Skip to content

Update spdx3 prototype #697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 11 commits into from
Jun 14, 2023
Merged

Update spdx3 prototype #697

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
969e6e2
[issue-426] update model: decision and justification type
armintaenzertng Jun 14, 2023
067367c
[issue-426] update model: ExternalIdentifier and Relationship types
armintaenzertng Jun 14, 2023
d9b2b6c
[issue-426] update model: NamespaceMap
armintaenzertng Jun 14, 2023
0fc6758
[issue-426] update model: primaryPurpose
armintaenzertng Jun 14, 2023
89f630a
[issue-426] update model: relationship types
armintaenzertng Jun 14, 2023
982f08d
[issue-426] update model: software purpose type
armintaenzertng Jun 14, 2023
c7039a0
[issue-426] update model: external reference types
armintaenzertng Jun 14, 2023
1795c69
[issue-426] update model: software purpose types
armintaenzertng Jun 14, 2023
b273710
[issue-426] update model: dataset type
armintaenzertng Jun 14, 2023
37b9b93
[issue-426] update model: relationship types
armintaenzertng Jun 14, 2023
b997f7f
[issue-426] change external_references to singular
armintaenzertng Jun 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ additional installation of optional dependencies
* Serialize to JSON-LD

See [Quickstart to SPDX 3.0](#quickstart-to-spdx-30) below.
The implementation is based on the descriptive markdown files in the repository https://github.com/spdx/spdx-3-model (latest commit: ea2e1446ae937c6722b3f599f95813f8747d54b4).
The implementation is based on the descriptive markdown files in the repository https://github.com/spdx/spdx-3-model (latest commit: a5372a3c145dbdfc1381fc1f791c68889aafc7ff).


# Installation
Expand Down
18 changes: 8 additions & 10 deletions src/spdx_tools/spdx3/bump_from_spdx2/package.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,8 @@ def bump_package(
"and missing definition of license profile",
)

external_references = []
external_identifiers = []
external_reference = []
external_identifier = []
purl_refs = [
external_ref for external_ref in spdx2_package.external_references if external_ref.reference_type == "purl"
]
Expand All @@ -89,13 +89,11 @@ def bump_package(
continue
id_or_ref = bump_external_package_ref(spdx2_external_ref)
if isinstance(id_or_ref, ExternalReference):
external_references.append(id_or_ref)
external_reference.append(id_or_ref)
elif isinstance(id_or_ref, ExternalIdentifier):
external_identifiers.append(id_or_ref)
external_identifier.append(id_or_ref)

package_purpose = (
[SoftwarePurpose[spdx2_package.primary_package_purpose.name]] if spdx2_package.primary_package_purpose else []
)
package_purpose = SoftwarePurpose[spdx2_package.primary_package_purpose.name]

payload.add_element(
Package(
Expand All @@ -106,14 +104,14 @@ def bump_package(
description=spdx2_package.description,
comment=spdx2_package.comment,
verified_using=integrity_methods,
external_references=external_references,
external_identifier=external_identifiers,
external_reference=external_reference,
external_identifier=external_identifier,
originated_by=originated_by_spdx_id,
supplied_by=supplied_by_spdx_id,
built_time=spdx2_package.built_date,
release_time=spdx2_package.release_date,
valid_until_time=spdx2_package.valid_until_date,
purpose=package_purpose,
primary_purpose=package_purpose,
package_version=spdx2_package.version,
download_location=download_location,
package_url=package_url,
Expand Down
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/agent.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
check_types_and_set_values(self, locals())
8 changes: 5 additions & 3 deletions src/spdx_tools/spdx3/model/ai/ai_package.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,21 +46,22 @@ def __init__(
supplied_by: List[str],
download_location: str,
package_version: str,
purpose: List[SoftwarePurpose],
primary_purpose: SoftwarePurpose,
release_time: datetime,
creation_info: Optional[CreationInfo] = None,
summary: Optional[str] = None,
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
originated_by: List[str] = None,
built_time: Optional[datetime] = None,
valid_until_time: Optional[datetime] = None,
standard: List[str] = None,
content_identifier: Optional[str] = None,
additional_purpose: List[SoftwarePurpose] = None,
concluded_license: Optional[LicenseField] = None,
declared_license: Optional[LicenseField] = None,
copyright_text: Optional[str] = None,
Expand All @@ -85,9 +86,10 @@ def __init__(
safety_risk_assessment: Optional[SafetyRiskAssessmentType] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
originated_by = [] if originated_by is None else originated_by
additional_purpose = [] if additional_purpose is None else additional_purpose
standard = [] if standard is None else standard
standard_compliance = [] if standard_compliance is None else standard_compliance
type_of_model = [] if type_of_model is None else type_of_model
Expand Down
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/annotation.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,14 +34,14 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
content_type: List[str] = None,
statement: Optional[str] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
content_type = [] if content_type is None else content_type
check_types_and_set_values(self, locals())
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/bom.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,15 +32,15 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
namespaces: List[NamespaceMap] = None,
imports: List[ExternalMap] = None,
context: Optional[str] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
namespaces = [] if namespaces is None else namespaces
imports = [] if imports is None else imports
Expand Down
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/build/build.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
build_id: Optional[str] = None,
Expand All @@ -46,7 +46,7 @@ def __init__(
environment: Dict[str, str] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
config_source_entrypoint = [] if config_source_entrypoint is None else config_source_entrypoint
config_source_uri = [] if config_source_uri is None else config_source_uri
Expand Down
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/bundle.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,15 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
namespaces: List[NamespaceMap] = None,
imports: List[ExternalMap] = None,
context: Optional[str] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
namespaces = [] if namespaces is None else namespaces
imports = [] if imports is None else imports
Expand Down
29 changes: 24 additions & 5 deletions src/spdx_tools/spdx3/model/dataset/dataset.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,23 @@
from spdx_tools.spdx3.model.software import Package, SoftwarePurpose


class DatasetType(Enum):
STRUCTURED = auto()
NUMERIC = auto()
TEXT = auto()
CATEGORICAL = auto()
GRAPH = auto()
TIMESERIES = auto()
TIMESTAMP = auto()
SENSOR = auto()
IMAGE = auto()
SYNTACTIC = auto()
AUDIO = auto()
VIDEO = auto()
OTHER = auto()
NO_ASSERTION = auto()


class ConfidentialityLevelType(Enum):
RED = auto()
AMBER = auto()
Expand All @@ -31,7 +48,7 @@ class DatasetAvailabilityType(Enum):

@dataclass_with_properties
class Dataset(Package):
dataset_type: str = None
dataset_type: List[DatasetType] = None
data_collection_process: Optional[str] = None
intended_use: Optional[str] = None
dataset_size: Optional[int] = None
Expand All @@ -51,22 +68,23 @@ def __init__(
name: str,
originated_by: List[str],
download_location: str,
purpose: List[SoftwarePurpose],
primary_purpose: SoftwarePurpose,
built_time: datetime,
release_time: datetime,
dataset_type: str,
dataset_type: List[DatasetType],
creation_info: Optional[CreationInfo] = None,
summary: Optional[str] = None,
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
supplied_by: List[str] = None,
valid_until_time: Optional[datetime] = None,
standard: List[str] = None,
content_identifier: Optional[str] = None,
additional_purpose: List[SoftwarePurpose] = None,
concluded_license: Optional[LicenseField] = None,
declared_license: Optional[LicenseField] = None,
copyright_text: Optional[str] = None,
Expand All @@ -89,9 +107,10 @@ def __init__(
dataset_availability: Optional[DatasetAvailabilityType] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
originated_by = [] if originated_by is None else originated_by
additional_purpose = [] if additional_purpose is None else additional_purpose
supplied_by = [] if supplied_by is None else supplied_by
standard = [] if standard is None else standard
data_preprocessing = [] if data_preprocessing is None else data_preprocessing
Expand Down
2 changes: 1 addition & 1 deletion src/spdx_tools/spdx3/model/element.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ class Element(ABC):
description: Optional[str] = None
comment: Optional[str] = None
verified_using: List[IntegrityMethod] = field(default_factory=list)
external_references: List[ExternalReference] = field(default_factory=list)
external_reference: List[ExternalReference] = field(default_factory=list)
external_identifier: List[ExternalIdentifier] = field(default_factory=list)
extension: Optional[str] = None # placeholder for extension

Expand Down
2 changes: 2 additions & 0 deletions src/spdx_tools/spdx3/model/external_identifier.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,11 @@
class ExternalIdentifierType(Enum):
CPE22 = auto()
CPE23 = auto()
CVE = auto()
EMAIL = auto()
GITOID = auto()
PURL = auto()
SECURITY_OTHER = auto()
SWHID = auto()
SWID = auto()
URL_SCHEME = auto()
Expand Down
20 changes: 18 additions & 2 deletions src/spdx_tools/spdx3/model/external_reference.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,23 +16,39 @@ class ExternalReferenceType(Enum):
BINARY_ARTIFACT = auto()
BUILD_META = auto()
BUILD_SYSTEM = auto()
CERTIFICATION_REPORT = auto()
CHAT = auto()
COMPONENT_ANALYSIS_REPORT = auto()
DOCUMENTATION = auto()
DYNAMIC_ANALYSIS_REPORT = auto()
EOL_NOTICE = auto()
FUNDING = auto()
ISSUE_TRACKER = auto()
LICENSE = auto()
MAILING_LIST = auto()
METRICS = auto()
LICENSE = auto()
OTHER = auto()
RELEASE_NOTES = auto()
PRODUCT_METADATA = auto()
QUALITY_ASSESSMENT_REPORT = auto()
RELEASE_HISTORY = auto()
RELEASE_NOTES = auto()
RISK_ASSESSMENT = auto()
RUNTIME_ANALYSIS_REPORT = auto()
SECURE_SOFTWARE_ATTESTATION = auto()
SECURITY_ADVERSARY_MODEL = auto()
SECURITY_ADVISORY = auto()
SECURITY_FIX = auto()
SECURITY_OTHER = auto()
SECURITY_PEN_TEST_REPORT = auto()
SECURITY_POLICY = auto()
SECURITY_THREAT_MODEL = auto()
SOCIAL_MEDIA = auto()
SOURCE_ARTIFACT = auto()
STATIC_ANALYSIS_REPORT = auto()
SUPPORT = auto()
VCS = auto()
VULNERABILITY_DISCLOSURE_REPORT = auto()
VULNERABILITY_EXPLOITABILITY_ASSESSMENT = auto()


@dataclass_with_properties
Expand Down
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/lifecycle_scoped_relationship.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
completeness: Optional[RelationshipCompleteness] = None,
Expand All @@ -54,6 +54,6 @@ def __init__(
):
to = [] if to is None else to
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
check_types_and_set_values(self, locals())
8 changes: 3 additions & 5 deletions src/spdx_tools/spdx3/model/namespace_map.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@
# SPDX-FileCopyrightText: 2023 spdx contributors
#
# SPDX-License-Identifier: Apache-2.0
from beartype.typing import Optional

from spdx_tools.common.typing.dataclass_with_properties import dataclass_with_properties
from spdx_tools.common.typing.type_checks import check_types_and_set_values


@dataclass_with_properties
class NamespaceMap:
prefix: Optional[str] = None
namespace: Optional[str] = None # anyURI
prefix: str
namespace: str # anyURI

def __init__(self, prefix: Optional[str] = None, namespace: Optional[str] = None):
def __init__(self, prefix: str, namespace: str):
check_types_and_set_values(self, locals())
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/organization.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
check_types_and_set_values(self, locals())
4 changes: 2 additions & 2 deletions src/spdx_tools/spdx3/model/person.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@ def __init__(
description: Optional[str] = None,
comment: Optional[str] = None,
verified_using: List[IntegrityMethod] = None,
external_references: List[ExternalReference] = None,
external_reference: List[ExternalReference] = None,
external_identifier: List[ExternalIdentifier] = None,
extension: Optional[str] = None,
):
verified_using = [] if verified_using is None else verified_using
external_references = [] if external_references is None else external_references
external_reference = [] if external_reference is None else external_reference
external_identifier = [] if external_identifier is None else external_identifier
check_types_and_set_values(self, locals())
Loading