SBOM-CycloneDX
view release on metacpan or search on metacpan
lib/SBOM/CycloneDX/schema/bom-1.4.schema.json view on Meta::CPAN
],
"title": "Data flow direction",
"description": "Specifies the flow direction of the data. Direction is relative to the service. Inbound flow states that data enters the service. Outbound flow states that data leaves the service. Bi-directional states that data flows both ways...
},
"copyright": {
"type": "object",
"title": "Copyright",
"required": [
"text"
],
"additionalProperties": false,
"properties": {
"text": {
"type": "string",
"title": "Copyright Text"
}
}
},
"componentEvidence": {
"type": "object",
"title": "Evidence",
"description": "Provides the ability to document evidence collected through various forms of extraction or analysis.",
"additionalProperties": false,
"properties": {
"licenses": {
"type": "array",
"additionalItems": false,
"items": {"$ref": "#/definitions/licenseChoice"},
"title": "Component License(s)"
},
"copyright": {
"type": "array",
"additionalItems": false,
"items": {"$ref": "#/definitions/copyright"},
"title": "Copyright"
}
}
},
"compositions": {
"type": "object",
"title": "Compositions",
"required": [
"aggregate"
],
"additionalProperties": false,
"properties": {
"aggregate": {
"$ref": "#/definitions/aggregateType",
"title": "Aggregate",
"description": "Specifies an aggregate type that describe how complete a relationship is."
},
"assemblies": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
},
"title": "BOM references",
"description": "The bom-ref identifiers of the components or services being described. Assemblies refer to nested relationships whereby a constituent part may include other constituent parts. References do not cascade to child parts. Refere...
},
"dependencies": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
},
"title": "BOM references",
"description": "The bom-ref identifiers of the components or services being described. Dependencies refer to a relationship whereby an independent constituent part requires another independent constituent part. References do not cascade to ...
},
"signature": {
"$ref": "#/definitions/signature",
"title": "Signature",
"description": "Enveloped signature in [JSON Signature Format (JSF)](https://cyberphone.github.io/doc/security/jsf.html)."
}
}
},
"aggregateType": {
"type": "string",
"default": "not_specified",
"enum": [
"complete",
"incomplete",
"incomplete_first_party_only",
"incomplete_third_party_only",
"unknown",
"not_specified"
]
},
"property": {
"type": "object",
"title": "Lightweight name-value pair",
"properties": {
"name": {
"type": "string",
"title": "Name",
"description": "The name of the property. Duplicate names are allowed, each potentially having a different value."
},
"value": {
"type": "string",
"title": "Value",
"description": "The value of the property."
}
}
},
"localeType": {
"type": "string",
"pattern": "^([a-z]{2})(-[A-Z]{2})?$",
"title": "Locale",
"description": "Defines a syntax for representing two character language code (ISO-639) followed by an optional two character country code. The language code MUST be lower case. If the country code is specified, the country code MUST be upper c...
},
"releaseType": {
"type": "string",
"examples": [
"major",
"minor",
"patch",
"pre-release",
"internal"
],
"description": "The software versioning type. It is RECOMMENDED that the release type use one of 'major', 'minor', 'patch', 'pre-release', or 'internal'. Representing all possible software release types is not practical, so standardizing on the...
},
"note": {
"type": "object",
"title": "Note",
"description": "A note containing the locale and content.",
"required": [
"text"
],
( run in 1.546 second using v1.01-cache-2.11-cpan-39bf76dae61 )