mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 16:33:21 +01:00
93d00dc340
* update spdx22 Document model to include relationships field Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * update document and relationship to match current JSON spec https://github.com/spdx/spdx-spec/blob/development/v2.2.1/schemas/spdx-schema.json https://github.com/spdx/spdx-spec/pull/528 https://github.com/spdx/spdx-spec/pull/528#issuecomment-904180177 Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * update File struct based on SPDX schema Required fields: [ "SPDXID", "fileName", "copyrightText", "licenseConcluded" ] Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com>
42 lines
1.9 KiB
Go
42 lines
1.9 KiB
Go
package spdx22
|
|
|
|
type FileType string
|
|
|
|
const (
|
|
DocumentationFileType FileType = "DOCUMENTATION"
|
|
ImageFileType FileType = "IMAGE"
|
|
VideoFileType FileType = "VIDEO"
|
|
ArchiveFileType FileType = "ARCHIVE"
|
|
SpdxFileType FileType = "SPDX"
|
|
ApplicationFileType FileType = "APPLICATION"
|
|
SourceFileType FileType = "SOURCE"
|
|
BinaryFileType FileType = "BINARY"
|
|
TextFileType FileType = "TEXT"
|
|
AudioFileType FileType = "AUDIO"
|
|
OtherFileType FileType = "OTHER"
|
|
)
|
|
|
|
type File struct {
|
|
Item
|
|
// (At least one is required.) The checksum property provides a mechanism that can be used to verify that the
|
|
// contents of a File or Package have not changed.
|
|
Checksums []Checksum `json:"checksums,omitempty"`
|
|
// This field provides a place for the SPDX file creator to record file contributors. Contributors could include
|
|
// names of copyright holders and/or authors who may not be copyright holders yet contributed to the file content.
|
|
FileContributors []string `json:"fileContributors,omitempty"`
|
|
// Each element is a SPDX ID for a File.
|
|
FileDependencies []string `json:"fileDependencies,omitempty"`
|
|
// The name of the file relative to the root of the package.
|
|
FileName string `json:"fileName"`
|
|
// The type of the file
|
|
FileTypes []string `json:"fileTypes,omitempty"`
|
|
// This field provides a place for the SPDX file creator to record potential legal notices found in the file.
|
|
// This may or may not include copyright statements.
|
|
NoticeText string `json:"noticeText,omitempty"`
|
|
// Indicates the project in which the SpdxElement originated. Tools must preserve doap:homepage and doap:name
|
|
// properties and the URI (if one is known) of doap:Project resources that are values of this property. All other
|
|
// properties of doap:Projects are not directly supported by SPDX and may be dropped when translating to or
|
|
// from some SPDX formats(deprecated).
|
|
ArtifactOf []string `json:"artifactOf,omitempty"`
|
|
}
|