @@ class OrtResult(BaseModel):
         description="An [AdvisorRun] containing details about the advisor that was run using the result from"
         "[analyzer] as input. Can be null if no advisor was run.",
     )
+    evaluator: EvaluatorRun | None = Field(
+        default=None,
+        description="A [ResolvedConfiguration] containing data resolved during the analysis which augments the"
+        "automatically determined data.",
+    )
     labels: dict[str, str] = Field(
         default_factory=dict,
         description="User defined labels associated to this result. Labels are not used by ORT itself, "

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/models/package_linkage.py

@@ -2,10 +2,10 @@
 # SPDX-License-Identifier: MIT
 
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class PackageLinkage(IntEnum):
+class PackageLinkage(ValidatedIntEnum):
     """
     A class to denote the linkage type between two packages.
 

python_ort-0.7.0/src/ort/models/provenance.py

@@ -0,0 +1,85 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
+# SPDX-License-Identifier: MIT
+
+from pydantic import BaseModel, ConfigDict, Field, model_validator
+
+from .remote_artifact import RemoteArtifact
+from .vcsinfo import VcsInfo
+
+
+class SnippetProvenance(BaseModel):
+    """
+    Provenance information about the origin of source code.
+
+    This is a union type that can be one of the following:
+    - UnknownProvenance: No provenance information is available.
+    - ArtifactProvenance: Provenance information for a source artifact.
+    - RepositoryProvenance: Provenance information for a Version Control System location.
+    """
+
+    model_config = ConfigDict(extra="allow")
+
+    @model_validator(mode="before")
+    @classmethod
+    def validate_provenance(cls, v):
+        print(v)
+        breakpoint()
+        if not isinstance(v, dict):
+            raise ValueError("Provenance must be a dictionary.")
+        if "source_artifact" in v:
+            return ArtifactProvenance(**v)
+        elif "vcs_info" in v and "resolved_revision" in v:
+            return RepositoryProvenance(**v)
+        else:
+            return UnknownProvenance()
+
+
+class UnknownProvenance(BaseModel):
+    """
+    Provenance information about the origin of source code.
+    """
+
+    model_config = ConfigDict(extra="forbid")
+
+
+class KnownProvenance(BaseModel):
+    """
+    Provenance information about the origin of source code.
+    """
+
+    model_config = ConfigDict(extra="forbid")
+
+
+class RemoteProvenance(KnownProvenance):
+    """
+    Provenance information about the origin of source code.
+    """
+
+    model_config = ConfigDict(extra="forbid")
+
+
+class ArtifactProvenance(RemoteProvenance):
+    """
+    Provenance information for a source artifact.
+    """
+
+    model_config = ConfigDict(extra="forbid")
+
+    source_artifact: RemoteArtifact = Field(
+        description="The source artifact that was downloaded.",
+    )
+
+
+class RepositoryProvenance(BaseModel):
+    """
+    Provenance information for a Version Control System location.
+    """
+
+    model_config = ConfigDict(extra="forbid")
+
+    vcs_info: VcsInfo = Field(
+        description="VCS info used to resolve the revision. May still contain a moving revision like a branch.",
+    )
+    resolved_revision: str = Field(
+        description="Resolved fixed VCS revision, not blank and not moving (e.g. Git commit SHA1)."
+    )

python_ort-0.7.0/src/ort/models/rule_violation.py

@@ -0,0 +1,50 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <dev@heliocastro.info>
+# SPDX-License-Identifier: MIT
+
+
+from pydantic import BaseModel, Field
+
+from .identifier import Identifier
+from .license_source import LicenseSource
+from .severity import Severity
+
+
+class RuleViolation(BaseModel):
+    """
+    A violation of a rule found during evaluation.
+    """
+
+    model_config = {
+        "extra": "forbid",
+    }
+
+    rule: str = Field(description=("The identifier of the rule that found this violation."))
+
+    pkg: Identifier | None = Field(
+        default=None,
+        description=("The identifier of the package that caused this rule violation."),
+    )
+
+    license: str | None = Field(
+        default=None,
+        description=(
+            "The name of the license that caused this rule "
+            "violation. Can be null if the rule does not work on "
+            "licenses."
+        ),
+    )
+
+    license_sources: set[LicenseSource] = Field(
+        default_factory=set,
+        description=("The sources of the license. Can be empty if the rule does not work on licenses."),
+    )
+
+    severity: Severity = Field(description="The severity of the rule violation.")
+
+    message: str = Field(description="A message explaining the rule violation.")
+
+    how_to_fix: str = Field(
+        description=(
+            "A text explaining how the rule violation can be fixed. Renderers should support Markdown syntax."
+        ),
+    )

python_ort-0.7.0/src/ort/models/severity.py

@@ -0,0 +1,23 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <dev@heliocastro.info>
+# SPDX-License-Identifier: MIT
+
+
+from ..utils.validated_enum import ValidatedIntEnum
+
+
+class Severity(ValidatedIntEnum):
+    """
+    A generic class describing a severity, e.g. of issues, sorted from least severe to most severe.
+
+    properties:
+        HINT:
+            A hint is something that is provided for information only.
+        WARNING:
+            A warning is something that should be addressed.
+        ERROR:
+            An error is something that has to be addressed.
+    """
+
+    HINT = 1
+    WARNING = 2
+    ERROR = 3

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/severity.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class Severity(IntEnum):
+class Severity(ValidatedIntEnum):
     """
     A generic class describing a severity, e.g. of issues, sorted from least severe to most severe.
 

python_ort-0.7.0/src/ort/utils/__init__.py

@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <heliocastro@gmail.com>
+# SPDX-License-Identifier: MIT
+
+from .environment import Environment
+from .processed_declared_license import ProcessedDeclaredLicense
+from .validated_enum import ValidatedIntEnum
+from .yaml_loader import OrtYamlLoader, ort_yaml_load
+
+__all__ = [
+    "Environment",
+    "OrtYamlLoader",
+    "ProcessedDeclaredLicense",
+    "ValidatedIntEnum",
+    "ort_yaml_load",
+]

{python_ort-0.6.5 → python_ort-0.7.0}/src/ort/utils/spdx/spdx_expression.py

@@ -1,10 +1,10 @@
 # SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
 # SPDX-License-Identifier: MIT
 
-from enum import IntEnum
+from ort.utils.validated_enum import ValidatedIntEnum
 
 
-class SpdxExpression(IntEnum):
+class SpdxExpression(ValidatedIntEnum):
     """
     The level of strictness to apply when validating an SpdxExpression.
 

python_ort-0.7.0/src/ort/utils/validated_enum.py

@@ -0,0 +1,34 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <dev@heliocastro.info>
+# SPDX-License-Identifier: MIT
+
+from enum import IntEnum
+from typing import Any
+
+from pydantic import GetCoreSchemaHandler
+from pydantic_core import CoreSchema, core_schema
+
+
+class ValidatedIntEnum(IntEnum):
+    """
+    IntEnum base class with built-in Pydantic validation for string names.
+    """
+
+    @classmethod
+    def __get_pydantic_core_schema__(
+        cls,
+        source_type: Any,
+        handler: GetCoreSchemaHandler,
+    ) -> CoreSchema:
+        def validate(value: Any) -> ValidatedIntEnum:
+            if isinstance(value, cls):
+                return value
+            if isinstance(value, str):
+                try:
+                    return cls[value]
+                except KeyError:
+                    raise ValueError(f"Invalid value for {cls.__name__}: {value}")
+            if isinstance(value, int):
+                return cls(value)
+            raise ValueError(f"Invalid value for {cls.__name__}: {value}")
+
+        return core_schema.no_info_plain_validator_function(validate)

python_ort-0.7.0/src/ort/utils/yaml_loader.py

@@ -0,0 +1,43 @@
+# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <dev@heliocastro.info>
+# SPDX-License-Identifier: MIT
+
+from typing import Any
+
+import yaml
+
+# Prefer the C-accelerated SafeLoader when available (5-10x faster).
+try:
+    _BaseLoader = yaml.CSafeLoader
+except AttributeError:
+    _BaseLoader = yaml.SafeLoader
+
+
+class OrtYamlLoader(_BaseLoader):  # type: ignore[misc]
+    """A YAML loader that handles ORT-specific custom tags.
+
+    ORT result files may contain custom YAML tags like
+    ``!<.PostgresStorageConfiguration>`` which are not supported by the
+    standard safe loader.  This loader silently treats any unknown tag as
+    a plain mapping/sequence/scalar so the data can still be parsed.
+
+    Uses the C-accelerated SafeLoader when available for better performance.
+    """
+
+
+# Register a multi-constructor that matches every unknown tag and
+# delegates to the default safe constructors based on node type.
+OrtYamlLoader.add_multi_constructor(
+    "",
+    lambda loader, suffix, node: (
+        loader.construct_mapping(node, deep=True)
+        if isinstance(node, yaml.MappingNode)
+        else loader.construct_sequence(node, deep=True)
+        if isinstance(node, yaml.SequenceNode)
+        else loader.construct_scalar(node)
+    ),
+)
+
+
+def ort_yaml_load(stream: Any) -> Any:
+    """Load a YAML document using the ORT-aware loader."""
+    return yaml.load(stream, Loader=OrtYamlLoader)  # noqa: S506

python_ort-0.6.5/src/ort/models/advisor_run.py

@@ -1,39 +0,0 @@
-# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
-# SPDX-License-Identifier: MIT
-
-from datetime import datetime
-
-from pydantic import BaseModel, ConfigDict, Field
-
-from ort.models import AdvisorResult
-from ort.models.config.advisor_configuration import AdvisorConfiguration
-from ort.utils.environment import Environment
-
-from .identifier import Identifier
-
-
-class AdvisorRun(BaseModel):
-    """
-    Type alias for a function that allows filtering of [AdvisorResult]s.
-
-    """
-
-    model_config = ConfigDict(
-        extra="forbid",
-    )
-    start_time: datetime = Field(
-        description="The time the advisor was started.",
-    )
-    end_time: datetime = Field(
-        description="The time the advisor has finished.",
-    )
-    environment: Environment = Field(
-        description="The [Environment] in which the advisor was executed.",
-    )
-    config: AdvisorConfiguration = Field(
-        description="The [AdvisorConfiguration] used for this run.",
-    )
-    results: dict[Identifier, list[AdvisorResult]] = Field(
-        default_factory=dict,
-        description="The result of this run.",
-    )

python_ort-0.6.5/src/ort/utils/__init__.py

@@ -1,12 +0,0 @@
-# SPDX-FileCopyrightText: 2025 Helio Chissini de Castro <heliocastro@gmail.com>
-# SPDX-License-Identifier: MIT
-
-from ort.utils.convert_enum import convert_enum
-from ort.utils.environment import Environment
-from ort.utils.processed_declared_license import ProcessedDeclaredLicense
-
-__all__ = [
-    "convert_enum",
-    "Environment",
-    "ProcessedDeclaredLicense",
-]

python_ort-0.6.5/src/ort/utils/convert_enum.py

@@ -1,18 +0,0 @@
-# SPDX-FileCopyrightText: 2026 Helio Chissini de Castro <heliocastro@gmail.com>
-# SPDX-License-Identifier: MIT
-
-
-def convert_enum(enum_cls, v):
-    def _convert(item):
-        if isinstance(item, str):
-            try:
-                return enum_cls[item]
-            except KeyError:
-                raise ValueError(f"Invalid value for {enum_cls.__name__}: {item}")
-        return item
-
-    if isinstance(v, (list, set)):
-        return {_convert(item) for item in v}
-    if isinstance(v, str):
-        return _convert(v)
-    return v