From 8e9125f7a427ea87d2dd0993ba2897388ce7b816 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Fri, 2 Aug 2024 15:48:49 -0400 Subject: [PATCH 01/21] feat: prototype 3.0 model Signed-off-by: Keith Zantow --- .github/workflows/build.yml | 2 +- Makefile | 3 +- go.mod | 8 +- go.sum | 9 - spdx/v3/v3_0/model.go | 11741 ++++++++++++++++++++++++++++++++ spdx/v3/v3_0/relationships.go | 15 + spdx/v3/v3_0/spdx.go | 206 + spdx/v3/v3_0/spdx_test.go | 211 + 8 files changed, 12183 insertions(+), 12 deletions(-) create mode 100644 spdx/v3/v3_0/model.go create mode 100644 spdx/v3/v3_0/relationships.go create mode 100644 spdx/v3/v3_0/spdx.go create mode 100644 spdx/v3/v3_0/spdx_test.go diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0dc3a9b9..7b3e99f9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,7 +9,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: '1.18' + go-version: '1.20' - name: Run tests run: make test - name: Send coverage report to coveralls diff --git a/Makefile b/Makefile index 4dd9d534..b5f3765b 100644 --- a/Makefile +++ b/Makefile @@ -13,7 +13,8 @@ format: .PHONY: unit unit: - go test -v -covermode=count -coverprofile=profile.cov ./... + go test -v -covermode=count -coverprofile=profile.cov.tmp ./... + cat profile.cov.tmp | grep -v /model.go > profile.cov # ignore generated model file .PHONY: fuzz fuzz: diff --git a/go.mod b/go.mod index d110234b..c2a28dab 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,17 @@ module github.com/spdx/tools-golang -go 1.13 +go 1.20 require ( github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 github.com/google/go-cmp v0.6.0 + github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb github.com/stretchr/testify v1.9.0 sigs.k8s.io/yaml v1.4.0 ) + +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/go.sum b/go.sum index 3c8ec376..670b837c 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,5 @@ github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 h1:aM1rlcoLz8y5B2r4tTLMiVTrMtpfY0O8EScKJxaSaEc= github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -10,18 +9,10 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb h1:bLo8hvc8XFm9J47r690TUKBzcjSWdJDxmjXJZ+/f92U= github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go new file mode 100644 index 00000000..0559cd78 --- /dev/null +++ b/spdx/v3/v3_0/model.go @@ -0,0 +1,11741 @@ +// Code generated by -m. DO NOT EDIT. +// +// SPDX-License-Identifier: MIT + +package v3_0 + +import ( + "encoding/json" + "errors" + "fmt" + "io" + "path" + "reflect" + "strings" +) + +// ldType is a 0-size data holder property type for type-level linked data +type ldType struct{} + +// ldContext is the holder for all known LD contexts and required definitions +type ldContext map[string]*serializationContext + +// RegisterTypes registers types to be used when serializing/deserialising documents +func (c ldContext) RegisterTypes(contextUrl string, types ...any) ldContext { + ctx := c[contextUrl] + if ctx == nil { + ctx = &serializationContext{ + contextUrl: contextUrl, + typeAlias: "type", // FIXME this needs to come from the LD context + iriToType: map[string]*typeContext{}, + typeToContext: map[reflect.Type]*typeContext{}, + } + c[contextUrl] = ctx + } + for _, typ := range types { + ctx.registerType(typ) + } + return c +} + +// IRIMap registers compact IRIs for the given type +func (c ldContext) IRIMap(contextUrl string, typ any, nameMap map[string]string) ldContext { + c.RegisterTypes(contextUrl) // ensure there is a context created + ctx := c[contextUrl] + + t := reflect.TypeOf(typ) + t = baseType(t) // types should be passed as pointers; we want the base types + tc := ctx.typeToContext[t] + if tc == nil { + ctx.registerType(typ) + tc = ctx.typeToContext[t] + } + for iri, compact := range nameMap { + tc.iriToName[iri] = compact + tc.nameToIri[compact] = iri + } + return c +} + +func (c ldContext) ToJSON(writer io.Writer, value any) error { + vals, err := c.toMaps(value) + if err != nil { + return err + } + enc := json.NewEncoder(writer) + enc.SetEscapeHTML(false) + return enc.Encode(vals) +} + +func (c ldContext) toMaps(o ...any) (values map[string]any, errors error) { + // the ld graph is referenced here + // traverse the go objects to output to the graph + builder := graphBuilder{ + ldc: c, + input: o, + ids: map[reflect.Value]string{}, + } + + var err error + var context *serializationContext + for _, o := range builder.input { + context, err = builder.add(o) + if err != nil { + return nil, err + } + } + + return map[string]any{ + ldContextProp: context.contextUrl, + ldGraphProp: builder.toGraph(), + }, nil +} + +func (c ldContext) FromJSON(reader io.Reader) ([]any, error) { + vals := map[string]any{} + dec := json.NewDecoder(reader) + err := dec.Decode(&vals) + if err != nil { + return nil, err + } + return c.FromMaps(vals) +} + +func (c ldContext) FromMaps(values map[string]any) ([]any, error) { + instances := map[string]reflect.Value{} + + var errs error + var graph []any + + context, _ := values[ldContextProp].(string) + currentContext := c[context] + if currentContext == nil { + return nil, fmt.Errorf("unknown document %s type: %v", ldContextProp, context) + } + + nodes, _ := values[ldGraphProp].([]any) + if nodes == nil { + return nil, fmt.Errorf("%s array not present in root object", ldGraphProp) + } + + // one pass to create all the instances + for _, node := range nodes { + _, err := c.getOrCreateInstance(currentContext, instances, anyType, node) + errs = appendErr(errs, err) + } + + // second pass to fill in all refs + for _, node := range nodes { + got, err := c.getOrCreateInstance(currentContext, instances, anyType, node) + errs = appendErr(errs, err) + if err == nil && got.IsValid() { + graph = append(graph, got.Interface()) + } + } + + return graph, errs +} + +func (c ldContext) getOrCreateInstance(currentContext *serializationContext, instances map[string]reflect.Value, expectedType reflect.Type, incoming any) (reflect.Value, error) { + if isPrimitive(expectedType) { + if convertedVal := convertTo(incoming, expectedType); convertedVal != emptyValue { + return convertedVal, nil + } + return emptyValue, fmt.Errorf("unable to convert incoming value to type %v: %+v", typeName(expectedType), incoming) + } + switch incoming := incoming.(type) { + case string: + instance := c.findById(currentContext, instances, incoming) + if instance != emptyValue { + return instance, nil + } + // not found: have a complex type with string indicates an IRI or other primitive + switch expectedType.Kind() { + case reflect.Pointer: + expectedType = expectedType.Elem() + if isPrimitive(expectedType) { + val, err := c.getOrCreateInstance(currentContext, instances, expectedType, incoming) + if err != nil { + return emptyValue, err + } + instance = reflect.New(expectedType) + instance.Elem().Set(val) + return instance, nil + } + if expectedType.Kind() == reflect.Struct { + return emptyValue, fmt.Errorf("unexpected pointer reference external IRI reference: %v", incoming) + } + fallthrough + case reflect.Struct: + instance = reflect.New(expectedType) + instance = instance.Elem() + err := c.setStructProps(currentContext, instances, instance, map[string]any{ + ldIDProp: incoming, + }) + return instance, err + case reflect.Interface: + return emptyValue, fmt.Errorf("unable to determine appropriate type for external IRI reference: %v", incoming) + default: + } + case map[string]any: + return c.getOrCreateFromMap(currentContext, instances, incoming) + } + return emptyValue, fmt.Errorf("unexpected data type: %#v", incoming) +} + +func convertTo(incoming any, typ reflect.Type) reflect.Value { + v := reflect.ValueOf(incoming) + if v.CanConvert(typ) { + return v.Convert(typ) + } + return emptyValue +} + +func (c ldContext) findById(_ *serializationContext, instances map[string]reflect.Value, incoming string) reflect.Value { + inst, ok := instances[incoming] + if ok { + return inst + } + return emptyValue +} + +func (c ldContext) getOrCreateFromMap(currentContext *serializationContext, instances map[string]reflect.Value, incoming map[string]any) (reflect.Value, error) { + typ, ok := incoming[ldTypeProp].(string) + if !ok && currentContext.typeAlias != "" { + typ, ok = incoming[currentContext.typeAlias].(string) + } + if !ok { + return emptyValue, fmt.Errorf("not a string") + } + + t, ok := currentContext.iriToType[typ] + if !ok { + return emptyValue, fmt.Errorf("don't have type: %v", typ) + } + + id, _ := incoming[ldIDProp].(string) + if id == "" && t.idProp != "" { + id, _ = incoming[t.idProp].(string) + } + inst, ok := instances[id] + if !ok { + inst = reflect.New(baseType(t.typ)) // New(T) returns *T + if id != "" { + // only set instance references when an ID is provided + instances[id] = inst + } + } + + // valid type, make a new one and fill it from the incoming maps + return inst, c.fill(currentContext, instances, inst, incoming) +} + +func (c ldContext) fill(currentContext *serializationContext, instances map[string]reflect.Value, instance reflect.Value, incoming any) error { + switch incoming := incoming.(type) { + case string: + inst := c.findById(currentContext, instances, incoming) + if inst != emptyValue { + return c.setValue(currentContext, instances, instance, inst) + } + // should be an incoming ID if string + return c.setValue(currentContext, instances, instance, map[string]any{ + ldIDProp: incoming, + }) + case map[string]any: + return c.setStructProps(currentContext, instances, instance, incoming) + } + return fmt.Errorf("unsupported incoming data type: %#v attempting to set instance: %#v", incoming, instance.Interface()) +} + +func (c ldContext) setValue(currentContext *serializationContext, instances map[string]reflect.Value, target reflect.Value, incoming any) error { + var errs error + typ := target.Type() + switch typ.Kind() { + case reflect.Slice: + switch incoming := incoming.(type) { + case []any: + return c.setSliceValue(currentContext, instances, target, incoming) + } + // try mapping a single value to an incoming slice + return c.setValue(currentContext, instances, target, []any{incoming}) + case reflect.Struct: + switch incoming := incoming.(type) { + case map[string]any: + return c.setStructProps(currentContext, instances, target, incoming) + case string: + // named individuals just need an object with the iri set + return c.setStructProps(currentContext, instances, target, map[string]any{ + ldIDProp: incoming, + }) + } + case reflect.Interface, reflect.Pointer: + switch incoming := incoming.(type) { + case string, map[string]any: + inst, err := c.getOrCreateInstance(currentContext, instances, typ, incoming) + errs = appendErr(errs, err) + if inst != emptyValue { + target.Set(inst) + return nil + } + } + default: + if newVal := convertTo(incoming, typ); newVal != emptyValue { + target.Set(newVal) + } else { + errs = appendErr(errs, fmt.Errorf("unable to convert %#v to %s, dropping", incoming, typeName(typ))) + } + } + return nil +} + +func (c ldContext) setStructProps(currentContext *serializationContext, instances map[string]reflect.Value, instance reflect.Value, incoming map[string]any) error { + var errs error + typ := instance.Type() + for typ.Kind() == reflect.Pointer { + instance = instance.Elem() + typ = instance.Type() + } + if typ.Kind() != reflect.Struct { + return fmt.Errorf("unable to set struct properties on non-struct type: %#v", instance.Interface()) + } + tc := currentContext.typeToContext[typ] + for i := 0; i < typ.NumField(); i++ { + field := typ.Field(i) + if skipField(field) { + continue + } + fieldVal := instance.Field(i) + + propIRI := field.Tag.Get(propIriTag) + if propIRI == "" { + continue + } + incomingVal, ok := incoming[propIRI] + if !ok { + compactIRI := field.Tag.Get(propIriCompactTag) + if compactIRI != "" { + incomingVal, ok = incoming[compactIRI] + } + } + if !ok { + continue + } + // don't set blank node IDs, these will be regenerated on output + if propIRI == ldIDProp { + if tc != nil { + if str, ok := incomingVal.(string); ok { + if fullIRI, ok := tc.nameToIri[str]; ok { + incomingVal = fullIRI + } + } + } + if isBlankNodeID(incomingVal) { + continue + } + } + errs = appendErr(errs, c.setValue(currentContext, instances, fieldVal, incomingVal)) + } + return errs +} + +func (c ldContext) setSliceValue(currentContext *serializationContext, instances map[string]reflect.Value, target reflect.Value, incoming []any) error { + var errs error + sliceType := target.Type() + if sliceType.Kind() != reflect.Slice { + return fmt.Errorf("expected slice, got: %#v", target) + } + sz := len(incoming) + if sz > 0 { + elemType := sliceType.Elem() + newSlice := reflect.MakeSlice(sliceType, 0, sz) + for i := 0; i < sz; i++ { + incomingValue := incoming[i] + if incomingValue == nil { + continue // don't allow null values + } + newItemValue, err := c.getOrCreateInstance(currentContext, instances, elemType, incomingValue) + errs = appendErr(errs, err) + if newItemValue != emptyValue { + // validate we can actually set the type + if newItemValue.Type().AssignableTo(elemType) { + newSlice = reflect.Append(newSlice, newItemValue) + } + } + } + target.Set(newSlice) + } + return errs +} + +func skipField(field reflect.StructField) bool { + return field.Type.Size() == 0 +} + +func typeName(t reflect.Type) string { + switch { + case isPointer(t): + return "*" + typeName(t.Elem()) + case isSlice(t): + return "[]" + typeName(t.Elem()) + case isMap(t): + return "map[" + typeName(t.Key()) + "]" + typeName(t.Elem()) + case isPrimitive(t): + return t.Name() + } + return path.Base(t.PkgPath()) + "." + t.Name() +} + +func isSlice(t reflect.Type) bool { + return t.Kind() == reflect.Slice +} + +func isMap(t reflect.Type) bool { + return t.Kind() == reflect.Map +} + +func isPointer(t reflect.Type) bool { + return t.Kind() == reflect.Pointer +} + +func isPrimitive(t reflect.Type) bool { + switch t.Kind() { + case reflect.String, + reflect.Int, + reflect.Int8, + reflect.Int16, + reflect.Int32, + reflect.Int64, + reflect.Uint, + reflect.Uint8, + reflect.Uint16, + reflect.Uint32, + reflect.Uint64, + reflect.Float32, + reflect.Float64, + reflect.Bool: + return true + default: + return false + } +} + +const ( + ldIDProp = "@id" + ldTypeProp = "@type" + ldContextProp = "@context" + ldGraphProp = "@graph" + typeIriTag = "iri" + typeIriCompactTag = "iri-compact" + propIriTag = "iri" + propIriCompactTag = "iri-compact" + typeIdPropTag = "id-prop" + propIsRequiredTag = "required" +) + +var ( + emptyValue reflect.Value + anyType = reflect.TypeOf((*any)(nil)).Elem() +) + +type typeContext struct { + typ reflect.Type + iri string + compact string + idProp string + iriToName map[string]string + nameToIri map[string]string +} + +type serializationContext struct { + contextUrl string + typeAlias string + iriToType map[string]*typeContext + typeToContext map[reflect.Type]*typeContext +} + +func fieldByType[T any](t reflect.Type) (reflect.StructField, bool) { + var v T + typ := reflect.TypeOf(v) + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if f.Type == typ { + return f, true + } + } + return reflect.StructField{}, false +} + +func (m *serializationContext) registerType(instancePointer any) { + t := reflect.TypeOf(instancePointer) + t = baseType(t) // types should be passed as pointers; we want the base types + + tc := m.typeToContext[t] + if tc != nil { + return // already registered + } + tc = &typeContext{ + typ: t, + iriToName: map[string]string{}, + nameToIri: map[string]string{}, + } + meta, ok := fieldByType[ldType](t) + if ok { + tc.iri = meta.Tag.Get(typeIriTag) + tc.compact = meta.Tag.Get(typeIriCompactTag) + tc.idProp = meta.Tag.Get(typeIdPropTag) + } + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if !isIdField(f) { + continue + } + compactIdProp := f.Tag.Get(typeIriCompactTag) + if compactIdProp != "" { + tc.idProp = compactIdProp + } + } + m.iriToType[tc.iri] = tc + m.iriToType[tc.compact] = tc + m.typeToContext[t] = tc +} + +// appendErr appends errors, flattening joined errors +func appendErr(err error, errs ...error) error { + if joined, ok := err.(interface{ Unwrap() []error }); ok { + return errors.Join(append(joined.Unwrap(), errs...)...) + } + if err == nil { + return errors.Join(errs...) + } + return errors.Join(append([]error{err}, errs...)...) +} + +// baseType returns the base type if this is a pointer or interface +func baseType(t reflect.Type) reflect.Type { + switch t.Kind() { + case reflect.Pointer, reflect.Interface: + return baseType(t.Elem()) + default: + return t + } +} + +// isBlankNodeID indicates this is a blank node ID, e.g. _:CreationInfo-1 +func isBlankNodeID(val any) bool { + if val, ok := val.(string); ok { + return strings.HasPrefix(val, "_:") + } + return false +} + +type graphBuilder struct { + ldc ldContext + input []any + graph []any + idPrefix string + nextID map[reflect.Type]int + ids map[reflect.Value]string +} + +func (b *graphBuilder) toGraph() []any { + return b.graph +} + +func (b *graphBuilder) add(o any) (context *serializationContext, err error) { + v := reflect.ValueOf(o) + if v.Type().Kind() != reflect.Pointer { + if v.CanAddr() { + v = v.Addr() + } else { + newV := reflect.New(v.Type()) + newV.Elem().Set(v) + v = newV + } + } + val, err := b.toValue(v) + // objects with IDs get added to the graph during object traversal + if _, isTopLevel := val.(map[string]any); isTopLevel && err == nil { + b.graph = append(b.graph, val) + } + ctx := b.findContext(v.Type()) + return ctx, err +} + +func (b *graphBuilder) findContext(t reflect.Type) *serializationContext { + t = baseType(t) // object may be a pointer, but we want the base types + for _, context := range b.ldc { + for _, typ := range context.iriToType { + if t == typ.typ { + return context + } + } + } + return nil +} + +func (b *graphBuilder) toStructMap(v reflect.Value) (value any, err error) { + t := v.Type() + if t.Kind() != reflect.Struct { + return nil, fmt.Errorf("expected struct type, got: %v", stringify(v)) + } + + meta, ok := fieldByType[ldType](t) + if !ok { + return nil, fmt.Errorf("struct does not have LDType metadata: %v", stringify(v)) + } + + iri := meta.Tag.Get(typeIriCompactTag) + if iri == "" { + iri = meta.Tag.Get(typeIriTag) + } + + context := b.findContext(t) + tc := context.typeToContext[t] + + typeProp := ldTypeProp + if context.typeAlias != "" { + typeProp = context.typeAlias + } + out := map[string]any{ + typeProp: iri, + } + + hasValues := false + id := "" + + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if skipField(f) { + continue + } + + prop := f.Tag.Get(propIriCompactTag) + if prop == "" { + prop = f.Tag.Get(propIriTag) + } + + fieldV := v.Field(i) + + if !isRequired(f) && isEmpty(fieldV) { + continue + } + + val, err := b.toValue(fieldV) + if err != nil { + return nil, err + } + + if isIdField(f) { + id, _ = val.(string) + if id == "" { + // if this struct does not have an ID set, and does not have multiple references, + // it is output inline, it does not need an ID, but does need an ID + // when it is moved to the top-level graph and referenced elsewhere + if !b.hasMultipleReferences(v.Addr()) { + continue + } + val, _ = b.ensureID(v.Addr()) + } else if tc != nil { + // compact named IRIs + if _, ok := tc.iriToName[id]; ok { + id = tc.iriToName[id] + } + } + } else { + hasValues = true + } + + out[prop] = val + } + + if id != "" && !hasValues { + // if we _only_ have an ID set and no other values, consider this a named individual + return id, nil + } + + return out, nil +} + +func isIdField(f reflect.StructField) bool { + return f.Tag.Get(propIriTag) == ldIDProp +} + +func isEmpty(v reflect.Value) bool { + return !v.IsValid() || v.IsZero() +} + +func isRequired(f reflect.StructField) bool { + if isIdField(f) { + return true + } + required := f.Tag.Get(propIsRequiredTag) + return required != "" && !strings.EqualFold(required, "false") +} + +func (b *graphBuilder) toValue(v reflect.Value) (any, error) { + if !v.IsValid() { + return nil, nil + } + + switch v.Type().Kind() { + case reflect.Interface: + return b.toValue(v.Elem()) + case reflect.Pointer: + if v.IsNil() { + return nil, nil + } + if !b.hasMultipleReferences(v) { + return b.toValue(v.Elem()) + } + return b.ensureID(v) + case reflect.Struct: + return b.toStructMap(v) + case reflect.Slice: + var out []any + for i := 0; i < v.Len(); i++ { + val, err := b.toValue(v.Index(i)) + if err != nil { + return nil, err + } + out = append(out, val) + } + return out, nil + case reflect.String: + return v.String(), nil + default: + if v.CanInterface() { + return v.Interface(), nil + } + return nil, fmt.Errorf("unable to convert value to maps: %v", stringify(v)) + } +} + +func (b *graphBuilder) ensureID(ptr reflect.Value) (string, error) { + if ptr.Type().Kind() != reflect.Pointer { + return "", fmt.Errorf("expected pointer, got: %v", stringify(ptr)) + } + if id, ok := b.ids[ptr]; ok { + return id, nil + } + + v := ptr.Elem() + t := v.Type() + + id, err := b.getID(v) + if err != nil { + return "", err + } + if id == "" { + if b.nextID == nil { + b.nextID = map[reflect.Type]int{} + } + nextID := b.nextID[t] + 1 + b.nextID[t] = nextID + id = fmt.Sprintf("_:%s-%v", t.Name(), nextID) + } + b.ids[ptr] = id + val, err := b.toValue(v) + if err != nil { + return "", err + } + b.graph = append(b.graph, val) + return id, nil +} + +func (b *graphBuilder) getID(v reflect.Value) (string, error) { + t := v.Type() + if t.Kind() != reflect.Struct { + return "", fmt.Errorf("expected struct, got: %v", stringify(v)) + } + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if isIdField(f) { + fv := v.Field(i) + if f.Type.Kind() != reflect.String { + return "", fmt.Errorf("invalid type for ID field %v in: %v", f, stringify(v)) + } + return fv.String(), nil + } + } + return "", nil +} + +// hasMultipleReferences returns true if the ptr value has multiple references in the input slice +func (b *graphBuilder) hasMultipleReferences(ptr reflect.Value) bool { + if !ptr.IsValid() { + return false + } + count := 0 + visited := map[reflect.Value]struct{}{} + for _, v := range b.input { + count += refCountR(ptr, visited, reflect.ValueOf(v)) + if count > 1 { + return true + } + } + return false +} + +// refCount returns the reference count of the value in the container object +func refCount(find any, container any) int { + visited := map[reflect.Value]struct{}{} + ptrV := reflect.ValueOf(find) + if !ptrV.IsValid() { + return 0 + } + return refCountR(ptrV, visited, reflect.ValueOf(container)) +} + +// refCountR recursively searches for the value, find, in the value v +func refCountR(find reflect.Value, visited map[reflect.Value]struct{}, v reflect.Value) int { + if find.Equal(v) { + return 1 + } + if !v.IsValid() { + return 0 + } + if _, ok := visited[v]; ok { + return 0 + } + visited[v] = struct{}{} + switch v.Kind() { + case reflect.Interface: + return refCountR(find, visited, v.Elem()) + case reflect.Pointer: + if v.IsNil() { + return 0 + } + return refCountR(find, visited, v.Elem()) + case reflect.Struct: + count := 0 + for i := 0; i < v.NumField(); i++ { + count += refCountR(find, visited, v.Field(i)) + } + return count + case reflect.Slice: + count := 0 + for i := 0; i < v.Len(); i++ { + count += refCountR(find, visited, v.Index(i)) + } + return count + default: + return 0 + } +} + +func stringify(o any) string { + if v, ok := o.(reflect.Value); ok { + if !v.IsValid() { + return "invalid value" + } + if !v.IsZero() && v.CanInterface() { + o = v.Interface() + } + } + return fmt.Sprintf("%#v", o) +} + +type IEnergyConsumption interface { + + // GetFinetuningEnergyConsumption specifies the amount of energy consumed when finetuning the AI model that is + // being used in the AI system. + GetFinetuningEnergyConsumption() []IEnergyConsumptionDescription + + SetFinetuningEnergyConsumption(...IEnergyConsumptionDescription) + + // GetInferenceEnergyConsumption specifies the amount of energy consumed during inference time by an AI model + // that is being used in the AI system. + GetInferenceEnergyConsumption() []IEnergyConsumptionDescription + + SetInferenceEnergyConsumption(...IEnergyConsumptionDescription) + + // GetTrainingEnergyConsumption specifies the amount of energy consumed when training the AI model that is + // being used in the AI system. + GetTrainingEnergyConsumption() []IEnergyConsumptionDescription + + SetTrainingEnergyConsumption(...IEnergyConsumptionDescription) +} + +type EnergyConsumption struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/EnergyConsumption" iri-compact:"ai_EnergyConsumption"` + + Iri string `iri:"@id"` + + // FinetuningEnergyConsumption specifies the amount of energy consumed when finetuning the AI model that is + // being used in the AI system. + FinetuningEnergyConsumption []IEnergyConsumptionDescription `iri:"https://spdx.org/rdf/3.0.0/terms/AI/finetuningEnergyConsumption" iri-compact:"ai_finetuningEnergyConsumption"` + // InferenceEnergyConsumption specifies the amount of energy consumed during inference time by an AI model + // that is being used in the AI system. + InferenceEnergyConsumption []IEnergyConsumptionDescription `iri:"https://spdx.org/rdf/3.0.0/terms/AI/inferenceEnergyConsumption" iri-compact:"ai_inferenceEnergyConsumption"` + // TrainingEnergyConsumption specifies the amount of energy consumed when training the AI model that is + // being used in the AI system. + TrainingEnergyConsumption []IEnergyConsumptionDescription `iri:"https://spdx.org/rdf/3.0.0/terms/AI/trainingEnergyConsumption" iri-compact:"ai_trainingEnergyConsumption"` +} + +func NewEnergyConsumption() IEnergyConsumption { + return &EnergyConsumption{} +} + +func (o *EnergyConsumption) GetFinetuningEnergyConsumption() []IEnergyConsumptionDescription { + return o.FinetuningEnergyConsumption +} +func (o *EnergyConsumption) SetFinetuningEnergyConsumption(v ...IEnergyConsumptionDescription) { + o.FinetuningEnergyConsumption = v +} +func (o *EnergyConsumption) GetInferenceEnergyConsumption() []IEnergyConsumptionDescription { + return o.InferenceEnergyConsumption +} +func (o *EnergyConsumption) SetInferenceEnergyConsumption(v ...IEnergyConsumptionDescription) { + o.InferenceEnergyConsumption = v +} +func (o *EnergyConsumption) GetTrainingEnergyConsumption() []IEnergyConsumptionDescription { + return o.TrainingEnergyConsumption +} +func (o *EnergyConsumption) SetTrainingEnergyConsumption(v ...IEnergyConsumptionDescription) { + o.TrainingEnergyConsumption = v +} + +type IEnergyConsumptionDescription interface { + + // GetEnergyQuantity represents the energy quantity. + GetEnergyQuantity() float64 + + SetEnergyQuantity(float64) + + // GetEnergyUnit specifies the unit in which energy is measured. + GetEnergyUnit() EnergyUnitType + + SetEnergyUnit(EnergyUnitType) +} + +type EnergyConsumptionDescription struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/EnergyConsumptionDescription" iri-compact:"ai_EnergyConsumptionDescription"` + + Iri string `iri:"@id"` + + // EnergyQuantity represents the energy quantity. + EnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.0/terms/AI/energyQuantity" iri-compact:"ai_energyQuantity"` + // EnergyUnit specifies the unit in which energy is measured. + EnergyUnit EnergyUnitType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/energyUnit" iri-compact:"ai_energyUnit"` +} + +func NewEnergyConsumptionDescription() IEnergyConsumptionDescription { + return &EnergyConsumptionDescription{} +} + +func (o *EnergyConsumptionDescription) GetEnergyQuantity() float64 { + return o.EnergyQuantity +} +func (o *EnergyConsumptionDescription) SetEnergyQuantity(v float64) { + o.EnergyQuantity = v +} +func (o *EnergyConsumptionDescription) GetEnergyUnit() EnergyUnitType { + return o.EnergyUnit +} +func (o *EnergyConsumptionDescription) SetEnergyUnit(v EnergyUnitType) { + o.EnergyUnit = v +} + +type EnergyUnitType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType" iri-compact:"ai_EnergyUnitType"` + + Iri string `iri:"@id"` +} + +var ( + EnergyUnitType_KilowattHour = EnergyUnitType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/kilowattHour"} + EnergyUnitType_Megajoule = EnergyUnitType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/megajoule"} + EnergyUnitType_Other = EnergyUnitType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/other"} +) + +type SafetyRiskAssessmentType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType" iri-compact:"ai_SafetyRiskAssessmentType"` + + Iri string `iri:"@id"` +} + +var ( + SafetyRiskAssessmentType_High = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/high"} + SafetyRiskAssessmentType_Low = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/low"} + SafetyRiskAssessmentType_Medium = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/medium"} + SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/serious"} +) + +type AnnotationType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType" iri-compact:"AnnotationType"` + + Iri string `iri:"@id"` +} + +var ( + AnnotationType_Other = AnnotationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/other"} + AnnotationType_Review = AnnotationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/review"} +) + +type ICreationInfo interface { + + // GetComment provide consumers with comments by the creator of the Element about the + // Element. + GetComment() string + + SetComment(string) + + // GetCreated identifies when the Element was originally created. + GetCreated() string + + SetCreated(string) + + // GetCreatedBy identifies who or what created the Element. + GetCreatedBy() []IAgent + + SetCreatedBy(...IAgent) + + // GetCreatedUsing identifies the tooling that was used during the creation of the Element. + GetCreatedUsing() []ITool + + SetCreatedUsing(...ITool) + + // GetSpecVersion provides a reference number that can be used to understand how to parse and interpret an Element. + GetSpecVersion() string + + SetSpecVersion(string) +} + +type CreationInfo struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/CreationInfo" iri-compact:"CreationInfo"` + + Iri string `iri:"@id"` + + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // Created identifies when the Element was originally created. + Created string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/created" iri-compact:"created"` + // CreatedBy identifies who or what created the Element. + CreatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/createdBy" iri-compact:"createdBy"` + // CreatedUsing identifies the tooling that was used during the creation of the Element. + CreatedUsing []ITool `iri:"https://spdx.org/rdf/3.0.0/terms/Core/createdUsing" iri-compact:"createdUsing"` + // SpecVersion provides a reference number that can be used to understand how to parse and interpret an Element. + SpecVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/specVersion" iri-compact:"specVersion"` +} + +func NewCreationInfo() ICreationInfo { + return &CreationInfo{} +} + +func (o *CreationInfo) GetComment() string { + return o.Comment +} +func (o *CreationInfo) SetComment(v string) { + o.Comment = v +} +func (o *CreationInfo) GetCreated() string { + return o.Created +} +func (o *CreationInfo) SetCreated(v string) { + o.Created = v +} +func (o *CreationInfo) GetCreatedBy() []IAgent { + return o.CreatedBy +} +func (o *CreationInfo) SetCreatedBy(v ...IAgent) { + o.CreatedBy = v +} +func (o *CreationInfo) GetCreatedUsing() []ITool { + return o.CreatedUsing +} +func (o *CreationInfo) SetCreatedUsing(v ...ITool) { + o.CreatedUsing = v +} +func (o *CreationInfo) GetSpecVersion() string { + return o.SpecVersion +} +func (o *CreationInfo) SetSpecVersion(v string) { + o.SpecVersion = v +} + +type IDictionaryEntry interface { + + // GetKey a key used in a generic key-value pair. + GetKey() string + + SetKey(string) + + // GetValue a value used in a generic key-value pair. + GetValue() string + + SetValue(string) +} + +type DictionaryEntry struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/DictionaryEntry" iri-compact:"DictionaryEntry"` + + Iri string `iri:"@id"` + + // Key a key used in a generic key-value pair. + Key string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/key" iri-compact:"key"` + // Value a value used in a generic key-value pair. + Value string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/value" iri-compact:"value"` +} + +func NewDictionaryEntry() IDictionaryEntry { + return &DictionaryEntry{} +} + +func (o *DictionaryEntry) GetKey() string { + return o.Key +} +func (o *DictionaryEntry) SetKey(v string) { + o.Key = v +} +func (o *DictionaryEntry) GetValue() string { + return o.Value +} +func (o *DictionaryEntry) SetValue(v string) { + o.Value = v +} + +type IElement interface { + + // GetSpdxId identifier property + GetSpdxId() string + + SetSpdxId(string) + + // GetComment provide consumers with comments by the creator of the Element about the + // Element. + GetComment() string + + SetComment(string) + + // GetCreationInfo provides information about the creation of the Element. + GetCreationInfo() ICreationInfo + + SetCreationInfo(ICreationInfo) + + // GetDescription provides a detailed description of the Element. + GetDescription() string + + SetDescription(string) + + // GetExtensions specifies an Extension characterization of some aspect of an Element. + GetExtensions() []IExtension + + SetExtensions(...IExtension) + + // GetExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + GetExternalIdentifiers() []IExternalIdentifier + + SetExternalIdentifiers(...IExternalIdentifier) + + // GetExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + GetExternalRefs() []IExternalRef + + SetExternalRefs(...IExternalRef) + + // GetName identifies the name of an Element as designated by the creator. + GetName() string + + SetName(string) + + // GetSummary a short description of an Element. + GetSummary() string + + SetSummary(string) + + // GetVerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + GetVerifiedUsing() []IIntegrityMethod + + SetVerifiedUsing(...IIntegrityMethod) +} + +type Element struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Element" iri-compact:"Element" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func (o *Element) GetSpdxId() string { + return o.SpdxId +} +func (o *Element) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Element) GetComment() string { + return o.Comment +} +func (o *Element) SetComment(v string) { + o.Comment = v +} +func (o *Element) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Element) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Element) GetDescription() string { + return o.Description +} +func (o *Element) SetDescription(v string) { + o.Description = v +} +func (o *Element) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Element) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Element) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Element) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Element) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Element) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Element) GetName() string { + return o.Name +} +func (o *Element) SetName(v string) { + o.Name = v +} +func (o *Element) GetSummary() string { + return o.Summary +} +func (o *Element) SetSummary(v string) { + o.Summary = v +} +func (o *Element) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Element) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type IElementCollection interface { + IElement + + // GetElements refers to one or more Elements that are part of an ElementCollection. + GetElements() []IElement + + SetElements(...IElement) + + // GetProfileConformance describes one a profile which the creator of this ElementCollection intends to + // conform to. + GetProfileConformance() []ProfileIdentifierType + + SetProfileConformance(...ProfileIdentifierType) + + // GetRootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. + GetRootElements() []IElement + + SetRootElements(...IElement) +} + +type ElementCollection struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ElementCollection" iri-compact:"ElementCollection" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Elements refers to one or more Elements that are part of an ElementCollection. + Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` + // ProfileConformance describes one a profile which the creator of this ElementCollection intends to + // conform to. + ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` + // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` +} + +func (o *ElementCollection) GetSpdxId() string { + return o.SpdxId +} +func (o *ElementCollection) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *ElementCollection) GetComment() string { + return o.Comment +} +func (o *ElementCollection) SetComment(v string) { + o.Comment = v +} +func (o *ElementCollection) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *ElementCollection) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *ElementCollection) GetDescription() string { + return o.Description +} +func (o *ElementCollection) SetDescription(v string) { + o.Description = v +} +func (o *ElementCollection) GetExtensions() []IExtension { + return o.Extensions +} +func (o *ElementCollection) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *ElementCollection) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *ElementCollection) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *ElementCollection) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *ElementCollection) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *ElementCollection) GetName() string { + return o.Name +} +func (o *ElementCollection) SetName(v string) { + o.Name = v +} +func (o *ElementCollection) GetSummary() string { + return o.Summary +} +func (o *ElementCollection) SetSummary(v string) { + o.Summary = v +} +func (o *ElementCollection) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *ElementCollection) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *ElementCollection) GetElements() []IElement { + return o.Elements +} +func (o *ElementCollection) SetElements(v ...IElement) { + o.Elements = v +} +func (o *ElementCollection) GetProfileConformance() []ProfileIdentifierType { + return o.ProfileConformance +} +func (o *ElementCollection) SetProfileConformance(v ...ProfileIdentifierType) { + o.ProfileConformance = v +} +func (o *ElementCollection) GetRootElements() []IElement { + return o.RootElements +} +func (o *ElementCollection) SetRootElements(v ...IElement) { + o.RootElements = v +} + +type IExternalIdentifier interface { + + // GetComment provide consumers with comments by the creator of the Element about the + // Element. + GetComment() string + + SetComment(string) + + // GetExternalIdentifierType specifies the type of the external identifier. + GetExternalIdentifierType() ExternalIdentifierType + + SetExternalIdentifierType(ExternalIdentifierType) + + // GetIdentifier uniquely identifies an external element. + GetIdentifier() string + + SetIdentifier(string) + + // GetIdentifierLocator provides the location for more information regarding an external identifier. + GetIdentifierLocator() []string + + SetIdentifierLocator(...string) + + // GetIssuingAuthority an entity that is authorized to issue identification credentials. + GetIssuingAuthority() string + + SetIssuingAuthority(string) +} + +type ExternalIdentifier struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifier" iri-compact:"ExternalIdentifier"` + + Iri string `iri:"@id"` + + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // ExternalIdentifierType specifies the type of the external identifier. + ExternalIdentifierType ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifierType" iri-compact:"externalIdentifierType"` + // Identifier uniquely identifies an external element. + Identifier string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/identifier" iri-compact:"identifier"` + // IdentifierLocator provides the location for more information regarding an external identifier. + IdentifierLocator []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/identifierLocator" iri-compact:"identifierLocator"` + // IssuingAuthority an entity that is authorized to issue identification credentials. + IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/issuingAuthority" iri-compact:"issuingAuthority"` +} + +func NewExternalIdentifier() IExternalIdentifier { + return &ExternalIdentifier{} +} + +func (o *ExternalIdentifier) GetComment() string { + return o.Comment +} +func (o *ExternalIdentifier) SetComment(v string) { + o.Comment = v +} +func (o *ExternalIdentifier) GetExternalIdentifierType() ExternalIdentifierType { + return o.ExternalIdentifierType +} +func (o *ExternalIdentifier) SetExternalIdentifierType(v ExternalIdentifierType) { + o.ExternalIdentifierType = v +} +func (o *ExternalIdentifier) GetIdentifier() string { + return o.Identifier +} +func (o *ExternalIdentifier) SetIdentifier(v string) { + o.Identifier = v +} +func (o *ExternalIdentifier) GetIdentifierLocator() []string { + return o.IdentifierLocator +} +func (o *ExternalIdentifier) SetIdentifierLocator(v ...string) { + o.IdentifierLocator = v +} +func (o *ExternalIdentifier) GetIssuingAuthority() string { + return o.IssuingAuthority +} +func (o *ExternalIdentifier) SetIssuingAuthority(v string) { + o.IssuingAuthority = v +} + +type ExternalIdentifierType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType" iri-compact:"ExternalIdentifierType"` + + Iri string `iri:"@id"` +} + +var ( + ExternalIdentifierType_Cpe22 = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe22"} + ExternalIdentifierType_Cpe23 = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe23"} + ExternalIdentifierType_Cve = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cve"} + ExternalIdentifierType_Email = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/email"} + ExternalIdentifierType_Gitoid = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/gitoid"} + ExternalIdentifierType_Other = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/other"} + ExternalIdentifierType_PackageUrl = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/packageUrl"} + ExternalIdentifierType_SecurityOther = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/securityOther"} + ExternalIdentifierType_Swhid = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swhid"} + ExternalIdentifierType_Swid = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swid"} + ExternalIdentifierType_UrlScheme = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/urlScheme"} +) + +type IExternalMap interface { + + // GetDefiningArtifact artifact representing a serialization instance of SPDX data containing the + // definition of a particular Element. + GetDefiningArtifact() IArtifact + + SetDefiningArtifact(IArtifact) + + // GetExternalSpdxId identifies an external Element used within a Document but defined external to + // that Document. + GetExternalSpdxId() string + + SetExternalSpdxId(string) + + // GetLocationHint provides an indication of where to retrieve an external Element. + GetLocationHint() string + + SetLocationHint(string) + + // GetVerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + GetVerifiedUsing() []IIntegrityMethod + + SetVerifiedUsing(...IIntegrityMethod) +} + +type ExternalMap struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalMap" iri-compact:"ExternalMap"` + + Iri string `iri:"@id"` + + // DefiningArtifact artifact representing a serialization instance of SPDX data containing the + // definition of a particular Element. + DefiningArtifact IArtifact `iri:"https://spdx.org/rdf/3.0.0/terms/Core/definingArtifact" iri-compact:"definingArtifact"` + // ExternalSpdxId identifies an external Element used within a Document but defined external to + // that Document. + ExternalSpdxId string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalSpdxId" iri-compact:"externalSpdxId"` + // LocationHint provides an indication of where to retrieve an external Element. + LocationHint string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/locationHint" iri-compact:"locationHint"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func NewExternalMap() IExternalMap { + return &ExternalMap{} +} + +func (o *ExternalMap) GetDefiningArtifact() IArtifact { + return o.DefiningArtifact +} +func (o *ExternalMap) SetDefiningArtifact(v IArtifact) { + o.DefiningArtifact = v +} +func (o *ExternalMap) GetExternalSpdxId() string { + return o.ExternalSpdxId +} +func (o *ExternalMap) SetExternalSpdxId(v string) { + o.ExternalSpdxId = v +} +func (o *ExternalMap) GetLocationHint() string { + return o.LocationHint +} +func (o *ExternalMap) SetLocationHint(v string) { + o.LocationHint = v +} +func (o *ExternalMap) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *ExternalMap) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type IExternalRef interface { + + // GetComment provide consumers with comments by the creator of the Element about the + // Element. + GetComment() string + + SetComment(string) + + // GetContentType specifies the media type of an Element or Property. + GetContentType() string + + SetContentType(string) + + // GetExternalRefType specifies the type of the external reference. + GetExternalRefType() ExternalRefType + + SetExternalRefType(ExternalRefType) + + // GetLocator provides the location of an external reference. + GetLocator() []string + + SetLocator(...string) +} + +type ExternalRef struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalRef" iri-compact:"ExternalRef"` + + Iri string `iri:"@id"` + + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // ContentType specifies the media type of an Element or Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/contentType" iri-compact:"contentType"` + // ExternalRefType specifies the type of the external reference. + ExternalRefType ExternalRefType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRefType" iri-compact:"externalRefType"` + // Locator provides the location of an external reference. + Locator []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/locator" iri-compact:"locator"` +} + +func NewExternalRef() IExternalRef { + return &ExternalRef{} +} + +func (o *ExternalRef) GetComment() string { + return o.Comment +} +func (o *ExternalRef) SetComment(v string) { + o.Comment = v +} +func (o *ExternalRef) GetContentType() string { + return o.ContentType +} +func (o *ExternalRef) SetContentType(v string) { + o.ContentType = v +} +func (o *ExternalRef) GetExternalRefType() ExternalRefType { + return o.ExternalRefType +} +func (o *ExternalRef) SetExternalRefType(v ExternalRefType) { + o.ExternalRefType = v +} +func (o *ExternalRef) GetLocator() []string { + return o.Locator +} +func (o *ExternalRef) SetLocator(v ...string) { + o.Locator = v +} + +type ExternalRefType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType" iri-compact:"ExternalRefType"` + + Iri string `iri:"@id"` +} + +var ( + ExternalRefType_AltDownloadLocation = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altDownloadLocation"} + ExternalRefType_AltWebPage = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altWebPage"} + ExternalRefType_BinaryArtifact = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/binaryArtifact"} + ExternalRefType_Bower = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/bower"} + ExternalRefType_BuildMeta = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildMeta"} + ExternalRefType_BuildSystem = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildSystem"} + ExternalRefType_CertificationReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/certificationReport"} + ExternalRefType_Chat = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/chat"} + ExternalRefType_ComponentAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/componentAnalysisReport"} + ExternalRefType_Cwe = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/cwe"} + ExternalRefType_Documentation = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/documentation"} + ExternalRefType_DynamicAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/dynamicAnalysisReport"} + ExternalRefType_EolNotice = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/eolNotice"} + ExternalRefType_ExportControlAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/exportControlAssessment"} + ExternalRefType_Funding = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/funding"} + ExternalRefType_IssueTracker = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/issueTracker"} + ExternalRefType_License = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/license"} + ExternalRefType_MailingList = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mailingList"} + ExternalRefType_MavenCentral = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mavenCentral"} + ExternalRefType_Metrics = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/metrics"} + ExternalRefType_Npm = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/npm"} + ExternalRefType_Nuget = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/nuget"} + ExternalRefType_Other = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/other"} + ExternalRefType_PrivacyAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/privacyAssessment"} + ExternalRefType_ProductMetadata = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/productMetadata"} + ExternalRefType_PurchaseOrder = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/purchaseOrder"} + ExternalRefType_QualityAssessmentReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/qualityAssessmentReport"} + ExternalRefType_ReleaseHistory = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseHistory"} + ExternalRefType_ReleaseNotes = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseNotes"} + ExternalRefType_RiskAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/riskAssessment"} + ExternalRefType_RuntimeAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/runtimeAnalysisReport"} + ExternalRefType_SecureSoftwareAttestation = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/secureSoftwareAttestation"} + ExternalRefType_SecurityAdversaryModel = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdversaryModel"} + ExternalRefType_SecurityAdvisory = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdvisory"} + ExternalRefType_SecurityFix = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityFix"} + ExternalRefType_SecurityOther = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityOther"} + ExternalRefType_SecurityPenTestReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPenTestReport"} + ExternalRefType_SecurityPolicy = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPolicy"} + ExternalRefType_SecurityThreatModel = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityThreatModel"} + ExternalRefType_SocialMedia = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/socialMedia"} + ExternalRefType_SourceArtifact = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/sourceArtifact"} + ExternalRefType_StaticAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/staticAnalysisReport"} + ExternalRefType_Support = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/support"} + ExternalRefType_Vcs = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vcs"} + ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"} + ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"} +) + +type HashAlgorithm struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm" iri-compact:"HashAlgorithm"` + + Iri string `iri:"@id"` +} + +var ( + HashAlgorithm_Blake2b256 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b256"} + HashAlgorithm_Blake2b384 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b384"} + HashAlgorithm_Blake2b512 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b512"} + HashAlgorithm_Blake3 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake3"} + HashAlgorithm_CrystalsDilithium = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsDilithium"} + HashAlgorithm_CrystalsKyber = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsKyber"} + HashAlgorithm_Falcon = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/falcon"} + HashAlgorithm_Md2 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md2"} + HashAlgorithm_Md4 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md4"} + HashAlgorithm_Md5 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md5"} + HashAlgorithm_Md6 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md6"} + HashAlgorithm_Other = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/other"} + HashAlgorithm_Sha1 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha1"} + HashAlgorithm_Sha224 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha224"} + HashAlgorithm_Sha256 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha256"} + HashAlgorithm_Sha384 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha384"} + HashAlgorithm_Sha3_224 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_224"} + HashAlgorithm_Sha3_256 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_256"} + HashAlgorithm_Sha3_384 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_384"} + HashAlgorithm_Sha3_512 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_512"} + HashAlgorithm_Sha512 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha512"} +) + +type IIntegrityMethod interface { + + // GetComment provide consumers with comments by the creator of the Element about the + // Element. + GetComment() string + + SetComment(string) +} + +type IntegrityMethod struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/IntegrityMethod" iri-compact:"IntegrityMethod"` + + Iri string `iri:"@id"` + + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` +} + +func (o *IntegrityMethod) GetComment() string { + return o.Comment +} +func (o *IntegrityMethod) SetComment(v string) { + o.Comment = v +} + +type LifecycleScopeType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType" iri-compact:"LifecycleScopeType"` + + Iri string `iri:"@id"` +} + +var ( + LifecycleScopeType_Build = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/build"} + LifecycleScopeType_Design = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/design"} + LifecycleScopeType_Development = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/development"} + LifecycleScopeType_Other = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/other"} + LifecycleScopeType_Runtime = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/runtime"} + LifecycleScopeType_Test = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/test"} +) + +type INamespaceMap interface { + + // GetNamespace provides an unambiguous mechanism for conveying a URI fragment portion of an + // ElementID. + GetNamespace() string + + SetNamespace(string) + + // GetPrefix a substitute for a URI. + GetPrefix() string + + SetPrefix(string) +} + +type NamespaceMap struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/NamespaceMap" iri-compact:"NamespaceMap"` + + Iri string `iri:"@id"` + + // Namespace provides an unambiguous mechanism for conveying a URI fragment portion of an + // ElementID. + Namespace string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/namespace" iri-compact:"namespace"` + // Prefix a substitute for a URI. + Prefix string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/prefix" iri-compact:"prefix"` +} + +func NewNamespaceMap() INamespaceMap { + return &NamespaceMap{} +} + +func (o *NamespaceMap) GetNamespace() string { + return o.Namespace +} +func (o *NamespaceMap) SetNamespace(v string) { + o.Namespace = v +} +func (o *NamespaceMap) GetPrefix() string { + return o.Prefix +} +func (o *NamespaceMap) SetPrefix(v string) { + o.Prefix = v +} + +type IPackageVerificationCode interface { + IIntegrityMethod + + // GetAlgorithm specifies the algorithm used for calculating the hash value. + GetAlgorithm() HashAlgorithm + + SetAlgorithm(HashAlgorithm) + + // GetHashValue the result of applying a hash algorithm to an Element. + GetHashValue() string + + SetHashValue(string) + + // GetPackageVerificationCodeExcludedFile the relative file name of a file to be excluded from the + // `PackageVerificationCode`. + GetPackageVerificationCodeExcludedFile() []string + + SetPackageVerificationCodeExcludedFile(...string) +} + +type PackageVerificationCode struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/PackageVerificationCode" iri-compact:"PackageVerificationCode"` + + Iri string `iri:"@id"` + + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + + // Algorithm specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.0/terms/Core/algorithm" iri-compact:"algorithm"` + // HashValue the result of applying a hash algorithm to an Element. + HashValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/hashValue" iri-compact:"hashValue"` + // PackageVerificationCodeExcludedFile the relative file name of a file to be excluded from the + // `PackageVerificationCode`. + PackageVerificationCodeExcludedFile []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/packageVerificationCodeExcludedFile" iri-compact:"packageVerificationCodeExcludedFile"` +} + +func NewPackageVerificationCode() IPackageVerificationCode { + return &PackageVerificationCode{} +} + +func (o *PackageVerificationCode) GetComment() string { + return o.Comment +} +func (o *PackageVerificationCode) SetComment(v string) { + o.Comment = v +} + +func (o *PackageVerificationCode) GetAlgorithm() HashAlgorithm { + return o.Algorithm +} +func (o *PackageVerificationCode) SetAlgorithm(v HashAlgorithm) { + o.Algorithm = v +} +func (o *PackageVerificationCode) GetHashValue() string { + return o.HashValue +} +func (o *PackageVerificationCode) SetHashValue(v string) { + o.HashValue = v +} +func (o *PackageVerificationCode) GetPackageVerificationCodeExcludedFile() []string { + return o.PackageVerificationCodeExcludedFile +} +func (o *PackageVerificationCode) SetPackageVerificationCodeExcludedFile(v ...string) { + o.PackageVerificationCodeExcludedFile = v +} + +type IPositiveIntegerRange interface { + + // GetBeginIntegerRange defines the beginning of a range. + GetBeginIntegerRange() uint + + SetBeginIntegerRange(uint) + + // GetEndIntegerRange defines the end of a range. + GetEndIntegerRange() uint + + SetEndIntegerRange(uint) +} + +type PositiveIntegerRange struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/PositiveIntegerRange" iri-compact:"PositiveIntegerRange"` + + Iri string `iri:"@id"` + + // BeginIntegerRange defines the beginning of a range. + BeginIntegerRange uint `iri:"https://spdx.org/rdf/3.0.0/terms/Core/beginIntegerRange" iri-compact:"beginIntegerRange"` + // EndIntegerRange defines the end of a range. + EndIntegerRange uint `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endIntegerRange" iri-compact:"endIntegerRange"` +} + +func NewPositiveIntegerRange() IPositiveIntegerRange { + return &PositiveIntegerRange{} +} + +func (o *PositiveIntegerRange) GetBeginIntegerRange() uint { + return o.BeginIntegerRange +} +func (o *PositiveIntegerRange) SetBeginIntegerRange(v uint) { + o.BeginIntegerRange = v +} +func (o *PositiveIntegerRange) GetEndIntegerRange() uint { + return o.EndIntegerRange +} +func (o *PositiveIntegerRange) SetEndIntegerRange(v uint) { + o.EndIntegerRange = v +} + +type PresenceType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/PresenceType" iri-compact:"PresenceType"` + + Iri string `iri:"@id"` +} + +var ( + PresenceType_No = PresenceType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no"} + PresenceType_NoAssertion = PresenceType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion"} + PresenceType_Yes = PresenceType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes"} +) + +type ProfileIdentifierType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType" iri-compact:"ProfileIdentifierType"` + + Iri string `iri:"@id"` +} + +var ( + ProfileIdentifierType_Ai = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/ai"} + ProfileIdentifierType_Build = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/build"} + ProfileIdentifierType_Core = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/core"} + ProfileIdentifierType_Dataset = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/dataset"} + ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/expandedLicensing"} + ProfileIdentifierType_Extension = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/extension"} + ProfileIdentifierType_Lite = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/lite"} + ProfileIdentifierType_Security = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/security"} + ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/simpleLicensing"} + ProfileIdentifierType_Software = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/software"} +) + +type IRelationship interface { + IElement + + // GetCompleteness provides information about the completeness of relationships. + GetCompleteness() RelationshipCompleteness + + SetCompleteness(RelationshipCompleteness) + + // GetEndTime specifies the time from which an element is no longer applicable / valid. + GetEndTime() string + + SetEndTime(string) + + // GetFrom references the Element on the left-hand side of a relationship. + GetFrom() IElement + + SetFrom(IElement) + + // GetRelationshipType information about the relationship between two Elements. + GetRelationshipType() RelationshipType + + SetRelationshipType(RelationshipType) + + // GetStartTime specifies the time from which an element is applicable / valid. + GetStartTime() string + + SetStartTime(string) + + // GetTo references an Element on the right-hand side of a relationship. + GetTo() []IElement + + SetTo(...IElement) +} + +type Relationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Relationship" iri-compact:"Relationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` +} + +func NewRelationship() IRelationship { + return &Relationship{} +} + +func (o *Relationship) GetSpdxId() string { + return o.SpdxId +} +func (o *Relationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Relationship) GetComment() string { + return o.Comment +} +func (o *Relationship) SetComment(v string) { + o.Comment = v +} +func (o *Relationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Relationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Relationship) GetDescription() string { + return o.Description +} +func (o *Relationship) SetDescription(v string) { + o.Description = v +} +func (o *Relationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Relationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Relationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Relationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Relationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Relationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Relationship) GetName() string { + return o.Name +} +func (o *Relationship) SetName(v string) { + o.Name = v +} +func (o *Relationship) GetSummary() string { + return o.Summary +} +func (o *Relationship) SetSummary(v string) { + o.Summary = v +} +func (o *Relationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Relationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Relationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *Relationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *Relationship) GetEndTime() string { + return o.EndTime +} +func (o *Relationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *Relationship) GetFrom() IElement { + return o.From +} +func (o *Relationship) SetFrom(v IElement) { + o.From = v +} +func (o *Relationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *Relationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *Relationship) GetStartTime() string { + return o.StartTime +} +func (o *Relationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *Relationship) GetTo() []IElement { + return o.To +} +func (o *Relationship) SetTo(v ...IElement) { + o.To = v +} + +type RelationshipCompleteness struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness" iri-compact:"RelationshipCompleteness"` + + Iri string `iri:"@id"` +} + +var ( + RelationshipCompleteness_Complete = RelationshipCompleteness{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/complete"} + RelationshipCompleteness_Incomplete = RelationshipCompleteness{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/incomplete"} + RelationshipCompleteness_NoAssertion = RelationshipCompleteness{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/noAssertion"} +) + +type RelationshipType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType" iri-compact:"RelationshipType"` + + Iri string `iri:"@id"` +} + +var ( + RelationshipType_Affects = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/affects"} + RelationshipType_AmendedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/amendedBy"} + RelationshipType_AncestorOf = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/ancestorOf"} + RelationshipType_AvailableFrom = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/availableFrom"} + RelationshipType_Configures = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/configures"} + RelationshipType_Contains = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/contains"} + RelationshipType_CoordinatedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/coordinatedBy"} + RelationshipType_CopiedTo = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/copiedTo"} + RelationshipType_DelegatedTo = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/delegatedTo"} + RelationshipType_DependsOn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/dependsOn"} + RelationshipType_DescendantOf = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/descendantOf"} + RelationshipType_Describes = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/describes"} + RelationshipType_DoesNotAffect = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/doesNotAffect"} + RelationshipType_ExpandsTo = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/expandsTo"} + RelationshipType_ExploitCreatedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/exploitCreatedBy"} + RelationshipType_FixedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedBy"} + RelationshipType_FixedIn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedIn"} + RelationshipType_FoundBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/foundBy"} + RelationshipType_Generates = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/generates"} + RelationshipType_HasAddedFile = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAddedFile"} + RelationshipType_HasAssessmentFor = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssessmentFor"} + RelationshipType_HasAssociatedVulnerability = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssociatedVulnerability"} + RelationshipType_HasConcludedLicense = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasConcludedLicense"} + RelationshipType_HasDataFile = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDataFile"} + RelationshipType_HasDeclaredLicense = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeclaredLicense"} + RelationshipType_HasDeletedFile = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeletedFile"} + RelationshipType_HasDependencyManifest = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDependencyManifest"} + RelationshipType_HasDistributionArtifact = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDistributionArtifact"} + RelationshipType_HasDocumentation = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDocumentation"} + RelationshipType_HasDynamicLink = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDynamicLink"} + RelationshipType_HasEvidence = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasEvidence"} + RelationshipType_HasExample = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasExample"} + RelationshipType_HasHost = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasHost"} + RelationshipType_HasInputs = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasInputs"} + RelationshipType_HasMetadata = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasMetadata"} + RelationshipType_HasOptionalComponent = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalComponent"} + RelationshipType_HasOptionalDependency = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalDependency"} + RelationshipType_HasOutputs = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOutputs"} + RelationshipType_HasPrerequsite = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasPrerequsite"} + RelationshipType_HasProvidedDependency = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasProvidedDependency"} + RelationshipType_HasRequirement = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasRequirement"} + RelationshipType_HasSpecification = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasSpecification"} + RelationshipType_HasStaticLink = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasStaticLink"} + RelationshipType_HasTest = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTest"} + RelationshipType_HasTestCase = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTestCase"} + RelationshipType_HasVariant = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasVariant"} + RelationshipType_InvokedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/invokedBy"} + RelationshipType_ModifiedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/modifiedBy"} + RelationshipType_Other = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/other"} + RelationshipType_PackagedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/packagedBy"} + RelationshipType_PatchedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/patchedBy"} + RelationshipType_PublishedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/publishedBy"} + RelationshipType_ReportedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/reportedBy"} + RelationshipType_RepublishedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/republishedBy"} + RelationshipType_SerializedInArtifact = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/serializedInArtifact"} + RelationshipType_TestedOn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/testedOn"} + RelationshipType_TrainedOn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/trainedOn"} + RelationshipType_UnderInvestigationFor = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/underInvestigationFor"} + RelationshipType_UsesTool = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/usesTool"} +) + +type ISpdxDocument interface { + IElementCollection + + // GetDataLicense provides the license under which the SPDX documentation of the Element can be + // used. + GetDataLicense() IAnyLicenseInfo + + SetDataLicense(IAnyLicenseInfo) + + // GetImports provides an ExternalMap of Element identifiers. + GetImports() []IExternalMap + + SetImports(...IExternalMap) + + // GetNamespaceMap provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + GetNamespaceMap() []INamespaceMap + + SetNamespaceMap(...INamespaceMap) +} + +type SpdxDocument struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/SpdxDocument" iri-compact:"SpdxDocument" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Elements refers to one or more Elements that are part of an ElementCollection. + Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` + // ProfileConformance describes one a profile which the creator of this ElementCollection intends to + // conform to. + ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` + // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` + + // DataLicense provides the license under which the SPDX documentation of the Element can be + // used. + DataLicense IAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/dataLicense" iri-compact:"dataLicense"` + // Imports provides an ExternalMap of Element identifiers. + Imports []IExternalMap `iri:"https://spdx.org/rdf/3.0.0/terms/Core/imports" iri-compact:"imports"` + // NamespaceMap provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + NamespaceMap []INamespaceMap `iri:"https://spdx.org/rdf/3.0.0/terms/Core/namespaceMap" iri-compact:"namespaceMap"` +} + +func NewSpdxDocument() ISpdxDocument { + return &SpdxDocument{} +} + +func (o *SpdxDocument) GetSpdxId() string { + return o.SpdxId +} +func (o *SpdxDocument) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *SpdxDocument) GetComment() string { + return o.Comment +} +func (o *SpdxDocument) SetComment(v string) { + o.Comment = v +} +func (o *SpdxDocument) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *SpdxDocument) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *SpdxDocument) GetDescription() string { + return o.Description +} +func (o *SpdxDocument) SetDescription(v string) { + o.Description = v +} +func (o *SpdxDocument) GetExtensions() []IExtension { + return o.Extensions +} +func (o *SpdxDocument) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *SpdxDocument) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *SpdxDocument) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *SpdxDocument) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *SpdxDocument) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *SpdxDocument) GetName() string { + return o.Name +} +func (o *SpdxDocument) SetName(v string) { + o.Name = v +} +func (o *SpdxDocument) GetSummary() string { + return o.Summary +} +func (o *SpdxDocument) SetSummary(v string) { + o.Summary = v +} +func (o *SpdxDocument) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *SpdxDocument) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *SpdxDocument) GetElements() []IElement { + return o.Elements +} +func (o *SpdxDocument) SetElements(v ...IElement) { + o.Elements = v +} +func (o *SpdxDocument) GetProfileConformance() []ProfileIdentifierType { + return o.ProfileConformance +} +func (o *SpdxDocument) SetProfileConformance(v ...ProfileIdentifierType) { + o.ProfileConformance = v +} +func (o *SpdxDocument) GetRootElements() []IElement { + return o.RootElements +} +func (o *SpdxDocument) SetRootElements(v ...IElement) { + o.RootElements = v +} + +func (o *SpdxDocument) GetDataLicense() IAnyLicenseInfo { + return o.DataLicense +} +func (o *SpdxDocument) SetDataLicense(v IAnyLicenseInfo) { + o.DataLicense = v +} +func (o *SpdxDocument) GetImports() []IExternalMap { + return o.Imports +} +func (o *SpdxDocument) SetImports(v ...IExternalMap) { + o.Imports = v +} +func (o *SpdxDocument) GetNamespaceMap() []INamespaceMap { + return o.NamespaceMap +} +func (o *SpdxDocument) SetNamespaceMap(v ...INamespaceMap) { + o.NamespaceMap = v +} + +type SupportType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/SupportType" iri-compact:"SupportType"` + + Iri string `iri:"@id"` +} + +var ( + SupportType_Deployed = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/deployed"} + SupportType_Development = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/development"} + SupportType_EndOfSupport = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/endOfSupport"} + SupportType_LimitedSupport = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/limitedSupport"} + SupportType_NoAssertion = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noAssertion"} + SupportType_NoSupport = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noSupport"} + SupportType_Support = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/support"} +) + +type ITool interface { + IElement +} + +type Tool struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Tool" iri-compact:"Tool" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func NewTool() ITool { + return &Tool{} +} + +func (o *Tool) GetSpdxId() string { + return o.SpdxId +} +func (o *Tool) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Tool) GetComment() string { + return o.Comment +} +func (o *Tool) SetComment(v string) { + o.Comment = v +} +func (o *Tool) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Tool) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Tool) GetDescription() string { + return o.Description +} +func (o *Tool) SetDescription(v string) { + o.Description = v +} +func (o *Tool) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Tool) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Tool) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Tool) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Tool) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Tool) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Tool) GetName() string { + return o.Name +} +func (o *Tool) SetName(v string) { + o.Name = v +} +func (o *Tool) GetSummary() string { + return o.Summary +} +func (o *Tool) SetSummary(v string) { + o.Summary = v +} +func (o *Tool) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Tool) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type ConfidentialityLevelType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType" iri-compact:"dataset_ConfidentialityLevelType"` + + Iri string `iri:"@id"` +} + +var ( + ConfidentialityLevelType_Amber = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/amber"} + ConfidentialityLevelType_Clear = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/clear"} + ConfidentialityLevelType_Green = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/green"} + ConfidentialityLevelType_Red = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/red"} +) + +type DatasetAvailabilityType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType" iri-compact:"dataset_DatasetAvailabilityType"` + + Iri string `iri:"@id"` +} + +var ( + DatasetAvailabilityType_Clickthrough = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/clickthrough"} + DatasetAvailabilityType_DirectDownload = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/directDownload"} + DatasetAvailabilityType_Query = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/query"} + DatasetAvailabilityType_Registration = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/registration"} + DatasetAvailabilityType_ScrapingScript = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/scrapingScript"} +) + +type DatasetType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType" iri-compact:"dataset_DatasetType"` + + Iri string `iri:"@id"` +} + +var ( + DatasetType_Audio = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/audio"} + DatasetType_Categorical = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/categorical"} + DatasetType_Graph = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/graph"} + DatasetType_Image = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/image"} + DatasetType_NoAssertion = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/noAssertion"} + DatasetType_Numeric = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/numeric"} + DatasetType_Other = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/other"} + DatasetType_Sensor = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/sensor"} + DatasetType_Structured = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/structured"} + DatasetType_Syntactic = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/syntactic"} + DatasetType_Text = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/text"} + DatasetType_Timeseries = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timeseries"} + DatasetType_Timestamp = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timestamp"} + DatasetType_Video = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/video"} +) + +type ILicenseAddition interface { + IElement + + // GetAdditionText identifies the full text of a LicenseAddition. + GetAdditionText() string + + SetAdditionText(string) + + // GetIsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. + GetIsDeprecatedAdditionId() bool + + SetIsDeprecatedAdditionId(bool) + + // GetLicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + GetLicenseXml() string + + SetLicenseXml(string) + + // GetObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + GetObsoletedBy() string + + SetObsoletedBy(string) + + // GetSeeAlso contains a URL where the License or LicenseAddition can be found in use. + GetSeeAlso() []string + + SetSeeAlso(...string) + + // GetStandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. + GetStandardAdditionTemplate() string + + SetStandardAdditionTemplate(string) +} + +type LicenseAddition struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/LicenseAddition" iri-compact:"expandedlicensing_LicenseAddition" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // AdditionText identifies the full text of a LicenseAddition. + AdditionText string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` + // IsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` + // LicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` + // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` + // SeeAlso contains a URL where the License or LicenseAddition can be found in use. + SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` + // StandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. + StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` +} + +func (o *LicenseAddition) GetSpdxId() string { + return o.SpdxId +} +func (o *LicenseAddition) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *LicenseAddition) GetComment() string { + return o.Comment +} +func (o *LicenseAddition) SetComment(v string) { + o.Comment = v +} +func (o *LicenseAddition) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *LicenseAddition) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *LicenseAddition) GetDescription() string { + return o.Description +} +func (o *LicenseAddition) SetDescription(v string) { + o.Description = v +} +func (o *LicenseAddition) GetExtensions() []IExtension { + return o.Extensions +} +func (o *LicenseAddition) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *LicenseAddition) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *LicenseAddition) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *LicenseAddition) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *LicenseAddition) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *LicenseAddition) GetName() string { + return o.Name +} +func (o *LicenseAddition) SetName(v string) { + o.Name = v +} +func (o *LicenseAddition) GetSummary() string { + return o.Summary +} +func (o *LicenseAddition) SetSummary(v string) { + o.Summary = v +} +func (o *LicenseAddition) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *LicenseAddition) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *LicenseAddition) GetAdditionText() string { + return o.AdditionText +} +func (o *LicenseAddition) SetAdditionText(v string) { + o.AdditionText = v +} +func (o *LicenseAddition) GetIsDeprecatedAdditionId() bool { + return o.IsDeprecatedAdditionId +} +func (o *LicenseAddition) SetIsDeprecatedAdditionId(v bool) { + o.IsDeprecatedAdditionId = v +} +func (o *LicenseAddition) GetLicenseXml() string { + return o.LicenseXml +} +func (o *LicenseAddition) SetLicenseXml(v string) { + o.LicenseXml = v +} +func (o *LicenseAddition) GetObsoletedBy() string { + return o.ObsoletedBy +} +func (o *LicenseAddition) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} +func (o *LicenseAddition) GetSeeAlso() []string { + return o.SeeAlso +} +func (o *LicenseAddition) SetSeeAlso(v ...string) { + o.SeeAlso = v +} +func (o *LicenseAddition) GetStandardAdditionTemplate() string { + return o.StandardAdditionTemplate +} +func (o *LicenseAddition) SetStandardAdditionTemplate(v string) { + o.StandardAdditionTemplate = v +} + +type IListedLicenseException interface { + ILicenseAddition + + // GetDeprecatedVersion specifies the SPDX License List version in which this license or exception + // identifier was deprecated. + GetDeprecatedVersion() string + + SetDeprecatedVersion(string) + + // GetListVersionAdded specifies the SPDX License List version in which this ListedLicense or + // ListedLicenseException identifier was first added. + GetListVersionAdded() string + + SetListVersionAdded(string) +} + +type ListedLicenseException struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ListedLicenseException" iri-compact:"expandedlicensing_ListedLicenseException" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // AdditionText identifies the full text of a LicenseAddition. + AdditionText string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` + // IsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` + // LicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` + // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` + // SeeAlso contains a URL where the License or LicenseAddition can be found in use. + SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` + // StandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. + StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` + + // DeprecatedVersion specifies the SPDX License List version in which this license or exception + // identifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` + // ListVersionAdded specifies the SPDX License List version in which this ListedLicense or + // ListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` +} + +func NewListedLicenseException() IListedLicenseException { + return &ListedLicenseException{} +} + +func (o *ListedLicenseException) GetSpdxId() string { + return o.SpdxId +} +func (o *ListedLicenseException) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *ListedLicenseException) GetComment() string { + return o.Comment +} +func (o *ListedLicenseException) SetComment(v string) { + o.Comment = v +} +func (o *ListedLicenseException) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *ListedLicenseException) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *ListedLicenseException) GetDescription() string { + return o.Description +} +func (o *ListedLicenseException) SetDescription(v string) { + o.Description = v +} +func (o *ListedLicenseException) GetExtensions() []IExtension { + return o.Extensions +} +func (o *ListedLicenseException) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *ListedLicenseException) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *ListedLicenseException) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *ListedLicenseException) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *ListedLicenseException) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *ListedLicenseException) GetName() string { + return o.Name +} +func (o *ListedLicenseException) SetName(v string) { + o.Name = v +} +func (o *ListedLicenseException) GetSummary() string { + return o.Summary +} +func (o *ListedLicenseException) SetSummary(v string) { + o.Summary = v +} +func (o *ListedLicenseException) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *ListedLicenseException) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *ListedLicenseException) GetAdditionText() string { + return o.AdditionText +} +func (o *ListedLicenseException) SetAdditionText(v string) { + o.AdditionText = v +} +func (o *ListedLicenseException) GetIsDeprecatedAdditionId() bool { + return o.IsDeprecatedAdditionId +} +func (o *ListedLicenseException) SetIsDeprecatedAdditionId(v bool) { + o.IsDeprecatedAdditionId = v +} +func (o *ListedLicenseException) GetLicenseXml() string { + return o.LicenseXml +} +func (o *ListedLicenseException) SetLicenseXml(v string) { + o.LicenseXml = v +} +func (o *ListedLicenseException) GetObsoletedBy() string { + return o.ObsoletedBy +} +func (o *ListedLicenseException) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} +func (o *ListedLicenseException) GetSeeAlso() []string { + return o.SeeAlso +} +func (o *ListedLicenseException) SetSeeAlso(v ...string) { + o.SeeAlso = v +} +func (o *ListedLicenseException) GetStandardAdditionTemplate() string { + return o.StandardAdditionTemplate +} +func (o *ListedLicenseException) SetStandardAdditionTemplate(v string) { + o.StandardAdditionTemplate = v +} + +func (o *ListedLicenseException) GetDeprecatedVersion() string { + return o.DeprecatedVersion +} +func (o *ListedLicenseException) SetDeprecatedVersion(v string) { + o.DeprecatedVersion = v +} +func (o *ListedLicenseException) GetListVersionAdded() string { + return o.ListVersionAdded +} +func (o *ListedLicenseException) SetListVersionAdded(v string) { + o.ListVersionAdded = v +} + +type ICdxPropertyEntry interface { + + // GetCdxPropName a name used in a CdxExtension name-value pair. + GetCdxPropName() string + + SetCdxPropName(string) + + // GetCdxPropValue a value used in a CdxExtension name-value pair. + GetCdxPropValue() string + + SetCdxPropValue(string) +} + +type CdxPropertyEntry struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/CdxPropertyEntry" iri-compact:"extension_CdxPropertyEntry"` + + Iri string `iri:"@id"` + + // CdxPropName a name used in a CdxExtension name-value pair. + CdxPropName string `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/cdxPropName" iri-compact:"extension_cdxPropName"` + // CdxPropValue a value used in a CdxExtension name-value pair. + CdxPropValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/cdxPropValue" iri-compact:"extension_cdxPropValue"` +} + +func NewCdxPropertyEntry() ICdxPropertyEntry { + return &CdxPropertyEntry{} +} + +func (o *CdxPropertyEntry) GetCdxPropName() string { + return o.CdxPropName +} +func (o *CdxPropertyEntry) SetCdxPropName(v string) { + o.CdxPropName = v +} +func (o *CdxPropertyEntry) GetCdxPropValue() string { + return o.CdxPropValue +} +func (o *CdxPropertyEntry) SetCdxPropValue(v string) { + o.CdxPropValue = v +} + +type IExtension interface { +} + +type Extension struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/Extension" iri-compact:"extension_Extension"` + + Iri string `iri:"@id"` +} + +type CvssSeverityType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType" iri-compact:"security_CvssSeverityType"` + + Iri string `iri:"@id"` +} + +var ( + CvssSeverityType_Critical = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/critical"} + CvssSeverityType_High = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/high"} + CvssSeverityType_Low = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/low"} + CvssSeverityType_Medium = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/medium"} + CvssSeverityType_None = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/none"} +) + +type ExploitCatalogType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType" iri-compact:"security_ExploitCatalogType"` + + Iri string `iri:"@id"` +} + +var ( + ExploitCatalogType_Kev = ExploitCatalogType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/kev"} + ExploitCatalogType_Other = ExploitCatalogType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/other"} +) + +type SsvcDecisionType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType" iri-compact:"security_SsvcDecisionType"` + + Iri string `iri:"@id"` +} + +var ( + SsvcDecisionType_Act = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/act"} + SsvcDecisionType_Attend = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/attend"} + SsvcDecisionType_Track = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/track"} + SsvcDecisionType_TrackStar = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/trackStar"} +) + +type VexJustificationType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType" iri-compact:"security_VexJustificationType"` + + Iri string `iri:"@id"` +} + +var ( + VexJustificationType_ComponentNotPresent = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/componentNotPresent"} + VexJustificationType_InlineMitigationsAlreadyExist = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"} + VexJustificationType_VulnerableCodeCannotBeControlledByAdversary = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"} + VexJustificationType_VulnerableCodeNotInExecutePath = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"} + VexJustificationType_VulnerableCodeNotPresent = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotPresent"} +) + +type IVulnAssessmentRelationship interface { + IRelationship + + // GetSuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + GetSuppliedBy() IAgent + + SetSuppliedBy(IAgent) + + // GetAssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + GetAssessedElement() IElement + + SetAssessedElement(IElement) + + // GetModifiedTime specifies a time when a vulnerability assessment was modified + GetModifiedTime() string + + SetModifiedTime(string) + + // GetPublishedTime specifies the time when a vulnerability was published. + GetPublishedTime() string + + SetPublishedTime(string) + + // GetWithdrawnTime specified the time and date when a vulnerability was withdrawn. + GetWithdrawnTime() string + + SetWithdrawnTime(string) +} + +type VulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VulnAssessmentRelationship" iri-compact:"security_VulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` +} + +func (o *VulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *VulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *VulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *VulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *VulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *VulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *VulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *VulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *VulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *VulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *VulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *VulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *VulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *VulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *VulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *VulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *VulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *VulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *VulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *VulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *VulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *VulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *VulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *VulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *VulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *VulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *VulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *VulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *VulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *VulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +type IAnyLicenseInfo interface { + IElement +} + +type AnyLicenseInfo struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/AnyLicenseInfo" iri-compact:"simplelicensing_AnyLicenseInfo" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func (o *AnyLicenseInfo) GetSpdxId() string { + return o.SpdxId +} +func (o *AnyLicenseInfo) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *AnyLicenseInfo) GetComment() string { + return o.Comment +} +func (o *AnyLicenseInfo) SetComment(v string) { + o.Comment = v +} +func (o *AnyLicenseInfo) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *AnyLicenseInfo) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *AnyLicenseInfo) GetDescription() string { + return o.Description +} +func (o *AnyLicenseInfo) SetDescription(v string) { + o.Description = v +} +func (o *AnyLicenseInfo) GetExtensions() []IExtension { + return o.Extensions +} +func (o *AnyLicenseInfo) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *AnyLicenseInfo) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *AnyLicenseInfo) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *AnyLicenseInfo) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *AnyLicenseInfo) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *AnyLicenseInfo) GetName() string { + return o.Name +} +func (o *AnyLicenseInfo) SetName(v string) { + o.Name = v +} +func (o *AnyLicenseInfo) GetSummary() string { + return o.Summary +} +func (o *AnyLicenseInfo) SetSummary(v string) { + o.Summary = v +} +func (o *AnyLicenseInfo) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *AnyLicenseInfo) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type ILicenseExpression interface { + IAnyLicenseInfo + + // GetCustomIdToUri maps a LicenseRef or AdditionRef string for a Custom License or a Custom + // License Addition to its URI ID. + GetCustomIdToUri() []IDictionaryEntry + + SetCustomIdToUri(...IDictionaryEntry) + + // GetLicenseExpression a string in the license expression format. + GetLicenseExpression() string + + SetLicenseExpression(string) + + // GetLicenseListVersion the version of the SPDX License List used in the license expression. + GetLicenseListVersion() string + + SetLicenseListVersion(string) +} + +type LicenseExpression struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/LicenseExpression" iri-compact:"simplelicensing_LicenseExpression" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // CustomIdToUri maps a LicenseRef or AdditionRef string for a Custom License or a Custom + // License Addition to its URI ID. + CustomIdToUri []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/customIdToUri" iri-compact:"simplelicensing_customIdToUri"` + // LicenseExpression a string in the license expression format. + LicenseExpression string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseExpression" iri-compact:"simplelicensing_licenseExpression"` + // LicenseListVersion the version of the SPDX License List used in the license expression. + LicenseListVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseListVersion" iri-compact:"simplelicensing_licenseListVersion"` +} + +func NewLicenseExpression() ILicenseExpression { + return &LicenseExpression{} +} + +func (o *LicenseExpression) GetSpdxId() string { + return o.SpdxId +} +func (o *LicenseExpression) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *LicenseExpression) GetComment() string { + return o.Comment +} +func (o *LicenseExpression) SetComment(v string) { + o.Comment = v +} +func (o *LicenseExpression) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *LicenseExpression) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *LicenseExpression) GetDescription() string { + return o.Description +} +func (o *LicenseExpression) SetDescription(v string) { + o.Description = v +} +func (o *LicenseExpression) GetExtensions() []IExtension { + return o.Extensions +} +func (o *LicenseExpression) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *LicenseExpression) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *LicenseExpression) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *LicenseExpression) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *LicenseExpression) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *LicenseExpression) GetName() string { + return o.Name +} +func (o *LicenseExpression) SetName(v string) { + o.Name = v +} +func (o *LicenseExpression) GetSummary() string { + return o.Summary +} +func (o *LicenseExpression) SetSummary(v string) { + o.Summary = v +} +func (o *LicenseExpression) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *LicenseExpression) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *LicenseExpression) GetCustomIdToUri() []IDictionaryEntry { + return o.CustomIdToUri +} +func (o *LicenseExpression) SetCustomIdToUri(v ...IDictionaryEntry) { + o.CustomIdToUri = v +} +func (o *LicenseExpression) GetLicenseExpression() string { + return o.LicenseExpression +} +func (o *LicenseExpression) SetLicenseExpression(v string) { + o.LicenseExpression = v +} +func (o *LicenseExpression) GetLicenseListVersion() string { + return o.LicenseListVersion +} +func (o *LicenseExpression) SetLicenseListVersion(v string) { + o.LicenseListVersion = v +} + +type ISimpleLicensingText interface { + IElement + + // GetLicenseText identifies the full text of a License or Addition. + GetLicenseText() string + + SetLicenseText(string) +} + +type SimpleLicensingText struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/SimpleLicensingText" iri-compact:"simplelicensing_SimpleLicensingText" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // LicenseText identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +} + +func NewSimpleLicensingText() ISimpleLicensingText { + return &SimpleLicensingText{} +} + +func (o *SimpleLicensingText) GetSpdxId() string { + return o.SpdxId +} +func (o *SimpleLicensingText) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *SimpleLicensingText) GetComment() string { + return o.Comment +} +func (o *SimpleLicensingText) SetComment(v string) { + o.Comment = v +} +func (o *SimpleLicensingText) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *SimpleLicensingText) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *SimpleLicensingText) GetDescription() string { + return o.Description +} +func (o *SimpleLicensingText) SetDescription(v string) { + o.Description = v +} +func (o *SimpleLicensingText) GetExtensions() []IExtension { + return o.Extensions +} +func (o *SimpleLicensingText) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *SimpleLicensingText) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *SimpleLicensingText) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *SimpleLicensingText) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *SimpleLicensingText) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *SimpleLicensingText) GetName() string { + return o.Name +} +func (o *SimpleLicensingText) SetName(v string) { + o.Name = v +} +func (o *SimpleLicensingText) GetSummary() string { + return o.Summary +} +func (o *SimpleLicensingText) SetSummary(v string) { + o.Summary = v +} +func (o *SimpleLicensingText) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *SimpleLicensingText) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *SimpleLicensingText) GetLicenseText() string { + return o.LicenseText +} +func (o *SimpleLicensingText) SetLicenseText(v string) { + o.LicenseText = v +} + +type IContentIdentifier interface { + IIntegrityMethod + + // GetContentIdentifierType specifies the type of the content identifier. + GetContentIdentifierType() ContentIdentifierType + + SetContentIdentifierType(ContentIdentifierType) + + // GetContentIdentifierValue specifies the value of the content identifier. + GetContentIdentifierValue() string + + SetContentIdentifierValue(string) +} + +type ContentIdentifier struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifier" iri-compact:"software_ContentIdentifier"` + + Iri string `iri:"@id"` + + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + + // ContentIdentifierType specifies the type of the content identifier. + ContentIdentifierType ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifierType" iri-compact:"software_contentIdentifierType"` + // ContentIdentifierValue specifies the value of the content identifier. + ContentIdentifierValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifierValue" iri-compact:"software_contentIdentifierValue"` +} + +func NewContentIdentifier() IContentIdentifier { + return &ContentIdentifier{} +} + +func (o *ContentIdentifier) GetComment() string { + return o.Comment +} +func (o *ContentIdentifier) SetComment(v string) { + o.Comment = v +} + +func (o *ContentIdentifier) GetContentIdentifierType() ContentIdentifierType { + return o.ContentIdentifierType +} +func (o *ContentIdentifier) SetContentIdentifierType(v ContentIdentifierType) { + o.ContentIdentifierType = v +} +func (o *ContentIdentifier) GetContentIdentifierValue() string { + return o.ContentIdentifierValue +} +func (o *ContentIdentifier) SetContentIdentifierValue(v string) { + o.ContentIdentifierValue = v +} + +type ContentIdentifierType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType" iri-compact:"software_ContentIdentifierType"` + + Iri string `iri:"@id"` +} + +var ( + ContentIdentifierType_Gitoid = ContentIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/gitoid"} + ContentIdentifierType_Swhid = ContentIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/swhid"} +) + +type FileKindType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/FileKindType" iri-compact:"software_FileKindType"` + + Iri string `iri:"@id"` +} + +var ( + FileKindType_Directory = FileKindType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/directory"} + FileKindType_File = FileKindType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/file"} +) + +type SbomType struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/SbomType" iri-compact:"software_SbomType"` + + Iri string `iri:"@id"` +} + +var ( + SbomType_Analyzed = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/analyzed"} + SbomType_Build = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/build"} + SbomType_Deployed = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/deployed"} + SbomType_Design = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/design"} + SbomType_Runtime = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/runtime"} + SbomType_Source = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/source"} +) + +type SoftwarePurpose struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose" iri-compact:"software_SoftwarePurpose"` + + Iri string `iri:"@id"` +} + +var ( + SoftwarePurpose_Application = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/application"} + SoftwarePurpose_Archive = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/archive"} + SoftwarePurpose_Bom = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/bom"} + SoftwarePurpose_Configuration = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/configuration"} + SoftwarePurpose_Container = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/container"} + SoftwarePurpose_Data = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/data"} + SoftwarePurpose_Device = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/device"} + SoftwarePurpose_DeviceDriver = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/deviceDriver"} + SoftwarePurpose_DiskImage = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/diskImage"} + SoftwarePurpose_Documentation = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/documentation"} + SoftwarePurpose_Evidence = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/evidence"} + SoftwarePurpose_Executable = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/executable"} + SoftwarePurpose_File = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/file"} + SoftwarePurpose_FilesystemImage = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/filesystemImage"} + SoftwarePurpose_Firmware = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/firmware"} + SoftwarePurpose_Framework = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/framework"} + SoftwarePurpose_Install = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/install"} + SoftwarePurpose_Library = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/library"} + SoftwarePurpose_Manifest = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/manifest"} + SoftwarePurpose_Model = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/model"} + SoftwarePurpose_Module = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/module"} + SoftwarePurpose_OperatingSystem = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/operatingSystem"} + SoftwarePurpose_Other = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/other"} + SoftwarePurpose_Patch = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/patch"} + SoftwarePurpose_Platform = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/platform"} + SoftwarePurpose_Requirement = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/requirement"} + SoftwarePurpose_Source = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/source"} + SoftwarePurpose_Specification = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/specification"} + SoftwarePurpose_Test = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/test"} +) + +type IBuild interface { + IElement + + // GetBuildEndTime property that describes the time at which a build stops. + GetBuildEndTime() string + + SetBuildEndTime(string) + + // GetBuildId a buildId is a locally unique identifier used by a builder to identify a unique + // instance of a build produced by it. + GetBuildId() string + + SetBuildId(string) + + // GetBuildStartTime property describing the start time of a build. + GetBuildStartTime() string + + SetBuildStartTime(string) + + // GetBuildType a buildType is a hint that is used to indicate the toolchain, platform, or + // infrastructure that the build was invoked on. + GetBuildType() string + + SetBuildType(string) + + // GetConfigSourceDigest property that describes the digest of the build configuration file used to + // invoke a build. + GetConfigSourceDigest() []IHash + + SetConfigSourceDigest(...IHash) + + // GetConfigSourceEntrypoint property describes the invocation entrypoint of a build. + GetConfigSourceEntrypoint() []string + + SetConfigSourceEntrypoint(...string) + + // GetConfigSourceUri property that describes the URI of the build configuration source file. + GetConfigSourceUri() []string + + SetConfigSourceUri(...string) + + // GetEnvironment property describing the session in which a build is invoked. + GetEnvironment() []IDictionaryEntry + + SetEnvironment(...IDictionaryEntry) + + // GetParameters property describing the parameters used in an instance of a build. + GetParameters() []IDictionaryEntry + + SetParameters(...IDictionaryEntry) +} + +type Build struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Build/Build" iri-compact:"build_Build" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuildEndTime property that describes the time at which a build stops. + BuildEndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildEndTime" iri-compact:"build_buildEndTime"` + // BuildId a buildId is a locally unique identifier used by a builder to identify a unique + // instance of a build produced by it. + BuildId string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildId" iri-compact:"build_buildId"` + // BuildStartTime property describing the start time of a build. + BuildStartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildStartTime" iri-compact:"build_buildStartTime"` + // BuildType a buildType is a hint that is used to indicate the toolchain, platform, or + // infrastructure that the build was invoked on. + BuildType string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildType" iri-compact:"build_buildType"` + // ConfigSourceDigest property that describes the digest of the build configuration file used to + // invoke a build. + ConfigSourceDigest []IHash `iri:"https://spdx.org/rdf/3.0.0/terms/Build/configSourceDigest" iri-compact:"build_configSourceDigest"` + // ConfigSourceEntrypoint property describes the invocation entrypoint of a build. + ConfigSourceEntrypoint []string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/configSourceEntrypoint" iri-compact:"build_configSourceEntrypoint"` + // ConfigSourceUri property that describes the URI of the build configuration source file. + ConfigSourceUri []string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/configSourceUri" iri-compact:"build_configSourceUri"` + // Environment property describing the session in which a build is invoked. + Environment []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Build/environment" iri-compact:"build_environment"` + // Parameters property describing the parameters used in an instance of a build. + Parameters []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Build/parameters" iri-compact:"build_parameters"` +} + +func NewBuild() IBuild { + return &Build{} +} + +func (o *Build) GetSpdxId() string { + return o.SpdxId +} +func (o *Build) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Build) GetComment() string { + return o.Comment +} +func (o *Build) SetComment(v string) { + o.Comment = v +} +func (o *Build) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Build) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Build) GetDescription() string { + return o.Description +} +func (o *Build) SetDescription(v string) { + o.Description = v +} +func (o *Build) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Build) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Build) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Build) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Build) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Build) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Build) GetName() string { + return o.Name +} +func (o *Build) SetName(v string) { + o.Name = v +} +func (o *Build) GetSummary() string { + return o.Summary +} +func (o *Build) SetSummary(v string) { + o.Summary = v +} +func (o *Build) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Build) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Build) GetBuildEndTime() string { + return o.BuildEndTime +} +func (o *Build) SetBuildEndTime(v string) { + o.BuildEndTime = v +} +func (o *Build) GetBuildId() string { + return o.BuildId +} +func (o *Build) SetBuildId(v string) { + o.BuildId = v +} +func (o *Build) GetBuildStartTime() string { + return o.BuildStartTime +} +func (o *Build) SetBuildStartTime(v string) { + o.BuildStartTime = v +} +func (o *Build) GetBuildType() string { + return o.BuildType +} +func (o *Build) SetBuildType(v string) { + o.BuildType = v +} +func (o *Build) GetConfigSourceDigest() []IHash { + return o.ConfigSourceDigest +} +func (o *Build) SetConfigSourceDigest(v ...IHash) { + o.ConfigSourceDigest = v +} +func (o *Build) GetConfigSourceEntrypoint() []string { + return o.ConfigSourceEntrypoint +} +func (o *Build) SetConfigSourceEntrypoint(v ...string) { + o.ConfigSourceEntrypoint = v +} +func (o *Build) GetConfigSourceUri() []string { + return o.ConfigSourceUri +} +func (o *Build) SetConfigSourceUri(v ...string) { + o.ConfigSourceUri = v +} +func (o *Build) GetEnvironment() []IDictionaryEntry { + return o.Environment +} +func (o *Build) SetEnvironment(v ...IDictionaryEntry) { + o.Environment = v +} +func (o *Build) GetParameters() []IDictionaryEntry { + return o.Parameters +} +func (o *Build) SetParameters(v ...IDictionaryEntry) { + o.Parameters = v +} + +type IAgent interface { + IElement +} + +type Agent struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Agent" iri-compact:"Agent" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func NewAgent() IAgent { + return &Agent{} +} + +func (o *Agent) GetSpdxId() string { + return o.SpdxId +} +func (o *Agent) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Agent) GetComment() string { + return o.Comment +} +func (o *Agent) SetComment(v string) { + o.Comment = v +} +func (o *Agent) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Agent) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Agent) GetDescription() string { + return o.Description +} +func (o *Agent) SetDescription(v string) { + o.Description = v +} +func (o *Agent) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Agent) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Agent) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Agent) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Agent) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Agent) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Agent) GetName() string { + return o.Name +} +func (o *Agent) SetName(v string) { + o.Name = v +} +func (o *Agent) GetSummary() string { + return o.Summary +} +func (o *Agent) SetSummary(v string) { + o.Summary = v +} +func (o *Agent) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Agent) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type IAnnotation interface { + IElement + + // GetAnnotationType describes the type of annotation. + GetAnnotationType() AnnotationType + + SetAnnotationType(AnnotationType) + + // GetContentType specifies the media type of an Element or Property. + GetContentType() string + + SetContentType(string) + + // GetStatement commentary on an assertion that an annotator has made. + GetStatement() string + + SetStatement(string) + + // GetSubject an Element an annotator has made an assertion about. + GetSubject() IElement + + SetSubject(IElement) +} + +type Annotation struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Annotation" iri-compact:"Annotation" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // AnnotationType describes the type of annotation. + AnnotationType AnnotationType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/annotationType" iri-compact:"annotationType"` + // ContentType specifies the media type of an Element or Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/contentType" iri-compact:"contentType"` + // Statement commentary on an assertion that an annotator has made. + Statement string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/statement" iri-compact:"statement"` + // Subject an Element an annotator has made an assertion about. + Subject IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/subject" iri-compact:"subject"` +} + +func NewAnnotation() IAnnotation { + return &Annotation{} +} + +func (o *Annotation) GetSpdxId() string { + return o.SpdxId +} +func (o *Annotation) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Annotation) GetComment() string { + return o.Comment +} +func (o *Annotation) SetComment(v string) { + o.Comment = v +} +func (o *Annotation) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Annotation) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Annotation) GetDescription() string { + return o.Description +} +func (o *Annotation) SetDescription(v string) { + o.Description = v +} +func (o *Annotation) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Annotation) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Annotation) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Annotation) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Annotation) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Annotation) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Annotation) GetName() string { + return o.Name +} +func (o *Annotation) SetName(v string) { + o.Name = v +} +func (o *Annotation) GetSummary() string { + return o.Summary +} +func (o *Annotation) SetSummary(v string) { + o.Summary = v +} +func (o *Annotation) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Annotation) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Annotation) GetAnnotationType() AnnotationType { + return o.AnnotationType +} +func (o *Annotation) SetAnnotationType(v AnnotationType) { + o.AnnotationType = v +} +func (o *Annotation) GetContentType() string { + return o.ContentType +} +func (o *Annotation) SetContentType(v string) { + o.ContentType = v +} +func (o *Annotation) GetStatement() string { + return o.Statement +} +func (o *Annotation) SetStatement(v string) { + o.Statement = v +} +func (o *Annotation) GetSubject() IElement { + return o.Subject +} +func (o *Annotation) SetSubject(v IElement) { + o.Subject = v +} + +type IArtifact interface { + IElement + + // GetBuiltTime specifies the time an artifact was built. + GetBuiltTime() string + + SetBuiltTime(string) + + // GetOriginatedBy identifies from where or whom the Element originally came. + GetOriginatedBy() []IAgent + + SetOriginatedBy(...IAgent) + + // GetReleaseTime specifies the time an artifact was released. + GetReleaseTime() string + + SetReleaseTime(string) + + // GetStandardName the name of a relevant standard that may apply to an artifact. + GetStandardName() []string + + SetStandardName(...string) + + // GetSuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + GetSuppliedBy() IAgent + + SetSuppliedBy(IAgent) + + // GetSupportLevel specifies the level of support associated with an artifact. + GetSupportLevel() []SupportType + + SetSupportLevel(...SupportType) + + // GetValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + GetValidUntilTime() string + + SetValidUntilTime(string) +} + +type Artifact struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Artifact" iri-compact:"Artifact" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` +} + +func (o *Artifact) GetSpdxId() string { + return o.SpdxId +} +func (o *Artifact) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Artifact) GetComment() string { + return o.Comment +} +func (o *Artifact) SetComment(v string) { + o.Comment = v +} +func (o *Artifact) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Artifact) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Artifact) GetDescription() string { + return o.Description +} +func (o *Artifact) SetDescription(v string) { + o.Description = v +} +func (o *Artifact) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Artifact) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Artifact) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Artifact) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Artifact) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Artifact) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Artifact) GetName() string { + return o.Name +} +func (o *Artifact) SetName(v string) { + o.Name = v +} +func (o *Artifact) GetSummary() string { + return o.Summary +} +func (o *Artifact) SetSummary(v string) { + o.Summary = v +} +func (o *Artifact) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Artifact) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Artifact) GetBuiltTime() string { + return o.BuiltTime +} +func (o *Artifact) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *Artifact) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *Artifact) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *Artifact) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *Artifact) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *Artifact) GetStandardName() []string { + return o.StandardName +} +func (o *Artifact) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *Artifact) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *Artifact) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *Artifact) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *Artifact) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *Artifact) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *Artifact) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +type IBundle interface { + IElementCollection + + // GetContext gives information about the circumstances or unifying properties + // that Elements of the bundle have been assembled under. + GetContext() string + + SetContext(string) +} + +type Bundle struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Bundle" iri-compact:"Bundle" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Elements refers to one or more Elements that are part of an ElementCollection. + Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` + // ProfileConformance describes one a profile which the creator of this ElementCollection intends to + // conform to. + ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` + // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` + + // Context gives information about the circumstances or unifying properties + // that Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/context" iri-compact:"context"` +} + +func NewBundle() IBundle { + return &Bundle{} +} + +func (o *Bundle) GetSpdxId() string { + return o.SpdxId +} +func (o *Bundle) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Bundle) GetComment() string { + return o.Comment +} +func (o *Bundle) SetComment(v string) { + o.Comment = v +} +func (o *Bundle) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Bundle) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Bundle) GetDescription() string { + return o.Description +} +func (o *Bundle) SetDescription(v string) { + o.Description = v +} +func (o *Bundle) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Bundle) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Bundle) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Bundle) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Bundle) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Bundle) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Bundle) GetName() string { + return o.Name +} +func (o *Bundle) SetName(v string) { + o.Name = v +} +func (o *Bundle) GetSummary() string { + return o.Summary +} +func (o *Bundle) SetSummary(v string) { + o.Summary = v +} +func (o *Bundle) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Bundle) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Bundle) GetElements() []IElement { + return o.Elements +} +func (o *Bundle) SetElements(v ...IElement) { + o.Elements = v +} +func (o *Bundle) GetProfileConformance() []ProfileIdentifierType { + return o.ProfileConformance +} +func (o *Bundle) SetProfileConformance(v ...ProfileIdentifierType) { + o.ProfileConformance = v +} +func (o *Bundle) GetRootElements() []IElement { + return o.RootElements +} +func (o *Bundle) SetRootElements(v ...IElement) { + o.RootElements = v +} + +func (o *Bundle) GetContext() string { + return o.Context +} +func (o *Bundle) SetContext(v string) { + o.Context = v +} + +type IHash interface { + IIntegrityMethod + + // GetAlgorithm specifies the algorithm used for calculating the hash value. + GetAlgorithm() HashAlgorithm + + SetAlgorithm(HashAlgorithm) + + // GetHashValue the result of applying a hash algorithm to an Element. + GetHashValue() string + + SetHashValue(string) +} + +type Hash struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Hash" iri-compact:"Hash"` + + Iri string `iri:"@id"` + + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + + // Algorithm specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.0/terms/Core/algorithm" iri-compact:"algorithm"` + // HashValue the result of applying a hash algorithm to an Element. + HashValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/hashValue" iri-compact:"hashValue"` +} + +func NewHash() IHash { + return &Hash{} +} + +func (o *Hash) GetComment() string { + return o.Comment +} +func (o *Hash) SetComment(v string) { + o.Comment = v +} + +func (o *Hash) GetAlgorithm() HashAlgorithm { + return o.Algorithm +} +func (o *Hash) SetAlgorithm(v HashAlgorithm) { + o.Algorithm = v +} +func (o *Hash) GetHashValue() string { + return o.HashValue +} +func (o *Hash) SetHashValue(v string) { + o.HashValue = v +} + +type ILifecycleScopedRelationship interface { + IRelationship + + // GetScope capture the scope of information about a specific relationship between elements. + GetScope() LifecycleScopeType + + SetScope(LifecycleScopeType) +} + +type LifecycleScopedRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopedRelationship" iri-compact:"LifecycleScopedRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // Scope capture the scope of information about a specific relationship between elements. + Scope LifecycleScopeType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/scope" iri-compact:"scope"` +} + +func NewLifecycleScopedRelationship() ILifecycleScopedRelationship { + return &LifecycleScopedRelationship{} +} + +func (o *LifecycleScopedRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *LifecycleScopedRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *LifecycleScopedRelationship) GetComment() string { + return o.Comment +} +func (o *LifecycleScopedRelationship) SetComment(v string) { + o.Comment = v +} +func (o *LifecycleScopedRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *LifecycleScopedRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *LifecycleScopedRelationship) GetDescription() string { + return o.Description +} +func (o *LifecycleScopedRelationship) SetDescription(v string) { + o.Description = v +} +func (o *LifecycleScopedRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *LifecycleScopedRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *LifecycleScopedRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *LifecycleScopedRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *LifecycleScopedRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *LifecycleScopedRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *LifecycleScopedRelationship) GetName() string { + return o.Name +} +func (o *LifecycleScopedRelationship) SetName(v string) { + o.Name = v +} +func (o *LifecycleScopedRelationship) GetSummary() string { + return o.Summary +} +func (o *LifecycleScopedRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *LifecycleScopedRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *LifecycleScopedRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *LifecycleScopedRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *LifecycleScopedRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *LifecycleScopedRelationship) GetEndTime() string { + return o.EndTime +} +func (o *LifecycleScopedRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *LifecycleScopedRelationship) GetFrom() IElement { + return o.From +} +func (o *LifecycleScopedRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *LifecycleScopedRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *LifecycleScopedRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *LifecycleScopedRelationship) GetStartTime() string { + return o.StartTime +} +func (o *LifecycleScopedRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *LifecycleScopedRelationship) GetTo() []IElement { + return o.To +} +func (o *LifecycleScopedRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *LifecycleScopedRelationship) GetScope() LifecycleScopeType { + return o.Scope +} +func (o *LifecycleScopedRelationship) SetScope(v LifecycleScopeType) { + o.Scope = v +} + +type IOrganization interface { + IAgent +} + +type Organization struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Organization" iri-compact:"Organization" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func NewOrganization() IOrganization { + return &Organization{} +} + +func (o *Organization) GetSpdxId() string { + return o.SpdxId +} +func (o *Organization) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Organization) GetComment() string { + return o.Comment +} +func (o *Organization) SetComment(v string) { + o.Comment = v +} +func (o *Organization) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Organization) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Organization) GetDescription() string { + return o.Description +} +func (o *Organization) SetDescription(v string) { + o.Description = v +} +func (o *Organization) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Organization) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Organization) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Organization) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Organization) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Organization) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Organization) GetName() string { + return o.Name +} +func (o *Organization) SetName(v string) { + o.Name = v +} +func (o *Organization) GetSummary() string { + return o.Summary +} +func (o *Organization) SetSummary(v string) { + o.Summary = v +} +func (o *Organization) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Organization) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type IPerson interface { + IAgent +} + +type Person struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Person" iri-compact:"Person" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func NewPerson() IPerson { + return &Person{} +} + +func (o *Person) GetSpdxId() string { + return o.SpdxId +} +func (o *Person) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Person) GetComment() string { + return o.Comment +} +func (o *Person) SetComment(v string) { + o.Comment = v +} +func (o *Person) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Person) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Person) GetDescription() string { + return o.Description +} +func (o *Person) SetDescription(v string) { + o.Description = v +} +func (o *Person) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Person) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Person) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Person) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Person) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Person) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Person) GetName() string { + return o.Name +} +func (o *Person) SetName(v string) { + o.Name = v +} +func (o *Person) GetSummary() string { + return o.Summary +} +func (o *Person) SetSummary(v string) { + o.Summary = v +} +func (o *Person) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Person) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type ISoftwareAgent interface { + IAgent +} + +type SoftwareAgent struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/SoftwareAgent" iri-compact:"SoftwareAgent" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func NewSoftwareAgent() ISoftwareAgent { + return &SoftwareAgent{} +} + +func (o *SoftwareAgent) GetSpdxId() string { + return o.SpdxId +} +func (o *SoftwareAgent) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *SoftwareAgent) GetComment() string { + return o.Comment +} +func (o *SoftwareAgent) SetComment(v string) { + o.Comment = v +} +func (o *SoftwareAgent) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *SoftwareAgent) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *SoftwareAgent) GetDescription() string { + return o.Description +} +func (o *SoftwareAgent) SetDescription(v string) { + o.Description = v +} +func (o *SoftwareAgent) GetExtensions() []IExtension { + return o.Extensions +} +func (o *SoftwareAgent) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *SoftwareAgent) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *SoftwareAgent) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *SoftwareAgent) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *SoftwareAgent) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *SoftwareAgent) GetName() string { + return o.Name +} +func (o *SoftwareAgent) SetName(v string) { + o.Name = v +} +func (o *SoftwareAgent) GetSummary() string { + return o.Summary +} +func (o *SoftwareAgent) SetSummary(v string) { + o.Summary = v +} +func (o *SoftwareAgent) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *SoftwareAgent) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type IConjunctiveLicenseSet interface { + IAnyLicenseInfo + + // GetMember a license expression participating in a license set. + GetMember() []IAnyLicenseInfo + + SetMember(...IAnyLicenseInfo) +} + +type ConjunctiveLicenseSet struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ConjunctiveLicenseSet" iri-compact:"expandedlicensing_ConjunctiveLicenseSet" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Member a license expression participating in a license set. + Member []IAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` +} + +func NewConjunctiveLicenseSet() IConjunctiveLicenseSet { + return &ConjunctiveLicenseSet{} +} + +func (o *ConjunctiveLicenseSet) GetSpdxId() string { + return o.SpdxId +} +func (o *ConjunctiveLicenseSet) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *ConjunctiveLicenseSet) GetComment() string { + return o.Comment +} +func (o *ConjunctiveLicenseSet) SetComment(v string) { + o.Comment = v +} +func (o *ConjunctiveLicenseSet) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *ConjunctiveLicenseSet) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *ConjunctiveLicenseSet) GetDescription() string { + return o.Description +} +func (o *ConjunctiveLicenseSet) SetDescription(v string) { + o.Description = v +} +func (o *ConjunctiveLicenseSet) GetExtensions() []IExtension { + return o.Extensions +} +func (o *ConjunctiveLicenseSet) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *ConjunctiveLicenseSet) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *ConjunctiveLicenseSet) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *ConjunctiveLicenseSet) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *ConjunctiveLicenseSet) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *ConjunctiveLicenseSet) GetName() string { + return o.Name +} +func (o *ConjunctiveLicenseSet) SetName(v string) { + o.Name = v +} +func (o *ConjunctiveLicenseSet) GetSummary() string { + return o.Summary +} +func (o *ConjunctiveLicenseSet) SetSummary(v string) { + o.Summary = v +} +func (o *ConjunctiveLicenseSet) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *ConjunctiveLicenseSet) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *ConjunctiveLicenseSet) GetMember() []IAnyLicenseInfo { + return o.Member +} +func (o *ConjunctiveLicenseSet) SetMember(v ...IAnyLicenseInfo) { + o.Member = v +} + +type ICustomLicenseAddition interface { + ILicenseAddition +} + +type CustomLicenseAddition struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/CustomLicenseAddition" iri-compact:"expandedlicensing_CustomLicenseAddition" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // AdditionText identifies the full text of a LicenseAddition. + AdditionText string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` + // IsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` + // LicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` + // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` + // SeeAlso contains a URL where the License or LicenseAddition can be found in use. + SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` + // StandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. + StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` +} + +func NewCustomLicenseAddition() ICustomLicenseAddition { + return &CustomLicenseAddition{} +} + +func (o *CustomLicenseAddition) GetSpdxId() string { + return o.SpdxId +} +func (o *CustomLicenseAddition) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *CustomLicenseAddition) GetComment() string { + return o.Comment +} +func (o *CustomLicenseAddition) SetComment(v string) { + o.Comment = v +} +func (o *CustomLicenseAddition) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *CustomLicenseAddition) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *CustomLicenseAddition) GetDescription() string { + return o.Description +} +func (o *CustomLicenseAddition) SetDescription(v string) { + o.Description = v +} +func (o *CustomLicenseAddition) GetExtensions() []IExtension { + return o.Extensions +} +func (o *CustomLicenseAddition) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *CustomLicenseAddition) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *CustomLicenseAddition) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *CustomLicenseAddition) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *CustomLicenseAddition) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *CustomLicenseAddition) GetName() string { + return o.Name +} +func (o *CustomLicenseAddition) SetName(v string) { + o.Name = v +} +func (o *CustomLicenseAddition) GetSummary() string { + return o.Summary +} +func (o *CustomLicenseAddition) SetSummary(v string) { + o.Summary = v +} +func (o *CustomLicenseAddition) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *CustomLicenseAddition) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *CustomLicenseAddition) GetAdditionText() string { + return o.AdditionText +} +func (o *CustomLicenseAddition) SetAdditionText(v string) { + o.AdditionText = v +} +func (o *CustomLicenseAddition) GetIsDeprecatedAdditionId() bool { + return o.IsDeprecatedAdditionId +} +func (o *CustomLicenseAddition) SetIsDeprecatedAdditionId(v bool) { + o.IsDeprecatedAdditionId = v +} +func (o *CustomLicenseAddition) GetLicenseXml() string { + return o.LicenseXml +} +func (o *CustomLicenseAddition) SetLicenseXml(v string) { + o.LicenseXml = v +} +func (o *CustomLicenseAddition) GetObsoletedBy() string { + return o.ObsoletedBy +} +func (o *CustomLicenseAddition) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} +func (o *CustomLicenseAddition) GetSeeAlso() []string { + return o.SeeAlso +} +func (o *CustomLicenseAddition) SetSeeAlso(v ...string) { + o.SeeAlso = v +} +func (o *CustomLicenseAddition) GetStandardAdditionTemplate() string { + return o.StandardAdditionTemplate +} +func (o *CustomLicenseAddition) SetStandardAdditionTemplate(v string) { + o.StandardAdditionTemplate = v +} + +type IDisjunctiveLicenseSet interface { + IAnyLicenseInfo + + // GetMember a license expression participating in a license set. + GetMember() []IAnyLicenseInfo + + SetMember(...IAnyLicenseInfo) +} + +type DisjunctiveLicenseSet struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/DisjunctiveLicenseSet" iri-compact:"expandedlicensing_DisjunctiveLicenseSet" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Member a license expression participating in a license set. + Member []IAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` +} + +func NewDisjunctiveLicenseSet() IDisjunctiveLicenseSet { + return &DisjunctiveLicenseSet{} +} + +func (o *DisjunctiveLicenseSet) GetSpdxId() string { + return o.SpdxId +} +func (o *DisjunctiveLicenseSet) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *DisjunctiveLicenseSet) GetComment() string { + return o.Comment +} +func (o *DisjunctiveLicenseSet) SetComment(v string) { + o.Comment = v +} +func (o *DisjunctiveLicenseSet) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *DisjunctiveLicenseSet) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *DisjunctiveLicenseSet) GetDescription() string { + return o.Description +} +func (o *DisjunctiveLicenseSet) SetDescription(v string) { + o.Description = v +} +func (o *DisjunctiveLicenseSet) GetExtensions() []IExtension { + return o.Extensions +} +func (o *DisjunctiveLicenseSet) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *DisjunctiveLicenseSet) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *DisjunctiveLicenseSet) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *DisjunctiveLicenseSet) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *DisjunctiveLicenseSet) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *DisjunctiveLicenseSet) GetName() string { + return o.Name +} +func (o *DisjunctiveLicenseSet) SetName(v string) { + o.Name = v +} +func (o *DisjunctiveLicenseSet) GetSummary() string { + return o.Summary +} +func (o *DisjunctiveLicenseSet) SetSummary(v string) { + o.Summary = v +} +func (o *DisjunctiveLicenseSet) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *DisjunctiveLicenseSet) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *DisjunctiveLicenseSet) GetMember() []IAnyLicenseInfo { + return o.Member +} +func (o *DisjunctiveLicenseSet) SetMember(v ...IAnyLicenseInfo) { + o.Member = v +} + +type IExtendableLicense interface { + IAnyLicenseInfo +} + +type ExtendableLicense struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ExtendableLicense" iri-compact:"expandedlicensing_ExtendableLicense" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func (o *ExtendableLicense) GetSpdxId() string { + return o.SpdxId +} +func (o *ExtendableLicense) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *ExtendableLicense) GetComment() string { + return o.Comment +} +func (o *ExtendableLicense) SetComment(v string) { + o.Comment = v +} +func (o *ExtendableLicense) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *ExtendableLicense) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *ExtendableLicense) GetDescription() string { + return o.Description +} +func (o *ExtendableLicense) SetDescription(v string) { + o.Description = v +} +func (o *ExtendableLicense) GetExtensions() []IExtension { + return o.Extensions +} +func (o *ExtendableLicense) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *ExtendableLicense) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *ExtendableLicense) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *ExtendableLicense) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *ExtendableLicense) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *ExtendableLicense) GetName() string { + return o.Name +} +func (o *ExtendableLicense) SetName(v string) { + o.Name = v +} +func (o *ExtendableLicense) GetSummary() string { + return o.Summary +} +func (o *ExtendableLicense) SetSummary(v string) { + o.Summary = v +} +func (o *ExtendableLicense) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *ExtendableLicense) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type IIndividualLicensingInfo interface { + IAnyLicenseInfo +} + +type IndividualLicensingInfo struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/IndividualLicensingInfo" iri-compact:"expandedlicensing_IndividualLicensingInfo" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +} + +func NewIndividualLicensingInfo() IIndividualLicensingInfo { + return &IndividualLicensingInfo{} +} + +func (o *IndividualLicensingInfo) GetSpdxId() string { + return o.SpdxId +} +func (o *IndividualLicensingInfo) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *IndividualLicensingInfo) GetComment() string { + return o.Comment +} +func (o *IndividualLicensingInfo) SetComment(v string) { + o.Comment = v +} +func (o *IndividualLicensingInfo) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *IndividualLicensingInfo) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *IndividualLicensingInfo) GetDescription() string { + return o.Description +} +func (o *IndividualLicensingInfo) SetDescription(v string) { + o.Description = v +} +func (o *IndividualLicensingInfo) GetExtensions() []IExtension { + return o.Extensions +} +func (o *IndividualLicensingInfo) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *IndividualLicensingInfo) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *IndividualLicensingInfo) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *IndividualLicensingInfo) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *IndividualLicensingInfo) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *IndividualLicensingInfo) GetName() string { + return o.Name +} +func (o *IndividualLicensingInfo) SetName(v string) { + o.Name = v +} +func (o *IndividualLicensingInfo) GetSummary() string { + return o.Summary +} +func (o *IndividualLicensingInfo) SetSummary(v string) { + o.Summary = v +} +func (o *IndividualLicensingInfo) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *IndividualLicensingInfo) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +type ILicense interface { + IExtendableLicense + + // GetIsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as + // deprecated. + GetIsDeprecatedLicenseId() bool + + SetIsDeprecatedLicenseId(bool) + + // GetIsFsfLibre specifies whether the License is listed as free by the + // [Free Software Foundation (FSF)](https://fsf.org). + GetIsFsfLibre() bool + + SetIsFsfLibre(bool) + + // GetIsOsiApproved specifies whether the License is listed as approved by the + // [Open Source Initiative (OSI)](https://opensource.org). + GetIsOsiApproved() bool + + SetIsOsiApproved(bool) + + // GetLicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + GetLicenseXml() string + + SetLicenseXml(string) + + // GetObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + GetObsoletedBy() string + + SetObsoletedBy(string) + + // GetSeeAlso contains a URL where the License or LicenseAddition can be found in use. + GetSeeAlso() []string + + SetSeeAlso(...string) + + // GetStandardLicenseHeader provides a License author's preferred text to indicate that a file is covered + // by the License. + GetStandardLicenseHeader() string + + SetStandardLicenseHeader(string) + + // GetStandardLicenseTemplate identifies the full text of a License, in SPDX templating format. + GetStandardLicenseTemplate() string + + SetStandardLicenseTemplate(string) + + // GetLicenseText identifies the full text of a License or Addition. + GetLicenseText() string + + SetLicenseText(string) +} + +type License struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/License" iri-compact:"expandedlicensing_License" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // IsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as + // deprecated. + IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` + // IsFsfLibre specifies whether the License is listed as free by the + // [Free Software Foundation (FSF)](https://fsf.org). + IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` + // IsOsiApproved specifies whether the License is listed as approved by the + // [Open Source Initiative (OSI)](https://opensource.org). + IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` + // LicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` + // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` + // SeeAlso contains a URL where the License or LicenseAddition can be found in use. + SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` + // StandardLicenseHeader provides a License author's preferred text to indicate that a file is covered + // by the License. + StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` + // StandardLicenseTemplate identifies the full text of a License, in SPDX templating format. + StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` + // LicenseText identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +} + +func (o *License) GetSpdxId() string { + return o.SpdxId +} +func (o *License) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *License) GetComment() string { + return o.Comment +} +func (o *License) SetComment(v string) { + o.Comment = v +} +func (o *License) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *License) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *License) GetDescription() string { + return o.Description +} +func (o *License) SetDescription(v string) { + o.Description = v +} +func (o *License) GetExtensions() []IExtension { + return o.Extensions +} +func (o *License) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *License) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *License) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *License) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *License) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *License) GetName() string { + return o.Name +} +func (o *License) SetName(v string) { + o.Name = v +} +func (o *License) GetSummary() string { + return o.Summary +} +func (o *License) SetSummary(v string) { + o.Summary = v +} +func (o *License) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *License) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *License) GetIsDeprecatedLicenseId() bool { + return o.IsDeprecatedLicenseId +} +func (o *License) SetIsDeprecatedLicenseId(v bool) { + o.IsDeprecatedLicenseId = v +} +func (o *License) GetIsFsfLibre() bool { + return o.IsFsfLibre +} +func (o *License) SetIsFsfLibre(v bool) { + o.IsFsfLibre = v +} +func (o *License) GetIsOsiApproved() bool { + return o.IsOsiApproved +} +func (o *License) SetIsOsiApproved(v bool) { + o.IsOsiApproved = v +} +func (o *License) GetLicenseXml() string { + return o.LicenseXml +} +func (o *License) SetLicenseXml(v string) { + o.LicenseXml = v +} +func (o *License) GetObsoletedBy() string { + return o.ObsoletedBy +} +func (o *License) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} +func (o *License) GetSeeAlso() []string { + return o.SeeAlso +} +func (o *License) SetSeeAlso(v ...string) { + o.SeeAlso = v +} +func (o *License) GetStandardLicenseHeader() string { + return o.StandardLicenseHeader +} +func (o *License) SetStandardLicenseHeader(v string) { + o.StandardLicenseHeader = v +} +func (o *License) GetStandardLicenseTemplate() string { + return o.StandardLicenseTemplate +} +func (o *License) SetStandardLicenseTemplate(v string) { + o.StandardLicenseTemplate = v +} +func (o *License) GetLicenseText() string { + return o.LicenseText +} +func (o *License) SetLicenseText(v string) { + o.LicenseText = v +} + +type IListedLicense interface { + ILicense + + // GetDeprecatedVersion specifies the SPDX License List version in which this license or exception + // identifier was deprecated. + GetDeprecatedVersion() string + + SetDeprecatedVersion(string) + + // GetListVersionAdded specifies the SPDX License List version in which this ListedLicense or + // ListedLicenseException identifier was first added. + GetListVersionAdded() string + + SetListVersionAdded(string) +} + +type ListedLicense struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ListedLicense" iri-compact:"expandedlicensing_ListedLicense" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // IsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as + // deprecated. + IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` + // IsFsfLibre specifies whether the License is listed as free by the + // [Free Software Foundation (FSF)](https://fsf.org). + IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` + // IsOsiApproved specifies whether the License is listed as approved by the + // [Open Source Initiative (OSI)](https://opensource.org). + IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` + // LicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` + // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` + // SeeAlso contains a URL where the License or LicenseAddition can be found in use. + SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` + // StandardLicenseHeader provides a License author's preferred text to indicate that a file is covered + // by the License. + StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` + // StandardLicenseTemplate identifies the full text of a License, in SPDX templating format. + StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` + // LicenseText identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` + + // DeprecatedVersion specifies the SPDX License List version in which this license or exception + // identifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` + // ListVersionAdded specifies the SPDX License List version in which this ListedLicense or + // ListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` +} + +func NewListedLicense() IListedLicense { + return &ListedLicense{} +} + +func (o *ListedLicense) GetSpdxId() string { + return o.SpdxId +} +func (o *ListedLicense) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *ListedLicense) GetComment() string { + return o.Comment +} +func (o *ListedLicense) SetComment(v string) { + o.Comment = v +} +func (o *ListedLicense) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *ListedLicense) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *ListedLicense) GetDescription() string { + return o.Description +} +func (o *ListedLicense) SetDescription(v string) { + o.Description = v +} +func (o *ListedLicense) GetExtensions() []IExtension { + return o.Extensions +} +func (o *ListedLicense) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *ListedLicense) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *ListedLicense) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *ListedLicense) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *ListedLicense) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *ListedLicense) GetName() string { + return o.Name +} +func (o *ListedLicense) SetName(v string) { + o.Name = v +} +func (o *ListedLicense) GetSummary() string { + return o.Summary +} +func (o *ListedLicense) SetSummary(v string) { + o.Summary = v +} +func (o *ListedLicense) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *ListedLicense) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *ListedLicense) GetIsDeprecatedLicenseId() bool { + return o.IsDeprecatedLicenseId +} +func (o *ListedLicense) SetIsDeprecatedLicenseId(v bool) { + o.IsDeprecatedLicenseId = v +} +func (o *ListedLicense) GetIsFsfLibre() bool { + return o.IsFsfLibre +} +func (o *ListedLicense) SetIsFsfLibre(v bool) { + o.IsFsfLibre = v +} +func (o *ListedLicense) GetIsOsiApproved() bool { + return o.IsOsiApproved +} +func (o *ListedLicense) SetIsOsiApproved(v bool) { + o.IsOsiApproved = v +} +func (o *ListedLicense) GetLicenseXml() string { + return o.LicenseXml +} +func (o *ListedLicense) SetLicenseXml(v string) { + o.LicenseXml = v +} +func (o *ListedLicense) GetObsoletedBy() string { + return o.ObsoletedBy +} +func (o *ListedLicense) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} +func (o *ListedLicense) GetSeeAlso() []string { + return o.SeeAlso +} +func (o *ListedLicense) SetSeeAlso(v ...string) { + o.SeeAlso = v +} +func (o *ListedLicense) GetStandardLicenseHeader() string { + return o.StandardLicenseHeader +} +func (o *ListedLicense) SetStandardLicenseHeader(v string) { + o.StandardLicenseHeader = v +} +func (o *ListedLicense) GetStandardLicenseTemplate() string { + return o.StandardLicenseTemplate +} +func (o *ListedLicense) SetStandardLicenseTemplate(v string) { + o.StandardLicenseTemplate = v +} +func (o *ListedLicense) GetLicenseText() string { + return o.LicenseText +} +func (o *ListedLicense) SetLicenseText(v string) { + o.LicenseText = v +} + +func (o *ListedLicense) GetDeprecatedVersion() string { + return o.DeprecatedVersion +} +func (o *ListedLicense) SetDeprecatedVersion(v string) { + o.DeprecatedVersion = v +} +func (o *ListedLicense) GetListVersionAdded() string { + return o.ListVersionAdded +} +func (o *ListedLicense) SetListVersionAdded(v string) { + o.ListVersionAdded = v +} + +type IOrLaterOperator interface { + IExtendableLicense + + // GetSubjectLicense a License participating in an 'or later' model. + GetSubjectLicense() ILicense + + SetSubjectLicense(ILicense) +} + +type OrLaterOperator struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/OrLaterOperator" iri-compact:"expandedlicensing_OrLaterOperator" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // SubjectLicense a License participating in an 'or later' model. + SubjectLicense ILicense `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/subjectLicense" iri-compact:"expandedlicensing_subjectLicense"` +} + +func NewOrLaterOperator() IOrLaterOperator { + return &OrLaterOperator{} +} + +func (o *OrLaterOperator) GetSpdxId() string { + return o.SpdxId +} +func (o *OrLaterOperator) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *OrLaterOperator) GetComment() string { + return o.Comment +} +func (o *OrLaterOperator) SetComment(v string) { + o.Comment = v +} +func (o *OrLaterOperator) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *OrLaterOperator) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *OrLaterOperator) GetDescription() string { + return o.Description +} +func (o *OrLaterOperator) SetDescription(v string) { + o.Description = v +} +func (o *OrLaterOperator) GetExtensions() []IExtension { + return o.Extensions +} +func (o *OrLaterOperator) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *OrLaterOperator) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *OrLaterOperator) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *OrLaterOperator) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *OrLaterOperator) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *OrLaterOperator) GetName() string { + return o.Name +} +func (o *OrLaterOperator) SetName(v string) { + o.Name = v +} +func (o *OrLaterOperator) GetSummary() string { + return o.Summary +} +func (o *OrLaterOperator) SetSummary(v string) { + o.Summary = v +} +func (o *OrLaterOperator) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *OrLaterOperator) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *OrLaterOperator) GetSubjectLicense() ILicense { + return o.SubjectLicense +} +func (o *OrLaterOperator) SetSubjectLicense(v ILicense) { + o.SubjectLicense = v +} + +type IWithAdditionOperator interface { + IAnyLicenseInfo + + // GetSubjectAddition a LicenseAddition participating in a 'with addition' model. + GetSubjectAddition() ILicenseAddition + + SetSubjectAddition(ILicenseAddition) + + // GetSubjectExtendableLicense a License participating in a 'with addition' model. + GetSubjectExtendableLicense() IExtendableLicense + + SetSubjectExtendableLicense(IExtendableLicense) +} + +type WithAdditionOperator struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/WithAdditionOperator" iri-compact:"expandedlicensing_WithAdditionOperator" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // SubjectAddition a LicenseAddition participating in a 'with addition' model. + SubjectAddition ILicenseAddition `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/subjectAddition" iri-compact:"expandedlicensing_subjectAddition"` + // SubjectExtendableLicense a License participating in a 'with addition' model. + SubjectExtendableLicense IExtendableLicense `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/subjectExtendableLicense" iri-compact:"expandedlicensing_subjectExtendableLicense"` +} + +func NewWithAdditionOperator() IWithAdditionOperator { + return &WithAdditionOperator{} +} + +func (o *WithAdditionOperator) GetSpdxId() string { + return o.SpdxId +} +func (o *WithAdditionOperator) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *WithAdditionOperator) GetComment() string { + return o.Comment +} +func (o *WithAdditionOperator) SetComment(v string) { + o.Comment = v +} +func (o *WithAdditionOperator) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *WithAdditionOperator) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *WithAdditionOperator) GetDescription() string { + return o.Description +} +func (o *WithAdditionOperator) SetDescription(v string) { + o.Description = v +} +func (o *WithAdditionOperator) GetExtensions() []IExtension { + return o.Extensions +} +func (o *WithAdditionOperator) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *WithAdditionOperator) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *WithAdditionOperator) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *WithAdditionOperator) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *WithAdditionOperator) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *WithAdditionOperator) GetName() string { + return o.Name +} +func (o *WithAdditionOperator) SetName(v string) { + o.Name = v +} +func (o *WithAdditionOperator) GetSummary() string { + return o.Summary +} +func (o *WithAdditionOperator) SetSummary(v string) { + o.Summary = v +} +func (o *WithAdditionOperator) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *WithAdditionOperator) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *WithAdditionOperator) GetSubjectAddition() ILicenseAddition { + return o.SubjectAddition +} +func (o *WithAdditionOperator) SetSubjectAddition(v ILicenseAddition) { + o.SubjectAddition = v +} +func (o *WithAdditionOperator) GetSubjectExtendableLicense() IExtendableLicense { + return o.SubjectExtendableLicense +} +func (o *WithAdditionOperator) SetSubjectExtendableLicense(v IExtendableLicense) { + o.SubjectExtendableLicense = v +} + +type ICdxPropertiesExtension interface { + IExtension + + // GetCdxProperty provides a map of a property names to a values. + GetCdxProperty() []ICdxPropertyEntry + + SetCdxProperty(...ICdxPropertyEntry) +} + +type CdxPropertiesExtension struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/CdxPropertiesExtension" iri-compact:"extension_CdxPropertiesExtension"` + + Iri string `iri:"@id"` + + // CdxProperty provides a map of a property names to a values. + CdxProperty []ICdxPropertyEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/cdxProperty" iri-compact:"extension_cdxProperty"` +} + +func NewCdxPropertiesExtension() ICdxPropertiesExtension { + return &CdxPropertiesExtension{} +} + +func (o *CdxPropertiesExtension) GetCdxProperty() []ICdxPropertyEntry { + return o.CdxProperty +} +func (o *CdxPropertiesExtension) SetCdxProperty(v ...ICdxPropertyEntry) { + o.CdxProperty = v +} + +type ICvssV2VulnAssessmentRelationship interface { + IVulnAssessmentRelationship + + // GetScore provides a numerical (0-10) representation of the severity of a vulnerability. + GetScore() float64 + + SetScore(float64) + + // GetVectorString specifies the CVSS vector string for a vulnerability. + GetVectorString() string + + SetVectorString(string) +} + +type CvssV2VulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssV2VulnAssessmentRelationship" iri-compact:"security_CvssV2VulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // Score provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/score" iri-compact:"security_score"` + // VectorString specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vectorString" iri-compact:"security_vectorString"` +} + +func NewCvssV2VulnAssessmentRelationship() ICvssV2VulnAssessmentRelationship { + return &CvssV2VulnAssessmentRelationship{} +} + +func (o *CvssV2VulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *CvssV2VulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *CvssV2VulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *CvssV2VulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *CvssV2VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *CvssV2VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *CvssV2VulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *CvssV2VulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *CvssV2VulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *CvssV2VulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *CvssV2VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *CvssV2VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *CvssV2VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *CvssV2VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *CvssV2VulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *CvssV2VulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *CvssV2VulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *CvssV2VulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *CvssV2VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *CvssV2VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *CvssV2VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *CvssV2VulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *CvssV2VulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *CvssV2VulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *CvssV2VulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *CvssV2VulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *CvssV2VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *CvssV2VulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *CvssV2VulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *CvssV2VulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *CvssV2VulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *CvssV2VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *CvssV2VulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *CvssV2VulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *CvssV2VulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *CvssV2VulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *CvssV2VulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *CvssV2VulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *CvssV2VulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *CvssV2VulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetScore() float64 { + return o.Score +} +func (o *CvssV2VulnAssessmentRelationship) SetScore(v float64) { + o.Score = v +} +func (o *CvssV2VulnAssessmentRelationship) GetVectorString() string { + return o.VectorString +} +func (o *CvssV2VulnAssessmentRelationship) SetVectorString(v string) { + o.VectorString = v +} + +type ICvssV3VulnAssessmentRelationship interface { + IVulnAssessmentRelationship + + // GetScore provides a numerical (0-10) representation of the severity of a vulnerability. + GetScore() float64 + + SetScore(float64) + + // GetSeverity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + GetSeverity() CvssSeverityType + + SetSeverity(CvssSeverityType) + + // GetVectorString specifies the CVSS vector string for a vulnerability. + GetVectorString() string + + SetVectorString(string) +} + +type CvssV3VulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssV3VulnAssessmentRelationship" iri-compact:"security_CvssV3VulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // Score provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/score" iri-compact:"security_score"` + // Severity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/severity" iri-compact:"security_severity"` + // VectorString specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vectorString" iri-compact:"security_vectorString"` +} + +func NewCvssV3VulnAssessmentRelationship() ICvssV3VulnAssessmentRelationship { + return &CvssV3VulnAssessmentRelationship{} +} + +func (o *CvssV3VulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *CvssV3VulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *CvssV3VulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *CvssV3VulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *CvssV3VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *CvssV3VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *CvssV3VulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *CvssV3VulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *CvssV3VulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *CvssV3VulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *CvssV3VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *CvssV3VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *CvssV3VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *CvssV3VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *CvssV3VulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *CvssV3VulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *CvssV3VulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *CvssV3VulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *CvssV3VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *CvssV3VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *CvssV3VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *CvssV3VulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *CvssV3VulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *CvssV3VulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *CvssV3VulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *CvssV3VulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *CvssV3VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *CvssV3VulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *CvssV3VulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *CvssV3VulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *CvssV3VulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *CvssV3VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *CvssV3VulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *CvssV3VulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *CvssV3VulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *CvssV3VulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *CvssV3VulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *CvssV3VulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *CvssV3VulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *CvssV3VulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetScore() float64 { + return o.Score +} +func (o *CvssV3VulnAssessmentRelationship) SetScore(v float64) { + o.Score = v +} +func (o *CvssV3VulnAssessmentRelationship) GetSeverity() CvssSeverityType { + return o.Severity +} +func (o *CvssV3VulnAssessmentRelationship) SetSeverity(v CvssSeverityType) { + o.Severity = v +} +func (o *CvssV3VulnAssessmentRelationship) GetVectorString() string { + return o.VectorString +} +func (o *CvssV3VulnAssessmentRelationship) SetVectorString(v string) { + o.VectorString = v +} + +type ICvssV4VulnAssessmentRelationship interface { + IVulnAssessmentRelationship + + // GetScore provides a numerical (0-10) representation of the severity of a vulnerability. + GetScore() float64 + + SetScore(float64) + + // GetSeverity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + GetSeverity() CvssSeverityType + + SetSeverity(CvssSeverityType) + + // GetVectorString specifies the CVSS vector string for a vulnerability. + GetVectorString() string + + SetVectorString(string) +} + +type CvssV4VulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssV4VulnAssessmentRelationship" iri-compact:"security_CvssV4VulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // Score provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/score" iri-compact:"security_score"` + // Severity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/severity" iri-compact:"security_severity"` + // VectorString specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vectorString" iri-compact:"security_vectorString"` +} + +func NewCvssV4VulnAssessmentRelationship() ICvssV4VulnAssessmentRelationship { + return &CvssV4VulnAssessmentRelationship{} +} + +func (o *CvssV4VulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *CvssV4VulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *CvssV4VulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *CvssV4VulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *CvssV4VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *CvssV4VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *CvssV4VulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *CvssV4VulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *CvssV4VulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *CvssV4VulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *CvssV4VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *CvssV4VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *CvssV4VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *CvssV4VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *CvssV4VulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *CvssV4VulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *CvssV4VulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *CvssV4VulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *CvssV4VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *CvssV4VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *CvssV4VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *CvssV4VulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *CvssV4VulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *CvssV4VulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *CvssV4VulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *CvssV4VulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *CvssV4VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *CvssV4VulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *CvssV4VulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *CvssV4VulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *CvssV4VulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *CvssV4VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *CvssV4VulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *CvssV4VulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *CvssV4VulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *CvssV4VulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *CvssV4VulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *CvssV4VulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *CvssV4VulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *CvssV4VulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetScore() float64 { + return o.Score +} +func (o *CvssV4VulnAssessmentRelationship) SetScore(v float64) { + o.Score = v +} +func (o *CvssV4VulnAssessmentRelationship) GetSeverity() CvssSeverityType { + return o.Severity +} +func (o *CvssV4VulnAssessmentRelationship) SetSeverity(v CvssSeverityType) { + o.Severity = v +} +func (o *CvssV4VulnAssessmentRelationship) GetVectorString() string { + return o.VectorString +} +func (o *CvssV4VulnAssessmentRelationship) SetVectorString(v string) { + o.VectorString = v +} + +type IEpssVulnAssessmentRelationship interface { + IVulnAssessmentRelationship + + // GetPercentile the percentile of the current probability score. + GetPercentile() float64 + + SetPercentile(float64) + + // GetProbability a probability score between 0 and 1 of a vulnerability being exploited. + GetProbability() float64 + + SetProbability(float64) +} + +type EpssVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/EpssVulnAssessmentRelationship" iri-compact:"security_EpssVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // Percentile the percentile of the current probability score. + Percentile float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/percentile" iri-compact:"security_percentile"` + // Probability a probability score between 0 and 1 of a vulnerability being exploited. + Probability float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/probability" iri-compact:"security_probability"` +} + +func NewEpssVulnAssessmentRelationship() IEpssVulnAssessmentRelationship { + return &EpssVulnAssessmentRelationship{} +} + +func (o *EpssVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *EpssVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *EpssVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *EpssVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *EpssVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *EpssVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *EpssVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *EpssVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *EpssVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *EpssVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *EpssVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *EpssVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *EpssVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *EpssVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *EpssVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *EpssVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *EpssVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *EpssVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *EpssVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *EpssVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *EpssVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *EpssVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *EpssVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *EpssVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *EpssVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *EpssVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *EpssVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *EpssVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *EpssVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *EpssVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *EpssVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *EpssVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *EpssVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *EpssVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *EpssVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *EpssVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *EpssVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *EpssVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *EpssVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *EpssVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *EpssVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *EpssVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *EpssVulnAssessmentRelationship) GetPercentile() float64 { + return o.Percentile +} +func (o *EpssVulnAssessmentRelationship) SetPercentile(v float64) { + o.Percentile = v +} +func (o *EpssVulnAssessmentRelationship) GetProbability() float64 { + return o.Probability +} +func (o *EpssVulnAssessmentRelationship) SetProbability(v float64) { + o.Probability = v +} + +type IExploitCatalogVulnAssessmentRelationship interface { + IVulnAssessmentRelationship + + // GetCatalogType specifies the exploit catalog type. + GetCatalogType() ExploitCatalogType + + SetCatalogType(ExploitCatalogType) + + // GetExploited describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + GetExploited() bool + + SetExploited(bool) + + // GetLocator provides the location of an exploit catalog. + GetLocator() string + + SetLocator(string) +} + +type ExploitCatalogVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogVulnAssessmentRelationship" iri-compact:"security_ExploitCatalogVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // CatalogType specifies the exploit catalog type. + CatalogType ExploitCatalogType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/catalogType" iri-compact:"security_catalogType"` + // Exploited describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + Exploited bool `iri:"https://spdx.org/rdf/3.0.0/terms/Security/exploited" iri-compact:"security_exploited"` + // Locator provides the location of an exploit catalog. + Locator string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/locator" iri-compact:"security_locator"` +} + +func NewExploitCatalogVulnAssessmentRelationship() IExploitCatalogVulnAssessmentRelationship { + return &ExploitCatalogVulnAssessmentRelationship{} +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetCatalogType() ExploitCatalogType { + return o.CatalogType +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetCatalogType(v ExploitCatalogType) { + o.CatalogType = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetExploited() bool { + return o.Exploited +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetExploited(v bool) { + o.Exploited = v +} +func (o *ExploitCatalogVulnAssessmentRelationship) GetLocator() string { + return o.Locator +} +func (o *ExploitCatalogVulnAssessmentRelationship) SetLocator(v string) { + o.Locator = v +} + +type ISsvcVulnAssessmentRelationship interface { + IVulnAssessmentRelationship + + // GetDecisionType provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) + GetDecisionType() SsvcDecisionType + + SetDecisionType(SsvcDecisionType) +} + +type SsvcVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/SsvcVulnAssessmentRelationship" iri-compact:"security_SsvcVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // DecisionType provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) + DecisionType SsvcDecisionType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/decisionType" iri-compact:"security_decisionType"` +} + +func NewSsvcVulnAssessmentRelationship() ISsvcVulnAssessmentRelationship { + return &SsvcVulnAssessmentRelationship{} +} + +func (o *SsvcVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *SsvcVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *SsvcVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *SsvcVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *SsvcVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *SsvcVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *SsvcVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *SsvcVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *SsvcVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *SsvcVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *SsvcVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *SsvcVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *SsvcVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *SsvcVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *SsvcVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *SsvcVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *SsvcVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *SsvcVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *SsvcVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *SsvcVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *SsvcVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *SsvcVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *SsvcVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *SsvcVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *SsvcVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *SsvcVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *SsvcVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *SsvcVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *SsvcVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *SsvcVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *SsvcVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *SsvcVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *SsvcVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *SsvcVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *SsvcVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *SsvcVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *SsvcVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *SsvcVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *SsvcVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *SsvcVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *SsvcVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *SsvcVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *SsvcVulnAssessmentRelationship) GetDecisionType() SsvcDecisionType { + return o.DecisionType +} +func (o *SsvcVulnAssessmentRelationship) SetDecisionType(v SsvcDecisionType) { + o.DecisionType = v +} + +type IVexVulnAssessmentRelationship interface { + IVulnAssessmentRelationship + + // GetStatusNotes conveys information about how VEX status was determined. + GetStatusNotes() string + + SetStatusNotes(string) + + // GetVexVersion specifies the version of a VEX statement. + GetVexVersion() string + + SetVexVersion(string) +} + +type VexVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexVulnAssessmentRelationship" iri-compact:"security_VexVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // StatusNotes conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` + // VexVersion specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` +} + +func (o *VexVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *VexVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *VexVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *VexVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *VexVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *VexVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *VexVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *VexVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *VexVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *VexVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *VexVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *VexVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *VexVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *VexVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *VexVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *VexVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *VexVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *VexVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *VexVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *VexVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *VexVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *VexVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *VexVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *VexVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *VexVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *VexVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *VexVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *VexVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *VexVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *VexVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *VexVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *VexVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *VexVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *VexVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *VexVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *VexVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *VexVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *VexVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *VexVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *VexVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *VexVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *VexVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *VexVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes +} +func (o *VexVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v +} +func (o *VexVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion +} +func (o *VexVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v +} + +type IVulnerability interface { + IArtifact + + // GetModifiedTime specifies a time when a vulnerability assessment was modified + GetModifiedTime() string + + SetModifiedTime(string) + + // GetPublishedTime specifies the time when a vulnerability was published. + GetPublishedTime() string + + SetPublishedTime(string) + + // GetWithdrawnTime specified the time and date when a vulnerability was withdrawn. + GetWithdrawnTime() string + + SetWithdrawnTime(string) +} + +type Vulnerability struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/Vulnerability" iri-compact:"security_Vulnerability" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` + + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` +} + +func NewVulnerability() IVulnerability { + return &Vulnerability{} +} + +func (o *Vulnerability) GetSpdxId() string { + return o.SpdxId +} +func (o *Vulnerability) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Vulnerability) GetComment() string { + return o.Comment +} +func (o *Vulnerability) SetComment(v string) { + o.Comment = v +} +func (o *Vulnerability) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Vulnerability) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Vulnerability) GetDescription() string { + return o.Description +} +func (o *Vulnerability) SetDescription(v string) { + o.Description = v +} +func (o *Vulnerability) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Vulnerability) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Vulnerability) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Vulnerability) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Vulnerability) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Vulnerability) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Vulnerability) GetName() string { + return o.Name +} +func (o *Vulnerability) SetName(v string) { + o.Name = v +} +func (o *Vulnerability) GetSummary() string { + return o.Summary +} +func (o *Vulnerability) SetSummary(v string) { + o.Summary = v +} +func (o *Vulnerability) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Vulnerability) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Vulnerability) GetBuiltTime() string { + return o.BuiltTime +} +func (o *Vulnerability) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *Vulnerability) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *Vulnerability) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *Vulnerability) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *Vulnerability) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *Vulnerability) GetStandardName() []string { + return o.StandardName +} +func (o *Vulnerability) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *Vulnerability) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *Vulnerability) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *Vulnerability) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *Vulnerability) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *Vulnerability) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *Vulnerability) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +func (o *Vulnerability) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *Vulnerability) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *Vulnerability) GetPublishedTime() string { + return o.PublishedTime +} +func (o *Vulnerability) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *Vulnerability) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *Vulnerability) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +type ISoftwareArtifact interface { + IArtifact + + // GetAdditionalPurpose provides additional purpose information of the software artifact. + GetAdditionalPurpose() []SoftwarePurpose + + SetAdditionalPurpose(...SoftwarePurpose) + + // GetAttributionText provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + GetAttributionText() []string + + SetAttributionText(...string) + + // GetContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + GetContentIdentifier() []IContentIdentifier + + SetContentIdentifier(...IContentIdentifier) + + // GetCopyrightText identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + GetCopyrightText() string + + SetCopyrightText(string) + + // GetPrimaryPurpose provides information about the primary purpose of the software artifact. + GetPrimaryPurpose() SoftwarePurpose + + SetPrimaryPurpose(SoftwarePurpose) +} + +type SoftwareArtifact struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/SoftwareArtifact" iri-compact:"software_SoftwareArtifact" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` + + // AdditionalPurpose provides additional purpose information of the software artifact. + AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` + // AttributionText provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` + // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` + // CopyrightText identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` + // PrimaryPurpose provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` +} + +func (o *SoftwareArtifact) GetSpdxId() string { + return o.SpdxId +} +func (o *SoftwareArtifact) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *SoftwareArtifact) GetComment() string { + return o.Comment +} +func (o *SoftwareArtifact) SetComment(v string) { + o.Comment = v +} +func (o *SoftwareArtifact) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *SoftwareArtifact) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *SoftwareArtifact) GetDescription() string { + return o.Description +} +func (o *SoftwareArtifact) SetDescription(v string) { + o.Description = v +} +func (o *SoftwareArtifact) GetExtensions() []IExtension { + return o.Extensions +} +func (o *SoftwareArtifact) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *SoftwareArtifact) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *SoftwareArtifact) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *SoftwareArtifact) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *SoftwareArtifact) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *SoftwareArtifact) GetName() string { + return o.Name +} +func (o *SoftwareArtifact) SetName(v string) { + o.Name = v +} +func (o *SoftwareArtifact) GetSummary() string { + return o.Summary +} +func (o *SoftwareArtifact) SetSummary(v string) { + o.Summary = v +} +func (o *SoftwareArtifact) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *SoftwareArtifact) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *SoftwareArtifact) GetBuiltTime() string { + return o.BuiltTime +} +func (o *SoftwareArtifact) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *SoftwareArtifact) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *SoftwareArtifact) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *SoftwareArtifact) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *SoftwareArtifact) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *SoftwareArtifact) GetStandardName() []string { + return o.StandardName +} +func (o *SoftwareArtifact) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *SoftwareArtifact) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *SoftwareArtifact) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *SoftwareArtifact) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *SoftwareArtifact) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *SoftwareArtifact) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *SoftwareArtifact) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +func (o *SoftwareArtifact) GetAdditionalPurpose() []SoftwarePurpose { + return o.AdditionalPurpose +} +func (o *SoftwareArtifact) SetAdditionalPurpose(v ...SoftwarePurpose) { + o.AdditionalPurpose = v +} +func (o *SoftwareArtifact) GetAttributionText() []string { + return o.AttributionText +} +func (o *SoftwareArtifact) SetAttributionText(v ...string) { + o.AttributionText = v +} +func (o *SoftwareArtifact) GetContentIdentifier() []IContentIdentifier { + return o.ContentIdentifier +} +func (o *SoftwareArtifact) SetContentIdentifier(v ...IContentIdentifier) { + o.ContentIdentifier = v +} +func (o *SoftwareArtifact) GetCopyrightText() string { + return o.CopyrightText +} +func (o *SoftwareArtifact) SetCopyrightText(v string) { + o.CopyrightText = v +} +func (o *SoftwareArtifact) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} +func (o *SoftwareArtifact) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +type IBom interface { + IBundle +} + +type Bom struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Bom" iri-compact:"Bom" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Elements refers to one or more Elements that are part of an ElementCollection. + Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` + // ProfileConformance describes one a profile which the creator of this ElementCollection intends to + // conform to. + ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` + // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` + + // Context gives information about the circumstances or unifying properties + // that Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/context" iri-compact:"context"` +} + +func NewBom() IBom { + return &Bom{} +} + +func (o *Bom) GetSpdxId() string { + return o.SpdxId +} +func (o *Bom) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Bom) GetComment() string { + return o.Comment +} +func (o *Bom) SetComment(v string) { + o.Comment = v +} +func (o *Bom) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Bom) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Bom) GetDescription() string { + return o.Description +} +func (o *Bom) SetDescription(v string) { + o.Description = v +} +func (o *Bom) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Bom) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Bom) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Bom) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Bom) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Bom) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Bom) GetName() string { + return o.Name +} +func (o *Bom) SetName(v string) { + o.Name = v +} +func (o *Bom) GetSummary() string { + return o.Summary +} +func (o *Bom) SetSummary(v string) { + o.Summary = v +} +func (o *Bom) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Bom) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Bom) GetElements() []IElement { + return o.Elements +} +func (o *Bom) SetElements(v ...IElement) { + o.Elements = v +} +func (o *Bom) GetProfileConformance() []ProfileIdentifierType { + return o.ProfileConformance +} +func (o *Bom) SetProfileConformance(v ...ProfileIdentifierType) { + o.ProfileConformance = v +} +func (o *Bom) GetRootElements() []IElement { + return o.RootElements +} +func (o *Bom) SetRootElements(v ...IElement) { + o.RootElements = v +} + +func (o *Bom) GetContext() string { + return o.Context +} +func (o *Bom) SetContext(v string) { + o.Context = v +} + +type ICustomLicense interface { + ILicense +} + +type CustomLicense struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/CustomLicense" iri-compact:"expandedlicensing_CustomLicense" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // IsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as + // deprecated. + IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` + // IsFsfLibre specifies whether the License is listed as free by the + // [Free Software Foundation (FSF)](https://fsf.org). + IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` + // IsOsiApproved specifies whether the License is listed as approved by the + // [Open Source Initiative (OSI)](https://opensource.org). + IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` + // LicenseXml identifies all the text and metadata associated with a license in the license + // XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` + // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` + // SeeAlso contains a URL where the License or LicenseAddition can be found in use. + SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` + // StandardLicenseHeader provides a License author's preferred text to indicate that a file is covered + // by the License. + StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` + // StandardLicenseTemplate identifies the full text of a License, in SPDX templating format. + StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` + // LicenseText identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +} + +func NewCustomLicense() ICustomLicense { + return &CustomLicense{} +} + +func (o *CustomLicense) GetSpdxId() string { + return o.SpdxId +} +func (o *CustomLicense) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *CustomLicense) GetComment() string { + return o.Comment +} +func (o *CustomLicense) SetComment(v string) { + o.Comment = v +} +func (o *CustomLicense) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *CustomLicense) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *CustomLicense) GetDescription() string { + return o.Description +} +func (o *CustomLicense) SetDescription(v string) { + o.Description = v +} +func (o *CustomLicense) GetExtensions() []IExtension { + return o.Extensions +} +func (o *CustomLicense) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *CustomLicense) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *CustomLicense) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *CustomLicense) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *CustomLicense) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *CustomLicense) GetName() string { + return o.Name +} +func (o *CustomLicense) SetName(v string) { + o.Name = v +} +func (o *CustomLicense) GetSummary() string { + return o.Summary +} +func (o *CustomLicense) SetSummary(v string) { + o.Summary = v +} +func (o *CustomLicense) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *CustomLicense) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *CustomLicense) GetIsDeprecatedLicenseId() bool { + return o.IsDeprecatedLicenseId +} +func (o *CustomLicense) SetIsDeprecatedLicenseId(v bool) { + o.IsDeprecatedLicenseId = v +} +func (o *CustomLicense) GetIsFsfLibre() bool { + return o.IsFsfLibre +} +func (o *CustomLicense) SetIsFsfLibre(v bool) { + o.IsFsfLibre = v +} +func (o *CustomLicense) GetIsOsiApproved() bool { + return o.IsOsiApproved +} +func (o *CustomLicense) SetIsOsiApproved(v bool) { + o.IsOsiApproved = v +} +func (o *CustomLicense) GetLicenseXml() string { + return o.LicenseXml +} +func (o *CustomLicense) SetLicenseXml(v string) { + o.LicenseXml = v +} +func (o *CustomLicense) GetObsoletedBy() string { + return o.ObsoletedBy +} +func (o *CustomLicense) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} +func (o *CustomLicense) GetSeeAlso() []string { + return o.SeeAlso +} +func (o *CustomLicense) SetSeeAlso(v ...string) { + o.SeeAlso = v +} +func (o *CustomLicense) GetStandardLicenseHeader() string { + return o.StandardLicenseHeader +} +func (o *CustomLicense) SetStandardLicenseHeader(v string) { + o.StandardLicenseHeader = v +} +func (o *CustomLicense) GetStandardLicenseTemplate() string { + return o.StandardLicenseTemplate +} +func (o *CustomLicense) SetStandardLicenseTemplate(v string) { + o.StandardLicenseTemplate = v +} +func (o *CustomLicense) GetLicenseText() string { + return o.LicenseText +} +func (o *CustomLicense) SetLicenseText(v string) { + o.LicenseText = v +} + +type IVexAffectedVulnAssessmentRelationship interface { + IVexVulnAssessmentRelationship + + // GetActionStatement provides advise on how to mitigate or remediate a vulnerability when a VEX product + // is affected by it. + GetActionStatement() string + + SetActionStatement(string) + + // GetActionStatementTime records the time when a recommended action was communicated in a VEX statement + // to mitigate a vulnerability. + GetActionStatementTime() []string + + SetActionStatementTime(...string) +} + +type VexAffectedVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexAffectedVulnAssessmentRelationship" iri-compact:"security_VexAffectedVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // StatusNotes conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` + // VexVersion specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` + + // ActionStatement provides advise on how to mitigate or remediate a vulnerability when a VEX product + // is affected by it. + ActionStatement string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/actionStatement" iri-compact:"security_actionStatement"` + // ActionStatementTime records the time when a recommended action was communicated in a VEX statement + // to mitigate a vulnerability. + ActionStatementTime []string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/actionStatementTime" iri-compact:"security_actionStatementTime"` +} + +func NewVexAffectedVulnAssessmentRelationship() IVexAffectedVulnAssessmentRelationship { + return &VexAffectedVulnAssessmentRelationship{} +} + +func (o *VexAffectedVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *VexAffectedVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *VexAffectedVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *VexAffectedVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *VexAffectedVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *VexAffectedVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *VexAffectedVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *VexAffectedVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *VexAffectedVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *VexAffectedVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *VexAffectedVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *VexAffectedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *VexAffectedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *VexAffectedVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *VexAffectedVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *VexAffectedVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *VexAffectedVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *VexAffectedVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *VexAffectedVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *VexAffectedVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *VexAffectedVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *VexAffectedVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *VexAffectedVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *VexAffectedVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *VexAffectedVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes +} +func (o *VexAffectedVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion +} +func (o *VexAffectedVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v +} + +func (o *VexAffectedVulnAssessmentRelationship) GetActionStatement() string { + return o.ActionStatement +} +func (o *VexAffectedVulnAssessmentRelationship) SetActionStatement(v string) { + o.ActionStatement = v +} +func (o *VexAffectedVulnAssessmentRelationship) GetActionStatementTime() []string { + return o.ActionStatementTime +} +func (o *VexAffectedVulnAssessmentRelationship) SetActionStatementTime(v ...string) { + o.ActionStatementTime = v +} + +type IVexFixedVulnAssessmentRelationship interface { + IVexVulnAssessmentRelationship +} + +type VexFixedVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexFixedVulnAssessmentRelationship" iri-compact:"security_VexFixedVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // StatusNotes conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` + // VexVersion specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` +} + +func NewVexFixedVulnAssessmentRelationship() IVexFixedVulnAssessmentRelationship { + return &VexFixedVulnAssessmentRelationship{} +} + +func (o *VexFixedVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *VexFixedVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *VexFixedVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *VexFixedVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *VexFixedVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *VexFixedVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *VexFixedVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *VexFixedVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *VexFixedVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *VexFixedVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *VexFixedVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *VexFixedVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *VexFixedVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *VexFixedVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *VexFixedVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *VexFixedVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *VexFixedVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *VexFixedVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *VexFixedVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *VexFixedVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *VexFixedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *VexFixedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *VexFixedVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *VexFixedVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *VexFixedVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *VexFixedVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *VexFixedVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *VexFixedVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *VexFixedVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *VexFixedVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *VexFixedVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *VexFixedVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *VexFixedVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *VexFixedVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *VexFixedVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *VexFixedVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *VexFixedVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *VexFixedVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *VexFixedVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *VexFixedVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *VexFixedVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *VexFixedVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *VexFixedVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes +} +func (o *VexFixedVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v +} +func (o *VexFixedVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion +} +func (o *VexFixedVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v +} + +type IVexNotAffectedVulnAssessmentRelationship interface { + IVexVulnAssessmentRelationship + + // GetImpactStatement explains why a VEX product is not affected by a vulnerability. It is an + // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable + // justification label. + GetImpactStatement() string + + SetImpactStatement(string) + + // GetImpactStatementTime timestamp of impact statement. + GetImpactStatementTime() string + + SetImpactStatementTime(string) + + // GetJustificationType impact justification label to be used when linking a vulnerability to an element + // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship + // relationship. + GetJustificationType() VexJustificationType + + SetJustificationType(VexJustificationType) +} + +type VexNotAffectedVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexNotAffectedVulnAssessmentRelationship" iri-compact:"security_VexNotAffectedVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // StatusNotes conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` + // VexVersion specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` + + // ImpactStatement explains why a VEX product is not affected by a vulnerability. It is an + // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable + // justification label. + ImpactStatement string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/impactStatement" iri-compact:"security_impactStatement"` + // ImpactStatementTime timestamp of impact statement. + ImpactStatementTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/impactStatementTime" iri-compact:"security_impactStatementTime"` + // JustificationType impact justification label to be used when linking a vulnerability to an element + // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship + // relationship. + JustificationType VexJustificationType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/justificationType" iri-compact:"security_justificationType"` +} + +func NewVexNotAffectedVulnAssessmentRelationship() IVexNotAffectedVulnAssessmentRelationship { + return &VexNotAffectedVulnAssessmentRelationship{} +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetImpactStatement() string { + return o.ImpactStatement +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetImpactStatement(v string) { + o.ImpactStatement = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetImpactStatementTime() string { + return o.ImpactStatementTime +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetImpactStatementTime(v string) { + o.ImpactStatementTime = v +} +func (o *VexNotAffectedVulnAssessmentRelationship) GetJustificationType() VexJustificationType { + return o.JustificationType +} +func (o *VexNotAffectedVulnAssessmentRelationship) SetJustificationType(v VexJustificationType) { + o.JustificationType = v +} + +type IVexUnderInvestigationVulnAssessmentRelationship interface { + IVexVulnAssessmentRelationship +} + +type VexUnderInvestigationVulnAssessmentRelationship struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexUnderInvestigationVulnAssessmentRelationship" iri-compact:"security_VexUnderInvestigationVulnAssessmentRelationship" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Completeness provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` + // EndTime specifies the time from which an element is no longer applicable / valid. + EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` + // From references the Element on the left-hand side of a relationship. + From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` + // RelationshipType information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` + // StartTime specifies the time from which an element is applicable / valid. + StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` + // To references an Element on the right-hand side of a relationship. + To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // AssessedElement specifies an Element contained in a piece of software where a vulnerability was + // found. + AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` + // ModifiedTime specifies a time when a vulnerability assessment was modified + ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` + // PublishedTime specifies the time when a vulnerability was published. + PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` + // WithdrawnTime specified the time and date when a vulnerability was withdrawn. + WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` + + // StatusNotes conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` + // VexVersion specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` +} + +func NewVexUnderInvestigationVulnAssessmentRelationship() IVexUnderInvestigationVulnAssessmentRelationship { + return &VexUnderInvestigationVulnAssessmentRelationship{} +} + +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSpdxId() string { + return o.SpdxId +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetComment() string { + return o.Comment +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetDescription() string { + return o.Description +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExtensions() []IExtension { + return o.Extensions +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetName() string { + return o.Name +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetEndTime() string { + return o.EndTime +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetEndTime(v string) { + o.EndTime = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetFrom() IElement { + return o.From +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetFrom(v IElement) { + o.From = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetRelationshipType() RelationshipType { + return o.RelationshipType +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { + o.RelationshipType = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetStartTime() string { + return o.StartTime +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetStartTime(v string) { + o.StartTime = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetTo() []IElement { + return o.To +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetTo(v ...IElement) { + o.To = v +} + +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetAssessedElement() IElement { + return o.AssessedElement +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetAssessedElement(v IElement) { + o.AssessedElement = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetModifiedTime() string { + return o.ModifiedTime +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetModifiedTime(v string) { + o.ModifiedTime = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetPublishedTime() string { + return o.PublishedTime +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetPublishedTime(v string) { + o.PublishedTime = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetWithdrawnTime() string { + return o.WithdrawnTime +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetWithdrawnTime(v string) { + o.WithdrawnTime = v +} + +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion +} +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v +} + +type IFile interface { + ISoftwareArtifact + + // GetContentType provides information about the content type of an Element. + GetContentType() string + + SetContentType(string) + + // GetFileKind describes if a given file is a directory or non-directory kind of file. + GetFileKind() FileKindType + + SetFileKind(FileKindType) +} + +type File struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/File" iri-compact:"software_File" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` + + // AdditionalPurpose provides additional purpose information of the software artifact. + AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` + // AttributionText provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` + // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` + // CopyrightText identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` + // PrimaryPurpose provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` + + // ContentType provides information about the content type of an Element. + ContentType string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentType" iri-compact:"software_contentType"` + // FileKind describes if a given file is a directory or non-directory kind of file. + FileKind FileKindType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/fileKind" iri-compact:"software_fileKind"` +} + +func NewFile() IFile { + return &File{} +} + +func (o *File) GetSpdxId() string { + return o.SpdxId +} +func (o *File) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *File) GetComment() string { + return o.Comment +} +func (o *File) SetComment(v string) { + o.Comment = v +} +func (o *File) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *File) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *File) GetDescription() string { + return o.Description +} +func (o *File) SetDescription(v string) { + o.Description = v +} +func (o *File) GetExtensions() []IExtension { + return o.Extensions +} +func (o *File) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *File) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *File) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *File) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *File) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *File) GetName() string { + return o.Name +} +func (o *File) SetName(v string) { + o.Name = v +} +func (o *File) GetSummary() string { + return o.Summary +} +func (o *File) SetSummary(v string) { + o.Summary = v +} +func (o *File) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *File) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *File) GetBuiltTime() string { + return o.BuiltTime +} +func (o *File) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *File) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *File) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *File) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *File) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *File) GetStandardName() []string { + return o.StandardName +} +func (o *File) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *File) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *File) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *File) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *File) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *File) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *File) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +func (o *File) GetAdditionalPurpose() []SoftwarePurpose { + return o.AdditionalPurpose +} +func (o *File) SetAdditionalPurpose(v ...SoftwarePurpose) { + o.AdditionalPurpose = v +} +func (o *File) GetAttributionText() []string { + return o.AttributionText +} +func (o *File) SetAttributionText(v ...string) { + o.AttributionText = v +} +func (o *File) GetContentIdentifier() []IContentIdentifier { + return o.ContentIdentifier +} +func (o *File) SetContentIdentifier(v ...IContentIdentifier) { + o.ContentIdentifier = v +} +func (o *File) GetCopyrightText() string { + return o.CopyrightText +} +func (o *File) SetCopyrightText(v string) { + o.CopyrightText = v +} +func (o *File) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} +func (o *File) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *File) GetContentType() string { + return o.ContentType +} +func (o *File) SetContentType(v string) { + o.ContentType = v +} +func (o *File) GetFileKind() FileKindType { + return o.FileKind +} +func (o *File) SetFileKind(v FileKindType) { + o.FileKind = v +} + +type IPackage interface { + ISoftwareArtifact + + // GetDownloadLocation identifies the download Uniform Resource Identifier for the package at the time + // that the document was created. + GetDownloadLocation() string + + SetDownloadLocation(string) + + // GetHomePage a place for the SPDX document creator to record a website that serves as the + // package's home page. + GetHomePage() string + + SetHomePage(string) + + // GetPackageUrl provides a place for the SPDX data creator to record the package URL string + // (in accordance with the + // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) + // for a software Package. + GetPackageUrl() string + + SetPackageUrl(string) + + // GetPackageVersion identify the version of a package. + GetPackageVersion() string + + SetPackageVersion(string) + + // GetSourceInfo records any relevant background information or additional comments + // about the origin of the package. + GetSourceInfo() string + + SetSourceInfo(string) +} + +type Package struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/Package" iri-compact:"software_Package" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` + + // AdditionalPurpose provides additional purpose information of the software artifact. + AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` + // AttributionText provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` + // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` + // CopyrightText identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` + // PrimaryPurpose provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` + + // DownloadLocation identifies the download Uniform Resource Identifier for the package at the time + // that the document was created. + DownloadLocation string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` + // HomePage a place for the SPDX document creator to record a website that serves as the + // package's home page. + HomePage string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/homePage" iri-compact:"software_homePage"` + // PackageUrl provides a place for the SPDX data creator to record the package URL string + // (in accordance with the + // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) + // for a software Package. + PackageUrl string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageUrl" iri-compact:"software_packageUrl"` + // PackageVersion identify the version of a package. + PackageVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageVersion" iri-compact:"software_packageVersion"` + // SourceInfo records any relevant background information or additional comments + // about the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` +} + +func NewPackage() IPackage { + return &Package{} +} + +func (o *Package) GetSpdxId() string { + return o.SpdxId +} +func (o *Package) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Package) GetComment() string { + return o.Comment +} +func (o *Package) SetComment(v string) { + o.Comment = v +} +func (o *Package) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Package) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Package) GetDescription() string { + return o.Description +} +func (o *Package) SetDescription(v string) { + o.Description = v +} +func (o *Package) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Package) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Package) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Package) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Package) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Package) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Package) GetName() string { + return o.Name +} +func (o *Package) SetName(v string) { + o.Name = v +} +func (o *Package) GetSummary() string { + return o.Summary +} +func (o *Package) SetSummary(v string) { + o.Summary = v +} +func (o *Package) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Package) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Package) GetBuiltTime() string { + return o.BuiltTime +} +func (o *Package) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *Package) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *Package) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *Package) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *Package) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *Package) GetStandardName() []string { + return o.StandardName +} +func (o *Package) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *Package) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *Package) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *Package) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *Package) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *Package) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *Package) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +func (o *Package) GetAdditionalPurpose() []SoftwarePurpose { + return o.AdditionalPurpose +} +func (o *Package) SetAdditionalPurpose(v ...SoftwarePurpose) { + o.AdditionalPurpose = v +} +func (o *Package) GetAttributionText() []string { + return o.AttributionText +} +func (o *Package) SetAttributionText(v ...string) { + o.AttributionText = v +} +func (o *Package) GetContentIdentifier() []IContentIdentifier { + return o.ContentIdentifier +} +func (o *Package) SetContentIdentifier(v ...IContentIdentifier) { + o.ContentIdentifier = v +} +func (o *Package) GetCopyrightText() string { + return o.CopyrightText +} +func (o *Package) SetCopyrightText(v string) { + o.CopyrightText = v +} +func (o *Package) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} +func (o *Package) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *Package) GetDownloadLocation() string { + return o.DownloadLocation +} +func (o *Package) SetDownloadLocation(v string) { + o.DownloadLocation = v +} +func (o *Package) GetHomePage() string { + return o.HomePage +} +func (o *Package) SetHomePage(v string) { + o.HomePage = v +} +func (o *Package) GetPackageUrl() string { + return o.PackageUrl +} +func (o *Package) SetPackageUrl(v string) { + o.PackageUrl = v +} +func (o *Package) GetPackageVersion() string { + return o.PackageVersion +} +func (o *Package) SetPackageVersion(v string) { + o.PackageVersion = v +} +func (o *Package) GetSourceInfo() string { + return o.SourceInfo +} +func (o *Package) SetSourceInfo(v string) { + o.SourceInfo = v +} + +type ISbom interface { + IBom + + // GetSbomType provides information about the type of an SBOM. + GetSbomType() []SbomType + + SetSbomType(...SbomType) +} + +type Sbom struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/Sbom" iri-compact:"software_Sbom" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // Elements refers to one or more Elements that are part of an ElementCollection. + Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` + // ProfileConformance describes one a profile which the creator of this ElementCollection intends to + // conform to. + ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` + // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` + + // Context gives information about the circumstances or unifying properties + // that Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/context" iri-compact:"context"` + + // SbomType provides information about the type of an SBOM. + SbomType []SbomType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sbomType" iri-compact:"software_sbomType"` +} + +func NewSbom() ISbom { + return &Sbom{} +} + +func (o *Sbom) GetSpdxId() string { + return o.SpdxId +} +func (o *Sbom) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Sbom) GetComment() string { + return o.Comment +} +func (o *Sbom) SetComment(v string) { + o.Comment = v +} +func (o *Sbom) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Sbom) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Sbom) GetDescription() string { + return o.Description +} +func (o *Sbom) SetDescription(v string) { + o.Description = v +} +func (o *Sbom) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Sbom) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Sbom) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Sbom) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Sbom) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Sbom) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Sbom) GetName() string { + return o.Name +} +func (o *Sbom) SetName(v string) { + o.Name = v +} +func (o *Sbom) GetSummary() string { + return o.Summary +} +func (o *Sbom) SetSummary(v string) { + o.Summary = v +} +func (o *Sbom) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Sbom) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Sbom) GetElements() []IElement { + return o.Elements +} +func (o *Sbom) SetElements(v ...IElement) { + o.Elements = v +} +func (o *Sbom) GetProfileConformance() []ProfileIdentifierType { + return o.ProfileConformance +} +func (o *Sbom) SetProfileConformance(v ...ProfileIdentifierType) { + o.ProfileConformance = v +} +func (o *Sbom) GetRootElements() []IElement { + return o.RootElements +} +func (o *Sbom) SetRootElements(v ...IElement) { + o.RootElements = v +} + +func (o *Sbom) GetContext() string { + return o.Context +} +func (o *Sbom) SetContext(v string) { + o.Context = v +} + +func (o *Sbom) GetSbomType() []SbomType { + return o.SbomType +} +func (o *Sbom) SetSbomType(v ...SbomType) { + o.SbomType = v +} + +type ISnippet interface { + ISoftwareArtifact + + // GetByteRange defines the byte range in the original host file that the snippet information + // applies to. + GetByteRange() IPositiveIntegerRange + + SetByteRange(IPositiveIntegerRange) + + // GetLineRange defines the line range in the original host file that the snippet information + // applies to. + GetLineRange() IPositiveIntegerRange + + SetLineRange(IPositiveIntegerRange) + + // GetSnippetFromFile defines the original host file that the snippet information applies to. + GetSnippetFromFile() IFile + + SetSnippetFromFile(IFile) +} + +type Snippet struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/Snippet" iri-compact:"software_Snippet" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` + + // AdditionalPurpose provides additional purpose information of the software artifact. + AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` + // AttributionText provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` + // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` + // CopyrightText identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` + // PrimaryPurpose provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` + + // ByteRange defines the byte range in the original host file that the snippet information + // applies to. + ByteRange IPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.0/terms/Software/byteRange" iri-compact:"software_byteRange"` + // LineRange defines the line range in the original host file that the snippet information + // applies to. + LineRange IPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.0/terms/Software/lineRange" iri-compact:"software_lineRange"` + // SnippetFromFile defines the original host file that the snippet information applies to. + SnippetFromFile IFile `iri:"https://spdx.org/rdf/3.0.0/terms/Software/snippetFromFile" iri-compact:"software_snippetFromFile"` +} + +func NewSnippet() ISnippet { + return &Snippet{} +} + +func (o *Snippet) GetSpdxId() string { + return o.SpdxId +} +func (o *Snippet) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *Snippet) GetComment() string { + return o.Comment +} +func (o *Snippet) SetComment(v string) { + o.Comment = v +} +func (o *Snippet) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *Snippet) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *Snippet) GetDescription() string { + return o.Description +} +func (o *Snippet) SetDescription(v string) { + o.Description = v +} +func (o *Snippet) GetExtensions() []IExtension { + return o.Extensions +} +func (o *Snippet) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *Snippet) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *Snippet) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *Snippet) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *Snippet) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *Snippet) GetName() string { + return o.Name +} +func (o *Snippet) SetName(v string) { + o.Name = v +} +func (o *Snippet) GetSummary() string { + return o.Summary +} +func (o *Snippet) SetSummary(v string) { + o.Summary = v +} +func (o *Snippet) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *Snippet) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *Snippet) GetBuiltTime() string { + return o.BuiltTime +} +func (o *Snippet) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *Snippet) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *Snippet) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *Snippet) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *Snippet) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *Snippet) GetStandardName() []string { + return o.StandardName +} +func (o *Snippet) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *Snippet) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *Snippet) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *Snippet) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *Snippet) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *Snippet) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *Snippet) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +func (o *Snippet) GetAdditionalPurpose() []SoftwarePurpose { + return o.AdditionalPurpose +} +func (o *Snippet) SetAdditionalPurpose(v ...SoftwarePurpose) { + o.AdditionalPurpose = v +} +func (o *Snippet) GetAttributionText() []string { + return o.AttributionText +} +func (o *Snippet) SetAttributionText(v ...string) { + o.AttributionText = v +} +func (o *Snippet) GetContentIdentifier() []IContentIdentifier { + return o.ContentIdentifier +} +func (o *Snippet) SetContentIdentifier(v ...IContentIdentifier) { + o.ContentIdentifier = v +} +func (o *Snippet) GetCopyrightText() string { + return o.CopyrightText +} +func (o *Snippet) SetCopyrightText(v string) { + o.CopyrightText = v +} +func (o *Snippet) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} +func (o *Snippet) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *Snippet) GetByteRange() IPositiveIntegerRange { + return o.ByteRange +} +func (o *Snippet) SetByteRange(v IPositiveIntegerRange) { + o.ByteRange = v +} +func (o *Snippet) GetLineRange() IPositiveIntegerRange { + return o.LineRange +} +func (o *Snippet) SetLineRange(v IPositiveIntegerRange) { + o.LineRange = v +} +func (o *Snippet) GetSnippetFromFile() IFile { + return o.SnippetFromFile +} +func (o *Snippet) SetSnippetFromFile(v IFile) { + o.SnippetFromFile = v +} + +type IAIPackage interface { + IPackage + + // GetAutonomyType states if a human is involved in the decisions of the AI software. + GetAutonomyType() PresenceType + + SetAutonomyType(PresenceType) + + // GetDomain captures the domain in which the AI package can be used. + GetDomain() []string + + SetDomain(...string) + + // GetEnergyConsumption indicates the amount of energy consumed to train the AI model. + GetEnergyConsumption() IEnergyConsumption + + SetEnergyConsumption(IEnergyConsumption) + + // GetHyperparameter records a hyperparameter used to build the AI model contained in the AI + // package. + GetHyperparameter() []IDictionaryEntry + + SetHyperparameter(...IDictionaryEntry) + + // GetInformationAboutApplication provides relevant information about the AI software, not including the model + // description. + GetInformationAboutApplication() string + + SetInformationAboutApplication(string) + + // GetInformationAboutTraining describes relevant information about different steps of the training process. + GetInformationAboutTraining() string + + SetInformationAboutTraining(string) + + // GetLimitation captures a limitation of the AI software. + GetLimitation() string + + SetLimitation(string) + + // GetMetric records the measurement of prediction quality of the AI model. + GetMetric() []IDictionaryEntry + + SetMetric(...IDictionaryEntry) + + // GetMetricDecisionThreshold captures the threshold that was used for computation of a metric described in + // the metric field. + GetMetricDecisionThreshold() []IDictionaryEntry + + SetMetricDecisionThreshold(...IDictionaryEntry) + + // GetModelDataPreprocessing describes all the preprocessing steps applied to the training data before the + // model training. + GetModelDataPreprocessing() []string + + SetModelDataPreprocessing(...string) + + // GetModelExplainability describes methods that can be used to explain the model. + GetModelExplainability() []string + + SetModelExplainability(...string) + + // GetSafetyRiskAssessment records the results of general safety risk assessment of the AI system. + GetSafetyRiskAssessment() SafetyRiskAssessmentType + + SetSafetyRiskAssessment(SafetyRiskAssessmentType) + + // GetStandardCompliance captures a standard that is being complied with. + GetStandardCompliance() []string + + SetStandardCompliance(...string) + + // GetTypeOfModel records the type of the model used in the AI software. + GetTypeOfModel() []string + + SetTypeOfModel(...string) + + // GetUseSensitivePersonalInformation records if sensitive personal information is used during model training or + // could be used during the inference. + GetUseSensitivePersonalInformation() PresenceType + + SetUseSensitivePersonalInformation(PresenceType) +} + +type AIPackage struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/AIPackage" iri-compact:"ai_AIPackage" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` + + // AdditionalPurpose provides additional purpose information of the software artifact. + AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` + // AttributionText provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` + // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` + // CopyrightText identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` + // PrimaryPurpose provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` + + // DownloadLocation identifies the download Uniform Resource Identifier for the package at the time + // that the document was created. + DownloadLocation string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` + // HomePage a place for the SPDX document creator to record a website that serves as the + // package's home page. + HomePage string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/homePage" iri-compact:"software_homePage"` + // PackageUrl provides a place for the SPDX data creator to record the package URL string + // (in accordance with the + // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) + // for a software Package. + PackageUrl string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageUrl" iri-compact:"software_packageUrl"` + // PackageVersion identify the version of a package. + PackageVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageVersion" iri-compact:"software_packageVersion"` + // SourceInfo records any relevant background information or additional comments + // about the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` + + // AutonomyType states if a human is involved in the decisions of the AI software. + AutonomyType PresenceType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/autonomyType" iri-compact:"ai_autonomyType"` + // Domain captures the domain in which the AI package can be used. + Domain []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/domain" iri-compact:"ai_domain"` + // EnergyConsumption indicates the amount of energy consumed to train the AI model. + EnergyConsumption IEnergyConsumption `iri:"https://spdx.org/rdf/3.0.0/terms/AI/energyConsumption" iri-compact:"ai_energyConsumption"` + // Hyperparameter records a hyperparameter used to build the AI model contained in the AI + // package. + Hyperparameter []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/AI/hyperparameter" iri-compact:"ai_hyperparameter"` + // InformationAboutApplication provides relevant information about the AI software, not including the model + // description. + InformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/informationAboutApplication" iri-compact:"ai_informationAboutApplication"` + // InformationAboutTraining describes relevant information about different steps of the training process. + InformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/informationAboutTraining" iri-compact:"ai_informationAboutTraining"` + // Limitation captures a limitation of the AI software. + Limitation string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/limitation" iri-compact:"ai_limitation"` + // Metric records the measurement of prediction quality of the AI model. + Metric []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/AI/metric" iri-compact:"ai_metric"` + // MetricDecisionThreshold captures the threshold that was used for computation of a metric described in + // the metric field. + MetricDecisionThreshold []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/AI/metricDecisionThreshold" iri-compact:"ai_metricDecisionThreshold"` + // ModelDataPreprocessing describes all the preprocessing steps applied to the training data before the + // model training. + ModelDataPreprocessing []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/modelDataPreprocessing" iri-compact:"ai_modelDataPreprocessing"` + // ModelExplainability describes methods that can be used to explain the model. + ModelExplainability []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/modelExplainability" iri-compact:"ai_modelExplainability"` + // SafetyRiskAssessment records the results of general safety risk assessment of the AI system. + SafetyRiskAssessment SafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/safetyRiskAssessment" iri-compact:"ai_safetyRiskAssessment"` + // StandardCompliance captures a standard that is being complied with. + StandardCompliance []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/standardCompliance" iri-compact:"ai_standardCompliance"` + // TypeOfModel records the type of the model used in the AI software. + TypeOfModel []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/typeOfModel" iri-compact:"ai_typeOfModel"` + // UseSensitivePersonalInformation records if sensitive personal information is used during model training or + // could be used during the inference. + UseSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/useSensitivePersonalInformation" iri-compact:"ai_useSensitivePersonalInformation"` +} + +func NewAIPackage() IAIPackage { + return &AIPackage{} +} + +func (o *AIPackage) GetSpdxId() string { + return o.SpdxId +} +func (o *AIPackage) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *AIPackage) GetComment() string { + return o.Comment +} +func (o *AIPackage) SetComment(v string) { + o.Comment = v +} +func (o *AIPackage) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *AIPackage) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *AIPackage) GetDescription() string { + return o.Description +} +func (o *AIPackage) SetDescription(v string) { + o.Description = v +} +func (o *AIPackage) GetExtensions() []IExtension { + return o.Extensions +} +func (o *AIPackage) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *AIPackage) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *AIPackage) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *AIPackage) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *AIPackage) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *AIPackage) GetName() string { + return o.Name +} +func (o *AIPackage) SetName(v string) { + o.Name = v +} +func (o *AIPackage) GetSummary() string { + return o.Summary +} +func (o *AIPackage) SetSummary(v string) { + o.Summary = v +} +func (o *AIPackage) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *AIPackage) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *AIPackage) GetBuiltTime() string { + return o.BuiltTime +} +func (o *AIPackage) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *AIPackage) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *AIPackage) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *AIPackage) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *AIPackage) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *AIPackage) GetStandardName() []string { + return o.StandardName +} +func (o *AIPackage) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *AIPackage) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *AIPackage) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *AIPackage) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *AIPackage) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *AIPackage) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *AIPackage) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +func (o *AIPackage) GetAdditionalPurpose() []SoftwarePurpose { + return o.AdditionalPurpose +} +func (o *AIPackage) SetAdditionalPurpose(v ...SoftwarePurpose) { + o.AdditionalPurpose = v +} +func (o *AIPackage) GetAttributionText() []string { + return o.AttributionText +} +func (o *AIPackage) SetAttributionText(v ...string) { + o.AttributionText = v +} +func (o *AIPackage) GetContentIdentifier() []IContentIdentifier { + return o.ContentIdentifier +} +func (o *AIPackage) SetContentIdentifier(v ...IContentIdentifier) { + o.ContentIdentifier = v +} +func (o *AIPackage) GetCopyrightText() string { + return o.CopyrightText +} +func (o *AIPackage) SetCopyrightText(v string) { + o.CopyrightText = v +} +func (o *AIPackage) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} +func (o *AIPackage) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *AIPackage) GetDownloadLocation() string { + return o.DownloadLocation +} +func (o *AIPackage) SetDownloadLocation(v string) { + o.DownloadLocation = v +} +func (o *AIPackage) GetHomePage() string { + return o.HomePage +} +func (o *AIPackage) SetHomePage(v string) { + o.HomePage = v +} +func (o *AIPackage) GetPackageUrl() string { + return o.PackageUrl +} +func (o *AIPackage) SetPackageUrl(v string) { + o.PackageUrl = v +} +func (o *AIPackage) GetPackageVersion() string { + return o.PackageVersion +} +func (o *AIPackage) SetPackageVersion(v string) { + o.PackageVersion = v +} +func (o *AIPackage) GetSourceInfo() string { + return o.SourceInfo +} +func (o *AIPackage) SetSourceInfo(v string) { + o.SourceInfo = v +} + +func (o *AIPackage) GetAutonomyType() PresenceType { + return o.AutonomyType +} +func (o *AIPackage) SetAutonomyType(v PresenceType) { + o.AutonomyType = v +} +func (o *AIPackage) GetDomain() []string { + return o.Domain +} +func (o *AIPackage) SetDomain(v ...string) { + o.Domain = v +} +func (o *AIPackage) GetEnergyConsumption() IEnergyConsumption { + return o.EnergyConsumption +} +func (o *AIPackage) SetEnergyConsumption(v IEnergyConsumption) { + o.EnergyConsumption = v +} +func (o *AIPackage) GetHyperparameter() []IDictionaryEntry { + return o.Hyperparameter +} +func (o *AIPackage) SetHyperparameter(v ...IDictionaryEntry) { + o.Hyperparameter = v +} +func (o *AIPackage) GetInformationAboutApplication() string { + return o.InformationAboutApplication +} +func (o *AIPackage) SetInformationAboutApplication(v string) { + o.InformationAboutApplication = v +} +func (o *AIPackage) GetInformationAboutTraining() string { + return o.InformationAboutTraining +} +func (o *AIPackage) SetInformationAboutTraining(v string) { + o.InformationAboutTraining = v +} +func (o *AIPackage) GetLimitation() string { + return o.Limitation +} +func (o *AIPackage) SetLimitation(v string) { + o.Limitation = v +} +func (o *AIPackage) GetMetric() []IDictionaryEntry { + return o.Metric +} +func (o *AIPackage) SetMetric(v ...IDictionaryEntry) { + o.Metric = v +} +func (o *AIPackage) GetMetricDecisionThreshold() []IDictionaryEntry { + return o.MetricDecisionThreshold +} +func (o *AIPackage) SetMetricDecisionThreshold(v ...IDictionaryEntry) { + o.MetricDecisionThreshold = v +} +func (o *AIPackage) GetModelDataPreprocessing() []string { + return o.ModelDataPreprocessing +} +func (o *AIPackage) SetModelDataPreprocessing(v ...string) { + o.ModelDataPreprocessing = v +} +func (o *AIPackage) GetModelExplainability() []string { + return o.ModelExplainability +} +func (o *AIPackage) SetModelExplainability(v ...string) { + o.ModelExplainability = v +} +func (o *AIPackage) GetSafetyRiskAssessment() SafetyRiskAssessmentType { + return o.SafetyRiskAssessment +} +func (o *AIPackage) SetSafetyRiskAssessment(v SafetyRiskAssessmentType) { + o.SafetyRiskAssessment = v +} +func (o *AIPackage) GetStandardCompliance() []string { + return o.StandardCompliance +} +func (o *AIPackage) SetStandardCompliance(v ...string) { + o.StandardCompliance = v +} +func (o *AIPackage) GetTypeOfModel() []string { + return o.TypeOfModel +} +func (o *AIPackage) SetTypeOfModel(v ...string) { + o.TypeOfModel = v +} +func (o *AIPackage) GetUseSensitivePersonalInformation() PresenceType { + return o.UseSensitivePersonalInformation +} +func (o *AIPackage) SetUseSensitivePersonalInformation(v PresenceType) { + o.UseSensitivePersonalInformation = v +} + +type IDatasetPackage interface { + IPackage + + // GetAnonymizationMethodUsed describes the anonymization methods used. + GetAnonymizationMethodUsed() []string + + SetAnonymizationMethodUsed(...string) + + // GetConfidentialityLevel describes the confidentiality level of the data points contained in the dataset. + GetConfidentialityLevel() ConfidentialityLevelType + + SetConfidentialityLevel(ConfidentialityLevelType) + + // GetDataCollectionProcess describes how the dataset was collected. + GetDataCollectionProcess() string + + SetDataCollectionProcess(string) + + // GetDataPreprocessing describes the preprocessing steps that were applied to the raw data to create the given dataset. + GetDataPreprocessing() []string + + SetDataPreprocessing(...string) + + // GetDatasetAvailability the field describes the availability of a dataset. + GetDatasetAvailability() DatasetAvailabilityType + + SetDatasetAvailability(DatasetAvailabilityType) + + // GetDatasetNoise describes potentially noisy elements of the dataset. + GetDatasetNoise() string + + SetDatasetNoise(string) + + // GetDatasetSize captures the size of the dataset. + GetDatasetSize() uint + + SetDatasetSize(uint) + + // GetDatasetType describes the type of the given dataset. + GetDatasetType() []DatasetType + + SetDatasetType(...DatasetType) + + // GetDatasetUpdateMechanism describes a mechanism to update the dataset. + GetDatasetUpdateMechanism() string + + SetDatasetUpdateMechanism(string) + + // GetHasSensitivePersonalInformation describes if any sensitive personal information is present in the dataset. + GetHasSensitivePersonalInformation() PresenceType + + SetHasSensitivePersonalInformation(PresenceType) + + // GetIntendedUse describes what the given dataset should be used for. + GetIntendedUse() string + + SetIntendedUse(string) + + // GetKnownBias records the biases that the dataset is known to encompass. + GetKnownBias() []string + + SetKnownBias(...string) + + // GetSensor describes a sensor used for collecting the data. + GetSensor() []IDictionaryEntry + + SetSensor(...IDictionaryEntry) +} + +type DatasetPackage struct { + _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetPackage" iri-compact:"dataset_DatasetPackage" id-prop:"spdxId"` + + // SpdxId identifier property + SpdxId string `iri:"@id" iri-compact:"spdxId"` + // Comment provide consumers with comments by the creator of the Element about the + // Element. + Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // CreationInfo provides information about the creation of the Element. + CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` + // Description provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` + // Extensions specifies an Extension characterization of some aspect of an Element. + Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` + // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` + // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` + // Name identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` + // Summary a short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` + // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + + // BuiltTime specifies the time an artifact was built. + BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` + // OriginatedBy identifies from where or whom the Element originally came. + OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` + // ReleaseTime specifies the time an artifact was released. + ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` + // StandardName the name of a relevant standard that may apply to an artifact. + StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` + // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` + // SupportLevel specifies the level of support associated with an artifact. + SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` + // ValidUntilTime specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` + + // AdditionalPurpose provides additional purpose information of the software artifact. + AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` + // AttributionText provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` + // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` + // CopyrightText identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` + // PrimaryPurpose provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` + + // DownloadLocation identifies the download Uniform Resource Identifier for the package at the time + // that the document was created. + DownloadLocation string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` + // HomePage a place for the SPDX document creator to record a website that serves as the + // package's home page. + HomePage string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/homePage" iri-compact:"software_homePage"` + // PackageUrl provides a place for the SPDX data creator to record the package URL string + // (in accordance with the + // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) + // for a software Package. + PackageUrl string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageUrl" iri-compact:"software_packageUrl"` + // PackageVersion identify the version of a package. + PackageVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageVersion" iri-compact:"software_packageVersion"` + // SourceInfo records any relevant background information or additional comments + // about the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` + + // AnonymizationMethodUsed describes the anonymization methods used. + AnonymizationMethodUsed []string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/anonymizationMethodUsed" iri-compact:"dataset_anonymizationMethodUsed"` + // ConfidentialityLevel describes the confidentiality level of the data points contained in the dataset. + ConfidentialityLevel ConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/confidentialityLevel" iri-compact:"dataset_confidentialityLevel"` + // DataCollectionProcess describes how the dataset was collected. + DataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/dataCollectionProcess" iri-compact:"dataset_dataCollectionProcess"` + // DataPreprocessing describes the preprocessing steps that were applied to the raw data to create the given dataset. + DataPreprocessing []string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/dataPreprocessing" iri-compact:"dataset_dataPreprocessing"` + // DatasetAvailability the field describes the availability of a dataset. + DatasetAvailability DatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetAvailability" iri-compact:"dataset_datasetAvailability"` + // DatasetNoise describes potentially noisy elements of the dataset. + DatasetNoise string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetNoise" iri-compact:"dataset_datasetNoise"` + // DatasetSize captures the size of the dataset. + DatasetSize uint `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetSize" iri-compact:"dataset_datasetSize"` + // DatasetType describes the type of the given dataset. + DatasetType []DatasetType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetType" iri-compact:"dataset_datasetType"` + // DatasetUpdateMechanism describes a mechanism to update the dataset. + DatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetUpdateMechanism" iri-compact:"dataset_datasetUpdateMechanism"` + // HasSensitivePersonalInformation describes if any sensitive personal information is present in the dataset. + HasSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/hasSensitivePersonalInformation" iri-compact:"dataset_hasSensitivePersonalInformation"` + // IntendedUse describes what the given dataset should be used for. + IntendedUse string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/intendedUse" iri-compact:"dataset_intendedUse"` + // KnownBias records the biases that the dataset is known to encompass. + KnownBias []string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/knownBias" iri-compact:"dataset_knownBias"` + // Sensor describes a sensor used for collecting the data. + Sensor []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/sensor" iri-compact:"dataset_sensor"` +} + +func NewDatasetPackage() IDatasetPackage { + return &DatasetPackage{} +} + +func (o *DatasetPackage) GetSpdxId() string { + return o.SpdxId +} +func (o *DatasetPackage) SetSpdxId(v string) { + o.SpdxId = v +} +func (o *DatasetPackage) GetComment() string { + return o.Comment +} +func (o *DatasetPackage) SetComment(v string) { + o.Comment = v +} +func (o *DatasetPackage) GetCreationInfo() ICreationInfo { + return o.CreationInfo +} +func (o *DatasetPackage) SetCreationInfo(v ICreationInfo) { + o.CreationInfo = v +} +func (o *DatasetPackage) GetDescription() string { + return o.Description +} +func (o *DatasetPackage) SetDescription(v string) { + o.Description = v +} +func (o *DatasetPackage) GetExtensions() []IExtension { + return o.Extensions +} +func (o *DatasetPackage) SetExtensions(v ...IExtension) { + o.Extensions = v +} +func (o *DatasetPackage) GetExternalIdentifiers() []IExternalIdentifier { + return o.ExternalIdentifiers +} +func (o *DatasetPackage) SetExternalIdentifiers(v ...IExternalIdentifier) { + o.ExternalIdentifiers = v +} +func (o *DatasetPackage) GetExternalRefs() []IExternalRef { + return o.ExternalRefs +} +func (o *DatasetPackage) SetExternalRefs(v ...IExternalRef) { + o.ExternalRefs = v +} +func (o *DatasetPackage) GetName() string { + return o.Name +} +func (o *DatasetPackage) SetName(v string) { + o.Name = v +} +func (o *DatasetPackage) GetSummary() string { + return o.Summary +} +func (o *DatasetPackage) SetSummary(v string) { + o.Summary = v +} +func (o *DatasetPackage) GetVerifiedUsing() []IIntegrityMethod { + return o.VerifiedUsing +} +func (o *DatasetPackage) SetVerifiedUsing(v ...IIntegrityMethod) { + o.VerifiedUsing = v +} + +func (o *DatasetPackage) GetBuiltTime() string { + return o.BuiltTime +} +func (o *DatasetPackage) SetBuiltTime(v string) { + o.BuiltTime = v +} +func (o *DatasetPackage) GetOriginatedBy() []IAgent { + return o.OriginatedBy +} +func (o *DatasetPackage) SetOriginatedBy(v ...IAgent) { + o.OriginatedBy = v +} +func (o *DatasetPackage) GetReleaseTime() string { + return o.ReleaseTime +} +func (o *DatasetPackage) SetReleaseTime(v string) { + o.ReleaseTime = v +} +func (o *DatasetPackage) GetStandardName() []string { + return o.StandardName +} +func (o *DatasetPackage) SetStandardName(v ...string) { + o.StandardName = v +} +func (o *DatasetPackage) GetSuppliedBy() IAgent { + return o.SuppliedBy +} +func (o *DatasetPackage) SetSuppliedBy(v IAgent) { + o.SuppliedBy = v +} +func (o *DatasetPackage) GetSupportLevel() []SupportType { + return o.SupportLevel +} +func (o *DatasetPackage) SetSupportLevel(v ...SupportType) { + o.SupportLevel = v +} +func (o *DatasetPackage) GetValidUntilTime() string { + return o.ValidUntilTime +} +func (o *DatasetPackage) SetValidUntilTime(v string) { + o.ValidUntilTime = v +} + +func (o *DatasetPackage) GetAdditionalPurpose() []SoftwarePurpose { + return o.AdditionalPurpose +} +func (o *DatasetPackage) SetAdditionalPurpose(v ...SoftwarePurpose) { + o.AdditionalPurpose = v +} +func (o *DatasetPackage) GetAttributionText() []string { + return o.AttributionText +} +func (o *DatasetPackage) SetAttributionText(v ...string) { + o.AttributionText = v +} +func (o *DatasetPackage) GetContentIdentifier() []IContentIdentifier { + return o.ContentIdentifier +} +func (o *DatasetPackage) SetContentIdentifier(v ...IContentIdentifier) { + o.ContentIdentifier = v +} +func (o *DatasetPackage) GetCopyrightText() string { + return o.CopyrightText +} +func (o *DatasetPackage) SetCopyrightText(v string) { + o.CopyrightText = v +} +func (o *DatasetPackage) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} +func (o *DatasetPackage) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *DatasetPackage) GetDownloadLocation() string { + return o.DownloadLocation +} +func (o *DatasetPackage) SetDownloadLocation(v string) { + o.DownloadLocation = v +} +func (o *DatasetPackage) GetHomePage() string { + return o.HomePage +} +func (o *DatasetPackage) SetHomePage(v string) { + o.HomePage = v +} +func (o *DatasetPackage) GetPackageUrl() string { + return o.PackageUrl +} +func (o *DatasetPackage) SetPackageUrl(v string) { + o.PackageUrl = v +} +func (o *DatasetPackage) GetPackageVersion() string { + return o.PackageVersion +} +func (o *DatasetPackage) SetPackageVersion(v string) { + o.PackageVersion = v +} +func (o *DatasetPackage) GetSourceInfo() string { + return o.SourceInfo +} +func (o *DatasetPackage) SetSourceInfo(v string) { + o.SourceInfo = v +} + +func (o *DatasetPackage) GetAnonymizationMethodUsed() []string { + return o.AnonymizationMethodUsed +} +func (o *DatasetPackage) SetAnonymizationMethodUsed(v ...string) { + o.AnonymizationMethodUsed = v +} +func (o *DatasetPackage) GetConfidentialityLevel() ConfidentialityLevelType { + return o.ConfidentialityLevel +} +func (o *DatasetPackage) SetConfidentialityLevel(v ConfidentialityLevelType) { + o.ConfidentialityLevel = v +} +func (o *DatasetPackage) GetDataCollectionProcess() string { + return o.DataCollectionProcess +} +func (o *DatasetPackage) SetDataCollectionProcess(v string) { + o.DataCollectionProcess = v +} +func (o *DatasetPackage) GetDataPreprocessing() []string { + return o.DataPreprocessing +} +func (o *DatasetPackage) SetDataPreprocessing(v ...string) { + o.DataPreprocessing = v +} +func (o *DatasetPackage) GetDatasetAvailability() DatasetAvailabilityType { + return o.DatasetAvailability +} +func (o *DatasetPackage) SetDatasetAvailability(v DatasetAvailabilityType) { + o.DatasetAvailability = v +} +func (o *DatasetPackage) GetDatasetNoise() string { + return o.DatasetNoise +} +func (o *DatasetPackage) SetDatasetNoise(v string) { + o.DatasetNoise = v +} +func (o *DatasetPackage) GetDatasetSize() uint { + return o.DatasetSize +} +func (o *DatasetPackage) SetDatasetSize(v uint) { + o.DatasetSize = v +} +func (o *DatasetPackage) GetDatasetType() []DatasetType { + return o.DatasetType +} +func (o *DatasetPackage) SetDatasetType(v ...DatasetType) { + o.DatasetType = v +} +func (o *DatasetPackage) GetDatasetUpdateMechanism() string { + return o.DatasetUpdateMechanism +} +func (o *DatasetPackage) SetDatasetUpdateMechanism(v string) { + o.DatasetUpdateMechanism = v +} +func (o *DatasetPackage) GetHasSensitivePersonalInformation() PresenceType { + return o.HasSensitivePersonalInformation +} +func (o *DatasetPackage) SetHasSensitivePersonalInformation(v PresenceType) { + o.HasSensitivePersonalInformation = v +} +func (o *DatasetPackage) GetIntendedUse() string { + return o.IntendedUse +} +func (o *DatasetPackage) SetIntendedUse(v string) { + o.IntendedUse = v +} +func (o *DatasetPackage) GetKnownBias() []string { + return o.KnownBias +} +func (o *DatasetPackage) SetKnownBias(v ...string) { + o.KnownBias = v +} +func (o *DatasetPackage) GetSensor() []IDictionaryEntry { + return o.Sensor +} +func (o *DatasetPackage) SetSensor(v ...IDictionaryEntry) { + o.Sensor = v +} + +var ldGlobal = ldContext{}. + RegisterTypes("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", + &EnergyConsumption{}, + &EnergyConsumptionDescription{}, + &EnergyUnitType{}, + &SafetyRiskAssessmentType{}, + &AnnotationType{}, + &CreationInfo{}, + &DictionaryEntry{}, + &Element{}, + &ElementCollection{}, + &ExternalIdentifier{}, + &ExternalIdentifierType{}, + &ExternalMap{}, + &ExternalRef{}, + &ExternalRefType{}, + &HashAlgorithm{}, + &IntegrityMethod{}, + &LifecycleScopeType{}, + &NamespaceMap{}, + &PackageVerificationCode{}, + &PositiveIntegerRange{}, + &PresenceType{}, + &ProfileIdentifierType{}, + &Relationship{}, + &RelationshipCompleteness{}, + &RelationshipType{}, + &SpdxDocument{}, + &SupportType{}, + &Tool{}, + &ConfidentialityLevelType{}, + &DatasetAvailabilityType{}, + &DatasetType{}, + &LicenseAddition{}, + &ListedLicenseException{}, + &CdxPropertyEntry{}, + &Extension{}, + &CvssSeverityType{}, + &ExploitCatalogType{}, + &SsvcDecisionType{}, + &VexJustificationType{}, + &VulnAssessmentRelationship{}, + &AnyLicenseInfo{}, + &LicenseExpression{}, + &SimpleLicensingText{}, + &ContentIdentifier{}, + &ContentIdentifierType{}, + &FileKindType{}, + &SbomType{}, + &SoftwarePurpose{}, + &Build{}, + &Agent{}, + &Annotation{}, + &Artifact{}, + &Bundle{}, + &Hash{}, + &LifecycleScopedRelationship{}, + &Organization{}, + &Person{}, + &SoftwareAgent{}, + &ConjunctiveLicenseSet{}, + &CustomLicenseAddition{}, + &DisjunctiveLicenseSet{}, + &ExtendableLicense{}, + &IndividualLicensingInfo{}, + &License{}, + &ListedLicense{}, + &OrLaterOperator{}, + &WithAdditionOperator{}, + &CdxPropertiesExtension{}, + &CvssV2VulnAssessmentRelationship{}, + &CvssV3VulnAssessmentRelationship{}, + &CvssV4VulnAssessmentRelationship{}, + &EpssVulnAssessmentRelationship{}, + &ExploitCatalogVulnAssessmentRelationship{}, + &SsvcVulnAssessmentRelationship{}, + &VexVulnAssessmentRelationship{}, + &Vulnerability{}, + &SoftwareArtifact{}, + &Bom{}, + &CustomLicense{}, + &VexAffectedVulnAssessmentRelationship{}, + &VexFixedVulnAssessmentRelationship{}, + &VexNotAffectedVulnAssessmentRelationship{}, + &VexUnderInvestigationVulnAssessmentRelationship{}, + &File{}, + &Package{}, + &Sbom{}, + &Snippet{}, + &AIPackage{}, + &DatasetPackage{}, + ). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &EnergyUnitType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/kilowattHour": "kilowattHour", + "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/megajoule": "megajoule", + "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/other": "other", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ProfileIdentifierType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/ai": "ai", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/build": "build", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/core": "core", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/dataset": "dataset", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/expandedLicensing": "expandedLicensing", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/extension": "extension", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/lite": "lite", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/security": "security", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/simpleLicensing": "simpleLicensing", + "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/software": "software", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ExternalIdentifierType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe22": "cpe22", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe23": "cpe23", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cve": "cve", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/email": "email", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/gitoid": "gitoid", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/packageUrl": "packageUrl", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/securityOther": "securityOther", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swhid": "swhid", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swid": "swid", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/urlScheme": "urlScheme", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ExternalRefType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altDownloadLocation": "altDownloadLocation", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altWebPage": "altWebPage", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/binaryArtifact": "binaryArtifact", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/bower": "bower", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildMeta": "buildMeta", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildSystem": "buildSystem", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/certificationReport": "certificationReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/chat": "chat", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/componentAnalysisReport": "componentAnalysisReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/cwe": "cwe", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/documentation": "documentation", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/dynamicAnalysisReport": "dynamicAnalysisReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/eolNotice": "eolNotice", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/exportControlAssessment": "exportControlAssessment", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/funding": "funding", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/issueTracker": "issueTracker", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/license": "license", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mailingList": "mailingList", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mavenCentral": "mavenCentral", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/metrics": "metrics", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/npm": "npm", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/nuget": "nuget", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/privacyAssessment": "privacyAssessment", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/productMetadata": "productMetadata", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/purchaseOrder": "purchaseOrder", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/qualityAssessmentReport": "qualityAssessmentReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseHistory": "releaseHistory", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseNotes": "releaseNotes", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/riskAssessment": "riskAssessment", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/runtimeAnalysisReport": "runtimeAnalysisReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/secureSoftwareAttestation": "secureSoftwareAttestation", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdversaryModel": "securityAdversaryModel", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdvisory": "securityAdvisory", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityFix": "securityFix", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityOther": "securityOther", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPenTestReport": "securityPenTestReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPolicy": "securityPolicy", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityThreatModel": "securityThreatModel", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/socialMedia": "socialMedia", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/sourceArtifact": "sourceArtifact", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/staticAnalysisReport": "staticAnalysisReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/support": "support", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vcs": "vcs", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityDisclosureReport": "vulnerabilityDisclosureReport", + "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment": "vulnerabilityExploitabilityAssessment", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &HashAlgorithm{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b256": "blake2b256", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b384": "blake2b384", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b512": "blake2b512", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake3": "blake3", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsDilithium": "crystalsDilithium", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsKyber": "crystalsKyber", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/falcon": "falcon", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md2": "md2", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md4": "md4", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md5": "md5", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md6": "md6", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha1": "sha1", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha224": "sha224", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha256": "sha256", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha384": "sha384", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_224": "sha3_224", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_256": "sha3_256", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_384": "sha3_384", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_512": "sha3_512", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha512": "sha512", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &RelationshipCompleteness{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/complete": "complete", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/incomplete": "incomplete", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/noAssertion": "noAssertion", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &RelationshipType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/affects": "affects", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/amendedBy": "amendedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/ancestorOf": "ancestorOf", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/availableFrom": "availableFrom", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/configures": "configures", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/contains": "contains", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/coordinatedBy": "coordinatedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/copiedTo": "copiedTo", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/delegatedTo": "delegatedTo", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/dependsOn": "dependsOn", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/descendantOf": "descendantOf", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/describes": "describes", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/doesNotAffect": "doesNotAffect", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/expandsTo": "expandsTo", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/exploitCreatedBy": "exploitCreatedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedBy": "fixedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedIn": "fixedIn", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/foundBy": "foundBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/generates": "generates", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAddedFile": "hasAddedFile", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssessmentFor": "hasAssessmentFor", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssociatedVulnerability": "hasAssociatedVulnerability", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasConcludedLicense": "hasConcludedLicense", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDataFile": "hasDataFile", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeclaredLicense": "hasDeclaredLicense", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeletedFile": "hasDeletedFile", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDependencyManifest": "hasDependencyManifest", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDistributionArtifact": "hasDistributionArtifact", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDocumentation": "hasDocumentation", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDynamicLink": "hasDynamicLink", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasEvidence": "hasEvidence", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasExample": "hasExample", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasHost": "hasHost", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasInputs": "hasInputs", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasMetadata": "hasMetadata", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalComponent": "hasOptionalComponent", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalDependency": "hasOptionalDependency", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOutputs": "hasOutputs", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasPrerequsite": "hasPrerequsite", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasProvidedDependency": "hasProvidedDependency", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasRequirement": "hasRequirement", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasSpecification": "hasSpecification", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasStaticLink": "hasStaticLink", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTest": "hasTest", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTestCase": "hasTestCase", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasVariant": "hasVariant", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/invokedBy": "invokedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/modifiedBy": "modifiedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/packagedBy": "packagedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/patchedBy": "patchedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/publishedBy": "publishedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/reportedBy": "reportedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/republishedBy": "republishedBy", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/serializedInArtifact": "serializedInArtifact", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/testedOn": "testedOn", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/trainedOn": "trainedOn", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/underInvestigationFor": "underInvestigationFor", + "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/usesTool": "usesTool", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ContentIdentifierType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/gitoid": "gitoid", + "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/swhid": "swhid", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &AnnotationType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/review": "review", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SupportType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/deployed": "deployed", + "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/development": "development", + "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/endOfSupport": "endOfSupport", + "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/limitedSupport": "limitedSupport", + "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noAssertion": "noAssertion", + "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noSupport": "noSupport", + "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/support": "support", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &HashAlgorithm{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b256": "blake2b256", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b384": "blake2b384", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b512": "blake2b512", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake3": "blake3", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsDilithium": "crystalsDilithium", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsKyber": "crystalsKyber", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/falcon": "falcon", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md2": "md2", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md4": "md4", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md5": "md5", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md6": "md6", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha1": "sha1", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha224": "sha224", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha256": "sha256", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha384": "sha384", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_224": "sha3_224", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_256": "sha3_256", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_384": "sha3_384", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_512": "sha3_512", + "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha512": "sha512", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &LifecycleScopeType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/build": "build", + "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/design": "design", + "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/development": "development", + "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/runtime": "runtime", + "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/test": "test", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &CvssSeverityType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/critical": "critical", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/high": "high", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/low": "low", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/medium": "medium", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/none": "none", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &CvssSeverityType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/critical": "critical", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/high": "high", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/low": "low", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/medium": "medium", + "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/none": "none", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ExploitCatalogType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/kev": "kev", + "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/other": "other", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SsvcDecisionType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/act": "act", + "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/attend": "attend", + "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/track": "track", + "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/trackStar": "trackStar", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SoftwarePurpose{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/application": "application", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/archive": "archive", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/bom": "bom", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/configuration": "configuration", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/container": "container", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/data": "data", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/device": "device", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/deviceDriver": "deviceDriver", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/diskImage": "diskImage", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/documentation": "documentation", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/evidence": "evidence", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/executable": "executable", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/file": "file", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/filesystemImage": "filesystemImage", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/firmware": "firmware", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/framework": "framework", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/install": "install", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/library": "library", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/manifest": "manifest", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/model": "model", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/module": "module", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/operatingSystem": "operatingSystem", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/patch": "patch", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/platform": "platform", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/requirement": "requirement", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/source": "source", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/specification": "specification", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/test": "test", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SoftwarePurpose{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/application": "application", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/archive": "archive", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/bom": "bom", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/configuration": "configuration", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/container": "container", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/data": "data", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/device": "device", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/deviceDriver": "deviceDriver", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/diskImage": "diskImage", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/documentation": "documentation", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/evidence": "evidence", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/executable": "executable", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/file": "file", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/filesystemImage": "filesystemImage", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/firmware": "firmware", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/framework": "framework", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/install": "install", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/library": "library", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/manifest": "manifest", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/model": "model", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/module": "module", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/operatingSystem": "operatingSystem", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/patch": "patch", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/platform": "platform", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/requirement": "requirement", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/source": "source", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/specification": "specification", + "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/test": "test", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &VexJustificationType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/componentNotPresent": "componentNotPresent", + "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist": "inlineMitigationsAlreadyExist", + "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary": "vulnerableCodeCannotBeControlledByAdversary", + "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath": "vulnerableCodeNotInExecutePath", + "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotPresent": "vulnerableCodeNotPresent", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &FileKindType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/directory": "directory", + "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/file": "file", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SbomType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/analyzed": "analyzed", + "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/build": "build", + "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/deployed": "deployed", + "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/design": "design", + "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/runtime": "runtime", + "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/source": "source", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &PresenceType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no": "no", + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion": "noAssertion", + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes": "yes", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SafetyRiskAssessmentType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/high": "high", + "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/low": "low", + "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/medium": "medium", + "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/serious": "serious", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &PresenceType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no": "no", + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion": "noAssertion", + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes": "yes", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ConfidentialityLevelType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/amber": "amber", + "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/clear": "clear", + "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/green": "green", + "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/red": "red", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &DatasetAvailabilityType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/clickthrough": "clickthrough", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/directDownload": "directDownload", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/query": "query", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/registration": "registration", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/scrapingScript": "scrapingScript", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &DatasetType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/audio": "audio", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/categorical": "categorical", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/graph": "graph", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/image": "image", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/noAssertion": "noAssertion", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/numeric": "numeric", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/other": "other", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/sensor": "sensor", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/structured": "structured", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/syntactic": "syntactic", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/text": "text", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timeseries": "timeseries", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timestamp": "timestamp", + "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/video": "video", + }). + IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &PresenceType{}, map[string]string{ + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no": "no", + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion": "noAssertion", + "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes": "yes", + }) diff --git a/spdx/v3/v3_0/relationships.go b/spdx/v3/v3_0/relationships.go new file mode 100644 index 00000000..e19fa221 --- /dev/null +++ b/spdx/v3/v3_0/relationships.go @@ -0,0 +1,15 @@ +package v3_0 + +type Relationships struct { + relationships []IRelationship +} + +func (r Relationships) From(element IElement) Relationships { + var out []IRelationship + for _, r := range r.relationships { + if r.GetFrom() == element { + out = append(out, r) + } + } + return Relationships{out} +} diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0/spdx.go new file mode 100644 index 00000000..6744952e --- /dev/null +++ b/spdx/v3/v3_0/spdx.go @@ -0,0 +1,206 @@ +package v3_0 + +import ( + "encoding/json" + "fmt" + "io" + "math/rand" + "reflect" + "time" +) + +/* +SPDX 3 models and serialization code is generated from prototype golang support for shacl2code, +https://github.com/kzantow-anchore/shacl2code/tree/golang-bindings (with contributions from Nisha and Keith) + +To regenerate, use something like this command: +.venv/bin/python -m shacl2code generate -i https://spdx.org/rdf/3.0.0/spdx-model.ttl -i https://spdx.org/rdf/3.0.0/spdx-json-serialize-annotations.ttl -x https://spdx.org/rdf/3.0.0/spdx-context.jsonld golang --package v3_0 --license MIT --output $HOME/projects/tools-golang/spdx/v3/v3_0/model.go --remap-props element=elements,extension=extensions,externalIdentifier=externalIdentifiers,externalRef=externalRefs,rootElement=rootElements +*/ + +type Document struct { + creationInfo *CreationInfo + document *SpdxDocument + graph []any + ldc ldContext +} + +func NewDocument(creator IAgent) *Document { + ci := &CreationInfo{ + Created: time.Now().Format(time.RFC3339), + CreatedBy: []IAgent{ + creator, + }, + } + creator.SetCreationInfo(ci) + return &Document{ + creationInfo: ci, + document: &SpdxDocument{ + CreationInfo: ci, + }, + graph: []any{ci, creator}, + ldc: ldGlobal, + } +} + +func (d *Document) CreationInfo() ICreationInfo { + return d.creationInfo +} + +func (d *Document) AddElement(e ...IElement) { + d.document.RootElements = append(d.document.RootElements, e...) + d.document.Elements = append(d.document.Elements, e...) +} + +func (d *Document) GetElements() []IElement { + return d.document.RootElements +} + +func (d *Document) Document() *SpdxDocument { + return d.document +} + +func (d *Document) Packages() []IPackage { + return get[IPackage](d) +} + +func (d *Document) Relationships() Relationships { + return Relationships{get[IRelationship](d)} +} + +func (d *Document) Files() []IFile { + return get[IFile](d) +} + +func (d *Document) ToJSON(writer io.Writer) error { + if d.document == nil { + return fmt.Errorf("no document object created") + } + // all IElement need to have creationInfo set... + if d.creationInfo != nil { + d.setCreationInfo(d.creationInfo, d.document) + } + // all IElement need to have spdxID... + if makeIdGenerator != nil { + idGen := makeIdGenerator(d.document) + if d.document.GetSpdxId() == "" { + d.document.SetSpdxId(idGen(d.document)) + } + d.ensureSpdxIDs(d.document, idGen) + } + + maps, err := d.ldc.toMaps(d.document) + if err != nil { + return err + } + enc := json.NewEncoder(writer) + enc.SetEscapeHTML(false) + enc.SetIndent("", " ") + return enc.Encode(maps) +} + +func (d *Document) setCreationInfo(creationInfo ICreationInfo, doc ISpdxDocument) { + iCreationInfoType := reflect.TypeOf((*ICreationInfo)(nil)).Elem() + ci := reflect.ValueOf(creationInfo) + _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { + t := v.Type() + if t.Kind() == reflect.Interface && v.IsNil() && t.Implements(iCreationInfoType) { + v.Set(ci) + } + return nil + }) +} + +func (d *Document) ensureSpdxIDs(doc ISpdxDocument, idGen idGenerator) { + iElementType := reflect.TypeOf((*IElement)(nil)).Elem() + _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { + if v.Type().Implements(iElementType) { + el, ok := v.Interface().(IElement) + if ok && el.GetSpdxId() == "" { + el.SetSpdxId(idGen(el)) + } + } + return nil + }) +} + +type idGenerator func(e IElement) string + +var makeIdGenerator = func(doc ISpdxDocument) idGenerator { + nextID := map[reflect.Type]uint{} + return func(e IElement) string { + if _, ok := e.(ISpdxDocument); ok { + return fmt.Sprintf("%v", rand.Uint64()) + } + t := baseType(reflect.TypeOf(e)) + // should these be blank nodes? + id := nextID[t] + 1 + nextID[t] = id + return fmt.Sprintf("_:%v-%v-%v", doc.GetSpdxId(), t.Name(), id) + } +} + +func visitObjectGraph(visited map[reflect.Value]struct{}, v reflect.Value, visitor func(reflect.Value) error) error { + if _, ok := visited[v]; ok { + return nil + } + visited[v] = struct{}{} + if !v.IsValid() { + return nil + } + err := visitor(v) + if err != nil { + return err + } + switch v.Kind() { + case reflect.Interface: + if !v.IsNil() { + return visitObjectGraph(visited, v.Elem(), visitor) + } + case reflect.Pointer: + if v.IsNil() { + return nil + } + return visitObjectGraph(visited, v.Elem(), visitor) + case reflect.Struct: + for i := 0; i < v.NumField(); i++ { + err = visitObjectGraph(visited, v.Field(i), visitor) + if err != nil { + return err + } + } + case reflect.Slice: + for i := 0; i < v.Len(); i++ { + err = visitObjectGraph(visited, v.Index(i), visitor) + if err != nil { + return err + } + } + default: + } + return nil +} + +func (d *Document) FromJSON(reader io.Reader) error { + graph, err := d.ldc.FromJSON(reader) + if err != nil { + return err + } + d.graph = append(d.graph, graph) + for _, e := range graph { + if doc, ok := e.(*SpdxDocument); ok { + d.document = doc + return nil + } + } + return fmt.Errorf("no document found") +} + +func get[T any](ctx *Document) []T { + var out []T + for _, i := range ctx.graph { + if i, ok := i.(T); ok { + out = append(out, i) + } + } + return out +} diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0/spdx_test.go new file mode 100644 index 00000000..4ae28bd4 --- /dev/null +++ b/spdx/v3/v3_0/spdx_test.go @@ -0,0 +1,211 @@ +package v3_0_test + +import ( + "bytes" + "fmt" + "strings" + "testing" + + "github.com/pmezard/go-difflib/difflib" + + spdx "github.com/spdx/tools-golang/spdx/v3/v3_0" +) + +func Test_exportImportExport(t *testing.T) { + doc := spdx.NewDocument(&spdx.SoftwareAgent{ + Name: "tools-golang", + Summary: "a summary", + }) + doc.Document().SetProfileConformance(spdx.ProfileIdentifierType_Software) + + doc.CreationInfo().SetCreatedUsing( + &spdx.Tool{ + ExternalIdentifiers: []spdx.IExternalIdentifier{ + &spdx.ExternalIdentifier{ + ExternalIdentifierType: spdx.ExternalIdentifierType_Cpe23, + Identifier: "cpe23:a:myvendor:my-product:*:*:*:*:*:*:*", + }, + }, + ExternalRefs: nil, + Name: "not-tools-golang", + }, + ) + + doc.Document().SetName("My Document") + + // add a package + + pkg1 := &spdx.Package{ + Name: "some-package-1", + PackageVersion: "1.2.3", + } + pkg2 := &spdx.Package{ + Name: "some-package-2", + PackageVersion: "2.4.5", + } + doc.AddElement(pkg1, pkg2) + + file1 := &spdx.File{ + Name: "/bin/bash", + } + doc.AddElement(file1) + + // add relationships + + doc.AddElement( + &spdx.Relationship{ + From: file1, + RelationshipType: spdx.RelationshipType_Contains, + To: []spdx.IElement{ + pkg1, + pkg2, + }, + }, + ) + + doc.AddElement( + &spdx.Relationship{ + From: pkg1, + RelationshipType: spdx.RelationshipType_DependsOn, + To: []spdx.IElement{ + pkg2, + }, + }, + ) + + // serialize + + buf := bytes.Buffer{} + err := doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + + json1 := buf.String() + fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + + // deserialize to a new document + + doc = spdx.NewDocument(&spdx.SoftwareAgent{}) + err = doc.FromJSON(strings.NewReader(json1)) + if err != nil { + t.Error(err) + } + + // re-serialize + + buf.Reset() + err = doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + json2 := buf.String() + fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + + // compare original to parsed and re-encoded + + diff := difflib.UnifiedDiff{ + A: difflib.SplitLines(json1), + B: difflib.SplitLines(json2), + FromFile: "Original", + ToFile: "Current", + Context: 3, + } + text, _ := difflib.GetUnifiedDiffString(diff) + if text != "" { + t.Errorf(text) + } + + // some basic verification: + + var pkgs []spdx.IPackage + for _, e := range doc.GetElements() { + if rel, ok := e.(spdx.IRelationship); ok && rel.GetRelationshipType() == spdx.RelationshipType_Contains { + if from, ok := rel.GetFrom().(spdx.IFile); ok && from.GetName() == "/bin/bash" { + for _, el := range rel.GetTo() { + if pkg, ok := el.(spdx.IPackage); ok { + pkgs = append(pkgs, pkg) + } + } + + } + } + } + if len(pkgs) != 2 { + t.Error("wrong packages returned") + } +} + +func Test_aiProfile(t *testing.T) { + doc := spdx.NewDocument(&spdx.SoftwareAgent{ + Name: "tools-golang", + Summary: "a summary", + }) + doc.Document().SetProfileConformance(spdx.ProfileIdentifierType_Ai) + + aiPkg := &spdx.AIPackage{ + Name: "some ai package", + EnergyConsumption: &spdx.EnergyConsumption{ + FinetuningEnergyConsumption: []spdx.IEnergyConsumptionDescription{ + &spdx.EnergyConsumptionDescription{ + EnergyQuantity: 1.2, + EnergyUnit: spdx.EnergyUnitType_KilowattHour, + }, + }, + TrainingEnergyConsumption: []spdx.IEnergyConsumptionDescription{ + &spdx.EnergyConsumptionDescription{ + EnergyQuantity: 5032402, + EnergyUnit: spdx.EnergyUnitType_KilowattHour, + }, + }, + }, + TypeOfModel: []string{ + "Llama 3 8B", + }, + } + + doc.AddElement(aiPkg) + + // serialize + + buf := bytes.Buffer{} + err := doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + + json1 := buf.String() + fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + + // deserialize to a new document + + doc = spdx.NewDocument(&spdx.SoftwareAgent{}) + err = doc.FromJSON(strings.NewReader(json1)) + if err != nil { + t.Error(err) + } + + // re-serialize + + buf.Reset() + err = doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + json2 := buf.String() + fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + + // compare original to parsed and re-encoded + + diff := difflib.UnifiedDiff{ + A: difflib.SplitLines(json1), + B: difflib.SplitLines(json2), + FromFile: "Original", + ToFile: "Current", + Context: 3, + } + text, _ := difflib.GetUnifiedDiffString(diff) + if text != "" { + t.Errorf(text) + } +} From b92b27a9ee78c8f64b9c9dd90f1df3cefa8fc580 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Sat, 3 Aug 2024 21:35:50 -0400 Subject: [PATCH 02/21] chore: support external references Signed-off-by: Keith Zantow --- spdx/v3/v3_0/model.go | 39 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go index 0559cd78..e1ca5e99 100644 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -174,7 +174,20 @@ func (c ldContext) getOrCreateInstance(currentContext *serializationContext, ins }) return instance, err case reflect.Interface: - return emptyValue, fmt.Errorf("unable to determine appropriate type for external IRI reference: %v", incoming) + // an IRI with an interface is a reference to an unknown type, so use the closest type + newType, found := c.findExternalReferenceType(currentContext, expectedType) + if found { + instance = reflect.New(newType) + // try to return the appropriately assignable instance + if !instance.Type().AssignableTo(expectedType) { + instance = instance.Elem() + } + err := c.setStructProps(currentContext, instances, instance, map[string]any{ + ldIDProp: incoming, + }) + return instance, err + } + return emptyValue, fmt.Errorf("unable to determine external reference type while populating %v for IRI reference: %v", typeName(expectedType), incoming) default: } case map[string]any: @@ -367,6 +380,30 @@ func (c ldContext) setSliceValue(currentContext *serializationContext, instances return errs } +func (c ldContext) findExternalReferenceType(currentContext *serializationContext, expectedType reflect.Type) (reflect.Type, bool) { + tc := currentContext.typeToContext[expectedType] + if tc != nil { + return tc.typ, true + } + bestMatch := anyType + for t := range currentContext.typeToContext { + if t.Kind() != reflect.Struct { + continue + } + // the type with the fewest fields assignable to the target is a good candidate to be an abstract type + if reflect.PointerTo(t).AssignableTo(expectedType) && (bestMatch == anyType || bestMatch.NumField() > t.NumField()) { + bestMatch = t + } + } + if bestMatch != anyType { + currentContext.typeToContext[expectedType] = &typeContext{ + typ: bestMatch, + } + return bestMatch, true + } + return anyType, false +} + func skipField(field reflect.StructField) bool { return field.Type.Size() == 0 } From 08c976dcc9b61344d8e4793e3f3ab46d584d7d9c Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Mon, 5 Aug 2024 21:06:35 -0400 Subject: [PATCH 03/21] chore: bad CPE example Signed-off-by: Keith Zantow --- spdx/v3/v3_0/spdx_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0/spdx_test.go index 4ae28bd4..04db91d5 100644 --- a/spdx/v3/v3_0/spdx_test.go +++ b/spdx/v3/v3_0/spdx_test.go @@ -23,7 +23,7 @@ func Test_exportImportExport(t *testing.T) { ExternalIdentifiers: []spdx.IExternalIdentifier{ &spdx.ExternalIdentifier{ ExternalIdentifierType: spdx.ExternalIdentifierType_Cpe23, - Identifier: "cpe23:a:myvendor:my-product:*:*:*:*:*:*:*", + Identifier: "cpe:2.3:a:myvendor:my-product:*:*:*:*:*:*:*:*", }, }, ExternalRefs: nil, From 49d029d26c5f4dbacf50e8a20392f5f25a42feae Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Tue, 28 Jan 2025 18:05:09 -0500 Subject: [PATCH 04/21] chore: update to new prototype model Signed-off-by: Keith Zantow --- go.mod | 10 +- go.sum | 12 +- spdx/v3/v3_0/model.go | 14259 ++++++++------------------------ spdx/v3/v3_0/relationships.go | 15 - spdx/v3/v3_0/spdx.go | 201 +- spdx/v3/v3_0/spdx_test.go | 313 +- spdx/v3/v3_0/util.go | 38 + spdx/v3/v3_0/validator.go | 1846 +++++ 8 files changed, 5540 insertions(+), 11154 deletions(-) delete mode 100644 spdx/v3/v3_0/relationships.go create mode 100644 spdx/v3/v3_0/util.go create mode 100644 spdx/v3/v3_0/validator.go diff --git a/go.mod b/go.mod index c2a28dab..117238d7 100644 --- a/go.mod +++ b/go.mod @@ -1,17 +1,17 @@ module github.com/spdx/tools-golang -go 1.20 +go 1.23.0 require ( - github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 + github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664 github.com/google/go-cmp v0.6.0 - github.com/pmezard/go-difflib v1.0.0 - github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb - github.com/stretchr/testify v1.9.0 + github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb + github.com/stretchr/testify v1.10.0 sigs.k8s.io/yaml v1.4.0 ) require ( github.com/davecgh/go-spew v1.1.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 670b837c..ee460074 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 h1:aM1rlcoLz8y5B2r4tTLMiVTrMtpfY0O8EScKJxaSaEc= -github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= +github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664 h1:TcUCZsLGIXJbqo9z9VX436XdpIyZ5Cs3b8XTIp+jRxs= +github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -7,10 +7,10 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb h1:bLo8hvc8XFm9J47r690TUKBzcjSWdJDxmjXJZ+/f92U= -github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb h1:7G2Czq97VORM5xNRrD8tSQdhoXPRs8s+Otlc7st9TS0= +github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go index e1ca5e99..590211a2 100644 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -1,11778 +1,4315 @@ -// Code generated by -m. DO NOT EDIT. +// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT // -// SPDX-License-Identifier: MIT +// SPDX-License-Identifier: 0BSD package v3_0 import ( - "encoding/json" - "errors" - "fmt" - "io" - "path" + "iter" "reflect" - "strings" + "time" ) -// ldType is a 0-size data holder property type for type-level linked data -type ldType struct{} - -// ldContext is the holder for all known LD contexts and required definitions -type ldContext map[string]*serializationContext - -// RegisterTypes registers types to be used when serializing/deserialising documents -func (c ldContext) RegisterTypes(contextUrl string, types ...any) ldContext { - ctx := c[contextUrl] - if ctx == nil { - ctx = &serializationContext{ - contextUrl: contextUrl, - typeAlias: "type", // FIXME this needs to come from the LD context - iriToType: map[string]*typeContext{}, - typeToContext: map[reflect.Type]*typeContext{}, - } - c[contextUrl] = ctx - } - for _, typ := range types { - ctx.registerType(typ) - } - return c -} - -// IRIMap registers compact IRIs for the given type -func (c ldContext) IRIMap(contextUrl string, typ any, nameMap map[string]string) ldContext { - c.RegisterTypes(contextUrl) // ensure there is a context created - ctx := c[contextUrl] - - t := reflect.TypeOf(typ) - t = baseType(t) // types should be passed as pointers; we want the base types - tc := ctx.typeToContext[t] - if tc == nil { - ctx.registerType(typ) - tc = ctx.typeToContext[t] - } - for iri, compact := range nameMap { - tc.iriToName[iri] = compact - tc.nameToIri[compact] = iri - } - return c -} +// A class for describing the energy consumption incurred by an AI model in +// different stages of its lifecycle. +type AiEnergyConsumption struct { + ID string -func (c ldContext) ToJSON(writer io.Writer, value any) error { - vals, err := c.toMaps(value) - if err != nil { - return err - } - enc := json.NewEncoder(writer) - enc.SetEscapeHTML(false) - return enc.Encode(vals) -} - -func (c ldContext) toMaps(o ...any) (values map[string]any, errors error) { - // the ld graph is referenced here - // traverse the go objects to output to the graph - builder := graphBuilder{ - ldc: c, - input: o, - ids: map[reflect.Value]string{}, - } + // Specifies the amount of energy consumed when finetuning the AI model that is + // being used in the AI system. + AiFinetuningEnergyConsumptions AiEnergyConsumptionDescriptionList - var err error - var context *serializationContext - for _, o := range builder.input { - context, err = builder.add(o) - if err != nil { - return nil, err - } - } + // Specifies the amount of energy consumed during inference time by an AI model + // that is being used in the AI system. + AiInferenceEnergyConsumptions AiEnergyConsumptionDescriptionList - return map[string]any{ - ldContextProp: context.contextUrl, - ldGraphProp: builder.toGraph(), - }, nil + // Specifies the amount of energy consumed when training the AI model that is + // being used in the AI system. + AiTrainingEnergyConsumptions AiEnergyConsumptionDescriptionList } -func (c ldContext) FromJSON(reader io.Reader) ([]any, error) { - vals := map[string]any{} - dec := json.NewDecoder(reader) - err := dec.Decode(&vals) - if err != nil { - return nil, err +func castAiEnergyConsumption(o any) *AiEnergyConsumption { + if o, ok := o.(AnyAiEnergyConsumption); ok { + return o.asAiEnergyConsumption() } - return c.FromMaps(vals) + return nil } -func (c ldContext) FromMaps(values map[string]any) ([]any, error) { - instances := map[string]reflect.Value{} +func (o *AiEnergyConsumption) asAiEnergyConsumption() *AiEnergyConsumption { + return o +} - var errs error - var graph []any +type AnyAiEnergyConsumption interface { + asAiEnergyConsumption() *AiEnergyConsumption +} - context, _ := values[ldContextProp].(string) - currentContext := c[context] - if currentContext == nil { - return nil, fmt.Errorf("unknown document %s type: %v", ldContextProp, context) - } +type AiEnergyConsumptionList []AnyAiEnergyConsumption - nodes, _ := values[ldGraphProp].([]any) - if nodes == nil { - return nil, fmt.Errorf("%s array not present in root object", ldGraphProp) - } +func (o *AiEnergyConsumptionList) Append(values ...AnyAiEnergyConsumption) { + *o = append(*o, values...) +} +func (o *AiEnergyConsumptionList) Remove(value AnyAiEnergyConsumption) { remove(o, value) } - // one pass to create all the instances - for _, node := range nodes { - _, err := c.getOrCreateInstance(currentContext, instances, anyType, node) - errs = appendErr(errs, err) - } +func (o *AiEnergyConsumptionList) AiEnergyConsumptionIter() iter.Seq2[AnyAiEnergyConsumption, *AiEnergyConsumption] { + return typeIter(*o, castAiEnergyConsumption) +} - // second pass to fill in all refs - for _, node := range nodes { - got, err := c.getOrCreateInstance(currentContext, instances, anyType, node) - errs = appendErr(errs, err) - if err == nil && got.IsValid() { - graph = append(graph, got.Interface()) - } - } +// The class that helps note down the quantity of energy consumption and the unit +// used for measurement. +type AiEnergyConsumptionDescription struct { + ID string - return graph, errs + // Represents the energy quantity. + AiEnergyQuantity float64 + // Specifies the unit in which energy is measured. + AiEnergyUnit AiEnergyUnitType } -func (c ldContext) getOrCreateInstance(currentContext *serializationContext, instances map[string]reflect.Value, expectedType reflect.Type, incoming any) (reflect.Value, error) { - if isPrimitive(expectedType) { - if convertedVal := convertTo(incoming, expectedType); convertedVal != emptyValue { - return convertedVal, nil - } - return emptyValue, fmt.Errorf("unable to convert incoming value to type %v: %+v", typeName(expectedType), incoming) - } - switch incoming := incoming.(type) { - case string: - instance := c.findById(currentContext, instances, incoming) - if instance != emptyValue { - return instance, nil - } - // not found: have a complex type with string indicates an IRI or other primitive - switch expectedType.Kind() { - case reflect.Pointer: - expectedType = expectedType.Elem() - if isPrimitive(expectedType) { - val, err := c.getOrCreateInstance(currentContext, instances, expectedType, incoming) - if err != nil { - return emptyValue, err - } - instance = reflect.New(expectedType) - instance.Elem().Set(val) - return instance, nil - } - if expectedType.Kind() == reflect.Struct { - return emptyValue, fmt.Errorf("unexpected pointer reference external IRI reference: %v", incoming) - } - fallthrough - case reflect.Struct: - instance = reflect.New(expectedType) - instance = instance.Elem() - err := c.setStructProps(currentContext, instances, instance, map[string]any{ - ldIDProp: incoming, - }) - return instance, err - case reflect.Interface: - // an IRI with an interface is a reference to an unknown type, so use the closest type - newType, found := c.findExternalReferenceType(currentContext, expectedType) - if found { - instance = reflect.New(newType) - // try to return the appropriately assignable instance - if !instance.Type().AssignableTo(expectedType) { - instance = instance.Elem() - } - err := c.setStructProps(currentContext, instances, instance, map[string]any{ - ldIDProp: incoming, - }) - return instance, err - } - return emptyValue, fmt.Errorf("unable to determine external reference type while populating %v for IRI reference: %v", typeName(expectedType), incoming) - default: - } - case map[string]any: - return c.getOrCreateFromMap(currentContext, instances, incoming) +func castAiEnergyConsumptionDescription(o any) *AiEnergyConsumptionDescription { + if o, ok := o.(AnyAiEnergyConsumptionDescription); ok { + return o.asAiEnergyConsumptionDescription() } - return emptyValue, fmt.Errorf("unexpected data type: %#v", incoming) + return nil } -func convertTo(incoming any, typ reflect.Type) reflect.Value { - v := reflect.ValueOf(incoming) - if v.CanConvert(typ) { - return v.Convert(typ) - } - return emptyValue +func (o *AiEnergyConsumptionDescription) asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription { + return o } -func (c ldContext) findById(_ *serializationContext, instances map[string]reflect.Value, incoming string) reflect.Value { - inst, ok := instances[incoming] - if ok { - return inst - } - return emptyValue +type AnyAiEnergyConsumptionDescription interface { + asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription } -func (c ldContext) getOrCreateFromMap(currentContext *serializationContext, instances map[string]reflect.Value, incoming map[string]any) (reflect.Value, error) { - typ, ok := incoming[ldTypeProp].(string) - if !ok && currentContext.typeAlias != "" { - typ, ok = incoming[currentContext.typeAlias].(string) - } - if !ok { - return emptyValue, fmt.Errorf("not a string") - } - - t, ok := currentContext.iriToType[typ] - if !ok { - return emptyValue, fmt.Errorf("don't have type: %v", typ) - } - - id, _ := incoming[ldIDProp].(string) - if id == "" && t.idProp != "" { - id, _ = incoming[t.idProp].(string) - } - inst, ok := instances[id] - if !ok { - inst = reflect.New(baseType(t.typ)) // New(T) returns *T - if id != "" { - // only set instance references when an ID is provided - instances[id] = inst - } - } +type AiEnergyConsumptionDescriptionList []AnyAiEnergyConsumptionDescription - // valid type, make a new one and fill it from the incoming maps - return inst, c.fill(currentContext, instances, inst, incoming) +func (o *AiEnergyConsumptionDescriptionList) Append(values ...AnyAiEnergyConsumptionDescription) { + *o = append(*o, values...) +} +func (o *AiEnergyConsumptionDescriptionList) Remove(value AnyAiEnergyConsumptionDescription) { + remove(o, value) } -func (c ldContext) fill(currentContext *serializationContext, instances map[string]reflect.Value, instance reflect.Value, incoming any) error { - switch incoming := incoming.(type) { - case string: - inst := c.findById(currentContext, instances, incoming) - if inst != emptyValue { - return c.setValue(currentContext, instances, instance, inst) - } - // should be an incoming ID if string - return c.setValue(currentContext, instances, instance, map[string]any{ - ldIDProp: incoming, - }) - case map[string]any: - return c.setStructProps(currentContext, instances, instance, incoming) - } - return fmt.Errorf("unsupported incoming data type: %#v attempting to set instance: %#v", incoming, instance.Interface()) +func (o *AiEnergyConsumptionDescriptionList) AiEnergyConsumptionDescriptionIter() iter.Seq2[AnyAiEnergyConsumptionDescription, *AiEnergyConsumptionDescription] { + return typeIter(*o, castAiEnergyConsumptionDescription) } -func (c ldContext) setValue(currentContext *serializationContext, instances map[string]reflect.Value, target reflect.Value, incoming any) error { - var errs error - typ := target.Type() - switch typ.Kind() { - case reflect.Slice: - switch incoming := incoming.(type) { - case []any: - return c.setSliceValue(currentContext, instances, target, incoming) - } - // try mapping a single value to an incoming slice - return c.setValue(currentContext, instances, target, []any{incoming}) - case reflect.Struct: - switch incoming := incoming.(type) { - case map[string]any: - return c.setStructProps(currentContext, instances, target, incoming) - case string: - // named individuals just need an object with the iri set - return c.setStructProps(currentContext, instances, target, map[string]any{ - ldIDProp: incoming, - }) - } - case reflect.Interface, reflect.Pointer: - switch incoming := incoming.(type) { - case string, map[string]any: - inst, err := c.getOrCreateInstance(currentContext, instances, typ, incoming) - errs = appendErr(errs, err) - if inst != emptyValue { - target.Set(inst) - return nil - } - } - default: - if newVal := convertTo(incoming, typ); newVal != emptyValue { - target.Set(newVal) - } else { - errs = appendErr(errs, fmt.Errorf("unable to convert %#v to %s, dropping", incoming, typeName(typ))) - } - } - return nil +// Specifies the unit of energy consumption. +type AiEnergyUnitType struct { + ID string } -func (c ldContext) setStructProps(currentContext *serializationContext, instances map[string]reflect.Value, instance reflect.Value, incoming map[string]any) error { - var errs error - typ := instance.Type() - for typ.Kind() == reflect.Pointer { - instance = instance.Elem() - typ = instance.Type() - } - if typ.Kind() != reflect.Struct { - return fmt.Errorf("unable to set struct properties on non-struct type: %#v", instance.Interface()) - } - tc := currentContext.typeToContext[typ] - for i := 0; i < typ.NumField(); i++ { - field := typ.Field(i) - if skipField(field) { - continue - } - fieldVal := instance.Field(i) +// Kilowatt-hour. +var AiEnergyUnitType_KilowattHour = AiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour"} - propIRI := field.Tag.Get(propIriTag) - if propIRI == "" { - continue - } - incomingVal, ok := incoming[propIRI] - if !ok { - compactIRI := field.Tag.Get(propIriCompactTag) - if compactIRI != "" { - incomingVal, ok = incoming[compactIRI] - } - } - if !ok { - continue - } - // don't set blank node IDs, these will be regenerated on output - if propIRI == ldIDProp { - if tc != nil { - if str, ok := incomingVal.(string); ok { - if fullIRI, ok := tc.nameToIri[str]; ok { - incomingVal = fullIRI - } - } - } - if isBlankNodeID(incomingVal) { - continue - } - } - errs = appendErr(errs, c.setValue(currentContext, instances, fieldVal, incomingVal)) - } - return errs -} +// Megajoule. +var AiEnergyUnitType_Megajoule = AiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule"} -func (c ldContext) setSliceValue(currentContext *serializationContext, instances map[string]reflect.Value, target reflect.Value, incoming []any) error { - var errs error - sliceType := target.Type() - if sliceType.Kind() != reflect.Slice { - return fmt.Errorf("expected slice, got: %#v", target) - } - sz := len(incoming) - if sz > 0 { - elemType := sliceType.Elem() - newSlice := reflect.MakeSlice(sliceType, 0, sz) - for i := 0; i < sz; i++ { - incomingValue := incoming[i] - if incomingValue == nil { - continue // don't allow null values - } - newItemValue, err := c.getOrCreateInstance(currentContext, instances, elemType, incomingValue) - errs = appendErr(errs, err) - if newItemValue != emptyValue { - // validate we can actually set the type - if newItemValue.Type().AssignableTo(elemType) { - newSlice = reflect.Append(newSlice, newItemValue) - } - } - } - target.Set(newSlice) - } - return errs -} +// Any other units of energy measurement. +var AiEnergyUnitType_Other = AiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other"} -func (c ldContext) findExternalReferenceType(currentContext *serializationContext, expectedType reflect.Type) (reflect.Type, bool) { - tc := currentContext.typeToContext[expectedType] - if tc != nil { - return tc.typ, true - } - bestMatch := anyType - for t := range currentContext.typeToContext { - if t.Kind() != reflect.Struct { - continue - } - // the type with the fewest fields assignable to the target is a good candidate to be an abstract type - if reflect.PointerTo(t).AssignableTo(expectedType) && (bestMatch == anyType || bestMatch.NumField() > t.NumField()) { - bestMatch = t - } - } - if bestMatch != anyType { - currentContext.typeToContext[expectedType] = &typeContext{ - typ: bestMatch, - } - return bestMatch, true - } - return anyType, false +// Specifies the safety risk level. +type AiSafetyRiskAssessmentType struct { + ID string } -func skipField(field reflect.StructField) bool { - return field.Type.Size() == 0 -} +// The second-highest level of risk posed by an AI system. +var AiSafetyRiskAssessmentType_High = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high"} -func typeName(t reflect.Type) string { - switch { - case isPointer(t): - return "*" + typeName(t.Elem()) - case isSlice(t): - return "[]" + typeName(t.Elem()) - case isMap(t): - return "map[" + typeName(t.Key()) + "]" + typeName(t.Elem()) - case isPrimitive(t): - return t.Name() - } - return path.Base(t.PkgPath()) + "." + t.Name() -} +// Low/no risk is posed by an AI system. +var AiSafetyRiskAssessmentType_Low = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low"} -func isSlice(t reflect.Type) bool { - return t.Kind() == reflect.Slice -} +// The third-highest level of risk posed by an AI system. +var AiSafetyRiskAssessmentType_Medium = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium"} -func isMap(t reflect.Type) bool { - return t.Kind() == reflect.Map -} +// The highest level of risk posed by an AI system. +var AiSafetyRiskAssessmentType_Serious = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious"} -func isPointer(t reflect.Type) bool { - return t.Kind() == reflect.Pointer +// Specifies the type of an annotation. +type AnnotationType struct { + ID string } -func isPrimitive(t reflect.Type) bool { - switch t.Kind() { - case reflect.String, - reflect.Int, - reflect.Int8, - reflect.Int16, - reflect.Int32, - reflect.Int64, - reflect.Uint, - reflect.Uint8, - reflect.Uint16, - reflect.Uint32, - reflect.Uint64, - reflect.Float32, - reflect.Float64, - reflect.Bool: - return true - default: - return false - } -} +// Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). +var AnnotationType_Other = AnnotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other"} -const ( - ldIDProp = "@id" - ldTypeProp = "@type" - ldContextProp = "@context" - ldGraphProp = "@graph" - typeIriTag = "iri" - typeIriCompactTag = "iri-compact" - propIriTag = "iri" - propIriCompactTag = "iri-compact" - typeIdPropTag = "id-prop" - propIsRequiredTag = "required" -) +// Used when someone reviews the Element. +var AnnotationType_Review = AnnotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review"} -var ( - emptyValue reflect.Value - anyType = reflect.TypeOf((*any)(nil)).Elem() -) +// Provides information about the creation of the Element. +type CreationInfo struct { + ID string -type typeContext struct { - typ reflect.Type - iri string - compact string - idProp string - iriToName map[string]string - nameToIri map[string]string -} - -type serializationContext struct { - contextUrl string - typeAlias string - iriToType map[string]*typeContext - typeToContext map[reflect.Type]*typeContext -} - -func fieldByType[T any](t reflect.Type) (reflect.StructField, bool) { - var v T - typ := reflect.TypeOf(v) - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - if f.Type == typ { - return f, true - } - } - return reflect.StructField{}, false -} + // Provide consumers with comments by the creator of the Element about the + // Element. + Comment string + // Identifies when the Element was originally created. + Created time.Time + // Identifies who or what created the Element. + CreatedBys AgentList -func (m *serializationContext) registerType(instancePointer any) { - t := reflect.TypeOf(instancePointer) - t = baseType(t) // types should be passed as pointers; we want the base types + // Identifies the tooling that was used during the creation of the Element. + CreatedUsings ToolList - tc := m.typeToContext[t] - if tc != nil { - return // already registered - } - tc = &typeContext{ - typ: t, - iriToName: map[string]string{}, - nameToIri: map[string]string{}, - } - meta, ok := fieldByType[ldType](t) - if ok { - tc.iri = meta.Tag.Get(typeIriTag) - tc.compact = meta.Tag.Get(typeIriCompactTag) - tc.idProp = meta.Tag.Get(typeIdPropTag) - } - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - if !isIdField(f) { - continue - } - compactIdProp := f.Tag.Get(typeIriCompactTag) - if compactIdProp != "" { - tc.idProp = compactIdProp - } - } - m.iriToType[tc.iri] = tc - m.iriToType[tc.compact] = tc - m.typeToContext[t] = tc + // Provides a reference number that can be used to understand how to parse and + // interpret an Element. + SpecVersion string } -// appendErr appends errors, flattening joined errors -func appendErr(err error, errs ...error) error { - if joined, ok := err.(interface{ Unwrap() []error }); ok { - return errors.Join(append(joined.Unwrap(), errs...)...) +func castCreationInfo(o any) *CreationInfo { + if o, ok := o.(AnyCreationInfo); ok { + return o.asCreationInfo() } - if err == nil { - return errors.Join(errs...) - } - return errors.Join(append([]error{err}, errs...)...) + return nil } -// baseType returns the base type if this is a pointer or interface -func baseType(t reflect.Type) reflect.Type { - switch t.Kind() { - case reflect.Pointer, reflect.Interface: - return baseType(t.Elem()) - default: - return t - } +func (o *CreationInfo) asCreationInfo() *CreationInfo { + return o } -// isBlankNodeID indicates this is a blank node ID, e.g. _:CreationInfo-1 -func isBlankNodeID(val any) bool { - if val, ok := val.(string); ok { - return strings.HasPrefix(val, "_:") - } - return false +type AnyCreationInfo interface { + asCreationInfo() *CreationInfo } -type graphBuilder struct { - ldc ldContext - input []any - graph []any - idPrefix string - nextID map[reflect.Type]int - ids map[reflect.Value]string -} +type CreationInfoList []AnyCreationInfo + +func (o *CreationInfoList) Append(values ...AnyCreationInfo) { *o = append(*o, values...) } +func (o *CreationInfoList) Remove(value AnyCreationInfo) { remove(o, value) } -func (b *graphBuilder) toGraph() []any { - return b.graph +func (o *CreationInfoList) CreationInfoIter() iter.Seq2[AnyCreationInfo, *CreationInfo] { + return typeIter(*o, castCreationInfo) } -func (b *graphBuilder) add(o any) (context *serializationContext, err error) { - v := reflect.ValueOf(o) - if v.Type().Kind() != reflect.Pointer { - if v.CanAddr() { - v = v.Addr() - } else { - newV := reflect.New(v.Type()) - newV.Elem().Set(v) - v = newV - } - } - val, err := b.toValue(v) - // objects with IDs get added to the graph during object traversal - if _, isTopLevel := val.(map[string]any); isTopLevel && err == nil { - b.graph = append(b.graph, val) - } - ctx := b.findContext(v.Type()) - return ctx, err +// A key with an associated value. +type DictionaryEntry struct { + ID string + + // A key used in a generic key-value pair. + Key string + // A value used in a generic key-value pair. + Value string } -func (b *graphBuilder) findContext(t reflect.Type) *serializationContext { - t = baseType(t) // object may be a pointer, but we want the base types - for _, context := range b.ldc { - for _, typ := range context.iriToType { - if t == typ.typ { - return context - } - } +func castDictionaryEntry(o any) *DictionaryEntry { + if o, ok := o.(AnyDictionaryEntry); ok { + return o.asDictionaryEntry() } return nil } -func (b *graphBuilder) toStructMap(v reflect.Value) (value any, err error) { - t := v.Type() - if t.Kind() != reflect.Struct { - return nil, fmt.Errorf("expected struct type, got: %v", stringify(v)) - } - - meta, ok := fieldByType[ldType](t) - if !ok { - return nil, fmt.Errorf("struct does not have LDType metadata: %v", stringify(v)) - } - - iri := meta.Tag.Get(typeIriCompactTag) - if iri == "" { - iri = meta.Tag.Get(typeIriTag) - } +func (o *DictionaryEntry) asDictionaryEntry() *DictionaryEntry { + return o +} - context := b.findContext(t) - tc := context.typeToContext[t] +type AnyDictionaryEntry interface { + asDictionaryEntry() *DictionaryEntry +} - typeProp := ldTypeProp - if context.typeAlias != "" { - typeProp = context.typeAlias - } - out := map[string]any{ - typeProp: iri, - } +type DictionaryEntryList []AnyDictionaryEntry - hasValues := false - id := "" +func (o *DictionaryEntryList) Append(values ...AnyDictionaryEntry) { *o = append(*o, values...) } +func (o *DictionaryEntryList) Remove(value AnyDictionaryEntry) { remove(o, value) } - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - if skipField(f) { - continue - } +func (o *DictionaryEntryList) DictionaryEntryIter() iter.Seq2[AnyDictionaryEntry, *DictionaryEntry] { + return typeIter(*o, castDictionaryEntry) +} - prop := f.Tag.Get(propIriCompactTag) - if prop == "" { - prop = f.Tag.Get(propIriTag) - } +// Base domain class from which all other SPDX-3.0 domain classes derive. +type Element struct { + ID string - fieldV := v.Field(i) + // Provide consumers with comments by the creator of the Element about the + // Element. + Comment string + // Provides information about the creation of the Element. + CreationInfo AnyCreationInfo - if !isRequired(f) && isEmpty(fieldV) { - continue - } + // Provides a detailed description of the Element. + Description string + // Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionExtensionList - val, err := b.toValue(fieldV) - if err != nil { - return nil, err - } + // Provides a reference to a resource outside the scope of SPDX-3.0 content + // that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList - if isIdField(f) { - id, _ = val.(string) - if id == "" { - // if this struct does not have an ID set, and does not have multiple references, - // it is output inline, it does not need an ID, but does need an ID - // when it is moved to the top-level graph and referenced elsewhere - if !b.hasMultipleReferences(v.Addr()) { - continue - } - val, _ = b.ensureID(v.Addr()) - } else if tc != nil { - // compact named IRIs - if _, ok := tc.iriToName[id]; ok { - id = tc.iriToName[id] - } - } - } else { - hasValues = true - } + // Points to a resource outside the scope of the SPDX-3.0 content + // that provides additional characteristics of an Element. + ExternalRefs ExternalRefList - out[prop] = val - } + // Identifies the name of an Element as designated by the creator. + Name string + // A short description of an Element. + Summary string + // Provides an IntegrityMethod with which the integrity of an Element can be + // asserted. + VerifiedUsings IntegrityMethodList +} - if id != "" && !hasValues { - // if we _only_ have an ID set and no other values, consider this a named individual - return id, nil +func castElement(o any) *Element { + if o, ok := o.(AnyElement); ok { + return o.asElement() } - - return out, nil + return nil } -func isIdField(f reflect.StructField) bool { - return f.Tag.Get(propIriTag) == ldIDProp +func (o *Element) asElement() *Element { + return o } -func isEmpty(v reflect.Value) bool { - return !v.IsValid() || v.IsZero() +type AnyElement interface { + asElement() *Element } -func isRequired(f reflect.StructField) bool { - if isIdField(f) { - return true - } - required := f.Tag.Get(propIsRequiredTag) - return required != "" && !strings.EqualFold(required, "false") -} +type ElementList []AnyElement -func (b *graphBuilder) toValue(v reflect.Value) (any, error) { - if !v.IsValid() { - return nil, nil - } +func (o *ElementList) Append(values ...AnyElement) { *o = append(*o, values...) } +func (o *ElementList) Remove(value AnyElement) { remove(o, value) } - switch v.Type().Kind() { - case reflect.Interface: - return b.toValue(v.Elem()) - case reflect.Pointer: - if v.IsNil() { - return nil, nil - } - if !b.hasMultipleReferences(v) { - return b.toValue(v.Elem()) - } - return b.ensureID(v) - case reflect.Struct: - return b.toStructMap(v) - case reflect.Slice: - var out []any - for i := 0; i < v.Len(); i++ { - val, err := b.toValue(v.Index(i)) - if err != nil { - return nil, err - } - out = append(out, val) - } - return out, nil - case reflect.String: - return v.String(), nil - default: - if v.CanInterface() { - return v.Interface(), nil - } - return nil, fmt.Errorf("unable to convert value to maps: %v", stringify(v)) - } +func (o *ElementList) ElementIter() iter.Seq2[AnyElement, *Element] { return typeIter(*o, castElement) } +func (o *ElementList) ElementCollectionIter() iter.Seq2[AnyElement, *ElementCollection] { + return typeIter(*o, castElementCollection) } - -func (b *graphBuilder) ensureID(ptr reflect.Value) (string, error) { - if ptr.Type().Kind() != reflect.Pointer { - return "", fmt.Errorf("expected pointer, got: %v", stringify(ptr)) - } - if id, ok := b.ids[ptr]; ok { - return id, nil - } - - v := ptr.Elem() - t := v.Type() - - id, err := b.getID(v) - if err != nil { - return "", err - } - if id == "" { - if b.nextID == nil { - b.nextID = map[reflect.Type]int{} - } - nextID := b.nextID[t] + 1 - b.nextID[t] = nextID - id = fmt.Sprintf("_:%s-%v", t.Name(), nextID) - } - b.ids[ptr] = id - val, err := b.toValue(v) - if err != nil { - return "", err - } - b.graph = append(b.graph, val) - return id, nil +func (o *ElementList) IndividualElementIter() iter.Seq2[AnyElement, *IndividualElement] { + return typeIter(*o, castIndividualElement) } - -func (b *graphBuilder) getID(v reflect.Value) (string, error) { - t := v.Type() - if t.Kind() != reflect.Struct { - return "", fmt.Errorf("expected struct, got: %v", stringify(v)) - } - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - if isIdField(f) { - fv := v.Field(i) - if f.Type.Kind() != reflect.String { - return "", fmt.Errorf("invalid type for ID field %v in: %v", f, stringify(v)) - } - return fv.String(), nil - } - } - return "", nil +func (o *ElementList) RelationshipIter() iter.Seq2[AnyElement, *Relationship] { + return typeIter(*o, castRelationship) } - -// hasMultipleReferences returns true if the ptr value has multiple references in the input slice -func (b *graphBuilder) hasMultipleReferences(ptr reflect.Value) bool { - if !ptr.IsValid() { - return false - } - count := 0 - visited := map[reflect.Value]struct{}{} - for _, v := range b.input { - count += refCountR(ptr, visited, reflect.ValueOf(v)) - if count > 1 { - return true - } - } - return false +func (o *ElementList) SpdxDocumentIter() iter.Seq2[AnyElement, *SpdxDocument] { + return typeIter(*o, castSpdxDocument) } - -// refCount returns the reference count of the value in the container object -func refCount(find any, container any) int { - visited := map[reflect.Value]struct{}{} - ptrV := reflect.ValueOf(find) - if !ptrV.IsValid() { - return 0 - } - return refCountR(ptrV, visited, reflect.ValueOf(container)) +func (o *ElementList) ToolIter() iter.Seq2[AnyElement, *Tool] { return typeIter(*o, castTool) } +func (o *ElementList) ExpandedlicensingLicenseAdditionIter() iter.Seq2[AnyElement, *ExpandedlicensingLicenseAddition] { + return typeIter(*o, castExpandedlicensingLicenseAddition) } - -// refCountR recursively searches for the value, find, in the value v -func refCountR(find reflect.Value, visited map[reflect.Value]struct{}, v reflect.Value) int { - if find.Equal(v) { - return 1 - } - if !v.IsValid() { - return 0 - } - if _, ok := visited[v]; ok { - return 0 - } - visited[v] = struct{}{} - switch v.Kind() { - case reflect.Interface: - return refCountR(find, visited, v.Elem()) - case reflect.Pointer: - if v.IsNil() { - return 0 - } - return refCountR(find, visited, v.Elem()) - case reflect.Struct: - count := 0 - for i := 0; i < v.NumField(); i++ { - count += refCountR(find, visited, v.Field(i)) - } - return count - case reflect.Slice: - count := 0 - for i := 0; i < v.Len(); i++ { - count += refCountR(find, visited, v.Index(i)) - } - return count - default: - return 0 - } +func (o *ElementList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyElement, *ExpandedlicensingListedLicenseException] { + return typeIter(*o, castExpandedlicensingListedLicenseException) } - -func stringify(o any) string { - if v, ok := o.(reflect.Value); ok { - if !v.IsValid() { - return "invalid value" - } - if !v.IsZero() && v.CanInterface() { - o = v.Interface() - } - } - return fmt.Sprintf("%#v", o) +func (o *ElementList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVulnAssessmentRelationship) } - -type IEnergyConsumption interface { - - // GetFinetuningEnergyConsumption specifies the amount of energy consumed when finetuning the AI model that is - // being used in the AI system. - GetFinetuningEnergyConsumption() []IEnergyConsumptionDescription - - SetFinetuningEnergyConsumption(...IEnergyConsumptionDescription) - - // GetInferenceEnergyConsumption specifies the amount of energy consumed during inference time by an AI model - // that is being used in the AI system. - GetInferenceEnergyConsumption() []IEnergyConsumptionDescription - - SetInferenceEnergyConsumption(...IEnergyConsumptionDescription) - - // GetTrainingEnergyConsumption specifies the amount of energy consumed when training the AI model that is - // being used in the AI system. - GetTrainingEnergyConsumption() []IEnergyConsumptionDescription - - SetTrainingEnergyConsumption(...IEnergyConsumptionDescription) +func (o *ElementList) SimplelicensingAnyLicenseInfoIter() iter.Seq2[AnyElement, *SimplelicensingAnyLicenseInfo] { + return typeIter(*o, castSimplelicensingAnyLicenseInfo) } - -type EnergyConsumption struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/EnergyConsumption" iri-compact:"ai_EnergyConsumption"` - - Iri string `iri:"@id"` - - // FinetuningEnergyConsumption specifies the amount of energy consumed when finetuning the AI model that is - // being used in the AI system. - FinetuningEnergyConsumption []IEnergyConsumptionDescription `iri:"https://spdx.org/rdf/3.0.0/terms/AI/finetuningEnergyConsumption" iri-compact:"ai_finetuningEnergyConsumption"` - // InferenceEnergyConsumption specifies the amount of energy consumed during inference time by an AI model - // that is being used in the AI system. - InferenceEnergyConsumption []IEnergyConsumptionDescription `iri:"https://spdx.org/rdf/3.0.0/terms/AI/inferenceEnergyConsumption" iri-compact:"ai_inferenceEnergyConsumption"` - // TrainingEnergyConsumption specifies the amount of energy consumed when training the AI model that is - // being used in the AI system. - TrainingEnergyConsumption []IEnergyConsumptionDescription `iri:"https://spdx.org/rdf/3.0.0/terms/AI/trainingEnergyConsumption" iri-compact:"ai_trainingEnergyConsumption"` +func (o *ElementList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnyElement, *SimplelicensingLicenseExpression] { + return typeIter(*o, castSimplelicensingLicenseExpression) } - -func NewEnergyConsumption() IEnergyConsumption { - return &EnergyConsumption{} +func (o *ElementList) SimplelicensingSimpleLicensingTextIter() iter.Seq2[AnyElement, *SimplelicensingSimpleLicensingText] { + return typeIter(*o, castSimplelicensingSimpleLicensingText) } - -func (o *EnergyConsumption) GetFinetuningEnergyConsumption() []IEnergyConsumptionDescription { - return o.FinetuningEnergyConsumption +func (o *ElementList) BuildBuildIter() iter.Seq2[AnyElement, *BuildBuild] { + return typeIter(*o, castBuildBuild) } -func (o *EnergyConsumption) SetFinetuningEnergyConsumption(v ...IEnergyConsumptionDescription) { - o.FinetuningEnergyConsumption = v +func (o *ElementList) AgentIter() iter.Seq2[AnyElement, *Agent] { return typeIter(*o, castAgent) } +func (o *ElementList) AnnotationIter() iter.Seq2[AnyElement, *Annotation] { + return typeIter(*o, castAnnotation) } -func (o *EnergyConsumption) GetInferenceEnergyConsumption() []IEnergyConsumptionDescription { - return o.InferenceEnergyConsumption +func (o *ElementList) ArtifactIter() iter.Seq2[AnyElement, *Artifact] { + return typeIter(*o, castArtifact) } -func (o *EnergyConsumption) SetInferenceEnergyConsumption(v ...IEnergyConsumptionDescription) { - o.InferenceEnergyConsumption = v +func (o *ElementList) BundleIter() iter.Seq2[AnyElement, *Bundle] { return typeIter(*o, castBundle) } +func (o *ElementList) LifecycleScopedRelationshipIter() iter.Seq2[AnyElement, *LifecycleScopedRelationship] { + return typeIter(*o, castLifecycleScopedRelationship) } -func (o *EnergyConsumption) GetTrainingEnergyConsumption() []IEnergyConsumptionDescription { - return o.TrainingEnergyConsumption +func (o *ElementList) OrganizationIter() iter.Seq2[AnyElement, *Organization] { + return typeIter(*o, castOrganization) } -func (o *EnergyConsumption) SetTrainingEnergyConsumption(v ...IEnergyConsumptionDescription) { - o.TrainingEnergyConsumption = v +func (o *ElementList) PersonIter() iter.Seq2[AnyElement, *Person] { return typeIter(*o, castPerson) } +func (o *ElementList) SoftwareAgentIter() iter.Seq2[AnyElement, *SoftwareAgent] { + return typeIter(*o, castSoftwareAgent) } - -type IEnergyConsumptionDescription interface { - - // GetEnergyQuantity represents the energy quantity. - GetEnergyQuantity() float64 - - SetEnergyQuantity(float64) - - // GetEnergyUnit specifies the unit in which energy is measured. - GetEnergyUnit() EnergyUnitType - - SetEnergyUnit(EnergyUnitType) +func (o *ElementList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnyElement, *ExpandedlicensingConjunctiveLicenseSet] { + return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) } - -type EnergyConsumptionDescription struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/EnergyConsumptionDescription" iri-compact:"ai_EnergyConsumptionDescription"` - - Iri string `iri:"@id"` - - // EnergyQuantity represents the energy quantity. - EnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.0/terms/AI/energyQuantity" iri-compact:"ai_energyQuantity"` - // EnergyUnit specifies the unit in which energy is measured. - EnergyUnit EnergyUnitType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/energyUnit" iri-compact:"ai_energyUnit"` +func (o *ElementList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyElement, *ExpandedlicensingCustomLicenseAddition] { + return typeIter(*o, castExpandedlicensingCustomLicenseAddition) } - -func NewEnergyConsumptionDescription() IEnergyConsumptionDescription { - return &EnergyConsumptionDescription{} +func (o *ElementList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnyElement, *ExpandedlicensingDisjunctiveLicenseSet] { + return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) } - -func (o *EnergyConsumptionDescription) GetEnergyQuantity() float64 { - return o.EnergyQuantity +func (o *ElementList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingExtendableLicense] { + return typeIter(*o, castExpandedlicensingExtendableLicense) } -func (o *EnergyConsumptionDescription) SetEnergyQuantity(v float64) { - o.EnergyQuantity = v +func (o *ElementList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnyElement, *ExpandedlicensingIndividualLicensingInfo] { + return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) } -func (o *EnergyConsumptionDescription) GetEnergyUnit() EnergyUnitType { - return o.EnergyUnit +func (o *ElementList) ExpandedlicensingLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingLicense] { + return typeIter(*o, castExpandedlicensingLicense) } -func (o *EnergyConsumptionDescription) SetEnergyUnit(v EnergyUnitType) { - o.EnergyUnit = v +func (o *ElementList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingListedLicense] { + return typeIter(*o, castExpandedlicensingListedLicense) } - -type EnergyUnitType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType" iri-compact:"ai_EnergyUnitType"` - - Iri string `iri:"@id"` +func (o *ElementList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyElement, *ExpandedlicensingOrLaterOperator] { + return typeIter(*o, castExpandedlicensingOrLaterOperator) } - -var ( - EnergyUnitType_KilowattHour = EnergyUnitType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/kilowattHour"} - EnergyUnitType_Megajoule = EnergyUnitType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/megajoule"} - EnergyUnitType_Other = EnergyUnitType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/other"} -) - -type SafetyRiskAssessmentType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType" iri-compact:"ai_SafetyRiskAssessmentType"` - - Iri string `iri:"@id"` +func (o *ElementList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnyElement, *ExpandedlicensingWithAdditionOperator] { + return typeIter(*o, castExpandedlicensingWithAdditionOperator) } - -var ( - SafetyRiskAssessmentType_High = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/high"} - SafetyRiskAssessmentType_Low = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/low"} - SafetyRiskAssessmentType_Medium = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/medium"} - SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{Iri: "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/serious"} -) - -type AnnotationType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType" iri-compact:"AnnotationType"` - - Iri string `iri:"@id"` +func (o *ElementList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV2VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) } - -var ( - AnnotationType_Other = AnnotationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/other"} - AnnotationType_Review = AnnotationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/review"} -) - -type ICreationInfo interface { - - // GetComment provide consumers with comments by the creator of the Element about the - // Element. - GetComment() string - - SetComment(string) - - // GetCreated identifies when the Element was originally created. - GetCreated() string - - SetCreated(string) - - // GetCreatedBy identifies who or what created the Element. - GetCreatedBy() []IAgent - - SetCreatedBy(...IAgent) - - // GetCreatedUsing identifies the tooling that was used during the creation of the Element. - GetCreatedUsing() []ITool - - SetCreatedUsing(...ITool) - - // GetSpecVersion provides a reference number that can be used to understand how to parse and interpret an Element. - GetSpecVersion() string - - SetSpecVersion(string) +func (o *ElementList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV3VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) } - -type CreationInfo struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/CreationInfo" iri-compact:"CreationInfo"` - - Iri string `iri:"@id"` - - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // Created identifies when the Element was originally created. - Created string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/created" iri-compact:"created"` - // CreatedBy identifies who or what created the Element. - CreatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/createdBy" iri-compact:"createdBy"` - // CreatedUsing identifies the tooling that was used during the creation of the Element. - CreatedUsing []ITool `iri:"https://spdx.org/rdf/3.0.0/terms/Core/createdUsing" iri-compact:"createdUsing"` - // SpecVersion provides a reference number that can be used to understand how to parse and interpret an Element. - SpecVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/specVersion" iri-compact:"specVersion"` +func (o *ElementList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV4VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) } - -func NewCreationInfo() ICreationInfo { - return &CreationInfo{} +func (o *ElementList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityEpssVulnAssessmentRelationship] { + return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) } - -func (o *CreationInfo) GetComment() string { - return o.Comment +func (o *ElementList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityExploitCatalogVulnAssessmentRelationship] { + return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) +} +func (o *ElementList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecuritySsvcVulnAssessmentRelationship] { + return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) +} +func (o *ElementList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexVulnAssessmentRelationship) +} +func (o *ElementList) SecurityVulnerabilityIter() iter.Seq2[AnyElement, *SecurityVulnerability] { + return typeIter(*o, castSecurityVulnerability) } -func (o *CreationInfo) SetComment(v string) { - o.Comment = v +func (o *ElementList) SoftwareSoftwareArtifactIter() iter.Seq2[AnyElement, *SoftwareSoftwareArtifact] { + return typeIter(*o, castSoftwareSoftwareArtifact) } -func (o *CreationInfo) GetCreated() string { - return o.Created +func (o *ElementList) BomIter() iter.Seq2[AnyElement, *Bom] { return typeIter(*o, castBom) } +func (o *ElementList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingCustomLicense] { + return typeIter(*o, castExpandedlicensingCustomLicense) } -func (o *CreationInfo) SetCreated(v string) { - o.Created = v +func (o *ElementList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) } -func (o *CreationInfo) GetCreatedBy() []IAgent { - return o.CreatedBy +func (o *ElementList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexFixedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) } -func (o *CreationInfo) SetCreatedBy(v ...IAgent) { - o.CreatedBy = v +func (o *ElementList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexNotAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) } -func (o *CreationInfo) GetCreatedUsing() []ITool { - return o.CreatedUsing +func (o *ElementList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) } -func (o *CreationInfo) SetCreatedUsing(v ...ITool) { - o.CreatedUsing = v +func (o *ElementList) SoftwareFileIter() iter.Seq2[AnyElement, *SoftwareFile] { + return typeIter(*o, castSoftwareFile) } -func (o *CreationInfo) GetSpecVersion() string { - return o.SpecVersion +func (o *ElementList) SoftwarePackageIter() iter.Seq2[AnyElement, *SoftwarePackage] { + return typeIter(*o, castSoftwarePackage) } -func (o *CreationInfo) SetSpecVersion(v string) { - o.SpecVersion = v +func (o *ElementList) SoftwareSbomIter() iter.Seq2[AnyElement, *SoftwareSbom] { + return typeIter(*o, castSoftwareSbom) +} +func (o *ElementList) SoftwareSnippetIter() iter.Seq2[AnyElement, *SoftwareSnippet] { + return typeIter(*o, castSoftwareSnippet) +} +func (o *ElementList) AiAIPackageIter() iter.Seq2[AnyElement, *AiAIPackage] { + return typeIter(*o, castAiAIPackage) +} +func (o *ElementList) DatasetDatasetPackageIter() iter.Seq2[AnyElement, *DatasetDatasetPackage] { + return typeIter(*o, castDatasetDatasetPackage) } -type IDictionaryEntry interface { +// A collection of Elements, not necessarily with unifying context. +type ElementCollection struct { + Element - // GetKey a key used in a generic key-value pair. - GetKey() string + // Refers to one or more Elements that are part of an ElementCollection. + Elements ElementList - SetKey(string) + // Describes one a profile which the creator of this ElementCollection intends to + // conform to. + ProfileConformances []ProfileIdentifierType + // This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements ElementList +} - // GetValue a value used in a generic key-value pair. - GetValue() string +func castElementCollection(o any) *ElementCollection { + if o, ok := o.(AnyElementCollection); ok { + return o.asElementCollection() + } + return nil +} - SetValue(string) +func (o *ElementCollection) asElementCollection() *ElementCollection { + return o } -type DictionaryEntry struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/DictionaryEntry" iri-compact:"DictionaryEntry"` +type AnyElementCollection interface { + AnyElement + asElementCollection() *ElementCollection +} - Iri string `iri:"@id"` +type ElementCollectionList []AnyElementCollection - // Key a key used in a generic key-value pair. - Key string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/key" iri-compact:"key"` - // Value a value used in a generic key-value pair. - Value string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/value" iri-compact:"value"` -} +func (o *ElementCollectionList) Append(values ...AnyElementCollection) { *o = append(*o, values...) } +func (o *ElementCollectionList) Remove(value AnyElementCollection) { remove(o, value) } -func NewDictionaryEntry() IDictionaryEntry { - return &DictionaryEntry{} +func (o *ElementCollectionList) ElementCollectionIter() iter.Seq2[AnyElementCollection, *ElementCollection] { + return typeIter(*o, castElementCollection) } - -func (o *DictionaryEntry) GetKey() string { - return o.Key +func (o *ElementCollectionList) SpdxDocumentIter() iter.Seq2[AnyElementCollection, *SpdxDocument] { + return typeIter(*o, castSpdxDocument) } -func (o *DictionaryEntry) SetKey(v string) { - o.Key = v +func (o *ElementCollectionList) BundleIter() iter.Seq2[AnyElementCollection, *Bundle] { + return typeIter(*o, castBundle) } -func (o *DictionaryEntry) GetValue() string { - return o.Value +func (o *ElementCollectionList) BomIter() iter.Seq2[AnyElementCollection, *Bom] { + return typeIter(*o, castBom) } -func (o *DictionaryEntry) SetValue(v string) { - o.Value = v +func (o *ElementCollectionList) SoftwareSbomIter() iter.Seq2[AnyElementCollection, *SoftwareSbom] { + return typeIter(*o, castSoftwareSbom) } -type IElement interface { - - // GetSpdxId identifier property - GetSpdxId() string - - SetSpdxId(string) +// A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. +type ExternalIdentifier struct { + ID string - // GetComment provide consumers with comments by the creator of the Element about the + // Provide consumers with comments by the creator of the Element about the // Element. - GetComment() string + Comment string + // Specifies the type of the external identifier. + ExternalIdentifierType ExternalIdentifierType + // Uniquely identifies an external element. + Identifier string + // Provides the location for more information regarding an external identifier. + IdentifierLocators []string + // An entity that is authorized to issue identification credentials. + IssuingAuthority string +} + +func castExternalIdentifier(o any) *ExternalIdentifier { + if o, ok := o.(AnyExternalIdentifier); ok { + return o.asExternalIdentifier() + } + return nil +} - SetComment(string) +func (o *ExternalIdentifier) asExternalIdentifier() *ExternalIdentifier { + return o +} - // GetCreationInfo provides information about the creation of the Element. - GetCreationInfo() ICreationInfo +type AnyExternalIdentifier interface { + asExternalIdentifier() *ExternalIdentifier +} - SetCreationInfo(ICreationInfo) +type ExternalIdentifierList []AnyExternalIdentifier - // GetDescription provides a detailed description of the Element. - GetDescription() string +func (o *ExternalIdentifierList) Append(values ...AnyExternalIdentifier) { *o = append(*o, values...) } +func (o *ExternalIdentifierList) Remove(value AnyExternalIdentifier) { remove(o, value) } - SetDescription(string) +func (o *ExternalIdentifierList) ExternalIdentifierIter() iter.Seq2[AnyExternalIdentifier, *ExternalIdentifier] { + return typeIter(*o, castExternalIdentifier) +} - // GetExtensions specifies an Extension characterization of some aspect of an Element. - GetExtensions() []IExtension +// Specifies the type of an external identifier. +type ExternalIdentifierType struct { + ID string +} - SetExtensions(...IExtension) +// [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) +var ExternalIdentifierType_Cpe22 = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22"} - // GetExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - GetExternalIdentifiers() []IExternalIdentifier +// [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) +var ExternalIdentifierType_Cpe23 = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23"} - SetExternalIdentifiers(...IExternalIdentifier) +// Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). +var ExternalIdentifierType_Cve = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve"} - // GetExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - GetExternalRefs() []IExternalRef +// Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. +var ExternalIdentifierType_Email = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email"} - SetExternalRefs(...IExternalRef) +// [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var ExternalIdentifierType_Gitoid = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid"} - // GetName identifies the name of an Element as designated by the creator. - GetName() string +// Used when the type does not match any of the other options. +var ExternalIdentifierType_Other = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other"} - SetName(string) +// Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. +var ExternalIdentifierType_PackageUrl = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl"} - // GetSummary a short description of an Element. - GetSummary() string +// Used when there is a security related identifier of unspecified type. +var ExternalIdentifierType_SecurityOther = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther"} - SetSummary(string) +// SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var ExternalIdentifierType_Swhid = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid"} - // GetVerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - GetVerifiedUsing() []IIntegrityMethod +// Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. +var ExternalIdentifierType_Swid = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid"} - SetVerifiedUsing(...IIntegrityMethod) -} +// [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. +var ExternalIdentifierType_UrlScheme = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme"} -type Element struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Element" iri-compact:"Element" id-prop:"spdxId"` +// A map of Element identifiers that are used within an SpdxDocument but defined +// external to that SpdxDocument. +type ExternalMap struct { + ID string - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be + // Artifact representing a serialization instance of SPDX data containing the + // definition of a particular Element. + DefiningArtifact AnyArtifact + + // Identifies an external Element used within an SpdxDocument but defined + // external to that SpdxDocument. + ExternalSpdxId string + // Provides an indication of where to retrieve an external Element. + LocationHint string + // Provides an IntegrityMethod with which the integrity of an Element can be // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + VerifiedUsings IntegrityMethodList } -func (o *Element) GetSpdxId() string { - return o.SpdxId -} -func (o *Element) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Element) GetComment() string { - return o.Comment -} -func (o *Element) SetComment(v string) { - o.Comment = v -} -func (o *Element) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Element) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Element) GetDescription() string { - return o.Description -} -func (o *Element) SetDescription(v string) { - o.Description = v -} -func (o *Element) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Element) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Element) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Element) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func castExternalMap(o any) *ExternalMap { + if o, ok := o.(AnyExternalMap); ok { + return o.asExternalMap() + } + return nil } -func (o *Element) GetExternalRefs() []IExternalRef { - return o.ExternalRefs + +func (o *ExternalMap) asExternalMap() *ExternalMap { + return o } -func (o *Element) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +type AnyExternalMap interface { + asExternalMap() *ExternalMap } -func (o *Element) GetName() string { - return o.Name + +type ExternalMapList []AnyExternalMap + +func (o *ExternalMapList) Append(values ...AnyExternalMap) { *o = append(*o, values...) } +func (o *ExternalMapList) Remove(value AnyExternalMap) { remove(o, value) } + +func (o *ExternalMapList) ExternalMapIter() iter.Seq2[AnyExternalMap, *ExternalMap] { + return typeIter(*o, castExternalMap) } -func (o *Element) SetName(v string) { - o.Name = v + +// A reference to a resource outside the scope of SPDX-3.0 content related to an Element. +type ExternalRef struct { + ID string + + // Provide consumers with comments by the creator of the Element about the + // Element. + Comment string + // Provides information about the content type of an Element or a Property. + ContentType string + // Specifies the type of the external reference. + ExternalRefType ExternalRefType + // Provides the location of an external reference. + Locators []string +} + +func castExternalRef(o any) *ExternalRef { + if o, ok := o.(AnyExternalRef); ok { + return o.asExternalRef() + } + return nil } -func (o *Element) GetSummary() string { - return o.Summary + +func (o *ExternalRef) asExternalRef() *ExternalRef { + return o } -func (o *Element) SetSummary(v string) { - o.Summary = v + +type AnyExternalRef interface { + asExternalRef() *ExternalRef } -func (o *Element) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +type ExternalRefList []AnyExternalRef + +func (o *ExternalRefList) Append(values ...AnyExternalRef) { *o = append(*o, values...) } +func (o *ExternalRefList) Remove(value AnyExternalRef) { remove(o, value) } + +func (o *ExternalRefList) ExternalRefIter() iter.Seq2[AnyExternalRef, *ExternalRef] { + return typeIter(*o, castExternalRef) } -func (o *Element) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +// Specifies the type of an external reference. +type ExternalRefType struct { + ID string } -type IElementCollection interface { - IElement +// A reference to an alternative download location. +var ExternalRefType_AltDownloadLocation = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation"} - // GetElements refers to one or more Elements that are part of an ElementCollection. - GetElements() []IElement +// A reference to an alternative web page. +var ExternalRefType_AltWebPage = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage"} - SetElements(...IElement) +// A reference to binary artifacts related to a package. +var ExternalRefType_BinaryArtifact = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact"} - // GetProfileConformance describes one a profile which the creator of this ElementCollection intends to - // conform to. - GetProfileConformance() []ProfileIdentifierType +// A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). +var ExternalRefType_Bower = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower"} - SetProfileConformance(...ProfileIdentifierType) +// A reference build metadata related to a published package. +var ExternalRefType_BuildMeta = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta"} - // GetRootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. - GetRootElements() []IElement +// A reference build system used to create or publish the package. +var ExternalRefType_BuildSystem = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem"} - SetRootElements(...IElement) -} +// A reference to a certification report for a package from an accredited/independent body. +var ExternalRefType_CertificationReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport"} -type ElementCollection struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ElementCollection" iri-compact:"ElementCollection" id-prop:"spdxId"` +// A reference to the instant messaging system used by the maintainer for a package. +var ExternalRefType_Chat = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat"} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +// A reference to a Software Composition Analysis (SCA) report. +var ExternalRefType_ComponentAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport"} - // Elements refers to one or more Elements that are part of an ElementCollection. - Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` - // ProfileConformance describes one a profile which the creator of this ElementCollection intends to - // conform to. - ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` - // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` -} +// [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). +var ExternalRefType_Cwe = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe"} -func (o *ElementCollection) GetSpdxId() string { - return o.SpdxId -} -func (o *ElementCollection) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *ElementCollection) GetComment() string { - return o.Comment -} -func (o *ElementCollection) SetComment(v string) { - o.Comment = v -} -func (o *ElementCollection) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *ElementCollection) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *ElementCollection) GetDescription() string { - return o.Description -} -func (o *ElementCollection) SetDescription(v string) { - o.Description = v -} -func (o *ElementCollection) GetExtensions() []IExtension { - return o.Extensions -} -func (o *ElementCollection) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *ElementCollection) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *ElementCollection) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *ElementCollection) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *ElementCollection) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *ElementCollection) GetName() string { - return o.Name -} -func (o *ElementCollection) SetName(v string) { - o.Name = v -} -func (o *ElementCollection) GetSummary() string { - return o.Summary -} -func (o *ElementCollection) SetSummary(v string) { - o.Summary = v -} -func (o *ElementCollection) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *ElementCollection) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} +// A reference to the documentation for a package. +var ExternalRefType_Documentation = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation"} -func (o *ElementCollection) GetElements() []IElement { - return o.Elements -} -func (o *ElementCollection) SetElements(v ...IElement) { - o.Elements = v -} -func (o *ElementCollection) GetProfileConformance() []ProfileIdentifierType { - return o.ProfileConformance -} -func (o *ElementCollection) SetProfileConformance(v ...ProfileIdentifierType) { - o.ProfileConformance = v -} -func (o *ElementCollection) GetRootElements() []IElement { - return o.RootElements -} -func (o *ElementCollection) SetRootElements(v ...IElement) { - o.RootElements = v -} +// A reference to a dynamic analysis report for a package. +var ExternalRefType_DynamicAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport"} -type IExternalIdentifier interface { +// A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. +var ExternalRefType_EolNotice = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice"} - // GetComment provide consumers with comments by the creator of the Element about the - // Element. - GetComment() string +// A reference to a export control assessment for a package. +var ExternalRefType_ExportControlAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment"} - SetComment(string) +// A reference to funding information related to a package. +var ExternalRefType_Funding = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding"} - // GetExternalIdentifierType specifies the type of the external identifier. - GetExternalIdentifierType() ExternalIdentifierType +// A reference to the issue tracker for a package. +var ExternalRefType_IssueTracker = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker"} - SetExternalIdentifierType(ExternalIdentifierType) +// A reference to additional license information related to an artifact. +var ExternalRefType_License = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license"} - // GetIdentifier uniquely identifies an external element. - GetIdentifier() string +// A reference to the mailing list used by the maintainer for a package. +var ExternalRefType_MailingList = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList"} - SetIdentifier(string) +// A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. +var ExternalRefType_MavenCentral = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral"} - // GetIdentifierLocator provides the location for more information regarding an external identifier. - GetIdentifierLocator() []string +// A reference to metrics related to package such as OpenSSF scorecards. +var ExternalRefType_Metrics = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics"} - SetIdentifierLocator(...string) +// A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. +var ExternalRefType_Npm = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm"} - // GetIssuingAuthority an entity that is authorized to issue identification credentials. - GetIssuingAuthority() string +// A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. +var ExternalRefType_Nuget = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget"} - SetIssuingAuthority(string) -} +// Used when the type does not match any of the other options. +var ExternalRefType_Other = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other"} -type ExternalIdentifier struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifier" iri-compact:"ExternalIdentifier"` +// A reference to a privacy assessment for a package. +var ExternalRefType_PrivacyAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment"} - Iri string `iri:"@id"` +// A reference to additional product metadata such as reference within organization's product catalog. +var ExternalRefType_ProductMetadata = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata"} - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // ExternalIdentifierType specifies the type of the external identifier. - ExternalIdentifierType ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifierType" iri-compact:"externalIdentifierType"` - // Identifier uniquely identifies an external element. - Identifier string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/identifier" iri-compact:"identifier"` - // IdentifierLocator provides the location for more information regarding an external identifier. - IdentifierLocator []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/identifierLocator" iri-compact:"identifierLocator"` - // IssuingAuthority an entity that is authorized to issue identification credentials. - IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/issuingAuthority" iri-compact:"issuingAuthority"` -} +// A reference to a purchase order for a package. +var ExternalRefType_PurchaseOrder = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder"} -func NewExternalIdentifier() IExternalIdentifier { - return &ExternalIdentifier{} -} +// A reference to a quality assessment for a package. +var ExternalRefType_QualityAssessmentReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport"} -func (o *ExternalIdentifier) GetComment() string { - return o.Comment -} -func (o *ExternalIdentifier) SetComment(v string) { - o.Comment = v -} -func (o *ExternalIdentifier) GetExternalIdentifierType() ExternalIdentifierType { - return o.ExternalIdentifierType -} -func (o *ExternalIdentifier) SetExternalIdentifierType(v ExternalIdentifierType) { - o.ExternalIdentifierType = v -} -func (o *ExternalIdentifier) GetIdentifier() string { - return o.Identifier -} -func (o *ExternalIdentifier) SetIdentifier(v string) { - o.Identifier = v -} -func (o *ExternalIdentifier) GetIdentifierLocator() []string { - return o.IdentifierLocator -} -func (o *ExternalIdentifier) SetIdentifierLocator(v ...string) { - o.IdentifierLocator = v -} -func (o *ExternalIdentifier) GetIssuingAuthority() string { - return o.IssuingAuthority -} -func (o *ExternalIdentifier) SetIssuingAuthority(v string) { - o.IssuingAuthority = v -} +// A reference to a published list of releases for a package. +var ExternalRefType_ReleaseHistory = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory"} -type ExternalIdentifierType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType" iri-compact:"ExternalIdentifierType"` - - Iri string `iri:"@id"` -} - -var ( - ExternalIdentifierType_Cpe22 = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe22"} - ExternalIdentifierType_Cpe23 = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe23"} - ExternalIdentifierType_Cve = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cve"} - ExternalIdentifierType_Email = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/email"} - ExternalIdentifierType_Gitoid = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/gitoid"} - ExternalIdentifierType_Other = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/other"} - ExternalIdentifierType_PackageUrl = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/packageUrl"} - ExternalIdentifierType_SecurityOther = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/securityOther"} - ExternalIdentifierType_Swhid = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swhid"} - ExternalIdentifierType_Swid = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swid"} - ExternalIdentifierType_UrlScheme = ExternalIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/urlScheme"} -) +// A reference to the release notes for a package. +var ExternalRefType_ReleaseNotes = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes"} -type IExternalMap interface { +// A reference to a risk assessment for a package. +var ExternalRefType_RiskAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment"} - // GetDefiningArtifact artifact representing a serialization instance of SPDX data containing the - // definition of a particular Element. - GetDefiningArtifact() IArtifact +// A reference to a runtime analysis report for a package. +var ExternalRefType_RuntimeAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport"} - SetDefiningArtifact(IArtifact) +// A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). +var ExternalRefType_SecureSoftwareAttestation = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation"} - // GetExternalSpdxId identifies an external Element used within a Document but defined external to - // that Document. - GetExternalSpdxId() string +// A reference to the security adversary model for a package. +var ExternalRefType_SecurityAdversaryModel = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel"} - SetExternalSpdxId(string) +// A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. +var ExternalRefType_SecurityAdvisory = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory"} - // GetLocationHint provides an indication of where to retrieve an external Element. - GetLocationHint() string +// A reference to the patch or source code that fixes a vulnerability. +var ExternalRefType_SecurityFix = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix"} - SetLocationHint(string) +// A reference to related security information of unspecified type. +var ExternalRefType_SecurityOther = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther"} - // GetVerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - GetVerifiedUsing() []IIntegrityMethod +// A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. +var ExternalRefType_SecurityPenTestReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport"} - SetVerifiedUsing(...IIntegrityMethod) -} +// A reference to instructions for reporting newly discovered security vulnerabilities for a package. +var ExternalRefType_SecurityPolicy = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy"} -type ExternalMap struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalMap" iri-compact:"ExternalMap"` +// A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. +var ExternalRefType_SecurityThreatModel = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel"} - Iri string `iri:"@id"` +// A reference to a social media channel for a package. +var ExternalRefType_SocialMedia = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia"} - // DefiningArtifact artifact representing a serialization instance of SPDX data containing the - // definition of a particular Element. - DefiningArtifact IArtifact `iri:"https://spdx.org/rdf/3.0.0/terms/Core/definingArtifact" iri-compact:"definingArtifact"` - // ExternalSpdxId identifies an external Element used within a Document but defined external to - // that Document. - ExternalSpdxId string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalSpdxId" iri-compact:"externalSpdxId"` - // LocationHint provides an indication of where to retrieve an external Element. - LocationHint string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/locationHint" iri-compact:"locationHint"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` -} +// A reference to an artifact containing the sources for a package. +var ExternalRefType_SourceArtifact = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact"} -func NewExternalMap() IExternalMap { - return &ExternalMap{} -} +// A reference to a static analysis report for a package. +var ExternalRefType_StaticAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport"} -func (o *ExternalMap) GetDefiningArtifact() IArtifact { - return o.DefiningArtifact -} -func (o *ExternalMap) SetDefiningArtifact(v IArtifact) { - o.DefiningArtifact = v -} -func (o *ExternalMap) GetExternalSpdxId() string { - return o.ExternalSpdxId -} -func (o *ExternalMap) SetExternalSpdxId(v string) { - o.ExternalSpdxId = v -} -func (o *ExternalMap) GetLocationHint() string { - return o.LocationHint -} -func (o *ExternalMap) SetLocationHint(v string) { - o.LocationHint = v -} -func (o *ExternalMap) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *ExternalMap) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v +// A reference to the software support channel or other support information for a package. +var ExternalRefType_Support = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support"} + +// A reference to a version control system related to a software artifact. +var ExternalRefType_Vcs = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs"} + +// A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). +var ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"} + +// A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). +var ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"} + +// A mathematical algorithm that maps data of arbitrary size to a bit string. +type HashAlgorithm struct { + ID string } -type IExternalRef interface { +// Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. +var HashAlgorithm_Adler32 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32"} - // GetComment provide consumers with comments by the creator of the Element about the - // Element. - GetComment() string +// BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b256 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256"} - SetComment(string) +// BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b384 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384"} - // GetContentType specifies the media type of an Element or Property. - GetContentType() string +// BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b512 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512"} - SetContentType(string) +// [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) +var HashAlgorithm_Blake3 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3"} - // GetExternalRefType specifies the type of the external reference. - GetExternalRefType() ExternalRefType +// [Dilithium](https://pq-crystals.org/dilithium/) +var HashAlgorithm_CrystalsDilithium = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium"} - SetExternalRefType(ExternalRefType) +// [Kyber](https://pq-crystals.org/kyber/) +var HashAlgorithm_CrystalsKyber = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber"} - // GetLocator provides the location of an external reference. - GetLocator() []string +// [FALCON](https://falcon-sign.info/falcon.pdf) +var HashAlgorithm_Falcon = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon"} - SetLocator(...string) -} +// MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). +var HashAlgorithm_Md2 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2"} -type ExternalRef struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalRef" iri-compact:"ExternalRef"` +// MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). +var HashAlgorithm_Md4 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4"} - Iri string `iri:"@id"` +// MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). +var HashAlgorithm_Md5 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5"} - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // ContentType specifies the media type of an Element or Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/contentType" iri-compact:"contentType"` - // ExternalRefType specifies the type of the external reference. - ExternalRefType ExternalRefType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRefType" iri-compact:"externalRefType"` - // Locator provides the location of an external reference. - Locator []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/locator" iri-compact:"locator"` -} +// [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) +var HashAlgorithm_Md6 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6"} -func NewExternalRef() IExternalRef { - return &ExternalRef{} -} +// any hashing algorithm that does not exist in this list of entries +var HashAlgorithm_Other = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other"} -func (o *ExternalRef) GetComment() string { - return o.Comment -} -func (o *ExternalRef) SetComment(v string) { - o.Comment = v -} -func (o *ExternalRef) GetContentType() string { - return o.ContentType -} -func (o *ExternalRef) SetContentType(v string) { - o.ContentType = v -} -func (o *ExternalRef) GetExternalRefType() ExternalRefType { - return o.ExternalRefType -} -func (o *ExternalRef) SetExternalRefType(v ExternalRefType) { - o.ExternalRefType = v -} -func (o *ExternalRef) GetLocator() []string { - return o.Locator -} -func (o *ExternalRef) SetLocator(v ...string) { - o.Locator = v -} +// SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). +var HashAlgorithm_Sha1 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1"} -type ExternalRefType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType" iri-compact:"ExternalRefType"` - - Iri string `iri:"@id"` -} - -var ( - ExternalRefType_AltDownloadLocation = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altDownloadLocation"} - ExternalRefType_AltWebPage = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altWebPage"} - ExternalRefType_BinaryArtifact = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/binaryArtifact"} - ExternalRefType_Bower = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/bower"} - ExternalRefType_BuildMeta = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildMeta"} - ExternalRefType_BuildSystem = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildSystem"} - ExternalRefType_CertificationReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/certificationReport"} - ExternalRefType_Chat = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/chat"} - ExternalRefType_ComponentAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/componentAnalysisReport"} - ExternalRefType_Cwe = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/cwe"} - ExternalRefType_Documentation = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/documentation"} - ExternalRefType_DynamicAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/dynamicAnalysisReport"} - ExternalRefType_EolNotice = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/eolNotice"} - ExternalRefType_ExportControlAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/exportControlAssessment"} - ExternalRefType_Funding = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/funding"} - ExternalRefType_IssueTracker = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/issueTracker"} - ExternalRefType_License = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/license"} - ExternalRefType_MailingList = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mailingList"} - ExternalRefType_MavenCentral = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mavenCentral"} - ExternalRefType_Metrics = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/metrics"} - ExternalRefType_Npm = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/npm"} - ExternalRefType_Nuget = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/nuget"} - ExternalRefType_Other = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/other"} - ExternalRefType_PrivacyAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/privacyAssessment"} - ExternalRefType_ProductMetadata = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/productMetadata"} - ExternalRefType_PurchaseOrder = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/purchaseOrder"} - ExternalRefType_QualityAssessmentReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/qualityAssessmentReport"} - ExternalRefType_ReleaseHistory = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseHistory"} - ExternalRefType_ReleaseNotes = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseNotes"} - ExternalRefType_RiskAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/riskAssessment"} - ExternalRefType_RuntimeAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/runtimeAnalysisReport"} - ExternalRefType_SecureSoftwareAttestation = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/secureSoftwareAttestation"} - ExternalRefType_SecurityAdversaryModel = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdversaryModel"} - ExternalRefType_SecurityAdvisory = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdvisory"} - ExternalRefType_SecurityFix = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityFix"} - ExternalRefType_SecurityOther = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityOther"} - ExternalRefType_SecurityPenTestReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPenTestReport"} - ExternalRefType_SecurityPolicy = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPolicy"} - ExternalRefType_SecurityThreatModel = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityThreatModel"} - ExternalRefType_SocialMedia = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/socialMedia"} - ExternalRefType_SourceArtifact = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/sourceArtifact"} - ExternalRefType_StaticAnalysisReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/staticAnalysisReport"} - ExternalRefType_Support = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/support"} - ExternalRefType_Vcs = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vcs"} - ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"} - ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"} -) +// SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). +var HashAlgorithm_Sha224 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224"} -type HashAlgorithm struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm" iri-compact:"HashAlgorithm"` - - Iri string `iri:"@id"` -} - -var ( - HashAlgorithm_Blake2b256 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b256"} - HashAlgorithm_Blake2b384 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b384"} - HashAlgorithm_Blake2b512 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b512"} - HashAlgorithm_Blake3 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake3"} - HashAlgorithm_CrystalsDilithium = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsDilithium"} - HashAlgorithm_CrystalsKyber = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsKyber"} - HashAlgorithm_Falcon = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/falcon"} - HashAlgorithm_Md2 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md2"} - HashAlgorithm_Md4 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md4"} - HashAlgorithm_Md5 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md5"} - HashAlgorithm_Md6 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md6"} - HashAlgorithm_Other = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/other"} - HashAlgorithm_Sha1 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha1"} - HashAlgorithm_Sha224 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha224"} - HashAlgorithm_Sha256 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha256"} - HashAlgorithm_Sha384 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha384"} - HashAlgorithm_Sha3_224 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_224"} - HashAlgorithm_Sha3_256 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_256"} - HashAlgorithm_Sha3_384 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_384"} - HashAlgorithm_Sha3_512 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_512"} - HashAlgorithm_Sha512 = HashAlgorithm{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha512"} -) +// SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha256 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256"} -type IIntegrityMethod interface { +// SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha384 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384"} - // GetComment provide consumers with comments by the creator of the Element about the - // Element. - GetComment() string +// SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3224 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224"} - SetComment(string) -} +// SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3256 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256"} -type IntegrityMethod struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/IntegrityMethod" iri-compact:"IntegrityMethod"` +// SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3384 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384"} - Iri string `iri:"@id"` +// SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3512 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512"} - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` -} +// SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha512 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512"} -func (o *IntegrityMethod) GetComment() string { - return o.Comment -} -func (o *IntegrityMethod) SetComment(v string) { - o.Comment = v +// A concrete subclass of Element used by Individuals in the +// Core profile. +type IndividualElement struct { + Element } -type LifecycleScopeType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType" iri-compact:"LifecycleScopeType"` +// An Individual Value for Element representing a set of Elements of unknown +// identify or cardinality (number). +var IndividualElement_NoAssertionElement = IndividualElement{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement"}} - Iri string `iri:"@id"` -} +// An Individual Value for Element representing a set of Elements with +// cardinality (number/count) of zero. +var IndividualElement_NoneElement = IndividualElement{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement"}} -var ( - LifecycleScopeType_Build = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/build"} - LifecycleScopeType_Design = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/design"} - LifecycleScopeType_Development = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/development"} - LifecycleScopeType_Other = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/other"} - LifecycleScopeType_Runtime = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/runtime"} - LifecycleScopeType_Test = LifecycleScopeType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/test"} -) +func castIndividualElement(o any) *IndividualElement { + if o, ok := o.(AnyIndividualElement); ok { + return o.asIndividualElement() + } + return nil +} -type INamespaceMap interface { +func (o *IndividualElement) asIndividualElement() *IndividualElement { + return o +} - // GetNamespace provides an unambiguous mechanism for conveying a URI fragment portion of an - // ElementID. - GetNamespace() string +type AnyIndividualElement interface { + AnyElement + asIndividualElement() *IndividualElement +} - SetNamespace(string) +type IndividualElementList []AnyIndividualElement - // GetPrefix a substitute for a URI. - GetPrefix() string +func (o *IndividualElementList) Append(values ...AnyIndividualElement) { *o = append(*o, values...) } +func (o *IndividualElementList) Remove(value AnyIndividualElement) { remove(o, value) } - SetPrefix(string) +func (o *IndividualElementList) IndividualElementIter() iter.Seq2[AnyIndividualElement, *IndividualElement] { + return typeIter(*o, castIndividualElement) } -type NamespaceMap struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/NamespaceMap" iri-compact:"NamespaceMap"` +// Provides an independently reproducible mechanism that permits verification of a specific Element. +type IntegrityMethod struct { + ID string - Iri string `iri:"@id"` + // Provide consumers with comments by the creator of the Element about the + // Element. + Comment string +} - // Namespace provides an unambiguous mechanism for conveying a URI fragment portion of an - // ElementID. - Namespace string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/namespace" iri-compact:"namespace"` - // Prefix a substitute for a URI. - Prefix string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/prefix" iri-compact:"prefix"` +func castIntegrityMethod(o any) *IntegrityMethod { + if o, ok := o.(AnyIntegrityMethod); ok { + return o.asIntegrityMethod() + } + return nil } -func NewNamespaceMap() INamespaceMap { - return &NamespaceMap{} +func (o *IntegrityMethod) asIntegrityMethod() *IntegrityMethod { + return o } -func (o *NamespaceMap) GetNamespace() string { - return o.Namespace +type AnyIntegrityMethod interface { + asIntegrityMethod() *IntegrityMethod } -func (o *NamespaceMap) SetNamespace(v string) { - o.Namespace = v + +type IntegrityMethodList []AnyIntegrityMethod + +func (o *IntegrityMethodList) Append(values ...AnyIntegrityMethod) { *o = append(*o, values...) } +func (o *IntegrityMethodList) Remove(value AnyIntegrityMethod) { remove(o, value) } + +func (o *IntegrityMethodList) IntegrityMethodIter() iter.Seq2[AnyIntegrityMethod, *IntegrityMethod] { + return typeIter(*o, castIntegrityMethod) } -func (o *NamespaceMap) GetPrefix() string { - return o.Prefix +func (o *IntegrityMethodList) PackageVerificationCodeIter() iter.Seq2[AnyIntegrityMethod, *PackageVerificationCode] { + return typeIter(*o, castPackageVerificationCode) } -func (o *NamespaceMap) SetPrefix(v string) { - o.Prefix = v +func (o *IntegrityMethodList) SoftwareContentIdentifierIter() iter.Seq2[AnyIntegrityMethod, *SoftwareContentIdentifier] { + return typeIter(*o, castSoftwareContentIdentifier) +} +func (o *IntegrityMethodList) HashIter() iter.Seq2[AnyIntegrityMethod, *Hash] { + return typeIter(*o, castHash) } -type IPackageVerificationCode interface { - IIntegrityMethod - - // GetAlgorithm specifies the algorithm used for calculating the hash value. - GetAlgorithm() HashAlgorithm - - SetAlgorithm(HashAlgorithm) +// Provide an enumerated set of lifecycle phases that can provide context to relationships. +type LifecycleScopeType struct { + ID string +} - // GetHashValue the result of applying a hash algorithm to an Element. - GetHashValue() string +// A relationship has specific context implications during an element's build phase, during development. +var LifecycleScopeType_Build = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build"} - SetHashValue(string) +// A relationship has specific context implications during an element's design. +var LifecycleScopeType_Design = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design"} - // GetPackageVerificationCodeExcludedFile the relative file name of a file to be excluded from the - // `PackageVerificationCode`. - GetPackageVerificationCodeExcludedFile() []string +// A relationship has specific context implications during development phase of an element. +var LifecycleScopeType_Development = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development"} - SetPackageVerificationCodeExcludedFile(...string) -} +// A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. +var LifecycleScopeType_Other = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other"} -type PackageVerificationCode struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/PackageVerificationCode" iri-compact:"PackageVerificationCode"` +// A relationship has specific context implications during the execution phase of an element. +var LifecycleScopeType_Runtime = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime"} - Iri string `iri:"@id"` +// A relationship has specific context implications during an element's testing phase, during development. +var LifecycleScopeType_Test = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test"} - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` +// A mapping between prefixes and namespace partial URIs. +type NamespaceMap struct { + ID string - // Algorithm specifies the algorithm used for calculating the hash value. - Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.0/terms/Core/algorithm" iri-compact:"algorithm"` - // HashValue the result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/hashValue" iri-compact:"hashValue"` - // PackageVerificationCodeExcludedFile the relative file name of a file to be excluded from the - // `PackageVerificationCode`. - PackageVerificationCodeExcludedFile []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/packageVerificationCodeExcludedFile" iri-compact:"packageVerificationCodeExcludedFile"` + // Provides an unambiguous mechanism for conveying a URI fragment portion of an + // Element ID. + Namespace string + // A substitute for a URI. + Prefix string } -func NewPackageVerificationCode() IPackageVerificationCode { - return &PackageVerificationCode{} +func castNamespaceMap(o any) *NamespaceMap { + if o, ok := o.(AnyNamespaceMap); ok { + return o.asNamespaceMap() + } + return nil } -func (o *PackageVerificationCode) GetComment() string { - return o.Comment -} -func (o *PackageVerificationCode) SetComment(v string) { - o.Comment = v +func (o *NamespaceMap) asNamespaceMap() *NamespaceMap { + return o } -func (o *PackageVerificationCode) GetAlgorithm() HashAlgorithm { - return o.Algorithm -} -func (o *PackageVerificationCode) SetAlgorithm(v HashAlgorithm) { - o.Algorithm = v +type AnyNamespaceMap interface { + asNamespaceMap() *NamespaceMap } -func (o *PackageVerificationCode) GetHashValue() string { - return o.HashValue -} -func (o *PackageVerificationCode) SetHashValue(v string) { - o.HashValue = v + +type NamespaceMapList []AnyNamespaceMap + +func (o *NamespaceMapList) Append(values ...AnyNamespaceMap) { *o = append(*o, values...) } +func (o *NamespaceMapList) Remove(value AnyNamespaceMap) { remove(o, value) } + +func (o *NamespaceMapList) NamespaceMapIter() iter.Seq2[AnyNamespaceMap, *NamespaceMap] { + return typeIter(*o, castNamespaceMap) } -func (o *PackageVerificationCode) GetPackageVerificationCodeExcludedFile() []string { - return o.PackageVerificationCodeExcludedFile + +// An SPDX version 2.X compatible verification method for software packages. +type PackageVerificationCode struct { + IntegrityMethod + + // Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm + // The result of applying a hash algorithm to an Element. + HashValue string + // The relative file name of a file to be excluded from the + // `PackageVerificationCode`. + PackageVerificationCodeExcludedFiles []string } -func (o *PackageVerificationCode) SetPackageVerificationCodeExcludedFile(v ...string) { - o.PackageVerificationCodeExcludedFile = v + +func castPackageVerificationCode(o any) *PackageVerificationCode { + if o, ok := o.(AnyPackageVerificationCode); ok { + return o.asPackageVerificationCode() + } + return nil } -type IPositiveIntegerRange interface { +func (o *PackageVerificationCode) asPackageVerificationCode() *PackageVerificationCode { + return o +} - // GetBeginIntegerRange defines the beginning of a range. - GetBeginIntegerRange() uint +type AnyPackageVerificationCode interface { + AnyIntegrityMethod + asPackageVerificationCode() *PackageVerificationCode +} - SetBeginIntegerRange(uint) +type PackageVerificationCodeList []AnyPackageVerificationCode - // GetEndIntegerRange defines the end of a range. - GetEndIntegerRange() uint +func (o *PackageVerificationCodeList) Append(values ...AnyPackageVerificationCode) { + *o = append(*o, values...) +} +func (o *PackageVerificationCodeList) Remove(value AnyPackageVerificationCode) { remove(o, value) } - SetEndIntegerRange(uint) +func (o *PackageVerificationCodeList) PackageVerificationCodeIter() iter.Seq2[AnyPackageVerificationCode, *PackageVerificationCode] { + return typeIter(*o, castPackageVerificationCode) } +// A tuple of two positive integers that define a range. type PositiveIntegerRange struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/PositiveIntegerRange" iri-compact:"PositiveIntegerRange"` + ID string - Iri string `iri:"@id"` - - // BeginIntegerRange defines the beginning of a range. - BeginIntegerRange uint `iri:"https://spdx.org/rdf/3.0.0/terms/Core/beginIntegerRange" iri-compact:"beginIntegerRange"` - // EndIntegerRange defines the end of a range. - EndIntegerRange uint `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endIntegerRange" iri-compact:"endIntegerRange"` + // Defines the beginning of a range. + BeginIntegerRange int + // Defines the end of a range. + EndIntegerRange int } -func NewPositiveIntegerRange() IPositiveIntegerRange { - return &PositiveIntegerRange{} +func castPositiveIntegerRange(o any) *PositiveIntegerRange { + if o, ok := o.(AnyPositiveIntegerRange); ok { + return o.asPositiveIntegerRange() + } + return nil } -func (o *PositiveIntegerRange) GetBeginIntegerRange() uint { - return o.BeginIntegerRange +func (o *PositiveIntegerRange) asPositiveIntegerRange() *PositiveIntegerRange { + return o } -func (o *PositiveIntegerRange) SetBeginIntegerRange(v uint) { - o.BeginIntegerRange = v + +type AnyPositiveIntegerRange interface { + asPositiveIntegerRange() *PositiveIntegerRange } -func (o *PositiveIntegerRange) GetEndIntegerRange() uint { - return o.EndIntegerRange + +type PositiveIntegerRangeList []AnyPositiveIntegerRange + +func (o *PositiveIntegerRangeList) Append(values ...AnyPositiveIntegerRange) { + *o = append(*o, values...) } -func (o *PositiveIntegerRange) SetEndIntegerRange(v uint) { - o.EndIntegerRange = v +func (o *PositiveIntegerRangeList) Remove(value AnyPositiveIntegerRange) { remove(o, value) } + +func (o *PositiveIntegerRangeList) PositiveIntegerRangeIter() iter.Seq2[AnyPositiveIntegerRange, *PositiveIntegerRange] { + return typeIter(*o, castPositiveIntegerRange) } +// Categories of presence or absence. type PresenceType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/PresenceType" iri-compact:"PresenceType"` - - Iri string `iri:"@id"` + ID string } -var ( - PresenceType_No = PresenceType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no"} - PresenceType_NoAssertion = PresenceType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion"} - PresenceType_Yes = PresenceType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes"} -) - -type ProfileIdentifierType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType" iri-compact:"ProfileIdentifierType"` - - Iri string `iri:"@id"` -} - -var ( - ProfileIdentifierType_Ai = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/ai"} - ProfileIdentifierType_Build = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/build"} - ProfileIdentifierType_Core = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/core"} - ProfileIdentifierType_Dataset = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/dataset"} - ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/expandedLicensing"} - ProfileIdentifierType_Extension = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/extension"} - ProfileIdentifierType_Lite = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/lite"} - ProfileIdentifierType_Security = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/security"} - ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/simpleLicensing"} - ProfileIdentifierType_Software = ProfileIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/software"} -) +// Indicates absence of the field. +var PresenceType_No = PresenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no"} -type IRelationship interface { - IElement +// Makes no assertion about the field. +var PresenceType_NoAssertion = PresenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion"} - // GetCompleteness provides information about the completeness of relationships. - GetCompleteness() RelationshipCompleteness +// Indicates presence of the field. +var PresenceType_Yes = PresenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes"} - SetCompleteness(RelationshipCompleteness) +// Enumeration of the valid profiles. +type ProfileIdentifierType struct { + ID string +} - // GetEndTime specifies the time from which an element is no longer applicable / valid. - GetEndTime() string +// the element follows the AI profile specification +var ProfileIdentifierType_Ai = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai"} - SetEndTime(string) +// the element follows the Build profile specification +var ProfileIdentifierType_Build = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build"} - // GetFrom references the Element on the left-hand side of a relationship. - GetFrom() IElement +// the element follows the Core profile specification +var ProfileIdentifierType_Core = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core"} - SetFrom(IElement) +// the element follows the Dataset profile specification +var ProfileIdentifierType_Dataset = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset"} - // GetRelationshipType information about the relationship between two Elements. - GetRelationshipType() RelationshipType +// the element follows the ExpandedLicensing profile specification +var ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing"} - SetRelationshipType(RelationshipType) +// the element follows the Extension profile specification +var ProfileIdentifierType_Extension = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension"} - // GetStartTime specifies the time from which an element is applicable / valid. - GetStartTime() string +// the element follows the Lite profile specification +var ProfileIdentifierType_Lite = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite"} - SetStartTime(string) +// the element follows the Security profile specification +var ProfileIdentifierType_Security = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security"} - // GetTo references an Element on the right-hand side of a relationship. - GetTo() []IElement +// the element follows the SimpleLicensing profile specification +var ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing"} - SetTo(...IElement) -} +// the element follows the Software profile specification +var ProfileIdentifierType_Software = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software"} +// Describes a relationship between one or more elements. type Relationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Relationship" iri-compact:"Relationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` + Element + + // Provides information about the completeness of relationships. + Completeness RelationshipCompleteness + // Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time + // References the Element on the left-hand side of a relationship. + From AnyElement + + // Information about the relationship between two Elements. + RelationshipType RelationshipType + // Specifies the time from which an element is applicable / valid. + StartTime time.Time + // References an Element on the right-hand side of a relationship. + Tos ElementList +} + +func castRelationship(o any) *Relationship { + if o, ok := o.(AnyRelationship); ok { + return o.asRelationship() + } + return nil } -func NewRelationship() IRelationship { - return &Relationship{} +func (o *Relationship) asRelationship() *Relationship { + return o } -func (o *Relationship) GetSpdxId() string { - return o.SpdxId -} -func (o *Relationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Relationship) GetComment() string { - return o.Comment -} -func (o *Relationship) SetComment(v string) { - o.Comment = v -} -func (o *Relationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Relationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v +type AnyRelationship interface { + AnyElement + asRelationship() *Relationship } -func (o *Relationship) GetDescription() string { - return o.Description + +type RelationshipList []AnyRelationship + +func (o *RelationshipList) Append(values ...AnyRelationship) { *o = append(*o, values...) } +func (o *RelationshipList) Remove(value AnyRelationship) { remove(o, value) } + +func (o *RelationshipList) RelationshipIter() iter.Seq2[AnyRelationship, *Relationship] { + return typeIter(*o, castRelationship) } -func (o *Relationship) SetDescription(v string) { - o.Description = v +func (o *RelationshipList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVulnAssessmentRelationship) } -func (o *Relationship) GetExtensions() []IExtension { - return o.Extensions +func (o *RelationshipList) LifecycleScopedRelationshipIter() iter.Seq2[AnyRelationship, *LifecycleScopedRelationship] { + return typeIter(*o, castLifecycleScopedRelationship) } -func (o *Relationship) SetExtensions(v ...IExtension) { - o.Extensions = v +func (o *RelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV2VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) } -func (o *Relationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers +func (o *RelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV3VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) } -func (o *Relationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func (o *RelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV4VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) } -func (o *Relationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs +func (o *RelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityEpssVulnAssessmentRelationship] { + return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) } -func (o *Relationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v +func (o *RelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { + return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) } -func (o *Relationship) GetName() string { - return o.Name +func (o *RelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecuritySsvcVulnAssessmentRelationship] { + return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) } -func (o *Relationship) SetName(v string) { - o.Name = v +func (o *RelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexVulnAssessmentRelationship) } -func (o *Relationship) GetSummary() string { - return o.Summary +func (o *RelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) } -func (o *Relationship) SetSummary(v string) { - o.Summary = v +func (o *RelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexFixedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) } -func (o *Relationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing +func (o *RelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) } -func (o *Relationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v +func (o *RelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) } -func (o *Relationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *Relationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *Relationship) GetEndTime() string { - return o.EndTime -} -func (o *Relationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *Relationship) GetFrom() IElement { - return o.From -} -func (o *Relationship) SetFrom(v IElement) { - o.From = v -} -func (o *Relationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *Relationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *Relationship) GetStartTime() string { - return o.StartTime -} -func (o *Relationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *Relationship) GetTo() []IElement { - return o.To -} -func (o *Relationship) SetTo(v ...IElement) { - o.To = v +// Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. +type RelationshipCompleteness struct { + ID string } -type RelationshipCompleteness struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness" iri-compact:"RelationshipCompleteness"` +// The relationship is known to be exhaustive. +var RelationshipCompleteness_Complete = RelationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete"} - Iri string `iri:"@id"` -} +// The relationship is known not to be exhaustive. +var RelationshipCompleteness_Incomplete = RelationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete"} -var ( - RelationshipCompleteness_Complete = RelationshipCompleteness{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/complete"} - RelationshipCompleteness_Incomplete = RelationshipCompleteness{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/incomplete"} - RelationshipCompleteness_NoAssertion = RelationshipCompleteness{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/noAssertion"} -) +// No assertion can be made about the completeness of the relationship. +var RelationshipCompleteness_NoAssertion = RelationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion"} +// Information about the relationship between two Elements. type RelationshipType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType" iri-compact:"RelationshipType"` - - Iri string `iri:"@id"` -} - -var ( - RelationshipType_Affects = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/affects"} - RelationshipType_AmendedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/amendedBy"} - RelationshipType_AncestorOf = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/ancestorOf"} - RelationshipType_AvailableFrom = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/availableFrom"} - RelationshipType_Configures = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/configures"} - RelationshipType_Contains = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/contains"} - RelationshipType_CoordinatedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/coordinatedBy"} - RelationshipType_CopiedTo = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/copiedTo"} - RelationshipType_DelegatedTo = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/delegatedTo"} - RelationshipType_DependsOn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/dependsOn"} - RelationshipType_DescendantOf = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/descendantOf"} - RelationshipType_Describes = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/describes"} - RelationshipType_DoesNotAffect = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/doesNotAffect"} - RelationshipType_ExpandsTo = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/expandsTo"} - RelationshipType_ExploitCreatedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/exploitCreatedBy"} - RelationshipType_FixedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedBy"} - RelationshipType_FixedIn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedIn"} - RelationshipType_FoundBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/foundBy"} - RelationshipType_Generates = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/generates"} - RelationshipType_HasAddedFile = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAddedFile"} - RelationshipType_HasAssessmentFor = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssessmentFor"} - RelationshipType_HasAssociatedVulnerability = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssociatedVulnerability"} - RelationshipType_HasConcludedLicense = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasConcludedLicense"} - RelationshipType_HasDataFile = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDataFile"} - RelationshipType_HasDeclaredLicense = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeclaredLicense"} - RelationshipType_HasDeletedFile = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeletedFile"} - RelationshipType_HasDependencyManifest = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDependencyManifest"} - RelationshipType_HasDistributionArtifact = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDistributionArtifact"} - RelationshipType_HasDocumentation = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDocumentation"} - RelationshipType_HasDynamicLink = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDynamicLink"} - RelationshipType_HasEvidence = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasEvidence"} - RelationshipType_HasExample = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasExample"} - RelationshipType_HasHost = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasHost"} - RelationshipType_HasInputs = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasInputs"} - RelationshipType_HasMetadata = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasMetadata"} - RelationshipType_HasOptionalComponent = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalComponent"} - RelationshipType_HasOptionalDependency = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalDependency"} - RelationshipType_HasOutputs = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOutputs"} - RelationshipType_HasPrerequsite = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasPrerequsite"} - RelationshipType_HasProvidedDependency = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasProvidedDependency"} - RelationshipType_HasRequirement = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasRequirement"} - RelationshipType_HasSpecification = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasSpecification"} - RelationshipType_HasStaticLink = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasStaticLink"} - RelationshipType_HasTest = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTest"} - RelationshipType_HasTestCase = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTestCase"} - RelationshipType_HasVariant = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasVariant"} - RelationshipType_InvokedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/invokedBy"} - RelationshipType_ModifiedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/modifiedBy"} - RelationshipType_Other = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/other"} - RelationshipType_PackagedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/packagedBy"} - RelationshipType_PatchedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/patchedBy"} - RelationshipType_PublishedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/publishedBy"} - RelationshipType_ReportedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/reportedBy"} - RelationshipType_RepublishedBy = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/republishedBy"} - RelationshipType_SerializedInArtifact = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/serializedInArtifact"} - RelationshipType_TestedOn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/testedOn"} - RelationshipType_TrainedOn = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/trainedOn"} - RelationshipType_UnderInvestigationFor = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/underInvestigationFor"} - RelationshipType_UsesTool = RelationshipType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/usesTool"} -) + ID string +} -type ISpdxDocument interface { - IElementCollection +// The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_Affects = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects"} - // GetDataLicense provides the license under which the SPDX documentation of the Element can be - // used. - GetDataLicense() IAnyLicenseInfo +// The `from` Element is amended by each `to` Element. +var RelationshipType_AmendedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy"} - SetDataLicense(IAnyLicenseInfo) +// The `from` Element is an ancestor of each `to` Element. +var RelationshipType_AncestorOf = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf"} - // GetImports provides an ExternalMap of Element identifiers. - GetImports() []IExternalMap +// The `from` Element is available from the additional supplier described by each `to` Element. +var RelationshipType_AvailableFrom = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom"} - SetImports(...IExternalMap) +// The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. +var RelationshipType_Configures = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures"} - // GetNamespaceMap provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - GetNamespaceMap() []INamespaceMap +// The `from` Element contains each `to` Element. +var RelationshipType_Contains = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains"} - SetNamespaceMap(...INamespaceMap) -} +// The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). +var RelationshipType_CoordinatedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy"} -type SpdxDocument struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/SpdxDocument" iri-compact:"SpdxDocument" id-prop:"spdxId"` +// The `from` Element has been copied to each `to` Element. +var RelationshipType_CopiedTo = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo"} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +// The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). +var RelationshipType_DelegatedTo = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo"} - // Elements refers to one or more Elements that are part of an ElementCollection. - Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` - // ProfileConformance describes one a profile which the creator of this ElementCollection intends to - // conform to. - ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` - // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` +// The `from` Element depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_DependsOn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn"} - // DataLicense provides the license under which the SPDX documentation of the Element can be - // used. - DataLicense IAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/dataLicense" iri-compact:"dataLicense"` - // Imports provides an ExternalMap of Element identifiers. - Imports []IExternalMap `iri:"https://spdx.org/rdf/3.0.0/terms/Core/imports" iri-compact:"imports"` - // NamespaceMap provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - NamespaceMap []INamespaceMap `iri:"https://spdx.org/rdf/3.0.0/terms/Core/namespaceMap" iri-compact:"namespaceMap"` -} +// The `from` Element is a descendant of each `to` Element. +var RelationshipType_DescendantOf = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf"} -func NewSpdxDocument() ISpdxDocument { - return &SpdxDocument{} -} +// The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. +var RelationshipType_Describes = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes"} -func (o *SpdxDocument) GetSpdxId() string { - return o.SpdxId -} -func (o *SpdxDocument) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *SpdxDocument) GetComment() string { - return o.Comment -} -func (o *SpdxDocument) SetComment(v string) { - o.Comment = v -} -func (o *SpdxDocument) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *SpdxDocument) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *SpdxDocument) GetDescription() string { - return o.Description -} -func (o *SpdxDocument) SetDescription(v string) { - o.Description = v -} -func (o *SpdxDocument) GetExtensions() []IExtension { - return o.Extensions -} -func (o *SpdxDocument) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *SpdxDocument) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *SpdxDocument) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *SpdxDocument) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *SpdxDocument) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *SpdxDocument) GetName() string { - return o.Name -} -func (o *SpdxDocument) SetName(v string) { - o.Name = v -} -func (o *SpdxDocument) GetSummary() string { - return o.Summary -} -func (o *SpdxDocument) SetSummary(v string) { - o.Summary = v -} -func (o *SpdxDocument) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *SpdxDocument) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} +// The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_DoesNotAffect = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect"} -func (o *SpdxDocument) GetElements() []IElement { - return o.Elements -} -func (o *SpdxDocument) SetElements(v ...IElement) { - o.Elements = v -} -func (o *SpdxDocument) GetProfileConformance() []ProfileIdentifierType { - return o.ProfileConformance -} -func (o *SpdxDocument) SetProfileConformance(v ...ProfileIdentifierType) { - o.ProfileConformance = v -} -func (o *SpdxDocument) GetRootElements() []IElement { - return o.RootElements -} -func (o *SpdxDocument) SetRootElements(v ...IElement) { - o.RootElements = v -} +// The `from` archive expands out as an artifact described by each `to` Element. +var RelationshipType_ExpandsTo = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo"} -func (o *SpdxDocument) GetDataLicense() IAnyLicenseInfo { - return o.DataLicense -} -func (o *SpdxDocument) SetDataLicense(v IAnyLicenseInfo) { - o.DataLicense = v -} -func (o *SpdxDocument) GetImports() []IExternalMap { - return o.Imports -} -func (o *SpdxDocument) SetImports(v ...IExternalMap) { - o.Imports = v -} -func (o *SpdxDocument) GetNamespaceMap() []INamespaceMap { - return o.NamespaceMap -} -func (o *SpdxDocument) SetNamespaceMap(v ...INamespaceMap) { - o.NamespaceMap = v -} +// The `from` Vulnerability has had an exploit created against it by each `to` Agent. +var RelationshipType_ExploitCreatedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy"} -type SupportType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/SupportType" iri-compact:"SupportType"` +// Designates a `from` Vulnerability has been fixed by the `to` Agent(s). +var RelationshipType_FixedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy"} - Iri string `iri:"@id"` -} +// A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. +var RelationshipType_FixedIn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn"} -var ( - SupportType_Deployed = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/deployed"} - SupportType_Development = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/development"} - SupportType_EndOfSupport = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/endOfSupport"} - SupportType_LimitedSupport = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/limitedSupport"} - SupportType_NoAssertion = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noAssertion"} - SupportType_NoSupport = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noSupport"} - SupportType_Support = SupportType{Iri: "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/support"} -) +// Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). +var RelationshipType_FoundBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy"} -type ITool interface { - IElement -} +// The `from` Element generates each `to` Element. +var RelationshipType_Generates = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates"} -type Tool struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Tool" iri-compact:"Tool" id-prop:"spdxId"` +// Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). +var RelationshipType_HasAddedFile = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile"} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` -} +// Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. +var RelationshipType_HasAssessmentFor = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor"} -func NewTool() ITool { - return &Tool{} -} +// Used to associate a `from` Artifact with each `to` Vulnerability. +var RelationshipType_HasAssociatedVulnerability = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability"} -func (o *Tool) GetSpdxId() string { - return o.SpdxId -} -func (o *Tool) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Tool) GetComment() string { - return o.Comment -} -func (o *Tool) SetComment(v string) { - o.Comment = v -} -func (o *Tool) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Tool) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Tool) GetDescription() string { - return o.Description -} -func (o *Tool) SetDescription(v string) { - o.Description = v -} -func (o *Tool) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Tool) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Tool) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers +// The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. +var RelationshipType_HasConcludedLicense = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense"} + +// The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. +var RelationshipType_HasDataFile = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile"} + +// The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. +var RelationshipType_HasDeclaredLicense = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense"} + +// Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). +var RelationshipType_HasDeletedFile = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile"} + +// The `from` Element has manifest files that contain dependency information in each `to` Element. +var RelationshipType_HasDependencyManifest = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest"} + +// The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). +var RelationshipType_HasDistributionArtifact = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact"} + +// The `from` Element is documented by each `to` Element. +var RelationshipType_HasDocumentation = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation"} + +// The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasDynamicLink = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink"} + +// Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). +var RelationshipType_HasEvidence = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence"} + +// Every `to` Element is an example for the `from` Element (`from` hasExample `to`). +var RelationshipType_HasExample = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample"} + +// The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). +var RelationshipType_HasHost = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost"} + +// The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. +var RelationshipType_HasInput = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput"} + +// Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). +var RelationshipType_HasMetadata = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata"} + +// Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). +var RelationshipType_HasOptionalComponent = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent"} + +// The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasOptionalDependency = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency"} + +// The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. +var RelationshipType_HasOutput = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput"} + +// The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasPrerequisite = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite"} + +// The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. +var RelationshipType_HasProvidedDependency = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency"} + +// The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasRequirement = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement"} + +// Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. +var RelationshipType_HasSpecification = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification"} + +// The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasStaticLink = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink"} + +// Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. +var RelationshipType_HasTest = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest"} + +// Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). +var RelationshipType_HasTestCase = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase"} + +// Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). +var RelationshipType_HasVariant = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant"} + +// The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). +var RelationshipType_InvokedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy"} + +// The `from` Element is modified by each `to` Element. +var RelationshipType_ModifiedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy"} + +// Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). +var RelationshipType_Other = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other"} + +// Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). +var RelationshipType_PackagedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy"} + +// Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). +var RelationshipType_PatchedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy"} + +// Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. +var RelationshipType_PublishedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy"} + +// Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. +var RelationshipType_ReportedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy"} + +// Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. +var RelationshipType_RepublishedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy"} + +// The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. +var RelationshipType_SerializedInArtifact = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact"} + +// The `from` Element has been tested on the `to` Element(s). +var RelationshipType_TestedOn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn"} + +// The `from` Element has been trained on the `to` Element(s). +var RelationshipType_TrainedOn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn"} + +// The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. +var RelationshipType_UnderInvestigationFor = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor"} + +// The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. +var RelationshipType_UsesTool = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool"} + +// A collection of SPDX Elements that could potentially be serialized. +type SpdxDocument struct { + ElementCollection + + // Provides the license under which the SPDX documentation of the Element can be + // used. + DataLicense AnySimplelicensingAnyLicenseInfo + + // Provides an ExternalMap of Element identifiers. + Imports ExternalMapList + + // Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + NamespaceMaps NamespaceMapList } -func (o *Tool) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v + +func castSpdxDocument(o any) *SpdxDocument { + if o, ok := o.(AnySpdxDocument); ok { + return o.asSpdxDocument() + } + return nil } -func (o *Tool) GetExternalRefs() []IExternalRef { - return o.ExternalRefs + +func (o *SpdxDocument) asSpdxDocument() *SpdxDocument { + return o } -func (o *Tool) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +type AnySpdxDocument interface { + AnyElementCollection + asSpdxDocument() *SpdxDocument } -func (o *Tool) GetName() string { - return o.Name + +type SpdxDocumentList []AnySpdxDocument + +func (o *SpdxDocumentList) Append(values ...AnySpdxDocument) { *o = append(*o, values...) } +func (o *SpdxDocumentList) Remove(value AnySpdxDocument) { remove(o, value) } + +func (o *SpdxDocumentList) SpdxDocumentIter() iter.Seq2[AnySpdxDocument, *SpdxDocument] { + return typeIter(*o, castSpdxDocument) } -func (o *Tool) SetName(v string) { - o.Name = v + +// Indicates the type of support that is associated with an artifact. +type SupportType struct { + ID string } -func (o *Tool) GetSummary() string { - return o.Summary + +// in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. +var SupportType_Deployed = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed"} + +// the artifact is in active development and is not considered ready for formal support from the supplier. +var SupportType_Development = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development"} + +// there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. +var SupportType_EndOfSupport = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport"} + +// the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_LimitedSupport = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport"} + +// no assertion about the type of support is made. This is considered the default if no other support type is used. +var SupportType_NoAssertion = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion"} + +// there is no support for the artifact from the supplier, consumer assumes any support obligations. +var SupportType_NoSupport = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport"} + +// the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_Support = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support"} + +// An element of hardware and/or software utilized to carry out a particular function. +type Tool struct { + Element } -func (o *Tool) SetSummary(v string) { - o.Summary = v + +func castTool(o any) *Tool { + if o, ok := o.(AnyTool); ok { + return o.asTool() + } + return nil } -func (o *Tool) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +func (o *Tool) asTool() *Tool { + return o } -func (o *Tool) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +type AnyTool interface { + AnyElement + asTool() *Tool } -type ConfidentialityLevelType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType" iri-compact:"dataset_ConfidentialityLevelType"` +type ToolList []AnyTool + +func (o *ToolList) Append(values ...AnyTool) { *o = append(*o, values...) } +func (o *ToolList) Remove(value AnyTool) { remove(o, value) } + +func (o *ToolList) ToolIter() iter.Seq2[AnyTool, *Tool] { return typeIter(*o, castTool) } - Iri string `iri:"@id"` +// Categories of confidentiality level. +type DatasetConfidentialityLevelType struct { + ID string } -var ( - ConfidentialityLevelType_Amber = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/amber"} - ConfidentialityLevelType_Clear = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/clear"} - ConfidentialityLevelType_Green = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/green"} - ConfidentialityLevelType_Red = ConfidentialityLevelType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/red"} -) +// Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. +var DatasetConfidentialityLevelType_Amber = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber"} + +// Dataset may be distributed freely, without restriction. +var DatasetConfidentialityLevelType_Clear = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear"} -type DatasetAvailabilityType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType" iri-compact:"dataset_DatasetAvailabilityType"` +// Dataset can be shared within a community of peers and partners. +var DatasetConfidentialityLevelType_Green = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green"} - Iri string `iri:"@id"` +// Data points in the dataset are highly confidential and can only be shared with named recipients. +var DatasetConfidentialityLevelType_Red = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red"} + +// Availability of dataset. +type DatasetDatasetAvailabilityType struct { + ID string } -var ( - DatasetAvailabilityType_Clickthrough = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/clickthrough"} - DatasetAvailabilityType_DirectDownload = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/directDownload"} - DatasetAvailabilityType_Query = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/query"} - DatasetAvailabilityType_Registration = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/registration"} - DatasetAvailabilityType_ScrapingScript = DatasetAvailabilityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/scrapingScript"} -) +// the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. +var DatasetDatasetAvailabilityType_Clickthrough = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough"} -type DatasetType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType" iri-compact:"dataset_DatasetType"` - - Iri string `iri:"@id"` -} - -var ( - DatasetType_Audio = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/audio"} - DatasetType_Categorical = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/categorical"} - DatasetType_Graph = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/graph"} - DatasetType_Image = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/image"} - DatasetType_NoAssertion = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/noAssertion"} - DatasetType_Numeric = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/numeric"} - DatasetType_Other = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/other"} - DatasetType_Sensor = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/sensor"} - DatasetType_Structured = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/structured"} - DatasetType_Syntactic = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/syntactic"} - DatasetType_Text = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/text"} - DatasetType_Timeseries = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timeseries"} - DatasetType_Timestamp = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timestamp"} - DatasetType_Video = DatasetType{Iri: "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/video"} -) +// the dataset is publicly available and can be downloaded directly. +var DatasetDatasetAvailabilityType_DirectDownload = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload"} -type ILicenseAddition interface { - IElement +// the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. +var DatasetDatasetAvailabilityType_Query = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query"} - // GetAdditionText identifies the full text of a LicenseAddition. - GetAdditionText() string +// the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. +var DatasetDatasetAvailabilityType_Registration = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration"} - SetAdditionText(string) +// the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. +var DatasetDatasetAvailabilityType_ScrapingScript = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript"} - // GetIsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. - GetIsDeprecatedAdditionId() bool +// Enumeration of dataset types. +type DatasetDatasetType struct { + ID string +} - SetIsDeprecatedAdditionId(bool) +// data is audio based, such as a collection of music from the 80s. +var DatasetDatasetType_Audio = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio"} - // GetLicenseXml identifies all the text and metadata associated with a license in the license - // XML format. - GetLicenseXml() string +// data that is classified into a discrete number of categories, such as the eye color of a population of people. +var DatasetDatasetType_Categorical = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical"} - SetLicenseXml(string) +// data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. +var DatasetDatasetType_Graph = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph"} - // GetObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - GetObsoletedBy() string +// data is a collection of images such as pictures of animals. +var DatasetDatasetType_Image = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image"} - SetObsoletedBy(string) +// data type is not known. +var DatasetDatasetType_NoAssertion = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion"} - // GetSeeAlso contains a URL where the License or LicenseAddition can be found in use. - GetSeeAlso() []string +// data consists only of numeric entries. +var DatasetDatasetType_Numeric = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric"} - SetSeeAlso(...string) +// data is of a type not included in this list. +var DatasetDatasetType_Other = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other"} - // GetStandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. - GetStandardAdditionTemplate() string +// data is recorded from a physical sensor, such as a thermometer reading or biometric device. +var DatasetDatasetType_Sensor = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor"} - SetStandardAdditionTemplate(string) -} +// data is stored in tabular format or retrieved from a relational database. +var DatasetDatasetType_Structured = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured"} -type LicenseAddition struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/LicenseAddition" iri-compact:"expandedlicensing_LicenseAddition" id-prop:"spdxId"` +// data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. +var DatasetDatasetType_Syntactic = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic"} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +// data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. +var DatasetDatasetType_Text = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text"} + +// data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. +var DatasetDatasetType_Timeseries = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries"} + +// data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. +var DatasetDatasetType_Timestamp = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp"} + +// data is video based, such as a collection of movie clips featuring Tom Hanks. +var DatasetDatasetType_Video = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video"} - // AdditionText identifies the full text of a LicenseAddition. - AdditionText string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` - // IsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. - IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` - // LicenseXml identifies all the text and metadata associated with a license in the license +// Abstract class for additional text intended to be added to a License, but +// which is not itself a standalone License. +type ExpandedlicensingLicenseAddition struct { + Element + + // Identifies the full text of a LicenseAddition. + ExpandedlicensingAdditionText string + // Specifies whether an additional text identifier has been marked as deprecated. + ExpandedlicensingIsDeprecatedAdditionId bool + // Identifies all the text and metadata associated with a license in the license // XML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated + ExpandedlicensingLicenseXml string + // Specifies the licenseId that is preferred to be used in place of a deprecated // License or LicenseAddition. - ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // SeeAlso contains a URL where the License or LicenseAddition can be found in use. - SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // StandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. - StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` + ExpandedlicensingObsoletedBy string + // Contains a URL where the License or LicenseAddition can be found in use. + ExpandedlicensingSeeAlsos []string + // Identifies the full text of a LicenseAddition, in SPDX templating format. + ExpandedlicensingStandardAdditionTemplate string } -func (o *LicenseAddition) GetSpdxId() string { - return o.SpdxId -} -func (o *LicenseAddition) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *LicenseAddition) GetComment() string { - return o.Comment +func castExpandedlicensingLicenseAddition(o any) *ExpandedlicensingLicenseAddition { + if o, ok := o.(AnyExpandedlicensingLicenseAddition); ok { + return o.asExpandedlicensingLicenseAddition() + } + return nil } -func (o *LicenseAddition) SetComment(v string) { - o.Comment = v + +func (o *ExpandedlicensingLicenseAddition) asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition { + return o } -func (o *LicenseAddition) GetCreationInfo() ICreationInfo { - return o.CreationInfo + +type AnyExpandedlicensingLicenseAddition interface { + AnyElement + asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition } -func (o *LicenseAddition) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v + +type ExpandedlicensingLicenseAdditionList []AnyExpandedlicensingLicenseAddition + +func (o *ExpandedlicensingLicenseAdditionList) Append(values ...AnyExpandedlicensingLicenseAddition) { + *o = append(*o, values...) } -func (o *LicenseAddition) GetDescription() string { - return o.Description +func (o *ExpandedlicensingLicenseAdditionList) Remove(value AnyExpandedlicensingLicenseAddition) { + remove(o, value) } -func (o *LicenseAddition) SetDescription(v string) { - o.Description = v + +func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingLicenseAddition] { + return typeIter(*o, castExpandedlicensingLicenseAddition) } -func (o *LicenseAddition) GetExtensions() []IExtension { - return o.Extensions +func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingListedLicenseException] { + return typeIter(*o, castExpandedlicensingListedLicenseException) } -func (o *LicenseAddition) SetExtensions(v ...IExtension) { - o.Extensions = v +func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingCustomLicenseAddition] { + return typeIter(*o, castExpandedlicensingCustomLicenseAddition) } -func (o *LicenseAddition) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers + +// A license exception that is listed on the SPDX Exceptions list. +type ExpandedlicensingListedLicenseException struct { + ExpandedlicensingLicenseAddition + + // Specifies the SPDX License List version in which this license or exception + // identifier was deprecated. + ExpandedlicensingDeprecatedVersion string + // Specifies the SPDX License List version in which this ListedLicense or + // ListedLicenseException identifier was first added. + ExpandedlicensingListVersionAdded string } -func (o *LicenseAddition) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v + +func castExpandedlicensingListedLicenseException(o any) *ExpandedlicensingListedLicenseException { + if o, ok := o.(AnyExpandedlicensingListedLicenseException); ok { + return o.asExpandedlicensingListedLicenseException() + } + return nil } -func (o *LicenseAddition) GetExternalRefs() []IExternalRef { - return o.ExternalRefs + +func (o *ExpandedlicensingListedLicenseException) asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException { + return o } -func (o *LicenseAddition) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +type AnyExpandedlicensingListedLicenseException interface { + AnyExpandedlicensingLicenseAddition + asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException } -func (o *LicenseAddition) GetName() string { - return o.Name + +type ExpandedlicensingListedLicenseExceptionList []AnyExpandedlicensingListedLicenseException + +func (o *ExpandedlicensingListedLicenseExceptionList) Append(values ...AnyExpandedlicensingListedLicenseException) { + *o = append(*o, values...) } -func (o *LicenseAddition) SetName(v string) { - o.Name = v +func (o *ExpandedlicensingListedLicenseExceptionList) Remove(value AnyExpandedlicensingListedLicenseException) { + remove(o, value) } -func (o *LicenseAddition) GetSummary() string { - return o.Summary + +func (o *ExpandedlicensingListedLicenseExceptionList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyExpandedlicensingListedLicenseException, *ExpandedlicensingListedLicenseException] { + return typeIter(*o, castExpandedlicensingListedLicenseException) } -func (o *LicenseAddition) SetSummary(v string) { - o.Summary = v + +// A property name with an associated value. +type ExtensionCdxPropertyEntry struct { + ID string + + // A name used in a CdxPropertyEntry name-value pair. + ExtensionCdxPropName string + // A value used in a CdxPropertyEntry name-value pair. + ExtensionCdxPropValue string } -func (o *LicenseAddition) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +func castExtensionCdxPropertyEntry(o any) *ExtensionCdxPropertyEntry { + if o, ok := o.(AnyExtensionCdxPropertyEntry); ok { + return o.asExtensionCdxPropertyEntry() + } + return nil } -func (o *LicenseAddition) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +func (o *ExtensionCdxPropertyEntry) asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry { + return o } -func (o *LicenseAddition) GetAdditionText() string { - return o.AdditionText +type AnyExtensionCdxPropertyEntry interface { + asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry } -func (o *LicenseAddition) SetAdditionText(v string) { - o.AdditionText = v + +type ExtensionCdxPropertyEntryList []AnyExtensionCdxPropertyEntry + +func (o *ExtensionCdxPropertyEntryList) Append(values ...AnyExtensionCdxPropertyEntry) { + *o = append(*o, values...) } -func (o *LicenseAddition) GetIsDeprecatedAdditionId() bool { - return o.IsDeprecatedAdditionId +func (o *ExtensionCdxPropertyEntryList) Remove(value AnyExtensionCdxPropertyEntry) { remove(o, value) } + +func (o *ExtensionCdxPropertyEntryList) ExtensionCdxPropertyEntryIter() iter.Seq2[AnyExtensionCdxPropertyEntry, *ExtensionCdxPropertyEntry] { + return typeIter(*o, castExtensionCdxPropertyEntry) } -func (o *LicenseAddition) SetIsDeprecatedAdditionId(v bool) { - o.IsDeprecatedAdditionId = v + +// A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. +type ExtensionExtension struct { + ID string } -func (o *LicenseAddition) GetLicenseXml() string { - return o.LicenseXml + +func castExtensionExtension(o any) *ExtensionExtension { + if o, ok := o.(AnyExtensionExtension); ok { + return o.asExtensionExtension() + } + return nil } -func (o *LicenseAddition) SetLicenseXml(v string) { - o.LicenseXml = v + +func (o *ExtensionExtension) asExtensionExtension() *ExtensionExtension { + return o } -func (o *LicenseAddition) GetObsoletedBy() string { - return o.ObsoletedBy + +type AnyExtensionExtension interface { + asExtensionExtension() *ExtensionExtension } -func (o *LicenseAddition) SetObsoletedBy(v string) { - o.ObsoletedBy = v + +type ExtensionExtensionList []AnyExtensionExtension + +func (o *ExtensionExtensionList) Append(values ...AnyExtensionExtension) { *o = append(*o, values...) } +func (o *ExtensionExtensionList) Remove(value AnyExtensionExtension) { remove(o, value) } + +func (o *ExtensionExtensionList) ExtensionExtensionIter() iter.Seq2[AnyExtensionExtension, *ExtensionExtension] { + return typeIter(*o, castExtensionExtension) } -func (o *LicenseAddition) GetSeeAlso() []string { - return o.SeeAlso +func (o *ExtensionExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2[AnyExtensionExtension, *ExtensionCdxPropertiesExtension] { + return typeIter(*o, castExtensionCdxPropertiesExtension) } -func (o *LicenseAddition) SetSeeAlso(v ...string) { - o.SeeAlso = v + +// Specifies the CVSS base, temporal, threat, or environmental severity type. +type SecurityCvssSeverityType struct { + ID string } -func (o *LicenseAddition) GetStandardAdditionTemplate() string { - return o.StandardAdditionTemplate + +// When a CVSS score is between 9.0 - 10.0 +var SecurityCvssSeverityType_Critical = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical"} + +// When a CVSS score is between 7.0 - 8.9 +var SecurityCvssSeverityType_High = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high"} + +// When a CVSS score is between 0.1 - 3.9 +var SecurityCvssSeverityType_Low = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low"} + +// When a CVSS score is between 4.0 - 6.9 +var SecurityCvssSeverityType_Medium = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium"} + +// When a CVSS score is 0.0 +var SecurityCvssSeverityType_None = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none"} + +// Specifies the exploit catalog type. +type SecurityExploitCatalogType struct { + ID string } -func (o *LicenseAddition) SetStandardAdditionTemplate(v string) { - o.StandardAdditionTemplate = v + +// CISA's Known Exploited Vulnerability (KEV) Catalog +var SecurityExploitCatalogType_Kev = SecurityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev"} + +// Other exploit catalogs +var SecurityExploitCatalogType_Other = SecurityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other"} + +// Specifies the SSVC decision type. +type SecuritySsvcDecisionType struct { + ID string } -type IListedLicenseException interface { - ILicenseAddition +// The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. +var SecuritySsvcDecisionType_Act = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act"} - // GetDeprecatedVersion specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - GetDeprecatedVersion() string +// The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. +var SecuritySsvcDecisionType_Attend = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend"} - SetDeprecatedVersion(string) +// The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. +var SecuritySsvcDecisionType_Track = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track"} - // GetListVersionAdded specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - GetListVersionAdded() string +// ("Track\*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\* vulnerabilities within standard update timelines. +var SecuritySsvcDecisionType_TrackStar = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar"} - SetListVersionAdded(string) +// Specifies the VEX justification type. +type SecurityVexJustificationType struct { + ID string } -type ListedLicenseException struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ListedLicenseException" iri-compact:"expandedlicensing_ListedLicenseException" id-prop:"spdxId"` +// The software is not affected because the vulnerable component is not in the product. +var SecurityVexJustificationType_ComponentNotPresent = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent"} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +// Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. +var SecurityVexJustificationType_InlineMitigationsAlreadyExist = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"} - // AdditionText identifies the full text of a LicenseAddition. - AdditionText string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` - // IsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. - IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` - // LicenseXml identifies all the text and metadata associated with a license in the license - // XML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // SeeAlso contains a URL where the License or LicenseAddition can be found in use. - SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // StandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. - StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` +// The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. +var SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"} - // DeprecatedVersion specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` - // ListVersionAdded specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` +// The affected code is not reachable through the execution of the code, including non-anticipated states of the product. +var SecurityVexJustificationType_VulnerableCodeNotInExecutePath = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"} + +// The product is not affected because the code underlying the vulnerability is not present in the product. +var SecurityVexJustificationType_VulnerableCodeNotPresent = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent"} + +// Abstract ancestor class for all vulnerability assessments +type SecurityVulnAssessmentRelationship struct { + Relationship + + // Identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy AnyAgent + + // Specifies an Element contained in a piece of software where a vulnerability was + // found. + SecurityAssessedElement AnySoftwareSoftwareArtifact + + // Specifies a time when a vulnerability assessment was modified + SecurityModifiedTime time.Time + // Specifies the time when a vulnerability was published. + SecurityPublishedTime time.Time + // Specified the time and date when a vulnerability was withdrawn. + SecurityWithdrawnTime time.Time } -func NewListedLicenseException() IListedLicenseException { - return &ListedLicenseException{} +func castSecurityVulnAssessmentRelationship(o any) *SecurityVulnAssessmentRelationship { + if o, ok := o.(AnySecurityVulnAssessmentRelationship); ok { + return o.asSecurityVulnAssessmentRelationship() + } + return nil } -func (o *ListedLicenseException) GetSpdxId() string { - return o.SpdxId +func (o *SecurityVulnAssessmentRelationship) asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship { + return o } -func (o *ListedLicenseException) SetSpdxId(v string) { - o.SpdxId = v + +type AnySecurityVulnAssessmentRelationship interface { + AnyRelationship + asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship } -func (o *ListedLicenseException) GetComment() string { - return o.Comment + +type SecurityVulnAssessmentRelationshipList []AnySecurityVulnAssessmentRelationship + +func (o *SecurityVulnAssessmentRelationshipList) Append(values ...AnySecurityVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *ListedLicenseException) SetComment(v string) { - o.Comment = v +func (o *SecurityVulnAssessmentRelationshipList) Remove(value AnySecurityVulnAssessmentRelationship) { + remove(o, value) } -func (o *ListedLicenseException) GetCreationInfo() ICreationInfo { - return o.CreationInfo + +func (o *SecurityVulnAssessmentRelationshipList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVulnAssessmentRelationship) } -func (o *ListedLicenseException) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v +func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV2VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) } -func (o *ListedLicenseException) GetDescription() string { - return o.Description +func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV3VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) } -func (o *ListedLicenseException) SetDescription(v string) { - o.Description = v +func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV4VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) } -func (o *ListedLicenseException) GetExtensions() []IExtension { - return o.Extensions +func (o *SecurityVulnAssessmentRelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityEpssVulnAssessmentRelationship] { + return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) } -func (o *ListedLicenseException) SetExtensions(v ...IExtension) { - o.Extensions = v +func (o *SecurityVulnAssessmentRelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { + return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) } -func (o *ListedLicenseException) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers +func (o *SecurityVulnAssessmentRelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecuritySsvcVulnAssessmentRelationship] { + return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) } -func (o *ListedLicenseException) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func (o *SecurityVulnAssessmentRelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexVulnAssessmentRelationship) } -func (o *ListedLicenseException) GetExternalRefs() []IExternalRef { - return o.ExternalRefs +func (o *SecurityVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) } -func (o *ListedLicenseException) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v +func (o *SecurityVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) } -func (o *ListedLicenseException) GetName() string { - return o.Name +func (o *SecurityVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) } -func (o *ListedLicenseException) SetName(v string) { - o.Name = v +func (o *SecurityVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) } -func (o *ListedLicenseException) GetSummary() string { - return o.Summary + +// Abstract class representing a license combination consisting of one or more licenses. +type SimplelicensingAnyLicenseInfo struct { + Element } -func (o *ListedLicenseException) SetSummary(v string) { - o.Summary = v + +func castSimplelicensingAnyLicenseInfo(o any) *SimplelicensingAnyLicenseInfo { + if o, ok := o.(AnySimplelicensingAnyLicenseInfo); ok { + return o.asSimplelicensingAnyLicenseInfo() + } + return nil } -func (o *ListedLicenseException) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +func (o *SimplelicensingAnyLicenseInfo) asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo { + return o } -func (o *ListedLicenseException) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +type AnySimplelicensingAnyLicenseInfo interface { + AnyElement + asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo } -func (o *ListedLicenseException) GetAdditionText() string { - return o.AdditionText +type SimplelicensingAnyLicenseInfoList []AnySimplelicensingAnyLicenseInfo + +func (o *SimplelicensingAnyLicenseInfoList) Append(values ...AnySimplelicensingAnyLicenseInfo) { + *o = append(*o, values...) } -func (o *ListedLicenseException) SetAdditionText(v string) { - o.AdditionText = v +func (o *SimplelicensingAnyLicenseInfoList) Remove(value AnySimplelicensingAnyLicenseInfo) { + remove(o, value) } -func (o *ListedLicenseException) GetIsDeprecatedAdditionId() bool { - return o.IsDeprecatedAdditionId + +func (o *SimplelicensingAnyLicenseInfoList) SimplelicensingAnyLicenseInfoIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *SimplelicensingAnyLicenseInfo] { + return typeIter(*o, castSimplelicensingAnyLicenseInfo) +} +func (o *SimplelicensingAnyLicenseInfoList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *SimplelicensingLicenseExpression] { + return typeIter(*o, castSimplelicensingLicenseExpression) } -func (o *ListedLicenseException) SetIsDeprecatedAdditionId(v bool) { - o.IsDeprecatedAdditionId = v +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingConjunctiveLicenseSet] { + return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) } -func (o *ListedLicenseException) GetLicenseXml() string { - return o.LicenseXml +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingDisjunctiveLicenseSet] { + return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) } -func (o *ListedLicenseException) SetLicenseXml(v string) { - o.LicenseXml = v +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingExtendableLicense] { + return typeIter(*o, castExpandedlicensingExtendableLicense) } -func (o *ListedLicenseException) GetObsoletedBy() string { - return o.ObsoletedBy +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingIndividualLicensingInfo] { + return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) } -func (o *ListedLicenseException) SetObsoletedBy(v string) { - o.ObsoletedBy = v +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingLicense] { + return typeIter(*o, castExpandedlicensingLicense) } -func (o *ListedLicenseException) GetSeeAlso() []string { - return o.SeeAlso +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingListedLicense] { + return typeIter(*o, castExpandedlicensingListedLicense) } -func (o *ListedLicenseException) SetSeeAlso(v ...string) { - o.SeeAlso = v +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingOrLaterOperator] { + return typeIter(*o, castExpandedlicensingOrLaterOperator) } -func (o *ListedLicenseException) GetStandardAdditionTemplate() string { - return o.StandardAdditionTemplate +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingWithAdditionOperator] { + return typeIter(*o, castExpandedlicensingWithAdditionOperator) } -func (o *ListedLicenseException) SetStandardAdditionTemplate(v string) { - o.StandardAdditionTemplate = v +func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingCustomLicense] { + return typeIter(*o, castExpandedlicensingCustomLicense) } -func (o *ListedLicenseException) GetDeprecatedVersion() string { - return o.DeprecatedVersion +// An SPDX Element containing an SPDX license expression string. +type SimplelicensingLicenseExpression struct { + SimplelicensingAnyLicenseInfo + + // Maps a LicenseRef or AdditionRef string for a Custom License or a Custom + // License Addition to its URI ID. + SimplelicensingCustomIdToUris DictionaryEntryList + + // A string in the license expression format. + SimplelicensingLicenseExpression string + // The version of the SPDX License List used in the license expression. + SimplelicensingLicenseListVersion string } -func (o *ListedLicenseException) SetDeprecatedVersion(v string) { - o.DeprecatedVersion = v + +func castSimplelicensingLicenseExpression(o any) *SimplelicensingLicenseExpression { + if o, ok := o.(AnySimplelicensingLicenseExpression); ok { + return o.asSimplelicensingLicenseExpression() + } + return nil } -func (o *ListedLicenseException) GetListVersionAdded() string { - return o.ListVersionAdded + +func (o *SimplelicensingLicenseExpression) asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression { + return o } -func (o *ListedLicenseException) SetListVersionAdded(v string) { - o.ListVersionAdded = v + +type AnySimplelicensingLicenseExpression interface { + AnySimplelicensingAnyLicenseInfo + asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression } -type ICdxPropertyEntry interface { +type SimplelicensingLicenseExpressionList []AnySimplelicensingLicenseExpression - // GetCdxPropName a name used in a CdxExtension name-value pair. - GetCdxPropName() string +func (o *SimplelicensingLicenseExpressionList) Append(values ...AnySimplelicensingLicenseExpression) { + *o = append(*o, values...) +} +func (o *SimplelicensingLicenseExpressionList) Remove(value AnySimplelicensingLicenseExpression) { + remove(o, value) +} - SetCdxPropName(string) +func (o *SimplelicensingLicenseExpressionList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnySimplelicensingLicenseExpression, *SimplelicensingLicenseExpression] { + return typeIter(*o, castSimplelicensingLicenseExpression) +} - // GetCdxPropValue a value used in a CdxExtension name-value pair. - GetCdxPropValue() string +// A license or addition that is not listed on the SPDX License List. +type SimplelicensingSimpleLicensingText struct { + Element - SetCdxPropValue(string) + // Identifies the full text of a License or Addition. + SimplelicensingLicenseText string } -type CdxPropertyEntry struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/CdxPropertyEntry" iri-compact:"extension_CdxPropertyEntry"` +func castSimplelicensingSimpleLicensingText(o any) *SimplelicensingSimpleLicensingText { + if o, ok := o.(AnySimplelicensingSimpleLicensingText); ok { + return o.asSimplelicensingSimpleLicensingText() + } + return nil +} - Iri string `iri:"@id"` +func (o *SimplelicensingSimpleLicensingText) asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText { + return o +} - // CdxPropName a name used in a CdxExtension name-value pair. - CdxPropName string `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/cdxPropName" iri-compact:"extension_cdxPropName"` - // CdxPropValue a value used in a CdxExtension name-value pair. - CdxPropValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/cdxPropValue" iri-compact:"extension_cdxPropValue"` +type AnySimplelicensingSimpleLicensingText interface { + AnyElement + asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText } -func NewCdxPropertyEntry() ICdxPropertyEntry { - return &CdxPropertyEntry{} +type SimplelicensingSimpleLicensingTextList []AnySimplelicensingSimpleLicensingText + +func (o *SimplelicensingSimpleLicensingTextList) Append(values ...AnySimplelicensingSimpleLicensingText) { + *o = append(*o, values...) +} +func (o *SimplelicensingSimpleLicensingTextList) Remove(value AnySimplelicensingSimpleLicensingText) { + remove(o, value) } -func (o *CdxPropertyEntry) GetCdxPropName() string { - return o.CdxPropName +func (o *SimplelicensingSimpleLicensingTextList) SimplelicensingSimpleLicensingTextIter() iter.Seq2[AnySimplelicensingSimpleLicensingText, *SimplelicensingSimpleLicensingText] { + return typeIter(*o, castSimplelicensingSimpleLicensingText) } -func (o *CdxPropertyEntry) SetCdxPropName(v string) { - o.CdxPropName = v + +// A canonical, unique, immutable identifier +type SoftwareContentIdentifier struct { + IntegrityMethod + + // Specifies the type of the content identifier. + SoftwareContentIdentifierType SoftwareContentIdentifierType + // Specifies the value of the content identifier. + SoftwareContentIdentifierValue string } -func (o *CdxPropertyEntry) GetCdxPropValue() string { - return o.CdxPropValue + +func castSoftwareContentIdentifier(o any) *SoftwareContentIdentifier { + if o, ok := o.(AnySoftwareContentIdentifier); ok { + return o.asSoftwareContentIdentifier() + } + return nil } -func (o *CdxPropertyEntry) SetCdxPropValue(v string) { - o.CdxPropValue = v + +func (o *SoftwareContentIdentifier) asSoftwareContentIdentifier() *SoftwareContentIdentifier { + return o } -type IExtension interface { +type AnySoftwareContentIdentifier interface { + AnyIntegrityMethod + asSoftwareContentIdentifier() *SoftwareContentIdentifier } -type Extension struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/Extension" iri-compact:"extension_Extension"` +type SoftwareContentIdentifierList []AnySoftwareContentIdentifier - Iri string `iri:"@id"` +func (o *SoftwareContentIdentifierList) Append(values ...AnySoftwareContentIdentifier) { + *o = append(*o, values...) } +func (o *SoftwareContentIdentifierList) Remove(value AnySoftwareContentIdentifier) { remove(o, value) } -type CvssSeverityType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType" iri-compact:"security_CvssSeverityType"` +func (o *SoftwareContentIdentifierList) SoftwareContentIdentifierIter() iter.Seq2[AnySoftwareContentIdentifier, *SoftwareContentIdentifier] { + return typeIter(*o, castSoftwareContentIdentifier) +} - Iri string `iri:"@id"` +// Specifies the type of a content identifier. +type SoftwareContentIdentifierType struct { + ID string } -var ( - CvssSeverityType_Critical = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/critical"} - CvssSeverityType_High = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/high"} - CvssSeverityType_Low = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/low"} - CvssSeverityType_Medium = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/medium"} - CvssSeverityType_None = CvssSeverityType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/none"} -) +// [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var SoftwareContentIdentifierType_Gitoid = SoftwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid"} -type ExploitCatalogType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType" iri-compact:"security_ExploitCatalogType"` +// SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var SoftwareContentIdentifierType_Swhid = SoftwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid"} - Iri string `iri:"@id"` +// Enumeration of the different kinds of SPDX file. +type SoftwareFileKindType struct { + ID string } -var ( - ExploitCatalogType_Kev = ExploitCatalogType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/kev"} - ExploitCatalogType_Other = ExploitCatalogType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/other"} -) +// The file represents a directory and all content stored in that directory. +var SoftwareFileKindType_Directory = SoftwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory"} -type SsvcDecisionType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType" iri-compact:"security_SsvcDecisionType"` +// The file represents a single file (default). +var SoftwareFileKindType_File = SoftwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file"} - Iri string `iri:"@id"` +// Provides a set of values to be used to describe the common types of SBOMs that +// tools may create. +type SoftwareSbomType struct { + ID string } -var ( - SsvcDecisionType_Act = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/act"} - SsvcDecisionType_Attend = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/attend"} - SsvcDecisionType_Track = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/track"} - SsvcDecisionType_TrackStar = SsvcDecisionType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/trackStar"} -) +// SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM. +var SoftwareSbomType_Analyzed = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed"} + +// SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. +var SoftwareSbomType_Build = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build"} + +// SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. +var SoftwareSbomType_Deployed = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed"} + +// SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. +var SoftwareSbomType_Design = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design"} -type VexJustificationType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType" iri-compact:"security_VexJustificationType"` +// SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. +var SoftwareSbomType_Runtime = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime"} - Iri string `iri:"@id"` +// SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. +var SoftwareSbomType_Source = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source"} + +// Provides information about the primary purpose of an Element. +type SoftwareSoftwarePurpose struct { + ID string } -var ( - VexJustificationType_ComponentNotPresent = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/componentNotPresent"} - VexJustificationType_InlineMitigationsAlreadyExist = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"} - VexJustificationType_VulnerableCodeCannotBeControlledByAdversary = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"} - VexJustificationType_VulnerableCodeNotInExecutePath = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"} - VexJustificationType_VulnerableCodeNotPresent = VexJustificationType{Iri: "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotPresent"} -) +// The Element is a software application. +var SoftwareSoftwarePurpose_Application = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application"} -type IVulnAssessmentRelationship interface { - IRelationship +// The Element is an archived collection of one or more files (.tar, .zip, etc.). +var SoftwareSoftwarePurpose_Archive = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive"} - // GetSuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - GetSuppliedBy() IAgent +// The Element is a bill of materials. +var SoftwareSoftwarePurpose_Bom = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom"} - SetSuppliedBy(IAgent) +// The Element is configuration data. +var SoftwareSoftwarePurpose_Configuration = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration"} - // GetAssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - GetAssessedElement() IElement +// The Element is a container image which can be used by a container runtime application. +var SoftwareSoftwarePurpose_Container = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container"} - SetAssessedElement(IElement) +// The Element is data. +var SoftwareSoftwarePurpose_Data = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data"} - // GetModifiedTime specifies a time when a vulnerability assessment was modified - GetModifiedTime() string +// The Element refers to a chipset, processor, or electronic board. +var SoftwareSoftwarePurpose_Device = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device"} - SetModifiedTime(string) +// The Element represents software that controls hardware devices. +var SoftwareSoftwarePurpose_DeviceDriver = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver"} - // GetPublishedTime specifies the time when a vulnerability was published. - GetPublishedTime() string +// The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. +var SoftwareSoftwarePurpose_DiskImage = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage"} - SetPublishedTime(string) +// The Element is documentation. +var SoftwareSoftwarePurpose_Documentation = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation"} - // GetWithdrawnTime specified the time and date when a vulnerability was withdrawn. - GetWithdrawnTime() string +// The Element is the evidence that a specification or requirement has been fulfilled. +var SoftwareSoftwarePurpose_Evidence = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence"} - SetWithdrawnTime(string) -} +// The Element is an Artifact that can be run on a computer. +var SoftwareSoftwarePurpose_Executable = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable"} -type VulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VulnAssessmentRelationship" iri-compact:"security_VulnAssessmentRelationship" id-prop:"spdxId"` +// The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). +var SoftwareSoftwarePurpose_File = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file"} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` -} +// The Element is a file system image that can be written to a disk (or virtual) partition. +var SoftwareSoftwarePurpose_FilesystemImage = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage"} -func (o *VulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *VulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *VulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *VulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *VulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *VulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *VulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *VulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs +// The Element provides low level control over a device's hardware. +var SoftwareSoftwarePurpose_Firmware = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware"} + +// The Element is a software framework. +var SoftwareSoftwarePurpose_Framework = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework"} + +// The Element is used to install software on disk. +var SoftwareSoftwarePurpose_Install = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install"} + +// The Element is a software library. +var SoftwareSoftwarePurpose_Library = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library"} + +// The Element is a software manifest. +var SoftwareSoftwarePurpose_Manifest = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest"} + +// The Element is a machine learning or artificial intelligence model. +var SoftwareSoftwarePurpose_Model = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model"} + +// The Element is a module of a piece of software. +var SoftwareSoftwarePurpose_Module = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module"} + +// The Element is an operating system. +var SoftwareSoftwarePurpose_OperatingSystem = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem"} + +// The Element doesn't fit into any of the other categories. +var SoftwareSoftwarePurpose_Other = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other"} + +// The Element contains a set of changes to update, fix, or improve another Element. +var SoftwareSoftwarePurpose_Patch = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch"} + +// The Element represents a runtime environment. +var SoftwareSoftwarePurpose_Platform = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform"} + +// The Element provides a requirement needed as input for another Element. +var SoftwareSoftwarePurpose_Requirement = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement"} + +// The Element is a single or a collection of source files. +var SoftwareSoftwarePurpose_Source = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source"} + +// The Element is a plan, guideline or strategy how to create, perform or analyze an application. +var SoftwareSoftwarePurpose_Specification = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification"} + +// The Element is a test used to verify functionality on an software element. +var SoftwareSoftwarePurpose_Test = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test"} + +// Class that describes a build instance of software/artifacts. +type BuildBuild struct { + Element + + // Property that describes the time at which a build stops. + BuildBuildEndTime time.Time + // A buildId is a locally unique identifier used by a builder to identify a unique + // instance of a build produced by it. + BuildBuildId string + // Property describing the start time of a build. + BuildBuildStartTime time.Time + // A buildType is a hint that is used to indicate the toolchain, platform, or + // infrastructure that the build was invoked on. + BuildBuildType string + // Property that describes the digest of the build configuration file used to + // invoke a build. + BuildConfigSourceDigests HashList + + // Property describes the invocation entrypoint of a build. + BuildConfigSourceEntrypoints []string + // Property that describes the URI of the build configuration source file. + BuildConfigSourceUris []string + // Property describing the session in which a build is invoked. + BuildEnvironments DictionaryEntryList + + // Property describing a parameter used in an instance of a build. + BuildParameters DictionaryEntryList } -func (o *VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +func castBuildBuild(o any) *BuildBuild { + if o, ok := o.(AnyBuildBuild); ok { + return o.asBuildBuild() + } + return nil } -func (o *VulnAssessmentRelationship) GetName() string { - return o.Name + +func (o *BuildBuild) asBuildBuild() *BuildBuild { + return o } -func (o *VulnAssessmentRelationship) SetName(v string) { - o.Name = v + +type AnyBuildBuild interface { + AnyElement + asBuildBuild() *BuildBuild } -func (o *VulnAssessmentRelationship) GetSummary() string { - return o.Summary + +type BuildBuildList []AnyBuildBuild + +func (o *BuildBuildList) Append(values ...AnyBuildBuild) { *o = append(*o, values...) } +func (o *BuildBuildList) Remove(value AnyBuildBuild) { remove(o, value) } + +func (o *BuildBuildList) BuildBuildIter() iter.Seq2[AnyBuildBuild, *BuildBuild] { + return typeIter(*o, castBuildBuild) } -func (o *VulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v + +// Agent represents anything with the potential to act on a system. +type Agent struct { + Element } -func (o *VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +func castAgent(o any) *Agent { + if o, ok := o.(AnyAgent); ok { + return o.asAgent() + } + return nil } -func (o *VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +func (o *Agent) asAgent() *Agent { + return o } -func (o *VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness +type AnyAgent interface { + AnyElement + asAgent() *Agent } -func (o *VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v + +type AgentList []AnyAgent + +func (o *AgentList) Append(values ...AnyAgent) { *o = append(*o, values...) } +func (o *AgentList) Remove(value AnyAgent) { remove(o, value) } + +func (o *AgentList) AgentIter() iter.Seq2[AnyAgent, *Agent] { return typeIter(*o, castAgent) } +func (o *AgentList) OrganizationIter() iter.Seq2[AnyAgent, *Organization] { + return typeIter(*o, castOrganization) } -func (o *VulnAssessmentRelationship) GetEndTime() string { - return o.EndTime +func (o *AgentList) PersonIter() iter.Seq2[AnyAgent, *Person] { return typeIter(*o, castPerson) } +func (o *AgentList) SoftwareAgentIter() iter.Seq2[AnyAgent, *SoftwareAgent] { + return typeIter(*o, castSoftwareAgent) } -func (o *VulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v + +// An assertion made in relation to one or more elements. +type Annotation struct { + Element + + // Describes the type of annotation. + AnnotationType AnnotationType + // Provides information about the content type of an Element or a Property. + ContentType string + // Commentary on an assertion that an annotator has made. + Statement string + // An Element an annotator has made an assertion about. + Subject AnyElement } -func (o *VulnAssessmentRelationship) GetFrom() IElement { - return o.From + +func castAnnotation(o any) *Annotation { + if o, ok := o.(AnyAnnotation); ok { + return o.asAnnotation() + } + return nil } -func (o *VulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v + +func (o *Annotation) asAnnotation() *Annotation { + return o } -func (o *VulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType + +type AnyAnnotation interface { + AnyElement + asAnnotation() *Annotation } -func (o *VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v + +type AnnotationList []AnyAnnotation + +func (o *AnnotationList) Append(values ...AnyAnnotation) { *o = append(*o, values...) } +func (o *AnnotationList) Remove(value AnyAnnotation) { remove(o, value) } + +func (o *AnnotationList) AnnotationIter() iter.Seq2[AnyAnnotation, *Annotation] { + return typeIter(*o, castAnnotation) } -func (o *VulnAssessmentRelationship) GetStartTime() string { - return o.StartTime + +// A distinct article or unit within the digital domain. +type Artifact struct { + Element + + // Specifies the time an artifact was built. + BuiltTime time.Time + // Identifies from where or whom the Element originally came. + OriginatedBys AgentList + + // Specifies the time an artifact was released. + ReleaseTime time.Time + // The name of a relevant standard that may apply to an artifact. + StandardNames []string + // Identifies who or what supplied the artifact or VulnAssessmentRelationship + // referenced by the Element. + SuppliedBy AnyAgent + + // Specifies the level of support associated with an artifact. + SupportLevels []SupportType + // Specifies until when the artifact can be used before its usage needs to be + // reassessed. + ValidUntilTime time.Time } -func (o *VulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v + +func castArtifact(o any) *Artifact { + if o, ok := o.(AnyArtifact); ok { + return o.asArtifact() + } + return nil } -func (o *VulnAssessmentRelationship) GetTo() []IElement { - return o.To + +func (o *Artifact) asArtifact() *Artifact { + return o } -func (o *VulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v + +type AnyArtifact interface { + AnyElement + asArtifact() *Artifact } -func (o *VulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy +type ArtifactList []AnyArtifact + +func (o *ArtifactList) Append(values ...AnyArtifact) { *o = append(*o, values...) } +func (o *ArtifactList) Remove(value AnyArtifact) { remove(o, value) } + +func (o *ArtifactList) ArtifactIter() iter.Seq2[AnyArtifact, *Artifact] { + return typeIter(*o, castArtifact) +} +func (o *ArtifactList) SecurityVulnerabilityIter() iter.Seq2[AnyArtifact, *SecurityVulnerability] { + return typeIter(*o, castSecurityVulnerability) } -func (o *VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v +func (o *ArtifactList) SoftwareSoftwareArtifactIter() iter.Seq2[AnyArtifact, *SoftwareSoftwareArtifact] { + return typeIter(*o, castSoftwareSoftwareArtifact) } -func (o *VulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement +func (o *ArtifactList) SoftwareFileIter() iter.Seq2[AnyArtifact, *SoftwareFile] { + return typeIter(*o, castSoftwareFile) } -func (o *VulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v +func (o *ArtifactList) SoftwarePackageIter() iter.Seq2[AnyArtifact, *SoftwarePackage] { + return typeIter(*o, castSoftwarePackage) } -func (o *VulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime +func (o *ArtifactList) SoftwareSnippetIter() iter.Seq2[AnyArtifact, *SoftwareSnippet] { + return typeIter(*o, castSoftwareSnippet) } -func (o *VulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v +func (o *ArtifactList) AiAIPackageIter() iter.Seq2[AnyArtifact, *AiAIPackage] { + return typeIter(*o, castAiAIPackage) } -func (o *VulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime +func (o *ArtifactList) DatasetDatasetPackageIter() iter.Seq2[AnyArtifact, *DatasetDatasetPackage] { + return typeIter(*o, castDatasetDatasetPackage) } -func (o *VulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v + +// A collection of Elements that have a shared context. +type Bundle struct { + ElementCollection + + // Gives information about the circumstances or unifying properties + // that Elements of the bundle have been assembled under. + Context string } -func (o *VulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime + +func castBundle(o any) *Bundle { + if o, ok := o.(AnyBundle); ok { + return o.asBundle() + } + return nil } -func (o *VulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v + +func (o *Bundle) asBundle() *Bundle { + return o } -type IAnyLicenseInfo interface { - IElement +type AnyBundle interface { + AnyElementCollection + asBundle() *Bundle } -type AnyLicenseInfo struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/AnyLicenseInfo" iri-compact:"simplelicensing_AnyLicenseInfo" id-prop:"spdxId"` +type BundleList []AnyBundle - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +func (o *BundleList) Append(values ...AnyBundle) { *o = append(*o, values...) } +func (o *BundleList) Remove(value AnyBundle) { remove(o, value) } + +func (o *BundleList) BundleIter() iter.Seq2[AnyBundle, *Bundle] { return typeIter(*o, castBundle) } +func (o *BundleList) BomIter() iter.Seq2[AnyBundle, *Bom] { return typeIter(*o, castBom) } +func (o *BundleList) SoftwareSbomIter() iter.Seq2[AnyBundle, *SoftwareSbom] { + return typeIter(*o, castSoftwareSbom) } -func (o *AnyLicenseInfo) GetSpdxId() string { - return o.SpdxId +// A mathematically calculated representation of a grouping of data. +type Hash struct { + IntegrityMethod + + // Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm + // The result of applying a hash algorithm to an Element. + HashValue string } -func (o *AnyLicenseInfo) SetSpdxId(v string) { - o.SpdxId = v + +func castHash(o any) *Hash { + if o, ok := o.(AnyHash); ok { + return o.asHash() + } + return nil } -func (o *AnyLicenseInfo) GetComment() string { - return o.Comment + +func (o *Hash) asHash() *Hash { + return o } -func (o *AnyLicenseInfo) SetComment(v string) { - o.Comment = v + +type AnyHash interface { + AnyIntegrityMethod + asHash() *Hash } -func (o *AnyLicenseInfo) GetCreationInfo() ICreationInfo { - return o.CreationInfo + +type HashList []AnyHash + +func (o *HashList) Append(values ...AnyHash) { *o = append(*o, values...) } +func (o *HashList) Remove(value AnyHash) { remove(o, value) } + +func (o *HashList) HashIter() iter.Seq2[AnyHash, *Hash] { return typeIter(*o, castHash) } + +// Provide context for a relationship that occurs in the lifecycle. +type LifecycleScopedRelationship struct { + Relationship + + // Capture the scope of information about a specific relationship between elements. + Scope LifecycleScopeType } -func (o *AnyLicenseInfo) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v + +func castLifecycleScopedRelationship(o any) *LifecycleScopedRelationship { + if o, ok := o.(AnyLifecycleScopedRelationship); ok { + return o.asLifecycleScopedRelationship() + } + return nil } -func (o *AnyLicenseInfo) GetDescription() string { - return o.Description + +func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() *LifecycleScopedRelationship { + return o } -func (o *AnyLicenseInfo) SetDescription(v string) { - o.Description = v + +type AnyLifecycleScopedRelationship interface { + AnyRelationship + asLifecycleScopedRelationship() *LifecycleScopedRelationship } -func (o *AnyLicenseInfo) GetExtensions() []IExtension { - return o.Extensions + +type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship + +func (o *LifecycleScopedRelationshipList) Append(values ...AnyLifecycleScopedRelationship) { + *o = append(*o, values...) } -func (o *AnyLicenseInfo) SetExtensions(v ...IExtension) { - o.Extensions = v +func (o *LifecycleScopedRelationshipList) Remove(value AnyLifecycleScopedRelationship) { + remove(o, value) } -func (o *AnyLicenseInfo) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers + +func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationshipIter() iter.Seq2[AnyLifecycleScopedRelationship, *LifecycleScopedRelationship] { + return typeIter(*o, castLifecycleScopedRelationship) } -func (o *AnyLicenseInfo) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v + +// A group of people who work together in an organized way for a shared purpose. +type Organization struct { + Agent } -func (o *AnyLicenseInfo) GetExternalRefs() []IExternalRef { - return o.ExternalRefs + +// An Organization representing the SPDX Project. +var Organization_SpdxOrganization = Organization{Agent: Agent{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization"}}} + +func castOrganization(o any) *Organization { + if o, ok := o.(AnyOrganization); ok { + return o.asOrganization() + } + return nil } -func (o *AnyLicenseInfo) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +func (o *Organization) asOrganization() *Organization { + return o } -func (o *AnyLicenseInfo) GetName() string { - return o.Name + +type AnyOrganization interface { + AnyAgent + asOrganization() *Organization } -func (o *AnyLicenseInfo) SetName(v string) { - o.Name = v + +type OrganizationList []AnyOrganization + +func (o *OrganizationList) Append(values ...AnyOrganization) { *o = append(*o, values...) } +func (o *OrganizationList) Remove(value AnyOrganization) { remove(o, value) } + +func (o *OrganizationList) OrganizationIter() iter.Seq2[AnyOrganization, *Organization] { + return typeIter(*o, castOrganization) } -func (o *AnyLicenseInfo) GetSummary() string { - return o.Summary + +// An individual human being. +type Person struct { + Agent } -func (o *AnyLicenseInfo) SetSummary(v string) { - o.Summary = v + +func castPerson(o any) *Person { + if o, ok := o.(AnyPerson); ok { + return o.asPerson() + } + return nil } -func (o *AnyLicenseInfo) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +func (o *Person) asPerson() *Person { + return o } -func (o *AnyLicenseInfo) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +type AnyPerson interface { + AnyAgent + asPerson() *Person } -type ILicenseExpression interface { - IAnyLicenseInfo +type PersonList []AnyPerson - // GetCustomIdToUri maps a LicenseRef or AdditionRef string for a Custom License or a Custom - // License Addition to its URI ID. - GetCustomIdToUri() []IDictionaryEntry +func (o *PersonList) Append(values ...AnyPerson) { *o = append(*o, values...) } +func (o *PersonList) Remove(value AnyPerson) { remove(o, value) } - SetCustomIdToUri(...IDictionaryEntry) +func (o *PersonList) PersonIter() iter.Seq2[AnyPerson, *Person] { return typeIter(*o, castPerson) } - // GetLicenseExpression a string in the license expression format. - GetLicenseExpression() string +// A software agent. +type SoftwareAgent struct { + Agent +} - SetLicenseExpression(string) +func castSoftwareAgent(o any) *SoftwareAgent { + if o, ok := o.(AnySoftwareAgent); ok { + return o.asSoftwareAgent() + } + return nil +} - // GetLicenseListVersion the version of the SPDX License List used in the license expression. - GetLicenseListVersion() string +func (o *SoftwareAgent) asSoftwareAgent() *SoftwareAgent { + return o +} - SetLicenseListVersion(string) +type AnySoftwareAgent interface { + AnyAgent + asSoftwareAgent() *SoftwareAgent } -type LicenseExpression struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/LicenseExpression" iri-compact:"simplelicensing_LicenseExpression" id-prop:"spdxId"` +type SoftwareAgentList []AnySoftwareAgent - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +func (o *SoftwareAgentList) Append(values ...AnySoftwareAgent) { *o = append(*o, values...) } +func (o *SoftwareAgentList) Remove(value AnySoftwareAgent) { remove(o, value) } - // CustomIdToUri maps a LicenseRef or AdditionRef string for a Custom License or a Custom - // License Addition to its URI ID. - CustomIdToUri []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/customIdToUri" iri-compact:"simplelicensing_customIdToUri"` - // LicenseExpression a string in the license expression format. - LicenseExpression string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseExpression" iri-compact:"simplelicensing_licenseExpression"` - // LicenseListVersion the version of the SPDX License List used in the license expression. - LicenseListVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseListVersion" iri-compact:"simplelicensing_licenseListVersion"` +func (o *SoftwareAgentList) SoftwareAgentIter() iter.Seq2[AnySoftwareAgent, *SoftwareAgent] { + return typeIter(*o, castSoftwareAgent) } -func NewLicenseExpression() ILicenseExpression { - return &LicenseExpression{} +// Portion of an AnyLicenseInfo representing a set of licensing information +// where all elements apply. +type ExpandedlicensingConjunctiveLicenseSet struct { + SimplelicensingAnyLicenseInfo + + // A license expression participating in a license set. + ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList } -func (o *LicenseExpression) GetSpdxId() string { - return o.SpdxId +func castExpandedlicensingConjunctiveLicenseSet(o any) *ExpandedlicensingConjunctiveLicenseSet { + if o, ok := o.(AnyExpandedlicensingConjunctiveLicenseSet); ok { + return o.asExpandedlicensingConjunctiveLicenseSet() + } + return nil } -func (o *LicenseExpression) SetSpdxId(v string) { - o.SpdxId = v + +func (o *ExpandedlicensingConjunctiveLicenseSet) asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet { + return o } -func (o *LicenseExpression) GetComment() string { - return o.Comment + +type AnyExpandedlicensingConjunctiveLicenseSet interface { + AnySimplelicensingAnyLicenseInfo + asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet } -func (o *LicenseExpression) SetComment(v string) { - o.Comment = v + +type ExpandedlicensingConjunctiveLicenseSetList []AnyExpandedlicensingConjunctiveLicenseSet + +func (o *ExpandedlicensingConjunctiveLicenseSetList) Append(values ...AnyExpandedlicensingConjunctiveLicenseSet) { + *o = append(*o, values...) } -func (o *LicenseExpression) GetCreationInfo() ICreationInfo { - return o.CreationInfo +func (o *ExpandedlicensingConjunctiveLicenseSetList) Remove(value AnyExpandedlicensingConjunctiveLicenseSet) { + remove(o, value) } -func (o *LicenseExpression) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v + +func (o *ExpandedlicensingConjunctiveLicenseSetList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingConjunctiveLicenseSet, *ExpandedlicensingConjunctiveLicenseSet] { + return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) } -func (o *LicenseExpression) GetDescription() string { - return o.Description + +// A license addition that is not listed on the SPDX Exceptions List. +type ExpandedlicensingCustomLicenseAddition struct { + ExpandedlicensingLicenseAddition } -func (o *LicenseExpression) SetDescription(v string) { - o.Description = v + +func castExpandedlicensingCustomLicenseAddition(o any) *ExpandedlicensingCustomLicenseAddition { + if o, ok := o.(AnyExpandedlicensingCustomLicenseAddition); ok { + return o.asExpandedlicensingCustomLicenseAddition() + } + return nil } -func (o *LicenseExpression) GetExtensions() []IExtension { - return o.Extensions + +func (o *ExpandedlicensingCustomLicenseAddition) asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition { + return o } -func (o *LicenseExpression) SetExtensions(v ...IExtension) { - o.Extensions = v + +type AnyExpandedlicensingCustomLicenseAddition interface { + AnyExpandedlicensingLicenseAddition + asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition } -func (o *LicenseExpression) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers + +type ExpandedlicensingCustomLicenseAdditionList []AnyExpandedlicensingCustomLicenseAddition + +func (o *ExpandedlicensingCustomLicenseAdditionList) Append(values ...AnyExpandedlicensingCustomLicenseAddition) { + *o = append(*o, values...) } -func (o *LicenseExpression) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func (o *ExpandedlicensingCustomLicenseAdditionList) Remove(value AnyExpandedlicensingCustomLicenseAddition) { + remove(o, value) } -func (o *LicenseExpression) GetExternalRefs() []IExternalRef { - return o.ExternalRefs + +func (o *ExpandedlicensingCustomLicenseAdditionList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingCustomLicenseAddition, *ExpandedlicensingCustomLicenseAddition] { + return typeIter(*o, castExpandedlicensingCustomLicenseAddition) } -func (o *LicenseExpression) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +// Portion of an AnyLicenseInfo representing a set of licensing information where +// only one of the elements applies. +type ExpandedlicensingDisjunctiveLicenseSet struct { + SimplelicensingAnyLicenseInfo + + // A license expression participating in a license set. + ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList } -func (o *LicenseExpression) GetName() string { - return o.Name + +func castExpandedlicensingDisjunctiveLicenseSet(o any) *ExpandedlicensingDisjunctiveLicenseSet { + if o, ok := o.(AnyExpandedlicensingDisjunctiveLicenseSet); ok { + return o.asExpandedlicensingDisjunctiveLicenseSet() + } + return nil } -func (o *LicenseExpression) SetName(v string) { - o.Name = v + +func (o *ExpandedlicensingDisjunctiveLicenseSet) asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet { + return o } -func (o *LicenseExpression) GetSummary() string { - return o.Summary + +type AnyExpandedlicensingDisjunctiveLicenseSet interface { + AnySimplelicensingAnyLicenseInfo + asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet } -func (o *LicenseExpression) SetSummary(v string) { - o.Summary = v + +type ExpandedlicensingDisjunctiveLicenseSetList []AnyExpandedlicensingDisjunctiveLicenseSet + +func (o *ExpandedlicensingDisjunctiveLicenseSetList) Append(values ...AnyExpandedlicensingDisjunctiveLicenseSet) { + *o = append(*o, values...) } -func (o *LicenseExpression) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing +func (o *ExpandedlicensingDisjunctiveLicenseSetList) Remove(value AnyExpandedlicensingDisjunctiveLicenseSet) { + remove(o, value) } -func (o *LicenseExpression) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +func (o *ExpandedlicensingDisjunctiveLicenseSetList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingDisjunctiveLicenseSet, *ExpandedlicensingDisjunctiveLicenseSet] { + return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) } -func (o *LicenseExpression) GetCustomIdToUri() []IDictionaryEntry { - return o.CustomIdToUri +// Abstract class representing a License or an OrLaterOperator. +type ExpandedlicensingExtendableLicense struct { + SimplelicensingAnyLicenseInfo } -func (o *LicenseExpression) SetCustomIdToUri(v ...IDictionaryEntry) { - o.CustomIdToUri = v + +func castExpandedlicensingExtendableLicense(o any) *ExpandedlicensingExtendableLicense { + if o, ok := o.(AnyExpandedlicensingExtendableLicense); ok { + return o.asExpandedlicensingExtendableLicense() + } + return nil } -func (o *LicenseExpression) GetLicenseExpression() string { - return o.LicenseExpression + +func (o *ExpandedlicensingExtendableLicense) asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense { + return o } -func (o *LicenseExpression) SetLicenseExpression(v string) { - o.LicenseExpression = v + +type AnyExpandedlicensingExtendableLicense interface { + AnySimplelicensingAnyLicenseInfo + asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense } -func (o *LicenseExpression) GetLicenseListVersion() string { - return o.LicenseListVersion + +type ExpandedlicensingExtendableLicenseList []AnyExpandedlicensingExtendableLicense + +func (o *ExpandedlicensingExtendableLicenseList) Append(values ...AnyExpandedlicensingExtendableLicense) { + *o = append(*o, values...) } -func (o *LicenseExpression) SetLicenseListVersion(v string) { - o.LicenseListVersion = v +func (o *ExpandedlicensingExtendableLicenseList) Remove(value AnyExpandedlicensingExtendableLicense) { + remove(o, value) } -type ISimpleLicensingText interface { - IElement - - // GetLicenseText identifies the full text of a License or Addition. - GetLicenseText() string +func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingExtendableLicense] { + return typeIter(*o, castExpandedlicensingExtendableLicense) +} +func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingLicense] { + return typeIter(*o, castExpandedlicensingLicense) +} +func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingListedLicense] { + return typeIter(*o, castExpandedlicensingListedLicense) +} +func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingOrLaterOperator] { + return typeIter(*o, castExpandedlicensingOrLaterOperator) +} +func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingCustomLicense] { + return typeIter(*o, castExpandedlicensingCustomLicense) +} - SetLicenseText(string) +// A concrete subclass of AnyLicenseInfo used by Individuals in the +// ExpandedLicensing profile. +type ExpandedlicensingIndividualLicensingInfo struct { + SimplelicensingAnyLicenseInfo } -type SimpleLicensingText struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/SimpleLicensingText" iri-compact:"simplelicensing_SimpleLicensingText" id-prop:"spdxId"` +// An Individual Value for License when no assertion can be made about its actual +// value. +var ExpandedlicensingIndividualLicensingInfo_NoAssertionLicense = ExpandedlicensingIndividualLicensingInfo{SimplelicensingAnyLicenseInfo: SimplelicensingAnyLicenseInfo{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense"}}} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +// An Individual Value for License where the SPDX data creator determines that no +// license is present. +var ExpandedlicensingIndividualLicensingInfo_NoneLicense = ExpandedlicensingIndividualLicensingInfo{SimplelicensingAnyLicenseInfo: SimplelicensingAnyLicenseInfo{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense"}}} - // LicenseText identifies the full text of a License or Addition. - LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +func castExpandedlicensingIndividualLicensingInfo(o any) *ExpandedlicensingIndividualLicensingInfo { + if o, ok := o.(AnyExpandedlicensingIndividualLicensingInfo); ok { + return o.asExpandedlicensingIndividualLicensingInfo() + } + return nil } -func NewSimpleLicensingText() ISimpleLicensingText { - return &SimpleLicensingText{} +func (o *ExpandedlicensingIndividualLicensingInfo) asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo { + return o } -func (o *SimpleLicensingText) GetSpdxId() string { - return o.SpdxId +type AnyExpandedlicensingIndividualLicensingInfo interface { + AnySimplelicensingAnyLicenseInfo + asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo } -func (o *SimpleLicensingText) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *SimpleLicensingText) GetComment() string { - return o.Comment -} -func (o *SimpleLicensingText) SetComment(v string) { - o.Comment = v + +type ExpandedlicensingIndividualLicensingInfoList []AnyExpandedlicensingIndividualLicensingInfo + +func (o *ExpandedlicensingIndividualLicensingInfoList) Append(values ...AnyExpandedlicensingIndividualLicensingInfo) { + *o = append(*o, values...) } -func (o *SimpleLicensingText) GetCreationInfo() ICreationInfo { - return o.CreationInfo +func (o *ExpandedlicensingIndividualLicensingInfoList) Remove(value AnyExpandedlicensingIndividualLicensingInfo) { + remove(o, value) } -func (o *SimpleLicensingText) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v + +func (o *ExpandedlicensingIndividualLicensingInfoList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnyExpandedlicensingIndividualLicensingInfo, *ExpandedlicensingIndividualLicensingInfo] { + return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) } -func (o *SimpleLicensingText) GetDescription() string { - return o.Description + +// Abstract class for the portion of an AnyLicenseInfo representing a license. +type ExpandedlicensingLicense struct { + ExpandedlicensingExtendableLicense + + // Specifies whether a license or additional text identifier has been marked as + // deprecated. + ExpandedlicensingIsDeprecatedLicenseId bool + // Specifies whether the License is listed as free by the + // Free Software Foundation (FSF). + ExpandedlicensingIsFsfLibre bool + // Specifies whether the License is listed as approved by the + // Open Source Initiative (OSI). + ExpandedlicensingIsOsiApproved bool + // Identifies all the text and metadata associated with a license in the license + // XML format. + ExpandedlicensingLicenseXml string + // Specifies the licenseId that is preferred to be used in place of a deprecated + // License or LicenseAddition. + ExpandedlicensingObsoletedBy string + // Contains a URL where the License or LicenseAddition can be found in use. + ExpandedlicensingSeeAlsos []string + // Provides a License author's preferred text to indicate that a file is covered + // by the License. + ExpandedlicensingStandardLicenseHeader string + // Identifies the full text of a License, in SPDX templating format. + ExpandedlicensingStandardLicenseTemplate string + // Identifies the full text of a License or Addition. + SimplelicensingLicenseText string } -func (o *SimpleLicensingText) SetDescription(v string) { - o.Description = v + +func castExpandedlicensingLicense(o any) *ExpandedlicensingLicense { + if o, ok := o.(AnyExpandedlicensingLicense); ok { + return o.asExpandedlicensingLicense() + } + return nil } -func (o *SimpleLicensingText) GetExtensions() []IExtension { - return o.Extensions + +func (o *ExpandedlicensingLicense) asExpandedlicensingLicense() *ExpandedlicensingLicense { + return o } -func (o *SimpleLicensingText) SetExtensions(v ...IExtension) { - o.Extensions = v + +type AnyExpandedlicensingLicense interface { + AnyExpandedlicensingExtendableLicense + asExpandedlicensingLicense() *ExpandedlicensingLicense } -func (o *SimpleLicensingText) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers + +type ExpandedlicensingLicenseList []AnyExpandedlicensingLicense + +func (o *ExpandedlicensingLicenseList) Append(values ...AnyExpandedlicensingLicense) { + *o = append(*o, values...) } -func (o *SimpleLicensingText) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func (o *ExpandedlicensingLicenseList) Remove(value AnyExpandedlicensingLicense) { remove(o, value) } + +func (o *ExpandedlicensingLicenseList) ExpandedlicensingLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingLicense] { + return typeIter(*o, castExpandedlicensingLicense) } -func (o *SimpleLicensingText) GetExternalRefs() []IExternalRef { - return o.ExternalRefs +func (o *ExpandedlicensingLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingListedLicense] { + return typeIter(*o, castExpandedlicensingListedLicense) } -func (o *SimpleLicensingText) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v +func (o *ExpandedlicensingLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingCustomLicense] { + return typeIter(*o, castExpandedlicensingCustomLicense) } -func (o *SimpleLicensingText) GetName() string { - return o.Name + +// A license that is listed on the SPDX License List. +type ExpandedlicensingListedLicense struct { + ExpandedlicensingLicense + + // Specifies the SPDX License List version in which this license or exception + // identifier was deprecated. + ExpandedlicensingDeprecatedVersion string + // Specifies the SPDX License List version in which this ListedLicense or + // ListedLicenseException identifier was first added. + ExpandedlicensingListVersionAdded string } -func (o *SimpleLicensingText) SetName(v string) { - o.Name = v + +func castExpandedlicensingListedLicense(o any) *ExpandedlicensingListedLicense { + if o, ok := o.(AnyExpandedlicensingListedLicense); ok { + return o.asExpandedlicensingListedLicense() + } + return nil } -func (o *SimpleLicensingText) GetSummary() string { - return o.Summary + +func (o *ExpandedlicensingListedLicense) asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense { + return o } -func (o *SimpleLicensingText) SetSummary(v string) { - o.Summary = v + +type AnyExpandedlicensingListedLicense interface { + AnyExpandedlicensingLicense + asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense } -func (o *SimpleLicensingText) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +type ExpandedlicensingListedLicenseList []AnyExpandedlicensingListedLicense + +func (o *ExpandedlicensingListedLicenseList) Append(values ...AnyExpandedlicensingListedLicense) { + *o = append(*o, values...) } -func (o *SimpleLicensingText) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v +func (o *ExpandedlicensingListedLicenseList) Remove(value AnyExpandedlicensingListedLicense) { + remove(o, value) } -func (o *SimpleLicensingText) GetLicenseText() string { - return o.LicenseText +func (o *ExpandedlicensingListedLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingListedLicense, *ExpandedlicensingListedLicense] { + return typeIter(*o, castExpandedlicensingListedLicense) } -func (o *SimpleLicensingText) SetLicenseText(v string) { - o.LicenseText = v + +// Portion of an AnyLicenseInfo representing this version, or any later version, +// of the indicated License. +type ExpandedlicensingOrLaterOperator struct { + ExpandedlicensingExtendableLicense + + // A License participating in an 'or later' model. + ExpandedlicensingSubjectLicense AnyExpandedlicensingLicense } -type IContentIdentifier interface { - IIntegrityMethod +func castExpandedlicensingOrLaterOperator(o any) *ExpandedlicensingOrLaterOperator { + if o, ok := o.(AnyExpandedlicensingOrLaterOperator); ok { + return o.asExpandedlicensingOrLaterOperator() + } + return nil +} - // GetContentIdentifierType specifies the type of the content identifier. - GetContentIdentifierType() ContentIdentifierType +func (o *ExpandedlicensingOrLaterOperator) asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator { + return o +} - SetContentIdentifierType(ContentIdentifierType) +type AnyExpandedlicensingOrLaterOperator interface { + AnyExpandedlicensingExtendableLicense + asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator +} - // GetContentIdentifierValue specifies the value of the content identifier. - GetContentIdentifierValue() string +type ExpandedlicensingOrLaterOperatorList []AnyExpandedlicensingOrLaterOperator - SetContentIdentifierValue(string) +func (o *ExpandedlicensingOrLaterOperatorList) Append(values ...AnyExpandedlicensingOrLaterOperator) { + *o = append(*o, values...) +} +func (o *ExpandedlicensingOrLaterOperatorList) Remove(value AnyExpandedlicensingOrLaterOperator) { + remove(o, value) } -type ContentIdentifier struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifier" iri-compact:"software_ContentIdentifier"` +func (o *ExpandedlicensingOrLaterOperatorList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyExpandedlicensingOrLaterOperator, *ExpandedlicensingOrLaterOperator] { + return typeIter(*o, castExpandedlicensingOrLaterOperator) +} - Iri string `iri:"@id"` +// Portion of an AnyLicenseInfo representing a License which has additional +// text applied to it. +type ExpandedlicensingWithAdditionOperator struct { + SimplelicensingAnyLicenseInfo - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` + // A LicenseAddition participating in a 'with addition' model. + ExpandedlicensingSubjectAddition AnyExpandedlicensingLicenseAddition - // ContentIdentifierType specifies the type of the content identifier. - ContentIdentifierType ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifierType" iri-compact:"software_contentIdentifierType"` - // ContentIdentifierValue specifies the value of the content identifier. - ContentIdentifierValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifierValue" iri-compact:"software_contentIdentifierValue"` + // A License participating in a 'with addition' model. + ExpandedlicensingSubjectExtendableLicense AnyExpandedlicensingExtendableLicense } -func NewContentIdentifier() IContentIdentifier { - return &ContentIdentifier{} +func castExpandedlicensingWithAdditionOperator(o any) *ExpandedlicensingWithAdditionOperator { + if o, ok := o.(AnyExpandedlicensingWithAdditionOperator); ok { + return o.asExpandedlicensingWithAdditionOperator() + } + return nil } -func (o *ContentIdentifier) GetComment() string { - return o.Comment -} -func (o *ContentIdentifier) SetComment(v string) { - o.Comment = v +func (o *ExpandedlicensingWithAdditionOperator) asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator { + return o } -func (o *ContentIdentifier) GetContentIdentifierType() ContentIdentifierType { - return o.ContentIdentifierType +type AnyExpandedlicensingWithAdditionOperator interface { + AnySimplelicensingAnyLicenseInfo + asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator } -func (o *ContentIdentifier) SetContentIdentifierType(v ContentIdentifierType) { - o.ContentIdentifierType = v + +type ExpandedlicensingWithAdditionOperatorList []AnyExpandedlicensingWithAdditionOperator + +func (o *ExpandedlicensingWithAdditionOperatorList) Append(values ...AnyExpandedlicensingWithAdditionOperator) { + *o = append(*o, values...) } -func (o *ContentIdentifier) GetContentIdentifierValue() string { - return o.ContentIdentifierValue +func (o *ExpandedlicensingWithAdditionOperatorList) Remove(value AnyExpandedlicensingWithAdditionOperator) { + remove(o, value) } -func (o *ContentIdentifier) SetContentIdentifierValue(v string) { - o.ContentIdentifierValue = v + +func (o *ExpandedlicensingWithAdditionOperatorList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnyExpandedlicensingWithAdditionOperator, *ExpandedlicensingWithAdditionOperator] { + return typeIter(*o, castExpandedlicensingWithAdditionOperator) } -type ContentIdentifierType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType" iri-compact:"software_ContentIdentifierType"` +// A type of extension consisting of a list of name value pairs. +type ExtensionCdxPropertiesExtension struct { + ExtensionExtension - Iri string `iri:"@id"` + // Provides a map of a property names to a values. + ExtensionCdxPropertys ExtensionCdxPropertyEntryList } -var ( - ContentIdentifierType_Gitoid = ContentIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/gitoid"} - ContentIdentifierType_Swhid = ContentIdentifierType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/swhid"} -) +func castExtensionCdxPropertiesExtension(o any) *ExtensionCdxPropertiesExtension { + if o, ok := o.(AnyExtensionCdxPropertiesExtension); ok { + return o.asExtensionCdxPropertiesExtension() + } + return nil +} -type FileKindType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/FileKindType" iri-compact:"software_FileKindType"` +func (o *ExtensionCdxPropertiesExtension) asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension { + return o +} - Iri string `iri:"@id"` +type AnyExtensionCdxPropertiesExtension interface { + AnyExtensionExtension + asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension } -var ( - FileKindType_Directory = FileKindType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/directory"} - FileKindType_File = FileKindType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/file"} -) +type ExtensionCdxPropertiesExtensionList []AnyExtensionCdxPropertiesExtension -type SbomType struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/SbomType" iri-compact:"software_SbomType"` +func (o *ExtensionCdxPropertiesExtensionList) Append(values ...AnyExtensionCdxPropertiesExtension) { + *o = append(*o, values...) +} +func (o *ExtensionCdxPropertiesExtensionList) Remove(value AnyExtensionCdxPropertiesExtension) { + remove(o, value) +} - Iri string `iri:"@id"` +func (o *ExtensionCdxPropertiesExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2[AnyExtensionCdxPropertiesExtension, *ExtensionCdxPropertiesExtension] { + return typeIter(*o, castExtensionCdxPropertiesExtension) } -var ( - SbomType_Analyzed = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/analyzed"} - SbomType_Build = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/build"} - SbomType_Deployed = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/deployed"} - SbomType_Design = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/design"} - SbomType_Runtime = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/runtime"} - SbomType_Source = SbomType{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/source"} -) +// Provides a CVSS version 2.0 assessment for a vulnerability. +type SecurityCvssV2VulnAssessmentRelationship struct { + SecurityVulnAssessmentRelationship -type SoftwarePurpose struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose" iri-compact:"software_SoftwarePurpose"` - - Iri string `iri:"@id"` -} - -var ( - SoftwarePurpose_Application = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/application"} - SoftwarePurpose_Archive = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/archive"} - SoftwarePurpose_Bom = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/bom"} - SoftwarePurpose_Configuration = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/configuration"} - SoftwarePurpose_Container = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/container"} - SoftwarePurpose_Data = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/data"} - SoftwarePurpose_Device = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/device"} - SoftwarePurpose_DeviceDriver = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/deviceDriver"} - SoftwarePurpose_DiskImage = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/diskImage"} - SoftwarePurpose_Documentation = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/documentation"} - SoftwarePurpose_Evidence = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/evidence"} - SoftwarePurpose_Executable = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/executable"} - SoftwarePurpose_File = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/file"} - SoftwarePurpose_FilesystemImage = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/filesystemImage"} - SoftwarePurpose_Firmware = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/firmware"} - SoftwarePurpose_Framework = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/framework"} - SoftwarePurpose_Install = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/install"} - SoftwarePurpose_Library = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/library"} - SoftwarePurpose_Manifest = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/manifest"} - SoftwarePurpose_Model = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/model"} - SoftwarePurpose_Module = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/module"} - SoftwarePurpose_OperatingSystem = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/operatingSystem"} - SoftwarePurpose_Other = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/other"} - SoftwarePurpose_Patch = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/patch"} - SoftwarePurpose_Platform = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/platform"} - SoftwarePurpose_Requirement = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/requirement"} - SoftwarePurpose_Source = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/source"} - SoftwarePurpose_Specification = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/specification"} - SoftwarePurpose_Test = SoftwarePurpose{Iri: "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/test"} -) + // Provides a numerical (0-10) representation of the severity of a vulnerability. + SecurityScore float64 + // Specifies the CVSS vector string for a vulnerability. + SecurityVectorString string +} -type IBuild interface { - IElement +func castSecurityCvssV2VulnAssessmentRelationship(o any) *SecurityCvssV2VulnAssessmentRelationship { + if o, ok := o.(AnySecurityCvssV2VulnAssessmentRelationship); ok { + return o.asSecurityCvssV2VulnAssessmentRelationship() + } + return nil +} - // GetBuildEndTime property that describes the time at which a build stops. - GetBuildEndTime() string +func (o *SecurityCvssV2VulnAssessmentRelationship) asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship { + return o +} - SetBuildEndTime(string) +type AnySecurityCvssV2VulnAssessmentRelationship interface { + AnySecurityVulnAssessmentRelationship + asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship +} - // GetBuildId a buildId is a locally unique identifier used by a builder to identify a unique - // instance of a build produced by it. - GetBuildId() string +type SecurityCvssV2VulnAssessmentRelationshipList []AnySecurityCvssV2VulnAssessmentRelationship - SetBuildId(string) +func (o *SecurityCvssV2VulnAssessmentRelationshipList) Append(values ...AnySecurityCvssV2VulnAssessmentRelationship) { + *o = append(*o, values...) +} +func (o *SecurityCvssV2VulnAssessmentRelationshipList) Remove(value AnySecurityCvssV2VulnAssessmentRelationship) { + remove(o, value) +} - // GetBuildStartTime property describing the start time of a build. - GetBuildStartTime() string +func (o *SecurityCvssV2VulnAssessmentRelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV2VulnAssessmentRelationship, *SecurityCvssV2VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) +} - SetBuildStartTime(string) +// Provides a CVSS version 3 assessment for a vulnerability. +type SecurityCvssV3VulnAssessmentRelationship struct { + SecurityVulnAssessmentRelationship - // GetBuildType a buildType is a hint that is used to indicate the toolchain, platform, or - // infrastructure that the build was invoked on. - GetBuildType() string + // Provides a numerical (0-10) representation of the severity of a vulnerability. + SecurityScore float64 + // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + SecuritySeverity SecurityCvssSeverityType + // Specifies the CVSS vector string for a vulnerability. + SecurityVectorString string +} - SetBuildType(string) +func castSecurityCvssV3VulnAssessmentRelationship(o any) *SecurityCvssV3VulnAssessmentRelationship { + if o, ok := o.(AnySecurityCvssV3VulnAssessmentRelationship); ok { + return o.asSecurityCvssV3VulnAssessmentRelationship() + } + return nil +} - // GetConfigSourceDigest property that describes the digest of the build configuration file used to - // invoke a build. - GetConfigSourceDigest() []IHash +func (o *SecurityCvssV3VulnAssessmentRelationship) asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship { + return o +} - SetConfigSourceDigest(...IHash) +type AnySecurityCvssV3VulnAssessmentRelationship interface { + AnySecurityVulnAssessmentRelationship + asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship +} - // GetConfigSourceEntrypoint property describes the invocation entrypoint of a build. - GetConfigSourceEntrypoint() []string +type SecurityCvssV3VulnAssessmentRelationshipList []AnySecurityCvssV3VulnAssessmentRelationship - SetConfigSourceEntrypoint(...string) +func (o *SecurityCvssV3VulnAssessmentRelationshipList) Append(values ...AnySecurityCvssV3VulnAssessmentRelationship) { + *o = append(*o, values...) +} +func (o *SecurityCvssV3VulnAssessmentRelationshipList) Remove(value AnySecurityCvssV3VulnAssessmentRelationship) { + remove(o, value) +} - // GetConfigSourceUri property that describes the URI of the build configuration source file. - GetConfigSourceUri() []string +func (o *SecurityCvssV3VulnAssessmentRelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV3VulnAssessmentRelationship, *SecurityCvssV3VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) +} - SetConfigSourceUri(...string) +// Provides a CVSS version 4 assessment for a vulnerability. +type SecurityCvssV4VulnAssessmentRelationship struct { + SecurityVulnAssessmentRelationship - // GetEnvironment property describing the session in which a build is invoked. - GetEnvironment() []IDictionaryEntry + // Provides a numerical (0-10) representation of the severity of a vulnerability. + SecurityScore float64 + // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + SecuritySeverity SecurityCvssSeverityType + // Specifies the CVSS vector string for a vulnerability. + SecurityVectorString string +} - SetEnvironment(...IDictionaryEntry) +func castSecurityCvssV4VulnAssessmentRelationship(o any) *SecurityCvssV4VulnAssessmentRelationship { + if o, ok := o.(AnySecurityCvssV4VulnAssessmentRelationship); ok { + return o.asSecurityCvssV4VulnAssessmentRelationship() + } + return nil +} - // GetParameters property describing the parameters used in an instance of a build. - GetParameters() []IDictionaryEntry +func (o *SecurityCvssV4VulnAssessmentRelationship) asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship { + return o +} - SetParameters(...IDictionaryEntry) +type AnySecurityCvssV4VulnAssessmentRelationship interface { + AnySecurityVulnAssessmentRelationship + asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship } -type Build struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Build/Build" iri-compact:"build_Build" id-prop:"spdxId"` +type SecurityCvssV4VulnAssessmentRelationshipList []AnySecurityCvssV4VulnAssessmentRelationship - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuildEndTime property that describes the time at which a build stops. - BuildEndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildEndTime" iri-compact:"build_buildEndTime"` - // BuildId a buildId is a locally unique identifier used by a builder to identify a unique - // instance of a build produced by it. - BuildId string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildId" iri-compact:"build_buildId"` - // BuildStartTime property describing the start time of a build. - BuildStartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildStartTime" iri-compact:"build_buildStartTime"` - // BuildType a buildType is a hint that is used to indicate the toolchain, platform, or - // infrastructure that the build was invoked on. - BuildType string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/buildType" iri-compact:"build_buildType"` - // ConfigSourceDigest property that describes the digest of the build configuration file used to - // invoke a build. - ConfigSourceDigest []IHash `iri:"https://spdx.org/rdf/3.0.0/terms/Build/configSourceDigest" iri-compact:"build_configSourceDigest"` - // ConfigSourceEntrypoint property describes the invocation entrypoint of a build. - ConfigSourceEntrypoint []string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/configSourceEntrypoint" iri-compact:"build_configSourceEntrypoint"` - // ConfigSourceUri property that describes the URI of the build configuration source file. - ConfigSourceUri []string `iri:"https://spdx.org/rdf/3.0.0/terms/Build/configSourceUri" iri-compact:"build_configSourceUri"` - // Environment property describing the session in which a build is invoked. - Environment []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Build/environment" iri-compact:"build_environment"` - // Parameters property describing the parameters used in an instance of a build. - Parameters []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Build/parameters" iri-compact:"build_parameters"` +func (o *SecurityCvssV4VulnAssessmentRelationshipList) Append(values ...AnySecurityCvssV4VulnAssessmentRelationship) { + *o = append(*o, values...) } - -func NewBuild() IBuild { - return &Build{} +func (o *SecurityCvssV4VulnAssessmentRelationshipList) Remove(value AnySecurityCvssV4VulnAssessmentRelationship) { + remove(o, value) } -func (o *Build) GetSpdxId() string { - return o.SpdxId -} -func (o *Build) SetSpdxId(v string) { - o.SpdxId = v +func (o *SecurityCvssV4VulnAssessmentRelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV4VulnAssessmentRelationship, *SecurityCvssV4VulnAssessmentRelationship] { + return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) } -func (o *Build) GetComment() string { - return o.Comment -} -func (o *Build) SetComment(v string) { - o.Comment = v + +// Provides an EPSS assessment for a vulnerability. +type SecurityEpssVulnAssessmentRelationship struct { + SecurityVulnAssessmentRelationship + + // The percentile of the current probability score. + SecurityPercentile float64 + // A probability score between 0 and 1 of a vulnerability being exploited. + SecurityProbability float64 } -func (o *Build) GetCreationInfo() ICreationInfo { - return o.CreationInfo + +func castSecurityEpssVulnAssessmentRelationship(o any) *SecurityEpssVulnAssessmentRelationship { + if o, ok := o.(AnySecurityEpssVulnAssessmentRelationship); ok { + return o.asSecurityEpssVulnAssessmentRelationship() + } + return nil } -func (o *Build) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v + +func (o *SecurityEpssVulnAssessmentRelationship) asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship { + return o } -func (o *Build) GetDescription() string { - return o.Description + +type AnySecurityEpssVulnAssessmentRelationship interface { + AnySecurityVulnAssessmentRelationship + asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship } -func (o *Build) SetDescription(v string) { - o.Description = v + +type SecurityEpssVulnAssessmentRelationshipList []AnySecurityEpssVulnAssessmentRelationship + +func (o *SecurityEpssVulnAssessmentRelationshipList) Append(values ...AnySecurityEpssVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Build) GetExtensions() []IExtension { - return o.Extensions +func (o *SecurityEpssVulnAssessmentRelationshipList) Remove(value AnySecurityEpssVulnAssessmentRelationship) { + remove(o, value) } -func (o *Build) SetExtensions(v ...IExtension) { - o.Extensions = v + +func (o *SecurityEpssVulnAssessmentRelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityEpssVulnAssessmentRelationship, *SecurityEpssVulnAssessmentRelationship] { + return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) } -func (o *Build) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers + +// Provides an exploit assessment of a vulnerability. +type SecurityExploitCatalogVulnAssessmentRelationship struct { + SecurityVulnAssessmentRelationship + + // Specifies the exploit catalog type. + SecurityCatalogType SecurityExploitCatalogType + // Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + SecurityExploited bool + // Provides the location of an exploit catalog. + SecurityLocator string } -func (o *Build) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v + +func castSecurityExploitCatalogVulnAssessmentRelationship(o any) *SecurityExploitCatalogVulnAssessmentRelationship { + if o, ok := o.(AnySecurityExploitCatalogVulnAssessmentRelationship); ok { + return o.asSecurityExploitCatalogVulnAssessmentRelationship() + } + return nil } -func (o *Build) GetExternalRefs() []IExternalRef { - return o.ExternalRefs + +func (o *SecurityExploitCatalogVulnAssessmentRelationship) asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship { + return o } -func (o *Build) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +type AnySecurityExploitCatalogVulnAssessmentRelationship interface { + AnySecurityVulnAssessmentRelationship + asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship } -func (o *Build) GetName() string { - return o.Name + +type SecurityExploitCatalogVulnAssessmentRelationshipList []AnySecurityExploitCatalogVulnAssessmentRelationship + +func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) Append(values ...AnySecurityExploitCatalogVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Build) SetName(v string) { - o.Name = v +func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) Remove(value AnySecurityExploitCatalogVulnAssessmentRelationship) { + remove(o, value) } -func (o *Build) GetSummary() string { - return o.Summary + +func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityExploitCatalogVulnAssessmentRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { + return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) } -func (o *Build) SetSummary(v string) { - o.Summary = v + +// Provides an SSVC assessment for a vulnerability. +type SecuritySsvcVulnAssessmentRelationship struct { + SecurityVulnAssessmentRelationship + + // Provide the enumeration of possible decisions in the + // [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). + SecurityDecisionType SecuritySsvcDecisionType } -func (o *Build) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +func castSecuritySsvcVulnAssessmentRelationship(o any) *SecuritySsvcVulnAssessmentRelationship { + if o, ok := o.(AnySecuritySsvcVulnAssessmentRelationship); ok { + return o.asSecuritySsvcVulnAssessmentRelationship() + } + return nil } -func (o *Build) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +func (o *SecuritySsvcVulnAssessmentRelationship) asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship { + return o } -func (o *Build) GetBuildEndTime() string { - return o.BuildEndTime +type AnySecuritySsvcVulnAssessmentRelationship interface { + AnySecurityVulnAssessmentRelationship + asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship } -func (o *Build) SetBuildEndTime(v string) { - o.BuildEndTime = v + +type SecuritySsvcVulnAssessmentRelationshipList []AnySecuritySsvcVulnAssessmentRelationship + +func (o *SecuritySsvcVulnAssessmentRelationshipList) Append(values ...AnySecuritySsvcVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Build) GetBuildId() string { - return o.BuildId +func (o *SecuritySsvcVulnAssessmentRelationshipList) Remove(value AnySecuritySsvcVulnAssessmentRelationship) { + remove(o, value) } -func (o *Build) SetBuildId(v string) { - o.BuildId = v + +func (o *SecuritySsvcVulnAssessmentRelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnySecuritySsvcVulnAssessmentRelationship, *SecuritySsvcVulnAssessmentRelationship] { + return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) } -func (o *Build) GetBuildStartTime() string { - return o.BuildStartTime + +// Abstract ancestor class for all VEX relationships +type SecurityVexVulnAssessmentRelationship struct { + SecurityVulnAssessmentRelationship + + // Conveys information about how VEX status was determined. + SecurityStatusNotes string + // Specifies the version of a VEX statement. + SecurityVexVersion string } -func (o *Build) SetBuildStartTime(v string) { - o.BuildStartTime = v + +func castSecurityVexVulnAssessmentRelationship(o any) *SecurityVexVulnAssessmentRelationship { + if o, ok := o.(AnySecurityVexVulnAssessmentRelationship); ok { + return o.asSecurityVexVulnAssessmentRelationship() + } + return nil } -func (o *Build) GetBuildType() string { - return o.BuildType + +func (o *SecurityVexVulnAssessmentRelationship) asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship { + return o } -func (o *Build) SetBuildType(v string) { - o.BuildType = v + +type AnySecurityVexVulnAssessmentRelationship interface { + AnySecurityVulnAssessmentRelationship + asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship } -func (o *Build) GetConfigSourceDigest() []IHash { - return o.ConfigSourceDigest + +type SecurityVexVulnAssessmentRelationshipList []AnySecurityVexVulnAssessmentRelationship + +func (o *SecurityVexVulnAssessmentRelationshipList) Append(values ...AnySecurityVexVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Build) SetConfigSourceDigest(v ...IHash) { - o.ConfigSourceDigest = v +func (o *SecurityVexVulnAssessmentRelationshipList) Remove(value AnySecurityVexVulnAssessmentRelationship) { + remove(o, value) } -func (o *Build) GetConfigSourceEntrypoint() []string { - return o.ConfigSourceEntrypoint + +func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexVulnAssessmentRelationship) } -func (o *Build) SetConfigSourceEntrypoint(v ...string) { - o.ConfigSourceEntrypoint = v +func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) } -func (o *Build) GetConfigSourceUri() []string { - return o.ConfigSourceUri +func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) } -func (o *Build) SetConfigSourceUri(v ...string) { - o.ConfigSourceUri = v +func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) } -func (o *Build) GetEnvironment() []IDictionaryEntry { - return o.Environment +func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) } -func (o *Build) SetEnvironment(v ...IDictionaryEntry) { - o.Environment = v + +// Specifies a vulnerability and its associated information. +type SecurityVulnerability struct { + Artifact + + // Specifies a time when a vulnerability assessment was modified + SecurityModifiedTime time.Time + // Specifies the time when a vulnerability was published. + SecurityPublishedTime time.Time + // Specified the time and date when a vulnerability was withdrawn. + SecurityWithdrawnTime time.Time } -func (o *Build) GetParameters() []IDictionaryEntry { - return o.Parameters + +func castSecurityVulnerability(o any) *SecurityVulnerability { + if o, ok := o.(AnySecurityVulnerability); ok { + return o.asSecurityVulnerability() + } + return nil } -func (o *Build) SetParameters(v ...IDictionaryEntry) { - o.Parameters = v + +func (o *SecurityVulnerability) asSecurityVulnerability() *SecurityVulnerability { + return o } -type IAgent interface { - IElement +type AnySecurityVulnerability interface { + AnyArtifact + asSecurityVulnerability() *SecurityVulnerability } -type Agent struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Agent" iri-compact:"Agent" id-prop:"spdxId"` +type SecurityVulnerabilityList []AnySecurityVulnerability - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +func (o *SecurityVulnerabilityList) Append(values ...AnySecurityVulnerability) { + *o = append(*o, values...) } +func (o *SecurityVulnerabilityList) Remove(value AnySecurityVulnerability) { remove(o, value) } -func NewAgent() IAgent { - return &Agent{} +func (o *SecurityVulnerabilityList) SecurityVulnerabilityIter() iter.Seq2[AnySecurityVulnerability, *SecurityVulnerability] { + return typeIter(*o, castSecurityVulnerability) } -func (o *Agent) GetSpdxId() string { - return o.SpdxId -} -func (o *Agent) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Agent) GetComment() string { - return o.Comment -} -func (o *Agent) SetComment(v string) { - o.Comment = v -} -func (o *Agent) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Agent) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v +// A distinct article or unit related to Software. +type SoftwareSoftwareArtifact struct { + Artifact + + // Provides additional purpose information of the software artifact. + SoftwareAdditionalPurposes []SoftwareSoftwarePurpose + // Provides a place for the SPDX data creator to record acknowledgement text for + // a software Package, File or Snippet. + SoftwareAttributionTexts []string + // A canonical, unique, immutable identifier of the artifact content, that may be + // used for verifying its identity and/or integrity. + SoftwareContentIdentifiers SoftwareContentIdentifierList + + // Identifies the text of one or more copyright notices for a software Package, + // File or Snippet, if any. + SoftwareCopyrightText string + // Provides information about the primary purpose of the software artifact. + SoftwarePrimaryPurpose SoftwareSoftwarePurpose } -func (o *Agent) GetDescription() string { - return o.Description + +func castSoftwareSoftwareArtifact(o any) *SoftwareSoftwareArtifact { + if o, ok := o.(AnySoftwareSoftwareArtifact); ok { + return o.asSoftwareSoftwareArtifact() + } + return nil } -func (o *Agent) SetDescription(v string) { - o.Description = v + +func (o *SoftwareSoftwareArtifact) asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact { + return o } -func (o *Agent) GetExtensions() []IExtension { - return o.Extensions + +type AnySoftwareSoftwareArtifact interface { + AnyArtifact + asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact } -func (o *Agent) SetExtensions(v ...IExtension) { - o.Extensions = v + +type SoftwareSoftwareArtifactList []AnySoftwareSoftwareArtifact + +func (o *SoftwareSoftwareArtifactList) Append(values ...AnySoftwareSoftwareArtifact) { + *o = append(*o, values...) } -func (o *Agent) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers +func (o *SoftwareSoftwareArtifactList) Remove(value AnySoftwareSoftwareArtifact) { remove(o, value) } + +func (o *SoftwareSoftwareArtifactList) SoftwareSoftwareArtifactIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareSoftwareArtifact] { + return typeIter(*o, castSoftwareSoftwareArtifact) } -func (o *Agent) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func (o *SoftwareSoftwareArtifactList) SoftwareFileIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareFile] { + return typeIter(*o, castSoftwareFile) } -func (o *Agent) GetExternalRefs() []IExternalRef { - return o.ExternalRefs +func (o *SoftwareSoftwareArtifactList) SoftwarePackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwarePackage] { + return typeIter(*o, castSoftwarePackage) } -func (o *Agent) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v +func (o *SoftwareSoftwareArtifactList) SoftwareSnippetIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareSnippet] { + return typeIter(*o, castSoftwareSnippet) } -func (o *Agent) GetName() string { - return o.Name +func (o *SoftwareSoftwareArtifactList) AiAIPackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *AiAIPackage] { + return typeIter(*o, castAiAIPackage) } -func (o *Agent) SetName(v string) { - o.Name = v +func (o *SoftwareSoftwareArtifactList) DatasetDatasetPackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *DatasetDatasetPackage] { + return typeIter(*o, castDatasetDatasetPackage) } -func (o *Agent) GetSummary() string { - return o.Summary + +// A container for a grouping of SPDX-3.0 content characterizing details +// (provenence, composition, licensing, etc.) about a product. +type Bom struct { + Bundle } -func (o *Agent) SetSummary(v string) { - o.Summary = v + +func castBom(o any) *Bom { + if o, ok := o.(AnyBom); ok { + return o.asBom() + } + return nil } -func (o *Agent) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +func (o *Bom) asBom() *Bom { + return o } -func (o *Agent) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v + +type AnyBom interface { + AnyBundle + asBom() *Bom } -type IAnnotation interface { - IElement +type BomList []AnyBom - // GetAnnotationType describes the type of annotation. - GetAnnotationType() AnnotationType +func (o *BomList) Append(values ...AnyBom) { *o = append(*o, values...) } +func (o *BomList) Remove(value AnyBom) { remove(o, value) } - SetAnnotationType(AnnotationType) +func (o *BomList) BomIter() iter.Seq2[AnyBom, *Bom] { return typeIter(*o, castBom) } +func (o *BomList) SoftwareSbomIter() iter.Seq2[AnyBom, *SoftwareSbom] { + return typeIter(*o, castSoftwareSbom) +} - // GetContentType specifies the media type of an Element or Property. - GetContentType() string +// A license that is not listed on the SPDX License List. +type ExpandedlicensingCustomLicense struct { + ExpandedlicensingLicense +} - SetContentType(string) +func castExpandedlicensingCustomLicense(o any) *ExpandedlicensingCustomLicense { + if o, ok := o.(AnyExpandedlicensingCustomLicense); ok { + return o.asExpandedlicensingCustomLicense() + } + return nil +} - // GetStatement commentary on an assertion that an annotator has made. - GetStatement() string +func (o *ExpandedlicensingCustomLicense) asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense { + return o +} - SetStatement(string) +type AnyExpandedlicensingCustomLicense interface { + AnyExpandedlicensingLicense + asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense +} - // GetSubject an Element an annotator has made an assertion about. - GetSubject() IElement +type ExpandedlicensingCustomLicenseList []AnyExpandedlicensingCustomLicense - SetSubject(IElement) +func (o *ExpandedlicensingCustomLicenseList) Append(values ...AnyExpandedlicensingCustomLicense) { + *o = append(*o, values...) +} +func (o *ExpandedlicensingCustomLicenseList) Remove(value AnyExpandedlicensingCustomLicense) { + remove(o, value) } -type Annotation struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Annotation" iri-compact:"Annotation" id-prop:"spdxId"` +func (o *ExpandedlicensingCustomLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingCustomLicense, *ExpandedlicensingCustomLicense] { + return typeIter(*o, castExpandedlicensingCustomLicense) +} - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +// Connects a vulnerability and an element designating the element as a product +// affected by the vulnerability. +type SecurityVexAffectedVulnAssessmentRelationship struct { + SecurityVexVulnAssessmentRelationship - // AnnotationType describes the type of annotation. - AnnotationType AnnotationType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/annotationType" iri-compact:"annotationType"` - // ContentType specifies the media type of an Element or Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/contentType" iri-compact:"contentType"` - // Statement commentary on an assertion that an annotator has made. - Statement string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/statement" iri-compact:"statement"` - // Subject an Element an annotator has made an assertion about. - Subject IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/subject" iri-compact:"subject"` + // Provides advise on how to mitigate or remediate a vulnerability when a VEX product + // is affected by it. + SecurityActionStatement string + // Records the time when a recommended action was communicated in a VEX statement + // to mitigate a vulnerability. + SecurityActionStatementTime time.Time } -func NewAnnotation() IAnnotation { - return &Annotation{} +func castSecurityVexAffectedVulnAssessmentRelationship(o any) *SecurityVexAffectedVulnAssessmentRelationship { + if o, ok := o.(AnySecurityVexAffectedVulnAssessmentRelationship); ok { + return o.asSecurityVexAffectedVulnAssessmentRelationship() + } + return nil } -func (o *Annotation) GetSpdxId() string { - return o.SpdxId -} -func (o *Annotation) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Annotation) GetComment() string { - return o.Comment +func (o *SecurityVexAffectedVulnAssessmentRelationship) asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship { + return o } -func (o *Annotation) SetComment(v string) { - o.Comment = v + +type AnySecurityVexAffectedVulnAssessmentRelationship interface { + AnySecurityVexVulnAssessmentRelationship + asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship } -func (o *Annotation) GetCreationInfo() ICreationInfo { - return o.CreationInfo + +type SecurityVexAffectedVulnAssessmentRelationshipList []AnySecurityVexAffectedVulnAssessmentRelationship + +func (o *SecurityVexAffectedVulnAssessmentRelationshipList) Append(values ...AnySecurityVexAffectedVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Annotation) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v +func (o *SecurityVexAffectedVulnAssessmentRelationshipList) Remove(value AnySecurityVexAffectedVulnAssessmentRelationship) { + remove(o, value) } -func (o *Annotation) GetDescription() string { - return o.Description + +func (o *SecurityVexAffectedVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexAffectedVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) } -func (o *Annotation) SetDescription(v string) { - o.Description = v + +// Links a vulnerability and elements representing products (in the VEX sense) where +// a fix has been applied and are no longer affected. +type SecurityVexFixedVulnAssessmentRelationship struct { + SecurityVexVulnAssessmentRelationship } -func (o *Annotation) GetExtensions() []IExtension { - return o.Extensions + +func castSecurityVexFixedVulnAssessmentRelationship(o any) *SecurityVexFixedVulnAssessmentRelationship { + if o, ok := o.(AnySecurityVexFixedVulnAssessmentRelationship); ok { + return o.asSecurityVexFixedVulnAssessmentRelationship() + } + return nil } -func (o *Annotation) SetExtensions(v ...IExtension) { - o.Extensions = v + +func (o *SecurityVexFixedVulnAssessmentRelationship) asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship { + return o } -func (o *Annotation) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers + +type AnySecurityVexFixedVulnAssessmentRelationship interface { + AnySecurityVexVulnAssessmentRelationship + asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship } -func (o *Annotation) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v + +type SecurityVexFixedVulnAssessmentRelationshipList []AnySecurityVexFixedVulnAssessmentRelationship + +func (o *SecurityVexFixedVulnAssessmentRelationshipList) Append(values ...AnySecurityVexFixedVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Annotation) GetExternalRefs() []IExternalRef { - return o.ExternalRefs +func (o *SecurityVexFixedVulnAssessmentRelationshipList) Remove(value AnySecurityVexFixedVulnAssessmentRelationship) { + remove(o, value) } -func (o *Annotation) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v + +func (o *SecurityVexFixedVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexFixedVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) } -func (o *Annotation) GetName() string { - return o.Name + +// Links a vulnerability and one or more elements designating the latter as products +// not affected by the vulnerability. +type SecurityVexNotAffectedVulnAssessmentRelationship struct { + SecurityVexVulnAssessmentRelationship + + // Explains why a VEX product is not affected by a vulnerability. It is an + // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable + // justification label. + SecurityImpactStatement string + // Timestamp of impact statement. + SecurityImpactStatementTime time.Time + // Impact justification label to be used when linking a vulnerability to an element + // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship + // relationship. + SecurityJustificationType SecurityVexJustificationType } -func (o *Annotation) SetName(v string) { - o.Name = v + +func castSecurityVexNotAffectedVulnAssessmentRelationship(o any) *SecurityVexNotAffectedVulnAssessmentRelationship { + if o, ok := o.(AnySecurityVexNotAffectedVulnAssessmentRelationship); ok { + return o.asSecurityVexNotAffectedVulnAssessmentRelationship() + } + return nil } -func (o *Annotation) GetSummary() string { - return o.Summary + +func (o *SecurityVexNotAffectedVulnAssessmentRelationship) asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship { + return o } -func (o *Annotation) SetSummary(v string) { - o.Summary = v + +type AnySecurityVexNotAffectedVulnAssessmentRelationship interface { + AnySecurityVexVulnAssessmentRelationship + asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship } -func (o *Annotation) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing + +type SecurityVexNotAffectedVulnAssessmentRelationshipList []AnySecurityVexNotAffectedVulnAssessmentRelationship + +func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) Append(values ...AnySecurityVexNotAffectedVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Annotation) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v +func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) Remove(value AnySecurityVexNotAffectedVulnAssessmentRelationship) { + remove(o, value) } -func (o *Annotation) GetAnnotationType() AnnotationType { - return o.AnnotationType +func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexNotAffectedVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) } -func (o *Annotation) SetAnnotationType(v AnnotationType) { - o.AnnotationType = v -} -func (o *Annotation) GetContentType() string { - return o.ContentType + +// Designates elements as products where the impact of a vulnerability is being +// investigated. +type SecurityVexUnderInvestigationVulnAssessmentRelationship struct { + SecurityVexVulnAssessmentRelationship } -func (o *Annotation) SetContentType(v string) { - o.ContentType = v + +func castSecurityVexUnderInvestigationVulnAssessmentRelationship(o any) *SecurityVexUnderInvestigationVulnAssessmentRelationship { + if o, ok := o.(AnySecurityVexUnderInvestigationVulnAssessmentRelationship); ok { + return o.asSecurityVexUnderInvestigationVulnAssessmentRelationship() + } + return nil } -func (o *Annotation) GetStatement() string { - return o.Statement + +func (o *SecurityVexUnderInvestigationVulnAssessmentRelationship) asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship { + return o } -func (o *Annotation) SetStatement(v string) { - o.Statement = v + +type AnySecurityVexUnderInvestigationVulnAssessmentRelationship interface { + AnySecurityVexVulnAssessmentRelationship + asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship } -func (o *Annotation) GetSubject() IElement { - return o.Subject + +type SecurityVexUnderInvestigationVulnAssessmentRelationshipList []AnySecurityVexUnderInvestigationVulnAssessmentRelationship + +func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) Append(values ...AnySecurityVexUnderInvestigationVulnAssessmentRelationship) { + *o = append(*o, values...) } -func (o *Annotation) SetSubject(v IElement) { - o.Subject = v +func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) Remove(value AnySecurityVexUnderInvestigationVulnAssessmentRelationship) { + remove(o, value) } -type IArtifact interface { - IElement - - // GetBuiltTime specifies the time an artifact was built. - GetBuiltTime() string +func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexUnderInvestigationVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { + return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) +} - SetBuiltTime(string) +// Refers to any object that stores content on a computer. +type SoftwareFile struct { + SoftwareSoftwareArtifact - // GetOriginatedBy identifies from where or whom the Element originally came. - GetOriginatedBy() []IAgent + // Provides information about the content type of an Element or a Property. + ContentType string + // Describes if a given file is a directory or non-directory kind of file. + SoftwareFileKind SoftwareFileKindType +} - SetOriginatedBy(...IAgent) +func castSoftwareFile(o any) *SoftwareFile { + if o, ok := o.(AnySoftwareFile); ok { + return o.asSoftwareFile() + } + return nil +} - // GetReleaseTime specifies the time an artifact was released. - GetReleaseTime() string +func (o *SoftwareFile) asSoftwareFile() *SoftwareFile { + return o +} - SetReleaseTime(string) +type AnySoftwareFile interface { + AnySoftwareSoftwareArtifact + asSoftwareFile() *SoftwareFile +} - // GetStandardName the name of a relevant standard that may apply to an artifact. - GetStandardName() []string +type SoftwareFileList []AnySoftwareFile - SetStandardName(...string) +func (o *SoftwareFileList) Append(values ...AnySoftwareFile) { *o = append(*o, values...) } +func (o *SoftwareFileList) Remove(value AnySoftwareFile) { remove(o, value) } - // GetSuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - GetSuppliedBy() IAgent +func (o *SoftwareFileList) SoftwareFileIter() iter.Seq2[AnySoftwareFile, *SoftwareFile] { + return typeIter(*o, castSoftwareFile) +} - SetSuppliedBy(IAgent) +// Refers to any unit of content that can be associated with a distribution of +// software. +type SoftwarePackage struct { + SoftwareSoftwareArtifact - // GetSupportLevel specifies the level of support associated with an artifact. - GetSupportLevel() []SupportType + // Identifies the download Uniform Resource Identifier for the package at the time + // that the document was created. + SoftwareDownloadLocation string + // A place for the SPDX document creator to record a website that serves as the + // package's home page. + SoftwareHomePage string + // Provides a place for the SPDX data creator to record the package URL string + // (in accordance with the Package URL specification) for a software Package. + SoftwarePackageUrl string + // Identify the version of a package. + SoftwarePackageVersion string + // Records any relevant background information or additional comments + // about the origin of the package. + SoftwareSourceInfo string +} - SetSupportLevel(...SupportType) +func castSoftwarePackage(o any) *SoftwarePackage { + if o, ok := o.(AnySoftwarePackage); ok { + return o.asSoftwarePackage() + } + return nil +} - // GetValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - GetValidUntilTime() string +func (o *SoftwarePackage) asSoftwarePackage() *SoftwarePackage { + return o +} - SetValidUntilTime(string) +type AnySoftwarePackage interface { + AnySoftwareSoftwareArtifact + asSoftwarePackage() *SoftwarePackage } -type Artifact struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Artifact" iri-compact:"Artifact" id-prop:"spdxId"` +type SoftwarePackageList []AnySoftwarePackage - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` -} +func (o *SoftwarePackageList) Append(values ...AnySoftwarePackage) { *o = append(*o, values...) } +func (o *SoftwarePackageList) Remove(value AnySoftwarePackage) { remove(o, value) } -func (o *Artifact) GetSpdxId() string { - return o.SpdxId -} -func (o *Artifact) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Artifact) GetComment() string { - return o.Comment -} -func (o *Artifact) SetComment(v string) { - o.Comment = v -} -func (o *Artifact) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Artifact) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Artifact) GetDescription() string { - return o.Description -} -func (o *Artifact) SetDescription(v string) { - o.Description = v -} -func (o *Artifact) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Artifact) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Artifact) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers +func (o *SoftwarePackageList) SoftwarePackageIter() iter.Seq2[AnySoftwarePackage, *SoftwarePackage] { + return typeIter(*o, castSoftwarePackage) } -func (o *Artifact) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func (o *SoftwarePackageList) AiAIPackageIter() iter.Seq2[AnySoftwarePackage, *AiAIPackage] { + return typeIter(*o, castAiAIPackage) } -func (o *Artifact) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Artifact) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Artifact) GetName() string { - return o.Name -} -func (o *Artifact) SetName(v string) { - o.Name = v -} -func (o *Artifact) GetSummary() string { - return o.Summary -} -func (o *Artifact) SetSummary(v string) { - o.Summary = v -} -func (o *Artifact) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Artifact) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v +func (o *SoftwarePackageList) DatasetDatasetPackageIter() iter.Seq2[AnySoftwarePackage, *DatasetDatasetPackage] { + return typeIter(*o, castDatasetDatasetPackage) } -func (o *Artifact) GetBuiltTime() string { - return o.BuiltTime +// A collection of SPDX Elements describing a single package. +type SoftwareSbom struct { + Bom + + // Provides information about the type of an SBOM. + SoftwareSbomTypes []SoftwareSbomType } -func (o *Artifact) SetBuiltTime(v string) { - o.BuiltTime = v + +func castSoftwareSbom(o any) *SoftwareSbom { + if o, ok := o.(AnySoftwareSbom); ok { + return o.asSoftwareSbom() + } + return nil } -func (o *Artifact) GetOriginatedBy() []IAgent { - return o.OriginatedBy + +func (o *SoftwareSbom) asSoftwareSbom() *SoftwareSbom { + return o } -func (o *Artifact) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v + +type AnySoftwareSbom interface { + AnyBom + asSoftwareSbom() *SoftwareSbom } -func (o *Artifact) GetReleaseTime() string { - return o.ReleaseTime + +type SoftwareSbomList []AnySoftwareSbom + +func (o *SoftwareSbomList) Append(values ...AnySoftwareSbom) { *o = append(*o, values...) } +func (o *SoftwareSbomList) Remove(value AnySoftwareSbom) { remove(o, value) } + +func (o *SoftwareSbomList) SoftwareSbomIter() iter.Seq2[AnySoftwareSbom, *SoftwareSbom] { + return typeIter(*o, castSoftwareSbom) } -func (o *Artifact) SetReleaseTime(v string) { - o.ReleaseTime = v + +// Describes a certain part of a file. +type SoftwareSnippet struct { + SoftwareSoftwareArtifact + + // Defines the byte range in the original host file that the snippet information + // applies to. + SoftwareByteRange AnyPositiveIntegerRange + + // Defines the line range in the original host file that the snippet information + // applies to. + SoftwareLineRange AnyPositiveIntegerRange + + // Defines the original host file that the snippet information applies to. + SoftwareSnippetFromFile AnySoftwareFile } -func (o *Artifact) GetStandardName() []string { - return o.StandardName + +func castSoftwareSnippet(o any) *SoftwareSnippet { + if o, ok := o.(AnySoftwareSnippet); ok { + return o.asSoftwareSnippet() + } + return nil } -func (o *Artifact) SetStandardName(v ...string) { - o.StandardName = v + +func (o *SoftwareSnippet) asSoftwareSnippet() *SoftwareSnippet { + return o } -func (o *Artifact) GetSuppliedBy() IAgent { - return o.SuppliedBy + +type AnySoftwareSnippet interface { + AnySoftwareSoftwareArtifact + asSoftwareSnippet() *SoftwareSnippet } -func (o *Artifact) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v + +type SoftwareSnippetList []AnySoftwareSnippet + +func (o *SoftwareSnippetList) Append(values ...AnySoftwareSnippet) { *o = append(*o, values...) } +func (o *SoftwareSnippetList) Remove(value AnySoftwareSnippet) { remove(o, value) } + +func (o *SoftwareSnippetList) SoftwareSnippetIter() iter.Seq2[AnySoftwareSnippet, *SoftwareSnippet] { + return typeIter(*o, castSoftwareSnippet) } -func (o *Artifact) GetSupportLevel() []SupportType { - return o.SupportLevel + +// Specifies an AI package and its associated information. +type AiAIPackage struct { + SoftwarePackage + + // Indicates whether the system can perform a decision or action without human + // involvement or guidance. + AiAutonomyType PresenceType + // Captures the domain in which the AI package can be used. + AiDomains []string + // Indicates the amount of energy consumption incurred by an AI model. + AiEnergyConsumption AnyAiEnergyConsumption + + // Records a hyperparameter used to build the AI model contained in the AI + // package. + AiHyperparameters DictionaryEntryList + + // Provides relevant information about the AI software, not including the model + // description. + AiInformationAboutApplication string + // Describes relevant information about different steps of the training process. + AiInformationAboutTraining string + // Captures a limitation of the AI software. + AiLimitation string + // Records the measurement of prediction quality of the AI model. + AiMetrics DictionaryEntryList + + // Captures the threshold that was used for computation of a metric described in + // the metric field. + AiMetricDecisionThresholds DictionaryEntryList + + // Describes all the preprocessing steps applied to the training data before the + // model training. + AiModelDataPreprocessings []string + // Describes methods that can be used to explain the results from the AI model. + AiModelExplainabilitys []string + // Records the results of general safety risk assessment of the AI system. + AiSafetyRiskAssessment AiSafetyRiskAssessmentType + // Captures a standard that is being complied with. + AiStandardCompliances []string + // Records the type of the model used in the AI software. + AiTypeOfModels []string + // Records if sensitive personal information is used during model training or + // could be used during the inference. + AiUseSensitivePersonalInformation PresenceType } -func (o *Artifact) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v + +func castAiAIPackage(o any) *AiAIPackage { + if o, ok := o.(AnyAiAIPackage); ok { + return o.asAiAIPackage() + } + return nil } -func (o *Artifact) GetValidUntilTime() string { - return o.ValidUntilTime + +func (o *AiAIPackage) asAiAIPackage() *AiAIPackage { + return o } -func (o *Artifact) SetValidUntilTime(v string) { - o.ValidUntilTime = v + +type AnyAiAIPackage interface { + AnySoftwarePackage + asAiAIPackage() *AiAIPackage } -type IBundle interface { - IElementCollection +type AiAIPackageList []AnyAiAIPackage - // GetContext gives information about the circumstances or unifying properties - // that Elements of the bundle have been assembled under. - GetContext() string +func (o *AiAIPackageList) Append(values ...AnyAiAIPackage) { *o = append(*o, values...) } +func (o *AiAIPackageList) Remove(value AnyAiAIPackage) { remove(o, value) } - SetContext(string) +func (o *AiAIPackageList) AiAIPackageIter() iter.Seq2[AnyAiAIPackage, *AiAIPackage] { + return typeIter(*o, castAiAIPackage) } -type Bundle struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Bundle" iri-compact:"Bundle" id-prop:"spdxId"` +// Specifies a data package and its associated information. +type DatasetDatasetPackage struct { + SoftwarePackage - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` + // Describes the anonymization methods used. + DatasetAnonymizationMethodUseds []string + // Describes the confidentiality level of the data points contained in the dataset. + DatasetConfidentialityLevel DatasetConfidentialityLevelType + // Describes how the dataset was collected. + DatasetDataCollectionProcess string + // Describes the preprocessing steps that were applied to the raw data to create the given dataset. + DatasetDataPreprocessings []string + // The field describes the availability of a dataset. + DatasetDatasetAvailability DatasetDatasetAvailabilityType + // Describes potentially noisy elements of the dataset. + DatasetDatasetNoise string + // Captures the size of the dataset. + DatasetDatasetSize int + // Describes the type of the given dataset. + DatasetDatasetTypes []DatasetDatasetType + // Describes a mechanism to update the dataset. + DatasetDatasetUpdateMechanism string + // Describes if any sensitive personal information is present in the dataset. + DatasetHasSensitivePersonalInformation PresenceType + // Describes what the given dataset should be used for. + DatasetIntendedUse string + // Records the biases that the dataset is known to encompass. + DatasetKnownBias []string + // Describes a sensor used for collecting the data. + DatasetSensors DictionaryEntryList +} - // Elements refers to one or more Elements that are part of an ElementCollection. - Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` - // ProfileConformance describes one a profile which the creator of this ElementCollection intends to - // conform to. - ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` - // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` +func castDatasetDatasetPackage(o any) *DatasetDatasetPackage { + if o, ok := o.(AnyDatasetDatasetPackage); ok { + return o.asDatasetDatasetPackage() + } + return nil +} - // Context gives information about the circumstances or unifying properties - // that Elements of the bundle have been assembled under. - Context string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/context" iri-compact:"context"` +func (o *DatasetDatasetPackage) asDatasetDatasetPackage() *DatasetDatasetPackage { + return o } -func NewBundle() IBundle { - return &Bundle{} +type AnyDatasetDatasetPackage interface { + AnySoftwarePackage + asDatasetDatasetPackage() *DatasetDatasetPackage } -func (o *Bundle) GetSpdxId() string { - return o.SpdxId +type DatasetDatasetPackageList []AnyDatasetDatasetPackage + +func (o *DatasetDatasetPackageList) Append(values ...AnyDatasetDatasetPackage) { + *o = append(*o, values...) } -func (o *Bundle) SetSpdxId(v string) { - o.SpdxId = v +func (o *DatasetDatasetPackageList) Remove(value AnyDatasetDatasetPackage) { remove(o, value) } + +func (o *DatasetDatasetPackageList) DatasetDatasetPackageIter() iter.Seq2[AnyDatasetDatasetPackage, *DatasetDatasetPackage] { + return typeIter(*o, castDatasetDatasetPackage) } -func (o *Bundle) GetComment() string { - return o.Comment + +type ExternalIRI struct { + iri string } -func (o *Bundle) SetComment(v string) { - o.Comment = v + +func NewExternalIRI(iri string) *ExternalIRI { + return &ExternalIRI{iri: iri} } -func (o *Bundle) GetCreationInfo() ICreationInfo { - return o.CreationInfo + +func (o *ExternalIRI) asAiEnergyConsumption() *AiEnergyConsumption { return nil } +func (o *ExternalIRI) asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription { return nil } +func (o *ExternalIRI) asCreationInfo() *CreationInfo { return nil } +func (o *ExternalIRI) asDictionaryEntry() *DictionaryEntry { return nil } +func (o *ExternalIRI) asElement() *Element { return nil } +func (o *ExternalIRI) asElementCollection() *ElementCollection { return nil } +func (o *ExternalIRI) asExternalIdentifier() *ExternalIdentifier { return nil } +func (o *ExternalIRI) asExternalMap() *ExternalMap { return nil } +func (o *ExternalIRI) asExternalRef() *ExternalRef { return nil } +func (o *ExternalIRI) asIndividualElement() *IndividualElement { return nil } +func (o *ExternalIRI) asIntegrityMethod() *IntegrityMethod { return nil } +func (o *ExternalIRI) asNamespaceMap() *NamespaceMap { return nil } +func (o *ExternalIRI) asPackageVerificationCode() *PackageVerificationCode { return nil } +func (o *ExternalIRI) asPositiveIntegerRange() *PositiveIntegerRange { return nil } +func (o *ExternalIRI) asRelationship() *Relationship { return nil } +func (o *ExternalIRI) asSpdxDocument() *SpdxDocument { return nil } +func (o *ExternalIRI) asTool() *Tool { return nil } +func (o *ExternalIRI) asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition { + return nil } -func (o *Bundle) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v +func (o *ExternalIRI) asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException { + return nil } -func (o *Bundle) GetDescription() string { - return o.Description +func (o *ExternalIRI) asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry { return nil } +func (o *ExternalIRI) asExtensionExtension() *ExtensionExtension { return nil } +func (o *ExternalIRI) asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship { + return nil } -func (o *Bundle) SetDescription(v string) { - o.Description = v +func (o *ExternalIRI) asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo { return nil } +func (o *ExternalIRI) asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression { + return nil } -func (o *Bundle) GetExtensions() []IExtension { - return o.Extensions +func (o *ExternalIRI) asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText { + return nil } -func (o *Bundle) SetExtensions(v ...IExtension) { - o.Extensions = v +func (o *ExternalIRI) asSoftwareContentIdentifier() *SoftwareContentIdentifier { return nil } +func (o *ExternalIRI) asBuildBuild() *BuildBuild { return nil } +func (o *ExternalIRI) asAgent() *Agent { return nil } +func (o *ExternalIRI) asAnnotation() *Annotation { return nil } +func (o *ExternalIRI) asArtifact() *Artifact { return nil } +func (o *ExternalIRI) asBundle() *Bundle { return nil } +func (o *ExternalIRI) asHash() *Hash { return nil } +func (o *ExternalIRI) asLifecycleScopedRelationship() *LifecycleScopedRelationship { return nil } +func (o *ExternalIRI) asOrganization() *Organization { return nil } +func (o *ExternalIRI) asPerson() *Person { return nil } +func (o *ExternalIRI) asSoftwareAgent() *SoftwareAgent { return nil } +func (o *ExternalIRI) asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet { + return nil } -func (o *Bundle) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers +func (o *ExternalIRI) asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition { + return nil } -func (o *Bundle) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v +func (o *ExternalIRI) asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet { + return nil } -func (o *Bundle) GetExternalRefs() []IExternalRef { - return o.ExternalRefs +func (o *ExternalIRI) asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense { + return nil } -func (o *Bundle) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v +func (o *ExternalIRI) asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo { + return nil } -func (o *Bundle) GetName() string { - return o.Name +func (o *ExternalIRI) asExpandedlicensingLicense() *ExpandedlicensingLicense { return nil } +func (o *ExternalIRI) asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense { return nil } +func (o *ExternalIRI) asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator { + return nil } -func (o *Bundle) SetName(v string) { - o.Name = v +func (o *ExternalIRI) asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator { + return nil } -func (o *Bundle) GetSummary() string { - return o.Summary +func (o *ExternalIRI) asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension { + return nil } -func (o *Bundle) SetSummary(v string) { - o.Summary = v +func (o *ExternalIRI) asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship { + return nil } -func (o *Bundle) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing +func (o *ExternalIRI) asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship { + return nil } -func (o *Bundle) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v +func (o *ExternalIRI) asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship { + return nil } - -func (o *Bundle) GetElements() []IElement { - return o.Elements +func (o *ExternalIRI) asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship { + return nil } -func (o *Bundle) SetElements(v ...IElement) { - o.Elements = v -} -func (o *Bundle) GetProfileConformance() []ProfileIdentifierType { - return o.ProfileConformance -} -func (o *Bundle) SetProfileConformance(v ...ProfileIdentifierType) { - o.ProfileConformance = v -} -func (o *Bundle) GetRootElements() []IElement { - return o.RootElements -} -func (o *Bundle) SetRootElements(v ...IElement) { - o.RootElements = v -} - -func (o *Bundle) GetContext() string { - return o.Context -} -func (o *Bundle) SetContext(v string) { - o.Context = v -} - -type IHash interface { - IIntegrityMethod - - // GetAlgorithm specifies the algorithm used for calculating the hash value. - GetAlgorithm() HashAlgorithm - - SetAlgorithm(HashAlgorithm) - - // GetHashValue the result of applying a hash algorithm to an Element. - GetHashValue() string - - SetHashValue(string) -} - -type Hash struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Hash" iri-compact:"Hash"` - - Iri string `iri:"@id"` - - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - - // Algorithm specifies the algorithm used for calculating the hash value. - Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.0/terms/Core/algorithm" iri-compact:"algorithm"` - // HashValue the result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/hashValue" iri-compact:"hashValue"` -} - -func NewHash() IHash { - return &Hash{} -} - -func (o *Hash) GetComment() string { - return o.Comment -} -func (o *Hash) SetComment(v string) { - o.Comment = v -} - -func (o *Hash) GetAlgorithm() HashAlgorithm { - return o.Algorithm -} -func (o *Hash) SetAlgorithm(v HashAlgorithm) { - o.Algorithm = v -} -func (o *Hash) GetHashValue() string { - return o.HashValue -} -func (o *Hash) SetHashValue(v string) { - o.HashValue = v -} - -type ILifecycleScopedRelationship interface { - IRelationship - - // GetScope capture the scope of information about a specific relationship between elements. - GetScope() LifecycleScopeType - - SetScope(LifecycleScopeType) -} - -type LifecycleScopedRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopedRelationship" iri-compact:"LifecycleScopedRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // Scope capture the scope of information about a specific relationship between elements. - Scope LifecycleScopeType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/scope" iri-compact:"scope"` -} - -func NewLifecycleScopedRelationship() ILifecycleScopedRelationship { - return &LifecycleScopedRelationship{} -} - -func (o *LifecycleScopedRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *LifecycleScopedRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *LifecycleScopedRelationship) GetComment() string { - return o.Comment -} -func (o *LifecycleScopedRelationship) SetComment(v string) { - o.Comment = v -} -func (o *LifecycleScopedRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *LifecycleScopedRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *LifecycleScopedRelationship) GetDescription() string { - return o.Description -} -func (o *LifecycleScopedRelationship) SetDescription(v string) { - o.Description = v -} -func (o *LifecycleScopedRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *LifecycleScopedRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *LifecycleScopedRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *LifecycleScopedRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *LifecycleScopedRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *LifecycleScopedRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *LifecycleScopedRelationship) GetName() string { - return o.Name -} -func (o *LifecycleScopedRelationship) SetName(v string) { - o.Name = v -} -func (o *LifecycleScopedRelationship) GetSummary() string { - return o.Summary -} -func (o *LifecycleScopedRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *LifecycleScopedRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *LifecycleScopedRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *LifecycleScopedRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *LifecycleScopedRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *LifecycleScopedRelationship) GetEndTime() string { - return o.EndTime -} -func (o *LifecycleScopedRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *LifecycleScopedRelationship) GetFrom() IElement { - return o.From -} -func (o *LifecycleScopedRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *LifecycleScopedRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *LifecycleScopedRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *LifecycleScopedRelationship) GetStartTime() string { - return o.StartTime -} -func (o *LifecycleScopedRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *LifecycleScopedRelationship) GetTo() []IElement { - return o.To -} -func (o *LifecycleScopedRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *LifecycleScopedRelationship) GetScope() LifecycleScopeType { - return o.Scope -} -func (o *LifecycleScopedRelationship) SetScope(v LifecycleScopeType) { - o.Scope = v -} - -type IOrganization interface { - IAgent -} - -type Organization struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Organization" iri-compact:"Organization" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` -} - -func NewOrganization() IOrganization { - return &Organization{} -} - -func (o *Organization) GetSpdxId() string { - return o.SpdxId -} -func (o *Organization) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Organization) GetComment() string { - return o.Comment -} -func (o *Organization) SetComment(v string) { - o.Comment = v -} -func (o *Organization) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Organization) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Organization) GetDescription() string { - return o.Description -} -func (o *Organization) SetDescription(v string) { - o.Description = v -} -func (o *Organization) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Organization) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Organization) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Organization) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *Organization) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Organization) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Organization) GetName() string { - return o.Name -} -func (o *Organization) SetName(v string) { - o.Name = v -} -func (o *Organization) GetSummary() string { - return o.Summary -} -func (o *Organization) SetSummary(v string) { - o.Summary = v -} -func (o *Organization) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Organization) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -type IPerson interface { - IAgent -} - -type Person struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Person" iri-compact:"Person" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` -} - -func NewPerson() IPerson { - return &Person{} -} - -func (o *Person) GetSpdxId() string { - return o.SpdxId -} -func (o *Person) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Person) GetComment() string { - return o.Comment -} -func (o *Person) SetComment(v string) { - o.Comment = v -} -func (o *Person) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Person) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Person) GetDescription() string { - return o.Description -} -func (o *Person) SetDescription(v string) { - o.Description = v -} -func (o *Person) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Person) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Person) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Person) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *Person) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Person) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Person) GetName() string { - return o.Name -} -func (o *Person) SetName(v string) { - o.Name = v -} -func (o *Person) GetSummary() string { - return o.Summary -} -func (o *Person) SetSummary(v string) { - o.Summary = v -} -func (o *Person) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Person) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -type ISoftwareAgent interface { - IAgent -} - -type SoftwareAgent struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/SoftwareAgent" iri-compact:"SoftwareAgent" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` -} - -func NewSoftwareAgent() ISoftwareAgent { - return &SoftwareAgent{} -} - -func (o *SoftwareAgent) GetSpdxId() string { - return o.SpdxId -} -func (o *SoftwareAgent) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *SoftwareAgent) GetComment() string { - return o.Comment -} -func (o *SoftwareAgent) SetComment(v string) { - o.Comment = v -} -func (o *SoftwareAgent) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *SoftwareAgent) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *SoftwareAgent) GetDescription() string { - return o.Description -} -func (o *SoftwareAgent) SetDescription(v string) { - o.Description = v -} -func (o *SoftwareAgent) GetExtensions() []IExtension { - return o.Extensions -} -func (o *SoftwareAgent) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *SoftwareAgent) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *SoftwareAgent) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *SoftwareAgent) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *SoftwareAgent) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *SoftwareAgent) GetName() string { - return o.Name -} -func (o *SoftwareAgent) SetName(v string) { - o.Name = v -} -func (o *SoftwareAgent) GetSummary() string { - return o.Summary -} -func (o *SoftwareAgent) SetSummary(v string) { - o.Summary = v -} -func (o *SoftwareAgent) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *SoftwareAgent) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -type IConjunctiveLicenseSet interface { - IAnyLicenseInfo - - // GetMember a license expression participating in a license set. - GetMember() []IAnyLicenseInfo - - SetMember(...IAnyLicenseInfo) -} - -type ConjunctiveLicenseSet struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ConjunctiveLicenseSet" iri-compact:"expandedlicensing_ConjunctiveLicenseSet" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Member a license expression participating in a license set. - Member []IAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` -} - -func NewConjunctiveLicenseSet() IConjunctiveLicenseSet { - return &ConjunctiveLicenseSet{} -} - -func (o *ConjunctiveLicenseSet) GetSpdxId() string { - return o.SpdxId -} -func (o *ConjunctiveLicenseSet) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *ConjunctiveLicenseSet) GetComment() string { - return o.Comment -} -func (o *ConjunctiveLicenseSet) SetComment(v string) { - o.Comment = v -} -func (o *ConjunctiveLicenseSet) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *ConjunctiveLicenseSet) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *ConjunctiveLicenseSet) GetDescription() string { - return o.Description -} -func (o *ConjunctiveLicenseSet) SetDescription(v string) { - o.Description = v -} -func (o *ConjunctiveLicenseSet) GetExtensions() []IExtension { - return o.Extensions -} -func (o *ConjunctiveLicenseSet) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *ConjunctiveLicenseSet) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *ConjunctiveLicenseSet) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *ConjunctiveLicenseSet) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *ConjunctiveLicenseSet) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *ConjunctiveLicenseSet) GetName() string { - return o.Name -} -func (o *ConjunctiveLicenseSet) SetName(v string) { - o.Name = v -} -func (o *ConjunctiveLicenseSet) GetSummary() string { - return o.Summary -} -func (o *ConjunctiveLicenseSet) SetSummary(v string) { - o.Summary = v -} -func (o *ConjunctiveLicenseSet) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *ConjunctiveLicenseSet) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *ConjunctiveLicenseSet) GetMember() []IAnyLicenseInfo { - return o.Member -} -func (o *ConjunctiveLicenseSet) SetMember(v ...IAnyLicenseInfo) { - o.Member = v -} - -type ICustomLicenseAddition interface { - ILicenseAddition -} - -type CustomLicenseAddition struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/CustomLicenseAddition" iri-compact:"expandedlicensing_CustomLicenseAddition" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // AdditionText identifies the full text of a LicenseAddition. - AdditionText string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` - // IsDeprecatedAdditionId specifies whether an additional text identifier has been marked as deprecated. - IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` - // LicenseXml identifies all the text and metadata associated with a license in the license - // XML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // SeeAlso contains a URL where the License or LicenseAddition can be found in use. - SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // StandardAdditionTemplate identifies the full text of a LicenseAddition, in SPDX templating format. - StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` -} - -func NewCustomLicenseAddition() ICustomLicenseAddition { - return &CustomLicenseAddition{} -} - -func (o *CustomLicenseAddition) GetSpdxId() string { - return o.SpdxId -} -func (o *CustomLicenseAddition) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *CustomLicenseAddition) GetComment() string { - return o.Comment -} -func (o *CustomLicenseAddition) SetComment(v string) { - o.Comment = v -} -func (o *CustomLicenseAddition) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *CustomLicenseAddition) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *CustomLicenseAddition) GetDescription() string { - return o.Description -} -func (o *CustomLicenseAddition) SetDescription(v string) { - o.Description = v -} -func (o *CustomLicenseAddition) GetExtensions() []IExtension { - return o.Extensions -} -func (o *CustomLicenseAddition) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *CustomLicenseAddition) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *CustomLicenseAddition) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *CustomLicenseAddition) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *CustomLicenseAddition) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *CustomLicenseAddition) GetName() string { - return o.Name -} -func (o *CustomLicenseAddition) SetName(v string) { - o.Name = v -} -func (o *CustomLicenseAddition) GetSummary() string { - return o.Summary -} -func (o *CustomLicenseAddition) SetSummary(v string) { - o.Summary = v -} -func (o *CustomLicenseAddition) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *CustomLicenseAddition) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *CustomLicenseAddition) GetAdditionText() string { - return o.AdditionText -} -func (o *CustomLicenseAddition) SetAdditionText(v string) { - o.AdditionText = v -} -func (o *CustomLicenseAddition) GetIsDeprecatedAdditionId() bool { - return o.IsDeprecatedAdditionId -} -func (o *CustomLicenseAddition) SetIsDeprecatedAdditionId(v bool) { - o.IsDeprecatedAdditionId = v -} -func (o *CustomLicenseAddition) GetLicenseXml() string { - return o.LicenseXml -} -func (o *CustomLicenseAddition) SetLicenseXml(v string) { - o.LicenseXml = v -} -func (o *CustomLicenseAddition) GetObsoletedBy() string { - return o.ObsoletedBy -} -func (o *CustomLicenseAddition) SetObsoletedBy(v string) { - o.ObsoletedBy = v -} -func (o *CustomLicenseAddition) GetSeeAlso() []string { - return o.SeeAlso -} -func (o *CustomLicenseAddition) SetSeeAlso(v ...string) { - o.SeeAlso = v -} -func (o *CustomLicenseAddition) GetStandardAdditionTemplate() string { - return o.StandardAdditionTemplate -} -func (o *CustomLicenseAddition) SetStandardAdditionTemplate(v string) { - o.StandardAdditionTemplate = v -} - -type IDisjunctiveLicenseSet interface { - IAnyLicenseInfo - - // GetMember a license expression participating in a license set. - GetMember() []IAnyLicenseInfo - - SetMember(...IAnyLicenseInfo) -} - -type DisjunctiveLicenseSet struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/DisjunctiveLicenseSet" iri-compact:"expandedlicensing_DisjunctiveLicenseSet" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Member a license expression participating in a license set. - Member []IAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` -} - -func NewDisjunctiveLicenseSet() IDisjunctiveLicenseSet { - return &DisjunctiveLicenseSet{} -} - -func (o *DisjunctiveLicenseSet) GetSpdxId() string { - return o.SpdxId -} -func (o *DisjunctiveLicenseSet) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *DisjunctiveLicenseSet) GetComment() string { - return o.Comment -} -func (o *DisjunctiveLicenseSet) SetComment(v string) { - o.Comment = v -} -func (o *DisjunctiveLicenseSet) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *DisjunctiveLicenseSet) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *DisjunctiveLicenseSet) GetDescription() string { - return o.Description -} -func (o *DisjunctiveLicenseSet) SetDescription(v string) { - o.Description = v -} -func (o *DisjunctiveLicenseSet) GetExtensions() []IExtension { - return o.Extensions -} -func (o *DisjunctiveLicenseSet) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *DisjunctiveLicenseSet) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *DisjunctiveLicenseSet) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *DisjunctiveLicenseSet) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *DisjunctiveLicenseSet) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *DisjunctiveLicenseSet) GetName() string { - return o.Name -} -func (o *DisjunctiveLicenseSet) SetName(v string) { - o.Name = v -} -func (o *DisjunctiveLicenseSet) GetSummary() string { - return o.Summary -} -func (o *DisjunctiveLicenseSet) SetSummary(v string) { - o.Summary = v -} -func (o *DisjunctiveLicenseSet) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *DisjunctiveLicenseSet) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *DisjunctiveLicenseSet) GetMember() []IAnyLicenseInfo { - return o.Member -} -func (o *DisjunctiveLicenseSet) SetMember(v ...IAnyLicenseInfo) { - o.Member = v -} - -type IExtendableLicense interface { - IAnyLicenseInfo -} - -type ExtendableLicense struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ExtendableLicense" iri-compact:"expandedlicensing_ExtendableLicense" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` -} - -func (o *ExtendableLicense) GetSpdxId() string { - return o.SpdxId -} -func (o *ExtendableLicense) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *ExtendableLicense) GetComment() string { - return o.Comment -} -func (o *ExtendableLicense) SetComment(v string) { - o.Comment = v -} -func (o *ExtendableLicense) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *ExtendableLicense) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *ExtendableLicense) GetDescription() string { - return o.Description -} -func (o *ExtendableLicense) SetDescription(v string) { - o.Description = v -} -func (o *ExtendableLicense) GetExtensions() []IExtension { - return o.Extensions -} -func (o *ExtendableLicense) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *ExtendableLicense) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *ExtendableLicense) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *ExtendableLicense) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *ExtendableLicense) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *ExtendableLicense) GetName() string { - return o.Name -} -func (o *ExtendableLicense) SetName(v string) { - o.Name = v -} -func (o *ExtendableLicense) GetSummary() string { - return o.Summary -} -func (o *ExtendableLicense) SetSummary(v string) { - o.Summary = v -} -func (o *ExtendableLicense) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *ExtendableLicense) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -type IIndividualLicensingInfo interface { - IAnyLicenseInfo -} - -type IndividualLicensingInfo struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/IndividualLicensingInfo" iri-compact:"expandedlicensing_IndividualLicensingInfo" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` -} - -func NewIndividualLicensingInfo() IIndividualLicensingInfo { - return &IndividualLicensingInfo{} -} - -func (o *IndividualLicensingInfo) GetSpdxId() string { - return o.SpdxId -} -func (o *IndividualLicensingInfo) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *IndividualLicensingInfo) GetComment() string { - return o.Comment -} -func (o *IndividualLicensingInfo) SetComment(v string) { - o.Comment = v -} -func (o *IndividualLicensingInfo) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *IndividualLicensingInfo) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *IndividualLicensingInfo) GetDescription() string { - return o.Description -} -func (o *IndividualLicensingInfo) SetDescription(v string) { - o.Description = v -} -func (o *IndividualLicensingInfo) GetExtensions() []IExtension { - return o.Extensions -} -func (o *IndividualLicensingInfo) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *IndividualLicensingInfo) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *IndividualLicensingInfo) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *IndividualLicensingInfo) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *IndividualLicensingInfo) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *IndividualLicensingInfo) GetName() string { - return o.Name -} -func (o *IndividualLicensingInfo) SetName(v string) { - o.Name = v -} -func (o *IndividualLicensingInfo) GetSummary() string { - return o.Summary -} -func (o *IndividualLicensingInfo) SetSummary(v string) { - o.Summary = v -} -func (o *IndividualLicensingInfo) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *IndividualLicensingInfo) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -type ILicense interface { - IExtendableLicense - - // GetIsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as - // deprecated. - GetIsDeprecatedLicenseId() bool - - SetIsDeprecatedLicenseId(bool) - - // GetIsFsfLibre specifies whether the License is listed as free by the - // [Free Software Foundation (FSF)](https://fsf.org). - GetIsFsfLibre() bool - - SetIsFsfLibre(bool) - - // GetIsOsiApproved specifies whether the License is listed as approved by the - // [Open Source Initiative (OSI)](https://opensource.org). - GetIsOsiApproved() bool - - SetIsOsiApproved(bool) - - // GetLicenseXml identifies all the text and metadata associated with a license in the license - // XML format. - GetLicenseXml() string - - SetLicenseXml(string) - - // GetObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - GetObsoletedBy() string - - SetObsoletedBy(string) - - // GetSeeAlso contains a URL where the License or LicenseAddition can be found in use. - GetSeeAlso() []string - - SetSeeAlso(...string) - - // GetStandardLicenseHeader provides a License author's preferred text to indicate that a file is covered - // by the License. - GetStandardLicenseHeader() string - - SetStandardLicenseHeader(string) - - // GetStandardLicenseTemplate identifies the full text of a License, in SPDX templating format. - GetStandardLicenseTemplate() string - - SetStandardLicenseTemplate(string) - - // GetLicenseText identifies the full text of a License or Addition. - GetLicenseText() string - - SetLicenseText(string) -} - -type License struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/License" iri-compact:"expandedlicensing_License" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // IsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as - // deprecated. - IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` - // IsFsfLibre specifies whether the License is listed as free by the - // [Free Software Foundation (FSF)](https://fsf.org). - IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` - // IsOsiApproved specifies whether the License is listed as approved by the - // [Open Source Initiative (OSI)](https://opensource.org). - IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` - // LicenseXml identifies all the text and metadata associated with a license in the license - // XML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // SeeAlso contains a URL where the License or LicenseAddition can be found in use. - SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // StandardLicenseHeader provides a License author's preferred text to indicate that a file is covered - // by the License. - StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` - // StandardLicenseTemplate identifies the full text of a License, in SPDX templating format. - StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` - // LicenseText identifies the full text of a License or Addition. - LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` -} - -func (o *License) GetSpdxId() string { - return o.SpdxId -} -func (o *License) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *License) GetComment() string { - return o.Comment -} -func (o *License) SetComment(v string) { - o.Comment = v -} -func (o *License) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *License) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *License) GetDescription() string { - return o.Description -} -func (o *License) SetDescription(v string) { - o.Description = v -} -func (o *License) GetExtensions() []IExtension { - return o.Extensions -} -func (o *License) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *License) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *License) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *License) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *License) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *License) GetName() string { - return o.Name -} -func (o *License) SetName(v string) { - o.Name = v -} -func (o *License) GetSummary() string { - return o.Summary -} -func (o *License) SetSummary(v string) { - o.Summary = v -} -func (o *License) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *License) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *License) GetIsDeprecatedLicenseId() bool { - return o.IsDeprecatedLicenseId -} -func (o *License) SetIsDeprecatedLicenseId(v bool) { - o.IsDeprecatedLicenseId = v -} -func (o *License) GetIsFsfLibre() bool { - return o.IsFsfLibre -} -func (o *License) SetIsFsfLibre(v bool) { - o.IsFsfLibre = v -} -func (o *License) GetIsOsiApproved() bool { - return o.IsOsiApproved -} -func (o *License) SetIsOsiApproved(v bool) { - o.IsOsiApproved = v -} -func (o *License) GetLicenseXml() string { - return o.LicenseXml -} -func (o *License) SetLicenseXml(v string) { - o.LicenseXml = v -} -func (o *License) GetObsoletedBy() string { - return o.ObsoletedBy -} -func (o *License) SetObsoletedBy(v string) { - o.ObsoletedBy = v -} -func (o *License) GetSeeAlso() []string { - return o.SeeAlso -} -func (o *License) SetSeeAlso(v ...string) { - o.SeeAlso = v -} -func (o *License) GetStandardLicenseHeader() string { - return o.StandardLicenseHeader -} -func (o *License) SetStandardLicenseHeader(v string) { - o.StandardLicenseHeader = v -} -func (o *License) GetStandardLicenseTemplate() string { - return o.StandardLicenseTemplate -} -func (o *License) SetStandardLicenseTemplate(v string) { - o.StandardLicenseTemplate = v -} -func (o *License) GetLicenseText() string { - return o.LicenseText -} -func (o *License) SetLicenseText(v string) { - o.LicenseText = v -} - -type IListedLicense interface { - ILicense - - // GetDeprecatedVersion specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - GetDeprecatedVersion() string - - SetDeprecatedVersion(string) - - // GetListVersionAdded specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - GetListVersionAdded() string - - SetListVersionAdded(string) -} - -type ListedLicense struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/ListedLicense" iri-compact:"expandedlicensing_ListedLicense" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // IsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as - // deprecated. - IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` - // IsFsfLibre specifies whether the License is listed as free by the - // [Free Software Foundation (FSF)](https://fsf.org). - IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` - // IsOsiApproved specifies whether the License is listed as approved by the - // [Open Source Initiative (OSI)](https://opensource.org). - IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` - // LicenseXml identifies all the text and metadata associated with a license in the license - // XML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // SeeAlso contains a URL where the License or LicenseAddition can be found in use. - SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // StandardLicenseHeader provides a License author's preferred text to indicate that a file is covered - // by the License. - StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` - // StandardLicenseTemplate identifies the full text of a License, in SPDX templating format. - StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` - // LicenseText identifies the full text of a License or Addition. - LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` - - // DeprecatedVersion specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` - // ListVersionAdded specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` -} - -func NewListedLicense() IListedLicense { - return &ListedLicense{} -} - -func (o *ListedLicense) GetSpdxId() string { - return o.SpdxId -} -func (o *ListedLicense) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *ListedLicense) GetComment() string { - return o.Comment -} -func (o *ListedLicense) SetComment(v string) { - o.Comment = v -} -func (o *ListedLicense) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *ListedLicense) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *ListedLicense) GetDescription() string { - return o.Description -} -func (o *ListedLicense) SetDescription(v string) { - o.Description = v -} -func (o *ListedLicense) GetExtensions() []IExtension { - return o.Extensions -} -func (o *ListedLicense) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *ListedLicense) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *ListedLicense) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *ListedLicense) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *ListedLicense) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *ListedLicense) GetName() string { - return o.Name -} -func (o *ListedLicense) SetName(v string) { - o.Name = v -} -func (o *ListedLicense) GetSummary() string { - return o.Summary -} -func (o *ListedLicense) SetSummary(v string) { - o.Summary = v -} -func (o *ListedLicense) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *ListedLicense) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *ListedLicense) GetIsDeprecatedLicenseId() bool { - return o.IsDeprecatedLicenseId -} -func (o *ListedLicense) SetIsDeprecatedLicenseId(v bool) { - o.IsDeprecatedLicenseId = v -} -func (o *ListedLicense) GetIsFsfLibre() bool { - return o.IsFsfLibre -} -func (o *ListedLicense) SetIsFsfLibre(v bool) { - o.IsFsfLibre = v -} -func (o *ListedLicense) GetIsOsiApproved() bool { - return o.IsOsiApproved -} -func (o *ListedLicense) SetIsOsiApproved(v bool) { - o.IsOsiApproved = v -} -func (o *ListedLicense) GetLicenseXml() string { - return o.LicenseXml -} -func (o *ListedLicense) SetLicenseXml(v string) { - o.LicenseXml = v -} -func (o *ListedLicense) GetObsoletedBy() string { - return o.ObsoletedBy -} -func (o *ListedLicense) SetObsoletedBy(v string) { - o.ObsoletedBy = v -} -func (o *ListedLicense) GetSeeAlso() []string { - return o.SeeAlso -} -func (o *ListedLicense) SetSeeAlso(v ...string) { - o.SeeAlso = v -} -func (o *ListedLicense) GetStandardLicenseHeader() string { - return o.StandardLicenseHeader -} -func (o *ListedLicense) SetStandardLicenseHeader(v string) { - o.StandardLicenseHeader = v -} -func (o *ListedLicense) GetStandardLicenseTemplate() string { - return o.StandardLicenseTemplate -} -func (o *ListedLicense) SetStandardLicenseTemplate(v string) { - o.StandardLicenseTemplate = v -} -func (o *ListedLicense) GetLicenseText() string { - return o.LicenseText -} -func (o *ListedLicense) SetLicenseText(v string) { - o.LicenseText = v -} - -func (o *ListedLicense) GetDeprecatedVersion() string { - return o.DeprecatedVersion -} -func (o *ListedLicense) SetDeprecatedVersion(v string) { - o.DeprecatedVersion = v -} -func (o *ListedLicense) GetListVersionAdded() string { - return o.ListVersionAdded -} -func (o *ListedLicense) SetListVersionAdded(v string) { - o.ListVersionAdded = v -} - -type IOrLaterOperator interface { - IExtendableLicense - - // GetSubjectLicense a License participating in an 'or later' model. - GetSubjectLicense() ILicense - - SetSubjectLicense(ILicense) -} - -type OrLaterOperator struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/OrLaterOperator" iri-compact:"expandedlicensing_OrLaterOperator" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // SubjectLicense a License participating in an 'or later' model. - SubjectLicense ILicense `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/subjectLicense" iri-compact:"expandedlicensing_subjectLicense"` -} - -func NewOrLaterOperator() IOrLaterOperator { - return &OrLaterOperator{} -} - -func (o *OrLaterOperator) GetSpdxId() string { - return o.SpdxId -} -func (o *OrLaterOperator) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *OrLaterOperator) GetComment() string { - return o.Comment -} -func (o *OrLaterOperator) SetComment(v string) { - o.Comment = v -} -func (o *OrLaterOperator) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *OrLaterOperator) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *OrLaterOperator) GetDescription() string { - return o.Description -} -func (o *OrLaterOperator) SetDescription(v string) { - o.Description = v -} -func (o *OrLaterOperator) GetExtensions() []IExtension { - return o.Extensions -} -func (o *OrLaterOperator) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *OrLaterOperator) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *OrLaterOperator) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *OrLaterOperator) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *OrLaterOperator) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *OrLaterOperator) GetName() string { - return o.Name -} -func (o *OrLaterOperator) SetName(v string) { - o.Name = v -} -func (o *OrLaterOperator) GetSummary() string { - return o.Summary -} -func (o *OrLaterOperator) SetSummary(v string) { - o.Summary = v -} -func (o *OrLaterOperator) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *OrLaterOperator) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *OrLaterOperator) GetSubjectLicense() ILicense { - return o.SubjectLicense -} -func (o *OrLaterOperator) SetSubjectLicense(v ILicense) { - o.SubjectLicense = v -} - -type IWithAdditionOperator interface { - IAnyLicenseInfo - - // GetSubjectAddition a LicenseAddition participating in a 'with addition' model. - GetSubjectAddition() ILicenseAddition - - SetSubjectAddition(ILicenseAddition) - - // GetSubjectExtendableLicense a License participating in a 'with addition' model. - GetSubjectExtendableLicense() IExtendableLicense - - SetSubjectExtendableLicense(IExtendableLicense) -} - -type WithAdditionOperator struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/WithAdditionOperator" iri-compact:"expandedlicensing_WithAdditionOperator" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // SubjectAddition a LicenseAddition participating in a 'with addition' model. - SubjectAddition ILicenseAddition `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/subjectAddition" iri-compact:"expandedlicensing_subjectAddition"` - // SubjectExtendableLicense a License participating in a 'with addition' model. - SubjectExtendableLicense IExtendableLicense `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/subjectExtendableLicense" iri-compact:"expandedlicensing_subjectExtendableLicense"` -} - -func NewWithAdditionOperator() IWithAdditionOperator { - return &WithAdditionOperator{} -} - -func (o *WithAdditionOperator) GetSpdxId() string { - return o.SpdxId -} -func (o *WithAdditionOperator) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *WithAdditionOperator) GetComment() string { - return o.Comment -} -func (o *WithAdditionOperator) SetComment(v string) { - o.Comment = v -} -func (o *WithAdditionOperator) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *WithAdditionOperator) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *WithAdditionOperator) GetDescription() string { - return o.Description -} -func (o *WithAdditionOperator) SetDescription(v string) { - o.Description = v -} -func (o *WithAdditionOperator) GetExtensions() []IExtension { - return o.Extensions -} -func (o *WithAdditionOperator) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *WithAdditionOperator) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *WithAdditionOperator) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *WithAdditionOperator) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *WithAdditionOperator) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *WithAdditionOperator) GetName() string { - return o.Name -} -func (o *WithAdditionOperator) SetName(v string) { - o.Name = v -} -func (o *WithAdditionOperator) GetSummary() string { - return o.Summary -} -func (o *WithAdditionOperator) SetSummary(v string) { - o.Summary = v -} -func (o *WithAdditionOperator) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *WithAdditionOperator) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *WithAdditionOperator) GetSubjectAddition() ILicenseAddition { - return o.SubjectAddition -} -func (o *WithAdditionOperator) SetSubjectAddition(v ILicenseAddition) { - o.SubjectAddition = v -} -func (o *WithAdditionOperator) GetSubjectExtendableLicense() IExtendableLicense { - return o.SubjectExtendableLicense -} -func (o *WithAdditionOperator) SetSubjectExtendableLicense(v IExtendableLicense) { - o.SubjectExtendableLicense = v -} - -type ICdxPropertiesExtension interface { - IExtension - - // GetCdxProperty provides a map of a property names to a values. - GetCdxProperty() []ICdxPropertyEntry - - SetCdxProperty(...ICdxPropertyEntry) -} - -type CdxPropertiesExtension struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/CdxPropertiesExtension" iri-compact:"extension_CdxPropertiesExtension"` - - Iri string `iri:"@id"` - - // CdxProperty provides a map of a property names to a values. - CdxProperty []ICdxPropertyEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Extension/cdxProperty" iri-compact:"extension_cdxProperty"` -} - -func NewCdxPropertiesExtension() ICdxPropertiesExtension { - return &CdxPropertiesExtension{} -} - -func (o *CdxPropertiesExtension) GetCdxProperty() []ICdxPropertyEntry { - return o.CdxProperty -} -func (o *CdxPropertiesExtension) SetCdxProperty(v ...ICdxPropertyEntry) { - o.CdxProperty = v -} - -type ICvssV2VulnAssessmentRelationship interface { - IVulnAssessmentRelationship - - // GetScore provides a numerical (0-10) representation of the severity of a vulnerability. - GetScore() float64 - - SetScore(float64) - - // GetVectorString specifies the CVSS vector string for a vulnerability. - GetVectorString() string - - SetVectorString(string) -} - -type CvssV2VulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssV2VulnAssessmentRelationship" iri-compact:"security_CvssV2VulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // Score provides a numerical (0-10) representation of the severity of a vulnerability. - Score float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/score" iri-compact:"security_score"` - // VectorString specifies the CVSS vector string for a vulnerability. - VectorString string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vectorString" iri-compact:"security_vectorString"` -} - -func NewCvssV2VulnAssessmentRelationship() ICvssV2VulnAssessmentRelationship { - return &CvssV2VulnAssessmentRelationship{} -} - -func (o *CvssV2VulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *CvssV2VulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *CvssV2VulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *CvssV2VulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *CvssV2VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *CvssV2VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *CvssV2VulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *CvssV2VulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *CvssV2VulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *CvssV2VulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *CvssV2VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *CvssV2VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *CvssV2VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *CvssV2VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *CvssV2VulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *CvssV2VulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *CvssV2VulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *CvssV2VulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *CvssV2VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *CvssV2VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *CvssV2VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *CvssV2VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *CvssV2VulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *CvssV2VulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *CvssV2VulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *CvssV2VulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *CvssV2VulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *CvssV2VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *CvssV2VulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *CvssV2VulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *CvssV2VulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *CvssV2VulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *CvssV2VulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *CvssV2VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *CvssV2VulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *CvssV2VulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *CvssV2VulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *CvssV2VulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *CvssV2VulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *CvssV2VulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *CvssV2VulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *CvssV2VulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *CvssV2VulnAssessmentRelationship) GetScore() float64 { - return o.Score -} -func (o *CvssV2VulnAssessmentRelationship) SetScore(v float64) { - o.Score = v -} -func (o *CvssV2VulnAssessmentRelationship) GetVectorString() string { - return o.VectorString -} -func (o *CvssV2VulnAssessmentRelationship) SetVectorString(v string) { - o.VectorString = v -} - -type ICvssV3VulnAssessmentRelationship interface { - IVulnAssessmentRelationship - - // GetScore provides a numerical (0-10) representation of the severity of a vulnerability. - GetScore() float64 - - SetScore(float64) - - // GetSeverity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - GetSeverity() CvssSeverityType - - SetSeverity(CvssSeverityType) - - // GetVectorString specifies the CVSS vector string for a vulnerability. - GetVectorString() string - - SetVectorString(string) -} - -type CvssV3VulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssV3VulnAssessmentRelationship" iri-compact:"security_CvssV3VulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // Score provides a numerical (0-10) representation of the severity of a vulnerability. - Score float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/score" iri-compact:"security_score"` - // Severity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/severity" iri-compact:"security_severity"` - // VectorString specifies the CVSS vector string for a vulnerability. - VectorString string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vectorString" iri-compact:"security_vectorString"` -} - -func NewCvssV3VulnAssessmentRelationship() ICvssV3VulnAssessmentRelationship { - return &CvssV3VulnAssessmentRelationship{} -} - -func (o *CvssV3VulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *CvssV3VulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *CvssV3VulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *CvssV3VulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *CvssV3VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *CvssV3VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *CvssV3VulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *CvssV3VulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *CvssV3VulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *CvssV3VulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *CvssV3VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *CvssV3VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *CvssV3VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *CvssV3VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *CvssV3VulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *CvssV3VulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *CvssV3VulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *CvssV3VulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *CvssV3VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *CvssV3VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *CvssV3VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *CvssV3VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *CvssV3VulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *CvssV3VulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *CvssV3VulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *CvssV3VulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *CvssV3VulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *CvssV3VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *CvssV3VulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *CvssV3VulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *CvssV3VulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *CvssV3VulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *CvssV3VulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *CvssV3VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *CvssV3VulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *CvssV3VulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *CvssV3VulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *CvssV3VulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *CvssV3VulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *CvssV3VulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *CvssV3VulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *CvssV3VulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *CvssV3VulnAssessmentRelationship) GetScore() float64 { - return o.Score -} -func (o *CvssV3VulnAssessmentRelationship) SetScore(v float64) { - o.Score = v -} -func (o *CvssV3VulnAssessmentRelationship) GetSeverity() CvssSeverityType { - return o.Severity -} -func (o *CvssV3VulnAssessmentRelationship) SetSeverity(v CvssSeverityType) { - o.Severity = v -} -func (o *CvssV3VulnAssessmentRelationship) GetVectorString() string { - return o.VectorString -} -func (o *CvssV3VulnAssessmentRelationship) SetVectorString(v string) { - o.VectorString = v -} - -type ICvssV4VulnAssessmentRelationship interface { - IVulnAssessmentRelationship - - // GetScore provides a numerical (0-10) representation of the severity of a vulnerability. - GetScore() float64 - - SetScore(float64) - - // GetSeverity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - GetSeverity() CvssSeverityType - - SetSeverity(CvssSeverityType) - - // GetVectorString specifies the CVSS vector string for a vulnerability. - GetVectorString() string - - SetVectorString(string) -} - -type CvssV4VulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/CvssV4VulnAssessmentRelationship" iri-compact:"security_CvssV4VulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // Score provides a numerical (0-10) representation of the severity of a vulnerability. - Score float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/score" iri-compact:"security_score"` - // Severity specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/severity" iri-compact:"security_severity"` - // VectorString specifies the CVSS vector string for a vulnerability. - VectorString string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vectorString" iri-compact:"security_vectorString"` -} - -func NewCvssV4VulnAssessmentRelationship() ICvssV4VulnAssessmentRelationship { - return &CvssV4VulnAssessmentRelationship{} -} - -func (o *CvssV4VulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *CvssV4VulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *CvssV4VulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *CvssV4VulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *CvssV4VulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *CvssV4VulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *CvssV4VulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *CvssV4VulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *CvssV4VulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *CvssV4VulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *CvssV4VulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *CvssV4VulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *CvssV4VulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *CvssV4VulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *CvssV4VulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *CvssV4VulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *CvssV4VulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *CvssV4VulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *CvssV4VulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *CvssV4VulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *CvssV4VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *CvssV4VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *CvssV4VulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *CvssV4VulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *CvssV4VulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *CvssV4VulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *CvssV4VulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *CvssV4VulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *CvssV4VulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *CvssV4VulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *CvssV4VulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *CvssV4VulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *CvssV4VulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *CvssV4VulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *CvssV4VulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *CvssV4VulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *CvssV4VulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *CvssV4VulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *CvssV4VulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *CvssV4VulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *CvssV4VulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *CvssV4VulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *CvssV4VulnAssessmentRelationship) GetScore() float64 { - return o.Score -} -func (o *CvssV4VulnAssessmentRelationship) SetScore(v float64) { - o.Score = v -} -func (o *CvssV4VulnAssessmentRelationship) GetSeverity() CvssSeverityType { - return o.Severity -} -func (o *CvssV4VulnAssessmentRelationship) SetSeverity(v CvssSeverityType) { - o.Severity = v -} -func (o *CvssV4VulnAssessmentRelationship) GetVectorString() string { - return o.VectorString -} -func (o *CvssV4VulnAssessmentRelationship) SetVectorString(v string) { - o.VectorString = v -} - -type IEpssVulnAssessmentRelationship interface { - IVulnAssessmentRelationship - - // GetPercentile the percentile of the current probability score. - GetPercentile() float64 - - SetPercentile(float64) - - // GetProbability a probability score between 0 and 1 of a vulnerability being exploited. - GetProbability() float64 - - SetProbability(float64) -} - -type EpssVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/EpssVulnAssessmentRelationship" iri-compact:"security_EpssVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // Percentile the percentile of the current probability score. - Percentile float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/percentile" iri-compact:"security_percentile"` - // Probability a probability score between 0 and 1 of a vulnerability being exploited. - Probability float64 `iri:"https://spdx.org/rdf/3.0.0/terms/Security/probability" iri-compact:"security_probability"` -} - -func NewEpssVulnAssessmentRelationship() IEpssVulnAssessmentRelationship { - return &EpssVulnAssessmentRelationship{} -} - -func (o *EpssVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *EpssVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *EpssVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *EpssVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *EpssVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *EpssVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *EpssVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *EpssVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *EpssVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *EpssVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *EpssVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *EpssVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *EpssVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *EpssVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *EpssVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *EpssVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *EpssVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *EpssVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *EpssVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *EpssVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *EpssVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *EpssVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *EpssVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *EpssVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *EpssVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *EpssVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *EpssVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *EpssVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *EpssVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *EpssVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *EpssVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *EpssVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *EpssVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *EpssVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *EpssVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *EpssVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *EpssVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *EpssVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *EpssVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *EpssVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *EpssVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *EpssVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *EpssVulnAssessmentRelationship) GetPercentile() float64 { - return o.Percentile -} -func (o *EpssVulnAssessmentRelationship) SetPercentile(v float64) { - o.Percentile = v -} -func (o *EpssVulnAssessmentRelationship) GetProbability() float64 { - return o.Probability -} -func (o *EpssVulnAssessmentRelationship) SetProbability(v float64) { - o.Probability = v -} - -type IExploitCatalogVulnAssessmentRelationship interface { - IVulnAssessmentRelationship - - // GetCatalogType specifies the exploit catalog type. - GetCatalogType() ExploitCatalogType - - SetCatalogType(ExploitCatalogType) - - // GetExploited describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - GetExploited() bool - - SetExploited(bool) - - // GetLocator provides the location of an exploit catalog. - GetLocator() string - - SetLocator(string) -} - -type ExploitCatalogVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogVulnAssessmentRelationship" iri-compact:"security_ExploitCatalogVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // CatalogType specifies the exploit catalog type. - CatalogType ExploitCatalogType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/catalogType" iri-compact:"security_catalogType"` - // Exploited describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - Exploited bool `iri:"https://spdx.org/rdf/3.0.0/terms/Security/exploited" iri-compact:"security_exploited"` - // Locator provides the location of an exploit catalog. - Locator string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/locator" iri-compact:"security_locator"` -} - -func NewExploitCatalogVulnAssessmentRelationship() IExploitCatalogVulnAssessmentRelationship { - return &ExploitCatalogVulnAssessmentRelationship{} -} - -func (o *ExploitCatalogVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *ExploitCatalogVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *ExploitCatalogVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *ExploitCatalogVulnAssessmentRelationship) GetCatalogType() ExploitCatalogType { - return o.CatalogType -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetCatalogType(v ExploitCatalogType) { - o.CatalogType = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetExploited() bool { - return o.Exploited -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetExploited(v bool) { - o.Exploited = v -} -func (o *ExploitCatalogVulnAssessmentRelationship) GetLocator() string { - return o.Locator -} -func (o *ExploitCatalogVulnAssessmentRelationship) SetLocator(v string) { - o.Locator = v -} - -type ISsvcVulnAssessmentRelationship interface { - IVulnAssessmentRelationship - - // GetDecisionType provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) - GetDecisionType() SsvcDecisionType - - SetDecisionType(SsvcDecisionType) -} - -type SsvcVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/SsvcVulnAssessmentRelationship" iri-compact:"security_SsvcVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // DecisionType provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) - DecisionType SsvcDecisionType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/decisionType" iri-compact:"security_decisionType"` -} - -func NewSsvcVulnAssessmentRelationship() ISsvcVulnAssessmentRelationship { - return &SsvcVulnAssessmentRelationship{} -} - -func (o *SsvcVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *SsvcVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *SsvcVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *SsvcVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *SsvcVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *SsvcVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *SsvcVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *SsvcVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *SsvcVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *SsvcVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *SsvcVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *SsvcVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *SsvcVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *SsvcVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *SsvcVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *SsvcVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *SsvcVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *SsvcVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *SsvcVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *SsvcVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *SsvcVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *SsvcVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *SsvcVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *SsvcVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *SsvcVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *SsvcVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *SsvcVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *SsvcVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *SsvcVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *SsvcVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *SsvcVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *SsvcVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *SsvcVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *SsvcVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *SsvcVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *SsvcVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *SsvcVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *SsvcVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *SsvcVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *SsvcVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *SsvcVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *SsvcVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *SsvcVulnAssessmentRelationship) GetDecisionType() SsvcDecisionType { - return o.DecisionType -} -func (o *SsvcVulnAssessmentRelationship) SetDecisionType(v SsvcDecisionType) { - o.DecisionType = v -} - -type IVexVulnAssessmentRelationship interface { - IVulnAssessmentRelationship - - // GetStatusNotes conveys information about how VEX status was determined. - GetStatusNotes() string - - SetStatusNotes(string) - - // GetVexVersion specifies the version of a VEX statement. - GetVexVersion() string - - SetVexVersion(string) -} - -type VexVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexVulnAssessmentRelationship" iri-compact:"security_VexVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // StatusNotes conveys information about how VEX status was determined. - StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` - // VexVersion specifies the version of a VEX statement. - VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` -} - -func (o *VexVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *VexVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *VexVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *VexVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *VexVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *VexVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *VexVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *VexVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *VexVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *VexVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *VexVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *VexVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *VexVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *VexVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *VexVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *VexVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *VexVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *VexVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *VexVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *VexVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *VexVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *VexVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *VexVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *VexVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *VexVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *VexVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *VexVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *VexVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *VexVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *VexVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *VexVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *VexVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *VexVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *VexVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *VexVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *VexVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *VexVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *VexVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *VexVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *VexVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *VexVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *VexVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *VexVulnAssessmentRelationship) GetStatusNotes() string { - return o.StatusNotes -} -func (o *VexVulnAssessmentRelationship) SetStatusNotes(v string) { - o.StatusNotes = v -} -func (o *VexVulnAssessmentRelationship) GetVexVersion() string { - return o.VexVersion -} -func (o *VexVulnAssessmentRelationship) SetVexVersion(v string) { - o.VexVersion = v -} - -type IVulnerability interface { - IArtifact - - // GetModifiedTime specifies a time when a vulnerability assessment was modified - GetModifiedTime() string - - SetModifiedTime(string) - - // GetPublishedTime specifies the time when a vulnerability was published. - GetPublishedTime() string - - SetPublishedTime(string) - - // GetWithdrawnTime specified the time and date when a vulnerability was withdrawn. - GetWithdrawnTime() string - - SetWithdrawnTime(string) -} - -type Vulnerability struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/Vulnerability" iri-compact:"security_Vulnerability" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` - - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` -} - -func NewVulnerability() IVulnerability { - return &Vulnerability{} -} - -func (o *Vulnerability) GetSpdxId() string { - return o.SpdxId -} -func (o *Vulnerability) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Vulnerability) GetComment() string { - return o.Comment -} -func (o *Vulnerability) SetComment(v string) { - o.Comment = v -} -func (o *Vulnerability) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Vulnerability) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Vulnerability) GetDescription() string { - return o.Description -} -func (o *Vulnerability) SetDescription(v string) { - o.Description = v -} -func (o *Vulnerability) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Vulnerability) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Vulnerability) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Vulnerability) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *Vulnerability) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Vulnerability) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Vulnerability) GetName() string { - return o.Name -} -func (o *Vulnerability) SetName(v string) { - o.Name = v -} -func (o *Vulnerability) GetSummary() string { - return o.Summary -} -func (o *Vulnerability) SetSummary(v string) { - o.Summary = v -} -func (o *Vulnerability) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Vulnerability) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *Vulnerability) GetBuiltTime() string { - return o.BuiltTime -} -func (o *Vulnerability) SetBuiltTime(v string) { - o.BuiltTime = v -} -func (o *Vulnerability) GetOriginatedBy() []IAgent { - return o.OriginatedBy -} -func (o *Vulnerability) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v -} -func (o *Vulnerability) GetReleaseTime() string { - return o.ReleaseTime -} -func (o *Vulnerability) SetReleaseTime(v string) { - o.ReleaseTime = v -} -func (o *Vulnerability) GetStandardName() []string { - return o.StandardName -} -func (o *Vulnerability) SetStandardName(v ...string) { - o.StandardName = v -} -func (o *Vulnerability) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *Vulnerability) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *Vulnerability) GetSupportLevel() []SupportType { - return o.SupportLevel -} -func (o *Vulnerability) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v -} -func (o *Vulnerability) GetValidUntilTime() string { - return o.ValidUntilTime -} -func (o *Vulnerability) SetValidUntilTime(v string) { - o.ValidUntilTime = v -} - -func (o *Vulnerability) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *Vulnerability) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *Vulnerability) GetPublishedTime() string { - return o.PublishedTime -} -func (o *Vulnerability) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *Vulnerability) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *Vulnerability) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -type ISoftwareArtifact interface { - IArtifact - - // GetAdditionalPurpose provides additional purpose information of the software artifact. - GetAdditionalPurpose() []SoftwarePurpose - - SetAdditionalPurpose(...SoftwarePurpose) - - // GetAttributionText provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - GetAttributionText() []string - - SetAttributionText(...string) - - // GetContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - GetContentIdentifier() []IContentIdentifier - - SetContentIdentifier(...IContentIdentifier) - - // GetCopyrightText identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - GetCopyrightText() string - - SetCopyrightText(string) - - // GetPrimaryPurpose provides information about the primary purpose of the software artifact. - GetPrimaryPurpose() SoftwarePurpose - - SetPrimaryPurpose(SoftwarePurpose) -} - -type SoftwareArtifact struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/SoftwareArtifact" iri-compact:"software_SoftwareArtifact" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` - - // AdditionalPurpose provides additional purpose information of the software artifact. - AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // AttributionText provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` - // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` - // CopyrightText identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // PrimaryPurpose provides information about the primary purpose of the software artifact. - PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` -} - -func (o *SoftwareArtifact) GetSpdxId() string { - return o.SpdxId -} -func (o *SoftwareArtifact) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *SoftwareArtifact) GetComment() string { - return o.Comment -} -func (o *SoftwareArtifact) SetComment(v string) { - o.Comment = v -} -func (o *SoftwareArtifact) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *SoftwareArtifact) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *SoftwareArtifact) GetDescription() string { - return o.Description -} -func (o *SoftwareArtifact) SetDescription(v string) { - o.Description = v -} -func (o *SoftwareArtifact) GetExtensions() []IExtension { - return o.Extensions -} -func (o *SoftwareArtifact) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *SoftwareArtifact) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *SoftwareArtifact) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *SoftwareArtifact) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *SoftwareArtifact) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *SoftwareArtifact) GetName() string { - return o.Name -} -func (o *SoftwareArtifact) SetName(v string) { - o.Name = v -} -func (o *SoftwareArtifact) GetSummary() string { - return o.Summary -} -func (o *SoftwareArtifact) SetSummary(v string) { - o.Summary = v -} -func (o *SoftwareArtifact) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *SoftwareArtifact) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *SoftwareArtifact) GetBuiltTime() string { - return o.BuiltTime -} -func (o *SoftwareArtifact) SetBuiltTime(v string) { - o.BuiltTime = v -} -func (o *SoftwareArtifact) GetOriginatedBy() []IAgent { - return o.OriginatedBy -} -func (o *SoftwareArtifact) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v -} -func (o *SoftwareArtifact) GetReleaseTime() string { - return o.ReleaseTime -} -func (o *SoftwareArtifact) SetReleaseTime(v string) { - o.ReleaseTime = v -} -func (o *SoftwareArtifact) GetStandardName() []string { - return o.StandardName -} -func (o *SoftwareArtifact) SetStandardName(v ...string) { - o.StandardName = v -} -func (o *SoftwareArtifact) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *SoftwareArtifact) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *SoftwareArtifact) GetSupportLevel() []SupportType { - return o.SupportLevel -} -func (o *SoftwareArtifact) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v -} -func (o *SoftwareArtifact) GetValidUntilTime() string { - return o.ValidUntilTime -} -func (o *SoftwareArtifact) SetValidUntilTime(v string) { - o.ValidUntilTime = v -} - -func (o *SoftwareArtifact) GetAdditionalPurpose() []SoftwarePurpose { - return o.AdditionalPurpose -} -func (o *SoftwareArtifact) SetAdditionalPurpose(v ...SoftwarePurpose) { - o.AdditionalPurpose = v -} -func (o *SoftwareArtifact) GetAttributionText() []string { - return o.AttributionText -} -func (o *SoftwareArtifact) SetAttributionText(v ...string) { - o.AttributionText = v -} -func (o *SoftwareArtifact) GetContentIdentifier() []IContentIdentifier { - return o.ContentIdentifier -} -func (o *SoftwareArtifact) SetContentIdentifier(v ...IContentIdentifier) { - o.ContentIdentifier = v -} -func (o *SoftwareArtifact) GetCopyrightText() string { - return o.CopyrightText -} -func (o *SoftwareArtifact) SetCopyrightText(v string) { - o.CopyrightText = v -} -func (o *SoftwareArtifact) GetPrimaryPurpose() SoftwarePurpose { - return o.PrimaryPurpose -} -func (o *SoftwareArtifact) SetPrimaryPurpose(v SoftwarePurpose) { - o.PrimaryPurpose = v -} - -type IBom interface { - IBundle -} - -type Bom struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/Bom" iri-compact:"Bom" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Elements refers to one or more Elements that are part of an ElementCollection. - Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` - // ProfileConformance describes one a profile which the creator of this ElementCollection intends to - // conform to. - ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` - // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` - - // Context gives information about the circumstances or unifying properties - // that Elements of the bundle have been assembled under. - Context string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/context" iri-compact:"context"` -} - -func NewBom() IBom { - return &Bom{} -} - -func (o *Bom) GetSpdxId() string { - return o.SpdxId -} -func (o *Bom) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Bom) GetComment() string { - return o.Comment -} -func (o *Bom) SetComment(v string) { - o.Comment = v -} -func (o *Bom) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Bom) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Bom) GetDescription() string { - return o.Description -} -func (o *Bom) SetDescription(v string) { - o.Description = v -} -func (o *Bom) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Bom) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Bom) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Bom) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *Bom) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Bom) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Bom) GetName() string { - return o.Name -} -func (o *Bom) SetName(v string) { - o.Name = v -} -func (o *Bom) GetSummary() string { - return o.Summary -} -func (o *Bom) SetSummary(v string) { - o.Summary = v -} -func (o *Bom) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Bom) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *Bom) GetElements() []IElement { - return o.Elements -} -func (o *Bom) SetElements(v ...IElement) { - o.Elements = v -} -func (o *Bom) GetProfileConformance() []ProfileIdentifierType { - return o.ProfileConformance -} -func (o *Bom) SetProfileConformance(v ...ProfileIdentifierType) { - o.ProfileConformance = v -} -func (o *Bom) GetRootElements() []IElement { - return o.RootElements -} -func (o *Bom) SetRootElements(v ...IElement) { - o.RootElements = v -} - -func (o *Bom) GetContext() string { - return o.Context -} -func (o *Bom) SetContext(v string) { - o.Context = v -} - -type ICustomLicense interface { - ILicense -} - -type CustomLicense struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/CustomLicense" iri-compact:"expandedlicensing_CustomLicense" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // IsDeprecatedLicenseId specifies whether a license or additional text identifier has been marked as - // deprecated. - IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` - // IsFsfLibre specifies whether the License is listed as free by the - // [Free Software Foundation (FSF)](https://fsf.org). - IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` - // IsOsiApproved specifies whether the License is listed as approved by the - // [Open Source Initiative (OSI)](https://opensource.org). - IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` - // LicenseXml identifies all the text and metadata associated with a license in the license - // XML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // ObsoletedBy specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // SeeAlso contains a URL where the License or LicenseAddition can be found in use. - SeeAlso []string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // StandardLicenseHeader provides a License author's preferred text to indicate that a file is covered - // by the License. - StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` - // StandardLicenseTemplate identifies the full text of a License, in SPDX templating format. - StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.0/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` - // LicenseText identifies the full text of a License or Addition. - LicenseText string `iri:"https://spdx.org/rdf/3.0.0/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` -} - -func NewCustomLicense() ICustomLicense { - return &CustomLicense{} -} - -func (o *CustomLicense) GetSpdxId() string { - return o.SpdxId -} -func (o *CustomLicense) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *CustomLicense) GetComment() string { - return o.Comment -} -func (o *CustomLicense) SetComment(v string) { - o.Comment = v -} -func (o *CustomLicense) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *CustomLicense) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *CustomLicense) GetDescription() string { - return o.Description -} -func (o *CustomLicense) SetDescription(v string) { - o.Description = v -} -func (o *CustomLicense) GetExtensions() []IExtension { - return o.Extensions -} -func (o *CustomLicense) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *CustomLicense) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *CustomLicense) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *CustomLicense) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *CustomLicense) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *CustomLicense) GetName() string { - return o.Name -} -func (o *CustomLicense) SetName(v string) { - o.Name = v -} -func (o *CustomLicense) GetSummary() string { - return o.Summary -} -func (o *CustomLicense) SetSummary(v string) { - o.Summary = v -} -func (o *CustomLicense) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *CustomLicense) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *CustomLicense) GetIsDeprecatedLicenseId() bool { - return o.IsDeprecatedLicenseId -} -func (o *CustomLicense) SetIsDeprecatedLicenseId(v bool) { - o.IsDeprecatedLicenseId = v -} -func (o *CustomLicense) GetIsFsfLibre() bool { - return o.IsFsfLibre -} -func (o *CustomLicense) SetIsFsfLibre(v bool) { - o.IsFsfLibre = v -} -func (o *CustomLicense) GetIsOsiApproved() bool { - return o.IsOsiApproved -} -func (o *CustomLicense) SetIsOsiApproved(v bool) { - o.IsOsiApproved = v -} -func (o *CustomLicense) GetLicenseXml() string { - return o.LicenseXml -} -func (o *CustomLicense) SetLicenseXml(v string) { - o.LicenseXml = v -} -func (o *CustomLicense) GetObsoletedBy() string { - return o.ObsoletedBy -} -func (o *CustomLicense) SetObsoletedBy(v string) { - o.ObsoletedBy = v -} -func (o *CustomLicense) GetSeeAlso() []string { - return o.SeeAlso -} -func (o *CustomLicense) SetSeeAlso(v ...string) { - o.SeeAlso = v -} -func (o *CustomLicense) GetStandardLicenseHeader() string { - return o.StandardLicenseHeader -} -func (o *CustomLicense) SetStandardLicenseHeader(v string) { - o.StandardLicenseHeader = v -} -func (o *CustomLicense) GetStandardLicenseTemplate() string { - return o.StandardLicenseTemplate -} -func (o *CustomLicense) SetStandardLicenseTemplate(v string) { - o.StandardLicenseTemplate = v -} -func (o *CustomLicense) GetLicenseText() string { - return o.LicenseText -} -func (o *CustomLicense) SetLicenseText(v string) { - o.LicenseText = v -} - -type IVexAffectedVulnAssessmentRelationship interface { - IVexVulnAssessmentRelationship - - // GetActionStatement provides advise on how to mitigate or remediate a vulnerability when a VEX product - // is affected by it. - GetActionStatement() string - - SetActionStatement(string) - - // GetActionStatementTime records the time when a recommended action was communicated in a VEX statement - // to mitigate a vulnerability. - GetActionStatementTime() []string - - SetActionStatementTime(...string) -} - -type VexAffectedVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexAffectedVulnAssessmentRelationship" iri-compact:"security_VexAffectedVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // StatusNotes conveys information about how VEX status was determined. - StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` - // VexVersion specifies the version of a VEX statement. - VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` - - // ActionStatement provides advise on how to mitigate or remediate a vulnerability when a VEX product - // is affected by it. - ActionStatement string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/actionStatement" iri-compact:"security_actionStatement"` - // ActionStatementTime records the time when a recommended action was communicated in a VEX statement - // to mitigate a vulnerability. - ActionStatementTime []string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/actionStatementTime" iri-compact:"security_actionStatementTime"` -} - -func NewVexAffectedVulnAssessmentRelationship() IVexAffectedVulnAssessmentRelationship { - return &VexAffectedVulnAssessmentRelationship{} -} - -func (o *VexAffectedVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *VexAffectedVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *VexAffectedVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *VexAffectedVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *VexAffectedVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *VexAffectedVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *VexAffectedVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *VexAffectedVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *VexAffectedVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *VexAffectedVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *VexAffectedVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *VexAffectedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *VexAffectedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *VexAffectedVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *VexAffectedVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *VexAffectedVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *VexAffectedVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *VexAffectedVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *VexAffectedVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *VexAffectedVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *VexAffectedVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *VexAffectedVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *VexAffectedVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *VexAffectedVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *VexAffectedVulnAssessmentRelationship) GetStatusNotes() string { - return o.StatusNotes -} -func (o *VexAffectedVulnAssessmentRelationship) SetStatusNotes(v string) { - o.StatusNotes = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetVexVersion() string { - return o.VexVersion -} -func (o *VexAffectedVulnAssessmentRelationship) SetVexVersion(v string) { - o.VexVersion = v -} - -func (o *VexAffectedVulnAssessmentRelationship) GetActionStatement() string { - return o.ActionStatement -} -func (o *VexAffectedVulnAssessmentRelationship) SetActionStatement(v string) { - o.ActionStatement = v -} -func (o *VexAffectedVulnAssessmentRelationship) GetActionStatementTime() []string { - return o.ActionStatementTime -} -func (o *VexAffectedVulnAssessmentRelationship) SetActionStatementTime(v ...string) { - o.ActionStatementTime = v -} - -type IVexFixedVulnAssessmentRelationship interface { - IVexVulnAssessmentRelationship -} - -type VexFixedVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexFixedVulnAssessmentRelationship" iri-compact:"security_VexFixedVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // StatusNotes conveys information about how VEX status was determined. - StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` - // VexVersion specifies the version of a VEX statement. - VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` -} - -func NewVexFixedVulnAssessmentRelationship() IVexFixedVulnAssessmentRelationship { - return &VexFixedVulnAssessmentRelationship{} -} - -func (o *VexFixedVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *VexFixedVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *VexFixedVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *VexFixedVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *VexFixedVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *VexFixedVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *VexFixedVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *VexFixedVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *VexFixedVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *VexFixedVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *VexFixedVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *VexFixedVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *VexFixedVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *VexFixedVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *VexFixedVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *VexFixedVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *VexFixedVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *VexFixedVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *VexFixedVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *VexFixedVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *VexFixedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *VexFixedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *VexFixedVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *VexFixedVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *VexFixedVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *VexFixedVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *VexFixedVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *VexFixedVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *VexFixedVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *VexFixedVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *VexFixedVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *VexFixedVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *VexFixedVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *VexFixedVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *VexFixedVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *VexFixedVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *VexFixedVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *VexFixedVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *VexFixedVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *VexFixedVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *VexFixedVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *VexFixedVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *VexFixedVulnAssessmentRelationship) GetStatusNotes() string { - return o.StatusNotes -} -func (o *VexFixedVulnAssessmentRelationship) SetStatusNotes(v string) { - o.StatusNotes = v -} -func (o *VexFixedVulnAssessmentRelationship) GetVexVersion() string { - return o.VexVersion -} -func (o *VexFixedVulnAssessmentRelationship) SetVexVersion(v string) { - o.VexVersion = v -} - -type IVexNotAffectedVulnAssessmentRelationship interface { - IVexVulnAssessmentRelationship - - // GetImpactStatement explains why a VEX product is not affected by a vulnerability. It is an - // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable - // justification label. - GetImpactStatement() string - - SetImpactStatement(string) - - // GetImpactStatementTime timestamp of impact statement. - GetImpactStatementTime() string - - SetImpactStatementTime(string) - - // GetJustificationType impact justification label to be used when linking a vulnerability to an element - // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship - // relationship. - GetJustificationType() VexJustificationType - - SetJustificationType(VexJustificationType) -} - -type VexNotAffectedVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexNotAffectedVulnAssessmentRelationship" iri-compact:"security_VexNotAffectedVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // StatusNotes conveys information about how VEX status was determined. - StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` - // VexVersion specifies the version of a VEX statement. - VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` - - // ImpactStatement explains why a VEX product is not affected by a vulnerability. It is an - // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable - // justification label. - ImpactStatement string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/impactStatement" iri-compact:"security_impactStatement"` - // ImpactStatementTime timestamp of impact statement. - ImpactStatementTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/impactStatementTime" iri-compact:"security_impactStatementTime"` - // JustificationType impact justification label to be used when linking a vulnerability to an element - // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship - // relationship. - JustificationType VexJustificationType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/justificationType" iri-compact:"security_justificationType"` -} - -func NewVexNotAffectedVulnAssessmentRelationship() IVexNotAffectedVulnAssessmentRelationship { - return &VexNotAffectedVulnAssessmentRelationship{} -} - -func (o *VexNotAffectedVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *VexNotAffectedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *VexNotAffectedVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *VexNotAffectedVulnAssessmentRelationship) GetStatusNotes() string { - return o.StatusNotes -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetStatusNotes(v string) { - o.StatusNotes = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetVexVersion() string { - return o.VexVersion -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetVexVersion(v string) { - o.VexVersion = v -} - -func (o *VexNotAffectedVulnAssessmentRelationship) GetImpactStatement() string { - return o.ImpactStatement -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetImpactStatement(v string) { - o.ImpactStatement = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetImpactStatementTime() string { - return o.ImpactStatementTime -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetImpactStatementTime(v string) { - o.ImpactStatementTime = v -} -func (o *VexNotAffectedVulnAssessmentRelationship) GetJustificationType() VexJustificationType { - return o.JustificationType -} -func (o *VexNotAffectedVulnAssessmentRelationship) SetJustificationType(v VexJustificationType) { - o.JustificationType = v -} - -type IVexUnderInvestigationVulnAssessmentRelationship interface { - IVexVulnAssessmentRelationship -} - -type VexUnderInvestigationVulnAssessmentRelationship struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Security/VexUnderInvestigationVulnAssessmentRelationship" iri-compact:"security_VexUnderInvestigationVulnAssessmentRelationship" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Completeness provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.0/terms/Core/completeness" iri-compact:"completeness"` - // EndTime specifies the time from which an element is no longer applicable / valid. - EndTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/endTime" iri-compact:"endTime"` - // From references the Element on the left-hand side of a relationship. - From IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/from" iri-compact:"from"` - // RelationshipType information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/relationshipType" iri-compact:"relationshipType"` - // StartTime specifies the time from which an element is applicable / valid. - StartTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/startTime" iri-compact:"startTime"` - // To references an Element on the right-hand side of a relationship. - To []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/to" iri-compact:"to"` - - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // AssessedElement specifies an Element contained in a piece of software where a vulnerability was - // found. - AssessedElement IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Security/assessedElement" iri-compact:"security_assessedElement"` - // ModifiedTime specifies a time when a vulnerability assessment was modified - ModifiedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // PublishedTime specifies the time when a vulnerability was published. - PublishedTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // WithdrawnTime specified the time and date when a vulnerability was withdrawn. - WithdrawnTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` - - // StatusNotes conveys information about how VEX status was determined. - StatusNotes string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/statusNotes" iri-compact:"security_statusNotes"` - // VexVersion specifies the version of a VEX statement. - VexVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Security/vexVersion" iri-compact:"security_vexVersion"` -} - -func NewVexUnderInvestigationVulnAssessmentRelationship() IVexUnderInvestigationVulnAssessmentRelationship { - return &VexUnderInvestigationVulnAssessmentRelationship{} -} - -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSpdxId() string { - return o.SpdxId -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetComment() string { - return o.Comment -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetComment(v string) { - o.Comment = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetDescription() string { - return o.Description -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetDescription(v string) { - o.Description = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExtensions() []IExtension { - return o.Extensions -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetName() string { - return o.Name -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetName(v string) { - o.Name = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSummary() string { - return o.Summary -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSummary(v string) { - o.Summary = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { - return o.Completeness -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { - o.Completeness = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetEndTime() string { - return o.EndTime -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetEndTime(v string) { - o.EndTime = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetFrom() IElement { - return o.From -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetFrom(v IElement) { - o.From = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetRelationshipType() RelationshipType { - return o.RelationshipType -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetRelationshipType(v RelationshipType) { - o.RelationshipType = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetStartTime() string { - return o.StartTime -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetStartTime(v string) { - o.StartTime = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetTo() []IElement { - return o.To -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetTo(v ...IElement) { - o.To = v -} - -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetAssessedElement() IElement { - return o.AssessedElement -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetAssessedElement(v IElement) { - o.AssessedElement = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetModifiedTime() string { - return o.ModifiedTime -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetModifiedTime(v string) { - o.ModifiedTime = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetPublishedTime() string { - return o.PublishedTime -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetPublishedTime(v string) { - o.PublishedTime = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetWithdrawnTime() string { - return o.WithdrawnTime -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetWithdrawnTime(v string) { - o.WithdrawnTime = v -} - -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetStatusNotes() string { - return o.StatusNotes -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetStatusNotes(v string) { - o.StatusNotes = v -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) GetVexVersion() string { - return o.VexVersion -} -func (o *VexUnderInvestigationVulnAssessmentRelationship) SetVexVersion(v string) { - o.VexVersion = v -} - -type IFile interface { - ISoftwareArtifact - - // GetContentType provides information about the content type of an Element. - GetContentType() string - - SetContentType(string) - - // GetFileKind describes if a given file is a directory or non-directory kind of file. - GetFileKind() FileKindType - - SetFileKind(FileKindType) -} - -type File struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/File" iri-compact:"software_File" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` - - // AdditionalPurpose provides additional purpose information of the software artifact. - AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // AttributionText provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` - // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` - // CopyrightText identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // PrimaryPurpose provides information about the primary purpose of the software artifact. - PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` - - // ContentType provides information about the content type of an Element. - ContentType string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentType" iri-compact:"software_contentType"` - // FileKind describes if a given file is a directory or non-directory kind of file. - FileKind FileKindType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/fileKind" iri-compact:"software_fileKind"` -} - -func NewFile() IFile { - return &File{} -} - -func (o *File) GetSpdxId() string { - return o.SpdxId -} -func (o *File) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *File) GetComment() string { - return o.Comment -} -func (o *File) SetComment(v string) { - o.Comment = v -} -func (o *File) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *File) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *File) GetDescription() string { - return o.Description -} -func (o *File) SetDescription(v string) { - o.Description = v -} -func (o *File) GetExtensions() []IExtension { - return o.Extensions -} -func (o *File) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *File) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *File) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *File) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *File) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *File) GetName() string { - return o.Name -} -func (o *File) SetName(v string) { - o.Name = v -} -func (o *File) GetSummary() string { - return o.Summary -} -func (o *File) SetSummary(v string) { - o.Summary = v -} -func (o *File) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *File) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *File) GetBuiltTime() string { - return o.BuiltTime -} -func (o *File) SetBuiltTime(v string) { - o.BuiltTime = v -} -func (o *File) GetOriginatedBy() []IAgent { - return o.OriginatedBy -} -func (o *File) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v -} -func (o *File) GetReleaseTime() string { - return o.ReleaseTime -} -func (o *File) SetReleaseTime(v string) { - o.ReleaseTime = v -} -func (o *File) GetStandardName() []string { - return o.StandardName -} -func (o *File) SetStandardName(v ...string) { - o.StandardName = v -} -func (o *File) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *File) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *File) GetSupportLevel() []SupportType { - return o.SupportLevel -} -func (o *File) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v -} -func (o *File) GetValidUntilTime() string { - return o.ValidUntilTime -} -func (o *File) SetValidUntilTime(v string) { - o.ValidUntilTime = v -} - -func (o *File) GetAdditionalPurpose() []SoftwarePurpose { - return o.AdditionalPurpose -} -func (o *File) SetAdditionalPurpose(v ...SoftwarePurpose) { - o.AdditionalPurpose = v -} -func (o *File) GetAttributionText() []string { - return o.AttributionText -} -func (o *File) SetAttributionText(v ...string) { - o.AttributionText = v -} -func (o *File) GetContentIdentifier() []IContentIdentifier { - return o.ContentIdentifier -} -func (o *File) SetContentIdentifier(v ...IContentIdentifier) { - o.ContentIdentifier = v -} -func (o *File) GetCopyrightText() string { - return o.CopyrightText -} -func (o *File) SetCopyrightText(v string) { - o.CopyrightText = v -} -func (o *File) GetPrimaryPurpose() SoftwarePurpose { - return o.PrimaryPurpose -} -func (o *File) SetPrimaryPurpose(v SoftwarePurpose) { - o.PrimaryPurpose = v -} - -func (o *File) GetContentType() string { - return o.ContentType -} -func (o *File) SetContentType(v string) { - o.ContentType = v -} -func (o *File) GetFileKind() FileKindType { - return o.FileKind -} -func (o *File) SetFileKind(v FileKindType) { - o.FileKind = v -} - -type IPackage interface { - ISoftwareArtifact - - // GetDownloadLocation identifies the download Uniform Resource Identifier for the package at the time - // that the document was created. - GetDownloadLocation() string - - SetDownloadLocation(string) - - // GetHomePage a place for the SPDX document creator to record a website that serves as the - // package's home page. - GetHomePage() string - - SetHomePage(string) - - // GetPackageUrl provides a place for the SPDX data creator to record the package URL string - // (in accordance with the - // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) - // for a software Package. - GetPackageUrl() string - - SetPackageUrl(string) - - // GetPackageVersion identify the version of a package. - GetPackageVersion() string - - SetPackageVersion(string) - - // GetSourceInfo records any relevant background information or additional comments - // about the origin of the package. - GetSourceInfo() string - - SetSourceInfo(string) -} - -type Package struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/Package" iri-compact:"software_Package" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` - - // AdditionalPurpose provides additional purpose information of the software artifact. - AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // AttributionText provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` - // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` - // CopyrightText identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // PrimaryPurpose provides information about the primary purpose of the software artifact. - PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` - - // DownloadLocation identifies the download Uniform Resource Identifier for the package at the time - // that the document was created. - DownloadLocation string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` - // HomePage a place for the SPDX document creator to record a website that serves as the - // package's home page. - HomePage string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/homePage" iri-compact:"software_homePage"` - // PackageUrl provides a place for the SPDX data creator to record the package URL string - // (in accordance with the - // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) - // for a software Package. - PackageUrl string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageUrl" iri-compact:"software_packageUrl"` - // PackageVersion identify the version of a package. - PackageVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageVersion" iri-compact:"software_packageVersion"` - // SourceInfo records any relevant background information or additional comments - // about the origin of the package. - SourceInfo string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` -} - -func NewPackage() IPackage { - return &Package{} -} - -func (o *Package) GetSpdxId() string { - return o.SpdxId -} -func (o *Package) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Package) GetComment() string { - return o.Comment -} -func (o *Package) SetComment(v string) { - o.Comment = v -} -func (o *Package) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Package) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Package) GetDescription() string { - return o.Description -} -func (o *Package) SetDescription(v string) { - o.Description = v -} -func (o *Package) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Package) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Package) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Package) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *Package) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Package) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Package) GetName() string { - return o.Name -} -func (o *Package) SetName(v string) { - o.Name = v -} -func (o *Package) GetSummary() string { - return o.Summary -} -func (o *Package) SetSummary(v string) { - o.Summary = v -} -func (o *Package) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Package) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *Package) GetBuiltTime() string { - return o.BuiltTime -} -func (o *Package) SetBuiltTime(v string) { - o.BuiltTime = v -} -func (o *Package) GetOriginatedBy() []IAgent { - return o.OriginatedBy -} -func (o *Package) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v -} -func (o *Package) GetReleaseTime() string { - return o.ReleaseTime -} -func (o *Package) SetReleaseTime(v string) { - o.ReleaseTime = v -} -func (o *Package) GetStandardName() []string { - return o.StandardName -} -func (o *Package) SetStandardName(v ...string) { - o.StandardName = v -} -func (o *Package) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *Package) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *Package) GetSupportLevel() []SupportType { - return o.SupportLevel -} -func (o *Package) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v -} -func (o *Package) GetValidUntilTime() string { - return o.ValidUntilTime -} -func (o *Package) SetValidUntilTime(v string) { - o.ValidUntilTime = v -} - -func (o *Package) GetAdditionalPurpose() []SoftwarePurpose { - return o.AdditionalPurpose -} -func (o *Package) SetAdditionalPurpose(v ...SoftwarePurpose) { - o.AdditionalPurpose = v -} -func (o *Package) GetAttributionText() []string { - return o.AttributionText -} -func (o *Package) SetAttributionText(v ...string) { - o.AttributionText = v -} -func (o *Package) GetContentIdentifier() []IContentIdentifier { - return o.ContentIdentifier -} -func (o *Package) SetContentIdentifier(v ...IContentIdentifier) { - o.ContentIdentifier = v -} -func (o *Package) GetCopyrightText() string { - return o.CopyrightText -} -func (o *Package) SetCopyrightText(v string) { - o.CopyrightText = v -} -func (o *Package) GetPrimaryPurpose() SoftwarePurpose { - return o.PrimaryPurpose -} -func (o *Package) SetPrimaryPurpose(v SoftwarePurpose) { - o.PrimaryPurpose = v -} - -func (o *Package) GetDownloadLocation() string { - return o.DownloadLocation -} -func (o *Package) SetDownloadLocation(v string) { - o.DownloadLocation = v -} -func (o *Package) GetHomePage() string { - return o.HomePage -} -func (o *Package) SetHomePage(v string) { - o.HomePage = v -} -func (o *Package) GetPackageUrl() string { - return o.PackageUrl -} -func (o *Package) SetPackageUrl(v string) { - o.PackageUrl = v -} -func (o *Package) GetPackageVersion() string { - return o.PackageVersion -} -func (o *Package) SetPackageVersion(v string) { - o.PackageVersion = v -} -func (o *Package) GetSourceInfo() string { - return o.SourceInfo -} -func (o *Package) SetSourceInfo(v string) { - o.SourceInfo = v -} - -type ISbom interface { - IBom - - // GetSbomType provides information about the type of an SBOM. - GetSbomType() []SbomType - - SetSbomType(...SbomType) -} - -type Sbom struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/Sbom" iri-compact:"software_Sbom" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // Elements refers to one or more Elements that are part of an ElementCollection. - Elements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/element" iri-compact:"element"` - // ProfileConformance describes one a profile which the creator of this ElementCollection intends to - // conform to. - ProfileConformance []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/profileConformance" iri-compact:"profileConformance"` - // RootElements this property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements []IElement `iri:"https://spdx.org/rdf/3.0.0/terms/Core/rootElement" iri-compact:"rootElement"` - - // Context gives information about the circumstances or unifying properties - // that Elements of the bundle have been assembled under. - Context string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/context" iri-compact:"context"` - - // SbomType provides information about the type of an SBOM. - SbomType []SbomType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sbomType" iri-compact:"software_sbomType"` -} - -func NewSbom() ISbom { - return &Sbom{} -} - -func (o *Sbom) GetSpdxId() string { - return o.SpdxId -} -func (o *Sbom) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Sbom) GetComment() string { - return o.Comment -} -func (o *Sbom) SetComment(v string) { - o.Comment = v -} -func (o *Sbom) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Sbom) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Sbom) GetDescription() string { - return o.Description -} -func (o *Sbom) SetDescription(v string) { - o.Description = v -} -func (o *Sbom) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Sbom) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Sbom) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Sbom) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *Sbom) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Sbom) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Sbom) GetName() string { - return o.Name -} -func (o *Sbom) SetName(v string) { - o.Name = v -} -func (o *Sbom) GetSummary() string { - return o.Summary -} -func (o *Sbom) SetSummary(v string) { - o.Summary = v -} -func (o *Sbom) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Sbom) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *Sbom) GetElements() []IElement { - return o.Elements -} -func (o *Sbom) SetElements(v ...IElement) { - o.Elements = v -} -func (o *Sbom) GetProfileConformance() []ProfileIdentifierType { - return o.ProfileConformance -} -func (o *Sbom) SetProfileConformance(v ...ProfileIdentifierType) { - o.ProfileConformance = v -} -func (o *Sbom) GetRootElements() []IElement { - return o.RootElements -} -func (o *Sbom) SetRootElements(v ...IElement) { - o.RootElements = v -} - -func (o *Sbom) GetContext() string { - return o.Context -} -func (o *Sbom) SetContext(v string) { - o.Context = v -} - -func (o *Sbom) GetSbomType() []SbomType { - return o.SbomType -} -func (o *Sbom) SetSbomType(v ...SbomType) { - o.SbomType = v -} - -type ISnippet interface { - ISoftwareArtifact - - // GetByteRange defines the byte range in the original host file that the snippet information - // applies to. - GetByteRange() IPositiveIntegerRange - - SetByteRange(IPositiveIntegerRange) - - // GetLineRange defines the line range in the original host file that the snippet information - // applies to. - GetLineRange() IPositiveIntegerRange - - SetLineRange(IPositiveIntegerRange) - - // GetSnippetFromFile defines the original host file that the snippet information applies to. - GetSnippetFromFile() IFile - - SetSnippetFromFile(IFile) -} - -type Snippet struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Software/Snippet" iri-compact:"software_Snippet" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` - - // AdditionalPurpose provides additional purpose information of the software artifact. - AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // AttributionText provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` - // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` - // CopyrightText identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // PrimaryPurpose provides information about the primary purpose of the software artifact. - PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` - - // ByteRange defines the byte range in the original host file that the snippet information - // applies to. - ByteRange IPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.0/terms/Software/byteRange" iri-compact:"software_byteRange"` - // LineRange defines the line range in the original host file that the snippet information - // applies to. - LineRange IPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.0/terms/Software/lineRange" iri-compact:"software_lineRange"` - // SnippetFromFile defines the original host file that the snippet information applies to. - SnippetFromFile IFile `iri:"https://spdx.org/rdf/3.0.0/terms/Software/snippetFromFile" iri-compact:"software_snippetFromFile"` -} - -func NewSnippet() ISnippet { - return &Snippet{} -} - -func (o *Snippet) GetSpdxId() string { - return o.SpdxId -} -func (o *Snippet) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *Snippet) GetComment() string { - return o.Comment -} -func (o *Snippet) SetComment(v string) { - o.Comment = v -} -func (o *Snippet) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *Snippet) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *Snippet) GetDescription() string { - return o.Description -} -func (o *Snippet) SetDescription(v string) { - o.Description = v -} -func (o *Snippet) GetExtensions() []IExtension { - return o.Extensions -} -func (o *Snippet) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *Snippet) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *Snippet) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *Snippet) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *Snippet) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *Snippet) GetName() string { - return o.Name -} -func (o *Snippet) SetName(v string) { - o.Name = v -} -func (o *Snippet) GetSummary() string { - return o.Summary -} -func (o *Snippet) SetSummary(v string) { - o.Summary = v -} -func (o *Snippet) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *Snippet) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *Snippet) GetBuiltTime() string { - return o.BuiltTime -} -func (o *Snippet) SetBuiltTime(v string) { - o.BuiltTime = v -} -func (o *Snippet) GetOriginatedBy() []IAgent { - return o.OriginatedBy -} -func (o *Snippet) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v -} -func (o *Snippet) GetReleaseTime() string { - return o.ReleaseTime -} -func (o *Snippet) SetReleaseTime(v string) { - o.ReleaseTime = v -} -func (o *Snippet) GetStandardName() []string { - return o.StandardName -} -func (o *Snippet) SetStandardName(v ...string) { - o.StandardName = v -} -func (o *Snippet) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *Snippet) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *Snippet) GetSupportLevel() []SupportType { - return o.SupportLevel -} -func (o *Snippet) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v -} -func (o *Snippet) GetValidUntilTime() string { - return o.ValidUntilTime -} -func (o *Snippet) SetValidUntilTime(v string) { - o.ValidUntilTime = v -} - -func (o *Snippet) GetAdditionalPurpose() []SoftwarePurpose { - return o.AdditionalPurpose -} -func (o *Snippet) SetAdditionalPurpose(v ...SoftwarePurpose) { - o.AdditionalPurpose = v -} -func (o *Snippet) GetAttributionText() []string { - return o.AttributionText -} -func (o *Snippet) SetAttributionText(v ...string) { - o.AttributionText = v -} -func (o *Snippet) GetContentIdentifier() []IContentIdentifier { - return o.ContentIdentifier -} -func (o *Snippet) SetContentIdentifier(v ...IContentIdentifier) { - o.ContentIdentifier = v -} -func (o *Snippet) GetCopyrightText() string { - return o.CopyrightText -} -func (o *Snippet) SetCopyrightText(v string) { - o.CopyrightText = v -} -func (o *Snippet) GetPrimaryPurpose() SoftwarePurpose { - return o.PrimaryPurpose -} -func (o *Snippet) SetPrimaryPurpose(v SoftwarePurpose) { - o.PrimaryPurpose = v -} - -func (o *Snippet) GetByteRange() IPositiveIntegerRange { - return o.ByteRange -} -func (o *Snippet) SetByteRange(v IPositiveIntegerRange) { - o.ByteRange = v -} -func (o *Snippet) GetLineRange() IPositiveIntegerRange { - return o.LineRange -} -func (o *Snippet) SetLineRange(v IPositiveIntegerRange) { - o.LineRange = v -} -func (o *Snippet) GetSnippetFromFile() IFile { - return o.SnippetFromFile -} -func (o *Snippet) SetSnippetFromFile(v IFile) { - o.SnippetFromFile = v -} - -type IAIPackage interface { - IPackage - - // GetAutonomyType states if a human is involved in the decisions of the AI software. - GetAutonomyType() PresenceType - - SetAutonomyType(PresenceType) - - // GetDomain captures the domain in which the AI package can be used. - GetDomain() []string - - SetDomain(...string) - - // GetEnergyConsumption indicates the amount of energy consumed to train the AI model. - GetEnergyConsumption() IEnergyConsumption - - SetEnergyConsumption(IEnergyConsumption) - - // GetHyperparameter records a hyperparameter used to build the AI model contained in the AI - // package. - GetHyperparameter() []IDictionaryEntry - - SetHyperparameter(...IDictionaryEntry) - - // GetInformationAboutApplication provides relevant information about the AI software, not including the model - // description. - GetInformationAboutApplication() string - - SetInformationAboutApplication(string) - - // GetInformationAboutTraining describes relevant information about different steps of the training process. - GetInformationAboutTraining() string - - SetInformationAboutTraining(string) - - // GetLimitation captures a limitation of the AI software. - GetLimitation() string - - SetLimitation(string) - - // GetMetric records the measurement of prediction quality of the AI model. - GetMetric() []IDictionaryEntry - - SetMetric(...IDictionaryEntry) - - // GetMetricDecisionThreshold captures the threshold that was used for computation of a metric described in - // the metric field. - GetMetricDecisionThreshold() []IDictionaryEntry - - SetMetricDecisionThreshold(...IDictionaryEntry) - - // GetModelDataPreprocessing describes all the preprocessing steps applied to the training data before the - // model training. - GetModelDataPreprocessing() []string - - SetModelDataPreprocessing(...string) - - // GetModelExplainability describes methods that can be used to explain the model. - GetModelExplainability() []string - - SetModelExplainability(...string) - - // GetSafetyRiskAssessment records the results of general safety risk assessment of the AI system. - GetSafetyRiskAssessment() SafetyRiskAssessmentType - - SetSafetyRiskAssessment(SafetyRiskAssessmentType) - - // GetStandardCompliance captures a standard that is being complied with. - GetStandardCompliance() []string - - SetStandardCompliance(...string) - - // GetTypeOfModel records the type of the model used in the AI software. - GetTypeOfModel() []string - - SetTypeOfModel(...string) - - // GetUseSensitivePersonalInformation records if sensitive personal information is used during model training or - // could be used during the inference. - GetUseSensitivePersonalInformation() PresenceType - - SetUseSensitivePersonalInformation(PresenceType) -} - -type AIPackage struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/AIPackage" iri-compact:"ai_AIPackage" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` - - // AdditionalPurpose provides additional purpose information of the software artifact. - AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // AttributionText provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` - // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` - // CopyrightText identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // PrimaryPurpose provides information about the primary purpose of the software artifact. - PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` - - // DownloadLocation identifies the download Uniform Resource Identifier for the package at the time - // that the document was created. - DownloadLocation string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` - // HomePage a place for the SPDX document creator to record a website that serves as the - // package's home page. - HomePage string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/homePage" iri-compact:"software_homePage"` - // PackageUrl provides a place for the SPDX data creator to record the package URL string - // (in accordance with the - // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) - // for a software Package. - PackageUrl string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageUrl" iri-compact:"software_packageUrl"` - // PackageVersion identify the version of a package. - PackageVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageVersion" iri-compact:"software_packageVersion"` - // SourceInfo records any relevant background information or additional comments - // about the origin of the package. - SourceInfo string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` - - // AutonomyType states if a human is involved in the decisions of the AI software. - AutonomyType PresenceType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/autonomyType" iri-compact:"ai_autonomyType"` - // Domain captures the domain in which the AI package can be used. - Domain []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/domain" iri-compact:"ai_domain"` - // EnergyConsumption indicates the amount of energy consumed to train the AI model. - EnergyConsumption IEnergyConsumption `iri:"https://spdx.org/rdf/3.0.0/terms/AI/energyConsumption" iri-compact:"ai_energyConsumption"` - // Hyperparameter records a hyperparameter used to build the AI model contained in the AI - // package. - Hyperparameter []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/AI/hyperparameter" iri-compact:"ai_hyperparameter"` - // InformationAboutApplication provides relevant information about the AI software, not including the model - // description. - InformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/informationAboutApplication" iri-compact:"ai_informationAboutApplication"` - // InformationAboutTraining describes relevant information about different steps of the training process. - InformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/informationAboutTraining" iri-compact:"ai_informationAboutTraining"` - // Limitation captures a limitation of the AI software. - Limitation string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/limitation" iri-compact:"ai_limitation"` - // Metric records the measurement of prediction quality of the AI model. - Metric []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/AI/metric" iri-compact:"ai_metric"` - // MetricDecisionThreshold captures the threshold that was used for computation of a metric described in - // the metric field. - MetricDecisionThreshold []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/AI/metricDecisionThreshold" iri-compact:"ai_metricDecisionThreshold"` - // ModelDataPreprocessing describes all the preprocessing steps applied to the training data before the - // model training. - ModelDataPreprocessing []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/modelDataPreprocessing" iri-compact:"ai_modelDataPreprocessing"` - // ModelExplainability describes methods that can be used to explain the model. - ModelExplainability []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/modelExplainability" iri-compact:"ai_modelExplainability"` - // SafetyRiskAssessment records the results of general safety risk assessment of the AI system. - SafetyRiskAssessment SafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/safetyRiskAssessment" iri-compact:"ai_safetyRiskAssessment"` - // StandardCompliance captures a standard that is being complied with. - StandardCompliance []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/standardCompliance" iri-compact:"ai_standardCompliance"` - // TypeOfModel records the type of the model used in the AI software. - TypeOfModel []string `iri:"https://spdx.org/rdf/3.0.0/terms/AI/typeOfModel" iri-compact:"ai_typeOfModel"` - // UseSensitivePersonalInformation records if sensitive personal information is used during model training or - // could be used during the inference. - UseSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.0/terms/AI/useSensitivePersonalInformation" iri-compact:"ai_useSensitivePersonalInformation"` -} - -func NewAIPackage() IAIPackage { - return &AIPackage{} -} - -func (o *AIPackage) GetSpdxId() string { - return o.SpdxId -} -func (o *AIPackage) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *AIPackage) GetComment() string { - return o.Comment -} -func (o *AIPackage) SetComment(v string) { - o.Comment = v -} -func (o *AIPackage) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *AIPackage) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *AIPackage) GetDescription() string { - return o.Description -} -func (o *AIPackage) SetDescription(v string) { - o.Description = v -} -func (o *AIPackage) GetExtensions() []IExtension { - return o.Extensions -} -func (o *AIPackage) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *AIPackage) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *AIPackage) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *AIPackage) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *AIPackage) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *AIPackage) GetName() string { - return o.Name -} -func (o *AIPackage) SetName(v string) { - o.Name = v -} -func (o *AIPackage) GetSummary() string { - return o.Summary -} -func (o *AIPackage) SetSummary(v string) { - o.Summary = v -} -func (o *AIPackage) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *AIPackage) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *AIPackage) GetBuiltTime() string { - return o.BuiltTime -} -func (o *AIPackage) SetBuiltTime(v string) { - o.BuiltTime = v -} -func (o *AIPackage) GetOriginatedBy() []IAgent { - return o.OriginatedBy -} -func (o *AIPackage) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v -} -func (o *AIPackage) GetReleaseTime() string { - return o.ReleaseTime -} -func (o *AIPackage) SetReleaseTime(v string) { - o.ReleaseTime = v -} -func (o *AIPackage) GetStandardName() []string { - return o.StandardName -} -func (o *AIPackage) SetStandardName(v ...string) { - o.StandardName = v -} -func (o *AIPackage) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *AIPackage) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *AIPackage) GetSupportLevel() []SupportType { - return o.SupportLevel -} -func (o *AIPackage) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v -} -func (o *AIPackage) GetValidUntilTime() string { - return o.ValidUntilTime -} -func (o *AIPackage) SetValidUntilTime(v string) { - o.ValidUntilTime = v -} - -func (o *AIPackage) GetAdditionalPurpose() []SoftwarePurpose { - return o.AdditionalPurpose -} -func (o *AIPackage) SetAdditionalPurpose(v ...SoftwarePurpose) { - o.AdditionalPurpose = v -} -func (o *AIPackage) GetAttributionText() []string { - return o.AttributionText -} -func (o *AIPackage) SetAttributionText(v ...string) { - o.AttributionText = v -} -func (o *AIPackage) GetContentIdentifier() []IContentIdentifier { - return o.ContentIdentifier -} -func (o *AIPackage) SetContentIdentifier(v ...IContentIdentifier) { - o.ContentIdentifier = v -} -func (o *AIPackage) GetCopyrightText() string { - return o.CopyrightText -} -func (o *AIPackage) SetCopyrightText(v string) { - o.CopyrightText = v -} -func (o *AIPackage) GetPrimaryPurpose() SoftwarePurpose { - return o.PrimaryPurpose -} -func (o *AIPackage) SetPrimaryPurpose(v SoftwarePurpose) { - o.PrimaryPurpose = v -} - -func (o *AIPackage) GetDownloadLocation() string { - return o.DownloadLocation -} -func (o *AIPackage) SetDownloadLocation(v string) { - o.DownloadLocation = v -} -func (o *AIPackage) GetHomePage() string { - return o.HomePage -} -func (o *AIPackage) SetHomePage(v string) { - o.HomePage = v -} -func (o *AIPackage) GetPackageUrl() string { - return o.PackageUrl -} -func (o *AIPackage) SetPackageUrl(v string) { - o.PackageUrl = v -} -func (o *AIPackage) GetPackageVersion() string { - return o.PackageVersion -} -func (o *AIPackage) SetPackageVersion(v string) { - o.PackageVersion = v -} -func (o *AIPackage) GetSourceInfo() string { - return o.SourceInfo -} -func (o *AIPackage) SetSourceInfo(v string) { - o.SourceInfo = v -} - -func (o *AIPackage) GetAutonomyType() PresenceType { - return o.AutonomyType -} -func (o *AIPackage) SetAutonomyType(v PresenceType) { - o.AutonomyType = v -} -func (o *AIPackage) GetDomain() []string { - return o.Domain -} -func (o *AIPackage) SetDomain(v ...string) { - o.Domain = v -} -func (o *AIPackage) GetEnergyConsumption() IEnergyConsumption { - return o.EnergyConsumption -} -func (o *AIPackage) SetEnergyConsumption(v IEnergyConsumption) { - o.EnergyConsumption = v -} -func (o *AIPackage) GetHyperparameter() []IDictionaryEntry { - return o.Hyperparameter -} -func (o *AIPackage) SetHyperparameter(v ...IDictionaryEntry) { - o.Hyperparameter = v -} -func (o *AIPackage) GetInformationAboutApplication() string { - return o.InformationAboutApplication -} -func (o *AIPackage) SetInformationAboutApplication(v string) { - o.InformationAboutApplication = v -} -func (o *AIPackage) GetInformationAboutTraining() string { - return o.InformationAboutTraining -} -func (o *AIPackage) SetInformationAboutTraining(v string) { - o.InformationAboutTraining = v -} -func (o *AIPackage) GetLimitation() string { - return o.Limitation -} -func (o *AIPackage) SetLimitation(v string) { - o.Limitation = v -} -func (o *AIPackage) GetMetric() []IDictionaryEntry { - return o.Metric -} -func (o *AIPackage) SetMetric(v ...IDictionaryEntry) { - o.Metric = v -} -func (o *AIPackage) GetMetricDecisionThreshold() []IDictionaryEntry { - return o.MetricDecisionThreshold -} -func (o *AIPackage) SetMetricDecisionThreshold(v ...IDictionaryEntry) { - o.MetricDecisionThreshold = v -} -func (o *AIPackage) GetModelDataPreprocessing() []string { - return o.ModelDataPreprocessing -} -func (o *AIPackage) SetModelDataPreprocessing(v ...string) { - o.ModelDataPreprocessing = v -} -func (o *AIPackage) GetModelExplainability() []string { - return o.ModelExplainability -} -func (o *AIPackage) SetModelExplainability(v ...string) { - o.ModelExplainability = v -} -func (o *AIPackage) GetSafetyRiskAssessment() SafetyRiskAssessmentType { - return o.SafetyRiskAssessment -} -func (o *AIPackage) SetSafetyRiskAssessment(v SafetyRiskAssessmentType) { - o.SafetyRiskAssessment = v -} -func (o *AIPackage) GetStandardCompliance() []string { - return o.StandardCompliance -} -func (o *AIPackage) SetStandardCompliance(v ...string) { - o.StandardCompliance = v -} -func (o *AIPackage) GetTypeOfModel() []string { - return o.TypeOfModel -} -func (o *AIPackage) SetTypeOfModel(v ...string) { - o.TypeOfModel = v -} -func (o *AIPackage) GetUseSensitivePersonalInformation() PresenceType { - return o.UseSensitivePersonalInformation -} -func (o *AIPackage) SetUseSensitivePersonalInformation(v PresenceType) { - o.UseSensitivePersonalInformation = v -} - -type IDatasetPackage interface { - IPackage - - // GetAnonymizationMethodUsed describes the anonymization methods used. - GetAnonymizationMethodUsed() []string - - SetAnonymizationMethodUsed(...string) - - // GetConfidentialityLevel describes the confidentiality level of the data points contained in the dataset. - GetConfidentialityLevel() ConfidentialityLevelType - - SetConfidentialityLevel(ConfidentialityLevelType) - - // GetDataCollectionProcess describes how the dataset was collected. - GetDataCollectionProcess() string - - SetDataCollectionProcess(string) - - // GetDataPreprocessing describes the preprocessing steps that were applied to the raw data to create the given dataset. - GetDataPreprocessing() []string - - SetDataPreprocessing(...string) - - // GetDatasetAvailability the field describes the availability of a dataset. - GetDatasetAvailability() DatasetAvailabilityType - - SetDatasetAvailability(DatasetAvailabilityType) - - // GetDatasetNoise describes potentially noisy elements of the dataset. - GetDatasetNoise() string - - SetDatasetNoise(string) - - // GetDatasetSize captures the size of the dataset. - GetDatasetSize() uint - - SetDatasetSize(uint) - - // GetDatasetType describes the type of the given dataset. - GetDatasetType() []DatasetType - - SetDatasetType(...DatasetType) - - // GetDatasetUpdateMechanism describes a mechanism to update the dataset. - GetDatasetUpdateMechanism() string - - SetDatasetUpdateMechanism(string) - - // GetHasSensitivePersonalInformation describes if any sensitive personal information is present in the dataset. - GetHasSensitivePersonalInformation() PresenceType - - SetHasSensitivePersonalInformation(PresenceType) - - // GetIntendedUse describes what the given dataset should be used for. - GetIntendedUse() string - - SetIntendedUse(string) - - // GetKnownBias records the biases that the dataset is known to encompass. - GetKnownBias() []string - - SetKnownBias(...string) - - // GetSensor describes a sensor used for collecting the data. - GetSensor() []IDictionaryEntry - - SetSensor(...IDictionaryEntry) -} - -type DatasetPackage struct { - _ ldType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetPackage" iri-compact:"dataset_DatasetPackage" id-prop:"spdxId"` - - // SpdxId identifier property - SpdxId string `iri:"@id" iri-compact:"spdxId"` - // Comment provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/comment" iri-compact:"comment"` - // CreationInfo provides information about the creation of the Element. - CreationInfo ICreationInfo `iri:"https://spdx.org/rdf/3.0.0/terms/Core/creationInfo" iri-compact:"creationInfo"` - // Description provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/description" iri-compact:"description"` - // Extensions specifies an Extension characterization of some aspect of an Element. - Extensions []IExtension `iri:"https://spdx.org/rdf/3.0.0/terms/Core/extension" iri-compact:"extension"` - // ExternalIdentifiers provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers []IExternalIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` - // ExternalRefs points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs []IExternalRef `iri:"https://spdx.org/rdf/3.0.0/terms/Core/externalRef" iri-compact:"externalRef"` - // Name identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/name" iri-compact:"name"` - // Summary a short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/summary" iri-compact:"summary"` - // VerifiedUsing provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsing []IIntegrityMethod `iri:"https://spdx.org/rdf/3.0.0/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` - - // BuiltTime specifies the time an artifact was built. - BuiltTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/builtTime" iri-compact:"builtTime"` - // OriginatedBy identifies from where or whom the Element originally came. - OriginatedBy []IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/originatedBy" iri-compact:"originatedBy"` - // ReleaseTime specifies the time an artifact was released. - ReleaseTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/releaseTime" iri-compact:"releaseTime"` - // StandardName the name of a relevant standard that may apply to an artifact. - StandardName []string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/standardName" iri-compact:"standardName"` - // SuppliedBy identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy IAgent `iri:"https://spdx.org/rdf/3.0.0/terms/Core/suppliedBy" iri-compact:"suppliedBy"` - // SupportLevel specifies the level of support associated with an artifact. - SupportLevel []SupportType `iri:"https://spdx.org/rdf/3.0.0/terms/Core/supportLevel" iri-compact:"supportLevel"` - // ValidUntilTime specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime string `iri:"https://spdx.org/rdf/3.0.0/terms/Core/validUntilTime" iri-compact:"validUntilTime"` - - // AdditionalPurpose provides additional purpose information of the software artifact. - AdditionalPurpose []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // AttributionText provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - AttributionText []string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/attributionText" iri-compact:"software_attributionText"` - // ContentIdentifier a canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - ContentIdentifier []IContentIdentifier `iri:"https://spdx.org/rdf/3.0.0/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` - // CopyrightText identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - CopyrightText string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // PrimaryPurpose provides information about the primary purpose of the software artifact. - PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.0/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` - - // DownloadLocation identifies the download Uniform Resource Identifier for the package at the time - // that the document was created. - DownloadLocation string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` - // HomePage a place for the SPDX document creator to record a website that serves as the - // package's home page. - HomePage string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/homePage" iri-compact:"software_homePage"` - // PackageUrl provides a place for the SPDX data creator to record the package URL string - // (in accordance with the - // [package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) - // for a software Package. - PackageUrl string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageUrl" iri-compact:"software_packageUrl"` - // PackageVersion identify the version of a package. - PackageVersion string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/packageVersion" iri-compact:"software_packageVersion"` - // SourceInfo records any relevant background information or additional comments - // about the origin of the package. - SourceInfo string `iri:"https://spdx.org/rdf/3.0.0/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` - - // AnonymizationMethodUsed describes the anonymization methods used. - AnonymizationMethodUsed []string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/anonymizationMethodUsed" iri-compact:"dataset_anonymizationMethodUsed"` - // ConfidentialityLevel describes the confidentiality level of the data points contained in the dataset. - ConfidentialityLevel ConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/confidentialityLevel" iri-compact:"dataset_confidentialityLevel"` - // DataCollectionProcess describes how the dataset was collected. - DataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/dataCollectionProcess" iri-compact:"dataset_dataCollectionProcess"` - // DataPreprocessing describes the preprocessing steps that were applied to the raw data to create the given dataset. - DataPreprocessing []string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/dataPreprocessing" iri-compact:"dataset_dataPreprocessing"` - // DatasetAvailability the field describes the availability of a dataset. - DatasetAvailability DatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetAvailability" iri-compact:"dataset_datasetAvailability"` - // DatasetNoise describes potentially noisy elements of the dataset. - DatasetNoise string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetNoise" iri-compact:"dataset_datasetNoise"` - // DatasetSize captures the size of the dataset. - DatasetSize uint `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetSize" iri-compact:"dataset_datasetSize"` - // DatasetType describes the type of the given dataset. - DatasetType []DatasetType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetType" iri-compact:"dataset_datasetType"` - // DatasetUpdateMechanism describes a mechanism to update the dataset. - DatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/datasetUpdateMechanism" iri-compact:"dataset_datasetUpdateMechanism"` - // HasSensitivePersonalInformation describes if any sensitive personal information is present in the dataset. - HasSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/hasSensitivePersonalInformation" iri-compact:"dataset_hasSensitivePersonalInformation"` - // IntendedUse describes what the given dataset should be used for. - IntendedUse string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/intendedUse" iri-compact:"dataset_intendedUse"` - // KnownBias records the biases that the dataset is known to encompass. - KnownBias []string `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/knownBias" iri-compact:"dataset_knownBias"` - // Sensor describes a sensor used for collecting the data. - Sensor []IDictionaryEntry `iri:"https://spdx.org/rdf/3.0.0/terms/Dataset/sensor" iri-compact:"dataset_sensor"` -} - -func NewDatasetPackage() IDatasetPackage { - return &DatasetPackage{} -} - -func (o *DatasetPackage) GetSpdxId() string { - return o.SpdxId -} -func (o *DatasetPackage) SetSpdxId(v string) { - o.SpdxId = v -} -func (o *DatasetPackage) GetComment() string { - return o.Comment -} -func (o *DatasetPackage) SetComment(v string) { - o.Comment = v -} -func (o *DatasetPackage) GetCreationInfo() ICreationInfo { - return o.CreationInfo -} -func (o *DatasetPackage) SetCreationInfo(v ICreationInfo) { - o.CreationInfo = v -} -func (o *DatasetPackage) GetDescription() string { - return o.Description -} -func (o *DatasetPackage) SetDescription(v string) { - o.Description = v -} -func (o *DatasetPackage) GetExtensions() []IExtension { - return o.Extensions -} -func (o *DatasetPackage) SetExtensions(v ...IExtension) { - o.Extensions = v -} -func (o *DatasetPackage) GetExternalIdentifiers() []IExternalIdentifier { - return o.ExternalIdentifiers -} -func (o *DatasetPackage) SetExternalIdentifiers(v ...IExternalIdentifier) { - o.ExternalIdentifiers = v -} -func (o *DatasetPackage) GetExternalRefs() []IExternalRef { - return o.ExternalRefs -} -func (o *DatasetPackage) SetExternalRefs(v ...IExternalRef) { - o.ExternalRefs = v -} -func (o *DatasetPackage) GetName() string { - return o.Name -} -func (o *DatasetPackage) SetName(v string) { - o.Name = v -} -func (o *DatasetPackage) GetSummary() string { - return o.Summary -} -func (o *DatasetPackage) SetSummary(v string) { - o.Summary = v -} -func (o *DatasetPackage) GetVerifiedUsing() []IIntegrityMethod { - return o.VerifiedUsing -} -func (o *DatasetPackage) SetVerifiedUsing(v ...IIntegrityMethod) { - o.VerifiedUsing = v -} - -func (o *DatasetPackage) GetBuiltTime() string { - return o.BuiltTime -} -func (o *DatasetPackage) SetBuiltTime(v string) { - o.BuiltTime = v -} -func (o *DatasetPackage) GetOriginatedBy() []IAgent { - return o.OriginatedBy -} -func (o *DatasetPackage) SetOriginatedBy(v ...IAgent) { - o.OriginatedBy = v -} -func (o *DatasetPackage) GetReleaseTime() string { - return o.ReleaseTime -} -func (o *DatasetPackage) SetReleaseTime(v string) { - o.ReleaseTime = v -} -func (o *DatasetPackage) GetStandardName() []string { - return o.StandardName -} -func (o *DatasetPackage) SetStandardName(v ...string) { - o.StandardName = v -} -func (o *DatasetPackage) GetSuppliedBy() IAgent { - return o.SuppliedBy -} -func (o *DatasetPackage) SetSuppliedBy(v IAgent) { - o.SuppliedBy = v -} -func (o *DatasetPackage) GetSupportLevel() []SupportType { - return o.SupportLevel -} -func (o *DatasetPackage) SetSupportLevel(v ...SupportType) { - o.SupportLevel = v -} -func (o *DatasetPackage) GetValidUntilTime() string { - return o.ValidUntilTime -} -func (o *DatasetPackage) SetValidUntilTime(v string) { - o.ValidUntilTime = v -} - -func (o *DatasetPackage) GetAdditionalPurpose() []SoftwarePurpose { - return o.AdditionalPurpose -} -func (o *DatasetPackage) SetAdditionalPurpose(v ...SoftwarePurpose) { - o.AdditionalPurpose = v -} -func (o *DatasetPackage) GetAttributionText() []string { - return o.AttributionText -} -func (o *DatasetPackage) SetAttributionText(v ...string) { - o.AttributionText = v -} -func (o *DatasetPackage) GetContentIdentifier() []IContentIdentifier { - return o.ContentIdentifier -} -func (o *DatasetPackage) SetContentIdentifier(v ...IContentIdentifier) { - o.ContentIdentifier = v -} -func (o *DatasetPackage) GetCopyrightText() string { - return o.CopyrightText -} -func (o *DatasetPackage) SetCopyrightText(v string) { - o.CopyrightText = v -} -func (o *DatasetPackage) GetPrimaryPurpose() SoftwarePurpose { - return o.PrimaryPurpose -} -func (o *DatasetPackage) SetPrimaryPurpose(v SoftwarePurpose) { - o.PrimaryPurpose = v -} - -func (o *DatasetPackage) GetDownloadLocation() string { - return o.DownloadLocation -} -func (o *DatasetPackage) SetDownloadLocation(v string) { - o.DownloadLocation = v -} -func (o *DatasetPackage) GetHomePage() string { - return o.HomePage +func (o *ExternalIRI) asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship { + return nil } -func (o *DatasetPackage) SetHomePage(v string) { - o.HomePage = v +func (o *ExternalIRI) asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship { + return nil } -func (o *DatasetPackage) GetPackageUrl() string { - return o.PackageUrl +func (o *ExternalIRI) asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship { + return nil } -func (o *DatasetPackage) SetPackageUrl(v string) { - o.PackageUrl = v +func (o *ExternalIRI) asSecurityVulnerability() *SecurityVulnerability { return nil } +func (o *ExternalIRI) asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact { return nil } +func (o *ExternalIRI) asBom() *Bom { return nil } +func (o *ExternalIRI) asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense { return nil } +func (o *ExternalIRI) asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship { + return nil } -func (o *DatasetPackage) GetPackageVersion() string { - return o.PackageVersion +func (o *ExternalIRI) asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship { + return nil } -func (o *DatasetPackage) SetPackageVersion(v string) { - o.PackageVersion = v +func (o *ExternalIRI) asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship { + return nil } -func (o *DatasetPackage) GetSourceInfo() string { - return o.SourceInfo +func (o *ExternalIRI) asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship { + return nil } -func (o *DatasetPackage) SetSourceInfo(v string) { - o.SourceInfo = v +func (o *ExternalIRI) asSoftwareFile() *SoftwareFile { return nil } +func (o *ExternalIRI) asSoftwarePackage() *SoftwarePackage { return nil } +func (o *ExternalIRI) asSoftwareSbom() *SoftwareSbom { return nil } +func (o *ExternalIRI) asSoftwareSnippet() *SoftwareSnippet { return nil } +func (o *ExternalIRI) asAiAIPackage() *AiAIPackage { return nil } +func (o *ExternalIRI) asDatasetDatasetPackage() *DatasetDatasetPackage { return nil } + +func cast[T any](value any) *T { + var t T + switch any(t).(type) { + case AiEnergyConsumption: + if v, ok := any(castAiEnergyConsumption(value)).(*T); ok { + return v + } + case AiEnergyConsumptionDescription: + if v, ok := any(castAiEnergyConsumptionDescription(value)).(*T); ok { + return v + } + case CreationInfo: + if v, ok := any(castCreationInfo(value)).(*T); ok { + return v + } + case DictionaryEntry: + if v, ok := any(castDictionaryEntry(value)).(*T); ok { + return v + } + case Element: + if v, ok := any(castElement(value)).(*T); ok { + return v + } + case ElementCollection: + if v, ok := any(castElementCollection(value)).(*T); ok { + return v + } + case ExternalIdentifier: + if v, ok := any(castExternalIdentifier(value)).(*T); ok { + return v + } + case ExternalMap: + if v, ok := any(castExternalMap(value)).(*T); ok { + return v + } + case ExternalRef: + if v, ok := any(castExternalRef(value)).(*T); ok { + return v + } + case IndividualElement: + if v, ok := any(castIndividualElement(value)).(*T); ok { + return v + } + case IntegrityMethod: + if v, ok := any(castIntegrityMethod(value)).(*T); ok { + return v + } + case NamespaceMap: + if v, ok := any(castNamespaceMap(value)).(*T); ok { + return v + } + case PackageVerificationCode: + if v, ok := any(castPackageVerificationCode(value)).(*T); ok { + return v + } + case PositiveIntegerRange: + if v, ok := any(castPositiveIntegerRange(value)).(*T); ok { + return v + } + case Relationship: + if v, ok := any(castRelationship(value)).(*T); ok { + return v + } + case SpdxDocument: + if v, ok := any(castSpdxDocument(value)).(*T); ok { + return v + } + case Tool: + if v, ok := any(castTool(value)).(*T); ok { + return v + } + case ExpandedlicensingLicenseAddition: + if v, ok := any(castExpandedlicensingLicenseAddition(value)).(*T); ok { + return v + } + case ExpandedlicensingListedLicenseException: + if v, ok := any(castExpandedlicensingListedLicenseException(value)).(*T); ok { + return v + } + case ExtensionCdxPropertyEntry: + if v, ok := any(castExtensionCdxPropertyEntry(value)).(*T); ok { + return v + } + case ExtensionExtension: + if v, ok := any(castExtensionExtension(value)).(*T); ok { + return v + } + case SecurityVulnAssessmentRelationship: + if v, ok := any(castSecurityVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SimplelicensingAnyLicenseInfo: + if v, ok := any(castSimplelicensingAnyLicenseInfo(value)).(*T); ok { + return v + } + case SimplelicensingLicenseExpression: + if v, ok := any(castSimplelicensingLicenseExpression(value)).(*T); ok { + return v + } + case SimplelicensingSimpleLicensingText: + if v, ok := any(castSimplelicensingSimpleLicensingText(value)).(*T); ok { + return v + } + case SoftwareContentIdentifier: + if v, ok := any(castSoftwareContentIdentifier(value)).(*T); ok { + return v + } + case BuildBuild: + if v, ok := any(castBuildBuild(value)).(*T); ok { + return v + } + case Agent: + if v, ok := any(castAgent(value)).(*T); ok { + return v + } + case Annotation: + if v, ok := any(castAnnotation(value)).(*T); ok { + return v + } + case Artifact: + if v, ok := any(castArtifact(value)).(*T); ok { + return v + } + case Bundle: + if v, ok := any(castBundle(value)).(*T); ok { + return v + } + case Hash: + if v, ok := any(castHash(value)).(*T); ok { + return v + } + case LifecycleScopedRelationship: + if v, ok := any(castLifecycleScopedRelationship(value)).(*T); ok { + return v + } + case Organization: + if v, ok := any(castOrganization(value)).(*T); ok { + return v + } + case Person: + if v, ok := any(castPerson(value)).(*T); ok { + return v + } + case SoftwareAgent: + if v, ok := any(castSoftwareAgent(value)).(*T); ok { + return v + } + case ExpandedlicensingConjunctiveLicenseSet: + if v, ok := any(castExpandedlicensingConjunctiveLicenseSet(value)).(*T); ok { + return v + } + case ExpandedlicensingCustomLicenseAddition: + if v, ok := any(castExpandedlicensingCustomLicenseAddition(value)).(*T); ok { + return v + } + case ExpandedlicensingDisjunctiveLicenseSet: + if v, ok := any(castExpandedlicensingDisjunctiveLicenseSet(value)).(*T); ok { + return v + } + case ExpandedlicensingExtendableLicense: + if v, ok := any(castExpandedlicensingExtendableLicense(value)).(*T); ok { + return v + } + case ExpandedlicensingIndividualLicensingInfo: + if v, ok := any(castExpandedlicensingIndividualLicensingInfo(value)).(*T); ok { + return v + } + case ExpandedlicensingLicense: + if v, ok := any(castExpandedlicensingLicense(value)).(*T); ok { + return v + } + case ExpandedlicensingListedLicense: + if v, ok := any(castExpandedlicensingListedLicense(value)).(*T); ok { + return v + } + case ExpandedlicensingOrLaterOperator: + if v, ok := any(castExpandedlicensingOrLaterOperator(value)).(*T); ok { + return v + } + case ExpandedlicensingWithAdditionOperator: + if v, ok := any(castExpandedlicensingWithAdditionOperator(value)).(*T); ok { + return v + } + case ExtensionCdxPropertiesExtension: + if v, ok := any(castExtensionCdxPropertiesExtension(value)).(*T); ok { + return v + } + case SecurityCvssV2VulnAssessmentRelationship: + if v, ok := any(castSecurityCvssV2VulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityCvssV3VulnAssessmentRelationship: + if v, ok := any(castSecurityCvssV3VulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityCvssV4VulnAssessmentRelationship: + if v, ok := any(castSecurityCvssV4VulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityEpssVulnAssessmentRelationship: + if v, ok := any(castSecurityEpssVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityExploitCatalogVulnAssessmentRelationship: + if v, ok := any(castSecurityExploitCatalogVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecuritySsvcVulnAssessmentRelationship: + if v, ok := any(castSecuritySsvcVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityVexVulnAssessmentRelationship: + if v, ok := any(castSecurityVexVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityVulnerability: + if v, ok := any(castSecurityVulnerability(value)).(*T); ok { + return v + } + case SoftwareSoftwareArtifact: + if v, ok := any(castSoftwareSoftwareArtifact(value)).(*T); ok { + return v + } + case Bom: + if v, ok := any(castBom(value)).(*T); ok { + return v + } + case ExpandedlicensingCustomLicense: + if v, ok := any(castExpandedlicensingCustomLicense(value)).(*T); ok { + return v + } + case SecurityVexAffectedVulnAssessmentRelationship: + if v, ok := any(castSecurityVexAffectedVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityVexFixedVulnAssessmentRelationship: + if v, ok := any(castSecurityVexFixedVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityVexNotAffectedVulnAssessmentRelationship: + if v, ok := any(castSecurityVexNotAffectedVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SecurityVexUnderInvestigationVulnAssessmentRelationship: + if v, ok := any(castSecurityVexUnderInvestigationVulnAssessmentRelationship(value)).(*T); ok { + return v + } + case SoftwareFile: + if v, ok := any(castSoftwareFile(value)).(*T); ok { + return v + } + case SoftwarePackage: + if v, ok := any(castSoftwarePackage(value)).(*T); ok { + return v + } + case SoftwareSbom: + if v, ok := any(castSoftwareSbom(value)).(*T); ok { + return v + } + case SoftwareSnippet: + if v, ok := any(castSoftwareSnippet(value)).(*T); ok { + return v + } + case AiAIPackage: + if v, ok := any(castAiAIPackage(value)).(*T); ok { + return v + } + case DatasetDatasetPackage: + if v, ok := any(castDatasetDatasetPackage(value)).(*T); ok { + return v + } + } + panic("invalid type cast, unknown type: " + reflect.TypeOf(t).String()) } -func (o *DatasetPackage) GetAnonymizationMethodUsed() []string { - return o.AnonymizationMethodUsed -} -func (o *DatasetPackage) SetAnonymizationMethodUsed(v ...string) { - o.AnonymizationMethodUsed = v -} -func (o *DatasetPackage) GetConfidentialityLevel() ConfidentialityLevelType { - return o.ConfidentialityLevel -} -func (o *DatasetPackage) SetConfidentialityLevel(v ConfidentialityLevelType) { - o.ConfidentialityLevel = v -} -func (o *DatasetPackage) GetDataCollectionProcess() string { - return o.DataCollectionProcess -} -func (o *DatasetPackage) SetDataCollectionProcess(v string) { - o.DataCollectionProcess = v -} -func (o *DatasetPackage) GetDataPreprocessing() []string { - return o.DataPreprocessing -} -func (o *DatasetPackage) SetDataPreprocessing(v ...string) { - o.DataPreprocessing = v -} -func (o *DatasetPackage) GetDatasetAvailability() DatasetAvailabilityType { - return o.DatasetAvailability -} -func (o *DatasetPackage) SetDatasetAvailability(v DatasetAvailabilityType) { - o.DatasetAvailability = v -} -func (o *DatasetPackage) GetDatasetNoise() string { - return o.DatasetNoise -} -func (o *DatasetPackage) SetDatasetNoise(v string) { - o.DatasetNoise = v +func As[T any](value any, f func(v *T)) { + v := cast[T](value) + if v != nil { + f(v) + } } -func (o *DatasetPackage) GetDatasetSize() uint { - return o.DatasetSize -} -func (o *DatasetPackage) SetDatasetSize(v uint) { - o.DatasetSize = v -} -func (o *DatasetPackage) GetDatasetType() []DatasetType { - return o.DatasetType -} -func (o *DatasetPackage) SetDatasetType(v ...DatasetType) { - o.DatasetType = v -} -func (o *DatasetPackage) GetDatasetUpdateMechanism() string { - return o.DatasetUpdateMechanism -} -func (o *DatasetPackage) SetDatasetUpdateMechanism(v string) { - o.DatasetUpdateMechanism = v -} -func (o *DatasetPackage) GetHasSensitivePersonalInformation() PresenceType { - return o.HasSensitivePersonalInformation -} -func (o *DatasetPackage) SetHasSensitivePersonalInformation(v PresenceType) { - o.HasSensitivePersonalInformation = v -} -func (o *DatasetPackage) GetIntendedUse() string { - return o.IntendedUse -} -func (o *DatasetPackage) SetIntendedUse(v string) { - o.IntendedUse = v -} -func (o *DatasetPackage) GetKnownBias() []string { - return o.KnownBias -} -func (o *DatasetPackage) SetKnownBias(v ...string) { - o.KnownBias = v -} -func (o *DatasetPackage) GetSensor() []IDictionaryEntry { - return o.Sensor -} -func (o *DatasetPackage) SetSensor(v ...IDictionaryEntry) { - o.Sensor = v -} - -var ldGlobal = ldContext{}. - RegisterTypes("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", - &EnergyConsumption{}, - &EnergyConsumptionDescription{}, - &EnergyUnitType{}, - &SafetyRiskAssessmentType{}, - &AnnotationType{}, - &CreationInfo{}, - &DictionaryEntry{}, - &Element{}, - &ElementCollection{}, - &ExternalIdentifier{}, - &ExternalIdentifierType{}, - &ExternalMap{}, - &ExternalRef{}, - &ExternalRefType{}, - &HashAlgorithm{}, - &IntegrityMethod{}, - &LifecycleScopeType{}, - &NamespaceMap{}, - &PackageVerificationCode{}, - &PositiveIntegerRange{}, - &PresenceType{}, - &ProfileIdentifierType{}, - &Relationship{}, - &RelationshipCompleteness{}, - &RelationshipType{}, - &SpdxDocument{}, - &SupportType{}, - &Tool{}, - &ConfidentialityLevelType{}, - &DatasetAvailabilityType{}, - &DatasetType{}, - &LicenseAddition{}, - &ListedLicenseException{}, - &CdxPropertyEntry{}, - &Extension{}, - &CvssSeverityType{}, - &ExploitCatalogType{}, - &SsvcDecisionType{}, - &VexJustificationType{}, - &VulnAssessmentRelationship{}, - &AnyLicenseInfo{}, - &LicenseExpression{}, - &SimpleLicensingText{}, - &ContentIdentifier{}, - &ContentIdentifierType{}, - &FileKindType{}, - &SbomType{}, - &SoftwarePurpose{}, - &Build{}, - &Agent{}, - &Annotation{}, - &Artifact{}, - &Bundle{}, - &Hash{}, - &LifecycleScopedRelationship{}, - &Organization{}, - &Person{}, - &SoftwareAgent{}, - &ConjunctiveLicenseSet{}, - &CustomLicenseAddition{}, - &DisjunctiveLicenseSet{}, - &ExtendableLicense{}, - &IndividualLicensingInfo{}, - &License{}, - &ListedLicense{}, - &OrLaterOperator{}, - &WithAdditionOperator{}, - &CdxPropertiesExtension{}, - &CvssV2VulnAssessmentRelationship{}, - &CvssV3VulnAssessmentRelationship{}, - &CvssV4VulnAssessmentRelationship{}, - &EpssVulnAssessmentRelationship{}, - &ExploitCatalogVulnAssessmentRelationship{}, - &SsvcVulnAssessmentRelationship{}, - &VexVulnAssessmentRelationship{}, - &Vulnerability{}, - &SoftwareArtifact{}, - &Bom{}, - &CustomLicense{}, - &VexAffectedVulnAssessmentRelationship{}, - &VexFixedVulnAssessmentRelationship{}, - &VexNotAffectedVulnAssessmentRelationship{}, - &VexUnderInvestigationVulnAssessmentRelationship{}, - &File{}, - &Package{}, - &Sbom{}, - &Snippet{}, - &AIPackage{}, - &DatasetPackage{}, - ). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &EnergyUnitType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/kilowattHour": "kilowattHour", - "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/megajoule": "megajoule", - "https://spdx.org/rdf/3.0.0/terms/AI/EnergyUnitType/other": "other", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ProfileIdentifierType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/ai": "ai", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/build": "build", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/core": "core", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/dataset": "dataset", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/expandedLicensing": "expandedLicensing", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/extension": "extension", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/lite": "lite", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/security": "security", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/simpleLicensing": "simpleLicensing", - "https://spdx.org/rdf/3.0.0/terms/Core/ProfileIdentifierType/software": "software", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ExternalIdentifierType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe22": "cpe22", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cpe23": "cpe23", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/cve": "cve", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/email": "email", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/gitoid": "gitoid", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/packageUrl": "packageUrl", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/securityOther": "securityOther", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swhid": "swhid", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/swid": "swid", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalIdentifierType/urlScheme": "urlScheme", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ExternalRefType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altDownloadLocation": "altDownloadLocation", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/altWebPage": "altWebPage", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/binaryArtifact": "binaryArtifact", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/bower": "bower", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildMeta": "buildMeta", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/buildSystem": "buildSystem", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/certificationReport": "certificationReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/chat": "chat", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/componentAnalysisReport": "componentAnalysisReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/cwe": "cwe", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/documentation": "documentation", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/dynamicAnalysisReport": "dynamicAnalysisReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/eolNotice": "eolNotice", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/exportControlAssessment": "exportControlAssessment", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/funding": "funding", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/issueTracker": "issueTracker", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/license": "license", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mailingList": "mailingList", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/mavenCentral": "mavenCentral", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/metrics": "metrics", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/npm": "npm", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/nuget": "nuget", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/privacyAssessment": "privacyAssessment", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/productMetadata": "productMetadata", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/purchaseOrder": "purchaseOrder", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/qualityAssessmentReport": "qualityAssessmentReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseHistory": "releaseHistory", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/releaseNotes": "releaseNotes", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/riskAssessment": "riskAssessment", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/runtimeAnalysisReport": "runtimeAnalysisReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/secureSoftwareAttestation": "secureSoftwareAttestation", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdversaryModel": "securityAdversaryModel", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityAdvisory": "securityAdvisory", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityFix": "securityFix", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityOther": "securityOther", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPenTestReport": "securityPenTestReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityPolicy": "securityPolicy", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/securityThreatModel": "securityThreatModel", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/socialMedia": "socialMedia", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/sourceArtifact": "sourceArtifact", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/staticAnalysisReport": "staticAnalysisReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/support": "support", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vcs": "vcs", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityDisclosureReport": "vulnerabilityDisclosureReport", - "https://spdx.org/rdf/3.0.0/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment": "vulnerabilityExploitabilityAssessment", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &HashAlgorithm{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b256": "blake2b256", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b384": "blake2b384", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b512": "blake2b512", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake3": "blake3", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsDilithium": "crystalsDilithium", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsKyber": "crystalsKyber", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/falcon": "falcon", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md2": "md2", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md4": "md4", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md5": "md5", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md6": "md6", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha1": "sha1", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha224": "sha224", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha256": "sha256", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha384": "sha384", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_224": "sha3_224", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_256": "sha3_256", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_384": "sha3_384", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_512": "sha3_512", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha512": "sha512", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &RelationshipCompleteness{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/complete": "complete", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/incomplete": "incomplete", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipCompleteness/noAssertion": "noAssertion", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &RelationshipType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/affects": "affects", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/amendedBy": "amendedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/ancestorOf": "ancestorOf", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/availableFrom": "availableFrom", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/configures": "configures", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/contains": "contains", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/coordinatedBy": "coordinatedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/copiedTo": "copiedTo", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/delegatedTo": "delegatedTo", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/dependsOn": "dependsOn", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/descendantOf": "descendantOf", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/describes": "describes", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/doesNotAffect": "doesNotAffect", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/expandsTo": "expandsTo", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/exploitCreatedBy": "exploitCreatedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedBy": "fixedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/fixedIn": "fixedIn", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/foundBy": "foundBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/generates": "generates", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAddedFile": "hasAddedFile", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssessmentFor": "hasAssessmentFor", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasAssociatedVulnerability": "hasAssociatedVulnerability", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasConcludedLicense": "hasConcludedLicense", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDataFile": "hasDataFile", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeclaredLicense": "hasDeclaredLicense", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDeletedFile": "hasDeletedFile", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDependencyManifest": "hasDependencyManifest", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDistributionArtifact": "hasDistributionArtifact", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDocumentation": "hasDocumentation", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasDynamicLink": "hasDynamicLink", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasEvidence": "hasEvidence", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasExample": "hasExample", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasHost": "hasHost", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasInputs": "hasInputs", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasMetadata": "hasMetadata", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalComponent": "hasOptionalComponent", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOptionalDependency": "hasOptionalDependency", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasOutputs": "hasOutputs", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasPrerequsite": "hasPrerequsite", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasProvidedDependency": "hasProvidedDependency", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasRequirement": "hasRequirement", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasSpecification": "hasSpecification", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasStaticLink": "hasStaticLink", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTest": "hasTest", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasTestCase": "hasTestCase", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/hasVariant": "hasVariant", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/invokedBy": "invokedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/modifiedBy": "modifiedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/packagedBy": "packagedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/patchedBy": "patchedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/publishedBy": "publishedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/reportedBy": "reportedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/republishedBy": "republishedBy", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/serializedInArtifact": "serializedInArtifact", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/testedOn": "testedOn", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/trainedOn": "trainedOn", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/underInvestigationFor": "underInvestigationFor", - "https://spdx.org/rdf/3.0.0/terms/Core/RelationshipType/usesTool": "usesTool", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ContentIdentifierType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/gitoid": "gitoid", - "https://spdx.org/rdf/3.0.0/terms/Software/ContentIdentifierType/swhid": "swhid", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &AnnotationType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Core/AnnotationType/review": "review", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SupportType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/deployed": "deployed", - "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/development": "development", - "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/endOfSupport": "endOfSupport", - "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/limitedSupport": "limitedSupport", - "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noAssertion": "noAssertion", - "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/noSupport": "noSupport", - "https://spdx.org/rdf/3.0.0/terms/Core/SupportType/support": "support", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &HashAlgorithm{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b256": "blake2b256", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b384": "blake2b384", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake2b512": "blake2b512", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/blake3": "blake3", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsDilithium": "crystalsDilithium", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/crystalsKyber": "crystalsKyber", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/falcon": "falcon", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md2": "md2", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md4": "md4", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md5": "md5", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/md6": "md6", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha1": "sha1", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha224": "sha224", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha256": "sha256", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha384": "sha384", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_224": "sha3_224", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_256": "sha3_256", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_384": "sha3_384", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha3_512": "sha3_512", - "https://spdx.org/rdf/3.0.0/terms/Core/HashAlgorithm/sha512": "sha512", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &LifecycleScopeType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/build": "build", - "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/design": "design", - "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/development": "development", - "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/runtime": "runtime", - "https://spdx.org/rdf/3.0.0/terms/Core/LifecycleScopeType/test": "test", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &CvssSeverityType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/critical": "critical", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/high": "high", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/low": "low", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/medium": "medium", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/none": "none", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &CvssSeverityType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/critical": "critical", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/high": "high", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/low": "low", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/medium": "medium", - "https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType/none": "none", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ExploitCatalogType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/kev": "kev", - "https://spdx.org/rdf/3.0.0/terms/Security/ExploitCatalogType/other": "other", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SsvcDecisionType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/act": "act", - "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/attend": "attend", - "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/track": "track", - "https://spdx.org/rdf/3.0.0/terms/Security/SsvcDecisionType/trackStar": "trackStar", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SoftwarePurpose{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/application": "application", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/archive": "archive", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/bom": "bom", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/configuration": "configuration", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/container": "container", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/data": "data", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/device": "device", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/deviceDriver": "deviceDriver", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/diskImage": "diskImage", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/documentation": "documentation", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/evidence": "evidence", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/executable": "executable", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/file": "file", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/filesystemImage": "filesystemImage", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/firmware": "firmware", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/framework": "framework", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/install": "install", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/library": "library", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/manifest": "manifest", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/model": "model", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/module": "module", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/operatingSystem": "operatingSystem", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/patch": "patch", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/platform": "platform", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/requirement": "requirement", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/source": "source", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/specification": "specification", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/test": "test", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SoftwarePurpose{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/application": "application", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/archive": "archive", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/bom": "bom", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/configuration": "configuration", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/container": "container", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/data": "data", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/device": "device", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/deviceDriver": "deviceDriver", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/diskImage": "diskImage", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/documentation": "documentation", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/evidence": "evidence", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/executable": "executable", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/file": "file", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/filesystemImage": "filesystemImage", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/firmware": "firmware", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/framework": "framework", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/install": "install", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/library": "library", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/manifest": "manifest", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/model": "model", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/module": "module", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/operatingSystem": "operatingSystem", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/patch": "patch", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/platform": "platform", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/requirement": "requirement", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/source": "source", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/specification": "specification", - "https://spdx.org/rdf/3.0.0/terms/Software/SoftwarePurpose/test": "test", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &VexJustificationType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/componentNotPresent": "componentNotPresent", - "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist": "inlineMitigationsAlreadyExist", - "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary": "vulnerableCodeCannotBeControlledByAdversary", - "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath": "vulnerableCodeNotInExecutePath", - "https://spdx.org/rdf/3.0.0/terms/Security/VexJustificationType/vulnerableCodeNotPresent": "vulnerableCodeNotPresent", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &FileKindType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/directory": "directory", - "https://spdx.org/rdf/3.0.0/terms/Software/FileKindType/file": "file", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SbomType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/analyzed": "analyzed", - "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/build": "build", - "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/deployed": "deployed", - "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/design": "design", - "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/runtime": "runtime", - "https://spdx.org/rdf/3.0.0/terms/Software/SbomType/source": "source", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &PresenceType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no": "no", - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion": "noAssertion", - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes": "yes", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &SafetyRiskAssessmentType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/high": "high", - "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/low": "low", - "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/medium": "medium", - "https://spdx.org/rdf/3.0.0/terms/AI/SafetyRiskAssessmentType/serious": "serious", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &PresenceType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no": "no", - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion": "noAssertion", - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes": "yes", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &ConfidentialityLevelType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/amber": "amber", - "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/clear": "clear", - "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/green": "green", - "https://spdx.org/rdf/3.0.0/terms/Dataset/ConfidentialityLevelType/red": "red", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &DatasetAvailabilityType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/clickthrough": "clickthrough", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/directDownload": "directDownload", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/query": "query", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/registration": "registration", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetAvailabilityType/scrapingScript": "scrapingScript", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &DatasetType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/audio": "audio", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/categorical": "categorical", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/graph": "graph", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/image": "image", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/noAssertion": "noAssertion", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/numeric": "numeric", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/other": "other", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/sensor": "sensor", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/structured": "structured", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/syntactic": "syntactic", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/text": "text", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timeseries": "timeseries", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/timestamp": "timestamp", - "https://spdx.org/rdf/3.0.0/terms/Dataset/DatasetType/video": "video", - }). - IRIMap("https://spdx.org/rdf/3.0.0/spdx-context.jsonld", &PresenceType{}, map[string]string{ - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/no": "no", - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/noAssertion": "noAssertion", - "https://spdx.org/rdf/3.0.0/terms/Core/PresenceType/yes": "yes", - }) diff --git a/spdx/v3/v3_0/relationships.go b/spdx/v3/v3_0/relationships.go deleted file mode 100644 index e19fa221..00000000 --- a/spdx/v3/v3_0/relationships.go +++ /dev/null @@ -1,15 +0,0 @@ -package v3_0 - -type Relationships struct { - relationships []IRelationship -} - -func (r Relationships) From(element IElement) Relationships { - var out []IRelationship - for _, r := range r.relationships { - if r.GetFrom() == element { - out = append(out, r) - } - } - return Relationships{out} -} diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0/spdx.go index 6744952e..ea121e61 100644 --- a/spdx/v3/v3_0/spdx.go +++ b/spdx/v3/v3_0/spdx.go @@ -1,105 +1,82 @@ package v3_0 import ( - "encoding/json" "fmt" - "io" "math/rand" "reflect" "time" ) /* -SPDX 3 models and serialization code is generated from prototype golang support for shacl2code, -https://github.com/kzantow-anchore/shacl2code/tree/golang-bindings (with contributions from Nisha and Keith) +SPDX 3 models and serialization code is generated from some different prototype golang support for shacl2code, in: https://github.com/kzantow-anchore/shacl2code To regenerate, use something like this command: -.venv/bin/python -m shacl2code generate -i https://spdx.org/rdf/3.0.0/spdx-model.ttl -i https://spdx.org/rdf/3.0.0/spdx-json-serialize-annotations.ttl -x https://spdx.org/rdf/3.0.0/spdx-context.jsonld golang --package v3_0 --license MIT --output $HOME/projects/tools-golang/spdx/v3/v3_0/model.go --remap-props element=elements,extension=extensions,externalIdentifier=externalIdentifiers,externalRef=externalRefs,rootElement=rootElements +.venv/bin/python -m shacl2code generate -i https://spdx.org/rdf/3.0.1/spdx-model.ttl -i https://spdx.org/rdf/3.0.1/spdx-json-serialize-annotations.ttl -x https://spdx.org/rdf/3.0.1/spdx-context.jsonld golang +--package v3_0 --license MIT +--output $HOME/projects/tools-golang/spdx/v3/v3_0/model.go +--remap-props element=elements,extension=extensions,externalIdentifier=externalIdentifiers,externalRef=externalRefs,rootElement=rootElements */ type Document struct { - creationInfo *CreationInfo - document *SpdxDocument - graph []any - ldc ldContext + *SpdxDocument + graph []any + //ldc ldContext } -func NewDocument(creator IAgent) *Document { +func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { ci := &CreationInfo{ - Created: time.Now().Format(time.RFC3339), - CreatedBy: []IAgent{ - creator, - }, + Created: time.Now(), + CreatedBys: AgentList{createdBy}, + CreatedUsings: ToolList{createdUsing}, } - creator.SetCreationInfo(ci) return &Document{ - creationInfo: ci, - document: &SpdxDocument{ - CreationInfo: ci, + SpdxDocument: &SpdxDocument{ + ElementCollection: ElementCollection{ + Element: Element{ + Name: name, + CreationInfo: ci, + }, + ProfileConformances: []ProfileIdentifierType{conformance}, + }, }, - graph: []any{ci, creator}, - ldc: ldGlobal, + graph: []any{ci}, + //ldc: ldGlobal, } } -func (d *Document) CreationInfo() ICreationInfo { - return d.creationInfo -} - -func (d *Document) AddElement(e ...IElement) { - d.document.RootElements = append(d.document.RootElements, e...) - d.document.Elements = append(d.document.Elements, e...) -} - -func (d *Document) GetElements() []IElement { - return d.document.RootElements -} - -func (d *Document) Document() *SpdxDocument { - return d.document -} - -func (d *Document) Packages() []IPackage { - return get[IPackage](d) -} - -func (d *Document) Relationships() Relationships { - return Relationships{get[IRelationship](d)} -} - -func (d *Document) Files() []IFile { - return get[IFile](d) -} - -func (d *Document) ToJSON(writer io.Writer) error { - if d.document == nil { - return fmt.Errorf("no document object created") - } - // all IElement need to have creationInfo set... - if d.creationInfo != nil { - d.setCreationInfo(d.creationInfo, d.document) - } - // all IElement need to have spdxID... - if makeIdGenerator != nil { - idGen := makeIdGenerator(d.document) - if d.document.GetSpdxId() == "" { - d.document.SetSpdxId(idGen(d.document)) - } - d.ensureSpdxIDs(d.document, idGen) - } - - maps, err := d.ldc.toMaps(d.document) - if err != nil { - return err - } - enc := json.NewEncoder(writer) - enc.SetEscapeHTML(false) - enc.SetIndent("", " ") - return enc.Encode(maps) -} - -func (d *Document) setCreationInfo(creationInfo ICreationInfo, doc ISpdxDocument) { - iCreationInfoType := reflect.TypeOf((*ICreationInfo)(nil)).Elem() +func (d *Document) Append(e ...AnyElement) { + d.SpdxDocument.RootElements = append(d.SpdxDocument.RootElements, e...) + d.SpdxDocument.Elements = append(d.SpdxDocument.Elements, e...) +} + +//func (d *Document) ToJSON(writer io.Writer) error { +// if d.SpdxDocument == nil { +// return fmt.Errorf("no document object created") +// } +// // all IElement need to have creationInfo set... +// d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) +// +// // all IElement need to have spdxID... +// if makeIdGenerator != nil { +// idGen := makeIdGenerator(d.SpdxDocument) +// if d.SpdxDocument.ID == "" { +// d.SpdxDocument.ID = idGen(d.SpdxDocument) +// } +// d.ensureSpdxIDs(d.SpdxDocument, idGen) +// } +// +// maps, err := d.ldc.toMaps(d.SpdxDocument) +// if err != nil { +// return err +// } +// enc := json.NewEncoder(writer) +// enc.SetEscapeHTML(false) +// enc.SetIndent("", " ") +// return enc.Encode(maps) +//} + +func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { + iCreationInfoType := reflect.TypeOf((*AnyCreationInfo)(nil)).Elem() ci := reflect.ValueOf(creationInfo) _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { t := v.Type() @@ -110,35 +87,45 @@ func (d *Document) setCreationInfo(creationInfo ICreationInfo, doc ISpdxDocument }) } -func (d *Document) ensureSpdxIDs(doc ISpdxDocument, idGen idGenerator) { - iElementType := reflect.TypeOf((*IElement)(nil)).Elem() +func (d *Document) ensureSpdxIDs(doc *SpdxDocument, idGen idGenerator) { + iElementType := reflect.TypeOf((*AnyElement)(nil)).Elem() _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { if v.Type().Implements(iElementType) { - el, ok := v.Interface().(IElement) - if ok && el.GetSpdxId() == "" { - el.SetSpdxId(idGen(el)) + el, ok := v.Interface().(AnyElement) + if ok { + e := el.asElement() + if e != nil && e.ID == "" { + e.ID = idGen(el) + } } } return nil }) } -type idGenerator func(e IElement) string +type idGenerator func(e any) string -var makeIdGenerator = func(doc ISpdxDocument) idGenerator { +var makeIdGenerator = func(doc *SpdxDocument) idGenerator { nextID := map[reflect.Type]uint{} - return func(e IElement) string { - if _, ok := e.(ISpdxDocument); ok { + return func(e any) string { + if _, ok := e.(*SpdxDocument); ok { return fmt.Sprintf("%v", rand.Uint64()) } t := baseType(reflect.TypeOf(e)) // should these be blank nodes? id := nextID[t] + 1 nextID[t] = id - return fmt.Sprintf("_:%v-%v-%v", doc.GetSpdxId(), t.Name(), id) + return fmt.Sprintf("_:%v-%v-%v", doc.ID, t.Name(), id) } } +func baseType(t reflect.Type) reflect.Type { + for t.Kind() == reflect.Ptr { + t = t.Elem() + } + return t +} + func visitObjectGraph(visited map[reflect.Value]struct{}, v reflect.Value, visitor func(reflect.Value) error) error { if _, ok := visited[v]; ok { return nil @@ -180,27 +167,17 @@ func visitObjectGraph(visited map[reflect.Value]struct{}, v reflect.Value, visit return nil } -func (d *Document) FromJSON(reader io.Reader) error { - graph, err := d.ldc.FromJSON(reader) - if err != nil { - return err - } - d.graph = append(d.graph, graph) - for _, e := range graph { - if doc, ok := e.(*SpdxDocument); ok { - d.document = doc - return nil - } - } - return fmt.Errorf("no document found") -} - -func get[T any](ctx *Document) []T { - var out []T - for _, i := range ctx.graph { - if i, ok := i.(T); ok { - out = append(out, i) - } - } - return out -} +//func (d *Document) FromJSON(reader io.Reader) error { +// graph, err := d.ldc.FromJSON(reader) +// if err != nil { +// return err +// } +// d.graph = append(d.graph, graph) +// for _, e := range graph { +// if doc, ok := e.(*SpdxDocument); ok { +// d.SpdxDocument = doc +// return nil +// } +// } +// return fmt.Errorf("no document found") +//} diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0/spdx_test.go index 04db91d5..808a9617 100644 --- a/spdx/v3/v3_0/spdx_test.go +++ b/spdx/v3/v3_0/spdx_test.go @@ -1,26 +1,22 @@ package v3_0_test import ( - "bytes" - "fmt" - "strings" "testing" - "github.com/pmezard/go-difflib/difflib" - spdx "github.com/spdx/tools-golang/spdx/v3/v3_0" ) func Test_exportImportExport(t *testing.T) { - doc := spdx.NewDocument(&spdx.SoftwareAgent{ - Name: "tools-golang", - Summary: "a summary", - }) - doc.Document().SetProfileConformance(spdx.ProfileIdentifierType_Software) - - doc.CreationInfo().SetCreatedUsing( - &spdx.Tool{ - ExternalIdentifiers: []spdx.IExternalIdentifier{ + // create a document + doc := spdx.NewDocument( + spdx.ProfileIdentifierType_Software, + "My Document", + &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{ + Name: "tools-golang", + Summary: "a summary", + }}}, + &spdx.Tool{Element: spdx.Element{ + ExternalIdentifiers: spdx.ExternalIdentifierList{ &spdx.ExternalIdentifier{ ExternalIdentifierType: spdx.ExternalIdentifierType_Cpe23, Identifier: "cpe:2.3:a:myvendor:my-product:*:*:*:*:*:*:*:*", @@ -28,106 +24,112 @@ func Test_exportImportExport(t *testing.T) { }, ExternalRefs: nil, Name: "not-tools-golang", - }, - ) + }}) - doc.Document().SetName("My Document") + sbom := &spdx.SoftwareSbom{} + doc.RootElements.Append(sbom) - // add a package + // create a package - pkg1 := &spdx.Package{ - Name: "some-package-1", - PackageVersion: "1.2.3", + pkg1 := &spdx.SoftwarePackage{ + SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "some-package-1", + }}}, + SoftwarePackageVersion: "1.2.3", } - pkg2 := &spdx.Package{ - Name: "some-package-2", - PackageVersion: "2.4.5", - } - doc.AddElement(pkg1, pkg2) - - file1 := &spdx.File{ - Name: "/bin/bash", - } - doc.AddElement(file1) - - // add relationships - doc.AddElement( - &spdx.Relationship{ - From: file1, - RelationshipType: spdx.RelationshipType_Contains, - To: []spdx.IElement{ - pkg1, - pkg2, - }, - }, - ) - - doc.AddElement( - &spdx.Relationship{ - From: pkg1, - RelationshipType: spdx.RelationshipType_DependsOn, - To: []spdx.IElement{ - pkg2, - }, - }, - ) + // create another package - // serialize + pkg2 := &spdx.AiAIPackage{} + pkg2.Name = "some-package-2" + pkg2.SoftwarePackageVersion = "2.4.5" - buf := bytes.Buffer{} - err := doc.ToJSON(&buf) - if err != nil { - t.Error(err) - } - - json1 := buf.String() - fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + // add the packages to the sbom - // deserialize to a new document + sbom.RootElements.Append(pkg1, pkg2) - doc = spdx.NewDocument(&spdx.SoftwareAgent{}) - err = doc.FromJSON(strings.NewReader(json1)) - if err != nil { - t.Error(err) - } + // add a file - // re-serialize + file1 := &spdx.SoftwareFile{SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "/bin/bash", + }}}} + sbom.RootElements.Append(file1) - buf.Reset() - err = doc.ToJSON(&buf) - if err != nil { - t.Error(err) - } - json2 := buf.String() - fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + // add relationships - // compare original to parsed and re-encoded + sbom.RootElements.Append(&spdx.Relationship{ + From: file1, + RelationshipType: spdx.RelationshipType_Contains, + Tos: spdx.ElementList{ + pkg1, + pkg2, + }, + }) - diff := difflib.UnifiedDiff{ - A: difflib.SplitLines(json1), - B: difflib.SplitLines(json2), - FromFile: "Original", - ToFile: "Current", - Context: 3, - } - text, _ := difflib.GetUnifiedDiffString(diff) - if text != "" { - t.Errorf(text) - } + sbom.RootElements.Append(&spdx.Relationship{ + From: pkg1, + RelationshipType: spdx.RelationshipType_DependsOn, + Tos: spdx.ElementList{ + pkg2, + }, + }) - // some basic verification: + // serialize - var pkgs []spdx.IPackage - for _, e := range doc.GetElements() { - if rel, ok := e.(spdx.IRelationship); ok && rel.GetRelationshipType() == spdx.RelationshipType_Contains { - if from, ok := rel.GetFrom().(spdx.IFile); ok && from.GetName() == "/bin/bash" { - for _, el := range rel.GetTo() { - if pkg, ok := el.(spdx.IPackage); ok { - pkgs = append(pkgs, pkg) + //buf := bytes.Buffer{} + //err := doc.ToJSON(&buf) + //if err != nil { + // t.Error(err) + //} + // + //json1 := buf.String() + //fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + // + //// deserialize to a new document + // + //doc = spdx.NewDocument(&spdx.SoftwareAgent{}) + //err = doc.FromJSON(strings.NewReader(json1)) + //if err != nil { + // t.Error(err) + //} + // + //// re-serialize + // + //buf.Reset() + //err = doc.ToJSON(&buf) + //if err != nil { + // t.Error(err) + //} + //json2 := buf.String() + //fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + // + //// compare original to parsed and re-encoded + // + //diff := difflib.UnifiedDiff{ + // A: difflib.SplitLines(json1), + // B: difflib.SplitLines(json2), + // FromFile: "Original", + // ToFile: "Current", + // Context: 3, + //} + //text, _ := difflib.GetUnifiedDiffString(diff) + //if text != "" { + // t.Errorf(text) + //} + + // some basic usage: + + var pkgs []*spdx.SoftwarePackage + for _, sbom := range doc.RootElements.SoftwareSbomIter() { + for _, rel := range sbom.RootElements.RelationshipIter() { + if rel.RelationshipType == spdx.RelationshipType_Contains { + spdx.As(rel.From, func(f *spdx.SoftwareFile) { + if f.Name == "/bin/bash" { + for _, pkg := range rel.Tos.SoftwarePackageIter() { + pkgs = append(pkgs, pkg) + } } - } - + }) } } } @@ -137,75 +139,76 @@ func Test_exportImportExport(t *testing.T) { } func Test_aiProfile(t *testing.T) { - doc := spdx.NewDocument(&spdx.SoftwareAgent{ + doc := spdx.NewDocument(spdx.ProfileIdentifierType_Ai, "", &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{ Name: "tools-golang", Summary: "a summary", - }) - doc.Document().SetProfileConformance(spdx.ProfileIdentifierType_Ai) - - aiPkg := &spdx.AIPackage{ - Name: "some ai package", - EnergyConsumption: &spdx.EnergyConsumption{ - FinetuningEnergyConsumption: []spdx.IEnergyConsumptionDescription{ - &spdx.EnergyConsumptionDescription{ - EnergyQuantity: 1.2, - EnergyUnit: spdx.EnergyUnitType_KilowattHour, + }}}, nil) + + aiPkg := &spdx.AiAIPackage{ + SoftwarePackage: spdx.SoftwarePackage{SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "some ai package", + }}}}, + AiEnergyConsumption: &spdx.AiEnergyConsumption{ + AiFinetuningEnergyConsumptions: spdx.AiEnergyConsumptionDescriptionList{ + &spdx.AiEnergyConsumptionDescription{ + AiEnergyQuantity: 1.2, + AiEnergyUnit: spdx.AiEnergyUnitType_KilowattHour, }, }, - TrainingEnergyConsumption: []spdx.IEnergyConsumptionDescription{ - &spdx.EnergyConsumptionDescription{ - EnergyQuantity: 5032402, - EnergyUnit: spdx.EnergyUnitType_KilowattHour, + AiTrainingEnergyConsumptions: spdx.AiEnergyConsumptionDescriptionList{ + &spdx.AiEnergyConsumptionDescription{ + AiEnergyQuantity: 5032402, + AiEnergyUnit: spdx.AiEnergyUnitType_KilowattHour, }, }, }, - TypeOfModel: []string{ + AiTypeOfModels: []string{ "Llama 3 8B", }, } - doc.AddElement(aiPkg) + doc.RootElements.Append(aiPkg) // serialize - buf := bytes.Buffer{} - err := doc.ToJSON(&buf) - if err != nil { - t.Error(err) - } - - json1 := buf.String() - fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) - - // deserialize to a new document - - doc = spdx.NewDocument(&spdx.SoftwareAgent{}) - err = doc.FromJSON(strings.NewReader(json1)) - if err != nil { - t.Error(err) - } - - // re-serialize - - buf.Reset() - err = doc.ToJSON(&buf) - if err != nil { - t.Error(err) - } - json2 := buf.String() - fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) - - // compare original to parsed and re-encoded - - diff := difflib.UnifiedDiff{ - A: difflib.SplitLines(json1), - B: difflib.SplitLines(json2), - FromFile: "Original", - ToFile: "Current", - Context: 3, - } - text, _ := difflib.GetUnifiedDiffString(diff) - if text != "" { - t.Errorf(text) - } + //buf := bytes.Buffer{} + //err := doc.ToJSON(&buf) + //if err != nil { + // t.Error(err) + //} + // + //json1 := buf.String() + //fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + // + //// deserialize to a new document + // + //doc = spdx.NewDocument(&spdx.SoftwareAgent{}) + //err = doc.FromJSON(strings.NewReader(json1)) + //if err != nil { + // t.Error(err) + //} + // + //// re-serialize + // + //buf.Reset() + //err = doc.ToJSON(&buf) + //if err != nil { + // t.Error(err) + //} + //json2 := buf.String() + //fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + // + //// compare original to parsed and re-encoded + // + //diff := difflib.UnifiedDiff{ + // A: difflib.SplitLines(json1), + // B: difflib.SplitLines(json2), + // FromFile: "Original", + // ToFile: "Current", + // Context: 3, + //} + //text, _ := difflib.GetUnifiedDiffString(diff) + //if text != "" { + // t.Errorf(text) + //} } diff --git a/spdx/v3/v3_0/util.go b/spdx/v3/v3_0/util.go new file mode 100644 index 00000000..2b75336f --- /dev/null +++ b/spdx/v3/v3_0/util.go @@ -0,0 +1,38 @@ +// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT +// +// SPDX-License-Identifier: 0BSD + +package v3_0 + +import ( + "iter" +) + +func typeIter[T any, E any](values []E, cast func(any) *T) iter.Seq2[E, *T] { + if values == nil { + return func(yield func(E, *T) bool) {} + } + return func(yield func(E, *T) bool) { + for _, value := range values { + v := cast(value) + if v != nil { + if !yield(value, v) { + return + } + } + } + } +} + +func remove[T comparable, E ~[]T](slice *E, value T) { + if slice == nil { + return + } + s := *slice + for i := 0; i < len(*slice); i++ { + if s[i] == value { + *slice = append(s[0:i], s[:i+1]...) + i-- + } + } +} diff --git a/spdx/v3/v3_0/validator.go b/spdx/v3/v3_0/validator.go new file mode 100644 index 00000000..05ea49ed --- /dev/null +++ b/spdx/v3/v3_0/validator.go @@ -0,0 +1,1846 @@ +// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT +// +// SPDX-License-Identifier: 0BSD + +package v3_0 + +import ( + "fmt" + "slices" + "strconv" + "strings" +) + +type ValidationError struct { + Path []string + Err error +} + +func (v ValidationError) String() string { + return strings.Join(v.Path, ".") + ": " + v.Err.Error() +} + +func (v ValidationError) Error() string { + return v.String() +} + +func newValidationError(path []string, err error) ValidationError { + return ValidationError{ + Path: path, + Err: err, + } +} + +type validator interface { + Validate(visited map[any]struct{}, path ...string) []ValidationError +} + +func validateInValues(path []string, value string, valid ...string) []ValidationError { + if slices.Contains(valid, value) { + return nil + } + return []ValidationError{newValidationError(path, fmt.Errorf("invalid value: '%v', expected: %v", value, valid))} +} + +func (o *AiEnergyConsumption) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + for i, v := range o.AiFinetuningEnergyConsumptions { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "AiFinetuningEnergyConsumptions", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.AiInferenceEnergyConsumptions { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "AiInferenceEnergyConsumptions", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.AiTrainingEnergyConsumptions { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "AiTrainingEnergyConsumptions", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *AiEnergyConsumptionDescription) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + if o.AiEnergyUnit.ID == "" { + errs = append(errs, newValidationError(append(path, "AiEnergyUnit"), fmt.Errorf("required"))) + } + errs = append(errs, o.AiEnergyUnit.Validate(visited, append(path, "AiEnergyUnit")...)...) + + return errs +} + +func (o *AiEnergyUnitType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, AiEnergyUnitType_KilowattHour.ID, AiEnergyUnitType_Megajoule.ID, AiEnergyUnitType_Other.ID)...) + + return errs +} + +func (o *AiSafetyRiskAssessmentType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, AiSafetyRiskAssessmentType_High.ID, AiSafetyRiskAssessmentType_Low.ID, AiSafetyRiskAssessmentType_Medium.ID, AiSafetyRiskAssessmentType_Serious.ID)...) + + return errs +} + +func (o *AnnotationType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, AnnotationType_Other.ID, AnnotationType_Review.ID)...) + + return errs +} + +func (o *CreationInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + // TODO: check for required + + for i, v := range o.CreatedBys { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "CreatedBys", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.CreatedUsings { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "CreatedUsings", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required + return errs +} + +func (o *DictionaryEntry) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *Element) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + if v, ok := o.CreationInfo.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "CreationInfo")...)...) + } + + // TODO: check for required + + for i, v := range o.Extensions { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "Extensions", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.ExternalIdentifiers { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExternalIdentifiers", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.ExternalRefs { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExternalRefs", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required + + // TODO: check for required + + for i, v := range o.VerifiedUsings { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "VerifiedUsings", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *ElementCollection) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + for i, v := range o.Elements { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "Elements", strconv.Itoa(i))...)...) + } + } + + for _, v := range o.ProfileConformances { + errs = append(errs, v.Validate(visited, append(path, "ProfileConformances")...)...) + } + + for i, v := range o.RootElements { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "RootElements", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *ExternalIdentifier) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + if o.ExternalIdentifierType.ID == "" { + errs = append(errs, newValidationError(append(path, "ExternalIdentifierType"), fmt.Errorf("required"))) + } + errs = append(errs, o.ExternalIdentifierType.Validate(visited, append(path, "ExternalIdentifierType")...)...) + + // TODO: check for required + + // TODO: check for required/min/max/etc. + + // TODO: check for required + return errs +} + +func (o *ExternalIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, ExternalIdentifierType_Cpe22.ID, ExternalIdentifierType_Cpe23.ID, ExternalIdentifierType_Cve.ID, ExternalIdentifierType_Email.ID, ExternalIdentifierType_Gitoid.ID, ExternalIdentifierType_Other.ID, ExternalIdentifierType_PackageUrl.ID, ExternalIdentifierType_SecurityOther.ID, ExternalIdentifierType_Swhid.ID, ExternalIdentifierType_Swid.ID, ExternalIdentifierType_UrlScheme.ID)...) + + return errs +} + +func (o *ExternalMap) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + if v, ok := o.DefiningArtifact.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "DefiningArtifact")...)...) + } + + // TODO: check for required + + // TODO: check for required + + for i, v := range o.VerifiedUsings { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "VerifiedUsings", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *ExternalRef) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + // TODO: check for required + + errs = append(errs, o.ExternalRefType.Validate(visited, append(path, "ExternalRefType")...)...) + + // TODO: check for required/min/max/etc. + + return errs +} + +func (o *ExternalRefType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, ExternalRefType_AltDownloadLocation.ID, ExternalRefType_AltWebPage.ID, ExternalRefType_BinaryArtifact.ID, ExternalRefType_Bower.ID, ExternalRefType_BuildMeta.ID, ExternalRefType_BuildSystem.ID, ExternalRefType_CertificationReport.ID, ExternalRefType_Chat.ID, ExternalRefType_ComponentAnalysisReport.ID, ExternalRefType_Cwe.ID, ExternalRefType_Documentation.ID, ExternalRefType_DynamicAnalysisReport.ID, ExternalRefType_EolNotice.ID, ExternalRefType_ExportControlAssessment.ID, ExternalRefType_Funding.ID, ExternalRefType_IssueTracker.ID, ExternalRefType_License.ID, ExternalRefType_MailingList.ID, ExternalRefType_MavenCentral.ID, ExternalRefType_Metrics.ID, ExternalRefType_Npm.ID, ExternalRefType_Nuget.ID, ExternalRefType_Other.ID, ExternalRefType_PrivacyAssessment.ID, ExternalRefType_ProductMetadata.ID, ExternalRefType_PurchaseOrder.ID, ExternalRefType_QualityAssessmentReport.ID, ExternalRefType_ReleaseHistory.ID, ExternalRefType_ReleaseNotes.ID, ExternalRefType_RiskAssessment.ID, ExternalRefType_RuntimeAnalysisReport.ID, ExternalRefType_SecureSoftwareAttestation.ID, ExternalRefType_SecurityAdversaryModel.ID, ExternalRefType_SecurityAdvisory.ID, ExternalRefType_SecurityFix.ID, ExternalRefType_SecurityOther.ID, ExternalRefType_SecurityPenTestReport.ID, ExternalRefType_SecurityPolicy.ID, ExternalRefType_SecurityThreatModel.ID, ExternalRefType_SocialMedia.ID, ExternalRefType_SourceArtifact.ID, ExternalRefType_StaticAnalysisReport.ID, ExternalRefType_Support.ID, ExternalRefType_Vcs.ID, ExternalRefType_VulnerabilityDisclosureReport.ID, ExternalRefType_VulnerabilityExploitabilityAssessment.ID)...) + + return errs +} + +func (o *HashAlgorithm) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, HashAlgorithm_Adler32.ID, HashAlgorithm_Blake2b256.ID, HashAlgorithm_Blake2b384.ID, HashAlgorithm_Blake2b512.ID, HashAlgorithm_Blake3.ID, HashAlgorithm_CrystalsDilithium.ID, HashAlgorithm_CrystalsKyber.ID, HashAlgorithm_Falcon.ID, HashAlgorithm_Md2.ID, HashAlgorithm_Md4.ID, HashAlgorithm_Md5.ID, HashAlgorithm_Md6.ID, HashAlgorithm_Other.ID, HashAlgorithm_Sha1.ID, HashAlgorithm_Sha224.ID, HashAlgorithm_Sha256.ID, HashAlgorithm_Sha384.ID, HashAlgorithm_Sha3224.ID, HashAlgorithm_Sha3256.ID, HashAlgorithm_Sha3384.ID, HashAlgorithm_Sha3512.ID, HashAlgorithm_Sha512.ID)...) + + return errs +} + +func (o *IndividualElement) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + errs = append(errs, validateInValues(path, o.ID, IndividualElement_NoAssertionElement.ID, IndividualElement_NoneElement.ID)...) + + return errs +} + +func (o *IntegrityMethod) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + return errs +} + +func (o *LifecycleScopeType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, LifecycleScopeType_Build.ID, LifecycleScopeType_Design.ID, LifecycleScopeType_Development.ID, LifecycleScopeType_Other.ID, LifecycleScopeType_Runtime.ID, LifecycleScopeType_Test.ID)...) + + return errs +} + +func (o *NamespaceMap) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *PackageVerificationCode) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) + + if o.Algorithm.ID == "" { + errs = append(errs, newValidationError(append(path, "Algorithm"), fmt.Errorf("required"))) + } + errs = append(errs, o.Algorithm.Validate(visited, append(path, "Algorithm")...)...) + + // TODO: check for required + + // TODO: check for required/min/max/etc. + + return errs +} + +func (o *PositiveIntegerRange) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *PresenceType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, PresenceType_No.ID, PresenceType_NoAssertion.ID, PresenceType_Yes.ID)...) + + return errs +} + +func (o *ProfileIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, ProfileIdentifierType_Ai.ID, ProfileIdentifierType_Build.ID, ProfileIdentifierType_Core.ID, ProfileIdentifierType_Dataset.ID, ProfileIdentifierType_ExpandedLicensing.ID, ProfileIdentifierType_Extension.ID, ProfileIdentifierType_Lite.ID, ProfileIdentifierType_Security.ID, ProfileIdentifierType_SimpleLicensing.ID, ProfileIdentifierType_Software.ID)...) + + return errs +} + +func (o *Relationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + errs = append(errs, o.Completeness.Validate(visited, append(path, "Completeness")...)...) + + // TODO: check for required + + if v, ok := o.From.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "From")...)...) + } + + if o.RelationshipType.ID == "" { + errs = append(errs, newValidationError(append(path, "RelationshipType"), fmt.Errorf("required"))) + } + errs = append(errs, o.RelationshipType.Validate(visited, append(path, "RelationshipType")...)...) + + // TODO: check for required + + for i, v := range o.Tos { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "Tos", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *RelationshipCompleteness) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, RelationshipCompleteness_Complete.ID, RelationshipCompleteness_Incomplete.ID, RelationshipCompleteness_NoAssertion.ID)...) + + return errs +} + +func (o *RelationshipType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, RelationshipType_Affects.ID, RelationshipType_AmendedBy.ID, RelationshipType_AncestorOf.ID, RelationshipType_AvailableFrom.ID, RelationshipType_Configures.ID, RelationshipType_Contains.ID, RelationshipType_CoordinatedBy.ID, RelationshipType_CopiedTo.ID, RelationshipType_DelegatedTo.ID, RelationshipType_DependsOn.ID, RelationshipType_DescendantOf.ID, RelationshipType_Describes.ID, RelationshipType_DoesNotAffect.ID, RelationshipType_ExpandsTo.ID, RelationshipType_ExploitCreatedBy.ID, RelationshipType_FixedBy.ID, RelationshipType_FixedIn.ID, RelationshipType_FoundBy.ID, RelationshipType_Generates.ID, RelationshipType_HasAddedFile.ID, RelationshipType_HasAssessmentFor.ID, RelationshipType_HasAssociatedVulnerability.ID, RelationshipType_HasConcludedLicense.ID, RelationshipType_HasDataFile.ID, RelationshipType_HasDeclaredLicense.ID, RelationshipType_HasDeletedFile.ID, RelationshipType_HasDependencyManifest.ID, RelationshipType_HasDistributionArtifact.ID, RelationshipType_HasDocumentation.ID, RelationshipType_HasDynamicLink.ID, RelationshipType_HasEvidence.ID, RelationshipType_HasExample.ID, RelationshipType_HasHost.ID, RelationshipType_HasInput.ID, RelationshipType_HasMetadata.ID, RelationshipType_HasOptionalComponent.ID, RelationshipType_HasOptionalDependency.ID, RelationshipType_HasOutput.ID, RelationshipType_HasPrerequisite.ID, RelationshipType_HasProvidedDependency.ID, RelationshipType_HasRequirement.ID, RelationshipType_HasSpecification.ID, RelationshipType_HasStaticLink.ID, RelationshipType_HasTest.ID, RelationshipType_HasTestCase.ID, RelationshipType_HasVariant.ID, RelationshipType_InvokedBy.ID, RelationshipType_ModifiedBy.ID, RelationshipType_Other.ID, RelationshipType_PackagedBy.ID, RelationshipType_PatchedBy.ID, RelationshipType_PublishedBy.ID, RelationshipType_ReportedBy.ID, RelationshipType_RepublishedBy.ID, RelationshipType_SerializedInArtifact.ID, RelationshipType_TestedOn.ID, RelationshipType_TrainedOn.ID, RelationshipType_UnderInvestigationFor.ID, RelationshipType_UsesTool.ID)...) + + return errs +} + +func (o *SpdxDocument) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ElementCollection.Validate(visited, path...)...) + + if v, ok := o.DataLicense.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "DataLicense")...)...) + } + + for i, v := range o.Imports { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "Imports", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.NamespaceMaps { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "NamespaceMaps", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *SupportType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SupportType_Deployed.ID, SupportType_Development.ID, SupportType_EndOfSupport.ID, SupportType_LimitedSupport.ID, SupportType_NoAssertion.ID, SupportType_NoSupport.ID, SupportType_Support.ID)...) + + return errs +} + +func (o *Tool) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + return errs +} + +func (o *DatasetConfidentialityLevelType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, DatasetConfidentialityLevelType_Amber.ID, DatasetConfidentialityLevelType_Clear.ID, DatasetConfidentialityLevelType_Green.ID, DatasetConfidentialityLevelType_Red.ID)...) + + return errs +} + +func (o *DatasetDatasetAvailabilityType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, DatasetDatasetAvailabilityType_Clickthrough.ID, DatasetDatasetAvailabilityType_DirectDownload.ID, DatasetDatasetAvailabilityType_Query.ID, DatasetDatasetAvailabilityType_Registration.ID, DatasetDatasetAvailabilityType_ScrapingScript.ID)...) + + return errs +} + +func (o *DatasetDatasetType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, DatasetDatasetType_Audio.ID, DatasetDatasetType_Categorical.ID, DatasetDatasetType_Graph.ID, DatasetDatasetType_Image.ID, DatasetDatasetType_NoAssertion.ID, DatasetDatasetType_Numeric.ID, DatasetDatasetType_Other.ID, DatasetDatasetType_Sensor.ID, DatasetDatasetType_Structured.ID, DatasetDatasetType_Syntactic.ID, DatasetDatasetType_Text.ID, DatasetDatasetType_Timeseries.ID, DatasetDatasetType_Timestamp.ID, DatasetDatasetType_Video.ID)...) + + return errs +} + +func (o *ExpandedlicensingLicenseAddition) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required/min/max/etc. + + // TODO: check for required + return errs +} + +func (o *ExpandedlicensingListedLicenseException) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ExpandedlicensingLicenseAddition.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *ExtensionCdxPropertyEntry) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *ExtensionExtension) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + return errs +} + +func (o *SecurityCvssSeverityType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SecurityCvssSeverityType_Critical.ID, SecurityCvssSeverityType_High.ID, SecurityCvssSeverityType_Low.ID, SecurityCvssSeverityType_Medium.ID, SecurityCvssSeverityType_None.ID)...) + + return errs +} + +func (o *SecurityExploitCatalogType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SecurityExploitCatalogType_Kev.ID, SecurityExploitCatalogType_Other.ID)...) + + return errs +} + +func (o *SecuritySsvcDecisionType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SecuritySsvcDecisionType_Act.ID, SecuritySsvcDecisionType_Attend.ID, SecuritySsvcDecisionType_Track.ID, SecuritySsvcDecisionType_TrackStar.ID)...) + + return errs +} + +func (o *SecurityVexJustificationType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SecurityVexJustificationType_ComponentNotPresent.ID, SecurityVexJustificationType_InlineMitigationsAlreadyExist.ID, SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary.ID, SecurityVexJustificationType_VulnerableCodeNotInExecutePath.ID, SecurityVexJustificationType_VulnerableCodeNotPresent.ID)...) + + return errs +} + +func (o *SecurityVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Relationship.Validate(visited, path...)...) + + if v, ok := o.SuppliedBy.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SuppliedBy")...)...) + } + + if v, ok := o.SecurityAssessedElement.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SecurityAssessedElement")...)...) + } + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SimplelicensingAnyLicenseInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + return errs +} + +func (o *SimplelicensingLicenseExpression) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) + + for i, v := range o.SimplelicensingCustomIdToUris { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SimplelicensingCustomIdToUris", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SimplelicensingSimpleLicensingText) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + // TODO: check for required + return errs +} + +func (o *SoftwareContentIdentifier) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) + + if o.SoftwareContentIdentifierType.ID == "" { + errs = append(errs, newValidationError(append(path, "SoftwareContentIdentifierType"), fmt.Errorf("required"))) + } + errs = append(errs, o.SoftwareContentIdentifierType.Validate(visited, append(path, "SoftwareContentIdentifierType")...)...) + + // TODO: check for required + return errs +} + +func (o *SoftwareContentIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SoftwareContentIdentifierType_Gitoid.ID, SoftwareContentIdentifierType_Swhid.ID)...) + + return errs +} + +func (o *SoftwareFileKindType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SoftwareFileKindType_Directory.ID, SoftwareFileKindType_File.ID)...) + + return errs +} + +func (o *SoftwareSbomType) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SoftwareSbomType_Analyzed.ID, SoftwareSbomType_Build.ID, SoftwareSbomType_Deployed.ID, SoftwareSbomType_Design.ID, SoftwareSbomType_Runtime.ID, SoftwareSbomType_Source.ID)...) + + return errs +} + +func (o *SoftwareSoftwarePurpose) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + + errs = append(errs, validateInValues(path, o.ID, SoftwareSoftwarePurpose_Application.ID, SoftwareSoftwarePurpose_Archive.ID, SoftwareSoftwarePurpose_Bom.ID, SoftwareSoftwarePurpose_Configuration.ID, SoftwareSoftwarePurpose_Container.ID, SoftwareSoftwarePurpose_Data.ID, SoftwareSoftwarePurpose_Device.ID, SoftwareSoftwarePurpose_DeviceDriver.ID, SoftwareSoftwarePurpose_DiskImage.ID, SoftwareSoftwarePurpose_Documentation.ID, SoftwareSoftwarePurpose_Evidence.ID, SoftwareSoftwarePurpose_Executable.ID, SoftwareSoftwarePurpose_File.ID, SoftwareSoftwarePurpose_FilesystemImage.ID, SoftwareSoftwarePurpose_Firmware.ID, SoftwareSoftwarePurpose_Framework.ID, SoftwareSoftwarePurpose_Install.ID, SoftwareSoftwarePurpose_Library.ID, SoftwareSoftwarePurpose_Manifest.ID, SoftwareSoftwarePurpose_Model.ID, SoftwareSoftwarePurpose_Module.ID, SoftwareSoftwarePurpose_OperatingSystem.ID, SoftwareSoftwarePurpose_Other.ID, SoftwareSoftwarePurpose_Patch.ID, SoftwareSoftwarePurpose_Platform.ID, SoftwareSoftwarePurpose_Requirement.ID, SoftwareSoftwarePurpose_Source.ID, SoftwareSoftwarePurpose_Specification.ID, SoftwareSoftwarePurpose_Test.ID)...) + + return errs +} + +func (o *BuildBuild) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + for i, v := range o.BuildConfigSourceDigests { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "BuildConfigSourceDigests", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required/min/max/etc. + + // TODO: check for required/min/max/etc. + + for i, v := range o.BuildEnvironments { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "BuildEnvironments", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.BuildParameters { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "BuildParameters", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *Agent) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + return errs +} + +func (o *Annotation) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + if o.AnnotationType.ID == "" { + errs = append(errs, newValidationError(append(path, "AnnotationType"), fmt.Errorf("required"))) + } + errs = append(errs, o.AnnotationType.Validate(visited, append(path, "AnnotationType")...)...) + + // TODO: check for required + + // TODO: check for required + + if v, ok := o.Subject.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "Subject")...)...) + } + + return errs +} + +func (o *Artifact) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Element.Validate(visited, path...)...) + + // TODO: check for required + + for i, v := range o.OriginatedBys { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "OriginatedBys", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required + + // TODO: check for required/min/max/etc. + + if v, ok := o.SuppliedBy.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SuppliedBy")...)...) + } + + for _, v := range o.SupportLevels { + errs = append(errs, v.Validate(visited, append(path, "SupportLevels")...)...) + } + + // TODO: check for required + return errs +} + +func (o *Bundle) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ElementCollection.Validate(visited, path...)...) + + // TODO: check for required + return errs +} + +func (o *Hash) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) + + if o.Algorithm.ID == "" { + errs = append(errs, newValidationError(append(path, "Algorithm"), fmt.Errorf("required"))) + } + errs = append(errs, o.Algorithm.Validate(visited, append(path, "Algorithm")...)...) + + // TODO: check for required + return errs +} + +func (o *LifecycleScopedRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Relationship.Validate(visited, path...)...) + + errs = append(errs, o.Scope.Validate(visited, append(path, "Scope")...)...) + + return errs +} + +func (o *Organization) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Agent.Validate(visited, path...)...) + + return errs +} + +func (o *Person) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Agent.Validate(visited, path...)...) + + return errs +} + +func (o *SoftwareAgent) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Agent.Validate(visited, path...)...) + + return errs +} + +func (o *ExpandedlicensingConjunctiveLicenseSet) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) + + for i, v := range o.ExpandedlicensingMembers { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingMembers", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *ExpandedlicensingCustomLicenseAddition) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ExpandedlicensingLicenseAddition.Validate(visited, path...)...) + + return errs +} + +func (o *ExpandedlicensingDisjunctiveLicenseSet) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) + + for i, v := range o.ExpandedlicensingMembers { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingMembers", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *ExpandedlicensingExtendableLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) + + return errs +} + +func (o *ExpandedlicensingIndividualLicensingInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) + + errs = append(errs, validateInValues(path, o.ID, ExpandedlicensingIndividualLicensingInfo_NoAssertionLicense.ID, ExpandedlicensingIndividualLicensingInfo_NoneLicense.ID)...) + + return errs +} + +func (o *ExpandedlicensingLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ExpandedlicensingExtendableLicense.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required/min/max/etc. + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *ExpandedlicensingListedLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ExpandedlicensingLicense.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *ExpandedlicensingOrLaterOperator) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ExpandedlicensingExtendableLicense.Validate(visited, path...)...) + + if v, ok := o.ExpandedlicensingSubjectLicense.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectLicense")...)...) + } + + return errs +} + +func (o *ExpandedlicensingWithAdditionOperator) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) + + if v, ok := o.ExpandedlicensingSubjectAddition.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectAddition")...)...) + } + + if v, ok := o.ExpandedlicensingSubjectExtendableLicense.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectExtendableLicense")...)...) + } + + return errs +} + +func (o *ExtensionCdxPropertiesExtension) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ExtensionExtension.Validate(visited, path...)...) + + for i, v := range o.ExtensionCdxPropertys { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "ExtensionCdxPropertys", strconv.Itoa(i))...)...) + } + } + + return errs +} + +func (o *SecurityCvssV2VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SecurityCvssV3VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) + + // TODO: check for required + + if o.SecuritySeverity.ID == "" { + errs = append(errs, newValidationError(append(path, "SecuritySeverity"), fmt.Errorf("required"))) + } + errs = append(errs, o.SecuritySeverity.Validate(visited, append(path, "SecuritySeverity")...)...) + + // TODO: check for required + return errs +} + +func (o *SecurityCvssV4VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) + + // TODO: check for required + + if o.SecuritySeverity.ID == "" { + errs = append(errs, newValidationError(append(path, "SecuritySeverity"), fmt.Errorf("required"))) + } + errs = append(errs, o.SecuritySeverity.Validate(visited, append(path, "SecuritySeverity")...)...) + + // TODO: check for required + return errs +} + +func (o *SecurityEpssVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SecurityExploitCatalogVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) + + if o.SecurityCatalogType.ID == "" { + errs = append(errs, newValidationError(append(path, "SecurityCatalogType"), fmt.Errorf("required"))) + } + errs = append(errs, o.SecurityCatalogType.Validate(visited, append(path, "SecurityCatalogType")...)...) + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SecuritySsvcVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) + + if o.SecurityDecisionType.ID == "" { + errs = append(errs, newValidationError(append(path, "SecurityDecisionType"), fmt.Errorf("required"))) + } + errs = append(errs, o.SecurityDecisionType.Validate(visited, append(path, "SecurityDecisionType")...)...) + + return errs +} + +func (o *SecurityVexVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SecurityVulnerability) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Artifact.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SoftwareSoftwareArtifact) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Artifact.Validate(visited, path...)...) + + for _, v := range o.SoftwareAdditionalPurposes { + errs = append(errs, v.Validate(visited, append(path, "SoftwareAdditionalPurposes")...)...) + } + + // TODO: check for required/min/max/etc. + + for i, v := range o.SoftwareContentIdentifiers { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SoftwareContentIdentifiers", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required + + errs = append(errs, o.SoftwarePrimaryPurpose.Validate(visited, append(path, "SoftwarePrimaryPurpose")...)...) + + return errs +} + +func (o *Bom) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Bundle.Validate(visited, path...)...) + + return errs +} + +func (o *ExpandedlicensingCustomLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.ExpandedlicensingLicense.Validate(visited, path...)...) + + return errs +} + +func (o *SecurityVexAffectedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SecurityVexFixedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) + + return errs +} + +func (o *SecurityVexNotAffectedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + + errs = append(errs, o.SecurityJustificationType.Validate(visited, append(path, "SecurityJustificationType")...)...) + + return errs +} + +func (o *SecurityVexUnderInvestigationVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) + + return errs +} + +func (o *SoftwareFile) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) + + // TODO: check for required + + errs = append(errs, o.SoftwareFileKind.Validate(visited, append(path, "SoftwareFileKind")...)...) + + return errs +} + +func (o *SoftwarePackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + return errs +} + +func (o *SoftwareSbom) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.Bom.Validate(visited, path...)...) + + for _, v := range o.SoftwareSbomTypes { + errs = append(errs, v.Validate(visited, append(path, "SoftwareSbomTypes")...)...) + } + + return errs +} + +func (o *SoftwareSnippet) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) + + if v, ok := o.SoftwareByteRange.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SoftwareByteRange")...)...) + } + + if v, ok := o.SoftwareLineRange.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SoftwareLineRange")...)...) + } + + if v, ok := o.SoftwareSnippetFromFile.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "SoftwareSnippetFromFile")...)...) + } + + return errs +} + +func (o *AiAIPackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SoftwarePackage.Validate(visited, path...)...) + + errs = append(errs, o.AiAutonomyType.Validate(visited, append(path, "AiAutonomyType")...)...) + + // TODO: check for required/min/max/etc. + + if v, ok := o.AiEnergyConsumption.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "AiEnergyConsumption")...)...) + } + + for i, v := range o.AiHyperparameters { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "AiHyperparameters", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required + + // TODO: check for required + + // TODO: check for required + + for i, v := range o.AiMetrics { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "AiMetrics", strconv.Itoa(i))...)...) + } + } + + for i, v := range o.AiMetricDecisionThresholds { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "AiMetricDecisionThresholds", strconv.Itoa(i))...)...) + } + } + + // TODO: check for required/min/max/etc. + + // TODO: check for required/min/max/etc. + + errs = append(errs, o.AiSafetyRiskAssessment.Validate(visited, append(path, "AiSafetyRiskAssessment")...)...) + + // TODO: check for required/min/max/etc. + + // TODO: check for required/min/max/etc. + + errs = append(errs, o.AiUseSensitivePersonalInformation.Validate(visited, append(path, "AiUseSensitivePersonalInformation")...)...) + + return errs +} + +func (o *DatasetDatasetPackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { + if visited == nil { + visited = map[any]struct{}{} + } + if _, ok := visited[o]; ok { + return nil + } + visited[o] = struct{}{} + var errs []ValidationError + errs = append(errs, o.SoftwarePackage.Validate(visited, path...)...) + + // TODO: check for required/min/max/etc. + + errs = append(errs, o.DatasetConfidentialityLevel.Validate(visited, append(path, "DatasetConfidentialityLevel")...)...) + + // TODO: check for required + + // TODO: check for required/min/max/etc. + + errs = append(errs, o.DatasetDatasetAvailability.Validate(visited, append(path, "DatasetDatasetAvailability")...)...) + + // TODO: check for required + + // TODO: check for required + + if len(o.DatasetDatasetTypes) < 1 { + errs = append(errs, newValidationError(append(path, "DatasetDatasetTypes"), fmt.Errorf("required min count: %v", 1))) + } + for _, v := range o.DatasetDatasetTypes { + errs = append(errs, v.Validate(visited, append(path, "DatasetDatasetTypes")...)...) + } + + // TODO: check for required + + errs = append(errs, o.DatasetHasSensitivePersonalInformation.Validate(visited, append(path, "DatasetHasSensitivePersonalInformation")...)...) + + // TODO: check for required + + // TODO: check for required/min/max/etc. + + for i, v := range o.DatasetSensors { + if v, ok := v.(validator); ok { + errs = append(errs, v.Validate(visited, append(path, "DatasetSensors", strconv.Itoa(i))...)...) + } + } + + return errs +} From a45af1e6413651c7b812ca3b59997b0042fdff0a Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Tue, 28 Jan 2025 20:21:12 -0500 Subject: [PATCH 05/21] chore: update go version to 1.23 Signed-off-by: Keith Zantow --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7b3e99f9..3df44ddb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,7 +9,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: '1.20' + go-version: '1.23' - name: Run tests run: make test - name: Send coverage report to coveralls From 8533d401f73c71bf383bcc336c732015a80c62d5 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Tue, 4 Feb 2025 13:44:14 -0500 Subject: [PATCH 06/21] chore: update model and examples Signed-off-by: Keith Zantow --- spdx/v3/v3_0/model.go | 1335 ++++++++++++++----------------------- spdx/v3/v3_0/spdx.go | 69 +- spdx/v3/v3_0/spdx_test.go | 149 +---- 3 files changed, 527 insertions(+), 1026 deletions(-) diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go index 590211a2..9a9c4796 100644 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -13,19 +13,19 @@ import ( // A class for describing the energy consumption incurred by an AI model in // different stages of its lifecycle. type AiEnergyConsumption struct { - ID string + ID string `iri:"@id"` // Specifies the amount of energy consumed when finetuning the AI model that is // being used in the AI system. - AiFinetuningEnergyConsumptions AiEnergyConsumptionDescriptionList + AiFinetuningEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" iri-compact:"ai_finetuningEnergyConsumption"` // Specifies the amount of energy consumed during inference time by an AI model // that is being used in the AI system. - AiInferenceEnergyConsumptions AiEnergyConsumptionDescriptionList + AiInferenceEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" iri-compact:"ai_inferenceEnergyConsumption"` // Specifies the amount of energy consumed when training the AI model that is // being used in the AI system. - AiTrainingEnergyConsumptions AiEnergyConsumptionDescriptionList + AiTrainingEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" iri-compact:"ai_trainingEnergyConsumption"` } func castAiEnergyConsumption(o any) *AiEnergyConsumption { @@ -45,11 +45,6 @@ type AnyAiEnergyConsumption interface { type AiEnergyConsumptionList []AnyAiEnergyConsumption -func (o *AiEnergyConsumptionList) Append(values ...AnyAiEnergyConsumption) { - *o = append(*o, values...) -} -func (o *AiEnergyConsumptionList) Remove(value AnyAiEnergyConsumption) { remove(o, value) } - func (o *AiEnergyConsumptionList) AiEnergyConsumptionIter() iter.Seq2[AnyAiEnergyConsumption, *AiEnergyConsumption] { return typeIter(*o, castAiEnergyConsumption) } @@ -57,12 +52,12 @@ func (o *AiEnergyConsumptionList) AiEnergyConsumptionIter() iter.Seq2[AnyAiEnerg // The class that helps note down the quantity of energy consumption and the unit // used for measurement. type AiEnergyConsumptionDescription struct { - ID string + ID string `iri:"@id"` // Represents the energy quantity. - AiEnergyQuantity float64 + AiEnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" iri-compact:"ai_energyQuantity"` // Specifies the unit in which energy is measured. - AiEnergyUnit AiEnergyUnitType + AiEnergyUnit aiEnergyUnitType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" iri-compact:"ai_energyUnit"` } func castAiEnergyConsumptionDescription(o any) *AiEnergyConsumptionDescription { @@ -82,77 +77,70 @@ type AnyAiEnergyConsumptionDescription interface { type AiEnergyConsumptionDescriptionList []AnyAiEnergyConsumptionDescription -func (o *AiEnergyConsumptionDescriptionList) Append(values ...AnyAiEnergyConsumptionDescription) { - *o = append(*o, values...) -} -func (o *AiEnergyConsumptionDescriptionList) Remove(value AnyAiEnergyConsumptionDescription) { - remove(o, value) -} - func (o *AiEnergyConsumptionDescriptionList) AiEnergyConsumptionDescriptionIter() iter.Seq2[AnyAiEnergyConsumptionDescription, *AiEnergyConsumptionDescription] { return typeIter(*o, castAiEnergyConsumptionDescription) } // Specifies the unit of energy consumption. -type AiEnergyUnitType struct { - ID string +type aiEnergyUnitType struct { + ID string `iri:"@id"` } // Kilowatt-hour. -var AiEnergyUnitType_KilowattHour = AiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour"} +var AiEnergyUnitType_KilowattHour = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour"} // Megajoule. -var AiEnergyUnitType_Megajoule = AiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule"} +var AiEnergyUnitType_Megajoule = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule"} // Any other units of energy measurement. -var AiEnergyUnitType_Other = AiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other"} +var AiEnergyUnitType_Other = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other"} // Specifies the safety risk level. -type AiSafetyRiskAssessmentType struct { - ID string +type aiSafetyRiskAssessmentType struct { + ID string `iri:"@id"` } // The second-highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_High = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high"} +var AiSafetyRiskAssessmentType_High = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high"} // Low/no risk is posed by an AI system. -var AiSafetyRiskAssessmentType_Low = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low"} +var AiSafetyRiskAssessmentType_Low = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low"} // The third-highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_Medium = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium"} +var AiSafetyRiskAssessmentType_Medium = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium"} // The highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_Serious = AiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious"} +var AiSafetyRiskAssessmentType_Serious = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious"} // Specifies the type of an annotation. -type AnnotationType struct { - ID string +type annotationType struct { + ID string `iri:"@id"` } // Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). -var AnnotationType_Other = AnnotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other"} +var AnnotationType_Other = annotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other"} // Used when someone reviews the Element. -var AnnotationType_Review = AnnotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review"} +var AnnotationType_Review = annotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review"} // Provides information about the creation of the Element. type CreationInfo struct { - ID string + ID string `iri:"@id"` // Provide consumers with comments by the creator of the Element about the // Element. - Comment string + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` // Identifies when the Element was originally created. - Created time.Time + Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" iri-compact:"created"` // Identifies who or what created the Element. - CreatedBys AgentList + CreatedBys AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" iri-compact:"createdBy"` // Identifies the tooling that was used during the creation of the Element. - CreatedUsings ToolList + CreatedUsings ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" iri-compact:"createdUsing"` // Provides a reference number that can be used to understand how to parse and // interpret an Element. - SpecVersion string + SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" iri-compact:"specVersion"` } func castCreationInfo(o any) *CreationInfo { @@ -172,21 +160,18 @@ type AnyCreationInfo interface { type CreationInfoList []AnyCreationInfo -func (o *CreationInfoList) Append(values ...AnyCreationInfo) { *o = append(*o, values...) } -func (o *CreationInfoList) Remove(value AnyCreationInfo) { remove(o, value) } - func (o *CreationInfoList) CreationInfoIter() iter.Seq2[AnyCreationInfo, *CreationInfo] { return typeIter(*o, castCreationInfo) } // A key with an associated value. type DictionaryEntry struct { - ID string + ID string `iri:"@id"` // A key used in a generic key-value pair. - Key string + Key string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/key" iri-compact:"key"` // A value used in a generic key-value pair. - Value string + Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" iri-compact:"value"` } func castDictionaryEntry(o any) *DictionaryEntry { @@ -206,43 +191,40 @@ type AnyDictionaryEntry interface { type DictionaryEntryList []AnyDictionaryEntry -func (o *DictionaryEntryList) Append(values ...AnyDictionaryEntry) { *o = append(*o, values...) } -func (o *DictionaryEntryList) Remove(value AnyDictionaryEntry) { remove(o, value) } - func (o *DictionaryEntryList) DictionaryEntryIter() iter.Seq2[AnyDictionaryEntry, *DictionaryEntry] { return typeIter(*o, castDictionaryEntry) } // Base domain class from which all other SPDX-3.0 domain classes derive. type Element struct { - ID string + ID string `iri:"@id" iri-compact:"spdxId"` // Provide consumers with comments by the creator of the Element about the // Element. - Comment string + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` // Provides information about the creation of the Element. - CreationInfo AnyCreationInfo + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" iri-compact:"creationInfo"` // Provides a detailed description of the Element. - Description string + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" iri-compact:"description"` // Specifies an Extension characterization of some aspect of an Element. - Extensions ExtensionExtensionList + Extensions ExtensionExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" iri-compact:"extension"` // Provides a reference to a resource outside the scope of SPDX-3.0 content // that uniquely identifies an Element. - ExternalIdentifiers ExternalIdentifierList + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` // Points to a resource outside the scope of the SPDX-3.0 content // that provides additional characteristics of an Element. - ExternalRefs ExternalRefList + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" iri-compact:"externalRef"` // Identifies the name of an Element as designated by the creator. - Name string + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" iri-compact:"name"` // A short description of an Element. - Summary string + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" iri-compact:"summary"` // Provides an IntegrityMethod with which the integrity of an Element can be // asserted. - VerifiedUsings IntegrityMethodList + VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` } func castElement(o any) *Element { @@ -262,9 +244,6 @@ type AnyElement interface { type ElementList []AnyElement -func (o *ElementList) Append(values ...AnyElement) { *o = append(*o, values...) } -func (o *ElementList) Remove(value AnyElement) { remove(o, value) } - func (o *ElementList) ElementIter() iter.Seq2[AnyElement, *Element] { return typeIter(*o, castElement) } func (o *ElementList) ElementCollectionIter() iter.Seq2[AnyElement, *ElementCollection] { return typeIter(*o, castElementCollection) @@ -412,13 +391,13 @@ type ElementCollection struct { Element // Refers to one or more Elements that are part of an ElementCollection. - Elements ElementList + Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" iri-compact:"element"` // Describes one a profile which the creator of this ElementCollection intends to // conform to. - ProfileConformances []ProfileIdentifierType + ProfileConformances []profileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" iri-compact:"profileConformance"` // This property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements ElementList + RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" iri-compact:"rootElement"` } func castElementCollection(o any) *ElementCollection { @@ -439,9 +418,6 @@ type AnyElementCollection interface { type ElementCollectionList []AnyElementCollection -func (o *ElementCollectionList) Append(values ...AnyElementCollection) { *o = append(*o, values...) } -func (o *ElementCollectionList) Remove(value AnyElementCollection) { remove(o, value) } - func (o *ElementCollectionList) ElementCollectionIter() iter.Seq2[AnyElementCollection, *ElementCollection] { return typeIter(*o, castElementCollection) } @@ -460,19 +436,19 @@ func (o *ElementCollectionList) SoftwareSbomIter() iter.Seq2[AnyElementCollectio // A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. type ExternalIdentifier struct { - ID string + ID string `iri:"@id"` // Provide consumers with comments by the creator of the Element about the // Element. - Comment string + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` // Specifies the type of the external identifier. - ExternalIdentifierType ExternalIdentifierType + ExternalIdentifierType externalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" iri-compact:"externalIdentifierType"` // Uniquely identifies an external element. - Identifier string + Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" iri-compact:"identifier"` // Provides the location for more information regarding an external identifier. - IdentifierLocators []string + IdentifierLocators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" iri-compact:"identifierLocator"` // An entity that is authorized to issue identification credentials. - IssuingAuthority string + IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" iri-compact:"issuingAuthority"` } func castExternalIdentifier(o any) *ExternalIdentifier { @@ -492,68 +468,65 @@ type AnyExternalIdentifier interface { type ExternalIdentifierList []AnyExternalIdentifier -func (o *ExternalIdentifierList) Append(values ...AnyExternalIdentifier) { *o = append(*o, values...) } -func (o *ExternalIdentifierList) Remove(value AnyExternalIdentifier) { remove(o, value) } - func (o *ExternalIdentifierList) ExternalIdentifierIter() iter.Seq2[AnyExternalIdentifier, *ExternalIdentifier] { return typeIter(*o, castExternalIdentifier) } // Specifies the type of an external identifier. -type ExternalIdentifierType struct { - ID string +type externalIdentifierType struct { + ID string `iri:"@id"` } // [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) -var ExternalIdentifierType_Cpe22 = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22"} +var ExternalIdentifierType_Cpe22 = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22"} // [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) -var ExternalIdentifierType_Cpe23 = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23"} +var ExternalIdentifierType_Cpe23 = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23"} // Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). -var ExternalIdentifierType_Cve = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve"} +var ExternalIdentifierType_Cve = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve"} // Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. -var ExternalIdentifierType_Email = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email"} +var ExternalIdentifierType_Email = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email"} // [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var ExternalIdentifierType_Gitoid = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid"} +var ExternalIdentifierType_Gitoid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid"} // Used when the type does not match any of the other options. -var ExternalIdentifierType_Other = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other"} +var ExternalIdentifierType_Other = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other"} // Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. -var ExternalIdentifierType_PackageUrl = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl"} +var ExternalIdentifierType_PackageUrl = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl"} // Used when there is a security related identifier of unspecified type. -var ExternalIdentifierType_SecurityOther = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther"} +var ExternalIdentifierType_SecurityOther = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther"} // SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var ExternalIdentifierType_Swhid = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid"} +var ExternalIdentifierType_Swhid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid"} // Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. -var ExternalIdentifierType_Swid = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid"} +var ExternalIdentifierType_Swid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid"} // [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. -var ExternalIdentifierType_UrlScheme = ExternalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme"} +var ExternalIdentifierType_UrlScheme = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme"} // A map of Element identifiers that are used within an SpdxDocument but defined // external to that SpdxDocument. type ExternalMap struct { - ID string + ID string `iri:"@id"` // Artifact representing a serialization instance of SPDX data containing the // definition of a particular Element. - DefiningArtifact AnyArtifact + DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" iri-compact:"definingArtifact"` // Identifies an external Element used within an SpdxDocument but defined // external to that SpdxDocument. - ExternalSpdxId string + ExternalSpdxId string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" iri-compact:"externalSpdxId"` // Provides an indication of where to retrieve an external Element. - LocationHint string + LocationHint string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" iri-compact:"locationHint"` // Provides an IntegrityMethod with which the integrity of an Element can be // asserted. - VerifiedUsings IntegrityMethodList + VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` } func castExternalMap(o any) *ExternalMap { @@ -573,26 +546,23 @@ type AnyExternalMap interface { type ExternalMapList []AnyExternalMap -func (o *ExternalMapList) Append(values ...AnyExternalMap) { *o = append(*o, values...) } -func (o *ExternalMapList) Remove(value AnyExternalMap) { remove(o, value) } - func (o *ExternalMapList) ExternalMapIter() iter.Seq2[AnyExternalMap, *ExternalMap] { return typeIter(*o, castExternalMap) } // A reference to a resource outside the scope of SPDX-3.0 content related to an Element. type ExternalRef struct { - ID string + ID string `iri:"@id"` // Provide consumers with comments by the creator of the Element about the // Element. - Comment string + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` // Provides information about the content type of an Element or a Property. - ContentType string + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` // Specifies the type of the external reference. - ExternalRefType ExternalRefType + ExternalRefType externalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" iri-compact:"externalRefType"` // Provides the location of an external reference. - Locators []string + Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" iri-compact:"locator"` } func castExternalRef(o any) *ExternalRef { @@ -612,226 +582,223 @@ type AnyExternalRef interface { type ExternalRefList []AnyExternalRef -func (o *ExternalRefList) Append(values ...AnyExternalRef) { *o = append(*o, values...) } -func (o *ExternalRefList) Remove(value AnyExternalRef) { remove(o, value) } - func (o *ExternalRefList) ExternalRefIter() iter.Seq2[AnyExternalRef, *ExternalRef] { return typeIter(*o, castExternalRef) } // Specifies the type of an external reference. -type ExternalRefType struct { - ID string +type externalRefType struct { + ID string `iri:"@id"` } // A reference to an alternative download location. -var ExternalRefType_AltDownloadLocation = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation"} +var ExternalRefType_AltDownloadLocation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation"} // A reference to an alternative web page. -var ExternalRefType_AltWebPage = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage"} +var ExternalRefType_AltWebPage = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage"} // A reference to binary artifacts related to a package. -var ExternalRefType_BinaryArtifact = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact"} +var ExternalRefType_BinaryArtifact = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact"} // A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). -var ExternalRefType_Bower = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower"} +var ExternalRefType_Bower = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower"} // A reference build metadata related to a published package. -var ExternalRefType_BuildMeta = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta"} +var ExternalRefType_BuildMeta = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta"} // A reference build system used to create or publish the package. -var ExternalRefType_BuildSystem = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem"} +var ExternalRefType_BuildSystem = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem"} // A reference to a certification report for a package from an accredited/independent body. -var ExternalRefType_CertificationReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport"} +var ExternalRefType_CertificationReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport"} // A reference to the instant messaging system used by the maintainer for a package. -var ExternalRefType_Chat = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat"} +var ExternalRefType_Chat = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat"} // A reference to a Software Composition Analysis (SCA) report. -var ExternalRefType_ComponentAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport"} +var ExternalRefType_ComponentAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport"} // [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). -var ExternalRefType_Cwe = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe"} +var ExternalRefType_Cwe = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe"} // A reference to the documentation for a package. -var ExternalRefType_Documentation = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation"} +var ExternalRefType_Documentation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation"} // A reference to a dynamic analysis report for a package. -var ExternalRefType_DynamicAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport"} +var ExternalRefType_DynamicAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport"} // A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. -var ExternalRefType_EolNotice = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice"} +var ExternalRefType_EolNotice = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice"} // A reference to a export control assessment for a package. -var ExternalRefType_ExportControlAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment"} +var ExternalRefType_ExportControlAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment"} // A reference to funding information related to a package. -var ExternalRefType_Funding = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding"} +var ExternalRefType_Funding = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding"} // A reference to the issue tracker for a package. -var ExternalRefType_IssueTracker = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker"} +var ExternalRefType_IssueTracker = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker"} // A reference to additional license information related to an artifact. -var ExternalRefType_License = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license"} +var ExternalRefType_License = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license"} // A reference to the mailing list used by the maintainer for a package. -var ExternalRefType_MailingList = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList"} +var ExternalRefType_MailingList = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList"} // A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. -var ExternalRefType_MavenCentral = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral"} +var ExternalRefType_MavenCentral = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral"} // A reference to metrics related to package such as OpenSSF scorecards. -var ExternalRefType_Metrics = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics"} +var ExternalRefType_Metrics = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics"} // A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. -var ExternalRefType_Npm = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm"} +var ExternalRefType_Npm = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm"} // A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. -var ExternalRefType_Nuget = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget"} +var ExternalRefType_Nuget = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget"} // Used when the type does not match any of the other options. -var ExternalRefType_Other = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other"} +var ExternalRefType_Other = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other"} // A reference to a privacy assessment for a package. -var ExternalRefType_PrivacyAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment"} +var ExternalRefType_PrivacyAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment"} // A reference to additional product metadata such as reference within organization's product catalog. -var ExternalRefType_ProductMetadata = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata"} +var ExternalRefType_ProductMetadata = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata"} // A reference to a purchase order for a package. -var ExternalRefType_PurchaseOrder = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder"} +var ExternalRefType_PurchaseOrder = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder"} // A reference to a quality assessment for a package. -var ExternalRefType_QualityAssessmentReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport"} +var ExternalRefType_QualityAssessmentReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport"} // A reference to a published list of releases for a package. -var ExternalRefType_ReleaseHistory = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory"} +var ExternalRefType_ReleaseHistory = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory"} // A reference to the release notes for a package. -var ExternalRefType_ReleaseNotes = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes"} +var ExternalRefType_ReleaseNotes = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes"} // A reference to a risk assessment for a package. -var ExternalRefType_RiskAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment"} +var ExternalRefType_RiskAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment"} // A reference to a runtime analysis report for a package. -var ExternalRefType_RuntimeAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport"} +var ExternalRefType_RuntimeAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport"} // A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). -var ExternalRefType_SecureSoftwareAttestation = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation"} +var ExternalRefType_SecureSoftwareAttestation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation"} // A reference to the security adversary model for a package. -var ExternalRefType_SecurityAdversaryModel = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel"} +var ExternalRefType_SecurityAdversaryModel = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel"} // A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. -var ExternalRefType_SecurityAdvisory = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory"} +var ExternalRefType_SecurityAdvisory = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory"} // A reference to the patch or source code that fixes a vulnerability. -var ExternalRefType_SecurityFix = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix"} +var ExternalRefType_SecurityFix = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix"} // A reference to related security information of unspecified type. -var ExternalRefType_SecurityOther = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther"} +var ExternalRefType_SecurityOther = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther"} // A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. -var ExternalRefType_SecurityPenTestReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport"} +var ExternalRefType_SecurityPenTestReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport"} // A reference to instructions for reporting newly discovered security vulnerabilities for a package. -var ExternalRefType_SecurityPolicy = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy"} +var ExternalRefType_SecurityPolicy = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy"} // A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. -var ExternalRefType_SecurityThreatModel = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel"} +var ExternalRefType_SecurityThreatModel = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel"} // A reference to a social media channel for a package. -var ExternalRefType_SocialMedia = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia"} +var ExternalRefType_SocialMedia = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia"} // A reference to an artifact containing the sources for a package. -var ExternalRefType_SourceArtifact = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact"} +var ExternalRefType_SourceArtifact = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact"} // A reference to a static analysis report for a package. -var ExternalRefType_StaticAnalysisReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport"} +var ExternalRefType_StaticAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport"} // A reference to the software support channel or other support information for a package. -var ExternalRefType_Support = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support"} +var ExternalRefType_Support = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support"} // A reference to a version control system related to a software artifact. -var ExternalRefType_Vcs = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs"} +var ExternalRefType_Vcs = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs"} // A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). -var ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"} +var ExternalRefType_VulnerabilityDisclosureReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"} // A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). -var ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"} +var ExternalRefType_VulnerabilityExploitabilityAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"} // A mathematical algorithm that maps data of arbitrary size to a bit string. -type HashAlgorithm struct { - ID string +type hashAlgorithm struct { + ID string `iri:"@id"` } // Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. -var HashAlgorithm_Adler32 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32"} +var HashAlgorithm_Adler32 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32"} // BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b256 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256"} +var HashAlgorithm_Blake2b256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256"} // BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b384 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384"} +var HashAlgorithm_Blake2b384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384"} // BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b512 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512"} +var HashAlgorithm_Blake2b512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512"} // [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) -var HashAlgorithm_Blake3 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3"} +var HashAlgorithm_Blake3 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3"} // [Dilithium](https://pq-crystals.org/dilithium/) -var HashAlgorithm_CrystalsDilithium = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium"} +var HashAlgorithm_CrystalsDilithium = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium"} // [Kyber](https://pq-crystals.org/kyber/) -var HashAlgorithm_CrystalsKyber = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber"} +var HashAlgorithm_CrystalsKyber = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber"} // [FALCON](https://falcon-sign.info/falcon.pdf) -var HashAlgorithm_Falcon = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon"} +var HashAlgorithm_Falcon = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon"} // MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). -var HashAlgorithm_Md2 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2"} +var HashAlgorithm_Md2 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2"} // MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). -var HashAlgorithm_Md4 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4"} +var HashAlgorithm_Md4 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4"} // MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). -var HashAlgorithm_Md5 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5"} +var HashAlgorithm_Md5 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5"} // [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) -var HashAlgorithm_Md6 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6"} +var HashAlgorithm_Md6 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6"} // any hashing algorithm that does not exist in this list of entries -var HashAlgorithm_Other = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other"} +var HashAlgorithm_Other = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other"} // SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). -var HashAlgorithm_Sha1 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1"} +var HashAlgorithm_Sha1 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1"} // SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). -var HashAlgorithm_Sha224 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224"} +var HashAlgorithm_Sha224 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224"} // SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha256 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256"} +var HashAlgorithm_Sha256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256"} // SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha384 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384"} +var HashAlgorithm_Sha384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384"} // SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3224 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224"} +var HashAlgorithm_Sha3224 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224"} // SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3256 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256"} +var HashAlgorithm_Sha3256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256"} // SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3384 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384"} +var HashAlgorithm_Sha3384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384"} // SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3512 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512"} +var HashAlgorithm_Sha3512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512"} // SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha512 = HashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512"} +var HashAlgorithm_Sha512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512"} // A concrete subclass of Element used by Individuals in the // Core profile. @@ -865,20 +832,17 @@ type AnyIndividualElement interface { type IndividualElementList []AnyIndividualElement -func (o *IndividualElementList) Append(values ...AnyIndividualElement) { *o = append(*o, values...) } -func (o *IndividualElementList) Remove(value AnyIndividualElement) { remove(o, value) } - func (o *IndividualElementList) IndividualElementIter() iter.Seq2[AnyIndividualElement, *IndividualElement] { return typeIter(*o, castIndividualElement) } // Provides an independently reproducible mechanism that permits verification of a specific Element. type IntegrityMethod struct { - ID string + ID string `iri:"@id"` // Provide consumers with comments by the creator of the Element about the // Element. - Comment string + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` } func castIntegrityMethod(o any) *IntegrityMethod { @@ -898,9 +862,6 @@ type AnyIntegrityMethod interface { type IntegrityMethodList []AnyIntegrityMethod -func (o *IntegrityMethodList) Append(values ...AnyIntegrityMethod) { *o = append(*o, values...) } -func (o *IntegrityMethodList) Remove(value AnyIntegrityMethod) { remove(o, value) } - func (o *IntegrityMethodList) IntegrityMethodIter() iter.Seq2[AnyIntegrityMethod, *IntegrityMethod] { return typeIter(*o, castIntegrityMethod) } @@ -915,37 +876,37 @@ func (o *IntegrityMethodList) HashIter() iter.Seq2[AnyIntegrityMethod, *Hash] { } // Provide an enumerated set of lifecycle phases that can provide context to relationships. -type LifecycleScopeType struct { - ID string +type lifecycleScopeType struct { + ID string `iri:"@id"` } // A relationship has specific context implications during an element's build phase, during development. -var LifecycleScopeType_Build = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build"} +var LifecycleScopeType_Build = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build"} // A relationship has specific context implications during an element's design. -var LifecycleScopeType_Design = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design"} +var LifecycleScopeType_Design = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design"} // A relationship has specific context implications during development phase of an element. -var LifecycleScopeType_Development = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development"} +var LifecycleScopeType_Development = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development"} // A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. -var LifecycleScopeType_Other = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other"} +var LifecycleScopeType_Other = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other"} // A relationship has specific context implications during the execution phase of an element. -var LifecycleScopeType_Runtime = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime"} +var LifecycleScopeType_Runtime = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime"} // A relationship has specific context implications during an element's testing phase, during development. -var LifecycleScopeType_Test = LifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test"} +var LifecycleScopeType_Test = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test"} // A mapping between prefixes and namespace partial URIs. type NamespaceMap struct { - ID string + ID string `iri:"@id"` // Provides an unambiguous mechanism for conveying a URI fragment portion of an // Element ID. - Namespace string + Namespace string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" iri-compact:"namespace"` // A substitute for a URI. - Prefix string + Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" iri-compact:"prefix"` } func castNamespaceMap(o any) *NamespaceMap { @@ -965,9 +926,6 @@ type AnyNamespaceMap interface { type NamespaceMapList []AnyNamespaceMap -func (o *NamespaceMapList) Append(values ...AnyNamespaceMap) { *o = append(*o, values...) } -func (o *NamespaceMapList) Remove(value AnyNamespaceMap) { remove(o, value) } - func (o *NamespaceMapList) NamespaceMapIter() iter.Seq2[AnyNamespaceMap, *NamespaceMap] { return typeIter(*o, castNamespaceMap) } @@ -977,12 +935,12 @@ type PackageVerificationCode struct { IntegrityMethod // Specifies the algorithm used for calculating the hash value. - Algorithm HashAlgorithm + Algorithm hashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" iri-compact:"algorithm"` // The result of applying a hash algorithm to an Element. - HashValue string + HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" iri-compact:"hashValue"` // The relative file name of a file to be excluded from the // `PackageVerificationCode`. - PackageVerificationCodeExcludedFiles []string + PackageVerificationCodeExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" iri-compact:"packageVerificationCodeExcludedFile"` } func castPackageVerificationCode(o any) *PackageVerificationCode { @@ -1003,23 +961,18 @@ type AnyPackageVerificationCode interface { type PackageVerificationCodeList []AnyPackageVerificationCode -func (o *PackageVerificationCodeList) Append(values ...AnyPackageVerificationCode) { - *o = append(*o, values...) -} -func (o *PackageVerificationCodeList) Remove(value AnyPackageVerificationCode) { remove(o, value) } - func (o *PackageVerificationCodeList) PackageVerificationCodeIter() iter.Seq2[AnyPackageVerificationCode, *PackageVerificationCode] { return typeIter(*o, castPackageVerificationCode) } // A tuple of two positive integers that define a range. type PositiveIntegerRange struct { - ID string + ID string `iri:"@id"` // Defines the beginning of a range. - BeginIntegerRange int + BeginIntegerRange int `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" iri-compact:"beginIntegerRange"` // Defines the end of a range. - EndIntegerRange int + EndIntegerRange int `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" iri-compact:"endIntegerRange"` } func castPositiveIntegerRange(o any) *PositiveIntegerRange { @@ -1039,81 +992,76 @@ type AnyPositiveIntegerRange interface { type PositiveIntegerRangeList []AnyPositiveIntegerRange -func (o *PositiveIntegerRangeList) Append(values ...AnyPositiveIntegerRange) { - *o = append(*o, values...) -} -func (o *PositiveIntegerRangeList) Remove(value AnyPositiveIntegerRange) { remove(o, value) } - func (o *PositiveIntegerRangeList) PositiveIntegerRangeIter() iter.Seq2[AnyPositiveIntegerRange, *PositiveIntegerRange] { return typeIter(*o, castPositiveIntegerRange) } // Categories of presence or absence. -type PresenceType struct { - ID string +type presenceType struct { + ID string `iri:"@id"` } // Indicates absence of the field. -var PresenceType_No = PresenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no"} +var PresenceType_No = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no"} // Makes no assertion about the field. -var PresenceType_NoAssertion = PresenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion"} +var PresenceType_NoAssertion = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion"} // Indicates presence of the field. -var PresenceType_Yes = PresenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes"} +var PresenceType_Yes = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes"} // Enumeration of the valid profiles. -type ProfileIdentifierType struct { - ID string +type profileIdentifierType struct { + ID string `iri:"@id"` } // the element follows the AI profile specification -var ProfileIdentifierType_Ai = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai"} +var ProfileIdentifierType_Ai = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai"} // the element follows the Build profile specification -var ProfileIdentifierType_Build = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build"} +var ProfileIdentifierType_Build = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build"} // the element follows the Core profile specification -var ProfileIdentifierType_Core = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core"} +var ProfileIdentifierType_Core = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core"} // the element follows the Dataset profile specification -var ProfileIdentifierType_Dataset = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset"} +var ProfileIdentifierType_Dataset = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset"} // the element follows the ExpandedLicensing profile specification -var ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing"} +var ProfileIdentifierType_ExpandedLicensing = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing"} // the element follows the Extension profile specification -var ProfileIdentifierType_Extension = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension"} +var ProfileIdentifierType_Extension = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension"} // the element follows the Lite profile specification -var ProfileIdentifierType_Lite = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite"} +var ProfileIdentifierType_Lite = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite"} // the element follows the Security profile specification -var ProfileIdentifierType_Security = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security"} +var ProfileIdentifierType_Security = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security"} // the element follows the SimpleLicensing profile specification -var ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing"} +var ProfileIdentifierType_SimpleLicensing = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing"} // the element follows the Software profile specification -var ProfileIdentifierType_Software = ProfileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software"} +var ProfileIdentifierType_Software = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software"} // Describes a relationship between one or more elements. type Relationship struct { Element // Provides information about the completeness of relationships. - Completeness RelationshipCompleteness + Completeness relationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" iri-compact:"completeness"` // Specifies the time from which an element is no longer applicable / valid. - EndTime time.Time + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" iri-compact:"endTime"` // References the Element on the left-hand side of a relationship. - From AnyElement + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" iri-compact:"from"` // Information about the relationship between two Elements. - RelationshipType RelationshipType + RelationshipType relationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" iri-compact:"relationshipType"` // Specifies the time from which an element is applicable / valid. - StartTime time.Time + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" iri-compact:"startTime"` // References an Element on the right-hand side of a relationship. - Tos ElementList + Tos ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" iri-compact:"to"` } func castRelationship(o any) *Relationship { @@ -1134,9 +1082,6 @@ type AnyRelationship interface { type RelationshipList []AnyRelationship -func (o *RelationshipList) Append(values ...AnyRelationship) { *o = append(*o, values...) } -func (o *RelationshipList) Remove(value AnyRelationship) { remove(o, value) } - func (o *RelationshipList) RelationshipIter() iter.Seq2[AnyRelationship, *Relationship] { return typeIter(*o, castRelationship) } @@ -1181,200 +1126,200 @@ func (o *RelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationsh } // Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. -type RelationshipCompleteness struct { - ID string +type relationshipCompleteness struct { + ID string `iri:"@id"` } // The relationship is known to be exhaustive. -var RelationshipCompleteness_Complete = RelationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete"} +var RelationshipCompleteness_Complete = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete"} // The relationship is known not to be exhaustive. -var RelationshipCompleteness_Incomplete = RelationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete"} +var RelationshipCompleteness_Incomplete = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete"} // No assertion can be made about the completeness of the relationship. -var RelationshipCompleteness_NoAssertion = RelationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion"} +var RelationshipCompleteness_NoAssertion = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion"} // Information about the relationship between two Elements. -type RelationshipType struct { - ID string +type relationshipType struct { + ID string `iri:"@id"` } // The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_Affects = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects"} +var RelationshipType_Affects = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects"} // The `from` Element is amended by each `to` Element. -var RelationshipType_AmendedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy"} +var RelationshipType_AmendedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy"} // The `from` Element is an ancestor of each `to` Element. -var RelationshipType_AncestorOf = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf"} +var RelationshipType_AncestorOf = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf"} // The `from` Element is available from the additional supplier described by each `to` Element. -var RelationshipType_AvailableFrom = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom"} +var RelationshipType_AvailableFrom = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom"} // The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. -var RelationshipType_Configures = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures"} +var RelationshipType_Configures = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures"} // The `from` Element contains each `to` Element. -var RelationshipType_Contains = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains"} +var RelationshipType_Contains = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains"} // The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). -var RelationshipType_CoordinatedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy"} +var RelationshipType_CoordinatedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy"} // The `from` Element has been copied to each `to` Element. -var RelationshipType_CopiedTo = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo"} +var RelationshipType_CopiedTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo"} // The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). -var RelationshipType_DelegatedTo = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo"} +var RelationshipType_DelegatedTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo"} // The `from` Element depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_DependsOn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn"} +var RelationshipType_DependsOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn"} // The `from` Element is a descendant of each `to` Element. -var RelationshipType_DescendantOf = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf"} +var RelationshipType_DescendantOf = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf"} // The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. -var RelationshipType_Describes = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes"} +var RelationshipType_Describes = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes"} // The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_DoesNotAffect = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect"} +var RelationshipType_DoesNotAffect = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect"} // The `from` archive expands out as an artifact described by each `to` Element. -var RelationshipType_ExpandsTo = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo"} +var RelationshipType_ExpandsTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo"} // The `from` Vulnerability has had an exploit created against it by each `to` Agent. -var RelationshipType_ExploitCreatedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy"} +var RelationshipType_ExploitCreatedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy"} // Designates a `from` Vulnerability has been fixed by the `to` Agent(s). -var RelationshipType_FixedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy"} +var RelationshipType_FixedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy"} // A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. -var RelationshipType_FixedIn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn"} +var RelationshipType_FixedIn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn"} // Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). -var RelationshipType_FoundBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy"} +var RelationshipType_FoundBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy"} // The `from` Element generates each `to` Element. -var RelationshipType_Generates = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates"} +var RelationshipType_Generates = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates"} // Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). -var RelationshipType_HasAddedFile = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile"} +var RelationshipType_HasAddedFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile"} // Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. -var RelationshipType_HasAssessmentFor = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor"} +var RelationshipType_HasAssessmentFor = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor"} // Used to associate a `from` Artifact with each `to` Vulnerability. -var RelationshipType_HasAssociatedVulnerability = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability"} +var RelationshipType_HasAssociatedVulnerability = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability"} // The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. -var RelationshipType_HasConcludedLicense = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense"} +var RelationshipType_HasConcludedLicense = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense"} // The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. -var RelationshipType_HasDataFile = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile"} +var RelationshipType_HasDataFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile"} // The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. -var RelationshipType_HasDeclaredLicense = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense"} +var RelationshipType_HasDeclaredLicense = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense"} // Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). -var RelationshipType_HasDeletedFile = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile"} +var RelationshipType_HasDeletedFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile"} // The `from` Element has manifest files that contain dependency information in each `to` Element. -var RelationshipType_HasDependencyManifest = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest"} +var RelationshipType_HasDependencyManifest = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest"} // The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). -var RelationshipType_HasDistributionArtifact = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact"} +var RelationshipType_HasDistributionArtifact = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact"} // The `from` Element is documented by each `to` Element. -var RelationshipType_HasDocumentation = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation"} +var RelationshipType_HasDocumentation = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation"} // The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasDynamicLink = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink"} +var RelationshipType_HasDynamicLink = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink"} // Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). -var RelationshipType_HasEvidence = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence"} +var RelationshipType_HasEvidence = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence"} // Every `to` Element is an example for the `from` Element (`from` hasExample `to`). -var RelationshipType_HasExample = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample"} +var RelationshipType_HasExample = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample"} // The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). -var RelationshipType_HasHost = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost"} +var RelationshipType_HasHost = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost"} // The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. -var RelationshipType_HasInput = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput"} +var RelationshipType_HasInput = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput"} // Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). -var RelationshipType_HasMetadata = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata"} +var RelationshipType_HasMetadata = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata"} // Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). -var RelationshipType_HasOptionalComponent = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent"} +var RelationshipType_HasOptionalComponent = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent"} // The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasOptionalDependency = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency"} +var RelationshipType_HasOptionalDependency = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency"} // The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. -var RelationshipType_HasOutput = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput"} +var RelationshipType_HasOutput = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput"} // The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasPrerequisite = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite"} +var RelationshipType_HasPrerequisite = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite"} // The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. -var RelationshipType_HasProvidedDependency = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency"} +var RelationshipType_HasProvidedDependency = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency"} // The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasRequirement = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement"} +var RelationshipType_HasRequirement = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement"} // Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. -var RelationshipType_HasSpecification = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification"} +var RelationshipType_HasSpecification = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification"} // The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasStaticLink = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink"} +var RelationshipType_HasStaticLink = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink"} // Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. -var RelationshipType_HasTest = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest"} +var RelationshipType_HasTest = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest"} // Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). -var RelationshipType_HasTestCase = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase"} +var RelationshipType_HasTestCase = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase"} // Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). -var RelationshipType_HasVariant = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant"} +var RelationshipType_HasVariant = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant"} // The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). -var RelationshipType_InvokedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy"} +var RelationshipType_InvokedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy"} // The `from` Element is modified by each `to` Element. -var RelationshipType_ModifiedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy"} +var RelationshipType_ModifiedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy"} // Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). -var RelationshipType_Other = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other"} +var RelationshipType_Other = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other"} // Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). -var RelationshipType_PackagedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy"} +var RelationshipType_PackagedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy"} // Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). -var RelationshipType_PatchedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy"} +var RelationshipType_PatchedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy"} // Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. -var RelationshipType_PublishedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy"} +var RelationshipType_PublishedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy"} // Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. -var RelationshipType_ReportedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy"} +var RelationshipType_ReportedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy"} // Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. -var RelationshipType_RepublishedBy = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy"} +var RelationshipType_RepublishedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy"} // The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. -var RelationshipType_SerializedInArtifact = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact"} +var RelationshipType_SerializedInArtifact = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact"} // The `from` Element has been tested on the `to` Element(s). -var RelationshipType_TestedOn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn"} +var RelationshipType_TestedOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn"} // The `from` Element has been trained on the `to` Element(s). -var RelationshipType_TrainedOn = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn"} +var RelationshipType_TrainedOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn"} // The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. -var RelationshipType_UnderInvestigationFor = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor"} +var RelationshipType_UnderInvestigationFor = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor"} // The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. -var RelationshipType_UsesTool = RelationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool"} +var RelationshipType_UsesTool = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool"} // A collection of SPDX Elements that could potentially be serialized. type SpdxDocument struct { @@ -1382,13 +1327,13 @@ type SpdxDocument struct { // Provides the license under which the SPDX documentation of the Element can be // used. - DataLicense AnySimplelicensingAnyLicenseInfo + DataLicense AnySimplelicensingAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" iri-compact:"dataLicense"` // Provides an ExternalMap of Element identifiers. - Imports ExternalMapList + Imports ExternalMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/import" iri-compact:"import"` // Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - NamespaceMaps NamespaceMapList + NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" iri-compact:"namespaceMap"` } func castSpdxDocument(o any) *SpdxDocument { @@ -1409,38 +1354,35 @@ type AnySpdxDocument interface { type SpdxDocumentList []AnySpdxDocument -func (o *SpdxDocumentList) Append(values ...AnySpdxDocument) { *o = append(*o, values...) } -func (o *SpdxDocumentList) Remove(value AnySpdxDocument) { remove(o, value) } - func (o *SpdxDocumentList) SpdxDocumentIter() iter.Seq2[AnySpdxDocument, *SpdxDocument] { return typeIter(*o, castSpdxDocument) } // Indicates the type of support that is associated with an artifact. -type SupportType struct { - ID string +type supportType struct { + ID string `iri:"@id"` } // in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. -var SupportType_Deployed = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed"} +var SupportType_Deployed = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed"} // the artifact is in active development and is not considered ready for formal support from the supplier. -var SupportType_Development = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development"} +var SupportType_Development = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development"} // there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. -var SupportType_EndOfSupport = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport"} +var SupportType_EndOfSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport"} // the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_LimitedSupport = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport"} +var SupportType_LimitedSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport"} // no assertion about the type of support is made. This is considered the default if no other support type is used. -var SupportType_NoAssertion = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion"} +var SupportType_NoAssertion = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion"} // there is no support for the artifact from the supplier, consumer assumes any support obligations. -var SupportType_NoSupport = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport"} +var SupportType_NoSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport"} // the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_Support = SupportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support"} +var SupportType_Support = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support"} // An element of hardware and/or software utilized to carry out a particular function. type Tool struct { @@ -1465,94 +1407,91 @@ type AnyTool interface { type ToolList []AnyTool -func (o *ToolList) Append(values ...AnyTool) { *o = append(*o, values...) } -func (o *ToolList) Remove(value AnyTool) { remove(o, value) } - func (o *ToolList) ToolIter() iter.Seq2[AnyTool, *Tool] { return typeIter(*o, castTool) } // Categories of confidentiality level. -type DatasetConfidentialityLevelType struct { - ID string +type datasetConfidentialityLevelType struct { + ID string `iri:"@id"` } // Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. -var DatasetConfidentialityLevelType_Amber = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber"} +var DatasetConfidentialityLevelType_Amber = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber"} // Dataset may be distributed freely, without restriction. -var DatasetConfidentialityLevelType_Clear = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear"} +var DatasetConfidentialityLevelType_Clear = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear"} // Dataset can be shared within a community of peers and partners. -var DatasetConfidentialityLevelType_Green = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green"} +var DatasetConfidentialityLevelType_Green = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green"} // Data points in the dataset are highly confidential and can only be shared with named recipients. -var DatasetConfidentialityLevelType_Red = DatasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red"} +var DatasetConfidentialityLevelType_Red = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red"} // Availability of dataset. -type DatasetDatasetAvailabilityType struct { - ID string +type datasetDatasetAvailabilityType struct { + ID string `iri:"@id"` } // the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. -var DatasetDatasetAvailabilityType_Clickthrough = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough"} +var DatasetDatasetAvailabilityType_Clickthrough = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough"} // the dataset is publicly available and can be downloaded directly. -var DatasetDatasetAvailabilityType_DirectDownload = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload"} +var DatasetDatasetAvailabilityType_DirectDownload = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload"} // the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. -var DatasetDatasetAvailabilityType_Query = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query"} +var DatasetDatasetAvailabilityType_Query = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query"} // the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. -var DatasetDatasetAvailabilityType_Registration = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration"} +var DatasetDatasetAvailabilityType_Registration = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration"} // the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. -var DatasetDatasetAvailabilityType_ScrapingScript = DatasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript"} +var DatasetDatasetAvailabilityType_ScrapingScript = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript"} // Enumeration of dataset types. -type DatasetDatasetType struct { - ID string +type datasetDatasetType struct { + ID string `iri:"@id"` } // data is audio based, such as a collection of music from the 80s. -var DatasetDatasetType_Audio = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio"} +var DatasetDatasetType_Audio = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio"} // data that is classified into a discrete number of categories, such as the eye color of a population of people. -var DatasetDatasetType_Categorical = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical"} +var DatasetDatasetType_Categorical = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical"} // data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. -var DatasetDatasetType_Graph = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph"} +var DatasetDatasetType_Graph = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph"} // data is a collection of images such as pictures of animals. -var DatasetDatasetType_Image = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image"} +var DatasetDatasetType_Image = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image"} // data type is not known. -var DatasetDatasetType_NoAssertion = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion"} +var DatasetDatasetType_NoAssertion = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion"} // data consists only of numeric entries. -var DatasetDatasetType_Numeric = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric"} +var DatasetDatasetType_Numeric = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric"} // data is of a type not included in this list. -var DatasetDatasetType_Other = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other"} +var DatasetDatasetType_Other = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other"} // data is recorded from a physical sensor, such as a thermometer reading or biometric device. -var DatasetDatasetType_Sensor = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor"} +var DatasetDatasetType_Sensor = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor"} // data is stored in tabular format or retrieved from a relational database. -var DatasetDatasetType_Structured = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured"} +var DatasetDatasetType_Structured = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured"} // data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. -var DatasetDatasetType_Syntactic = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic"} +var DatasetDatasetType_Syntactic = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic"} // data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. -var DatasetDatasetType_Text = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text"} +var DatasetDatasetType_Text = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text"} // data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. -var DatasetDatasetType_Timeseries = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries"} +var DatasetDatasetType_Timeseries = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries"} // data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. -var DatasetDatasetType_Timestamp = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp"} +var DatasetDatasetType_Timestamp = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp"} // data is video based, such as a collection of movie clips featuring Tom Hanks. -var DatasetDatasetType_Video = DatasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video"} +var DatasetDatasetType_Video = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video"} // Abstract class for additional text intended to be added to a License, but // which is not itself a standalone License. @@ -1560,19 +1499,19 @@ type ExpandedlicensingLicenseAddition struct { Element // Identifies the full text of a LicenseAddition. - ExpandedlicensingAdditionText string + ExpandedlicensingAdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` // Specifies whether an additional text identifier has been marked as deprecated. - ExpandedlicensingIsDeprecatedAdditionId bool + ExpandedlicensingIsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` // Identifies all the text and metadata associated with a license in the license // XML format. - ExpandedlicensingLicenseXml string + ExpandedlicensingLicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` // Specifies the licenseId that is preferred to be used in place of a deprecated // License or LicenseAddition. - ExpandedlicensingObsoletedBy string + ExpandedlicensingObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` // Contains a URL where the License or LicenseAddition can be found in use. - ExpandedlicensingSeeAlsos []string + ExpandedlicensingSeeAlsos []string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` // Identifies the full text of a LicenseAddition, in SPDX templating format. - ExpandedlicensingStandardAdditionTemplate string + ExpandedlicensingStandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` } func castExpandedlicensingLicenseAddition(o any) *ExpandedlicensingLicenseAddition { @@ -1593,13 +1532,6 @@ type AnyExpandedlicensingLicenseAddition interface { type ExpandedlicensingLicenseAdditionList []AnyExpandedlicensingLicenseAddition -func (o *ExpandedlicensingLicenseAdditionList) Append(values ...AnyExpandedlicensingLicenseAddition) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingLicenseAdditionList) Remove(value AnyExpandedlicensingLicenseAddition) { - remove(o, value) -} - func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingLicenseAddition] { return typeIter(*o, castExpandedlicensingLicenseAddition) } @@ -1616,10 +1548,10 @@ type ExpandedlicensingListedLicenseException struct { // Specifies the SPDX License List version in which this license or exception // identifier was deprecated. - ExpandedlicensingDeprecatedVersion string + ExpandedlicensingDeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` // Specifies the SPDX License List version in which this ListedLicense or // ListedLicenseException identifier was first added. - ExpandedlicensingListVersionAdded string + ExpandedlicensingListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` } func castExpandedlicensingListedLicenseException(o any) *ExpandedlicensingListedLicenseException { @@ -1640,25 +1572,18 @@ type AnyExpandedlicensingListedLicenseException interface { type ExpandedlicensingListedLicenseExceptionList []AnyExpandedlicensingListedLicenseException -func (o *ExpandedlicensingListedLicenseExceptionList) Append(values ...AnyExpandedlicensingListedLicenseException) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingListedLicenseExceptionList) Remove(value AnyExpandedlicensingListedLicenseException) { - remove(o, value) -} - func (o *ExpandedlicensingListedLicenseExceptionList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyExpandedlicensingListedLicenseException, *ExpandedlicensingListedLicenseException] { return typeIter(*o, castExpandedlicensingListedLicenseException) } // A property name with an associated value. type ExtensionCdxPropertyEntry struct { - ID string + ID string `iri:"@id"` // A name used in a CdxPropertyEntry name-value pair. - ExtensionCdxPropName string + ExtensionCdxPropName string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" iri-compact:"extension_cdxPropName"` // A value used in a CdxPropertyEntry name-value pair. - ExtensionCdxPropValue string + ExtensionCdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" iri-compact:"extension_cdxPropValue"` } func castExtensionCdxPropertyEntry(o any) *ExtensionCdxPropertyEntry { @@ -1678,18 +1603,13 @@ type AnyExtensionCdxPropertyEntry interface { type ExtensionCdxPropertyEntryList []AnyExtensionCdxPropertyEntry -func (o *ExtensionCdxPropertyEntryList) Append(values ...AnyExtensionCdxPropertyEntry) { - *o = append(*o, values...) -} -func (o *ExtensionCdxPropertyEntryList) Remove(value AnyExtensionCdxPropertyEntry) { remove(o, value) } - func (o *ExtensionCdxPropertyEntryList) ExtensionCdxPropertyEntryIter() iter.Seq2[AnyExtensionCdxPropertyEntry, *ExtensionCdxPropertyEntry] { return typeIter(*o, castExtensionCdxPropertyEntry) } // A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. type ExtensionExtension struct { - ID string + ID string `iri:"@id"` } func castExtensionExtension(o any) *ExtensionExtension { @@ -1709,9 +1629,6 @@ type AnyExtensionExtension interface { type ExtensionExtensionList []AnyExtensionExtension -func (o *ExtensionExtensionList) Append(values ...AnyExtensionExtension) { *o = append(*o, values...) } -func (o *ExtensionExtensionList) Remove(value AnyExtensionExtension) { remove(o, value) } - func (o *ExtensionExtensionList) ExtensionExtensionIter() iter.Seq2[AnyExtensionExtension, *ExtensionExtension] { return typeIter(*o, castExtensionExtension) } @@ -1720,72 +1637,72 @@ func (o *ExtensionExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2 } // Specifies the CVSS base, temporal, threat, or environmental severity type. -type SecurityCvssSeverityType struct { - ID string +type securityCvssSeverityType struct { + ID string `iri:"@id"` } // When a CVSS score is between 9.0 - 10.0 -var SecurityCvssSeverityType_Critical = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical"} +var SecurityCvssSeverityType_Critical = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical"} // When a CVSS score is between 7.0 - 8.9 -var SecurityCvssSeverityType_High = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high"} +var SecurityCvssSeverityType_High = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high"} // When a CVSS score is between 0.1 - 3.9 -var SecurityCvssSeverityType_Low = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low"} +var SecurityCvssSeverityType_Low = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low"} // When a CVSS score is between 4.0 - 6.9 -var SecurityCvssSeverityType_Medium = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium"} +var SecurityCvssSeverityType_Medium = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium"} // When a CVSS score is 0.0 -var SecurityCvssSeverityType_None = SecurityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none"} +var SecurityCvssSeverityType_None = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none"} // Specifies the exploit catalog type. -type SecurityExploitCatalogType struct { - ID string +type securityExploitCatalogType struct { + ID string `iri:"@id"` } // CISA's Known Exploited Vulnerability (KEV) Catalog -var SecurityExploitCatalogType_Kev = SecurityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev"} +var SecurityExploitCatalogType_Kev = securityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev"} // Other exploit catalogs -var SecurityExploitCatalogType_Other = SecurityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other"} +var SecurityExploitCatalogType_Other = securityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other"} // Specifies the SSVC decision type. -type SecuritySsvcDecisionType struct { - ID string +type securitySsvcDecisionType struct { + ID string `iri:"@id"` } // The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. -var SecuritySsvcDecisionType_Act = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act"} +var SecuritySsvcDecisionType_Act = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act"} // The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. -var SecuritySsvcDecisionType_Attend = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend"} +var SecuritySsvcDecisionType_Attend = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend"} // The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. -var SecuritySsvcDecisionType_Track = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track"} +var SecuritySsvcDecisionType_Track = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track"} // ("Track\*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\* vulnerabilities within standard update timelines. -var SecuritySsvcDecisionType_TrackStar = SecuritySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar"} +var SecuritySsvcDecisionType_TrackStar = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar"} // Specifies the VEX justification type. -type SecurityVexJustificationType struct { - ID string +type securityVexJustificationType struct { + ID string `iri:"@id"` } // The software is not affected because the vulnerable component is not in the product. -var SecurityVexJustificationType_ComponentNotPresent = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent"} +var SecurityVexJustificationType_ComponentNotPresent = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent"} // Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. -var SecurityVexJustificationType_InlineMitigationsAlreadyExist = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"} +var SecurityVexJustificationType_InlineMitigationsAlreadyExist = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"} // The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. -var SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"} +var SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"} // The affected code is not reachable through the execution of the code, including non-anticipated states of the product. -var SecurityVexJustificationType_VulnerableCodeNotInExecutePath = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"} +var SecurityVexJustificationType_VulnerableCodeNotInExecutePath = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"} // The product is not affected because the code underlying the vulnerability is not present in the product. -var SecurityVexJustificationType_VulnerableCodeNotPresent = SecurityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent"} +var SecurityVexJustificationType_VulnerableCodeNotPresent = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent"} // Abstract ancestor class for all vulnerability assessments type SecurityVulnAssessmentRelationship struct { @@ -1793,18 +1710,18 @@ type SecurityVulnAssessmentRelationship struct { // Identifies who or what supplied the artifact or VulnAssessmentRelationship // referenced by the Element. - SuppliedBy AnyAgent + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" iri-compact:"suppliedBy"` // Specifies an Element contained in a piece of software where a vulnerability was // found. - SecurityAssessedElement AnySoftwareSoftwareArtifact + SecurityAssessedElement AnySoftwareSoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" iri-compact:"security_assessedElement"` // Specifies a time when a vulnerability assessment was modified - SecurityModifiedTime time.Time + SecurityModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` // Specifies the time when a vulnerability was published. - SecurityPublishedTime time.Time + SecurityPublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" iri-compact:"security_publishedTime"` // Specified the time and date when a vulnerability was withdrawn. - SecurityWithdrawnTime time.Time + SecurityWithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` } func castSecurityVulnAssessmentRelationship(o any) *SecurityVulnAssessmentRelationship { @@ -1825,13 +1742,6 @@ type AnySecurityVulnAssessmentRelationship interface { type SecurityVulnAssessmentRelationshipList []AnySecurityVulnAssessmentRelationship -func (o *SecurityVulnAssessmentRelationshipList) Append(values ...AnySecurityVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityVulnAssessmentRelationshipList) Remove(value AnySecurityVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityVulnAssessmentRelationshipList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVulnAssessmentRelationship] { return typeIter(*o, castSecurityVulnAssessmentRelationship) } @@ -1892,13 +1802,6 @@ type AnySimplelicensingAnyLicenseInfo interface { type SimplelicensingAnyLicenseInfoList []AnySimplelicensingAnyLicenseInfo -func (o *SimplelicensingAnyLicenseInfoList) Append(values ...AnySimplelicensingAnyLicenseInfo) { - *o = append(*o, values...) -} -func (o *SimplelicensingAnyLicenseInfoList) Remove(value AnySimplelicensingAnyLicenseInfo) { - remove(o, value) -} - func (o *SimplelicensingAnyLicenseInfoList) SimplelicensingAnyLicenseInfoIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *SimplelicensingAnyLicenseInfo] { return typeIter(*o, castSimplelicensingAnyLicenseInfo) } @@ -1939,12 +1842,12 @@ type SimplelicensingLicenseExpression struct { // Maps a LicenseRef or AdditionRef string for a Custom License or a Custom // License Addition to its URI ID. - SimplelicensingCustomIdToUris DictionaryEntryList + SimplelicensingCustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" iri-compact:"simplelicensing_customIdToUri"` // A string in the license expression format. - SimplelicensingLicenseExpression string + SimplelicensingLicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" iri-compact:"simplelicensing_licenseExpression"` // The version of the SPDX License List used in the license expression. - SimplelicensingLicenseListVersion string + SimplelicensingLicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" iri-compact:"simplelicensing_licenseListVersion"` } func castSimplelicensingLicenseExpression(o any) *SimplelicensingLicenseExpression { @@ -1965,13 +1868,6 @@ type AnySimplelicensingLicenseExpression interface { type SimplelicensingLicenseExpressionList []AnySimplelicensingLicenseExpression -func (o *SimplelicensingLicenseExpressionList) Append(values ...AnySimplelicensingLicenseExpression) { - *o = append(*o, values...) -} -func (o *SimplelicensingLicenseExpressionList) Remove(value AnySimplelicensingLicenseExpression) { - remove(o, value) -} - func (o *SimplelicensingLicenseExpressionList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnySimplelicensingLicenseExpression, *SimplelicensingLicenseExpression] { return typeIter(*o, castSimplelicensingLicenseExpression) } @@ -1981,7 +1877,7 @@ type SimplelicensingSimpleLicensingText struct { Element // Identifies the full text of a License or Addition. - SimplelicensingLicenseText string + SimplelicensingLicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` } func castSimplelicensingSimpleLicensingText(o any) *SimplelicensingSimpleLicensingText { @@ -2002,13 +1898,6 @@ type AnySimplelicensingSimpleLicensingText interface { type SimplelicensingSimpleLicensingTextList []AnySimplelicensingSimpleLicensingText -func (o *SimplelicensingSimpleLicensingTextList) Append(values ...AnySimplelicensingSimpleLicensingText) { - *o = append(*o, values...) -} -func (o *SimplelicensingSimpleLicensingTextList) Remove(value AnySimplelicensingSimpleLicensingText) { - remove(o, value) -} - func (o *SimplelicensingSimpleLicensingTextList) SimplelicensingSimpleLicensingTextIter() iter.Seq2[AnySimplelicensingSimpleLicensingText, *SimplelicensingSimpleLicensingText] { return typeIter(*o, castSimplelicensingSimpleLicensingText) } @@ -2018,9 +1907,9 @@ type SoftwareContentIdentifier struct { IntegrityMethod // Specifies the type of the content identifier. - SoftwareContentIdentifierType SoftwareContentIdentifierType + SoftwareContentIdentifierType softwareContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" iri-compact:"software_contentIdentifierType"` // Specifies the value of the content identifier. - SoftwareContentIdentifierValue string + SoftwareContentIdentifierValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" iri-compact:"software_contentIdentifierValue"` } func castSoftwareContentIdentifier(o any) *SoftwareContentIdentifier { @@ -2041,180 +1930,175 @@ type AnySoftwareContentIdentifier interface { type SoftwareContentIdentifierList []AnySoftwareContentIdentifier -func (o *SoftwareContentIdentifierList) Append(values ...AnySoftwareContentIdentifier) { - *o = append(*o, values...) -} -func (o *SoftwareContentIdentifierList) Remove(value AnySoftwareContentIdentifier) { remove(o, value) } - func (o *SoftwareContentIdentifierList) SoftwareContentIdentifierIter() iter.Seq2[AnySoftwareContentIdentifier, *SoftwareContentIdentifier] { return typeIter(*o, castSoftwareContentIdentifier) } // Specifies the type of a content identifier. -type SoftwareContentIdentifierType struct { - ID string +type softwareContentIdentifierType struct { + ID string `iri:"@id"` } // [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var SoftwareContentIdentifierType_Gitoid = SoftwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid"} +var SoftwareContentIdentifierType_Gitoid = softwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid"} // SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var SoftwareContentIdentifierType_Swhid = SoftwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid"} +var SoftwareContentIdentifierType_Swhid = softwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid"} // Enumeration of the different kinds of SPDX file. -type SoftwareFileKindType struct { - ID string +type softwareFileKindType struct { + ID string `iri:"@id"` } // The file represents a directory and all content stored in that directory. -var SoftwareFileKindType_Directory = SoftwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory"} +var SoftwareFileKindType_Directory = softwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory"} // The file represents a single file (default). -var SoftwareFileKindType_File = SoftwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file"} +var SoftwareFileKindType_File = softwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file"} // Provides a set of values to be used to describe the common types of SBOMs that // tools may create. -type SoftwareSbomType struct { - ID string +type softwareSbomType struct { + ID string `iri:"@id"` } // SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM. -var SoftwareSbomType_Analyzed = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed"} +var SoftwareSbomType_Analyzed = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed"} // SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. -var SoftwareSbomType_Build = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build"} +var SoftwareSbomType_Build = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build"} // SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. -var SoftwareSbomType_Deployed = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed"} +var SoftwareSbomType_Deployed = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed"} // SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. -var SoftwareSbomType_Design = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design"} +var SoftwareSbomType_Design = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design"} // SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. -var SoftwareSbomType_Runtime = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime"} +var SoftwareSbomType_Runtime = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime"} // SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. -var SoftwareSbomType_Source = SoftwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source"} +var SoftwareSbomType_Source = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source"} // Provides information about the primary purpose of an Element. -type SoftwareSoftwarePurpose struct { - ID string +type softwareSoftwarePurpose struct { + ID string `iri:"@id"` } // The Element is a software application. -var SoftwareSoftwarePurpose_Application = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application"} +var SoftwareSoftwarePurpose_Application = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application"} // The Element is an archived collection of one or more files (.tar, .zip, etc.). -var SoftwareSoftwarePurpose_Archive = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive"} +var SoftwareSoftwarePurpose_Archive = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive"} // The Element is a bill of materials. -var SoftwareSoftwarePurpose_Bom = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom"} +var SoftwareSoftwarePurpose_Bom = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom"} // The Element is configuration data. -var SoftwareSoftwarePurpose_Configuration = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration"} +var SoftwareSoftwarePurpose_Configuration = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration"} // The Element is a container image which can be used by a container runtime application. -var SoftwareSoftwarePurpose_Container = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container"} +var SoftwareSoftwarePurpose_Container = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container"} // The Element is data. -var SoftwareSoftwarePurpose_Data = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data"} +var SoftwareSoftwarePurpose_Data = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data"} // The Element refers to a chipset, processor, or electronic board. -var SoftwareSoftwarePurpose_Device = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device"} +var SoftwareSoftwarePurpose_Device = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device"} // The Element represents software that controls hardware devices. -var SoftwareSoftwarePurpose_DeviceDriver = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver"} +var SoftwareSoftwarePurpose_DeviceDriver = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver"} // The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. -var SoftwareSoftwarePurpose_DiskImage = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage"} +var SoftwareSoftwarePurpose_DiskImage = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage"} // The Element is documentation. -var SoftwareSoftwarePurpose_Documentation = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation"} +var SoftwareSoftwarePurpose_Documentation = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation"} // The Element is the evidence that a specification or requirement has been fulfilled. -var SoftwareSoftwarePurpose_Evidence = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence"} +var SoftwareSoftwarePurpose_Evidence = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence"} // The Element is an Artifact that can be run on a computer. -var SoftwareSoftwarePurpose_Executable = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable"} +var SoftwareSoftwarePurpose_Executable = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable"} // The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). -var SoftwareSoftwarePurpose_File = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file"} +var SoftwareSoftwarePurpose_File = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file"} // The Element is a file system image that can be written to a disk (or virtual) partition. -var SoftwareSoftwarePurpose_FilesystemImage = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage"} +var SoftwareSoftwarePurpose_FilesystemImage = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage"} // The Element provides low level control over a device's hardware. -var SoftwareSoftwarePurpose_Firmware = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware"} +var SoftwareSoftwarePurpose_Firmware = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware"} // The Element is a software framework. -var SoftwareSoftwarePurpose_Framework = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework"} +var SoftwareSoftwarePurpose_Framework = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework"} // The Element is used to install software on disk. -var SoftwareSoftwarePurpose_Install = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install"} +var SoftwareSoftwarePurpose_Install = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install"} // The Element is a software library. -var SoftwareSoftwarePurpose_Library = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library"} +var SoftwareSoftwarePurpose_Library = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library"} // The Element is a software manifest. -var SoftwareSoftwarePurpose_Manifest = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest"} +var SoftwareSoftwarePurpose_Manifest = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest"} // The Element is a machine learning or artificial intelligence model. -var SoftwareSoftwarePurpose_Model = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model"} +var SoftwareSoftwarePurpose_Model = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model"} // The Element is a module of a piece of software. -var SoftwareSoftwarePurpose_Module = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module"} +var SoftwareSoftwarePurpose_Module = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module"} // The Element is an operating system. -var SoftwareSoftwarePurpose_OperatingSystem = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem"} +var SoftwareSoftwarePurpose_OperatingSystem = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem"} // The Element doesn't fit into any of the other categories. -var SoftwareSoftwarePurpose_Other = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other"} +var SoftwareSoftwarePurpose_Other = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other"} // The Element contains a set of changes to update, fix, or improve another Element. -var SoftwareSoftwarePurpose_Patch = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch"} +var SoftwareSoftwarePurpose_Patch = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch"} // The Element represents a runtime environment. -var SoftwareSoftwarePurpose_Platform = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform"} +var SoftwareSoftwarePurpose_Platform = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform"} // The Element provides a requirement needed as input for another Element. -var SoftwareSoftwarePurpose_Requirement = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement"} +var SoftwareSoftwarePurpose_Requirement = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement"} // The Element is a single or a collection of source files. -var SoftwareSoftwarePurpose_Source = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source"} +var SoftwareSoftwarePurpose_Source = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source"} // The Element is a plan, guideline or strategy how to create, perform or analyze an application. -var SoftwareSoftwarePurpose_Specification = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification"} +var SoftwareSoftwarePurpose_Specification = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification"} // The Element is a test used to verify functionality on an software element. -var SoftwareSoftwarePurpose_Test = SoftwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test"} +var SoftwareSoftwarePurpose_Test = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test"} // Class that describes a build instance of software/artifacts. type BuildBuild struct { Element // Property that describes the time at which a build stops. - BuildBuildEndTime time.Time + BuildBuildEndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" iri-compact:"build_buildEndTime"` // A buildId is a locally unique identifier used by a builder to identify a unique // instance of a build produced by it. - BuildBuildId string + BuildBuildId string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" iri-compact:"build_buildId"` // Property describing the start time of a build. - BuildBuildStartTime time.Time + BuildBuildStartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" iri-compact:"build_buildStartTime"` // A buildType is a hint that is used to indicate the toolchain, platform, or // infrastructure that the build was invoked on. - BuildBuildType string + BuildBuildType string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" iri-compact:"build_buildType"` // Property that describes the digest of the build configuration file used to // invoke a build. - BuildConfigSourceDigests HashList + BuildConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" iri-compact:"build_configSourceDigest"` // Property describes the invocation entrypoint of a build. - BuildConfigSourceEntrypoints []string + BuildConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" iri-compact:"build_configSourceEntrypoint"` // Property that describes the URI of the build configuration source file. - BuildConfigSourceUris []string + BuildConfigSourceUris []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" iri-compact:"build_configSourceUri"` // Property describing the session in which a build is invoked. - BuildEnvironments DictionaryEntryList + BuildEnvironments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" iri-compact:"build_environment"` // Property describing a parameter used in an instance of a build. - BuildParameters DictionaryEntryList + BuildParameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" iri-compact:"build_parameter"` } func castBuildBuild(o any) *BuildBuild { @@ -2235,9 +2119,6 @@ type AnyBuildBuild interface { type BuildBuildList []AnyBuildBuild -func (o *BuildBuildList) Append(values ...AnyBuildBuild) { *o = append(*o, values...) } -func (o *BuildBuildList) Remove(value AnyBuildBuild) { remove(o, value) } - func (o *BuildBuildList) BuildBuildIter() iter.Seq2[AnyBuildBuild, *BuildBuild] { return typeIter(*o, castBuildBuild) } @@ -2265,9 +2146,6 @@ type AnyAgent interface { type AgentList []AnyAgent -func (o *AgentList) Append(values ...AnyAgent) { *o = append(*o, values...) } -func (o *AgentList) Remove(value AnyAgent) { remove(o, value) } - func (o *AgentList) AgentIter() iter.Seq2[AnyAgent, *Agent] { return typeIter(*o, castAgent) } func (o *AgentList) OrganizationIter() iter.Seq2[AnyAgent, *Organization] { return typeIter(*o, castOrganization) @@ -2282,13 +2160,13 @@ type Annotation struct { Element // Describes the type of annotation. - AnnotationType AnnotationType + AnnotationType annotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" iri-compact:"annotationType"` // Provides information about the content type of an Element or a Property. - ContentType string + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` // Commentary on an assertion that an annotator has made. - Statement string + Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" iri-compact:"statement"` // An Element an annotator has made an assertion about. - Subject AnyElement + Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" iri-compact:"subject"` } func castAnnotation(o any) *Annotation { @@ -2309,9 +2187,6 @@ type AnyAnnotation interface { type AnnotationList []AnyAnnotation -func (o *AnnotationList) Append(values ...AnyAnnotation) { *o = append(*o, values...) } -func (o *AnnotationList) Remove(value AnyAnnotation) { remove(o, value) } - func (o *AnnotationList) AnnotationIter() iter.Seq2[AnyAnnotation, *Annotation] { return typeIter(*o, castAnnotation) } @@ -2321,23 +2196,23 @@ type Artifact struct { Element // Specifies the time an artifact was built. - BuiltTime time.Time + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" iri-compact:"builtTime"` // Identifies from where or whom the Element originally came. - OriginatedBys AgentList + OriginatedBys AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" iri-compact:"originatedBy"` // Specifies the time an artifact was released. - ReleaseTime time.Time + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" iri-compact:"releaseTime"` // The name of a relevant standard that may apply to an artifact. - StandardNames []string + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" iri-compact:"standardName"` // Identifies who or what supplied the artifact or VulnAssessmentRelationship // referenced by the Element. - SuppliedBy AnyAgent + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" iri-compact:"suppliedBy"` // Specifies the level of support associated with an artifact. - SupportLevels []SupportType + SupportLevels []supportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" iri-compact:"supportLevel"` // Specifies until when the artifact can be used before its usage needs to be // reassessed. - ValidUntilTime time.Time + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" iri-compact:"validUntilTime"` } func castArtifact(o any) *Artifact { @@ -2358,9 +2233,6 @@ type AnyArtifact interface { type ArtifactList []AnyArtifact -func (o *ArtifactList) Append(values ...AnyArtifact) { *o = append(*o, values...) } -func (o *ArtifactList) Remove(value AnyArtifact) { remove(o, value) } - func (o *ArtifactList) ArtifactIter() iter.Seq2[AnyArtifact, *Artifact] { return typeIter(*o, castArtifact) } @@ -2392,7 +2264,7 @@ type Bundle struct { // Gives information about the circumstances or unifying properties // that Elements of the bundle have been assembled under. - Context string + Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" iri-compact:"context"` } func castBundle(o any) *Bundle { @@ -2413,9 +2285,6 @@ type AnyBundle interface { type BundleList []AnyBundle -func (o *BundleList) Append(values ...AnyBundle) { *o = append(*o, values...) } -func (o *BundleList) Remove(value AnyBundle) { remove(o, value) } - func (o *BundleList) BundleIter() iter.Seq2[AnyBundle, *Bundle] { return typeIter(*o, castBundle) } func (o *BundleList) BomIter() iter.Seq2[AnyBundle, *Bom] { return typeIter(*o, castBom) } func (o *BundleList) SoftwareSbomIter() iter.Seq2[AnyBundle, *SoftwareSbom] { @@ -2427,9 +2296,9 @@ type Hash struct { IntegrityMethod // Specifies the algorithm used for calculating the hash value. - Algorithm HashAlgorithm + Algorithm hashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" iri-compact:"algorithm"` // The result of applying a hash algorithm to an Element. - HashValue string + HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" iri-compact:"hashValue"` } func castHash(o any) *Hash { @@ -2450,9 +2319,6 @@ type AnyHash interface { type HashList []AnyHash -func (o *HashList) Append(values ...AnyHash) { *o = append(*o, values...) } -func (o *HashList) Remove(value AnyHash) { remove(o, value) } - func (o *HashList) HashIter() iter.Seq2[AnyHash, *Hash] { return typeIter(*o, castHash) } // Provide context for a relationship that occurs in the lifecycle. @@ -2460,7 +2326,7 @@ type LifecycleScopedRelationship struct { Relationship // Capture the scope of information about a specific relationship between elements. - Scope LifecycleScopeType + Scope lifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" iri-compact:"scope"` } func castLifecycleScopedRelationship(o any) *LifecycleScopedRelationship { @@ -2481,13 +2347,6 @@ type AnyLifecycleScopedRelationship interface { type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship -func (o *LifecycleScopedRelationshipList) Append(values ...AnyLifecycleScopedRelationship) { - *o = append(*o, values...) -} -func (o *LifecycleScopedRelationshipList) Remove(value AnyLifecycleScopedRelationship) { - remove(o, value) -} - func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationshipIter() iter.Seq2[AnyLifecycleScopedRelationship, *LifecycleScopedRelationship] { return typeIter(*o, castLifecycleScopedRelationship) } @@ -2518,9 +2377,6 @@ type AnyOrganization interface { type OrganizationList []AnyOrganization -func (o *OrganizationList) Append(values ...AnyOrganization) { *o = append(*o, values...) } -func (o *OrganizationList) Remove(value AnyOrganization) { remove(o, value) } - func (o *OrganizationList) OrganizationIter() iter.Seq2[AnyOrganization, *Organization] { return typeIter(*o, castOrganization) } @@ -2548,9 +2404,6 @@ type AnyPerson interface { type PersonList []AnyPerson -func (o *PersonList) Append(values ...AnyPerson) { *o = append(*o, values...) } -func (o *PersonList) Remove(value AnyPerson) { remove(o, value) } - func (o *PersonList) PersonIter() iter.Seq2[AnyPerson, *Person] { return typeIter(*o, castPerson) } // A software agent. @@ -2576,9 +2429,6 @@ type AnySoftwareAgent interface { type SoftwareAgentList []AnySoftwareAgent -func (o *SoftwareAgentList) Append(values ...AnySoftwareAgent) { *o = append(*o, values...) } -func (o *SoftwareAgentList) Remove(value AnySoftwareAgent) { remove(o, value) } - func (o *SoftwareAgentList) SoftwareAgentIter() iter.Seq2[AnySoftwareAgent, *SoftwareAgent] { return typeIter(*o, castSoftwareAgent) } @@ -2589,7 +2439,7 @@ type ExpandedlicensingConjunctiveLicenseSet struct { SimplelicensingAnyLicenseInfo // A license expression participating in a license set. - ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList + ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` } func castExpandedlicensingConjunctiveLicenseSet(o any) *ExpandedlicensingConjunctiveLicenseSet { @@ -2610,13 +2460,6 @@ type AnyExpandedlicensingConjunctiveLicenseSet interface { type ExpandedlicensingConjunctiveLicenseSetList []AnyExpandedlicensingConjunctiveLicenseSet -func (o *ExpandedlicensingConjunctiveLicenseSetList) Append(values ...AnyExpandedlicensingConjunctiveLicenseSet) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingConjunctiveLicenseSetList) Remove(value AnyExpandedlicensingConjunctiveLicenseSet) { - remove(o, value) -} - func (o *ExpandedlicensingConjunctiveLicenseSetList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingConjunctiveLicenseSet, *ExpandedlicensingConjunctiveLicenseSet] { return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) } @@ -2644,13 +2487,6 @@ type AnyExpandedlicensingCustomLicenseAddition interface { type ExpandedlicensingCustomLicenseAdditionList []AnyExpandedlicensingCustomLicenseAddition -func (o *ExpandedlicensingCustomLicenseAdditionList) Append(values ...AnyExpandedlicensingCustomLicenseAddition) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingCustomLicenseAdditionList) Remove(value AnyExpandedlicensingCustomLicenseAddition) { - remove(o, value) -} - func (o *ExpandedlicensingCustomLicenseAdditionList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingCustomLicenseAddition, *ExpandedlicensingCustomLicenseAddition] { return typeIter(*o, castExpandedlicensingCustomLicenseAddition) } @@ -2661,7 +2497,7 @@ type ExpandedlicensingDisjunctiveLicenseSet struct { SimplelicensingAnyLicenseInfo // A license expression participating in a license set. - ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList + ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` } func castExpandedlicensingDisjunctiveLicenseSet(o any) *ExpandedlicensingDisjunctiveLicenseSet { @@ -2682,13 +2518,6 @@ type AnyExpandedlicensingDisjunctiveLicenseSet interface { type ExpandedlicensingDisjunctiveLicenseSetList []AnyExpandedlicensingDisjunctiveLicenseSet -func (o *ExpandedlicensingDisjunctiveLicenseSetList) Append(values ...AnyExpandedlicensingDisjunctiveLicenseSet) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingDisjunctiveLicenseSetList) Remove(value AnyExpandedlicensingDisjunctiveLicenseSet) { - remove(o, value) -} - func (o *ExpandedlicensingDisjunctiveLicenseSetList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingDisjunctiveLicenseSet, *ExpandedlicensingDisjunctiveLicenseSet] { return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) } @@ -2716,13 +2545,6 @@ type AnyExpandedlicensingExtendableLicense interface { type ExpandedlicensingExtendableLicenseList []AnyExpandedlicensingExtendableLicense -func (o *ExpandedlicensingExtendableLicenseList) Append(values ...AnyExpandedlicensingExtendableLicense) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingExtendableLicenseList) Remove(value AnyExpandedlicensingExtendableLicense) { - remove(o, value) -} - func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingExtendableLicense] { return typeIter(*o, castExpandedlicensingExtendableLicense) } @@ -2771,13 +2593,6 @@ type AnyExpandedlicensingIndividualLicensingInfo interface { type ExpandedlicensingIndividualLicensingInfoList []AnyExpandedlicensingIndividualLicensingInfo -func (o *ExpandedlicensingIndividualLicensingInfoList) Append(values ...AnyExpandedlicensingIndividualLicensingInfo) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingIndividualLicensingInfoList) Remove(value AnyExpandedlicensingIndividualLicensingInfo) { - remove(o, value) -} - func (o *ExpandedlicensingIndividualLicensingInfoList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnyExpandedlicensingIndividualLicensingInfo, *ExpandedlicensingIndividualLicensingInfo] { return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) } @@ -2788,28 +2603,28 @@ type ExpandedlicensingLicense struct { // Specifies whether a license or additional text identifier has been marked as // deprecated. - ExpandedlicensingIsDeprecatedLicenseId bool + ExpandedlicensingIsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` // Specifies whether the License is listed as free by the // Free Software Foundation (FSF). - ExpandedlicensingIsFsfLibre bool + ExpandedlicensingIsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` // Specifies whether the License is listed as approved by the // Open Source Initiative (OSI). - ExpandedlicensingIsOsiApproved bool + ExpandedlicensingIsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` // Identifies all the text and metadata associated with a license in the license // XML format. - ExpandedlicensingLicenseXml string + ExpandedlicensingLicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` // Specifies the licenseId that is preferred to be used in place of a deprecated // License or LicenseAddition. - ExpandedlicensingObsoletedBy string + ExpandedlicensingObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` // Contains a URL where the License or LicenseAddition can be found in use. - ExpandedlicensingSeeAlsos []string + ExpandedlicensingSeeAlsos []string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` // Provides a License author's preferred text to indicate that a file is covered // by the License. - ExpandedlicensingStandardLicenseHeader string + ExpandedlicensingStandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` // Identifies the full text of a License, in SPDX templating format. - ExpandedlicensingStandardLicenseTemplate string + ExpandedlicensingStandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` // Identifies the full text of a License or Addition. - SimplelicensingLicenseText string + SimplelicensingLicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` } func castExpandedlicensingLicense(o any) *ExpandedlicensingLicense { @@ -2830,11 +2645,6 @@ type AnyExpandedlicensingLicense interface { type ExpandedlicensingLicenseList []AnyExpandedlicensingLicense -func (o *ExpandedlicensingLicenseList) Append(values ...AnyExpandedlicensingLicense) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingLicenseList) Remove(value AnyExpandedlicensingLicense) { remove(o, value) } - func (o *ExpandedlicensingLicenseList) ExpandedlicensingLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingLicense] { return typeIter(*o, castExpandedlicensingLicense) } @@ -2851,10 +2661,10 @@ type ExpandedlicensingListedLicense struct { // Specifies the SPDX License List version in which this license or exception // identifier was deprecated. - ExpandedlicensingDeprecatedVersion string + ExpandedlicensingDeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` // Specifies the SPDX License List version in which this ListedLicense or // ListedLicenseException identifier was first added. - ExpandedlicensingListVersionAdded string + ExpandedlicensingListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` } func castExpandedlicensingListedLicense(o any) *ExpandedlicensingListedLicense { @@ -2875,13 +2685,6 @@ type AnyExpandedlicensingListedLicense interface { type ExpandedlicensingListedLicenseList []AnyExpandedlicensingListedLicense -func (o *ExpandedlicensingListedLicenseList) Append(values ...AnyExpandedlicensingListedLicense) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingListedLicenseList) Remove(value AnyExpandedlicensingListedLicense) { - remove(o, value) -} - func (o *ExpandedlicensingListedLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingListedLicense, *ExpandedlicensingListedLicense] { return typeIter(*o, castExpandedlicensingListedLicense) } @@ -2892,7 +2695,7 @@ type ExpandedlicensingOrLaterOperator struct { ExpandedlicensingExtendableLicense // A License participating in an 'or later' model. - ExpandedlicensingSubjectLicense AnyExpandedlicensingLicense + ExpandedlicensingSubjectLicense AnyExpandedlicensingLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" iri-compact:"expandedlicensing_subjectLicense"` } func castExpandedlicensingOrLaterOperator(o any) *ExpandedlicensingOrLaterOperator { @@ -2913,13 +2716,6 @@ type AnyExpandedlicensingOrLaterOperator interface { type ExpandedlicensingOrLaterOperatorList []AnyExpandedlicensingOrLaterOperator -func (o *ExpandedlicensingOrLaterOperatorList) Append(values ...AnyExpandedlicensingOrLaterOperator) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingOrLaterOperatorList) Remove(value AnyExpandedlicensingOrLaterOperator) { - remove(o, value) -} - func (o *ExpandedlicensingOrLaterOperatorList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyExpandedlicensingOrLaterOperator, *ExpandedlicensingOrLaterOperator] { return typeIter(*o, castExpandedlicensingOrLaterOperator) } @@ -2930,10 +2726,10 @@ type ExpandedlicensingWithAdditionOperator struct { SimplelicensingAnyLicenseInfo // A LicenseAddition participating in a 'with addition' model. - ExpandedlicensingSubjectAddition AnyExpandedlicensingLicenseAddition + ExpandedlicensingSubjectAddition AnyExpandedlicensingLicenseAddition `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" iri-compact:"expandedlicensing_subjectAddition"` // A License participating in a 'with addition' model. - ExpandedlicensingSubjectExtendableLicense AnyExpandedlicensingExtendableLicense + ExpandedlicensingSubjectExtendableLicense AnyExpandedlicensingExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" iri-compact:"expandedlicensing_subjectExtendableLicense"` } func castExpandedlicensingWithAdditionOperator(o any) *ExpandedlicensingWithAdditionOperator { @@ -2954,13 +2750,6 @@ type AnyExpandedlicensingWithAdditionOperator interface { type ExpandedlicensingWithAdditionOperatorList []AnyExpandedlicensingWithAdditionOperator -func (o *ExpandedlicensingWithAdditionOperatorList) Append(values ...AnyExpandedlicensingWithAdditionOperator) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingWithAdditionOperatorList) Remove(value AnyExpandedlicensingWithAdditionOperator) { - remove(o, value) -} - func (o *ExpandedlicensingWithAdditionOperatorList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnyExpandedlicensingWithAdditionOperator, *ExpandedlicensingWithAdditionOperator] { return typeIter(*o, castExpandedlicensingWithAdditionOperator) } @@ -2970,7 +2759,7 @@ type ExtensionCdxPropertiesExtension struct { ExtensionExtension // Provides a map of a property names to a values. - ExtensionCdxPropertys ExtensionCdxPropertyEntryList + ExtensionCdxPropertys ExtensionCdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" iri-compact:"extension_cdxProperty"` } func castExtensionCdxPropertiesExtension(o any) *ExtensionCdxPropertiesExtension { @@ -2991,13 +2780,6 @@ type AnyExtensionCdxPropertiesExtension interface { type ExtensionCdxPropertiesExtensionList []AnyExtensionCdxPropertiesExtension -func (o *ExtensionCdxPropertiesExtensionList) Append(values ...AnyExtensionCdxPropertiesExtension) { - *o = append(*o, values...) -} -func (o *ExtensionCdxPropertiesExtensionList) Remove(value AnyExtensionCdxPropertiesExtension) { - remove(o, value) -} - func (o *ExtensionCdxPropertiesExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2[AnyExtensionCdxPropertiesExtension, *ExtensionCdxPropertiesExtension] { return typeIter(*o, castExtensionCdxPropertiesExtension) } @@ -3007,9 +2789,9 @@ type SecurityCvssV2VulnAssessmentRelationship struct { SecurityVulnAssessmentRelationship // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 + SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string + SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` } func castSecurityCvssV2VulnAssessmentRelationship(o any) *SecurityCvssV2VulnAssessmentRelationship { @@ -3030,13 +2812,6 @@ type AnySecurityCvssV2VulnAssessmentRelationship interface { type SecurityCvssV2VulnAssessmentRelationshipList []AnySecurityCvssV2VulnAssessmentRelationship -func (o *SecurityCvssV2VulnAssessmentRelationshipList) Append(values ...AnySecurityCvssV2VulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityCvssV2VulnAssessmentRelationshipList) Remove(value AnySecurityCvssV2VulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityCvssV2VulnAssessmentRelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV2VulnAssessmentRelationship, *SecurityCvssV2VulnAssessmentRelationship] { return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) } @@ -3046,11 +2821,11 @@ type SecurityCvssV3VulnAssessmentRelationship struct { SecurityVulnAssessmentRelationship // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 + SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - SecuritySeverity SecurityCvssSeverityType + SecuritySeverity securityCvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" iri-compact:"security_severity"` // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string + SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` } func castSecurityCvssV3VulnAssessmentRelationship(o any) *SecurityCvssV3VulnAssessmentRelationship { @@ -3071,13 +2846,6 @@ type AnySecurityCvssV3VulnAssessmentRelationship interface { type SecurityCvssV3VulnAssessmentRelationshipList []AnySecurityCvssV3VulnAssessmentRelationship -func (o *SecurityCvssV3VulnAssessmentRelationshipList) Append(values ...AnySecurityCvssV3VulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityCvssV3VulnAssessmentRelationshipList) Remove(value AnySecurityCvssV3VulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityCvssV3VulnAssessmentRelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV3VulnAssessmentRelationship, *SecurityCvssV3VulnAssessmentRelationship] { return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) } @@ -3087,11 +2855,11 @@ type SecurityCvssV4VulnAssessmentRelationship struct { SecurityVulnAssessmentRelationship // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 + SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - SecuritySeverity SecurityCvssSeverityType + SecuritySeverity securityCvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" iri-compact:"security_severity"` // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string + SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` } func castSecurityCvssV4VulnAssessmentRelationship(o any) *SecurityCvssV4VulnAssessmentRelationship { @@ -3112,13 +2880,6 @@ type AnySecurityCvssV4VulnAssessmentRelationship interface { type SecurityCvssV4VulnAssessmentRelationshipList []AnySecurityCvssV4VulnAssessmentRelationship -func (o *SecurityCvssV4VulnAssessmentRelationshipList) Append(values ...AnySecurityCvssV4VulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityCvssV4VulnAssessmentRelationshipList) Remove(value AnySecurityCvssV4VulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityCvssV4VulnAssessmentRelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV4VulnAssessmentRelationship, *SecurityCvssV4VulnAssessmentRelationship] { return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) } @@ -3128,9 +2889,9 @@ type SecurityEpssVulnAssessmentRelationship struct { SecurityVulnAssessmentRelationship // The percentile of the current probability score. - SecurityPercentile float64 + SecurityPercentile float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/percentile" iri-compact:"security_percentile"` // A probability score between 0 and 1 of a vulnerability being exploited. - SecurityProbability float64 + SecurityProbability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" iri-compact:"security_probability"` } func castSecurityEpssVulnAssessmentRelationship(o any) *SecurityEpssVulnAssessmentRelationship { @@ -3151,13 +2912,6 @@ type AnySecurityEpssVulnAssessmentRelationship interface { type SecurityEpssVulnAssessmentRelationshipList []AnySecurityEpssVulnAssessmentRelationship -func (o *SecurityEpssVulnAssessmentRelationshipList) Append(values ...AnySecurityEpssVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityEpssVulnAssessmentRelationshipList) Remove(value AnySecurityEpssVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityEpssVulnAssessmentRelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityEpssVulnAssessmentRelationship, *SecurityEpssVulnAssessmentRelationship] { return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) } @@ -3167,11 +2921,11 @@ type SecurityExploitCatalogVulnAssessmentRelationship struct { SecurityVulnAssessmentRelationship // Specifies the exploit catalog type. - SecurityCatalogType SecurityExploitCatalogType + SecurityCatalogType securityExploitCatalogType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/catalogType" iri-compact:"security_catalogType"` // Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - SecurityExploited bool + SecurityExploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" iri-compact:"security_exploited"` // Provides the location of an exploit catalog. - SecurityLocator string + SecurityLocator string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" iri-compact:"security_locator"` } func castSecurityExploitCatalogVulnAssessmentRelationship(o any) *SecurityExploitCatalogVulnAssessmentRelationship { @@ -3192,13 +2946,6 @@ type AnySecurityExploitCatalogVulnAssessmentRelationship interface { type SecurityExploitCatalogVulnAssessmentRelationshipList []AnySecurityExploitCatalogVulnAssessmentRelationship -func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) Append(values ...AnySecurityExploitCatalogVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) Remove(value AnySecurityExploitCatalogVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityExploitCatalogVulnAssessmentRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) } @@ -3209,7 +2956,7 @@ type SecuritySsvcVulnAssessmentRelationship struct { // Provide the enumeration of possible decisions in the // [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). - SecurityDecisionType SecuritySsvcDecisionType + SecurityDecisionType securitySsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" iri-compact:"security_decisionType"` } func castSecuritySsvcVulnAssessmentRelationship(o any) *SecuritySsvcVulnAssessmentRelationship { @@ -3230,13 +2977,6 @@ type AnySecuritySsvcVulnAssessmentRelationship interface { type SecuritySsvcVulnAssessmentRelationshipList []AnySecuritySsvcVulnAssessmentRelationship -func (o *SecuritySsvcVulnAssessmentRelationshipList) Append(values ...AnySecuritySsvcVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecuritySsvcVulnAssessmentRelationshipList) Remove(value AnySecuritySsvcVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecuritySsvcVulnAssessmentRelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnySecuritySsvcVulnAssessmentRelationship, *SecuritySsvcVulnAssessmentRelationship] { return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) } @@ -3246,9 +2986,9 @@ type SecurityVexVulnAssessmentRelationship struct { SecurityVulnAssessmentRelationship // Conveys information about how VEX status was determined. - SecurityStatusNotes string + SecurityStatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" iri-compact:"security_statusNotes"` // Specifies the version of a VEX statement. - SecurityVexVersion string + SecurityVexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" iri-compact:"security_vexVersion"` } func castSecurityVexVulnAssessmentRelationship(o any) *SecurityVexVulnAssessmentRelationship { @@ -3269,13 +3009,6 @@ type AnySecurityVexVulnAssessmentRelationship interface { type SecurityVexVulnAssessmentRelationshipList []AnySecurityVexVulnAssessmentRelationship -func (o *SecurityVexVulnAssessmentRelationshipList) Append(values ...AnySecurityVexVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityVexVulnAssessmentRelationshipList) Remove(value AnySecurityVexVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexVulnAssessmentRelationship] { return typeIter(*o, castSecurityVexVulnAssessmentRelationship) } @@ -3297,11 +3030,11 @@ type SecurityVulnerability struct { Artifact // Specifies a time when a vulnerability assessment was modified - SecurityModifiedTime time.Time + SecurityModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` // Specifies the time when a vulnerability was published. - SecurityPublishedTime time.Time + SecurityPublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" iri-compact:"security_publishedTime"` // Specified the time and date when a vulnerability was withdrawn. - SecurityWithdrawnTime time.Time + SecurityWithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` } func castSecurityVulnerability(o any) *SecurityVulnerability { @@ -3322,11 +3055,6 @@ type AnySecurityVulnerability interface { type SecurityVulnerabilityList []AnySecurityVulnerability -func (o *SecurityVulnerabilityList) Append(values ...AnySecurityVulnerability) { - *o = append(*o, values...) -} -func (o *SecurityVulnerabilityList) Remove(value AnySecurityVulnerability) { remove(o, value) } - func (o *SecurityVulnerabilityList) SecurityVulnerabilityIter() iter.Seq2[AnySecurityVulnerability, *SecurityVulnerability] { return typeIter(*o, castSecurityVulnerability) } @@ -3336,19 +3064,19 @@ type SoftwareSoftwareArtifact struct { Artifact // Provides additional purpose information of the software artifact. - SoftwareAdditionalPurposes []SoftwareSoftwarePurpose + SoftwareAdditionalPurposes []softwareSoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` // Provides a place for the SPDX data creator to record acknowledgement text for // a software Package, File or Snippet. - SoftwareAttributionTexts []string + SoftwareAttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" iri-compact:"software_attributionText"` // A canonical, unique, immutable identifier of the artifact content, that may be // used for verifying its identity and/or integrity. - SoftwareContentIdentifiers SoftwareContentIdentifierList + SoftwareContentIdentifiers SoftwareContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` // Identifies the text of one or more copyright notices for a software Package, // File or Snippet, if any. - SoftwareCopyrightText string + SoftwareCopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" iri-compact:"software_copyrightText"` // Provides information about the primary purpose of the software artifact. - SoftwarePrimaryPurpose SoftwareSoftwarePurpose + SoftwarePrimaryPurpose softwareSoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` } func castSoftwareSoftwareArtifact(o any) *SoftwareSoftwareArtifact { @@ -3369,11 +3097,6 @@ type AnySoftwareSoftwareArtifact interface { type SoftwareSoftwareArtifactList []AnySoftwareSoftwareArtifact -func (o *SoftwareSoftwareArtifactList) Append(values ...AnySoftwareSoftwareArtifact) { - *o = append(*o, values...) -} -func (o *SoftwareSoftwareArtifactList) Remove(value AnySoftwareSoftwareArtifact) { remove(o, value) } - func (o *SoftwareSoftwareArtifactList) SoftwareSoftwareArtifactIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareSoftwareArtifact] { return typeIter(*o, castSoftwareSoftwareArtifact) } @@ -3417,9 +3140,6 @@ type AnyBom interface { type BomList []AnyBom -func (o *BomList) Append(values ...AnyBom) { *o = append(*o, values...) } -func (o *BomList) Remove(value AnyBom) { remove(o, value) } - func (o *BomList) BomIter() iter.Seq2[AnyBom, *Bom] { return typeIter(*o, castBom) } func (o *BomList) SoftwareSbomIter() iter.Seq2[AnyBom, *SoftwareSbom] { return typeIter(*o, castSoftwareSbom) @@ -3448,13 +3168,6 @@ type AnyExpandedlicensingCustomLicense interface { type ExpandedlicensingCustomLicenseList []AnyExpandedlicensingCustomLicense -func (o *ExpandedlicensingCustomLicenseList) Append(values ...AnyExpandedlicensingCustomLicense) { - *o = append(*o, values...) -} -func (o *ExpandedlicensingCustomLicenseList) Remove(value AnyExpandedlicensingCustomLicense) { - remove(o, value) -} - func (o *ExpandedlicensingCustomLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingCustomLicense, *ExpandedlicensingCustomLicense] { return typeIter(*o, castExpandedlicensingCustomLicense) } @@ -3466,10 +3179,10 @@ type SecurityVexAffectedVulnAssessmentRelationship struct { // Provides advise on how to mitigate or remediate a vulnerability when a VEX product // is affected by it. - SecurityActionStatement string + SecurityActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" iri-compact:"security_actionStatement"` // Records the time when a recommended action was communicated in a VEX statement // to mitigate a vulnerability. - SecurityActionStatementTime time.Time + SecurityActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" iri-compact:"security_actionStatementTime"` } func castSecurityVexAffectedVulnAssessmentRelationship(o any) *SecurityVexAffectedVulnAssessmentRelationship { @@ -3490,13 +3203,6 @@ type AnySecurityVexAffectedVulnAssessmentRelationship interface { type SecurityVexAffectedVulnAssessmentRelationshipList []AnySecurityVexAffectedVulnAssessmentRelationship -func (o *SecurityVexAffectedVulnAssessmentRelationshipList) Append(values ...AnySecurityVexAffectedVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityVexAffectedVulnAssessmentRelationshipList) Remove(value AnySecurityVexAffectedVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityVexAffectedVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexAffectedVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) } @@ -3525,13 +3231,6 @@ type AnySecurityVexFixedVulnAssessmentRelationship interface { type SecurityVexFixedVulnAssessmentRelationshipList []AnySecurityVexFixedVulnAssessmentRelationship -func (o *SecurityVexFixedVulnAssessmentRelationshipList) Append(values ...AnySecurityVexFixedVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityVexFixedVulnAssessmentRelationshipList) Remove(value AnySecurityVexFixedVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityVexFixedVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexFixedVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) } @@ -3544,13 +3243,13 @@ type SecurityVexNotAffectedVulnAssessmentRelationship struct { // Explains why a VEX product is not affected by a vulnerability. It is an // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable // justification label. - SecurityImpactStatement string + SecurityImpactStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" iri-compact:"security_impactStatement"` // Timestamp of impact statement. - SecurityImpactStatementTime time.Time + SecurityImpactStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" iri-compact:"security_impactStatementTime"` // Impact justification label to be used when linking a vulnerability to an element // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship // relationship. - SecurityJustificationType SecurityVexJustificationType + SecurityJustificationType securityVexJustificationType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/justificationType" iri-compact:"security_justificationType"` } func castSecurityVexNotAffectedVulnAssessmentRelationship(o any) *SecurityVexNotAffectedVulnAssessmentRelationship { @@ -3571,13 +3270,6 @@ type AnySecurityVexNotAffectedVulnAssessmentRelationship interface { type SecurityVexNotAffectedVulnAssessmentRelationshipList []AnySecurityVexNotAffectedVulnAssessmentRelationship -func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) Append(values ...AnySecurityVexNotAffectedVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) Remove(value AnySecurityVexNotAffectedVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexNotAffectedVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) } @@ -3606,13 +3298,6 @@ type AnySecurityVexUnderInvestigationVulnAssessmentRelationship interface { type SecurityVexUnderInvestigationVulnAssessmentRelationshipList []AnySecurityVexUnderInvestigationVulnAssessmentRelationship -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) Append(values ...AnySecurityVexUnderInvestigationVulnAssessmentRelationship) { - *o = append(*o, values...) -} -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) Remove(value AnySecurityVexUnderInvestigationVulnAssessmentRelationship) { - remove(o, value) -} - func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexUnderInvestigationVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) } @@ -3622,9 +3307,9 @@ type SoftwareFile struct { SoftwareSoftwareArtifact // Provides information about the content type of an Element or a Property. - ContentType string + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` // Describes if a given file is a directory or non-directory kind of file. - SoftwareFileKind SoftwareFileKindType + SoftwareFileKind softwareFileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" iri-compact:"software_fileKind"` } func castSoftwareFile(o any) *SoftwareFile { @@ -3645,9 +3330,6 @@ type AnySoftwareFile interface { type SoftwareFileList []AnySoftwareFile -func (o *SoftwareFileList) Append(values ...AnySoftwareFile) { *o = append(*o, values...) } -func (o *SoftwareFileList) Remove(value AnySoftwareFile) { remove(o, value) } - func (o *SoftwareFileList) SoftwareFileIter() iter.Seq2[AnySoftwareFile, *SoftwareFile] { return typeIter(*o, castSoftwareFile) } @@ -3659,18 +3341,18 @@ type SoftwarePackage struct { // Identifies the download Uniform Resource Identifier for the package at the time // that the document was created. - SoftwareDownloadLocation string + SoftwareDownloadLocation string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` // A place for the SPDX document creator to record a website that serves as the // package's home page. - SoftwareHomePage string + SoftwareHomePage string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" iri-compact:"software_homePage"` // Provides a place for the SPDX data creator to record the package URL string // (in accordance with the Package URL specification) for a software Package. - SoftwarePackageUrl string + SoftwarePackageUrl string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" iri-compact:"software_packageUrl"` // Identify the version of a package. - SoftwarePackageVersion string + SoftwarePackageVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" iri-compact:"software_packageVersion"` // Records any relevant background information or additional comments // about the origin of the package. - SoftwareSourceInfo string + SoftwareSourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` } func castSoftwarePackage(o any) *SoftwarePackage { @@ -3691,9 +3373,6 @@ type AnySoftwarePackage interface { type SoftwarePackageList []AnySoftwarePackage -func (o *SoftwarePackageList) Append(values ...AnySoftwarePackage) { *o = append(*o, values...) } -func (o *SoftwarePackageList) Remove(value AnySoftwarePackage) { remove(o, value) } - func (o *SoftwarePackageList) SoftwarePackageIter() iter.Seq2[AnySoftwarePackage, *SoftwarePackage] { return typeIter(*o, castSoftwarePackage) } @@ -3709,7 +3388,7 @@ type SoftwareSbom struct { Bom // Provides information about the type of an SBOM. - SoftwareSbomTypes []SoftwareSbomType + SoftwareSbomTypes []softwareSbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" iri-compact:"software_sbomType"` } func castSoftwareSbom(o any) *SoftwareSbom { @@ -3730,9 +3409,6 @@ type AnySoftwareSbom interface { type SoftwareSbomList []AnySoftwareSbom -func (o *SoftwareSbomList) Append(values ...AnySoftwareSbom) { *o = append(*o, values...) } -func (o *SoftwareSbomList) Remove(value AnySoftwareSbom) { remove(o, value) } - func (o *SoftwareSbomList) SoftwareSbomIter() iter.Seq2[AnySoftwareSbom, *SoftwareSbom] { return typeIter(*o, castSoftwareSbom) } @@ -3743,14 +3419,14 @@ type SoftwareSnippet struct { // Defines the byte range in the original host file that the snippet information // applies to. - SoftwareByteRange AnyPositiveIntegerRange + SoftwareByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" iri-compact:"software_byteRange"` // Defines the line range in the original host file that the snippet information // applies to. - SoftwareLineRange AnyPositiveIntegerRange + SoftwareLineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" iri-compact:"software_lineRange"` // Defines the original host file that the snippet information applies to. - SoftwareSnippetFromFile AnySoftwareFile + SoftwareSnippetFromFile AnySoftwareFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" iri-compact:"software_snippetFromFile"` } func castSoftwareSnippet(o any) *SoftwareSnippet { @@ -3771,9 +3447,6 @@ type AnySoftwareSnippet interface { type SoftwareSnippetList []AnySoftwareSnippet -func (o *SoftwareSnippetList) Append(values ...AnySoftwareSnippet) { *o = append(*o, values...) } -func (o *SoftwareSnippetList) Remove(value AnySoftwareSnippet) { remove(o, value) } - func (o *SoftwareSnippetList) SoftwareSnippetIter() iter.Seq2[AnySoftwareSnippet, *SoftwareSnippet] { return typeIter(*o, castSoftwareSnippet) } @@ -3784,44 +3457,44 @@ type AiAIPackage struct { // Indicates whether the system can perform a decision or action without human // involvement or guidance. - AiAutonomyType PresenceType + AiAutonomyType presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" iri-compact:"ai_autonomyType"` // Captures the domain in which the AI package can be used. - AiDomains []string + AiDomains []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/domain" iri-compact:"ai_domain"` // Indicates the amount of energy consumption incurred by an AI model. - AiEnergyConsumption AnyAiEnergyConsumption + AiEnergyConsumption AnyAiEnergyConsumption `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" iri-compact:"ai_energyConsumption"` // Records a hyperparameter used to build the AI model contained in the AI // package. - AiHyperparameters DictionaryEntryList + AiHyperparameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" iri-compact:"ai_hyperparameter"` // Provides relevant information about the AI software, not including the model // description. - AiInformationAboutApplication string + AiInformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" iri-compact:"ai_informationAboutApplication"` // Describes relevant information about different steps of the training process. - AiInformationAboutTraining string + AiInformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" iri-compact:"ai_informationAboutTraining"` // Captures a limitation of the AI software. - AiLimitation string + AiLimitation string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/limitation" iri-compact:"ai_limitation"` // Records the measurement of prediction quality of the AI model. - AiMetrics DictionaryEntryList + AiMetrics DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metric" iri-compact:"ai_metric"` // Captures the threshold that was used for computation of a metric described in // the metric field. - AiMetricDecisionThresholds DictionaryEntryList + AiMetricDecisionThresholds DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" iri-compact:"ai_metricDecisionThreshold"` // Describes all the preprocessing steps applied to the training data before the // model training. - AiModelDataPreprocessings []string + AiModelDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" iri-compact:"ai_modelDataPreprocessing"` // Describes methods that can be used to explain the results from the AI model. - AiModelExplainabilitys []string + AiModelExplainabilitys []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" iri-compact:"ai_modelExplainability"` // Records the results of general safety risk assessment of the AI system. - AiSafetyRiskAssessment AiSafetyRiskAssessmentType + AiSafetyRiskAssessment aiSafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" iri-compact:"ai_safetyRiskAssessment"` // Captures a standard that is being complied with. - AiStandardCompliances []string + AiStandardCompliances []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" iri-compact:"ai_standardCompliance"` // Records the type of the model used in the AI software. - AiTypeOfModels []string + AiTypeOfModels []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" iri-compact:"ai_typeOfModel"` // Records if sensitive personal information is used during model training or // could be used during the inference. - AiUseSensitivePersonalInformation PresenceType + AiUseSensitivePersonalInformation presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" iri-compact:"ai_useSensitivePersonalInformation"` } func castAiAIPackage(o any) *AiAIPackage { @@ -3842,9 +3515,6 @@ type AnyAiAIPackage interface { type AiAIPackageList []AnyAiAIPackage -func (o *AiAIPackageList) Append(values ...AnyAiAIPackage) { *o = append(*o, values...) } -func (o *AiAIPackageList) Remove(value AnyAiAIPackage) { remove(o, value) } - func (o *AiAIPackageList) AiAIPackageIter() iter.Seq2[AnyAiAIPackage, *AiAIPackage] { return typeIter(*o, castAiAIPackage) } @@ -3854,31 +3524,31 @@ type DatasetDatasetPackage struct { SoftwarePackage // Describes the anonymization methods used. - DatasetAnonymizationMethodUseds []string + DatasetAnonymizationMethodUseds []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" iri-compact:"dataset_anonymizationMethodUsed"` // Describes the confidentiality level of the data points contained in the dataset. - DatasetConfidentialityLevel DatasetConfidentialityLevelType + DatasetConfidentialityLevel datasetConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" iri-compact:"dataset_confidentialityLevel"` // Describes how the dataset was collected. - DatasetDataCollectionProcess string + DatasetDataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" iri-compact:"dataset_dataCollectionProcess"` // Describes the preprocessing steps that were applied to the raw data to create the given dataset. - DatasetDataPreprocessings []string + DatasetDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" iri-compact:"dataset_dataPreprocessing"` // The field describes the availability of a dataset. - DatasetDatasetAvailability DatasetDatasetAvailabilityType + DatasetDatasetAvailability datasetDatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" iri-compact:"dataset_datasetAvailability"` // Describes potentially noisy elements of the dataset. - DatasetDatasetNoise string + DatasetDatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" iri-compact:"dataset_datasetNoise"` // Captures the size of the dataset. - DatasetDatasetSize int + DatasetDatasetSize int `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" iri-compact:"dataset_datasetSize"` // Describes the type of the given dataset. - DatasetDatasetTypes []DatasetDatasetType + DatasetDatasetTypes []datasetDatasetType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" iri-compact:"dataset_datasetType"` // Describes a mechanism to update the dataset. - DatasetDatasetUpdateMechanism string + DatasetDatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" iri-compact:"dataset_datasetUpdateMechanism"` // Describes if any sensitive personal information is present in the dataset. - DatasetHasSensitivePersonalInformation PresenceType + DatasetHasSensitivePersonalInformation presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" iri-compact:"dataset_hasSensitivePersonalInformation"` // Describes what the given dataset should be used for. - DatasetIntendedUse string + DatasetIntendedUse string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" iri-compact:"dataset_intendedUse"` // Records the biases that the dataset is known to encompass. - DatasetKnownBias []string + DatasetKnownBias []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" iri-compact:"dataset_knownBias"` // Describes a sensor used for collecting the data. - DatasetSensors DictionaryEntryList + DatasetSensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" iri-compact:"dataset_sensor"` } func castDatasetDatasetPackage(o any) *DatasetDatasetPackage { @@ -3899,11 +3569,6 @@ type AnyDatasetDatasetPackage interface { type DatasetDatasetPackageList []AnyDatasetDatasetPackage -func (o *DatasetDatasetPackageList) Append(values ...AnyDatasetDatasetPackage) { - *o = append(*o, values...) -} -func (o *DatasetDatasetPackageList) Remove(value AnyDatasetDatasetPackage) { remove(o, value) } - func (o *DatasetDatasetPackageList) DatasetDatasetPackageIter() iter.Seq2[AnyDatasetDatasetPackage, *DatasetDatasetPackage] { return typeIter(*o, castDatasetDatasetPackage) } @@ -4307,9 +3972,11 @@ func cast[T any](value any) *T { panic("invalid type cast, unknown type: " + reflect.TypeOf(t).String()) } -func As[T any](value any, f func(v *T)) { +func As[T any, R any](value any, f func(v *T) R) R { v := cast[T](value) if v != nil { - f(v) + return f(v) } + var r R + return r } diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0/spdx.go index ea121e61..93fb6741 100644 --- a/spdx/v3/v3_0/spdx.go +++ b/spdx/v3/v3_0/spdx.go @@ -1,8 +1,6 @@ package v3_0 import ( - "fmt" - "math/rand" "reflect" "time" ) @@ -19,11 +17,9 @@ To regenerate, use something like this command: type Document struct { *SpdxDocument - graph []any - //ldc ldContext } -func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { +func NewDocument(conformance profileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { ci := &CreationInfo{ Created: time.Now(), CreatedBys: AgentList{createdBy}, @@ -36,11 +32,10 @@ func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAg Name: name, CreationInfo: ci, }, - ProfileConformances: []ProfileIdentifierType{conformance}, + ProfileConformances: []profileIdentifierType{conformance}, }, }, - graph: []any{ci}, - //ldc: ldGlobal, + //LDContext: LDContext(), } } @@ -49,36 +44,13 @@ func (d *Document) Append(e ...AnyElement) { d.SpdxDocument.Elements = append(d.SpdxDocument.Elements, e...) } -//func (d *Document) ToJSON(writer io.Writer) error { -// if d.SpdxDocument == nil { -// return fmt.Errorf("no document object created") -// } -// // all IElement need to have creationInfo set... -// d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) -// -// // all IElement need to have spdxID... -// if makeIdGenerator != nil { -// idGen := makeIdGenerator(d.SpdxDocument) -// if d.SpdxDocument.ID == "" { -// d.SpdxDocument.ID = idGen(d.SpdxDocument) -// } -// d.ensureSpdxIDs(d.SpdxDocument, idGen) -// } -// -// maps, err := d.ldc.toMaps(d.SpdxDocument) -// if err != nil { -// return err -// } -// enc := json.NewEncoder(writer) -// enc.SetEscapeHTML(false) -// enc.SetIndent("", " ") -// return enc.Encode(maps) -//} - func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { iCreationInfoType := reflect.TypeOf((*AnyCreationInfo)(nil)).Elem() ci := reflect.ValueOf(creationInfo) _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { + if v.IsZero() { + return nil + } t := v.Type() if t.Kind() == reflect.Interface && v.IsNil() && t.Implements(iCreationInfoType) { v.Set(ci) @@ -105,20 +77,6 @@ func (d *Document) ensureSpdxIDs(doc *SpdxDocument, idGen idGenerator) { type idGenerator func(e any) string -var makeIdGenerator = func(doc *SpdxDocument) idGenerator { - nextID := map[reflect.Type]uint{} - return func(e any) string { - if _, ok := e.(*SpdxDocument); ok { - return fmt.Sprintf("%v", rand.Uint64()) - } - t := baseType(reflect.TypeOf(e)) - // should these be blank nodes? - id := nextID[t] + 1 - nextID[t] = id - return fmt.Sprintf("_:%v-%v-%v", doc.ID, t.Name(), id) - } -} - func baseType(t reflect.Type) reflect.Type { for t.Kind() == reflect.Ptr { t = t.Elem() @@ -166,18 +124,3 @@ func visitObjectGraph(visited map[reflect.Value]struct{}, v reflect.Value, visit } return nil } - -//func (d *Document) FromJSON(reader io.Reader) error { -// graph, err := d.ldc.FromJSON(reader) -// if err != nil { -// return err -// } -// d.graph = append(d.graph, graph) -// for _, e := range graph { -// if doc, ok := e.(*SpdxDocument); ok { -// d.SpdxDocument = doc -// return nil -// } -// } -// return fmt.Errorf("no document found") -//} diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0/spdx_test.go index 808a9617..0f9e70c1 100644 --- a/spdx/v3/v3_0/spdx_test.go +++ b/spdx/v3/v3_0/spdx_test.go @@ -27,7 +27,7 @@ func Test_exportImportExport(t *testing.T) { }}) sbom := &spdx.SoftwareSbom{} - doc.RootElements.Append(sbom) + doc.RootElements = append(doc.RootElements, sbom) // create a package @@ -46,18 +46,18 @@ func Test_exportImportExport(t *testing.T) { // add the packages to the sbom - sbom.RootElements.Append(pkg1, pkg2) + sbom.RootElements = append(sbom.RootElements, pkg1, pkg2) // add a file file1 := &spdx.SoftwareFile{SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ Name: "/bin/bash", }}}} - sbom.RootElements.Append(file1) + sbom.RootElements = append(sbom.RootElements, file1) // add relationships - sbom.RootElements.Append(&spdx.Relationship{ + sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ From: file1, RelationshipType: spdx.RelationshipType_Contains, Tos: spdx.ElementList{ @@ -66,7 +66,7 @@ func Test_exportImportExport(t *testing.T) { }, }) - sbom.RootElements.Append(&spdx.Relationship{ + sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ From: pkg1, RelationshipType: spdx.RelationshipType_DependsOn, Tos: spdx.ElementList{ @@ -74,63 +74,23 @@ func Test_exportImportExport(t *testing.T) { }, }) - // serialize - - //buf := bytes.Buffer{} - //err := doc.ToJSON(&buf) - //if err != nil { - // t.Error(err) - //} - // - //json1 := buf.String() - //fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) - // - //// deserialize to a new document - // - //doc = spdx.NewDocument(&spdx.SoftwareAgent{}) - //err = doc.FromJSON(strings.NewReader(json1)) - //if err != nil { - // t.Error(err) - //} - // - //// re-serialize - // - //buf.Reset() - //err = doc.ToJSON(&buf) - //if err != nil { - // t.Error(err) - //} - //json2 := buf.String() - //fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) - // - //// compare original to parsed and re-encoded - // - //diff := difflib.UnifiedDiff{ - // A: difflib.SplitLines(json1), - // B: difflib.SplitLines(json2), - // FromFile: "Original", - // ToFile: "Current", - // Context: 3, - //} - //text, _ := difflib.GetUnifiedDiffString(diff) - //if text != "" { - // t.Errorf(text) - //} - // some basic usage: var pkgs []*spdx.SoftwarePackage for _, sbom := range doc.RootElements.SoftwareSbomIter() { for _, rel := range sbom.RootElements.RelationshipIter() { - if rel.RelationshipType == spdx.RelationshipType_Contains { - spdx.As(rel.From, func(f *spdx.SoftwareFile) { - if f.Name == "/bin/bash" { - for _, pkg := range rel.Tos.SoftwarePackageIter() { - pkgs = append(pkgs, pkg) - } - } - }) + if rel.RelationshipType != spdx.RelationshipType_Contains { + continue } + _ = spdx.As(rel.From, func(f *spdx.SoftwareFile) any { + if f.Name == "/bin/bash" { + for _, pkg := range rel.Tos.SoftwarePackageIter() { + pkgs = append(pkgs, pkg) + } + } + return nil + }) + } } if len(pkgs) != 2 { @@ -138,77 +98,8 @@ func Test_exportImportExport(t *testing.T) { } } -func Test_aiProfile(t *testing.T) { - doc := spdx.NewDocument(spdx.ProfileIdentifierType_Ai, "", &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{ - Name: "tools-golang", - Summary: "a summary", - }}}, nil) - - aiPkg := &spdx.AiAIPackage{ - SoftwarePackage: spdx.SoftwarePackage{SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ - Name: "some ai package", - }}}}, - AiEnergyConsumption: &spdx.AiEnergyConsumption{ - AiFinetuningEnergyConsumptions: spdx.AiEnergyConsumptionDescriptionList{ - &spdx.AiEnergyConsumptionDescription{ - AiEnergyQuantity: 1.2, - AiEnergyUnit: spdx.AiEnergyUnitType_KilowattHour, - }, - }, - AiTrainingEnergyConsumptions: spdx.AiEnergyConsumptionDescriptionList{ - &spdx.AiEnergyConsumptionDescription{ - AiEnergyQuantity: 5032402, - AiEnergyUnit: spdx.AiEnergyUnitType_KilowattHour, - }, - }, - }, - AiTypeOfModels: []string{ - "Llama 3 8B", - }, - } - - doc.RootElements.Append(aiPkg) - - // serialize - - //buf := bytes.Buffer{} - //err := doc.ToJSON(&buf) - //if err != nil { - // t.Error(err) - //} - // - //json1 := buf.String() - //fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) - // - //// deserialize to a new document - // - //doc = spdx.NewDocument(&spdx.SoftwareAgent{}) - //err = doc.FromJSON(strings.NewReader(json1)) - //if err != nil { - // t.Error(err) - //} - // - //// re-serialize - // - //buf.Reset() - //err = doc.ToJSON(&buf) - //if err != nil { - // t.Error(err) - //} - //json2 := buf.String() - //fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) - // - //// compare original to parsed and re-encoded - // - //diff := difflib.UnifiedDiff{ - // A: difflib.SplitLines(json1), - // B: difflib.SplitLines(json2), - // FromFile: "Original", - // ToFile: "Current", - // Context: 3, - //} - //text, _ := difflib.GetUnifiedDiffString(diff) - //if text != "" { - // t.Errorf(text) - //} +func newTestDocument() *spdx.Document { + return spdx.NewDocument(spdx.ProfileIdentifierType_Lite, "test document", + &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{Name: "tools-golang-tests-agent", Summary: "a summary"}}}, + &spdx.Tool{Element: spdx.Element{Name: "tools-golang-tests-tool"}}) } From 53e1f17b02de9bfadc6ca2b555334dc277a522e3 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Mon, 10 Mar 2025 01:33:15 -0400 Subject: [PATCH 07/21] feat: mostly functional SPDX 3 model with validation Signed-off-by: Keith Zantow --- go.mod | 7 +- go.sum | 6 + spdx/v3/v3_0/model.go | 6929 ++++++++++++++++++----------- spdx/v3/v3_0/model_validations.go | 878 ++++ spdx/v3/v3_0/spdx.go | 149 +- spdx/v3/v3_0/spdx_test.go | 356 +- spdx/v3/v3_0/util.go | 38 - spdx/v3/v3_0/validator.go | 1846 -------- 8 files changed, 5663 insertions(+), 4546 deletions(-) mode change 100644 => 100755 spdx/v3/v3_0/model.go create mode 100755 spdx/v3/v3_0/model_validations.go delete mode 100644 spdx/v3/v3_0/util.go delete mode 100644 spdx/v3/v3_0/validator.go diff --git a/go.mod b/go.mod index 117238d7..07576e5d 100644 --- a/go.mod +++ b/go.mod @@ -4,14 +4,17 @@ go 1.23.0 require ( github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664 + github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.6.0 + github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625 + github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb github.com/stretchr/testify v1.10.0 sigs.k8s.io/yaml v1.4.0 ) require ( - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b // indirect + github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index ee460074..235de752 100644 --- a/go.sum +++ b/go.sum @@ -5,8 +5,14 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625 h1:xFbgOwCtZx5bu7Ggnn1eHhPyjIG2vtQgpio5zH6onUU= +github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625/go.mod h1:P7HdHSjYOcim2o9GWUj011qCd9bEOc+Bg8SeW6JKV8M= +github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b h1:xyh6boGzDR4EpdEDe9ix1KhHNgOSiBjBocahA6FalEQ= +github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b/go.mod h1:RVhE35veDX19r5gfUAR+IYHkAUuPwJO8Ie/qVeFaIzw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 h1:J9b7z+QKAmPf4YLrFg6oQUotqHQeUNWwkvo7jZp1GLU= +github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb h1:7G2Czq97VORM5xNRrD8tSQdhoXPRs8s+Otlc7st9TS0= github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go old mode 100644 new mode 100755 index 9a9c4796..a306446c --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -1,3982 +1,5763 @@ -// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT +// Generated by github.com/kzantow/go-ld // -// SPDX-License-Identifier: 0BSD +// SPDX-License-Identifier: MIT package v3_0 import ( - "iter" "reflect" "time" + + "github.com/kzantow/go-ld" ) -// A class for describing the energy consumption incurred by an AI model in -// different stages of its lifecycle. -type AiEnergyConsumption struct { - ID string `iri:"@id"` +type AnyAIPackage interface { + asAIPackage() *AIPackage +} + +// AIPackage Specifies an AI package and its associated information. +type AIPackage struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/AIPackage"` + Package + // Domains Captures the domain in which the AI package can be used. + Domains []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/domain" type:"http://www.w3.org/2001/XMLSchema#string"` + // EnergyConsumption Indicates the amount of energy consumption incurred by an AI model. + EnergyConsumption AnyEnergyConsumption `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption"` + // ModelDataPreprocessings Describes all the preprocessing steps applied to the training data before the\nmodel training. + ModelDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" type:"http://www.w3.org/2001/XMLSchema#string"` + // UseSensitivePersonalInformation Records if sensitive personal information is used during model training or\ncould be used during the inference. + UseSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + // AutonomyType Indicates whether the system can perform a decision or action without human\ninvolvement or guidance. + AutonomyType PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + // SafetyRiskAssessment Records the results of general safety risk assessment of the AI system. + SafetyRiskAssessment SafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" type:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType"` + // Hyperparameters Records a hyperparameter used to build the AI model contained in the AI\npackage. + Hyperparameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // Limitation Captures a limitation of the AI software. + Limitation string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/limitation" type:"http://www.w3.org/2001/XMLSchema#string"` + // ModelExplainabilities Describes methods that can be used to explain the results from the AI model. + ModelExplainabilities []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardCompliances Captures a standard that is being complied with. + StandardCompliances []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" type:"http://www.w3.org/2001/XMLSchema#string"` + // MetricDecisionThresholds Captures the threshold that was used for computation of a metric described in\nthe metric field. + MetricDecisionThresholds DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // TypeOfModels Records the type of the model used in the AI software. + TypeOfModels []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" type:"http://www.w3.org/2001/XMLSchema#string"` + // InformationAboutApplication Provides relevant information about the AI software, not including the model\ndescription. + InformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" type:"http://www.w3.org/2001/XMLSchema#string"` + // InformationAboutTraining Describes relevant information about different steps of the training process. + InformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" type:"http://www.w3.org/2001/XMLSchema#string"` + // Metrics Records the measurement of prediction quality of the AI model. + Metrics DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metric" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` +} + +func (o *AIPackage) asAIPackage() *AIPackage { + return o +} - // Specifies the amount of energy consumed when finetuning the AI model that is - // being used in the AI system. - AiFinetuningEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" iri-compact:"ai_finetuningEnergyConsumption"` +type AIPackageList []AnyAIPackage - // Specifies the amount of energy consumed during inference time by an AI model - // that is being used in the AI system. - AiInferenceEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" iri-compact:"ai_inferenceEnergyConsumption"` +func (o *AIPackageList) AIPackages() ld.TypeSeq[AnyAIPackage, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) +} - // Specifies the amount of energy consumed when training the AI model that is - // being used in the AI system. - AiTrainingEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" iri-compact:"ai_trainingEnergyConsumption"` +type AnyAgent interface { + asAgent() *Agent } -func castAiEnergyConsumption(o any) *AiEnergyConsumption { - if o, ok := o.(AnyAiEnergyConsumption); ok { - return o.asAiEnergyConsumption() - } - return nil +// Agent represents anything with the potential to act on a system. +type Agent struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + Element } -func (o *AiEnergyConsumption) asAiEnergyConsumption() *AiEnergyConsumption { +func (o *Agent) asAgent() *Agent { return o } -type AnyAiEnergyConsumption interface { - asAiEnergyConsumption() *AiEnergyConsumption -} +type AgentList []AnyAgent -type AiEnergyConsumptionList []AnyAiEnergyConsumption +func (o *AgentList) Agents() ld.TypeSeq[AnyAgent, *Agent] { + return ld.NewTypeSeq(*o, castAgent) +} -func (o *AiEnergyConsumptionList) AiEnergyConsumptionIter() iter.Seq2[AnyAiEnergyConsumption, *AiEnergyConsumption] { - return typeIter(*o, castAiEnergyConsumption) +func (o *AgentList) Organizations() ld.TypeSeq[AnyAgent, *Organization] { + return ld.NewTypeSeq(*o, castOrganization) } -// The class that helps note down the quantity of energy consumption and the unit -// used for measurement. -type AiEnergyConsumptionDescription struct { - ID string `iri:"@id"` +func (o *AgentList) People() ld.TypeSeq[AnyAgent, *Person] { + return ld.NewTypeSeq(*o, castPerson) +} - // Represents the energy quantity. - AiEnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" iri-compact:"ai_energyQuantity"` - // Specifies the unit in which energy is measured. - AiEnergyUnit aiEnergyUnitType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" iri-compact:"ai_energyUnit"` +func (o *AgentList) SoftwareAgents() ld.TypeSeq[AnyAgent, *SoftwareAgent] { + return ld.NewTypeSeq(*o, castSoftwareAgent) } -func castAiEnergyConsumptionDescription(o any) *AiEnergyConsumptionDescription { - if o, ok := o.(AnyAiEnergyConsumptionDescription); ok { - return o.asAiEnergyConsumptionDescription() - } - return nil +type AnyAnnotation interface { + asAnnotation() *Annotation } -func (o *AiEnergyConsumptionDescription) asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription { - return o +// Annotation An assertion made in relation to one or more elements. +type Annotation struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Annotation"` + Element + // Subject An Element an annotator has made an assertion about. + Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // Statement Commentary on an assertion that an annotator has made. + Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" type:"http://www.w3.org/2001/XMLSchema#string"` + // AnnotationType Describes the type of annotation. + AnnotationType AnnotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` } -type AnyAiEnergyConsumptionDescription interface { - asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription +func (o *Annotation) asAnnotation() *Annotation { + return o } -type AiEnergyConsumptionDescriptionList []AnyAiEnergyConsumptionDescription +type AnnotationList []AnyAnnotation -func (o *AiEnergyConsumptionDescriptionList) AiEnergyConsumptionDescriptionIter() iter.Seq2[AnyAiEnergyConsumptionDescription, *AiEnergyConsumptionDescription] { - return typeIter(*o, castAiEnergyConsumptionDescription) +func (o *AnnotationList) Annotations() ld.TypeSeq[AnyAnnotation, *Annotation] { + return ld.NewTypeSeq(*o, castAnnotation) } -// Specifies the unit of energy consumption. -type aiEnergyUnitType struct { - ID string `iri:"@id"` +// AnnotationType Specifies the type of an annotation. +type AnnotationType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` + id string `iri:"@id"` } -// Kilowatt-hour. -var AiEnergyUnitType_KilowattHour = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour"} - -// Megajoule. -var AiEnergyUnitType_Megajoule = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule"} +// AnnotationType_Other Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). +var AnnotationType_Other = AnnotationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", +} -// Any other units of energy measurement. -var AiEnergyUnitType_Other = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other"} +// AnnotationType_Review Used when someone reviews the Element. +var AnnotationType_Review = AnnotationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review", +} -// Specifies the safety risk level. -type aiSafetyRiskAssessmentType struct { - ID string `iri:"@id"` +type AnyArtifact interface { + asArtifact() *Artifact } -// The second-highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_High = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high"} +// Artifact A distinct article or unit within the digital domain. +type Artifact struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` + Element + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be\nreassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} -// Low/no risk is posed by an AI system. -var AiSafetyRiskAssessmentType_Low = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low"} +func (o *Artifact) asArtifact() *Artifact { + return o +} -// The third-highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_Medium = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium"} +type ArtifactList []AnyArtifact -// The highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_Serious = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious"} +func (o *ArtifactList) AIPackages() ld.TypeSeq[AnyArtifact, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) +} -// Specifies the type of an annotation. -type annotationType struct { - ID string `iri:"@id"` +func (o *ArtifactList) Artifacts() ld.TypeSeq[AnyArtifact, *Artifact] { + return ld.NewTypeSeq(*o, castArtifact) } -// Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). -var AnnotationType_Other = annotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other"} +func (o *ArtifactList) DatasetPackages() ld.TypeSeq[AnyArtifact, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -// Used when someone reviews the Element. -var AnnotationType_Review = annotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review"} +func (o *ArtifactList) Files() ld.TypeSeq[AnyArtifact, *File] { + return ld.NewTypeSeq(*o, castFile) +} -// Provides information about the creation of the Element. -type CreationInfo struct { - ID string `iri:"@id"` +func (o *ArtifactList) Packages() ld.TypeSeq[AnyArtifact, *Package] { + return ld.NewTypeSeq(*o, castPackage) +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Identifies when the Element was originally created. - Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" iri-compact:"created"` - // Identifies who or what created the Element. - CreatedBys AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" iri-compact:"createdBy"` +func (o *ArtifactList) Snippets() ld.TypeSeq[AnyArtifact, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) +} - // Identifies the tooling that was used during the creation of the Element. - CreatedUsings ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" iri-compact:"createdUsing"` +func (o *ArtifactList) SoftwareArtifacts() ld.TypeSeq[AnyArtifact, *SoftwareArtifact] { + return ld.NewTypeSeq(*o, castSoftwareArtifact) +} - // Provides a reference number that can be used to understand how to parse and - // interpret an Element. - SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" iri-compact:"specVersion"` +func (o *ArtifactList) Vulnerabilities() ld.TypeSeq[AnyArtifact, *Vulnerability] { + return ld.NewTypeSeq(*o, castVulnerability) } -func castCreationInfo(o any) *CreationInfo { - if o, ok := o.(AnyCreationInfo); ok { - return o.asCreationInfo() - } - return nil +type AnyBom interface { + asBom() *Bom } -func (o *CreationInfo) asCreationInfo() *CreationInfo { - return o +// Bom A container for a grouping of SPDX-3.0 content characterizing details\n(provenence, composition, licensing, etc.) about a product. +type Bom struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bom"` + Bundle } -type AnyCreationInfo interface { - asCreationInfo() *CreationInfo +func (o *Bom) asBom() *Bom { + return o } -type CreationInfoList []AnyCreationInfo +type BomList []AnyBom -func (o *CreationInfoList) CreationInfoIter() iter.Seq2[AnyCreationInfo, *CreationInfo] { - return typeIter(*o, castCreationInfo) +func (o *BomList) Boms() ld.TypeSeq[AnyBom, *Bom] { + return ld.NewTypeSeq(*o, castBom) } -// A key with an associated value. -type DictionaryEntry struct { - ID string `iri:"@id"` - - // A key used in a generic key-value pair. - Key string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/key" iri-compact:"key"` - // A value used in a generic key-value pair. - Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" iri-compact:"value"` +func (o *BomList) Sboms() ld.TypeSeq[AnyBom, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) } -func castDictionaryEntry(o any) *DictionaryEntry { - if o, ok := o.(AnyDictionaryEntry); ok { - return o.asDictionaryEntry() - } - return nil +type AnyBuild interface { + asBuild() *Build } -func (o *DictionaryEntry) asDictionaryEntry() *DictionaryEntry { +// Build Class that describes a build instance of software/artifacts. +type Build struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Build/Build"` + Element + // BuildId A buildId is a locally unique identifier used by a builder to identify a unique\ninstance of a build produced by it. + BuildId string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" type:"http://www.w3.org/2001/XMLSchema#string"` + // ConfigSourceUris Property that describes the URI of the build configuration source file. + ConfigSourceUris []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // BuildStartTime Property describing the start time of a build. + BuildStartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ConfigSourceDigests Property that describes the digest of the build configuration file used to\ninvoke a build. + ConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" type:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` + // Parameters Property describing a parameter used in an instance of a build. + Parameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // BuildType A buildType is a hint that is used to indicate the toolchain, platform, or\ninfrastructure that the build was invoked on. + BuildType ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // ConfigSourceEntrypoints Property describes the invocation entrypoint of a build. + ConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuildEndTime Property that describes the time at which a build stops. + BuildEndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Environments Property describing the session in which a build is invoked. + Environments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` +} + +func (o *Build) asBuild() *Build { return o } -type AnyDictionaryEntry interface { - asDictionaryEntry() *DictionaryEntry -} +type BuildList []AnyBuild -type DictionaryEntryList []AnyDictionaryEntry +func (o *BuildList) Builds() ld.TypeSeq[AnyBuild, *Build] { + return ld.NewTypeSeq(*o, castBuild) +} -func (o *DictionaryEntryList) DictionaryEntryIter() iter.Seq2[AnyDictionaryEntry, *DictionaryEntry] { - return typeIter(*o, castDictionaryEntry) +type AnyBundle interface { + asBundle() *Bundle } -// Base domain class from which all other SPDX-3.0 domain classes derive. -type Element struct { - ID string `iri:"@id" iri-compact:"spdxId"` +// Bundle A collection of Elements that have a shared context. +type Bundle struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bundle"` + ElementCollection + // Context Gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" type:"http://www.w3.org/2001/XMLSchema#string"` +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Provides information about the creation of the Element. - CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" iri-compact:"creationInfo"` +func (o *Bundle) asBundle() *Bundle { + return o +} - // Provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" iri-compact:"description"` - // Specifies an Extension characterization of some aspect of an Element. - Extensions ExtensionExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" iri-compact:"extension"` +type BundleList []AnyBundle - // Provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` +func (o *BundleList) Boms() ld.TypeSeq[AnyBundle, *Bom] { + return ld.NewTypeSeq(*o, castBom) +} - // Points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" iri-compact:"externalRef"` +func (o *BundleList) Bundles() ld.TypeSeq[AnyBundle, *Bundle] { + return ld.NewTypeSeq(*o, castBundle) +} - // Identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" iri-compact:"name"` - // A short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" iri-compact:"summary"` - // Provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +func (o *BundleList) Sboms() ld.TypeSeq[AnyBundle, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) } -func castElement(o any) *Element { - if o, ok := o.(AnyElement); ok { - return o.asElement() - } - return nil +type AnyCdxPropertiesExtension interface { + asCdxPropertiesExtension() *CdxPropertiesExtension } -func (o *Element) asElement() *Element { - return o +// CdxPropertiesExtension A type of extension consisting of a list of name value pairs. +type CdxPropertiesExtension struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension"` + Extension + // CdxProperties Provides a map of a property names to a values. + CdxProperties CdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` } -type AnyElement interface { - asElement() *Element +func (o *CdxPropertiesExtension) asCdxPropertiesExtension() *CdxPropertiesExtension { + return o } -type ElementList []AnyElement +type CdxPropertiesExtensionList []AnyCdxPropertiesExtension -func (o *ElementList) ElementIter() iter.Seq2[AnyElement, *Element] { return typeIter(*o, castElement) } -func (o *ElementList) ElementCollectionIter() iter.Seq2[AnyElement, *ElementCollection] { - return typeIter(*o, castElementCollection) -} -func (o *ElementList) IndividualElementIter() iter.Seq2[AnyElement, *IndividualElement] { - return typeIter(*o, castIndividualElement) -} -func (o *ElementList) RelationshipIter() iter.Seq2[AnyElement, *Relationship] { - return typeIter(*o, castRelationship) -} -func (o *ElementList) SpdxDocumentIter() iter.Seq2[AnyElement, *SpdxDocument] { - return typeIter(*o, castSpdxDocument) -} -func (o *ElementList) ToolIter() iter.Seq2[AnyElement, *Tool] { return typeIter(*o, castTool) } -func (o *ElementList) ExpandedlicensingLicenseAdditionIter() iter.Seq2[AnyElement, *ExpandedlicensingLicenseAddition] { - return typeIter(*o, castExpandedlicensingLicenseAddition) -} -func (o *ElementList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyElement, *ExpandedlicensingListedLicenseException] { - return typeIter(*o, castExpandedlicensingListedLicenseException) -} -func (o *ElementList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVulnAssessmentRelationship) -} -func (o *ElementList) SimplelicensingAnyLicenseInfoIter() iter.Seq2[AnyElement, *SimplelicensingAnyLicenseInfo] { - return typeIter(*o, castSimplelicensingAnyLicenseInfo) +func (o *CdxPropertiesExtensionList) CdxPropertiesExtensions() ld.TypeSeq[AnyCdxPropertiesExtension, *CdxPropertiesExtension] { + return ld.NewTypeSeq(*o, castCdxPropertiesExtension) } -func (o *ElementList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnyElement, *SimplelicensingLicenseExpression] { - return typeIter(*o, castSimplelicensingLicenseExpression) -} -func (o *ElementList) SimplelicensingSimpleLicensingTextIter() iter.Seq2[AnyElement, *SimplelicensingSimpleLicensingText] { - return typeIter(*o, castSimplelicensingSimpleLicensingText) -} -func (o *ElementList) BuildBuildIter() iter.Seq2[AnyElement, *BuildBuild] { - return typeIter(*o, castBuildBuild) -} -func (o *ElementList) AgentIter() iter.Seq2[AnyElement, *Agent] { return typeIter(*o, castAgent) } -func (o *ElementList) AnnotationIter() iter.Seq2[AnyElement, *Annotation] { - return typeIter(*o, castAnnotation) -} -func (o *ElementList) ArtifactIter() iter.Seq2[AnyElement, *Artifact] { - return typeIter(*o, castArtifact) -} -func (o *ElementList) BundleIter() iter.Seq2[AnyElement, *Bundle] { return typeIter(*o, castBundle) } -func (o *ElementList) LifecycleScopedRelationshipIter() iter.Seq2[AnyElement, *LifecycleScopedRelationship] { - return typeIter(*o, castLifecycleScopedRelationship) -} -func (o *ElementList) OrganizationIter() iter.Seq2[AnyElement, *Organization] { - return typeIter(*o, castOrganization) -} -func (o *ElementList) PersonIter() iter.Seq2[AnyElement, *Person] { return typeIter(*o, castPerson) } -func (o *ElementList) SoftwareAgentIter() iter.Seq2[AnyElement, *SoftwareAgent] { - return typeIter(*o, castSoftwareAgent) -} -func (o *ElementList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnyElement, *ExpandedlicensingConjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) -} -func (o *ElementList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyElement, *ExpandedlicensingCustomLicenseAddition] { - return typeIter(*o, castExpandedlicensingCustomLicenseAddition) -} -func (o *ElementList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnyElement, *ExpandedlicensingDisjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) + +type AnyCdxPropertyEntry interface { + asCdxPropertyEntry() *CdxPropertyEntry } -func (o *ElementList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingExtendableLicense] { - return typeIter(*o, castExpandedlicensingExtendableLicense) + +// CdxPropertyEntry A property name with an associated value. +type CdxPropertyEntry struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` + ID string `iri:"@id"` + // CdxPropValue A value used in a CdxPropertyEntry name-value pair. + CdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" type:"http://www.w3.org/2001/XMLSchema#string"` + // CdxPropName A name used in a CdxPropertyEntry name-value pair. + CdxPropName string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *ElementList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnyElement, *ExpandedlicensingIndividualLicensingInfo] { - return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) + +func (o *CdxPropertyEntry) asCdxPropertyEntry() *CdxPropertyEntry { + return o } -func (o *ElementList) ExpandedlicensingLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) + +type CdxPropertyEntryList []AnyCdxPropertyEntry + +func (o *CdxPropertyEntryList) CdxPropertyEntries() ld.TypeSeq[AnyCdxPropertyEntry, *CdxPropertyEntry] { + return ld.NewTypeSeq(*o, castCdxPropertyEntry) } -func (o *ElementList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +// ConfidentialityLevelType Categories of confidentiality level. +type ConfidentialityLevelType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` + id string `iri:"@id"` } -func (o *ElementList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyElement, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) + +// ConfidentialityLevelType_Amber Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. +var ConfidentialityLevelType_Amber = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", } -func (o *ElementList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnyElement, *ExpandedlicensingWithAdditionOperator] { - return typeIter(*o, castExpandedlicensingWithAdditionOperator) + +// ConfidentialityLevelType_Clear Dataset may be distributed freely, without restriction. +var ConfidentialityLevelType_Clear = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear", } -func (o *ElementList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) + +// ConfidentialityLevelType_Green Dataset can be shared within a community of peers and partners. +var ConfidentialityLevelType_Green = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green", } -func (o *ElementList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) + +// ConfidentialityLevelType_Red Data points in the dataset are highly confidential and can only be shared with named recipients. +var ConfidentialityLevelType_Red = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red", } -func (o *ElementList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) + +type AnyConjunctiveLicenseSet interface { + asConjunctiveLicenseSet() *ConjunctiveLicenseSet } -func (o *ElementList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) + +// ConjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information\nwhere all elements apply. +type ConjunctiveLicenseSet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet"` + LicenseInfo + // Members A license expression participating in a license set. + Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` } -func (o *ElementList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) + +func (o *ConjunctiveLicenseSet) asConjunctiveLicenseSet() *ConjunctiveLicenseSet { + return o } -func (o *ElementList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) + +type ConjunctiveLicenseSetList []AnyConjunctiveLicenseSet + +func (o *ConjunctiveLicenseSetList) ConjunctiveLicenseSets() ld.TypeSeq[AnyConjunctiveLicenseSet, *ConjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) } -func (o *ElementList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) + +type AnyContentIdentifier interface { + asContentIdentifier() *ContentIdentifier } -func (o *ElementList) SecurityVulnerabilityIter() iter.Seq2[AnyElement, *SecurityVulnerability] { - return typeIter(*o, castSecurityVulnerability) + +// ContentIdentifier A canonical, unique, immutable identifier +type ContentIdentifier struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + IntegrityMethod + // ContentIdentifierType Specifies the type of the content identifier. + ContentIdentifierType ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` + // ContentIdentifierValue Specifies the value of the content identifier. + ContentIdentifierValue ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` } -func (o *ElementList) SoftwareSoftwareArtifactIter() iter.Seq2[AnyElement, *SoftwareSoftwareArtifact] { - return typeIter(*o, castSoftwareSoftwareArtifact) + +func (o *ContentIdentifier) asContentIdentifier() *ContentIdentifier { + return o } -func (o *ElementList) BomIter() iter.Seq2[AnyElement, *Bom] { return typeIter(*o, castBom) } -func (o *ElementList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +type ContentIdentifierList []AnyContentIdentifier + +func (o *ContentIdentifierList) ContentIdentifiers() ld.TypeSeq[AnyContentIdentifier, *ContentIdentifier] { + return ld.NewTypeSeq(*o, castContentIdentifier) } -func (o *ElementList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +// ContentIdentifierType Specifies the type of a content identifier. +type ContentIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` + id string `iri:"@id"` } -func (o *ElementList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +// ContentIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var ContentIdentifierType_Gitoid = ContentIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", } -func (o *ElementList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +// ContentIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var ContentIdentifierType_Swhid = ContentIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid", } -func (o *ElementList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +type AnyCreationInfo interface { + asCreationInfo() *CreationInfo } -func (o *ElementList) SoftwareFileIter() iter.Seq2[AnyElement, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) + +// CreationInfo Provides information about the creation of the Element. +type CreationInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + ID string `iri:"@id"` + // SpecVersion Provides a reference number that can be used to understand how to parse and\ninterpret an Element. + SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Created Identifies when the Element was originally created. + Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" required:"true" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // CreatedUsing Identifies the tooling that was used during the creation of the Element. + CreatedUsing ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // CreatedBy Identifies who or what created the Element. + CreatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` } -func (o *ElementList) SoftwarePackageIter() iter.Seq2[AnyElement, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) + +func (o *CreationInfo) asCreationInfo() *CreationInfo { + return o } -func (o *ElementList) SoftwareSbomIter() iter.Seq2[AnyElement, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) + +type CreationInfoList []AnyCreationInfo + +func (o *CreationInfoList) CreationInfos() ld.TypeSeq[AnyCreationInfo, *CreationInfo] { + return ld.NewTypeSeq(*o, castCreationInfo) } -func (o *ElementList) SoftwareSnippetIter() iter.Seq2[AnyElement, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) + +type AnyCustomLicense interface { + asCustomLicense() *CustomLicense } -func (o *ElementList) AiAIPackageIter() iter.Seq2[AnyElement, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +// CustomLicense A license that is not listed on the SPDX License List. +type CustomLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense"` + License } -func (o *ElementList) DatasetDatasetPackageIter() iter.Seq2[AnyElement, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func (o *CustomLicense) asCustomLicense() *CustomLicense { + return o } -// A collection of Elements, not necessarily with unifying context. -type ElementCollection struct { - Element +type CustomLicenseList []AnyCustomLicense - // Refers to one or more Elements that are part of an ElementCollection. - Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" iri-compact:"element"` +func (o *CustomLicenseList) CustomLicenses() ld.TypeSeq[AnyCustomLicense, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) +} - // Describes one a profile which the creator of this ElementCollection intends to - // conform to. - ProfileConformances []profileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" iri-compact:"profileConformance"` - // This property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" iri-compact:"rootElement"` +type AnyCustomLicenseAddition interface { + asCustomLicenseAddition() *CustomLicenseAddition } -func castElementCollection(o any) *ElementCollection { - if o, ok := o.(AnyElementCollection); ok { - return o.asElementCollection() - } - return nil +// CustomLicenseAddition A license addition that is not listed on the SPDX Exceptions List. +type CustomLicenseAddition struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition"` + LicenseAddition } -func (o *ElementCollection) asElementCollection() *ElementCollection { +func (o *CustomLicenseAddition) asCustomLicenseAddition() *CustomLicenseAddition { return o } -type AnyElementCollection interface { - AnyElement - asElementCollection() *ElementCollection -} +type CustomLicenseAdditionList []AnyCustomLicenseAddition -type ElementCollectionList []AnyElementCollection +func (o *CustomLicenseAdditionList) CustomLicenseAdditions() ld.TypeSeq[AnyCustomLicenseAddition, *CustomLicenseAddition] { + return ld.NewTypeSeq(*o, castCustomLicenseAddition) +} -func (o *ElementCollectionList) ElementCollectionIter() iter.Seq2[AnyElementCollection, *ElementCollection] { - return typeIter(*o, castElementCollection) +// CvssSeverityType Specifies the CVSS base, temporal, threat, or environmental severity type. +type CvssSeverityType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + id string `iri:"@id"` } -func (o *ElementCollectionList) SpdxDocumentIter() iter.Seq2[AnyElementCollection, *SpdxDocument] { - return typeIter(*o, castSpdxDocument) + +// CvssSeverityType_Critical When a CVSS score is between 9.0 - 10.0 +var CvssSeverityType_Critical = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", } -func (o *ElementCollectionList) BundleIter() iter.Seq2[AnyElementCollection, *Bundle] { - return typeIter(*o, castBundle) + +// CvssSeverityType_High When a CVSS score is between 7.0 - 8.9 +var CvssSeverityType_High = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", } -func (o *ElementCollectionList) BomIter() iter.Seq2[AnyElementCollection, *Bom] { - return typeIter(*o, castBom) + +// CvssSeverityType_Low When a CVSS score is between 0.1 - 3.9 +var CvssSeverityType_Low = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", } -func (o *ElementCollectionList) SoftwareSbomIter() iter.Seq2[AnyElementCollection, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) + +// CvssSeverityType_Medium When a CVSS score is between 4.0 - 6.9 +var CvssSeverityType_Medium = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", } -// A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. -type ExternalIdentifier struct { - ID string `iri:"@id"` +// CvssSeverityType_None When a CVSS score is 0.0 +var CvssSeverityType_None = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Specifies the type of the external identifier. - ExternalIdentifierType externalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" iri-compact:"externalIdentifierType"` - // Uniquely identifies an external element. - Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" iri-compact:"identifier"` - // Provides the location for more information regarding an external identifier. - IdentifierLocators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" iri-compact:"identifierLocator"` - // An entity that is authorized to issue identification credentials. - IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" iri-compact:"issuingAuthority"` +type AnyCvssV2VulnAssessmentRelationship interface { + asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship } -func castExternalIdentifier(o any) *ExternalIdentifier { - if o, ok := o.(AnyExternalIdentifier); ok { - return o.asExternalIdentifier() - } - return nil +// CvssV2VulnAssessmentRelationship Provides a CVSS version 2.0 assessment for a vulnerability. +type CvssV2VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship"` + VulnAssessmentRelationship + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` } -func (o *ExternalIdentifier) asExternalIdentifier() *ExternalIdentifier { +func (o *CvssV2VulnAssessmentRelationship) asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship { return o } -type AnyExternalIdentifier interface { - asExternalIdentifier() *ExternalIdentifier +type CvssV2VulnAssessmentRelationshipList []AnyCvssV2VulnAssessmentRelationship + +func (o *CvssV2VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV2VulnAssessmentRelationship, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) } -type ExternalIdentifierList []AnyExternalIdentifier +type AnyCvssV3VulnAssessmentRelationship interface { + asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship +} -func (o *ExternalIdentifierList) ExternalIdentifierIter() iter.Seq2[AnyExternalIdentifier, *ExternalIdentifier] { - return typeIter(*o, castExternalIdentifier) +// CvssV3VulnAssessmentRelationship Provides a CVSS version 3 assessment for a vulnerability. +type CvssV3VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship"` + VulnAssessmentRelationship + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -// Specifies the type of an external identifier. -type externalIdentifierType struct { - ID string `iri:"@id"` +func (o *CvssV3VulnAssessmentRelationship) asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship { + return o } -// [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) -var ExternalIdentifierType_Cpe22 = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22"} +type CvssV3VulnAssessmentRelationshipList []AnyCvssV3VulnAssessmentRelationship -// [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) -var ExternalIdentifierType_Cpe23 = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23"} +func (o *CvssV3VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV3VulnAssessmentRelationship, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +} -// Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). -var ExternalIdentifierType_Cve = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve"} +type AnyCvssV4VulnAssessmentRelationship interface { + asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship +} -// Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. -var ExternalIdentifierType_Email = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email"} +// CvssV4VulnAssessmentRelationship Provides a CVSS version 4 assessment for a vulnerability. +type CvssV4VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship"` + VulnAssessmentRelationship + // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` +} -// [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var ExternalIdentifierType_Gitoid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid"} +func (o *CvssV4VulnAssessmentRelationship) asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship { + return o +} -// Used when the type does not match any of the other options. -var ExternalIdentifierType_Other = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other"} +type CvssV4VulnAssessmentRelationshipList []AnyCvssV4VulnAssessmentRelationship -// Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. -var ExternalIdentifierType_PackageUrl = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl"} +func (o *CvssV4VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV4VulnAssessmentRelationship, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) +} -// Used when there is a security related identifier of unspecified type. -var ExternalIdentifierType_SecurityOther = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther"} +// DatasetAvailabilityType Availability of dataset. +type DatasetAvailabilityType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType"` + id string `iri:"@id"` +} -// SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var ExternalIdentifierType_Swhid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid"} +// DatasetAvailabilityType_Clickthrough the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. +var DatasetAvailabilityType_Clickthrough = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", +} -// Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. -var ExternalIdentifierType_Swid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid"} +// DatasetAvailabilityType_DirectDownload the dataset is publicly available and can be downloaded directly. +var DatasetAvailabilityType_DirectDownload = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload", +} -// [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. -var ExternalIdentifierType_UrlScheme = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme"} +// DatasetAvailabilityType_Query the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. +var DatasetAvailabilityType_Query = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query", +} -// A map of Element identifiers that are used within an SpdxDocument but defined -// external to that SpdxDocument. -type ExternalMap struct { - ID string `iri:"@id"` +// DatasetAvailabilityType_Registration the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. +var DatasetAvailabilityType_Registration = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration", +} - // Artifact representing a serialization instance of SPDX data containing the - // definition of a particular Element. - DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" iri-compact:"definingArtifact"` +// DatasetAvailabilityType_ScrapingScript the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. +var DatasetAvailabilityType_ScrapingScript = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript", +} - // Identifies an external Element used within an SpdxDocument but defined - // external to that SpdxDocument. - ExternalSpdxId string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" iri-compact:"externalSpdxId"` - // Provides an indication of where to retrieve an external Element. - LocationHint string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" iri-compact:"locationHint"` - // Provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +type AnyDatasetPackage interface { + asDatasetPackage() *DatasetPackage } -func castExternalMap(o any) *ExternalMap { - if o, ok := o.(AnyExternalMap); ok { - return o.asExternalMap() - } - return nil +// DatasetPackage Specifies a data package and its associated information. +type DatasetPackage struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage"` + Package + // ConfidentialityLevel Describes the confidentiality level of the data points contained in the dataset. + ConfidentialityLevel ConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` + // AnonymizationMethodUseds Describes the anonymization methods used. + AnonymizationMethodUseds []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetUpdateMechanism Describes a mechanism to update the dataset. + DatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetNoise Describes potentially noisy elements of the dataset. + DatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetSize Captures the size of the dataset. + DatasetSize ld.NonNegativeInt `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" type:"http://www.w3.org/2001/XMLSchema#nonNegativeInteger"` + // Sensors Describes a sensor used for collecting the data. + Sensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // IntendedUse Describes what the given dataset should be used for. + IntendedUse string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" type:"http://www.w3.org/2001/XMLSchema#string"` + // DataPreprocessings Describes the preprocessing steps that were applied to the raw data to create the given dataset. + DataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" type:"http://www.w3.org/2001/XMLSchema#string"` + // KnownBias Records the biases that the dataset is known to encompass. + KnownBias []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetAvailability The field describes the availability of a dataset. + DatasetAvailability DatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType"` + // HasSensitivePersonalInformation Describes if any sensitive personal information is present in the dataset. + HasSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + // DataCollectionProcess Describes how the dataset was collected. + DataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetTypes Describes the type of the given dataset. + DatasetTypes []DatasetType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType"` } -func (o *ExternalMap) asExternalMap() *ExternalMap { +func (o *DatasetPackage) asDatasetPackage() *DatasetPackage { return o } -type AnyExternalMap interface { - asExternalMap() *ExternalMap -} +type DatasetPackageList []AnyDatasetPackage -type ExternalMapList []AnyExternalMap +func (o *DatasetPackageList) DatasetPackages() ld.TypeSeq[AnyDatasetPackage, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -func (o *ExternalMapList) ExternalMapIter() iter.Seq2[AnyExternalMap, *ExternalMap] { - return typeIter(*o, castExternalMap) +// DatasetType Enumeration of dataset types. +type DatasetType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType"` + id string `iri:"@id"` } -// A reference to a resource outside the scope of SPDX-3.0 content related to an Element. -type ExternalRef struct { - ID string `iri:"@id"` +// DatasetType_Audio data is audio based, such as a collection of music from the 80s. +var DatasetType_Audio = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` - // Specifies the type of the external reference. - ExternalRefType externalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" iri-compact:"externalRefType"` - // Provides the location of an external reference. - Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" iri-compact:"locator"` +// DatasetType_Categorical data that is classified into a discrete number of categories, such as the eye color of a population of people. +var DatasetType_Categorical = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical", } -func castExternalRef(o any) *ExternalRef { - if o, ok := o.(AnyExternalRef); ok { - return o.asExternalRef() - } - return nil +// DatasetType_Graph data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. +var DatasetType_Graph = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph", } -func (o *ExternalRef) asExternalRef() *ExternalRef { - return o +// DatasetType_Image data is a collection of images such as pictures of animals. +var DatasetType_Image = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image", } -type AnyExternalRef interface { - asExternalRef() *ExternalRef +// DatasetType_NoAssertion data type is not known. +var DatasetType_NoAssertion = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion", } -type ExternalRefList []AnyExternalRef +// DatasetType_Numeric data consists only of numeric entries. +var DatasetType_Numeric = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric", +} -func (o *ExternalRefList) ExternalRefIter() iter.Seq2[AnyExternalRef, *ExternalRef] { - return typeIter(*o, castExternalRef) +// DatasetType_Other data is of a type not included in this list. +var DatasetType_Other = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other", } -// Specifies the type of an external reference. -type externalRefType struct { - ID string `iri:"@id"` +// DatasetType_Sensor data is recorded from a physical sensor, such as a thermometer reading or biometric device. +var DatasetType_Sensor = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor", } -// A reference to an alternative download location. -var ExternalRefType_AltDownloadLocation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation"} +// DatasetType_Structured data is stored in tabular format or retrieved from a relational database. +var DatasetType_Structured = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured", +} -// A reference to an alternative web page. -var ExternalRefType_AltWebPage = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage"} +// DatasetType_Syntactic data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. +var DatasetType_Syntactic = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic", +} -// A reference to binary artifacts related to a package. -var ExternalRefType_BinaryArtifact = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact"} +// DatasetType_Text data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. +var DatasetType_Text = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text", +} -// A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). -var ExternalRefType_Bower = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower"} +// DatasetType_Timeseries data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. +var DatasetType_Timeseries = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries", +} -// A reference build metadata related to a published package. -var ExternalRefType_BuildMeta = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta"} +// DatasetType_Timestamp data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. +var DatasetType_Timestamp = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp", +} -// A reference build system used to create or publish the package. -var ExternalRefType_BuildSystem = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem"} +// DatasetType_Video data is video based, such as a collection of movie clips featuring Tom Hanks. +var DatasetType_Video = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video", +} -// A reference to a certification report for a package from an accredited/independent body. -var ExternalRefType_CertificationReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport"} +type AnyDictionaryEntry interface { + asDictionaryEntry() *DictionaryEntry +} -// A reference to the instant messaging system used by the maintainer for a package. -var ExternalRefType_Chat = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat"} +// DictionaryEntry A key with an associated value. +type DictionaryEntry struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + ID string `iri:"@id"` + // Value A value used in a generic key-value pair. + Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" type:"http://www.w3.org/2001/XMLSchema#string"` + // Key A key used in a generic key-value pair. + Key string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/key" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// A reference to a Software Composition Analysis (SCA) report. -var ExternalRefType_ComponentAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport"} +func (o *DictionaryEntry) asDictionaryEntry() *DictionaryEntry { + return o +} -// [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). -var ExternalRefType_Cwe = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe"} +type DictionaryEntryList []AnyDictionaryEntry -// A reference to the documentation for a package. -var ExternalRefType_Documentation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation"} +func (o *DictionaryEntryList) DictionaryEntries() ld.TypeSeq[AnyDictionaryEntry, *DictionaryEntry] { + return ld.NewTypeSeq(*o, castDictionaryEntry) +} -// A reference to a dynamic analysis report for a package. -var ExternalRefType_DynamicAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport"} +type AnyDisjunctiveLicenseSet interface { + asDisjunctiveLicenseSet() *DisjunctiveLicenseSet +} -// A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. -var ExternalRefType_EolNotice = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice"} +// DisjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where\nonly one of the elements applies. +type DisjunctiveLicenseSet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet"` + LicenseInfo + // Members A license expression participating in a license set. + Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` +} -// A reference to a export control assessment for a package. -var ExternalRefType_ExportControlAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment"} +func (o *DisjunctiveLicenseSet) asDisjunctiveLicenseSet() *DisjunctiveLicenseSet { + return o +} -// A reference to funding information related to a package. -var ExternalRefType_Funding = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding"} +type DisjunctiveLicenseSetList []AnyDisjunctiveLicenseSet -// A reference to the issue tracker for a package. -var ExternalRefType_IssueTracker = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker"} +func (o *DisjunctiveLicenseSetList) DisjunctiveLicenseSets() ld.TypeSeq[AnyDisjunctiveLicenseSet, *DisjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) +} -// A reference to additional license information related to an artifact. -var ExternalRefType_License = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license"} +type AnyElement interface { + asElement() *Element +} -// A reference to the mailing list used by the maintainer for a package. -var ExternalRefType_MailingList = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList"} +// Element Base domain class from which all other SPDX-3.0 domain classes derive. +type Element struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions []Extension `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsings Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` +} -// A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. -var ExternalRefType_MavenCentral = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral"} +func (o *Element) asElement() *Element { + return o +} -// A reference to metrics related to package such as OpenSSF scorecards. -var ExternalRefType_Metrics = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics"} +type ElementList []AnyElement -// A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. -var ExternalRefType_Npm = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm"} +func (o *ElementList) AIPackages() ld.TypeSeq[AnyElement, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) +} -// A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. -var ExternalRefType_Nuget = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget"} +func (o *ElementList) Agents() ld.TypeSeq[AnyElement, *Agent] { + return ld.NewTypeSeq(*o, castAgent) +} -// Used when the type does not match any of the other options. -var ExternalRefType_Other = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other"} +func (o *ElementList) Annotations() ld.TypeSeq[AnyElement, *Annotation] { + return ld.NewTypeSeq(*o, castAnnotation) +} -// A reference to a privacy assessment for a package. -var ExternalRefType_PrivacyAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment"} +func (o *ElementList) Artifacts() ld.TypeSeq[AnyElement, *Artifact] { + return ld.NewTypeSeq(*o, castArtifact) +} -// A reference to additional product metadata such as reference within organization's product catalog. -var ExternalRefType_ProductMetadata = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata"} +func (o *ElementList) Boms() ld.TypeSeq[AnyElement, *Bom] { + return ld.NewTypeSeq(*o, castBom) +} -// A reference to a purchase order for a package. -var ExternalRefType_PurchaseOrder = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder"} +func (o *ElementList) Builds() ld.TypeSeq[AnyElement, *Build] { + return ld.NewTypeSeq(*o, castBuild) +} -// A reference to a quality assessment for a package. -var ExternalRefType_QualityAssessmentReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport"} +func (o *ElementList) Bundles() ld.TypeSeq[AnyElement, *Bundle] { + return ld.NewTypeSeq(*o, castBundle) +} -// A reference to a published list of releases for a package. -var ExternalRefType_ReleaseHistory = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory"} +func (o *ElementList) ConjunctiveLicenseSets() ld.TypeSeq[AnyElement, *ConjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) +} -// A reference to the release notes for a package. -var ExternalRefType_ReleaseNotes = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes"} +func (o *ElementList) CustomLicenses() ld.TypeSeq[AnyElement, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) +} -// A reference to a risk assessment for a package. -var ExternalRefType_RiskAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment"} +func (o *ElementList) CustomLicenseAdditions() ld.TypeSeq[AnyElement, *CustomLicenseAddition] { + return ld.NewTypeSeq(*o, castCustomLicenseAddition) +} -// A reference to a runtime analysis report for a package. -var ExternalRefType_RuntimeAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport"} +func (o *ElementList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) +} -// A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). -var ExternalRefType_SecureSoftwareAttestation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation"} +func (o *ElementList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +} -// A reference to the security adversary model for a package. -var ExternalRefType_SecurityAdversaryModel = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel"} +func (o *ElementList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) +} -// A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. -var ExternalRefType_SecurityAdvisory = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory"} +func (o *ElementList) DatasetPackages() ld.TypeSeq[AnyElement, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -// A reference to the patch or source code that fixes a vulnerability. -var ExternalRefType_SecurityFix = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix"} +func (o *ElementList) DisjunctiveLicenseSets() ld.TypeSeq[AnyElement, *DisjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) +} -// A reference to related security information of unspecified type. -var ExternalRefType_SecurityOther = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther"} +func (o *ElementList) Elements() ld.TypeSeq[AnyElement, *Element] { + return ld.NewTypeSeq(*o, castElement) +} -// A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. -var ExternalRefType_SecurityPenTestReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport"} +func (o *ElementList) ElementCollections() ld.TypeSeq[AnyElement, *ElementCollection] { + return ld.NewTypeSeq(*o, castElementCollection) +} -// A reference to instructions for reporting newly discovered security vulnerabilities for a package. -var ExternalRefType_SecurityPolicy = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy"} +func (o *ElementList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +} -// A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. -var ExternalRefType_SecurityThreatModel = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel"} +func (o *ElementList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) +} -// A reference to a social media channel for a package. -var ExternalRefType_SocialMedia = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia"} +func (o *ElementList) ExtendableLicenses() ld.TypeSeq[AnyElement, *ExtendableLicense] { + return ld.NewTypeSeq(*o, castExtendableLicense) +} -// A reference to an artifact containing the sources for a package. -var ExternalRefType_SourceArtifact = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact"} +func (o *ElementList) Files() ld.TypeSeq[AnyElement, *File] { + return ld.NewTypeSeq(*o, castFile) +} -// A reference to a static analysis report for a package. -var ExternalRefType_StaticAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport"} +func (o *ElementList) IndividualElements() ld.TypeSeq[AnyElement, *IndividualElement] { + return ld.NewTypeSeq(*o, castIndividualElement) +} -// A reference to the software support channel or other support information for a package. -var ExternalRefType_Support = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support"} +func (o *ElementList) IndividualLicensingInfos() ld.TypeSeq[AnyElement, *IndividualLicensingInfo] { + return ld.NewTypeSeq(*o, castIndividualLicensingInfo) +} -// A reference to a version control system related to a software artifact. -var ExternalRefType_Vcs = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs"} +func (o *ElementList) Licenses() ld.TypeSeq[AnyElement, *License] { + return ld.NewTypeSeq(*o, castLicense) +} -// A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). -var ExternalRefType_VulnerabilityDisclosureReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"} +func (o *ElementList) LicenseAdditions() ld.TypeSeq[AnyElement, *LicenseAddition] { + return ld.NewTypeSeq(*o, castLicenseAddition) +} -// A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). -var ExternalRefType_VulnerabilityExploitabilityAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"} +func (o *ElementList) LicenseExpressions() ld.TypeSeq[AnyElement, *LicenseExpression] { + return ld.NewTypeSeq(*o, castLicenseExpression) +} -// A mathematical algorithm that maps data of arbitrary size to a bit string. -type hashAlgorithm struct { - ID string `iri:"@id"` +func (o *ElementList) LicenseInfos() ld.TypeSeq[AnyElement, *LicenseInfo] { + return ld.NewTypeSeq(*o, castLicenseInfo) } -// Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. -var HashAlgorithm_Adler32 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32"} +func (o *ElementList) LifecycleScopedRelationships() ld.TypeSeq[AnyElement, *LifecycleScopedRelationship] { + return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) +} -// BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256"} +func (o *ElementList) ListedLicenses() ld.TypeSeq[AnyElement, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) +} -// BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384"} +func (o *ElementList) ListedLicenseExceptions() ld.TypeSeq[AnyElement, *ListedLicenseException] { + return ld.NewTypeSeq(*o, castListedLicenseException) +} -// BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512"} +func (o *ElementList) OrLaterOperators() ld.TypeSeq[AnyElement, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) +} -// [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) -var HashAlgorithm_Blake3 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3"} +func (o *ElementList) Organizations() ld.TypeSeq[AnyElement, *Organization] { + return ld.NewTypeSeq(*o, castOrganization) +} -// [Dilithium](https://pq-crystals.org/dilithium/) -var HashAlgorithm_CrystalsDilithium = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium"} +func (o *ElementList) Packages() ld.TypeSeq[AnyElement, *Package] { + return ld.NewTypeSeq(*o, castPackage) +} -// [Kyber](https://pq-crystals.org/kyber/) -var HashAlgorithm_CrystalsKyber = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber"} +func (o *ElementList) People() ld.TypeSeq[AnyElement, *Person] { + return ld.NewTypeSeq(*o, castPerson) +} -// [FALCON](https://falcon-sign.info/falcon.pdf) -var HashAlgorithm_Falcon = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon"} +func (o *ElementList) Relationships() ld.TypeSeq[AnyElement, *Relationship] { + return ld.NewTypeSeq(*o, castRelationship) +} -// MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). -var HashAlgorithm_Md2 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2"} +func (o *ElementList) Sboms() ld.TypeSeq[AnyElement, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) +} -// MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). -var HashAlgorithm_Md4 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4"} +func (o *ElementList) SimpleLicensingTexts() ld.TypeSeq[AnyElement, *SimpleLicensingText] { + return ld.NewTypeSeq(*o, castSimpleLicensingText) +} -// MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). -var HashAlgorithm_Md5 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5"} +func (o *ElementList) Snippets() ld.TypeSeq[AnyElement, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) +} -// [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) -var HashAlgorithm_Md6 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6"} +func (o *ElementList) SoftwareAgents() ld.TypeSeq[AnyElement, *SoftwareAgent] { + return ld.NewTypeSeq(*o, castSoftwareAgent) +} -// any hashing algorithm that does not exist in this list of entries -var HashAlgorithm_Other = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other"} +func (o *ElementList) SoftwareArtifacts() ld.TypeSeq[AnyElement, *SoftwareArtifact] { + return ld.NewTypeSeq(*o, castSoftwareArtifact) +} -// SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). -var HashAlgorithm_Sha1 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1"} +func (o *ElementList) SpdxDocuments() ld.TypeSeq[AnyElement, *SpdxDocument] { + return ld.NewTypeSeq(*o, castSpdxDocument) +} -// SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). -var HashAlgorithm_Sha224 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224"} +func (o *ElementList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) +} -// SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256"} +func (o *ElementList) Tools() ld.TypeSeq[AnyElement, *Tool] { + return ld.NewTypeSeq(*o, castTool) +} -// SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384"} +func (o *ElementList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3224 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224"} +func (o *ElementList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256"} +func (o *ElementList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384"} +func (o *ElementList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512"} +func (o *ElementList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) +} -// SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512"} +func (o *ElementList) VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) +} -// A concrete subclass of Element used by Individuals in the -// Core profile. -type IndividualElement struct { - Element +func (o *ElementList) Vulnerabilities() ld.TypeSeq[AnyElement, *Vulnerability] { + return ld.NewTypeSeq(*o, castVulnerability) } -// An Individual Value for Element representing a set of Elements of unknown -// identify or cardinality (number). -var IndividualElement_NoAssertionElement = IndividualElement{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement"}} +func (o *ElementList) WithAdditionOperators() ld.TypeSeq[AnyElement, *WithAdditionOperator] { + return ld.NewTypeSeq(*o, castWithAdditionOperator) +} -// An Individual Value for Element representing a set of Elements with -// cardinality (number/count) of zero. -var IndividualElement_NoneElement = IndividualElement{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement"}} +type AnyElementCollection interface { + asElementCollection() *ElementCollection +} -func castIndividualElement(o any) *IndividualElement { - if o, ok := o.(AnyIndividualElement); ok { - return o.asIndividualElement() - } - return nil +// ElementCollection A collection of Elements, not necessarily with unifying context. +type ElementCollection struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection"` + Element + // Elements Refers to one or more Elements that are part of an ElementCollection. + Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // RootElements This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to\nconform to. + ProfileConformances []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" type:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` } -func (o *IndividualElement) asIndividualElement() *IndividualElement { +func (o *ElementCollection) asElementCollection() *ElementCollection { return o } -type AnyIndividualElement interface { - AnyElement - asIndividualElement() *IndividualElement +type ElementCollectionList []AnyElementCollection + +func (o *ElementCollectionList) Boms() ld.TypeSeq[AnyElementCollection, *Bom] { + return ld.NewTypeSeq(*o, castBom) } -type IndividualElementList []AnyIndividualElement +func (o *ElementCollectionList) Bundles() ld.TypeSeq[AnyElementCollection, *Bundle] { + return ld.NewTypeSeq(*o, castBundle) +} -func (o *IndividualElementList) IndividualElementIter() iter.Seq2[AnyIndividualElement, *IndividualElement] { - return typeIter(*o, castIndividualElement) +func (o *ElementCollectionList) ElementCollections() ld.TypeSeq[AnyElementCollection, *ElementCollection] { + return ld.NewTypeSeq(*o, castElementCollection) } -// Provides an independently reproducible mechanism that permits verification of a specific Element. -type IntegrityMethod struct { - ID string `iri:"@id"` +func (o *ElementCollectionList) Sboms() ld.TypeSeq[AnyElementCollection, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` +func (o *ElementCollectionList) SpdxDocuments() ld.TypeSeq[AnyElementCollection, *SpdxDocument] { + return ld.NewTypeSeq(*o, castSpdxDocument) } -func castIntegrityMethod(o any) *IntegrityMethod { - if o, ok := o.(AnyIntegrityMethod); ok { - return o.asIntegrityMethod() - } - return nil +type AnyEnergyConsumption interface { + asEnergyConsumption() *EnergyConsumption } -func (o *IntegrityMethod) asIntegrityMethod() *IntegrityMethod { - return o +// EnergyConsumption A class for describing the energy consumption incurred by an AI model in\ndifferent stages of its lifecycle. +type EnergyConsumption struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption"` + ID string `iri:"@id"` + // InferenceEnergyConsumptions Specifies the amount of energy consumed during inference time by an AI model\nthat is being used in the AI system. + InferenceEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + // TrainingEnergyConsumptions Specifies the amount of energy consumed when training the AI model that is\nbeing used in the AI system. + TrainingEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + // FinetuningEnergyConsumptions Specifies the amount of energy consumed when finetuning the AI model that is\nbeing used in the AI system. + FinetuningEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` } -type AnyIntegrityMethod interface { - asIntegrityMethod() *IntegrityMethod +func (o *EnergyConsumption) asEnergyConsumption() *EnergyConsumption { + return o } -type IntegrityMethodList []AnyIntegrityMethod +type EnergyConsumptionList []AnyEnergyConsumption -func (o *IntegrityMethodList) IntegrityMethodIter() iter.Seq2[AnyIntegrityMethod, *IntegrityMethod] { - return typeIter(*o, castIntegrityMethod) +func (o *EnergyConsumptionList) EnergyConsumptions() ld.TypeSeq[AnyEnergyConsumption, *EnergyConsumption] { + return ld.NewTypeSeq(*o, castEnergyConsumption) } -func (o *IntegrityMethodList) PackageVerificationCodeIter() iter.Seq2[AnyIntegrityMethod, *PackageVerificationCode] { - return typeIter(*o, castPackageVerificationCode) -} -func (o *IntegrityMethodList) SoftwareContentIdentifierIter() iter.Seq2[AnyIntegrityMethod, *SoftwareContentIdentifier] { - return typeIter(*o, castSoftwareContentIdentifier) -} -func (o *IntegrityMethodList) HashIter() iter.Seq2[AnyIntegrityMethod, *Hash] { - return typeIter(*o, castHash) + +type AnyEnergyConsumptionDescription interface { + asEnergyConsumptionDescription() *EnergyConsumptionDescription } -// Provide an enumerated set of lifecycle phases that can provide context to relationships. -type lifecycleScopeType struct { - ID string `iri:"@id"` +// EnergyConsumptionDescription The class that helps note down the quantity of energy consumption and the unit\nused for measurement. +type EnergyConsumptionDescription struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + ID string `iri:"@id"` + // EnergyQuantity Represents the energy quantity. + EnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // EnergyUnit Specifies the unit in which energy is measured. + EnergyUnit EnergyUnitType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType"` } -// A relationship has specific context implications during an element's build phase, during development. -var LifecycleScopeType_Build = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build"} +func (o *EnergyConsumptionDescription) asEnergyConsumptionDescription() *EnergyConsumptionDescription { + return o +} -// A relationship has specific context implications during an element's design. -var LifecycleScopeType_Design = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design"} +type EnergyConsumptionDescriptionList []AnyEnergyConsumptionDescription -// A relationship has specific context implications during development phase of an element. -var LifecycleScopeType_Development = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development"} +func (o *EnergyConsumptionDescriptionList) EnergyConsumptionDescriptions() ld.TypeSeq[AnyEnergyConsumptionDescription, *EnergyConsumptionDescription] { + return ld.NewTypeSeq(*o, castEnergyConsumptionDescription) +} -// A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. -var LifecycleScopeType_Other = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other"} +// EnergyUnitType Specifies the unit of energy consumption. +type EnergyUnitType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType"` + id string `iri:"@id"` +} -// A relationship has specific context implications during the execution phase of an element. -var LifecycleScopeType_Runtime = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime"} +// EnergyUnitType_KilowattHour Kilowatt-hour. +var EnergyUnitType_KilowattHour = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", +} -// A relationship has specific context implications during an element's testing phase, during development. -var LifecycleScopeType_Test = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test"} +// EnergyUnitType_Megajoule Megajoule. +var EnergyUnitType_Megajoule = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule", +} -// A mapping between prefixes and namespace partial URIs. -type NamespaceMap struct { - ID string `iri:"@id"` +// EnergyUnitType_Other Any other units of energy measurement. +var EnergyUnitType_Other = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other", +} - // Provides an unambiguous mechanism for conveying a URI fragment portion of an - // Element ID. - Namespace string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" iri-compact:"namespace"` - // A substitute for a URI. - Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" iri-compact:"prefix"` +type AnyEpssVulnAssessmentRelationship interface { + asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship } -func castNamespaceMap(o any) *NamespaceMap { - if o, ok := o.(AnyNamespaceMap); ok { - return o.asNamespaceMap() - } - return nil +// EpssVulnAssessmentRelationship Provides an EPSS assessment for a vulnerability. +type EpssVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship"` + VulnAssessmentRelationship + // Probability A probability score between 0 and 1 of a vulnerability being exploited. + Probability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // Percentile The percentile of the current probability score. + Percentile float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/percentile" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` } -func (o *NamespaceMap) asNamespaceMap() *NamespaceMap { +func (o *EpssVulnAssessmentRelationship) asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship { return o } -type AnyNamespaceMap interface { - asNamespaceMap() *NamespaceMap -} +type EpssVulnAssessmentRelationshipList []AnyEpssVulnAssessmentRelationship -type NamespaceMapList []AnyNamespaceMap +func (o *EpssVulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyEpssVulnAssessmentRelationship, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +} -func (o *NamespaceMapList) NamespaceMapIter() iter.Seq2[AnyNamespaceMap, *NamespaceMap] { - return typeIter(*o, castNamespaceMap) +// ExploitCatalogType Specifies the exploit catalog type. +type ExploitCatalogType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType"` + id string `iri:"@id"` } -// An SPDX version 2.X compatible verification method for software packages. -type PackageVerificationCode struct { - IntegrityMethod +// ExploitCatalogType_Kev CISA's Known Exploited Vulnerability (KEV) Catalog +var ExploitCatalogType_Kev = ExploitCatalogType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", +} - // Specifies the algorithm used for calculating the hash value. - Algorithm hashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" iri-compact:"algorithm"` - // The result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" iri-compact:"hashValue"` - // The relative file name of a file to be excluded from the - // `PackageVerificationCode`. - PackageVerificationCodeExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" iri-compact:"packageVerificationCodeExcludedFile"` +// ExploitCatalogType_Other Other exploit catalogs +var ExploitCatalogType_Other = ExploitCatalogType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other", } -func castPackageVerificationCode(o any) *PackageVerificationCode { - if o, ok := o.(AnyPackageVerificationCode); ok { - return o.asPackageVerificationCode() - } - return nil +type AnyExploitCatalogVulnAssessmentRelationship interface { + asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship } -func (o *PackageVerificationCode) asPackageVerificationCode() *PackageVerificationCode { - return o +// ExploitCatalogVulnAssessmentRelationship Provides an exploit assessment of a vulnerability. +type ExploitCatalogVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship"` + VulnAssessmentRelationship + // Locator Provides the location of an exploit catalog. + Locator ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Exploited Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + Exploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" required:"true" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // CatalogType Specifies the exploit catalog type. + CatalogType ExploitCatalogType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/catalogType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType"` } -type AnyPackageVerificationCode interface { - AnyIntegrityMethod - asPackageVerificationCode() *PackageVerificationCode +func (o *ExploitCatalogVulnAssessmentRelationship) asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship { + return o } -type PackageVerificationCodeList []AnyPackageVerificationCode +type ExploitCatalogVulnAssessmentRelationshipList []AnyExploitCatalogVulnAssessmentRelationship -func (o *PackageVerificationCodeList) PackageVerificationCodeIter() iter.Seq2[AnyPackageVerificationCode, *PackageVerificationCode] { - return typeIter(*o, castPackageVerificationCode) +func (o *ExploitCatalogVulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyExploitCatalogVulnAssessmentRelationship, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) } -// A tuple of two positive integers that define a range. -type PositiveIntegerRange struct { - ID string `iri:"@id"` - - // Defines the beginning of a range. - BeginIntegerRange int `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" iri-compact:"beginIntegerRange"` - // Defines the end of a range. - EndIntegerRange int `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" iri-compact:"endIntegerRange"` +type AnyExtendableLicense interface { + asExtendableLicense() *ExtendableLicense } -func castPositiveIntegerRange(o any) *PositiveIntegerRange { - if o, ok := o.(AnyPositiveIntegerRange); ok { - return o.asPositiveIntegerRange() - } - return nil +// ExtendableLicense Abstract class representing a License or an OrLaterOperator. +type ExtendableLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` + LicenseInfo } -func (o *PositiveIntegerRange) asPositiveIntegerRange() *PositiveIntegerRange { +func (o *ExtendableLicense) asExtendableLicense() *ExtendableLicense { return o } -type AnyPositiveIntegerRange interface { - asPositiveIntegerRange() *PositiveIntegerRange +type ExtendableLicenseList []AnyExtendableLicense + +func (o *ExtendableLicenseList) CustomLicenses() ld.TypeSeq[AnyExtendableLicense, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) } -type PositiveIntegerRangeList []AnyPositiveIntegerRange +func (o *ExtendableLicenseList) ExtendableLicenses() ld.TypeSeq[AnyExtendableLicense, *ExtendableLicense] { + return ld.NewTypeSeq(*o, castExtendableLicense) +} -func (o *PositiveIntegerRangeList) PositiveIntegerRangeIter() iter.Seq2[AnyPositiveIntegerRange, *PositiveIntegerRange] { - return typeIter(*o, castPositiveIntegerRange) +func (o *ExtendableLicenseList) Licenses() ld.TypeSeq[AnyExtendableLicense, *License] { + return ld.NewTypeSeq(*o, castLicense) } -// Categories of presence or absence. -type presenceType struct { - ID string `iri:"@id"` +func (o *ExtendableLicenseList) ListedLicenses() ld.TypeSeq[AnyExtendableLicense, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) } -// Indicates absence of the field. -var PresenceType_No = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no"} +func (o *ExtendableLicenseList) OrLaterOperators() ld.TypeSeq[AnyExtendableLicense, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) +} -// Makes no assertion about the field. -var PresenceType_NoAssertion = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion"} +// Extension A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. +type Extension struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + id string `iri:"@id"` +} +type AnyExternalIdentifier interface { + asExternalIdentifier() *ExternalIdentifier +} -// Indicates presence of the field. -var PresenceType_Yes = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes"} +// ExternalIdentifier A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. +type ExternalIdentifier struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + ID string `iri:"@id"` + // Identifier Uniquely identifies an external element. + Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // IssuingAuthority An entity that is authorized to issue identification credentials. + IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // IdentifierLocators Provides the location for more information regarding an external identifier. + IdentifierLocators []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // ExternalIdentifierType Specifies the type of the external identifier. + ExternalIdentifierType ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` +} -// Enumeration of the valid profiles. -type profileIdentifierType struct { - ID string `iri:"@id"` +func (o *ExternalIdentifier) asExternalIdentifier() *ExternalIdentifier { + return o } -// the element follows the AI profile specification -var ProfileIdentifierType_Ai = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai"} +type ExternalIdentifierList []AnyExternalIdentifier + +func (o *ExternalIdentifierList) ExternalIdentifiers() ld.TypeSeq[AnyExternalIdentifier, *ExternalIdentifier] { + return ld.NewTypeSeq(*o, castExternalIdentifier) +} -// the element follows the Build profile specification -var ProfileIdentifierType_Build = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build"} +// ExternalIdentifierType Specifies the type of an external identifier. +type ExternalIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` + id string `iri:"@id"` +} -// the element follows the Core profile specification -var ProfileIdentifierType_Core = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core"} +// ExternalIdentifierType_Cpe22 [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) +var ExternalIdentifierType_Cpe22 = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", +} -// the element follows the Dataset profile specification -var ProfileIdentifierType_Dataset = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset"} +// ExternalIdentifierType_Cpe23 [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) +var ExternalIdentifierType_Cpe23 = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23", +} -// the element follows the ExpandedLicensing profile specification -var ProfileIdentifierType_ExpandedLicensing = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing"} +// ExternalIdentifierType_Cve Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). +var ExternalIdentifierType_Cve = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve", +} -// the element follows the Extension profile specification -var ProfileIdentifierType_Extension = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension"} +// ExternalIdentifierType_Email Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. +var ExternalIdentifierType_Email = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email", +} -// the element follows the Lite profile specification -var ProfileIdentifierType_Lite = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite"} +// ExternalIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var ExternalIdentifierType_Gitoid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid", +} -// the element follows the Security profile specification -var ProfileIdentifierType_Security = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security"} +// ExternalIdentifierType_Other Used when the type does not match any of the other options. +var ExternalIdentifierType_Other = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", +} -// the element follows the SimpleLicensing profile specification -var ProfileIdentifierType_SimpleLicensing = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing"} +// ExternalIdentifierType_PackageUrl Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. +var ExternalIdentifierType_PackageUrl = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", +} -// the element follows the Software profile specification -var ProfileIdentifierType_Software = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software"} +// ExternalIdentifierType_SecurityOther Used when there is a security related identifier of unspecified type. +var ExternalIdentifierType_SecurityOther = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther", +} -// Describes a relationship between one or more elements. -type Relationship struct { - Element +// ExternalIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var ExternalIdentifierType_Swhid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid", +} - // Provides information about the completeness of relationships. - Completeness relationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" iri-compact:"completeness"` - // Specifies the time from which an element is no longer applicable / valid. - EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" iri-compact:"endTime"` - // References the Element on the left-hand side of a relationship. - From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" iri-compact:"from"` +// ExternalIdentifierType_Swid Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. +var ExternalIdentifierType_Swid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid", +} - // Information about the relationship between two Elements. - RelationshipType relationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" iri-compact:"relationshipType"` - // Specifies the time from which an element is applicable / valid. - StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" iri-compact:"startTime"` - // References an Element on the right-hand side of a relationship. - Tos ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" iri-compact:"to"` +// ExternalIdentifierType_UrlScheme [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. +var ExternalIdentifierType_UrlScheme = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme", } -func castRelationship(o any) *Relationship { - if o, ok := o.(AnyRelationship); ok { - return o.asRelationship() - } - return nil +type AnyExternalMap interface { + asExternalMap() *ExternalMap } -func (o *Relationship) asRelationship() *Relationship { - return o +// ExternalMap A map of Element identifiers that are used within an SpdxDocument but defined\nexternal to that SpdxDocument. +type ExternalMap struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap"` + ID string `iri:"@id"` + // ExternalSpdxId Identifies an external Element used within an SpdxDocument but defined\nexternal to that SpdxDocument. + ExternalSpdxId ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // LocationHint Provides an indication of where to retrieve an external Element. + LocationHint ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // VerifiedUsings Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // DefiningArtifact Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element. + DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" type:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` } -type AnyRelationship interface { - AnyElement - asRelationship() *Relationship +func (o *ExternalMap) asExternalMap() *ExternalMap { + return o } -type RelationshipList []AnyRelationship +type ExternalMapList []AnyExternalMap -func (o *RelationshipList) RelationshipIter() iter.Seq2[AnyRelationship, *Relationship] { - return typeIter(*o, castRelationship) +func (o *ExternalMapList) ExternalMaps() ld.TypeSeq[AnyExternalMap, *ExternalMap] { + return ld.NewTypeSeq(*o, castExternalMap) } -func (o *RelationshipList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVulnAssessmentRelationship) + +type AnyExternalRef interface { + asExternalRef() *ExternalRef } -func (o *RelationshipList) LifecycleScopedRelationshipIter() iter.Seq2[AnyRelationship, *LifecycleScopedRelationship] { - return typeIter(*o, castLifecycleScopedRelationship) + +// ExternalRef A reference to a resource outside the scope of SPDX-3.0 content related to an Element. +type ExternalRef struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + ID string `iri:"@id"` + // Locators Provides the location of an external reference. + Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" type:"http://www.w3.org/2001/XMLSchema#string"` + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // ExternalRefType Specifies the type of the external reference. + ExternalRefType ExternalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *RelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) + +func (o *ExternalRef) asExternalRef() *ExternalRef { + return o } -func (o *RelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) + +type ExternalRefList []AnyExternalRef + +func (o *ExternalRefList) ExternalRefs() ld.TypeSeq[AnyExternalRef, *ExternalRef] { + return ld.NewTypeSeq(*o, castExternalRef) } -func (o *RelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) + +// ExternalRefType Specifies the type of an external reference. +type ExternalRefType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` + id string `iri:"@id"` } -func (o *RelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) + +// ExternalRefType_AltDownloadLocation A reference to an alternative download location. +var ExternalRefType_AltDownloadLocation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", } -func (o *RelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) + +// ExternalRefType_AltWebPage A reference to an alternative web page. +var ExternalRefType_AltWebPage = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage", } -func (o *RelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) + +// ExternalRefType_BinaryArtifact A reference to binary artifacts related to a package. +var ExternalRefType_BinaryArtifact = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact", } -func (o *RelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) + +// ExternalRefType_Bower A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install). +var ExternalRefType_Bower = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower", } -func (o *RelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +// ExternalRefType_BuildMeta A reference build metadata related to a published package. +var ExternalRefType_BuildMeta = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta", } -func (o *RelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +// ExternalRefType_BuildSystem A reference build system used to create or publish the package. +var ExternalRefType_BuildSystem = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem", } -func (o *RelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +// ExternalRefType_CertificationReport A reference to a certification report for a package from an accredited/independent body. +var ExternalRefType_CertificationReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport", } -func (o *RelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +// ExternalRefType_Chat A reference to the instant messaging system used by the maintainer for a package. +var ExternalRefType_Chat = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat", } -// Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. -type relationshipCompleteness struct { - ID string `iri:"@id"` +// ExternalRefType_ComponentAnalysisReport A reference to a Software Composition Analysis (SCA) report. +var ExternalRefType_ComponentAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport", } -// The relationship is known to be exhaustive. -var RelationshipCompleteness_Complete = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete"} +// ExternalRefType_Cwe [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). +var ExternalRefType_Cwe = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe", +} -// The relationship is known not to be exhaustive. -var RelationshipCompleteness_Incomplete = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete"} +// ExternalRefType_Documentation A reference to the documentation for a package. +var ExternalRefType_Documentation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation", +} -// No assertion can be made about the completeness of the relationship. -var RelationshipCompleteness_NoAssertion = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion"} +// ExternalRefType_DynamicAnalysisReport A reference to a dynamic analysis report for a package. +var ExternalRefType_DynamicAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport", +} -// Information about the relationship between two Elements. -type relationshipType struct { - ID string `iri:"@id"` +// ExternalRefType_EolNotice A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. +var ExternalRefType_EolNotice = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice", } -// The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_Affects = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects"} +// ExternalRefType_ExportControlAssessment A reference to a export control assessment for a package. +var ExternalRefType_ExportControlAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment", +} -// The `from` Element is amended by each `to` Element. -var RelationshipType_AmendedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy"} +// ExternalRefType_Funding A reference to funding information related to a package. +var ExternalRefType_Funding = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding", +} -// The `from` Element is an ancestor of each `to` Element. -var RelationshipType_AncestorOf = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf"} +// ExternalRefType_IssueTracker A reference to the issue tracker for a package. +var ExternalRefType_IssueTracker = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker", +} -// The `from` Element is available from the additional supplier described by each `to` Element. -var RelationshipType_AvailableFrom = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom"} +// ExternalRefType_License A reference to additional license information related to an artifact. +var ExternalRefType_License = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license", +} -// The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. -var RelationshipType_Configures = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures"} +// ExternalRefType_MailingList A reference to the mailing list used by the maintainer for a package. +var ExternalRefType_MailingList = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList", +} -// The `from` Element contains each `to` Element. -var RelationshipType_Contains = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains"} +// ExternalRefType_MavenCentral A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. +var ExternalRefType_MavenCentral = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral", +} -// The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). -var RelationshipType_CoordinatedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy"} +// ExternalRefType_Metrics A reference to metrics related to package such as OpenSSF scorecards. +var ExternalRefType_Metrics = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics", +} -// The `from` Element has been copied to each `to` Element. -var RelationshipType_CopiedTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo"} +// ExternalRefType_Npm A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. +var ExternalRefType_Npm = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm", +} -// The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). -var RelationshipType_DelegatedTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo"} +// ExternalRefType_Nuget A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. +var ExternalRefType_Nuget = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget", +} -// The `from` Element depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_DependsOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn"} +// ExternalRefType_Other Used when the type does not match any of the other options. +var ExternalRefType_Other = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other", +} -// The `from` Element is a descendant of each `to` Element. -var RelationshipType_DescendantOf = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf"} +// ExternalRefType_PrivacyAssessment A reference to a privacy assessment for a package. +var ExternalRefType_PrivacyAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment", +} -// The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. -var RelationshipType_Describes = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes"} +// ExternalRefType_ProductMetadata A reference to additional product metadata such as reference within organization's product catalog. +var ExternalRefType_ProductMetadata = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata", +} -// The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_DoesNotAffect = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect"} +// ExternalRefType_PurchaseOrder A reference to a purchase order for a package. +var ExternalRefType_PurchaseOrder = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder", +} -// The `from` archive expands out as an artifact described by each `to` Element. -var RelationshipType_ExpandsTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo"} +// ExternalRefType_QualityAssessmentReport A reference to a quality assessment for a package. +var ExternalRefType_QualityAssessmentReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport", +} -// The `from` Vulnerability has had an exploit created against it by each `to` Agent. -var RelationshipType_ExploitCreatedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy"} +// ExternalRefType_ReleaseHistory A reference to a published list of releases for a package. +var ExternalRefType_ReleaseHistory = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory", +} -// Designates a `from` Vulnerability has been fixed by the `to` Agent(s). -var RelationshipType_FixedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy"} +// ExternalRefType_ReleaseNotes A reference to the release notes for a package. +var ExternalRefType_ReleaseNotes = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes", +} -// A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. -var RelationshipType_FixedIn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn"} +// ExternalRefType_RiskAssessment A reference to a risk assessment for a package. +var ExternalRefType_RiskAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment", +} -// Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). -var RelationshipType_FoundBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy"} +// ExternalRefType_RuntimeAnalysisReport A reference to a runtime analysis report for a package. +var ExternalRefType_RuntimeAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport", +} -// The `from` Element generates each `to` Element. -var RelationshipType_Generates = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates"} +// ExternalRefType_SecureSoftwareAttestation A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). +var ExternalRefType_SecureSoftwareAttestation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation", +} -// Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). -var RelationshipType_HasAddedFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile"} +// ExternalRefType_SecurityAdversaryModel A reference to the security adversary model for a package. +var ExternalRefType_SecurityAdversaryModel = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel", +} -// Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. -var RelationshipType_HasAssessmentFor = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor"} +// ExternalRefType_SecurityAdvisory A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. +var ExternalRefType_SecurityAdvisory = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory", +} -// Used to associate a `from` Artifact with each `to` Vulnerability. -var RelationshipType_HasAssociatedVulnerability = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability"} +// ExternalRefType_SecurityFix A reference to the patch or source code that fixes a vulnerability. +var ExternalRefType_SecurityFix = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix", +} -// The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. -var RelationshipType_HasConcludedLicense = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense"} +// ExternalRefType_SecurityOther A reference to related security information of unspecified type. +var ExternalRefType_SecurityOther = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther", +} -// The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. -var RelationshipType_HasDataFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile"} +// ExternalRefType_SecurityPenTestReport A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. +var ExternalRefType_SecurityPenTestReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport", +} -// The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. -var RelationshipType_HasDeclaredLicense = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense"} +// ExternalRefType_SecurityPolicy A reference to instructions for reporting newly discovered security vulnerabilities for a package. +var ExternalRefType_SecurityPolicy = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy", +} -// Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). -var RelationshipType_HasDeletedFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile"} +// ExternalRefType_SecurityThreatModel A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. +var ExternalRefType_SecurityThreatModel = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel", +} -// The `from` Element has manifest files that contain dependency information in each `to` Element. -var RelationshipType_HasDependencyManifest = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest"} +// ExternalRefType_SocialMedia A reference to a social media channel for a package. +var ExternalRefType_SocialMedia = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia", +} -// The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). -var RelationshipType_HasDistributionArtifact = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact"} +// ExternalRefType_SourceArtifact A reference to an artifact containing the sources for a package. +var ExternalRefType_SourceArtifact = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact", +} -// The `from` Element is documented by each `to` Element. -var RelationshipType_HasDocumentation = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation"} +// ExternalRefType_StaticAnalysisReport A reference to a static analysis report for a package. +var ExternalRefType_StaticAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport", +} -// The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasDynamicLink = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink"} +// ExternalRefType_Support A reference to the software support channel or other support information for a package. +var ExternalRefType_Support = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support", +} -// Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). -var RelationshipType_HasEvidence = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence"} +// ExternalRefType_Vcs A reference to a version control system related to a software artifact. +var ExternalRefType_Vcs = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs", +} -// Every `to` Element is an example for the `from` Element (`from` hasExample `to`). -var RelationshipType_HasExample = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample"} +// ExternalRefType_VulnerabilityDisclosureReport A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). +var ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport", +} -// The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). -var RelationshipType_HasHost = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost"} +// ExternalRefType_VulnerabilityExploitabilityAssessment A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). +var ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment", +} -// The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. -var RelationshipType_HasInput = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput"} +type AnyFile interface { + asFile() *File +} -// Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). -var RelationshipType_HasMetadata = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata"} +// File Refers to any object that stores content on a computer. +type File struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + SoftwareArtifact + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // FileKind Describes if a given file is a directory or non-directory kind of file. + FileKind FileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" type:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` +} -// Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). -var RelationshipType_HasOptionalComponent = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent"} +func (o *File) asFile() *File { + return o +} -// The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasOptionalDependency = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency"} +type FileList []AnyFile -// The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. -var RelationshipType_HasOutput = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput"} +func (o *FileList) Files() ld.TypeSeq[AnyFile, *File] { + return ld.NewTypeSeq(*o, castFile) +} -// The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasPrerequisite = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite"} +// FileKindType Enumeration of the different kinds of SPDX file. +type FileKindType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` + id string `iri:"@id"` +} -// The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. -var RelationshipType_HasProvidedDependency = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency"} +// FileKindType_Directory The file represents a directory and all content stored in that directory. +var FileKindType_Directory = FileKindType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", +} -// The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasRequirement = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement"} +// FileKindType_File The file represents a single file (default). +var FileKindType_File = FileKindType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file", +} -// Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. -var RelationshipType_HasSpecification = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification"} +type AnyHash interface { + asHash() *Hash +} -// The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasStaticLink = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink"} +// Hash A mathematically calculated representation of a grouping of data. +type Hash struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` + IntegrityMethod + // HashValue The result of applying a hash algorithm to an Element. + HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Algorithm Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` +} -// Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. -var RelationshipType_HasTest = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest"} +func (o *Hash) asHash() *Hash { + return o +} -// Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). -var RelationshipType_HasTestCase = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase"} +type HashList []AnyHash -// Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). -var RelationshipType_HasVariant = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant"} +func (o *HashList) Hashes() ld.TypeSeq[AnyHash, *Hash] { + return ld.NewTypeSeq(*o, castHash) +} -// The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). -var RelationshipType_InvokedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy"} +// HashAlgorithm A mathematical algorithm that maps data of arbitrary size to a bit string. +type HashAlgorithm struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` + id string `iri:"@id"` +} -// The `from` Element is modified by each `to` Element. -var RelationshipType_ModifiedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy"} +// HashAlgorithm_Adler32 Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. +var HashAlgorithm_Adler32 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32", +} -// Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). -var RelationshipType_Other = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other"} +// HashAlgorithm_Blake2b256 BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", +} -// Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). -var RelationshipType_PackagedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy"} +// HashAlgorithm_Blake2b384 BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", +} -// Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). -var RelationshipType_PatchedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy"} +// HashAlgorithm_Blake2b512 BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", +} -// Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. -var RelationshipType_PublishedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy"} +// HashAlgorithm_Blake3 [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) +var HashAlgorithm_Blake3 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", +} -// Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. -var RelationshipType_ReportedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy"} +// HashAlgorithm_CrystalsDilithium [Dilithium](https://pq-crystals.org/dilithium/) +var HashAlgorithm_CrystalsDilithium = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", +} -// Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. -var RelationshipType_RepublishedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy"} +// HashAlgorithm_CrystalsKyber [Kyber](https://pq-crystals.org/kyber/) +var HashAlgorithm_CrystalsKyber = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", +} -// The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. -var RelationshipType_SerializedInArtifact = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact"} +// HashAlgorithm_Falcon [FALCON](https://falcon-sign.info/falcon.pdf) +var HashAlgorithm_Falcon = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", +} -// The `from` Element has been tested on the `to` Element(s). -var RelationshipType_TestedOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn"} +// HashAlgorithm_Md2 MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). +var HashAlgorithm_Md2 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", +} -// The `from` Element has been trained on the `to` Element(s). -var RelationshipType_TrainedOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn"} +// HashAlgorithm_Md4 MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). +var HashAlgorithm_Md4 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", +} -// The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. -var RelationshipType_UnderInvestigationFor = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor"} +// HashAlgorithm_Md5 MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). +var HashAlgorithm_Md5 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", +} -// The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. -var RelationshipType_UsesTool = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool"} +// HashAlgorithm_Md6 [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) +var HashAlgorithm_Md6 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", +} -// A collection of SPDX Elements that could potentially be serialized. -type SpdxDocument struct { - ElementCollection +// HashAlgorithm_Other any hashing algorithm that does not exist in this list of entries +var HashAlgorithm_Other = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", +} - // Provides the license under which the SPDX documentation of the Element can be - // used. - DataLicense AnySimplelicensingAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" iri-compact:"dataLicense"` +// HashAlgorithm_Sha1 SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). +var HashAlgorithm_Sha1 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", +} - // Provides an ExternalMap of Element identifiers. - Imports ExternalMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/import" iri-compact:"import"` +// HashAlgorithm_Sha224 SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). +var HashAlgorithm_Sha224 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", +} - // Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" iri-compact:"namespaceMap"` +// HashAlgorithm_Sha256 SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", } -func castSpdxDocument(o any) *SpdxDocument { - if o, ok := o.(AnySpdxDocument); ok { - return o.asSpdxDocument() - } - return nil +// HashAlgorithm_Sha384 SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", } -func (o *SpdxDocument) asSpdxDocument() *SpdxDocument { - return o +// HashAlgorithm_Sha3_224 SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_224 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", } -type AnySpdxDocument interface { - AnyElementCollection - asSpdxDocument() *SpdxDocument +// HashAlgorithm_Sha3_256 SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", } -type SpdxDocumentList []AnySpdxDocument +// HashAlgorithm_Sha3_384 SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", +} -func (o *SpdxDocumentList) SpdxDocumentIter() iter.Seq2[AnySpdxDocument, *SpdxDocument] { - return typeIter(*o, castSpdxDocument) +// HashAlgorithm_Sha3_512 SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", } -// Indicates the type of support that is associated with an artifact. -type supportType struct { - ID string `iri:"@id"` +// HashAlgorithm_Sha512 SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", } -// in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. -var SupportType_Deployed = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed"} +type AnyIndividualElement interface { + asIndividualElement() *IndividualElement +} -// the artifact is in active development and is not considered ready for formal support from the supplier. -var SupportType_Development = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development"} +// IndividualElement A concrete subclass of Element used by Individuals in the\nCore profile. +type IndividualElement struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement"` + Element +} -// there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. -var SupportType_EndOfSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport"} +func (o *IndividualElement) asIndividualElement() *IndividualElement { + return o +} -// the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_LimitedSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport"} +// IndividualElement_NoAssertionElement An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number). +var IndividualElement_NoAssertionElement AnyIndividualElement = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", +} -// no assertion about the type of support is made. This is considered the default if no other support type is used. -var SupportType_NoAssertion = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion"} +// IndividualElement_NoneElement An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero. +var IndividualElement_NoneElement AnyIndividualElement = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", +} -// there is no support for the artifact from the supplier, consumer assumes any support obligations. -var SupportType_NoSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport"} +type IndividualElementList []AnyIndividualElement -// the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_Support = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support"} +func (o *IndividualElementList) IndividualElements() ld.TypeSeq[AnyIndividualElement, *IndividualElement] { + return ld.NewTypeSeq(*o, castIndividualElement) +} -// An element of hardware and/or software utilized to carry out a particular function. -type Tool struct { - Element +type AnyIndividualLicensingInfo interface { + asIndividualLicensingInfo() *IndividualLicensingInfo } -func castTool(o any) *Tool { - if o, ok := o.(AnyTool); ok { - return o.asTool() - } - return nil +// IndividualLicensingInfo A concrete subclass of AnyLicenseInfo used by Individuals in the\nExpandedLicensing profile. +type IndividualLicensingInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo"` + LicenseInfo } -func (o *Tool) asTool() *Tool { +func (o *IndividualLicensingInfo) asIndividualLicensingInfo() *IndividualLicensingInfo { return o } -type AnyTool interface { - AnyElement - asTool() *Tool +// IndividualLicensingInfo_NoAssertionLicense An Individual Value for License when no assertion can be made about its actual\nvalue. +var IndividualLicensingInfo_NoAssertionLicense AnyIndividualLicensingInfo = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", } -type ToolList []AnyTool +// IndividualLicensingInfo_NoneLicense An Individual Value for License where the SPDX data creator determines that no\nlicense is present. +var IndividualLicensingInfo_NoneLicense AnyIndividualLicensingInfo = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", +} -func (o *ToolList) ToolIter() iter.Seq2[AnyTool, *Tool] { return typeIter(*o, castTool) } +type IndividualLicensingInfoList []AnyIndividualLicensingInfo -// Categories of confidentiality level. -type datasetConfidentialityLevelType struct { - ID string `iri:"@id"` +func (o *IndividualLicensingInfoList) IndividualLicensingInfos() ld.TypeSeq[AnyIndividualLicensingInfo, *IndividualLicensingInfo] { + return ld.NewTypeSeq(*o, castIndividualLicensingInfo) } -// Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. -var DatasetConfidentialityLevelType_Amber = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber"} +type AnyIntegrityMethod interface { + asIntegrityMethod() *IntegrityMethod +} -// Dataset may be distributed freely, without restriction. -var DatasetConfidentialityLevelType_Clear = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear"} +// IntegrityMethod Provides an independently reproducible mechanism that permits verification of a specific Element. +type IntegrityMethod struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + ID string `iri:"@id"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// Dataset can be shared within a community of peers and partners. -var DatasetConfidentialityLevelType_Green = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green"} +func (o *IntegrityMethod) asIntegrityMethod() *IntegrityMethod { + return o +} -// Data points in the dataset are highly confidential and can only be shared with named recipients. -var DatasetConfidentialityLevelType_Red = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red"} +type IntegrityMethodList []AnyIntegrityMethod -// Availability of dataset. -type datasetDatasetAvailabilityType struct { - ID string `iri:"@id"` +func (o *IntegrityMethodList) ContentIdentifiers() ld.TypeSeq[AnyIntegrityMethod, *ContentIdentifier] { + return ld.NewTypeSeq(*o, castContentIdentifier) } -// the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. -var DatasetDatasetAvailabilityType_Clickthrough = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough"} - -// the dataset is publicly available and can be downloaded directly. -var DatasetDatasetAvailabilityType_DirectDownload = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload"} +func (o *IntegrityMethodList) Hashes() ld.TypeSeq[AnyIntegrityMethod, *Hash] { + return ld.NewTypeSeq(*o, castHash) +} -// the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. -var DatasetDatasetAvailabilityType_Query = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query"} +func (o *IntegrityMethodList) IntegrityMethods() ld.TypeSeq[AnyIntegrityMethod, *IntegrityMethod] { + return ld.NewTypeSeq(*o, castIntegrityMethod) +} -// the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. -var DatasetDatasetAvailabilityType_Registration = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration"} +func (o *IntegrityMethodList) PackageVerificationCodes() ld.TypeSeq[AnyIntegrityMethod, *PackageVerificationCode] { + return ld.NewTypeSeq(*o, castPackageVerificationCode) +} -// the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. -var DatasetDatasetAvailabilityType_ScrapingScript = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript"} +type AnyLicense interface { + asLicense() *License +} -// Enumeration of dataset types. -type datasetDatasetType struct { - ID string `iri:"@id"` +// License Abstract class for the portion of an AnyLicenseInfo representing a license. +type License struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` + ExtendableLicense + // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. + SeeAlsos []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedLicenseId Specifies whether a license or additional text identifier has been marked as\ndeprecated. + IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardLicenseHeader Provides a License author's preferred text to indicate that a file is covered\nby the License. + StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" type:"http://www.w3.org/2001/XMLSchema#string"` + // LicenseText Identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsOsiApproved Specifies whether the License is listed as approved by the\nOpen Source Initiative (OSI). + IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // LicenseXml Identifies all the text and metadata associated with a license in the license\nXML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsFsfLibre Specifies whether the License is listed as free by the\nFree Software Foundation (FSF). + IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // StandardLicenseTemplate Identifies the full text of a License, in SPDX templating format. + StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` } -// data is audio based, such as a collection of music from the 80s. -var DatasetDatasetType_Audio = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio"} +func (o *License) asLicense() *License { + return o +} -// data that is classified into a discrete number of categories, such as the eye color of a population of people. -var DatasetDatasetType_Categorical = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical"} +type LicenseList []AnyLicense -// data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. -var DatasetDatasetType_Graph = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph"} +func (o *LicenseList) CustomLicenses() ld.TypeSeq[AnyLicense, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) +} -// data is a collection of images such as pictures of animals. -var DatasetDatasetType_Image = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image"} +func (o *LicenseList) Licenses() ld.TypeSeq[AnyLicense, *License] { + return ld.NewTypeSeq(*o, castLicense) +} -// data type is not known. -var DatasetDatasetType_NoAssertion = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion"} +func (o *LicenseList) ListedLicenses() ld.TypeSeq[AnyLicense, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) +} -// data consists only of numeric entries. -var DatasetDatasetType_Numeric = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric"} +type AnyLicenseAddition interface { + asLicenseAddition() *LicenseAddition +} -// data is of a type not included in this list. -var DatasetDatasetType_Other = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other"} +// LicenseAddition Abstract class for additional text intended to be added to a License, but\nwhich is not itself a standalone License. +type LicenseAddition struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition"` + Element + // AdditionText Identifies the full text of a LicenseAddition. + AdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` + // LicenseXml Identifies all the text and metadata associated with a license in the license\nXML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardAdditionTemplate Identifies the full text of a LicenseAddition, in SPDX templating format. + StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` + // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. + SeeAlsos []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedAdditionId Specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" type:"http://www.w3.org/2001/XMLSchema#boolean"` +} + +func (o *LicenseAddition) asLicenseAddition() *LicenseAddition { + return o +} -// data is recorded from a physical sensor, such as a thermometer reading or biometric device. -var DatasetDatasetType_Sensor = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor"} +type LicenseAdditionList []AnyLicenseAddition -// data is stored in tabular format or retrieved from a relational database. -var DatasetDatasetType_Structured = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured"} +func (o *LicenseAdditionList) CustomLicenseAdditions() ld.TypeSeq[AnyLicenseAddition, *CustomLicenseAddition] { + return ld.NewTypeSeq(*o, castCustomLicenseAddition) +} -// data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. -var DatasetDatasetType_Syntactic = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic"} +func (o *LicenseAdditionList) LicenseAdditions() ld.TypeSeq[AnyLicenseAddition, *LicenseAddition] { + return ld.NewTypeSeq(*o, castLicenseAddition) +} -// data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. -var DatasetDatasetType_Text = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text"} +func (o *LicenseAdditionList) ListedLicenseExceptions() ld.TypeSeq[AnyLicenseAddition, *ListedLicenseException] { + return ld.NewTypeSeq(*o, castListedLicenseException) +} -// data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. -var DatasetDatasetType_Timeseries = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries"} +type AnyLicenseExpression interface { + asLicenseExpression() *LicenseExpression +} -// data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. -var DatasetDatasetType_Timestamp = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp"} +// LicenseExpression An SPDX Element containing an SPDX license expression string. +type LicenseExpression struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression"` + LicenseInfo + // LicenseExpression A string in the license expression format. + LicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // CustomIdToUris Maps a LicenseRef or AdditionRef string for a Custom License or a Custom\nLicense Addition to its URI ID. + CustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // LicenseListVersion The version of the SPDX License List used in the license expression. + LicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// data is video based, such as a collection of movie clips featuring Tom Hanks. -var DatasetDatasetType_Video = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video"} +func (o *LicenseExpression) asLicenseExpression() *LicenseExpression { + return o +} -// Abstract class for additional text intended to be added to a License, but -// which is not itself a standalone License. -type ExpandedlicensingLicenseAddition struct { - Element +type LicenseExpressionList []AnyLicenseExpression - // Identifies the full text of a LicenseAddition. - ExpandedlicensingAdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` - // Specifies whether an additional text identifier has been marked as deprecated. - ExpandedlicensingIsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` - // Identifies all the text and metadata associated with a license in the license - // XML format. - ExpandedlicensingLicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // Specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ExpandedlicensingObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // Contains a URL where the License or LicenseAddition can be found in use. - ExpandedlicensingSeeAlsos []string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // Identifies the full text of a LicenseAddition, in SPDX templating format. - ExpandedlicensingStandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` +func (o *LicenseExpressionList) LicenseExpressions() ld.TypeSeq[AnyLicenseExpression, *LicenseExpression] { + return ld.NewTypeSeq(*o, castLicenseExpression) } -func castExpandedlicensingLicenseAddition(o any) *ExpandedlicensingLicenseAddition { - if o, ok := o.(AnyExpandedlicensingLicenseAddition); ok { - return o.asExpandedlicensingLicenseAddition() - } - return nil +type AnyLicenseInfo interface { + asLicenseInfo() *LicenseInfo } -func (o *ExpandedlicensingLicenseAddition) asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition { - return o +// LicenseInfo Abstract class representing a license combination consisting of one or more licenses. +type LicenseInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` + Element } -type AnyExpandedlicensingLicenseAddition interface { - AnyElement - asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition +func (o *LicenseInfo) asLicenseInfo() *LicenseInfo { + return o } -type ExpandedlicensingLicenseAdditionList []AnyExpandedlicensingLicenseAddition +type LicenseInfoList []AnyLicenseInfo -func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingLicenseAddition] { - return typeIter(*o, castExpandedlicensingLicenseAddition) +func (o *LicenseInfoList) ConjunctiveLicenseSets() ld.TypeSeq[AnyLicenseInfo, *ConjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) } -func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingListedLicenseException] { - return typeIter(*o, castExpandedlicensingListedLicenseException) + +func (o *LicenseInfoList) CustomLicenses() ld.TypeSeq[AnyLicenseInfo, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) } -func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingCustomLicenseAddition] { - return typeIter(*o, castExpandedlicensingCustomLicenseAddition) + +func (o *LicenseInfoList) DisjunctiveLicenseSets() ld.TypeSeq[AnyLicenseInfo, *DisjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) } -// A license exception that is listed on the SPDX Exceptions list. -type ExpandedlicensingListedLicenseException struct { - ExpandedlicensingLicenseAddition +func (o *LicenseInfoList) ExtendableLicenses() ld.TypeSeq[AnyLicenseInfo, *ExtendableLicense] { + return ld.NewTypeSeq(*o, castExtendableLicense) +} - // Specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - ExpandedlicensingDeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` - // Specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - ExpandedlicensingListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` +func (o *LicenseInfoList) IndividualLicensingInfos() ld.TypeSeq[AnyLicenseInfo, *IndividualLicensingInfo] { + return ld.NewTypeSeq(*o, castIndividualLicensingInfo) } -func castExpandedlicensingListedLicenseException(o any) *ExpandedlicensingListedLicenseException { - if o, ok := o.(AnyExpandedlicensingListedLicenseException); ok { - return o.asExpandedlicensingListedLicenseException() - } - return nil +func (o *LicenseInfoList) Licenses() ld.TypeSeq[AnyLicenseInfo, *License] { + return ld.NewTypeSeq(*o, castLicense) } -func (o *ExpandedlicensingListedLicenseException) asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException { - return o +func (o *LicenseInfoList) LicenseExpressions() ld.TypeSeq[AnyLicenseInfo, *LicenseExpression] { + return ld.NewTypeSeq(*o, castLicenseExpression) } -type AnyExpandedlicensingListedLicenseException interface { - AnyExpandedlicensingLicenseAddition - asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException +func (o *LicenseInfoList) LicenseInfos() ld.TypeSeq[AnyLicenseInfo, *LicenseInfo] { + return ld.NewTypeSeq(*o, castLicenseInfo) } -type ExpandedlicensingListedLicenseExceptionList []AnyExpandedlicensingListedLicenseException +func (o *LicenseInfoList) ListedLicenses() ld.TypeSeq[AnyLicenseInfo, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) +} -func (o *ExpandedlicensingListedLicenseExceptionList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyExpandedlicensingListedLicenseException, *ExpandedlicensingListedLicenseException] { - return typeIter(*o, castExpandedlicensingListedLicenseException) +func (o *LicenseInfoList) OrLaterOperators() ld.TypeSeq[AnyLicenseInfo, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) } -// A property name with an associated value. -type ExtensionCdxPropertyEntry struct { - ID string `iri:"@id"` +func (o *LicenseInfoList) WithAdditionOperators() ld.TypeSeq[AnyLicenseInfo, *WithAdditionOperator] { + return ld.NewTypeSeq(*o, castWithAdditionOperator) +} - // A name used in a CdxPropertyEntry name-value pair. - ExtensionCdxPropName string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" iri-compact:"extension_cdxPropName"` - // A value used in a CdxPropertyEntry name-value pair. - ExtensionCdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" iri-compact:"extension_cdxPropValue"` +// LifecycleScopeType Provide an enumerated set of lifecycle phases that can provide context to relationships. +type LifecycleScopeType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` + id string `iri:"@id"` } -func castExtensionCdxPropertyEntry(o any) *ExtensionCdxPropertyEntry { - if o, ok := o.(AnyExtensionCdxPropertyEntry); ok { - return o.asExtensionCdxPropertyEntry() - } - return nil +// LifecycleScopeType_Build A relationship has specific context implications during an element's build phase, during development. +var LifecycleScopeType_Build = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", } -func (o *ExtensionCdxPropertyEntry) asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry { - return o +// LifecycleScopeType_Design A relationship has specific context implications during an element's design. +var LifecycleScopeType_Design = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design", } -type AnyExtensionCdxPropertyEntry interface { - asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry +// LifecycleScopeType_Development A relationship has specific context implications during development phase of an element. +var LifecycleScopeType_Development = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development", } -type ExtensionCdxPropertyEntryList []AnyExtensionCdxPropertyEntry +// LifecycleScopeType_Other A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. +var LifecycleScopeType_Other = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other", +} -func (o *ExtensionCdxPropertyEntryList) ExtensionCdxPropertyEntryIter() iter.Seq2[AnyExtensionCdxPropertyEntry, *ExtensionCdxPropertyEntry] { - return typeIter(*o, castExtensionCdxPropertyEntry) +// LifecycleScopeType_Runtime A relationship has specific context implications during the execution phase of an element. +var LifecycleScopeType_Runtime = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime", } -// A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. -type ExtensionExtension struct { - ID string `iri:"@id"` +// LifecycleScopeType_Test A relationship has specific context implications during an element's testing phase, during development. +var LifecycleScopeType_Test = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test", } -func castExtensionExtension(o any) *ExtensionExtension { - if o, ok := o.(AnyExtensionExtension); ok { - return o.asExtensionExtension() - } - return nil +type AnyLifecycleScopedRelationship interface { + asLifecycleScopedRelationship() *LifecycleScopedRelationship } -func (o *ExtensionExtension) asExtensionExtension() *ExtensionExtension { - return o +// LifecycleScopedRelationship Provide context for a relationship that occurs in the lifecycle. +type LifecycleScopedRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship"` + Relationship + // Scope Capture the scope of information about a specific relationship between elements. + Scope LifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" type:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` } -type AnyExtensionExtension interface { - asExtensionExtension() *ExtensionExtension +func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() *LifecycleScopedRelationship { + return o } -type ExtensionExtensionList []AnyExtensionExtension +type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship -func (o *ExtensionExtensionList) ExtensionExtensionIter() iter.Seq2[AnyExtensionExtension, *ExtensionExtension] { - return typeIter(*o, castExtensionExtension) -} -func (o *ExtensionExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2[AnyExtensionExtension, *ExtensionCdxPropertiesExtension] { - return typeIter(*o, castExtensionCdxPropertiesExtension) +func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationships() ld.TypeSeq[AnyLifecycleScopedRelationship, *LifecycleScopedRelationship] { + return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) } -// Specifies the CVSS base, temporal, threat, or environmental severity type. -type securityCvssSeverityType struct { - ID string `iri:"@id"` +type AnyListedLicense interface { + asListedLicense() *ListedLicense } -// When a CVSS score is between 9.0 - 10.0 -var SecurityCvssSeverityType_Critical = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical"} - -// When a CVSS score is between 7.0 - 8.9 -var SecurityCvssSeverityType_High = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high"} - -// When a CVSS score is between 0.1 - 3.9 -var SecurityCvssSeverityType_Low = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low"} +// ListedLicense A license that is listed on the SPDX License List. +type ListedLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense"` + License + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// When a CVSS score is between 4.0 - 6.9 -var SecurityCvssSeverityType_Medium = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium"} +func (o *ListedLicense) asListedLicense() *ListedLicense { + return o +} -// When a CVSS score is 0.0 -var SecurityCvssSeverityType_None = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none"} +type ListedLicenseList []AnyListedLicense -// Specifies the exploit catalog type. -type securityExploitCatalogType struct { - ID string `iri:"@id"` +func (o *ListedLicenseList) ListedLicenses() ld.TypeSeq[AnyListedLicense, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) } -// CISA's Known Exploited Vulnerability (KEV) Catalog -var SecurityExploitCatalogType_Kev = securityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev"} - -// Other exploit catalogs -var SecurityExploitCatalogType_Other = securityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other"} +type AnyListedLicenseException interface { + asListedLicenseException() *ListedLicenseException +} -// Specifies the SSVC decision type. -type securitySsvcDecisionType struct { - ID string `iri:"@id"` +// ListedLicenseException A license exception that is listed on the SPDX Exceptions list. +type ListedLicenseException struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException"` + LicenseAddition + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` } -// The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. -var SecuritySsvcDecisionType_Act = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act"} +func (o *ListedLicenseException) asListedLicenseException() *ListedLicenseException { + return o +} -// The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. -var SecuritySsvcDecisionType_Attend = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend"} +type ListedLicenseExceptionList []AnyListedLicenseException -// The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. -var SecuritySsvcDecisionType_Track = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track"} +func (o *ListedLicenseExceptionList) ListedLicenseExceptions() ld.TypeSeq[AnyListedLicenseException, *ListedLicenseException] { + return ld.NewTypeSeq(*o, castListedLicenseException) +} -// ("Track\*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\* vulnerabilities within standard update timelines. -var SecuritySsvcDecisionType_TrackStar = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar"} +type AnyNamespaceMap interface { + asNamespaceMap() *NamespaceMap +} -// Specifies the VEX justification type. -type securityVexJustificationType struct { - ID string `iri:"@id"` +// NamespaceMap A mapping between prefixes and namespace partial URIs. +type NamespaceMap struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` + ID string `iri:"@id"` + // Namespace Provides an unambiguous mechanism for conveying a URI fragment portion of an\nElement ID. + Namespace ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Prefix A substitute for a URI. + Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -// The software is not affected because the vulnerable component is not in the product. -var SecurityVexJustificationType_ComponentNotPresent = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent"} +func (o *NamespaceMap) asNamespaceMap() *NamespaceMap { + return o +} -// Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. -var SecurityVexJustificationType_InlineMitigationsAlreadyExist = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"} +type NamespaceMapList []AnyNamespaceMap -// The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. -var SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"} +func (o *NamespaceMapList) NamespaceMaps() ld.TypeSeq[AnyNamespaceMap, *NamespaceMap] { + return ld.NewTypeSeq(*o, castNamespaceMap) +} -// The affected code is not reachable through the execution of the code, including non-anticipated states of the product. -var SecurityVexJustificationType_VulnerableCodeNotInExecutePath = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"} +type AnyOrLaterOperator interface { + asOrLaterOperator() *OrLaterOperator +} -// The product is not affected because the code underlying the vulnerability is not present in the product. -var SecurityVexJustificationType_VulnerableCodeNotPresent = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent"} +// OrLaterOperator Portion of an AnyLicenseInfo representing this version, or any later version,\nof the indicated License. +type OrLaterOperator struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator"` + ExtendableLicense + // SubjectLicense A License participating in an 'or later' model. + SubjectLicense AnyLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` +} -// Abstract ancestor class for all vulnerability assessments -type SecurityVulnAssessmentRelationship struct { - Relationship +func (o *OrLaterOperator) asOrLaterOperator() *OrLaterOperator { + return o +} - // Identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" iri-compact:"suppliedBy"` +type OrLaterOperatorList []AnyOrLaterOperator - // Specifies an Element contained in a piece of software where a vulnerability was - // found. - SecurityAssessedElement AnySoftwareSoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" iri-compact:"security_assessedElement"` +func (o *OrLaterOperatorList) OrLaterOperators() ld.TypeSeq[AnyOrLaterOperator, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) +} - // Specifies a time when a vulnerability assessment was modified - SecurityModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // Specifies the time when a vulnerability was published. - SecurityPublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // Specified the time and date when a vulnerability was withdrawn. - SecurityWithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` +type AnyOrganization interface { + asOrganization() *Organization } -func castSecurityVulnAssessmentRelationship(o any) *SecurityVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVulnAssessmentRelationship); ok { - return o.asSecurityVulnAssessmentRelationship() - } - return nil +// Organization A group of people who work together in an organized way for a shared purpose. +type Organization struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Organization"` + Agent } -func (o *SecurityVulnAssessmentRelationship) asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship { +func (o *Organization) asOrganization() *Organization { return o } -type AnySecurityVulnAssessmentRelationship interface { - AnyRelationship - asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship +// Organization_SpdxOrganization An Organization representing the SPDX Project. +var Organization_SpdxOrganization AnyOrganization = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", } -type SecurityVulnAssessmentRelationshipList []AnySecurityVulnAssessmentRelationship +type OrganizationList []AnyOrganization -func (o *SecurityVulnAssessmentRelationshipList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) +func (o *OrganizationList) Organizations() ld.TypeSeq[AnyOrganization, *Organization] { + return ld.NewTypeSeq(*o, castOrganization) } -func (o *SecurityVulnAssessmentRelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) + +type AnyPackage interface { + asPackage() *Package } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) + +// Package Refers to any unit of content that can be associated with a distribution of\nsoftware. +type Package struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Package"` + SoftwareArtifact + // SourceInfo Records any relevant background information or additional comments\nabout the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" type:"http://www.w3.org/2001/XMLSchema#string"` + // HomePage A place for the SPDX document creator to record a website that serves as the\npackage's home page. + HomePage ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // PackageVersion Identify the version of a package. + PackageVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageUrl Provides a place for the SPDX data creator to record the package URL string\n(in accordance with the Package URL specification) for a software Package. + PackageUrl ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time\nthat the document was created. + DownloadLocation ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +func (o *Package) asPackage() *Package { + return o } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +type PackageList []AnyPackage + +func (o *PackageList) AIPackages() ld.TypeSeq[AnyPackage, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +func (o *PackageList) DatasetPackages() ld.TypeSeq[AnyPackage, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +func (o *PackageList) Packages() ld.TypeSeq[AnyPackage, *Package] { + return ld.NewTypeSeq(*o, castPackage) } -// Abstract class representing a license combination consisting of one or more licenses. -type SimplelicensingAnyLicenseInfo struct { - Element +type AnyPackageVerificationCode interface { + asPackageVerificationCode() *PackageVerificationCode } -func castSimplelicensingAnyLicenseInfo(o any) *SimplelicensingAnyLicenseInfo { - if o, ok := o.(AnySimplelicensingAnyLicenseInfo); ok { - return o.asSimplelicensingAnyLicenseInfo() - } - return nil +// PackageVerificationCode An SPDX version 2.X compatible verification method for software packages. +type PackageVerificationCode struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode"` + IntegrityMethod + // Algorithm Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` + // HashValue The result of applying a hash algorithm to an Element. + HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageVerificationCodeExcludedFiles The relative file name of a file to be excluded from the\n`PackageVerificationCode`. + PackageVerificationCodeExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *SimplelicensingAnyLicenseInfo) asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo { +func (o *PackageVerificationCode) asPackageVerificationCode() *PackageVerificationCode { return o } -type AnySimplelicensingAnyLicenseInfo interface { - AnyElement - asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo -} +type PackageVerificationCodeList []AnyPackageVerificationCode -type SimplelicensingAnyLicenseInfoList []AnySimplelicensingAnyLicenseInfo +func (o *PackageVerificationCodeList) PackageVerificationCodes() ld.TypeSeq[AnyPackageVerificationCode, *PackageVerificationCode] { + return ld.NewTypeSeq(*o, castPackageVerificationCode) +} -func (o *SimplelicensingAnyLicenseInfoList) SimplelicensingAnyLicenseInfoIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *SimplelicensingAnyLicenseInfo] { - return typeIter(*o, castSimplelicensingAnyLicenseInfo) +type AnyPerson interface { + asPerson() *Person } -func (o *SimplelicensingAnyLicenseInfoList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *SimplelicensingLicenseExpression] { - return typeIter(*o, castSimplelicensingLicenseExpression) + +// Person An individual human being. +type Person struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Person"` + Agent } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingConjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) + +func (o *Person) asPerson() *Person { + return o } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingDisjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) + +type PersonList []AnyPerson + +func (o *PersonList) People() ld.TypeSeq[AnyPerson, *Person] { + return ld.NewTypeSeq(*o, castPerson) } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingExtendableLicense] { - return typeIter(*o, castExpandedlicensingExtendableLicense) + +type AnyPositiveIntegerRange interface { + asPositiveIntegerRange() *PositiveIntegerRange } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingIndividualLicensingInfo] { - return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) + +// PositiveIntegerRange A tuple of two positive integers that define a range. +type PositiveIntegerRange struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` + ID string `iri:"@id"` + // EndIntegerRange Defines the end of a range. + EndIntegerRange ld.PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` + // BeginIntegerRange Defines the beginning of a range. + BeginIntegerRange ld.PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) + +func (o *PositiveIntegerRange) asPositiveIntegerRange() *PositiveIntegerRange { + return o } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +type PositiveIntegerRangeList []AnyPositiveIntegerRange + +func (o *PositiveIntegerRangeList) PositiveIntegerRanges() ld.TypeSeq[AnyPositiveIntegerRange, *PositiveIntegerRange] { + return ld.NewTypeSeq(*o, castPositiveIntegerRange) } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) + +// PresenceType Categories of presence or absence. +type PresenceType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + id string `iri:"@id"` } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingWithAdditionOperator] { - return typeIter(*o, castExpandedlicensingWithAdditionOperator) + +// PresenceType_No Indicates absence of the field. +var PresenceType_No = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +// PresenceType_NoAssertion Makes no assertion about the field. +var PresenceType_NoAssertion = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", } -// An SPDX Element containing an SPDX license expression string. -type SimplelicensingLicenseExpression struct { - SimplelicensingAnyLicenseInfo +// PresenceType_Yes Indicates presence of the field. +var PresenceType_Yes = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", +} - // Maps a LicenseRef or AdditionRef string for a Custom License or a Custom - // License Addition to its URI ID. - SimplelicensingCustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" iri-compact:"simplelicensing_customIdToUri"` +// ProfileIdentifierType Enumeration of the valid profiles. +type ProfileIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` + id string `iri:"@id"` +} - // A string in the license expression format. - SimplelicensingLicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" iri-compact:"simplelicensing_licenseExpression"` - // The version of the SPDX License List used in the license expression. - SimplelicensingLicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" iri-compact:"simplelicensing_licenseListVersion"` +// ProfileIdentifierType_Ai the element follows the AI profile specification +var ProfileIdentifierType_Ai = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", } -func castSimplelicensingLicenseExpression(o any) *SimplelicensingLicenseExpression { - if o, ok := o.(AnySimplelicensingLicenseExpression); ok { - return o.asSimplelicensingLicenseExpression() - } - return nil +// ProfileIdentifierType_Build the element follows the Build profile specification +var ProfileIdentifierType_Build = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build", } -func (o *SimplelicensingLicenseExpression) asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression { - return o +// ProfileIdentifierType_Core the element follows the Core profile specification +var ProfileIdentifierType_Core = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core", } -type AnySimplelicensingLicenseExpression interface { - AnySimplelicensingAnyLicenseInfo - asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression +// ProfileIdentifierType_Dataset the element follows the Dataset profile specification +var ProfileIdentifierType_Dataset = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset", } -type SimplelicensingLicenseExpressionList []AnySimplelicensingLicenseExpression +// ProfileIdentifierType_ExpandedLicensing the element follows the ExpandedLicensing profile specification +var ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing", +} -func (o *SimplelicensingLicenseExpressionList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnySimplelicensingLicenseExpression, *SimplelicensingLicenseExpression] { - return typeIter(*o, castSimplelicensingLicenseExpression) +// ProfileIdentifierType_Extension the element follows the Extension profile specification +var ProfileIdentifierType_Extension = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension", } -// A license or addition that is not listed on the SPDX License List. -type SimplelicensingSimpleLicensingText struct { - Element +// ProfileIdentifierType_Lite the element follows the Lite profile specification +var ProfileIdentifierType_Lite = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite", +} - // Identifies the full text of a License or Addition. - SimplelicensingLicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +// ProfileIdentifierType_Security the element follows the Security profile specification +var ProfileIdentifierType_Security = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security", } -func castSimplelicensingSimpleLicensingText(o any) *SimplelicensingSimpleLicensingText { - if o, ok := o.(AnySimplelicensingSimpleLicensingText); ok { - return o.asSimplelicensingSimpleLicensingText() - } - return nil +// ProfileIdentifierType_SimpleLicensing the element follows the SimpleLicensing profile specification +var ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing", } -func (o *SimplelicensingSimpleLicensingText) asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText { - return o +// ProfileIdentifierType_Software the element follows the Software profile specification +var ProfileIdentifierType_Software = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software", } -type AnySimplelicensingSimpleLicensingText interface { - AnyElement - asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText +type AnyRelationship interface { + asRelationship() *Relationship } -type SimplelicensingSimpleLicensingTextList []AnySimplelicensingSimpleLicensingText +// Relationship Describes a relationship between one or more elements. +type Relationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Relationship"` + Element + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // RelationshipType Information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} -func (o *SimplelicensingSimpleLicensingTextList) SimplelicensingSimpleLicensingTextIter() iter.Seq2[AnySimplelicensingSimpleLicensingText, *SimplelicensingSimpleLicensingText] { - return typeIter(*o, castSimplelicensingSimpleLicensingText) +func (o *Relationship) asRelationship() *Relationship { + return o } -// A canonical, unique, immutable identifier -type SoftwareContentIdentifier struct { - IntegrityMethod +type RelationshipList []AnyRelationship - // Specifies the type of the content identifier. - SoftwareContentIdentifierType softwareContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" iri-compact:"software_contentIdentifierType"` - // Specifies the value of the content identifier. - SoftwareContentIdentifierValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" iri-compact:"software_contentIdentifierValue"` +func (o *RelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) } -func castSoftwareContentIdentifier(o any) *SoftwareContentIdentifier { - if o, ok := o.(AnySoftwareContentIdentifier); ok { - return o.asSoftwareContentIdentifier() - } - return nil +func (o *RelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) } -func (o *SoftwareContentIdentifier) asSoftwareContentIdentifier() *SoftwareContentIdentifier { - return o +func (o *RelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) } -type AnySoftwareContentIdentifier interface { - AnyIntegrityMethod - asSoftwareContentIdentifier() *SoftwareContentIdentifier +func (o *RelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) } -type SoftwareContentIdentifierList []AnySoftwareContentIdentifier - -func (o *SoftwareContentIdentifierList) SoftwareContentIdentifierIter() iter.Seq2[AnySoftwareContentIdentifier, *SoftwareContentIdentifier] { - return typeIter(*o, castSoftwareContentIdentifier) +func (o *RelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) } -// Specifies the type of a content identifier. -type softwareContentIdentifierType struct { - ID string `iri:"@id"` +func (o *RelationshipList) LifecycleScopedRelationships() ld.TypeSeq[AnyRelationship, *LifecycleScopedRelationship] { + return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) } -// [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var SoftwareContentIdentifierType_Gitoid = softwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid"} - -// SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var SoftwareContentIdentifierType_Swhid = softwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid"} +func (o *RelationshipList) Relationships() ld.TypeSeq[AnyRelationship, *Relationship] { + return ld.NewTypeSeq(*o, castRelationship) +} -// Enumeration of the different kinds of SPDX file. -type softwareFileKindType struct { - ID string `iri:"@id"` +func (o *RelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) } -// The file represents a directory and all content stored in that directory. -var SoftwareFileKindType_Directory = softwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory"} +func (o *RelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -// The file represents a single file (default). -var SoftwareFileKindType_File = softwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file"} +func (o *RelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +} -// Provides a set of values to be used to describe the common types of SBOMs that -// tools may create. -type softwareSbomType struct { - ID string `iri:"@id"` +func (o *RelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) } -// SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM. -var SoftwareSbomType_Analyzed = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed"} +func (o *RelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +} -// SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. -var SoftwareSbomType_Build = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build"} +func (o *RelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) +} -// SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. -var SoftwareSbomType_Deployed = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed"} +func (o *RelationshipList) VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) +} -// SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. -var SoftwareSbomType_Design = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design"} +// RelationshipCompleteness Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. +type RelationshipCompleteness struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + id string `iri:"@id"` +} -// SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. -var SoftwareSbomType_Runtime = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime"} +// RelationshipCompleteness_Complete The relationship is known to be exhaustive. +var RelationshipCompleteness_Complete = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", +} -// SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. -var SoftwareSbomType_Source = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source"} +// RelationshipCompleteness_Incomplete The relationship is known not to be exhaustive. +var RelationshipCompleteness_Incomplete = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete", +} -// Provides information about the primary purpose of an Element. -type softwareSoftwarePurpose struct { - ID string `iri:"@id"` +// RelationshipCompleteness_NoAssertion No assertion can be made about the completeness of the relationship. +var RelationshipCompleteness_NoAssertion = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion", } -// The Element is a software application. -var SoftwareSoftwarePurpose_Application = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application"} +// RelationshipType Information about the relationship between two Elements. +type RelationshipType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + id string `iri:"@id"` +} -// The Element is an archived collection of one or more files (.tar, .zip, etc.). -var SoftwareSoftwarePurpose_Archive = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive"} +// RelationshipType_Affects The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_Affects = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", +} -// The Element is a bill of materials. -var SoftwareSoftwarePurpose_Bom = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom"} +// RelationshipType_AmendedBy The `from` Element is amended by each `to` Element. +var RelationshipType_AmendedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy", +} -// The Element is configuration data. -var SoftwareSoftwarePurpose_Configuration = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration"} +// RelationshipType_AncestorOf The `from` Element is an ancestor of each `to` Element. +var RelationshipType_AncestorOf = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf", +} -// The Element is a container image which can be used by a container runtime application. -var SoftwareSoftwarePurpose_Container = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container"} +// RelationshipType_AvailableFrom The `from` Element is available from the additional supplier described by each `to` Element. +var RelationshipType_AvailableFrom = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom", +} -// The Element is data. -var SoftwareSoftwarePurpose_Data = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data"} +// RelationshipType_Configures The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. +var RelationshipType_Configures = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures", +} -// The Element refers to a chipset, processor, or electronic board. -var SoftwareSoftwarePurpose_Device = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device"} +// RelationshipType_Contains The `from` Element contains each `to` Element. +var RelationshipType_Contains = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains", +} -// The Element represents software that controls hardware devices. -var SoftwareSoftwarePurpose_DeviceDriver = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver"} +// RelationshipType_CoordinatedBy The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). +var RelationshipType_CoordinatedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy", +} -// The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. -var SoftwareSoftwarePurpose_DiskImage = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage"} +// RelationshipType_CopiedTo The `from` Element has been copied to each `to` Element. +var RelationshipType_CopiedTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo", +} -// The Element is documentation. -var SoftwareSoftwarePurpose_Documentation = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation"} +// RelationshipType_DelegatedTo The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). +var RelationshipType_DelegatedTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo", +} -// The Element is the evidence that a specification or requirement has been fulfilled. -var SoftwareSoftwarePurpose_Evidence = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence"} +// RelationshipType_DependsOn The `from` Element depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_DependsOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn", +} -// The Element is an Artifact that can be run on a computer. -var SoftwareSoftwarePurpose_Executable = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable"} +// RelationshipType_DescendantOf The `from` Element is a descendant of each `to` Element. +var RelationshipType_DescendantOf = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf", +} -// The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). -var SoftwareSoftwarePurpose_File = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file"} +// RelationshipType_Describes The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. +var RelationshipType_Describes = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes", +} -// The Element is a file system image that can be written to a disk (or virtual) partition. -var SoftwareSoftwarePurpose_FilesystemImage = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage"} +// RelationshipType_DoesNotAffect The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_DoesNotAffect = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect", +} -// The Element provides low level control over a device's hardware. -var SoftwareSoftwarePurpose_Firmware = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware"} +// RelationshipType_ExpandsTo The `from` archive expands out as an artifact described by each `to` Element. +var RelationshipType_ExpandsTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo", +} -// The Element is a software framework. -var SoftwareSoftwarePurpose_Framework = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework"} +// RelationshipType_ExploitCreatedBy The `from` Vulnerability has had an exploit created against it by each `to` Agent. +var RelationshipType_ExploitCreatedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy", +} -// The Element is used to install software on disk. -var SoftwareSoftwarePurpose_Install = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install"} +// RelationshipType_FixedBy Designates a `from` Vulnerability has been fixed by the `to` Agent(s). +var RelationshipType_FixedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy", +} -// The Element is a software library. -var SoftwareSoftwarePurpose_Library = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library"} +// RelationshipType_FixedIn A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. +var RelationshipType_FixedIn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn", +} -// The Element is a software manifest. -var SoftwareSoftwarePurpose_Manifest = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest"} +// RelationshipType_FoundBy Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). +var RelationshipType_FoundBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy", +} -// The Element is a machine learning or artificial intelligence model. -var SoftwareSoftwarePurpose_Model = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model"} +// RelationshipType_Generates The `from` Element generates each `to` Element. +var RelationshipType_Generates = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates", +} -// The Element is a module of a piece of software. -var SoftwareSoftwarePurpose_Module = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module"} +// RelationshipType_HasAddedFile Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). +var RelationshipType_HasAddedFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile", +} -// The Element is an operating system. -var SoftwareSoftwarePurpose_OperatingSystem = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem"} +// RelationshipType_HasAssessmentFor Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. +var RelationshipType_HasAssessmentFor = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor", +} -// The Element doesn't fit into any of the other categories. -var SoftwareSoftwarePurpose_Other = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other"} +// RelationshipType_HasAssociatedVulnerability Used to associate a `from` Artifact with each `to` Vulnerability. +var RelationshipType_HasAssociatedVulnerability = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability", +} -// The Element contains a set of changes to update, fix, or improve another Element. -var SoftwareSoftwarePurpose_Patch = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch"} +// RelationshipType_HasConcludedLicense The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. +var RelationshipType_HasConcludedLicense = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense", +} -// The Element represents a runtime environment. -var SoftwareSoftwarePurpose_Platform = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform"} +// RelationshipType_HasDataFile The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. +var RelationshipType_HasDataFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile", +} -// The Element provides a requirement needed as input for another Element. -var SoftwareSoftwarePurpose_Requirement = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement"} +// RelationshipType_HasDeclaredLicense The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. +var RelationshipType_HasDeclaredLicense = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense", +} -// The Element is a single or a collection of source files. -var SoftwareSoftwarePurpose_Source = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source"} +// RelationshipType_HasDeletedFile Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). +var RelationshipType_HasDeletedFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile", +} -// The Element is a plan, guideline or strategy how to create, perform or analyze an application. -var SoftwareSoftwarePurpose_Specification = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification"} +// RelationshipType_HasDependencyManifest The `from` Element has manifest files that contain dependency information in each `to` Element. +var RelationshipType_HasDependencyManifest = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest", +} -// The Element is a test used to verify functionality on an software element. -var SoftwareSoftwarePurpose_Test = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test"} +// RelationshipType_HasDistributionArtifact The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). +var RelationshipType_HasDistributionArtifact = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact", +} -// Class that describes a build instance of software/artifacts. -type BuildBuild struct { - Element +// RelationshipType_HasDocumentation The `from` Element is documented by each `to` Element. +var RelationshipType_HasDocumentation = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation", +} - // Property that describes the time at which a build stops. - BuildBuildEndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" iri-compact:"build_buildEndTime"` - // A buildId is a locally unique identifier used by a builder to identify a unique - // instance of a build produced by it. - BuildBuildId string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" iri-compact:"build_buildId"` - // Property describing the start time of a build. - BuildBuildStartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" iri-compact:"build_buildStartTime"` - // A buildType is a hint that is used to indicate the toolchain, platform, or - // infrastructure that the build was invoked on. - BuildBuildType string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" iri-compact:"build_buildType"` - // Property that describes the digest of the build configuration file used to - // invoke a build. - BuildConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" iri-compact:"build_configSourceDigest"` +// RelationshipType_HasDynamicLink The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasDynamicLink = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink", +} - // Property describes the invocation entrypoint of a build. - BuildConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" iri-compact:"build_configSourceEntrypoint"` - // Property that describes the URI of the build configuration source file. - BuildConfigSourceUris []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" iri-compact:"build_configSourceUri"` - // Property describing the session in which a build is invoked. - BuildEnvironments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" iri-compact:"build_environment"` +// RelationshipType_HasEvidence Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). +var RelationshipType_HasEvidence = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence", +} - // Property describing a parameter used in an instance of a build. - BuildParameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" iri-compact:"build_parameter"` +// RelationshipType_HasExample Every `to` Element is an example for the `from` Element (`from` hasExample `to`). +var RelationshipType_HasExample = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample", } -func castBuildBuild(o any) *BuildBuild { - if o, ok := o.(AnyBuildBuild); ok { - return o.asBuildBuild() - } - return nil +// RelationshipType_HasHost The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). +var RelationshipType_HasHost = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost", } -func (o *BuildBuild) asBuildBuild() *BuildBuild { - return o +// RelationshipType_HasInput The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. +var RelationshipType_HasInput = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput", } -type AnyBuildBuild interface { - AnyElement - asBuildBuild() *BuildBuild +// RelationshipType_HasMetadata Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). +var RelationshipType_HasMetadata = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata", } -type BuildBuildList []AnyBuildBuild +// RelationshipType_HasOptionalComponent Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). +var RelationshipType_HasOptionalComponent = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent", +} -func (o *BuildBuildList) BuildBuildIter() iter.Seq2[AnyBuildBuild, *BuildBuild] { - return typeIter(*o, castBuildBuild) +// RelationshipType_HasOptionalDependency The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasOptionalDependency = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency", } -// Agent represents anything with the potential to act on a system. -type Agent struct { - Element +// RelationshipType_HasOutput The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. +var RelationshipType_HasOutput = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput", } -func castAgent(o any) *Agent { - if o, ok := o.(AnyAgent); ok { - return o.asAgent() - } - return nil +// RelationshipType_HasPrerequisite The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasPrerequisite = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite", } -func (o *Agent) asAgent() *Agent { - return o +// RelationshipType_HasProvidedDependency The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. +var RelationshipType_HasProvidedDependency = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency", } -type AnyAgent interface { - AnyElement - asAgent() *Agent +// RelationshipType_HasRequirement The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasRequirement = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement", } -type AgentList []AnyAgent +// RelationshipType_HasSpecification Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. +var RelationshipType_HasSpecification = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification", +} -func (o *AgentList) AgentIter() iter.Seq2[AnyAgent, *Agent] { return typeIter(*o, castAgent) } -func (o *AgentList) OrganizationIter() iter.Seq2[AnyAgent, *Organization] { - return typeIter(*o, castOrganization) +// RelationshipType_HasStaticLink The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasStaticLink = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink", } -func (o *AgentList) PersonIter() iter.Seq2[AnyAgent, *Person] { return typeIter(*o, castPerson) } -func (o *AgentList) SoftwareAgentIter() iter.Seq2[AnyAgent, *SoftwareAgent] { - return typeIter(*o, castSoftwareAgent) + +// RelationshipType_HasTest Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. +var RelationshipType_HasTest = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest", } -// An assertion made in relation to one or more elements. -type Annotation struct { - Element +// RelationshipType_HasTestCase Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). +var RelationshipType_HasTestCase = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase", +} - // Describes the type of annotation. - AnnotationType annotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" iri-compact:"annotationType"` - // Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` - // Commentary on an assertion that an annotator has made. - Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" iri-compact:"statement"` - // An Element an annotator has made an assertion about. - Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" iri-compact:"subject"` +// RelationshipType_HasVariant Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). +var RelationshipType_HasVariant = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant", } -func castAnnotation(o any) *Annotation { - if o, ok := o.(AnyAnnotation); ok { - return o.asAnnotation() - } - return nil +// RelationshipType_InvokedBy The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). +var RelationshipType_InvokedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy", } -func (o *Annotation) asAnnotation() *Annotation { - return o +// RelationshipType_ModifiedBy The `from` Element is modified by each `to` Element. +var RelationshipType_ModifiedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy", } -type AnyAnnotation interface { - AnyElement - asAnnotation() *Annotation +// RelationshipType_Other Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). +var RelationshipType_Other = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other", } -type AnnotationList []AnyAnnotation +// RelationshipType_PackagedBy Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). +var RelationshipType_PackagedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy", +} -func (o *AnnotationList) AnnotationIter() iter.Seq2[AnyAnnotation, *Annotation] { - return typeIter(*o, castAnnotation) +// RelationshipType_PatchedBy Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). +var RelationshipType_PatchedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy", } -// A distinct article or unit within the digital domain. -type Artifact struct { - Element +// RelationshipType_PublishedBy Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. +var RelationshipType_PublishedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy", +} - // Specifies the time an artifact was built. - BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" iri-compact:"builtTime"` - // Identifies from where or whom the Element originally came. - OriginatedBys AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" iri-compact:"originatedBy"` +// RelationshipType_ReportedBy Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. +var RelationshipType_ReportedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy", +} - // Specifies the time an artifact was released. - ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" iri-compact:"releaseTime"` - // The name of a relevant standard that may apply to an artifact. - StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" iri-compact:"standardName"` - // Identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" iri-compact:"suppliedBy"` +// RelationshipType_RepublishedBy Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. +var RelationshipType_RepublishedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy", +} - // Specifies the level of support associated with an artifact. - SupportLevels []supportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" iri-compact:"supportLevel"` - // Specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" iri-compact:"validUntilTime"` +// RelationshipType_SerializedInArtifact The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. +var RelationshipType_SerializedInArtifact = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact", } -func castArtifact(o any) *Artifact { - if o, ok := o.(AnyArtifact); ok { - return o.asArtifact() - } - return nil +// RelationshipType_TestedOn The `from` Element has been tested on the `to` Element(s). +var RelationshipType_TestedOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn", } -func (o *Artifact) asArtifact() *Artifact { - return o +// RelationshipType_TrainedOn The `from` Element has been trained on the `to` Element(s). +var RelationshipType_TrainedOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn", } -type AnyArtifact interface { - AnyElement - asArtifact() *Artifact +// RelationshipType_UnderInvestigationFor The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. +var RelationshipType_UnderInvestigationFor = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor", } -type ArtifactList []AnyArtifact +// RelationshipType_UsesTool The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. +var RelationshipType_UsesTool = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", +} -func (o *ArtifactList) ArtifactIter() iter.Seq2[AnyArtifact, *Artifact] { - return typeIter(*o, castArtifact) +// SafetyRiskAssessmentType Specifies the safety risk level. +type SafetyRiskAssessmentType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType"` + id string `iri:"@id"` } -func (o *ArtifactList) SecurityVulnerabilityIter() iter.Seq2[AnyArtifact, *SecurityVulnerability] { - return typeIter(*o, castSecurityVulnerability) + +// SafetyRiskAssessmentType_High The second-highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_High = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", } -func (o *ArtifactList) SoftwareSoftwareArtifactIter() iter.Seq2[AnyArtifact, *SoftwareSoftwareArtifact] { - return typeIter(*o, castSoftwareSoftwareArtifact) + +// SafetyRiskAssessmentType_Low Low/no risk is posed by an AI system. +var SafetyRiskAssessmentType_Low = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low", } -func (o *ArtifactList) SoftwareFileIter() iter.Seq2[AnyArtifact, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) + +// SafetyRiskAssessmentType_Medium The third-highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_Medium = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium", } -func (o *ArtifactList) SoftwarePackageIter() iter.Seq2[AnyArtifact, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) + +// SafetyRiskAssessmentType_Serious The highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", } -func (o *ArtifactList) SoftwareSnippetIter() iter.Seq2[AnyArtifact, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) + +type AnySbom interface { + asSbom() *Sbom } -func (o *ArtifactList) AiAIPackageIter() iter.Seq2[AnyArtifact, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +// Sbom A collection of SPDX Elements describing a single package. +type Sbom struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Sbom"` + Bom + // SbomTypes Provides information about the type of an SBOM. + SbomTypes []SbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" type:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` } -func (o *ArtifactList) DatasetDatasetPackageIter() iter.Seq2[AnyArtifact, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func (o *Sbom) asSbom() *Sbom { + return o } -// A collection of Elements that have a shared context. -type Bundle struct { - ElementCollection +type SbomList []AnySbom - // Gives information about the circumstances or unifying properties - // that Elements of the bundle have been assembled under. - Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" iri-compact:"context"` +func (o *SbomList) Sboms() ld.TypeSeq[AnySbom, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) } -func castBundle(o any) *Bundle { - if o, ok := o.(AnyBundle); ok { - return o.asBundle() - } - return nil +// SbomType Provides a set of values to be used to describe the common types of SBOMs that\ntools may create. +type SbomType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` + id string `iri:"@id"` } -func (o *Bundle) asBundle() *Bundle { - return o +// SbomType_Analyzed SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM. +var SbomType_Analyzed = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", } -type AnyBundle interface { - AnyElementCollection - asBundle() *Bundle +// SbomType_Build SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. +var SbomType_Build = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build", } -type BundleList []AnyBundle - -func (o *BundleList) BundleIter() iter.Seq2[AnyBundle, *Bundle] { return typeIter(*o, castBundle) } -func (o *BundleList) BomIter() iter.Seq2[AnyBundle, *Bom] { return typeIter(*o, castBom) } -func (o *BundleList) SoftwareSbomIter() iter.Seq2[AnyBundle, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) +// SbomType_Deployed SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. +var SbomType_Deployed = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed", } -// A mathematically calculated representation of a grouping of data. -type Hash struct { - IntegrityMethod +// SbomType_Design SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. +var SbomType_Design = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design", +} - // Specifies the algorithm used for calculating the hash value. - Algorithm hashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" iri-compact:"algorithm"` - // The result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" iri-compact:"hashValue"` +// SbomType_Runtime SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM. +var SbomType_Runtime = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime", } -func castHash(o any) *Hash { - if o, ok := o.(AnyHash); ok { - return o.asHash() - } - return nil +// SbomType_Source SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. +var SbomType_Source = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source", } -func (o *Hash) asHash() *Hash { - return o +type AnySimpleLicensingText interface { + asSimpleLicensingText() *SimpleLicensingText } -type AnyHash interface { - AnyIntegrityMethod - asHash() *Hash +// SimpleLicensingText A license or addition that is not listed on the SPDX License List. +type SimpleLicensingText struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText"` + Element + // LicenseText Identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -type HashList []AnyHash +func (o *SimpleLicensingText) asSimpleLicensingText() *SimpleLicensingText { + return o +} -func (o *HashList) HashIter() iter.Seq2[AnyHash, *Hash] { return typeIter(*o, castHash) } +type SimpleLicensingTextList []AnySimpleLicensingText -// Provide context for a relationship that occurs in the lifecycle. -type LifecycleScopedRelationship struct { - Relationship +func (o *SimpleLicensingTextList) SimpleLicensingTexts() ld.TypeSeq[AnySimpleLicensingText, *SimpleLicensingText] { + return ld.NewTypeSeq(*o, castSimpleLicensingText) +} - // Capture the scope of information about a specific relationship between elements. - Scope lifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" iri-compact:"scope"` +type AnySnippet interface { + asSnippet() *Snippet } -func castLifecycleScopedRelationship(o any) *LifecycleScopedRelationship { - if o, ok := o.(AnyLifecycleScopedRelationship); ok { - return o.asLifecycleScopedRelationship() - } - return nil +// Snippet Describes a certain part of a file. +type Snippet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Snippet"` + SoftwareArtifact + // SnippetFromFile Defines the original host file that the snippet information applies to. + SnippetFromFile AnyFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + // LineRange Defines the line range in the original host file that the snippet information\napplies to. + LineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` + // ByteRange Defines the byte range in the original host file that the snippet information\napplies to. + ByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` } -func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() *LifecycleScopedRelationship { +func (o *Snippet) asSnippet() *Snippet { return o } -type AnyLifecycleScopedRelationship interface { - AnyRelationship - asLifecycleScopedRelationship() *LifecycleScopedRelationship -} +type SnippetList []AnySnippet -type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship +func (o *SnippetList) Snippets() ld.TypeSeq[AnySnippet, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) +} -func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationshipIter() iter.Seq2[AnyLifecycleScopedRelationship, *LifecycleScopedRelationship] { - return typeIter(*o, castLifecycleScopedRelationship) +type AnySoftwareAgent interface { + asSoftwareAgent() *SoftwareAgent } -// A group of people who work together in an organized way for a shared purpose. -type Organization struct { +// SoftwareAgent A software agent. +type SoftwareAgent struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent"` Agent } -// An Organization representing the SPDX Project. -var Organization_SpdxOrganization = Organization{Agent: Agent{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization"}}} +func (o *SoftwareAgent) asSoftwareAgent() *SoftwareAgent { + return o +} -func castOrganization(o any) *Organization { - if o, ok := o.(AnyOrganization); ok { - return o.asOrganization() - } - return nil +type SoftwareAgentList []AnySoftwareAgent + +func (o *SoftwareAgentList) SoftwareAgents() ld.TypeSeq[AnySoftwareAgent, *SoftwareAgent] { + return ld.NewTypeSeq(*o, castSoftwareAgent) } -func (o *Organization) asOrganization() *Organization { +type AnySoftwareArtifact interface { + asSoftwareArtifact() *SoftwareArtifact +} + +// SoftwareArtifact A distinct article or unit related to Software. +type SoftwareArtifact struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + Artifact + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be\nused for verifying its identity and/or integrity. + ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for\na software Package, File or Snippet. + AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` + // AdditionalPurposes Provides additional purpose information of the software artifact. + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // PrimaryPurpose Provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // CopyrightText Identifies the text of one or more copyright notices for a software Package,\nFile or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *SoftwareArtifact) asSoftwareArtifact() *SoftwareArtifact { return o } -type AnyOrganization interface { - AnyAgent - asOrganization() *Organization +type SoftwareArtifactList []AnySoftwareArtifact + +func (o *SoftwareArtifactList) AIPackages() ld.TypeSeq[AnySoftwareArtifact, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) } -type OrganizationList []AnyOrganization +func (o *SoftwareArtifactList) DatasetPackages() ld.TypeSeq[AnySoftwareArtifact, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -func (o *OrganizationList) OrganizationIter() iter.Seq2[AnyOrganization, *Organization] { - return typeIter(*o, castOrganization) +func (o *SoftwareArtifactList) Files() ld.TypeSeq[AnySoftwareArtifact, *File] { + return ld.NewTypeSeq(*o, castFile) } -// An individual human being. -type Person struct { - Agent +func (o *SoftwareArtifactList) Packages() ld.TypeSeq[AnySoftwareArtifact, *Package] { + return ld.NewTypeSeq(*o, castPackage) } -func castPerson(o any) *Person { - if o, ok := o.(AnyPerson); ok { - return o.asPerson() - } - return nil +func (o *SoftwareArtifactList) Snippets() ld.TypeSeq[AnySoftwareArtifact, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) } -func (o *Person) asPerson() *Person { - return o +func (o *SoftwareArtifactList) SoftwareArtifacts() ld.TypeSeq[AnySoftwareArtifact, *SoftwareArtifact] { + return ld.NewTypeSeq(*o, castSoftwareArtifact) } -type AnyPerson interface { - AnyAgent - asPerson() *Person +// SoftwarePurpose Provides information about the primary purpose of an Element. +type SoftwarePurpose struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + id string `iri:"@id"` } -type PersonList []AnyPerson +// SoftwarePurpose_Application The Element is a software application. +var SoftwarePurpose_Application = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", +} -func (o *PersonList) PersonIter() iter.Seq2[AnyPerson, *Person] { return typeIter(*o, castPerson) } +// SoftwarePurpose_Archive The Element is an archived collection of one or more files (.tar, .zip, etc.). +var SoftwarePurpose_Archive = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", +} -// A software agent. -type SoftwareAgent struct { - Agent +// SoftwarePurpose_Bom The Element is a bill of materials. +var SoftwarePurpose_Bom = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", } -func castSoftwareAgent(o any) *SoftwareAgent { - if o, ok := o.(AnySoftwareAgent); ok { - return o.asSoftwareAgent() - } - return nil +// SoftwarePurpose_Configuration The Element is configuration data. +var SoftwarePurpose_Configuration = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", } -func (o *SoftwareAgent) asSoftwareAgent() *SoftwareAgent { - return o +// SoftwarePurpose_Container The Element is a container image which can be used by a container runtime application. +var SoftwarePurpose_Container = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", } -type AnySoftwareAgent interface { - AnyAgent - asSoftwareAgent() *SoftwareAgent +// SoftwarePurpose_Data The Element is data. +var SoftwarePurpose_Data = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", } -type SoftwareAgentList []AnySoftwareAgent +// SoftwarePurpose_Device The Element refers to a chipset, processor, or electronic board. +var SoftwarePurpose_Device = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", +} -func (o *SoftwareAgentList) SoftwareAgentIter() iter.Seq2[AnySoftwareAgent, *SoftwareAgent] { - return typeIter(*o, castSoftwareAgent) +// SoftwarePurpose_DeviceDriver The Element represents software that controls hardware devices. +var SoftwarePurpose_DeviceDriver = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", } -// Portion of an AnyLicenseInfo representing a set of licensing information -// where all elements apply. -type ExpandedlicensingConjunctiveLicenseSet struct { - SimplelicensingAnyLicenseInfo +// SoftwarePurpose_DiskImage The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. +var SoftwarePurpose_DiskImage = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", +} - // A license expression participating in a license set. - ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` +// SoftwarePurpose_Documentation The Element is documentation. +var SoftwarePurpose_Documentation = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", } -func castExpandedlicensingConjunctiveLicenseSet(o any) *ExpandedlicensingConjunctiveLicenseSet { - if o, ok := o.(AnyExpandedlicensingConjunctiveLicenseSet); ok { - return o.asExpandedlicensingConjunctiveLicenseSet() - } - return nil +// SoftwarePurpose_Evidence The Element is the evidence that a specification or requirement has been fulfilled. +var SoftwarePurpose_Evidence = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", } -func (o *ExpandedlicensingConjunctiveLicenseSet) asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet { - return o +// SoftwarePurpose_Executable The Element is an Artifact that can be run on a computer. +var SoftwarePurpose_Executable = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", } -type AnyExpandedlicensingConjunctiveLicenseSet interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet +// SoftwarePurpose_File The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). +var SoftwarePurpose_File = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", } -type ExpandedlicensingConjunctiveLicenseSetList []AnyExpandedlicensingConjunctiveLicenseSet +// SoftwarePurpose_FilesystemImage The Element is a file system image that can be written to a disk (or virtual) partition. +var SoftwarePurpose_FilesystemImage = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", +} -func (o *ExpandedlicensingConjunctiveLicenseSetList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingConjunctiveLicenseSet, *ExpandedlicensingConjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) +// SoftwarePurpose_Firmware The Element provides low level control over a device's hardware. +var SoftwarePurpose_Firmware = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", } -// A license addition that is not listed on the SPDX Exceptions List. -type ExpandedlicensingCustomLicenseAddition struct { - ExpandedlicensingLicenseAddition +// SoftwarePurpose_Framework The Element is a software framework. +var SoftwarePurpose_Framework = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", } -func castExpandedlicensingCustomLicenseAddition(o any) *ExpandedlicensingCustomLicenseAddition { - if o, ok := o.(AnyExpandedlicensingCustomLicenseAddition); ok { - return o.asExpandedlicensingCustomLicenseAddition() - } - return nil +// SoftwarePurpose_Install The Element is used to install software on disk. +var SoftwarePurpose_Install = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", } -func (o *ExpandedlicensingCustomLicenseAddition) asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition { - return o +// SoftwarePurpose_Library The Element is a software library. +var SoftwarePurpose_Library = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", } -type AnyExpandedlicensingCustomLicenseAddition interface { - AnyExpandedlicensingLicenseAddition - asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition +// SoftwarePurpose_Manifest The Element is a software manifest. +var SoftwarePurpose_Manifest = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", } -type ExpandedlicensingCustomLicenseAdditionList []AnyExpandedlicensingCustomLicenseAddition +// SoftwarePurpose_Model The Element is a machine learning or artificial intelligence model. +var SoftwarePurpose_Model = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", +} -func (o *ExpandedlicensingCustomLicenseAdditionList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingCustomLicenseAddition, *ExpandedlicensingCustomLicenseAddition] { - return typeIter(*o, castExpandedlicensingCustomLicenseAddition) +// SoftwarePurpose_Module The Element is a module of a piece of software. +var SoftwarePurpose_Module = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", } -// Portion of an AnyLicenseInfo representing a set of licensing information where -// only one of the elements applies. -type ExpandedlicensingDisjunctiveLicenseSet struct { - SimplelicensingAnyLicenseInfo +// SoftwarePurpose_OperatingSystem The Element is an operating system. +var SoftwarePurpose_OperatingSystem = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", +} - // A license expression participating in a license set. - ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` +// SoftwarePurpose_Other The Element doesn't fit into any of the other categories. +var SoftwarePurpose_Other = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", } -func castExpandedlicensingDisjunctiveLicenseSet(o any) *ExpandedlicensingDisjunctiveLicenseSet { - if o, ok := o.(AnyExpandedlicensingDisjunctiveLicenseSet); ok { - return o.asExpandedlicensingDisjunctiveLicenseSet() - } - return nil +// SoftwarePurpose_Patch The Element contains a set of changes to update, fix, or improve another Element. +var SoftwarePurpose_Patch = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", } -func (o *ExpandedlicensingDisjunctiveLicenseSet) asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet { - return o +// SoftwarePurpose_Platform The Element represents a runtime environment. +var SoftwarePurpose_Platform = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", } -type AnyExpandedlicensingDisjunctiveLicenseSet interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet +// SoftwarePurpose_Requirement The Element provides a requirement needed as input for another Element. +var SoftwarePurpose_Requirement = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", } -type ExpandedlicensingDisjunctiveLicenseSetList []AnyExpandedlicensingDisjunctiveLicenseSet +// SoftwarePurpose_Source The Element is a single or a collection of source files. +var SoftwarePurpose_Source = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", +} -func (o *ExpandedlicensingDisjunctiveLicenseSetList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingDisjunctiveLicenseSet, *ExpandedlicensingDisjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) +// SoftwarePurpose_Specification The Element is a plan, guideline or strategy how to create, perform or analyze an application. +var SoftwarePurpose_Specification = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", } -// Abstract class representing a License or an OrLaterOperator. -type ExpandedlicensingExtendableLicense struct { - SimplelicensingAnyLicenseInfo +// SoftwarePurpose_Test The Element is a test used to verify functionality on an software element. +var SoftwarePurpose_Test = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", } -func castExpandedlicensingExtendableLicense(o any) *ExpandedlicensingExtendableLicense { - if o, ok := o.(AnyExpandedlicensingExtendableLicense); ok { - return o.asExpandedlicensingExtendableLicense() - } - return nil +type AnySpdxDocument interface { + asSpdxDocument() *SpdxDocument } -func (o *ExpandedlicensingExtendableLicense) asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense { - return o +// SpdxDocument A collection of SPDX Elements that could potentially be serialized. +type SpdxDocument struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument"` + ElementCollection + // DataLicense Provides the license under which the SPDX documentation of the Element can be\nused. + DataLicense AnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` + // NamespaceMaps Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" type:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` + // Imports Provides an ExternalMap of Element identifiers. + Imports ExternalMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/import" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap"` } -type AnyExpandedlicensingExtendableLicense interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense +func (o *SpdxDocument) asSpdxDocument() *SpdxDocument { + return o } -type ExpandedlicensingExtendableLicenseList []AnyExpandedlicensingExtendableLicense +type SpdxDocumentList []AnySpdxDocument -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingExtendableLicense] { - return typeIter(*o, castExpandedlicensingExtendableLicense) +func (o *SpdxDocumentList) SpdxDocuments() ld.TypeSeq[AnySpdxDocument, *SpdxDocument] { + return ld.NewTypeSeq(*o, castSpdxDocument) } -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) -} -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +// SsvcDecisionType Specifies the SSVC decision type. +type SsvcDecisionType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` + id string `iri:"@id"` } -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) + +// SsvcDecisionType_Act The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. +var SsvcDecisionType_Act = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", } -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +// SsvcDecisionType_Attend The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. +var SsvcDecisionType_Attend = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend", } -// A concrete subclass of AnyLicenseInfo used by Individuals in the -// ExpandedLicensing profile. -type ExpandedlicensingIndividualLicensingInfo struct { - SimplelicensingAnyLicenseInfo +// SsvcDecisionType_Track The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. +var SsvcDecisionType_Track = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track", } -// An Individual Value for License when no assertion can be made about its actual -// value. -var ExpandedlicensingIndividualLicensingInfo_NoAssertionLicense = ExpandedlicensingIndividualLicensingInfo{SimplelicensingAnyLicenseInfo: SimplelicensingAnyLicenseInfo{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense"}}} +// SsvcDecisionType_TrackStar (\"Track\\*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\\* vulnerabilities within standard update timelines. +var SsvcDecisionType_TrackStar = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar", +} -// An Individual Value for License where the SPDX data creator determines that no -// license is present. -var ExpandedlicensingIndividualLicensingInfo_NoneLicense = ExpandedlicensingIndividualLicensingInfo{SimplelicensingAnyLicenseInfo: SimplelicensingAnyLicenseInfo{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense"}}} +type AnySsvcVulnAssessmentRelationship interface { + asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship +} -func castExpandedlicensingIndividualLicensingInfo(o any) *ExpandedlicensingIndividualLicensingInfo { - if o, ok := o.(AnyExpandedlicensingIndividualLicensingInfo); ok { - return o.asExpandedlicensingIndividualLicensingInfo() - } - return nil +// SsvcVulnAssessmentRelationship Provides an SSVC assessment for a vulnerability. +type SsvcVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship"` + VulnAssessmentRelationship + // DecisionType Provide the enumeration of possible decisions in the\n[Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). + DecisionType SsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` } -func (o *ExpandedlicensingIndividualLicensingInfo) asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo { +func (o *SsvcVulnAssessmentRelationship) asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship { return o } -type AnyExpandedlicensingIndividualLicensingInfo interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo +type SsvcVulnAssessmentRelationshipList []AnySsvcVulnAssessmentRelationship + +func (o *SsvcVulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnySsvcVulnAssessmentRelationship, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) } -type ExpandedlicensingIndividualLicensingInfoList []AnyExpandedlicensingIndividualLicensingInfo +// SupportType Indicates the type of support that is associated with an artifact. +type SupportType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + id string `iri:"@id"` +} -func (o *ExpandedlicensingIndividualLicensingInfoList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnyExpandedlicensingIndividualLicensingInfo, *ExpandedlicensingIndividualLicensingInfo] { - return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) +// SupportType_Deployed in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. +var SupportType_Deployed = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", } -// Abstract class for the portion of an AnyLicenseInfo representing a license. -type ExpandedlicensingLicense struct { - ExpandedlicensingExtendableLicense +// SupportType_Development the artifact is in active development and is not considered ready for formal support from the supplier. +var SupportType_Development = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development", +} - // Specifies whether a license or additional text identifier has been marked as - // deprecated. - ExpandedlicensingIsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` - // Specifies whether the License is listed as free by the - // Free Software Foundation (FSF). - ExpandedlicensingIsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` - // Specifies whether the License is listed as approved by the - // Open Source Initiative (OSI). - ExpandedlicensingIsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` - // Identifies all the text and metadata associated with a license in the license - // XML format. - ExpandedlicensingLicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // Specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ExpandedlicensingObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // Contains a URL where the License or LicenseAddition can be found in use. - ExpandedlicensingSeeAlsos []string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // Provides a License author's preferred text to indicate that a file is covered - // by the License. - ExpandedlicensingStandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` - // Identifies the full text of a License, in SPDX templating format. - ExpandedlicensingStandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` - // Identifies the full text of a License or Addition. - SimplelicensingLicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +// SupportType_EndOfSupport there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. +var SupportType_EndOfSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport", } -func castExpandedlicensingLicense(o any) *ExpandedlicensingLicense { - if o, ok := o.(AnyExpandedlicensingLicense); ok { - return o.asExpandedlicensingLicense() - } - return nil +// SupportType_LimitedSupport the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_LimitedSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport", } -func (o *ExpandedlicensingLicense) asExpandedlicensingLicense() *ExpandedlicensingLicense { - return o +// SupportType_NoAssertion no assertion about the type of support is made. This is considered the default if no other support type is used. +var SupportType_NoAssertion = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion", } -type AnyExpandedlicensingLicense interface { - AnyExpandedlicensingExtendableLicense - asExpandedlicensingLicense() *ExpandedlicensingLicense +// SupportType_NoSupport there is no support for the artifact from the supplier, consumer assumes any support obligations. +var SupportType_NoSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport", } -type ExpandedlicensingLicenseList []AnyExpandedlicensingLicense +// SupportType_Support the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_Support = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support", +} -func (o *ExpandedlicensingLicenseList) ExpandedlicensingLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) +type AnyTool interface { + asTool() *Tool } -func (o *ExpandedlicensingLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +// Tool An element of hardware and/or software utilized to carry out a particular function. +type Tool struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` + Element } -func (o *ExpandedlicensingLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +func (o *Tool) asTool() *Tool { + return o } -// A license that is listed on the SPDX License List. -type ExpandedlicensingListedLicense struct { - ExpandedlicensingLicense +type ToolList []AnyTool - // Specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - ExpandedlicensingDeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` - // Specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - ExpandedlicensingListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` +func (o *ToolList) Tools() ld.TypeSeq[AnyTool, *Tool] { + return ld.NewTypeSeq(*o, castTool) } -func castExpandedlicensingListedLicense(o any) *ExpandedlicensingListedLicense { - if o, ok := o.(AnyExpandedlicensingListedLicense); ok { - return o.asExpandedlicensingListedLicense() - } - return nil +type AnyVexAffectedVulnAssessmentRelationship interface { + asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship } -func (o *ExpandedlicensingListedLicense) asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense { - return o +// VexAffectedVulnAssessmentRelationship Connects a vulnerability and an element designating the element as a product\naffected by the vulnerability. +type VexAffectedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship"` + VexVulnAssessmentRelationship + // ActionStatement Provides advise on how to mitigate or remediate a vulnerability when a VEX product\nis affected by it. + ActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ActionStatementTime Records the time when a recommended action was communicated in a VEX statement\nto mitigate a vulnerability. + ActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` } -type AnyExpandedlicensingListedLicense interface { - AnyExpandedlicensingLicense - asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense +func (o *VexAffectedVulnAssessmentRelationship) asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship { + return o } -type ExpandedlicensingListedLicenseList []AnyExpandedlicensingListedLicense +type VexAffectedVulnAssessmentRelationshipList []AnyVexAffectedVulnAssessmentRelationship -func (o *ExpandedlicensingListedLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingListedLicense, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) +func (o *VexAffectedVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexAffectedVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) } -// Portion of an AnyLicenseInfo representing this version, or any later version, -// of the indicated License. -type ExpandedlicensingOrLaterOperator struct { - ExpandedlicensingExtendableLicense - - // A License participating in an 'or later' model. - ExpandedlicensingSubjectLicense AnyExpandedlicensingLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" iri-compact:"expandedlicensing_subjectLicense"` +type AnyVexFixedVulnAssessmentRelationship interface { + asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship } -func castExpandedlicensingOrLaterOperator(o any) *ExpandedlicensingOrLaterOperator { - if o, ok := o.(AnyExpandedlicensingOrLaterOperator); ok { - return o.asExpandedlicensingOrLaterOperator() - } - return nil +// VexFixedVulnAssessmentRelationship Links a vulnerability and elements representing products (in the VEX sense) where\na fix has been applied and are no longer affected. +type VexFixedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship"` + VexVulnAssessmentRelationship } -func (o *ExpandedlicensingOrLaterOperator) asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator { +func (o *VexFixedVulnAssessmentRelationship) asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship { return o } -type AnyExpandedlicensingOrLaterOperator interface { - AnyExpandedlicensingExtendableLicense - asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator -} +type VexFixedVulnAssessmentRelationshipList []AnyVexFixedVulnAssessmentRelationship -type ExpandedlicensingOrLaterOperatorList []AnyExpandedlicensingOrLaterOperator +func (o *VexFixedVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVexFixedVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +} -func (o *ExpandedlicensingOrLaterOperatorList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyExpandedlicensingOrLaterOperator, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) +// VexJustificationType Specifies the VEX justification type. +type VexJustificationType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType"` + id string `iri:"@id"` } -// Portion of an AnyLicenseInfo representing a License which has additional -// text applied to it. -type ExpandedlicensingWithAdditionOperator struct { - SimplelicensingAnyLicenseInfo +// VexJustificationType_ComponentNotPresent The software is not affected because the vulnerable component is not in the product. +var VexJustificationType_ComponentNotPresent = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent", +} - // A LicenseAddition participating in a 'with addition' model. - ExpandedlicensingSubjectAddition AnyExpandedlicensingLicenseAddition `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" iri-compact:"expandedlicensing_subjectAddition"` +// VexJustificationType_InlineMitigationsAlreadyExist Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. +var VexJustificationType_InlineMitigationsAlreadyExist = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist", +} - // A License participating in a 'with addition' model. - ExpandedlicensingSubjectExtendableLicense AnyExpandedlicensingExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" iri-compact:"expandedlicensing_subjectExtendableLicense"` +// VexJustificationType_VulnerableCodeCannotBeControlledByAdversary The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. +var VexJustificationType_VulnerableCodeCannotBeControlledByAdversary = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary", } -func castExpandedlicensingWithAdditionOperator(o any) *ExpandedlicensingWithAdditionOperator { - if o, ok := o.(AnyExpandedlicensingWithAdditionOperator); ok { - return o.asExpandedlicensingWithAdditionOperator() - } - return nil +// VexJustificationType_VulnerableCodeNotInExecutePath The affected code is not reachable through the execution of the code, including non-anticipated states of the product. +var VexJustificationType_VulnerableCodeNotInExecutePath = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath", } -func (o *ExpandedlicensingWithAdditionOperator) asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator { - return o +// VexJustificationType_VulnerableCodeNotPresent The product is not affected because the code underlying the vulnerability is not present in the product. +var VexJustificationType_VulnerableCodeNotPresent = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent", } -type AnyExpandedlicensingWithAdditionOperator interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator +type AnyVexNotAffectedVulnAssessmentRelationship interface { + asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship } -type ExpandedlicensingWithAdditionOperatorList []AnyExpandedlicensingWithAdditionOperator +// VexNotAffectedVulnAssessmentRelationship Links a vulnerability and one or more elements designating the latter as products\nnot affected by the vulnerability. +type VexNotAffectedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship"` + VexVulnAssessmentRelationship + // ImpactStatementTime Timestamp of impact statement. + ImpactStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ImpactStatement Explains why a VEX product is not affected by a vulnerability. It is an\nalternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable\njustification label. + ImpactStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" type:"http://www.w3.org/2001/XMLSchema#string"` + // JustificationType Impact justification label to be used when linking a vulnerability to an element\nrepresenting a VEX product with a VexNotAffectedVulnAssessmentRelationship\nrelationship. + JustificationType VexJustificationType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/justificationType" type:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType"` +} -func (o *ExpandedlicensingWithAdditionOperatorList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnyExpandedlicensingWithAdditionOperator, *ExpandedlicensingWithAdditionOperator] { - return typeIter(*o, castExpandedlicensingWithAdditionOperator) +func (o *VexNotAffectedVulnAssessmentRelationship) asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship { + return o } -// A type of extension consisting of a list of name value pairs. -type ExtensionCdxPropertiesExtension struct { - ExtensionExtension +type VexNotAffectedVulnAssessmentRelationshipList []AnyVexNotAffectedVulnAssessmentRelationship - // Provides a map of a property names to a values. - ExtensionCdxPropertys ExtensionCdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" iri-compact:"extension_cdxProperty"` +func (o *VexNotAffectedVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexNotAffectedVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) } -func castExtensionCdxPropertiesExtension(o any) *ExtensionCdxPropertiesExtension { - if o, ok := o.(AnyExtensionCdxPropertiesExtension); ok { - return o.asExtensionCdxPropertiesExtension() - } - return nil +type AnyVexUnderInvestigationVulnAssessmentRelationship interface { + asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship } -func (o *ExtensionCdxPropertiesExtension) asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension { - return o +// VexUnderInvestigationVulnAssessmentRelationship Designates elements as products where the impact of a vulnerability is being\ninvestigated. +type VexUnderInvestigationVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship"` + VexVulnAssessmentRelationship } -type AnyExtensionCdxPropertiesExtension interface { - AnyExtensionExtension - asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension +func (o *VexUnderInvestigationVulnAssessmentRelationship) asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship { + return o } -type ExtensionCdxPropertiesExtensionList []AnyExtensionCdxPropertiesExtension +type VexUnderInvestigationVulnAssessmentRelationshipList []AnyVexUnderInvestigationVulnAssessmentRelationship -func (o *ExtensionCdxPropertiesExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2[AnyExtensionCdxPropertiesExtension, *ExtensionCdxPropertiesExtension] { - return typeIter(*o, castExtensionCdxPropertiesExtension) +func (o *VexUnderInvestigationVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVexUnderInvestigationVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) } -// Provides a CVSS version 2.0 assessment for a vulnerability. -type SecurityCvssV2VulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship - - // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` - // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` +type AnyVexVulnAssessmentRelationship interface { + asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship } -func castSecurityCvssV2VulnAssessmentRelationship(o any) *SecurityCvssV2VulnAssessmentRelationship { - if o, ok := o.(AnySecurityCvssV2VulnAssessmentRelationship); ok { - return o.asSecurityCvssV2VulnAssessmentRelationship() - } - return nil +// VexVulnAssessmentRelationship Abstract ancestor class for all VEX relationships +type VexVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship"` + VulnAssessmentRelationship + // StatusNotes Conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` + // VexVersion Specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *SecurityCvssV2VulnAssessmentRelationship) asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship { +func (o *VexVulnAssessmentRelationship) asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship { return o } -type AnySecurityCvssV2VulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship -} +type VexVulnAssessmentRelationshipList []AnyVexVulnAssessmentRelationship -type SecurityCvssV2VulnAssessmentRelationshipList []AnySecurityCvssV2VulnAssessmentRelationship +func (o *VexVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -func (o *SecurityCvssV2VulnAssessmentRelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV2VulnAssessmentRelationship, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) +func (o *VexVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) } -// Provides a CVSS version 3 assessment for a vulnerability. -type SecurityCvssV3VulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +func (o *VexVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +} - // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` - // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - SecuritySeverity securityCvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" iri-compact:"security_severity"` - // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` +func (o *VexVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) } -func castSecurityCvssV3VulnAssessmentRelationship(o any) *SecurityCvssV3VulnAssessmentRelationship { - if o, ok := o.(AnySecurityCvssV3VulnAssessmentRelationship); ok { - return o.asSecurityCvssV3VulnAssessmentRelationship() - } - return nil +func (o *VexVulnAssessmentRelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) } -func (o *SecurityCvssV3VulnAssessmentRelationship) asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship { - return o +type AnyVulnAssessmentRelationship interface { + asVulnAssessmentRelationship() *VulnAssessmentRelationship } -type AnySecurityCvssV3VulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship +// VulnAssessmentRelationship Abstract ancestor class for all vulnerability assessments +type VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship"` + Relationship + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was\nfound. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} + +func (o *VulnAssessmentRelationship) asVulnAssessmentRelationship() *VulnAssessmentRelationship { + return o } -type SecurityCvssV3VulnAssessmentRelationshipList []AnySecurityCvssV3VulnAssessmentRelationship +type VulnAssessmentRelationshipList []AnyVulnAssessmentRelationship -func (o *SecurityCvssV3VulnAssessmentRelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV3VulnAssessmentRelationship, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) +func (o *VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) } -// Provides a CVSS version 4 assessment for a vulnerability. -type SecurityCvssV4VulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +} - // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` - // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - SecuritySeverity securityCvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" iri-compact:"security_severity"` - // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` +func (o *VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) } -func castSecurityCvssV4VulnAssessmentRelationship(o any) *SecurityCvssV4VulnAssessmentRelationship { - if o, ok := o.(AnySecurityCvssV4VulnAssessmentRelationship); ok { - return o.asSecurityCvssV4VulnAssessmentRelationship() - } - return nil +func (o *VulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) } -func (o *SecurityCvssV4VulnAssessmentRelationship) asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship { - return o +func (o *VulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) } -type AnySecurityCvssV4VulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) } -type SecurityCvssV4VulnAssessmentRelationshipList []AnySecurityCvssV4VulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -func (o *SecurityCvssV4VulnAssessmentRelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV4VulnAssessmentRelationship, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) +func (o *VulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) } -// Provides an EPSS assessment for a vulnerability. -type SecurityEpssVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +} - // The percentile of the current probability score. - SecurityPercentile float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/percentile" iri-compact:"security_percentile"` - // A probability score between 0 and 1 of a vulnerability being exploited. - SecurityProbability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" iri-compact:"security_probability"` +func (o *VulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) } -func castSecurityEpssVulnAssessmentRelationship(o any) *SecurityEpssVulnAssessmentRelationship { - if o, ok := o.(AnySecurityEpssVulnAssessmentRelationship); ok { - return o.asSecurityEpssVulnAssessmentRelationship() - } - return nil +func (o *VulnAssessmentRelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) } -func (o *SecurityEpssVulnAssessmentRelationship) asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship { - return o +func (o *VulnAssessmentRelationshipList) VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) } -type AnySecurityEpssVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship +type AnyVulnerability interface { + asVulnerability() *Vulnerability } -type SecurityEpssVulnAssessmentRelationshipList []AnySecurityEpssVulnAssessmentRelationship +// Vulnerability Specifies a vulnerability and its associated information. +type Vulnerability struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability"` + Artifact + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} -func (o *SecurityEpssVulnAssessmentRelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityEpssVulnAssessmentRelationship, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) +func (o *Vulnerability) asVulnerability() *Vulnerability { + return o } -// Provides an exploit assessment of a vulnerability. -type SecurityExploitCatalogVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +type VulnerabilityList []AnyVulnerability - // Specifies the exploit catalog type. - SecurityCatalogType securityExploitCatalogType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/catalogType" iri-compact:"security_catalogType"` - // Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - SecurityExploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" iri-compact:"security_exploited"` - // Provides the location of an exploit catalog. - SecurityLocator string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" iri-compact:"security_locator"` +func (o *VulnerabilityList) Vulnerabilities() ld.TypeSeq[AnyVulnerability, *Vulnerability] { + return ld.NewTypeSeq(*o, castVulnerability) } -func castSecurityExploitCatalogVulnAssessmentRelationship(o any) *SecurityExploitCatalogVulnAssessmentRelationship { - if o, ok := o.(AnySecurityExploitCatalogVulnAssessmentRelationship); ok { - return o.asSecurityExploitCatalogVulnAssessmentRelationship() - } - return nil +type AnyWithAdditionOperator interface { + asWithAdditionOperator() *WithAdditionOperator } -func (o *SecurityExploitCatalogVulnAssessmentRelationship) asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship { - return o +// WithAdditionOperator Portion of an AnyLicenseInfo representing a License which has additional\ntext applied to it. +type WithAdditionOperator struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator"` + LicenseInfo + // SubjectExtendableLicense A License participating in a 'with addition' model. + SubjectExtendableLicense AnyExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` + // SubjectAddition A LicenseAddition participating in a 'with addition' model. + SubjectAddition AnyLicenseAddition `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition"` } -type AnySecurityExploitCatalogVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship +func (o *WithAdditionOperator) asWithAdditionOperator() *WithAdditionOperator { + return o } -type SecurityExploitCatalogVulnAssessmentRelationshipList []AnySecurityExploitCatalogVulnAssessmentRelationship +type WithAdditionOperatorList []AnyWithAdditionOperator -func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityExploitCatalogVulnAssessmentRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) +func (o *WithAdditionOperatorList) WithAdditionOperators() ld.TypeSeq[AnyWithAdditionOperator, *WithAdditionOperator] { + return ld.NewTypeSeq(*o, castWithAdditionOperator) } -// Provides an SSVC assessment for a vulnerability. -type SecuritySsvcVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship - - // Provide the enumeration of possible decisions in the - // [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). - SecurityDecisionType securitySsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" iri-compact:"security_decisionType"` +type ExternalIRI struct { + id string `iri:"@id"` + value any } -func castSecuritySsvcVulnAssessmentRelationship(o any) *SecuritySsvcVulnAssessmentRelationship { - if o, ok := o.(AnySecuritySsvcVulnAssessmentRelationship); ok { - return o.asSecuritySsvcVulnAssessmentRelationship() +func NewExternalIRI(id string) *ExternalIRI { + return &ExternalIRI{ + id: id, } - return nil } -func (o *SecuritySsvcVulnAssessmentRelationship) asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asAIPackage() *AIPackage { + return castAIPackage(o.value) } -type AnySecuritySsvcVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship +func (o *ExternalIRI) asAgent() *Agent { + return castAgent(o.value) } -type SecuritySsvcVulnAssessmentRelationshipList []AnySecuritySsvcVulnAssessmentRelationship - -func (o *SecuritySsvcVulnAssessmentRelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnySecuritySsvcVulnAssessmentRelationship, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) +func (o *ExternalIRI) asAnnotation() *Annotation { + return castAnnotation(o.value) } -// Abstract ancestor class for all VEX relationships -type SecurityVexVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship - - // Conveys information about how VEX status was determined. - SecurityStatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" iri-compact:"security_statusNotes"` - // Specifies the version of a VEX statement. - SecurityVexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" iri-compact:"security_vexVersion"` +func (o *ExternalIRI) asArtifact() *Artifact { + return castArtifact(o.value) } -func castSecurityVexVulnAssessmentRelationship(o any) *SecurityVexVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexVulnAssessmentRelationship); ok { - return o.asSecurityVexVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asBom() *Bom { + return castBom(o.value) } -func (o *SecurityVexVulnAssessmentRelationship) asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asBuild() *Build { + return castBuild(o.value) } -type AnySecurityVexVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asBundle() *Bundle { + return castBundle(o.value) } -type SecurityVexVulnAssessmentRelationshipList []AnySecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asCdxPropertiesExtension() *CdxPropertiesExtension { + return castCdxPropertiesExtension(o.value) +} -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) +func (o *ExternalIRI) asCdxPropertyEntry() *CdxPropertyEntry { + return castCdxPropertyEntry(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +func (o *ExternalIRI) asConjunctiveLicenseSet() *ConjunctiveLicenseSet { + return castConjunctiveLicenseSet(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +func (o *ExternalIRI) asContentIdentifier() *ContentIdentifier { + return castContentIdentifier(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +func (o *ExternalIRI) asCreationInfo() *CreationInfo { + return castCreationInfo(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +func (o *ExternalIRI) asCustomLicense() *CustomLicense { + return castCustomLicense(o.value) } -// Specifies a vulnerability and its associated information. -type SecurityVulnerability struct { - Artifact +func (o *ExternalIRI) asCustomLicenseAddition() *CustomLicenseAddition { + return castCustomLicenseAddition(o.value) +} - // Specifies a time when a vulnerability assessment was modified - SecurityModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // Specifies the time when a vulnerability was published. - SecurityPublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // Specified the time and date when a vulnerability was withdrawn. - SecurityWithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` +func (o *ExternalIRI) asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship { + return castCvssV2VulnAssessmentRelationship(o.value) } -func castSecurityVulnerability(o any) *SecurityVulnerability { - if o, ok := o.(AnySecurityVulnerability); ok { - return o.asSecurityVulnerability() - } - return nil +func (o *ExternalIRI) asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship { + return castCvssV3VulnAssessmentRelationship(o.value) } -func (o *SecurityVulnerability) asSecurityVulnerability() *SecurityVulnerability { - return o +func (o *ExternalIRI) asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship { + return castCvssV4VulnAssessmentRelationship(o.value) } -type AnySecurityVulnerability interface { - AnyArtifact - asSecurityVulnerability() *SecurityVulnerability +func (o *ExternalIRI) asDatasetPackage() *DatasetPackage { + return castDatasetPackage(o.value) } -type SecurityVulnerabilityList []AnySecurityVulnerability +func (o *ExternalIRI) asDictionaryEntry() *DictionaryEntry { + return castDictionaryEntry(o.value) +} -func (o *SecurityVulnerabilityList) SecurityVulnerabilityIter() iter.Seq2[AnySecurityVulnerability, *SecurityVulnerability] { - return typeIter(*o, castSecurityVulnerability) +func (o *ExternalIRI) asDisjunctiveLicenseSet() *DisjunctiveLicenseSet { + return castDisjunctiveLicenseSet(o.value) } -// A distinct article or unit related to Software. -type SoftwareSoftwareArtifact struct { - Artifact +func (o *ExternalIRI) asElement() *Element { + return castElement(o.value) +} - // Provides additional purpose information of the software artifact. - SoftwareAdditionalPurposes []softwareSoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // Provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - SoftwareAttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" iri-compact:"software_attributionText"` - // A canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - SoftwareContentIdentifiers SoftwareContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` +func (o *ExternalIRI) asElementCollection() *ElementCollection { + return castElementCollection(o.value) +} - // Identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - SoftwareCopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // Provides information about the primary purpose of the software artifact. - SoftwarePrimaryPurpose softwareSoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` +func (o *ExternalIRI) asEnergyConsumption() *EnergyConsumption { + return castEnergyConsumption(o.value) } -func castSoftwareSoftwareArtifact(o any) *SoftwareSoftwareArtifact { - if o, ok := o.(AnySoftwareSoftwareArtifact); ok { - return o.asSoftwareSoftwareArtifact() - } - return nil +func (o *ExternalIRI) asEnergyConsumptionDescription() *EnergyConsumptionDescription { + return castEnergyConsumptionDescription(o.value) } -func (o *SoftwareSoftwareArtifact) asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact { - return o +func (o *ExternalIRI) asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship { + return castEpssVulnAssessmentRelationship(o.value) } -type AnySoftwareSoftwareArtifact interface { - AnyArtifact - asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact +func (o *ExternalIRI) asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship { + return castExploitCatalogVulnAssessmentRelationship(o.value) } -type SoftwareSoftwareArtifactList []AnySoftwareSoftwareArtifact +func (o *ExternalIRI) asExtendableLicense() *ExtendableLicense { + return castExtendableLicense(o.value) +} -func (o *SoftwareSoftwareArtifactList) SoftwareSoftwareArtifactIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareSoftwareArtifact] { - return typeIter(*o, castSoftwareSoftwareArtifact) +func (o *ExternalIRI) asExternalIdentifier() *ExternalIdentifier { + return castExternalIdentifier(o.value) } -func (o *SoftwareSoftwareArtifactList) SoftwareFileIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) + +func (o *ExternalIRI) asExternalMap() *ExternalMap { + return castExternalMap(o.value) } -func (o *SoftwareSoftwareArtifactList) SoftwarePackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) + +func (o *ExternalIRI) asExternalRef() *ExternalRef { + return castExternalRef(o.value) } -func (o *SoftwareSoftwareArtifactList) SoftwareSnippetIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) + +func (o *ExternalIRI) asFile() *File { + return castFile(o.value) } -func (o *SoftwareSoftwareArtifactList) AiAIPackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +func (o *ExternalIRI) asHash() *Hash { + return castHash(o.value) } -func (o *SoftwareSoftwareArtifactList) DatasetDatasetPackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func (o *ExternalIRI) asIndividualElement() *IndividualElement { + return castIndividualElement(o.value) } -// A container for a grouping of SPDX-3.0 content characterizing details -// (provenence, composition, licensing, etc.) about a product. -type Bom struct { - Bundle +func (o *ExternalIRI) asIndividualLicensingInfo() *IndividualLicensingInfo { + return castIndividualLicensingInfo(o.value) } -func castBom(o any) *Bom { - if o, ok := o.(AnyBom); ok { - return o.asBom() - } - return nil +func (o *ExternalIRI) asIntegrityMethod() *IntegrityMethod { + return castIntegrityMethod(o.value) } -func (o *Bom) asBom() *Bom { - return o +func (o *ExternalIRI) asLicense() *License { + return castLicense(o.value) } -type AnyBom interface { - AnyBundle - asBom() *Bom +func (o *ExternalIRI) asLicenseAddition() *LicenseAddition { + return castLicenseAddition(o.value) } -type BomList []AnyBom +func (o *ExternalIRI) asLicenseExpression() *LicenseExpression { + return castLicenseExpression(o.value) +} -func (o *BomList) BomIter() iter.Seq2[AnyBom, *Bom] { return typeIter(*o, castBom) } -func (o *BomList) SoftwareSbomIter() iter.Seq2[AnyBom, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) +func (o *ExternalIRI) asLicenseInfo() *LicenseInfo { + return castLicenseInfo(o.value) } -// A license that is not listed on the SPDX License List. -type ExpandedlicensingCustomLicense struct { - ExpandedlicensingLicense +func (o *ExternalIRI) asLifecycleScopedRelationship() *LifecycleScopedRelationship { + return castLifecycleScopedRelationship(o.value) } -func castExpandedlicensingCustomLicense(o any) *ExpandedlicensingCustomLicense { - if o, ok := o.(AnyExpandedlicensingCustomLicense); ok { - return o.asExpandedlicensingCustomLicense() - } - return nil +func (o *ExternalIRI) asListedLicense() *ListedLicense { + return castListedLicense(o.value) } -func (o *ExpandedlicensingCustomLicense) asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense { - return o +func (o *ExternalIRI) asListedLicenseException() *ListedLicenseException { + return castListedLicenseException(o.value) } -type AnyExpandedlicensingCustomLicense interface { - AnyExpandedlicensingLicense - asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense +func (o *ExternalIRI) asNamespaceMap() *NamespaceMap { + return castNamespaceMap(o.value) } -type ExpandedlicensingCustomLicenseList []AnyExpandedlicensingCustomLicense +func (o *ExternalIRI) asOrLaterOperator() *OrLaterOperator { + return castOrLaterOperator(o.value) +} -func (o *ExpandedlicensingCustomLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingCustomLicense, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) +func (o *ExternalIRI) asOrganization() *Organization { + return castOrganization(o.value) } -// Connects a vulnerability and an element designating the element as a product -// affected by the vulnerability. -type SecurityVexAffectedVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asPackage() *Package { + return castPackage(o.value) +} - // Provides advise on how to mitigate or remediate a vulnerability when a VEX product - // is affected by it. - SecurityActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" iri-compact:"security_actionStatement"` - // Records the time when a recommended action was communicated in a VEX statement - // to mitigate a vulnerability. - SecurityActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" iri-compact:"security_actionStatementTime"` +func (o *ExternalIRI) asPackageVerificationCode() *PackageVerificationCode { + return castPackageVerificationCode(o.value) } -func castSecurityVexAffectedVulnAssessmentRelationship(o any) *SecurityVexAffectedVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexAffectedVulnAssessmentRelationship); ok { - return o.asSecurityVexAffectedVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asPerson() *Person { + return castPerson(o.value) } -func (o *SecurityVexAffectedVulnAssessmentRelationship) asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asPositiveIntegerRange() *PositiveIntegerRange { + return castPositiveIntegerRange(o.value) } -type AnySecurityVexAffectedVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asRelationship() *Relationship { + return castRelationship(o.value) } -type SecurityVexAffectedVulnAssessmentRelationshipList []AnySecurityVexAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asSbom() *Sbom { + return castSbom(o.value) +} -func (o *SecurityVexAffectedVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexAffectedVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) +func (o *ExternalIRI) asSimpleLicensingText() *SimpleLicensingText { + return castSimpleLicensingText(o.value) } -// Links a vulnerability and elements representing products (in the VEX sense) where -// a fix has been applied and are no longer affected. -type SecurityVexFixedVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asSnippet() *Snippet { + return castSnippet(o.value) } -func castSecurityVexFixedVulnAssessmentRelationship(o any) *SecurityVexFixedVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexFixedVulnAssessmentRelationship); ok { - return o.asSecurityVexFixedVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asSoftwareAgent() *SoftwareAgent { + return castSoftwareAgent(o.value) } -func (o *SecurityVexFixedVulnAssessmentRelationship) asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asSoftwareArtifact() *SoftwareArtifact { + return castSoftwareArtifact(o.value) } -type AnySecurityVexFixedVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship +func (o *ExternalIRI) asSpdxDocument() *SpdxDocument { + return castSpdxDocument(o.value) } -type SecurityVexFixedVulnAssessmentRelationshipList []AnySecurityVexFixedVulnAssessmentRelationship +func (o *ExternalIRI) asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship { + return castSsvcVulnAssessmentRelationship(o.value) +} -func (o *SecurityVexFixedVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexFixedVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) +func (o *ExternalIRI) asTool() *Tool { + return castTool(o.value) } -// Links a vulnerability and one or more elements designating the latter as products -// not affected by the vulnerability. -type SecurityVexNotAffectedVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship { + return castVexAffectedVulnAssessmentRelationship(o.value) +} - // Explains why a VEX product is not affected by a vulnerability. It is an - // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable - // justification label. - SecurityImpactStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" iri-compact:"security_impactStatement"` - // Timestamp of impact statement. - SecurityImpactStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" iri-compact:"security_impactStatementTime"` - // Impact justification label to be used when linking a vulnerability to an element - // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship - // relationship. - SecurityJustificationType securityVexJustificationType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/justificationType" iri-compact:"security_justificationType"` +func (o *ExternalIRI) asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship { + return castVexFixedVulnAssessmentRelationship(o.value) } -func castSecurityVexNotAffectedVulnAssessmentRelationship(o any) *SecurityVexNotAffectedVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexNotAffectedVulnAssessmentRelationship); ok { - return o.asSecurityVexNotAffectedVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship { + return castVexNotAffectedVulnAssessmentRelationship(o.value) } -func (o *SecurityVexNotAffectedVulnAssessmentRelationship) asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship { + return castVexUnderInvestigationVulnAssessmentRelationship(o.value) } -type AnySecurityVexNotAffectedVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship { + return castVexVulnAssessmentRelationship(o.value) } -type SecurityVexNotAffectedVulnAssessmentRelationshipList []AnySecurityVexNotAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asVulnAssessmentRelationship() *VulnAssessmentRelationship { + return castVulnAssessmentRelationship(o.value) +} -func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexNotAffectedVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) +func (o *ExternalIRI) asVulnerability() *Vulnerability { + return castVulnerability(o.value) } -// Designates elements as products where the impact of a vulnerability is being -// investigated. -type SecurityVexUnderInvestigationVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asWithAdditionOperator() *WithAdditionOperator { + return castWithAdditionOperator(o.value) } -func castSecurityVexUnderInvestigationVulnAssessmentRelationship(o any) *SecurityVexUnderInvestigationVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexUnderInvestigationVulnAssessmentRelationship); ok { - return o.asSecurityVexUnderInvestigationVulnAssessmentRelationship() +func castAIPackage(o any) *AIPackage { + if o, ok := o.(AnyAIPackage); ok { + return o.asAIPackage() } return nil } -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationship) asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship { - return o +func castAgent(o any) *Agent { + if o, ok := o.(AnyAgent); ok { + return o.asAgent() + } + return nil } -type AnySecurityVexUnderInvestigationVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship +func castAnnotation(o any) *Annotation { + if o, ok := o.(AnyAnnotation); ok { + return o.asAnnotation() + } + return nil } -type SecurityVexUnderInvestigationVulnAssessmentRelationshipList []AnySecurityVexUnderInvestigationVulnAssessmentRelationship - -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexUnderInvestigationVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) +func castArtifact(o any) *Artifact { + if o, ok := o.(AnyArtifact); ok { + return o.asArtifact() + } + return nil } -// Refers to any object that stores content on a computer. -type SoftwareFile struct { - SoftwareSoftwareArtifact - - // Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` - // Describes if a given file is a directory or non-directory kind of file. - SoftwareFileKind softwareFileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" iri-compact:"software_fileKind"` +func castBom(o any) *Bom { + if o, ok := o.(AnyBom); ok { + return o.asBom() + } + return nil } -func castSoftwareFile(o any) *SoftwareFile { - if o, ok := o.(AnySoftwareFile); ok { - return o.asSoftwareFile() +func castBuild(o any) *Build { + if o, ok := o.(AnyBuild); ok { + return o.asBuild() } return nil } -func (o *SoftwareFile) asSoftwareFile() *SoftwareFile { - return o +func castBundle(o any) *Bundle { + if o, ok := o.(AnyBundle); ok { + return o.asBundle() + } + return nil } -type AnySoftwareFile interface { - AnySoftwareSoftwareArtifact - asSoftwareFile() *SoftwareFile +func castCdxPropertiesExtension(o any) *CdxPropertiesExtension { + if o, ok := o.(AnyCdxPropertiesExtension); ok { + return o.asCdxPropertiesExtension() + } + return nil } -type SoftwareFileList []AnySoftwareFile - -func (o *SoftwareFileList) SoftwareFileIter() iter.Seq2[AnySoftwareFile, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) +func castCdxPropertyEntry(o any) *CdxPropertyEntry { + if o, ok := o.(AnyCdxPropertyEntry); ok { + return o.asCdxPropertyEntry() + } + return nil } -// Refers to any unit of content that can be associated with a distribution of -// software. -type SoftwarePackage struct { - SoftwareSoftwareArtifact +func castConjunctiveLicenseSet(o any) *ConjunctiveLicenseSet { + if o, ok := o.(AnyConjunctiveLicenseSet); ok { + return o.asConjunctiveLicenseSet() + } + return nil +} - // Identifies the download Uniform Resource Identifier for the package at the time - // that the document was created. - SoftwareDownloadLocation string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` - // A place for the SPDX document creator to record a website that serves as the - // package's home page. - SoftwareHomePage string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" iri-compact:"software_homePage"` - // Provides a place for the SPDX data creator to record the package URL string - // (in accordance with the Package URL specification) for a software Package. - SoftwarePackageUrl string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" iri-compact:"software_packageUrl"` - // Identify the version of a package. - SoftwarePackageVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" iri-compact:"software_packageVersion"` - // Records any relevant background information or additional comments - // about the origin of the package. - SoftwareSourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` +func castContentIdentifier(o any) *ContentIdentifier { + if o, ok := o.(AnyContentIdentifier); ok { + return o.asContentIdentifier() + } + return nil } -func castSoftwarePackage(o any) *SoftwarePackage { - if o, ok := o.(AnySoftwarePackage); ok { - return o.asSoftwarePackage() +func castCreationInfo(o any) *CreationInfo { + if o, ok := o.(AnyCreationInfo); ok { + return o.asCreationInfo() } return nil } -func (o *SoftwarePackage) asSoftwarePackage() *SoftwarePackage { - return o +func castCustomLicense(o any) *CustomLicense { + if o, ok := o.(AnyCustomLicense); ok { + return o.asCustomLicense() + } + return nil } -type AnySoftwarePackage interface { - AnySoftwareSoftwareArtifact - asSoftwarePackage() *SoftwarePackage +func castCustomLicenseAddition(o any) *CustomLicenseAddition { + if o, ok := o.(AnyCustomLicenseAddition); ok { + return o.asCustomLicenseAddition() + } + return nil } -type SoftwarePackageList []AnySoftwarePackage +func castCvssV2VulnAssessmentRelationship(o any) *CvssV2VulnAssessmentRelationship { + if o, ok := o.(AnyCvssV2VulnAssessmentRelationship); ok { + return o.asCvssV2VulnAssessmentRelationship() + } + return nil +} -func (o *SoftwarePackageList) SoftwarePackageIter() iter.Seq2[AnySoftwarePackage, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) +func castCvssV3VulnAssessmentRelationship(o any) *CvssV3VulnAssessmentRelationship { + if o, ok := o.(AnyCvssV3VulnAssessmentRelationship); ok { + return o.asCvssV3VulnAssessmentRelationship() + } + return nil } -func (o *SoftwarePackageList) AiAIPackageIter() iter.Seq2[AnySoftwarePackage, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +func castCvssV4VulnAssessmentRelationship(o any) *CvssV4VulnAssessmentRelationship { + if o, ok := o.(AnyCvssV4VulnAssessmentRelationship); ok { + return o.asCvssV4VulnAssessmentRelationship() + } + return nil } -func (o *SoftwarePackageList) DatasetDatasetPackageIter() iter.Seq2[AnySoftwarePackage, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func castDatasetPackage(o any) *DatasetPackage { + if o, ok := o.(AnyDatasetPackage); ok { + return o.asDatasetPackage() + } + return nil } -// A collection of SPDX Elements describing a single package. -type SoftwareSbom struct { - Bom +func castDictionaryEntry(o any) *DictionaryEntry { + if o, ok := o.(AnyDictionaryEntry); ok { + return o.asDictionaryEntry() + } + return nil +} - // Provides information about the type of an SBOM. - SoftwareSbomTypes []softwareSbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" iri-compact:"software_sbomType"` +func castDisjunctiveLicenseSet(o any) *DisjunctiveLicenseSet { + if o, ok := o.(AnyDisjunctiveLicenseSet); ok { + return o.asDisjunctiveLicenseSet() + } + return nil } -func castSoftwareSbom(o any) *SoftwareSbom { - if o, ok := o.(AnySoftwareSbom); ok { - return o.asSoftwareSbom() +func castElement(o any) *Element { + if o, ok := o.(AnyElement); ok { + return o.asElement() } return nil } -func (o *SoftwareSbom) asSoftwareSbom() *SoftwareSbom { - return o +func castElementCollection(o any) *ElementCollection { + if o, ok := o.(AnyElementCollection); ok { + return o.asElementCollection() + } + return nil } -type AnySoftwareSbom interface { - AnyBom - asSoftwareSbom() *SoftwareSbom +func castEnergyConsumption(o any) *EnergyConsumption { + if o, ok := o.(AnyEnergyConsumption); ok { + return o.asEnergyConsumption() + } + return nil } -type SoftwareSbomList []AnySoftwareSbom - -func (o *SoftwareSbomList) SoftwareSbomIter() iter.Seq2[AnySoftwareSbom, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) +func castEnergyConsumptionDescription(o any) *EnergyConsumptionDescription { + if o, ok := o.(AnyEnergyConsumptionDescription); ok { + return o.asEnergyConsumptionDescription() + } + return nil } -// Describes a certain part of a file. -type SoftwareSnippet struct { - SoftwareSoftwareArtifact - - // Defines the byte range in the original host file that the snippet information - // applies to. - SoftwareByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" iri-compact:"software_byteRange"` - - // Defines the line range in the original host file that the snippet information - // applies to. - SoftwareLineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" iri-compact:"software_lineRange"` - - // Defines the original host file that the snippet information applies to. - SoftwareSnippetFromFile AnySoftwareFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" iri-compact:"software_snippetFromFile"` +func castEpssVulnAssessmentRelationship(o any) *EpssVulnAssessmentRelationship { + if o, ok := o.(AnyEpssVulnAssessmentRelationship); ok { + return o.asEpssVulnAssessmentRelationship() + } + return nil } -func castSoftwareSnippet(o any) *SoftwareSnippet { - if o, ok := o.(AnySoftwareSnippet); ok { - return o.asSoftwareSnippet() +func castExploitCatalogVulnAssessmentRelationship(o any) *ExploitCatalogVulnAssessmentRelationship { + if o, ok := o.(AnyExploitCatalogVulnAssessmentRelationship); ok { + return o.asExploitCatalogVulnAssessmentRelationship() } return nil } -func (o *SoftwareSnippet) asSoftwareSnippet() *SoftwareSnippet { - return o +func castExtendableLicense(o any) *ExtendableLicense { + if o, ok := o.(AnyExtendableLicense); ok { + return o.asExtendableLicense() + } + return nil } -type AnySoftwareSnippet interface { - AnySoftwareSoftwareArtifact - asSoftwareSnippet() *SoftwareSnippet +func castExternalIdentifier(o any) *ExternalIdentifier { + if o, ok := o.(AnyExternalIdentifier); ok { + return o.asExternalIdentifier() + } + return nil } -type SoftwareSnippetList []AnySoftwareSnippet - -func (o *SoftwareSnippetList) SoftwareSnippetIter() iter.Seq2[AnySoftwareSnippet, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) +func castExternalMap(o any) *ExternalMap { + if o, ok := o.(AnyExternalMap); ok { + return o.asExternalMap() + } + return nil } -// Specifies an AI package and its associated information. -type AiAIPackage struct { - SoftwarePackage - - // Indicates whether the system can perform a decision or action without human - // involvement or guidance. - AiAutonomyType presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" iri-compact:"ai_autonomyType"` - // Captures the domain in which the AI package can be used. - AiDomains []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/domain" iri-compact:"ai_domain"` - // Indicates the amount of energy consumption incurred by an AI model. - AiEnergyConsumption AnyAiEnergyConsumption `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" iri-compact:"ai_energyConsumption"` - - // Records a hyperparameter used to build the AI model contained in the AI - // package. - AiHyperparameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" iri-compact:"ai_hyperparameter"` - - // Provides relevant information about the AI software, not including the model - // description. - AiInformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" iri-compact:"ai_informationAboutApplication"` - // Describes relevant information about different steps of the training process. - AiInformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" iri-compact:"ai_informationAboutTraining"` - // Captures a limitation of the AI software. - AiLimitation string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/limitation" iri-compact:"ai_limitation"` - // Records the measurement of prediction quality of the AI model. - AiMetrics DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metric" iri-compact:"ai_metric"` - - // Captures the threshold that was used for computation of a metric described in - // the metric field. - AiMetricDecisionThresholds DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" iri-compact:"ai_metricDecisionThreshold"` - - // Describes all the preprocessing steps applied to the training data before the - // model training. - AiModelDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" iri-compact:"ai_modelDataPreprocessing"` - // Describes methods that can be used to explain the results from the AI model. - AiModelExplainabilitys []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" iri-compact:"ai_modelExplainability"` - // Records the results of general safety risk assessment of the AI system. - AiSafetyRiskAssessment aiSafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" iri-compact:"ai_safetyRiskAssessment"` - // Captures a standard that is being complied with. - AiStandardCompliances []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" iri-compact:"ai_standardCompliance"` - // Records the type of the model used in the AI software. - AiTypeOfModels []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" iri-compact:"ai_typeOfModel"` - // Records if sensitive personal information is used during model training or - // could be used during the inference. - AiUseSensitivePersonalInformation presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" iri-compact:"ai_useSensitivePersonalInformation"` +func castExternalRef(o any) *ExternalRef { + if o, ok := o.(AnyExternalRef); ok { + return o.asExternalRef() + } + return nil } -func castAiAIPackage(o any) *AiAIPackage { - if o, ok := o.(AnyAiAIPackage); ok { - return o.asAiAIPackage() +func castFile(o any) *File { + if o, ok := o.(AnyFile); ok { + return o.asFile() } return nil } -func (o *AiAIPackage) asAiAIPackage() *AiAIPackage { - return o +func castHash(o any) *Hash { + if o, ok := o.(AnyHash); ok { + return o.asHash() + } + return nil } -type AnyAiAIPackage interface { - AnySoftwarePackage - asAiAIPackage() *AiAIPackage +func castIndividualElement(o any) *IndividualElement { + if o, ok := o.(AnyIndividualElement); ok { + return o.asIndividualElement() + } + return nil } -type AiAIPackageList []AnyAiAIPackage - -func (o *AiAIPackageList) AiAIPackageIter() iter.Seq2[AnyAiAIPackage, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) +func castIndividualLicensingInfo(o any) *IndividualLicensingInfo { + if o, ok := o.(AnyIndividualLicensingInfo); ok { + return o.asIndividualLicensingInfo() + } + return nil } -// Specifies a data package and its associated information. -type DatasetDatasetPackage struct { - SoftwarePackage - - // Describes the anonymization methods used. - DatasetAnonymizationMethodUseds []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" iri-compact:"dataset_anonymizationMethodUsed"` - // Describes the confidentiality level of the data points contained in the dataset. - DatasetConfidentialityLevel datasetConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" iri-compact:"dataset_confidentialityLevel"` - // Describes how the dataset was collected. - DatasetDataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" iri-compact:"dataset_dataCollectionProcess"` - // Describes the preprocessing steps that were applied to the raw data to create the given dataset. - DatasetDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" iri-compact:"dataset_dataPreprocessing"` - // The field describes the availability of a dataset. - DatasetDatasetAvailability datasetDatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" iri-compact:"dataset_datasetAvailability"` - // Describes potentially noisy elements of the dataset. - DatasetDatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" iri-compact:"dataset_datasetNoise"` - // Captures the size of the dataset. - DatasetDatasetSize int `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" iri-compact:"dataset_datasetSize"` - // Describes the type of the given dataset. - DatasetDatasetTypes []datasetDatasetType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" iri-compact:"dataset_datasetType"` - // Describes a mechanism to update the dataset. - DatasetDatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" iri-compact:"dataset_datasetUpdateMechanism"` - // Describes if any sensitive personal information is present in the dataset. - DatasetHasSensitivePersonalInformation presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" iri-compact:"dataset_hasSensitivePersonalInformation"` - // Describes what the given dataset should be used for. - DatasetIntendedUse string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" iri-compact:"dataset_intendedUse"` - // Records the biases that the dataset is known to encompass. - DatasetKnownBias []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" iri-compact:"dataset_knownBias"` - // Describes a sensor used for collecting the data. - DatasetSensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" iri-compact:"dataset_sensor"` +func castIntegrityMethod(o any) *IntegrityMethod { + if o, ok := o.(AnyIntegrityMethod); ok { + return o.asIntegrityMethod() + } + return nil } -func castDatasetDatasetPackage(o any) *DatasetDatasetPackage { - if o, ok := o.(AnyDatasetDatasetPackage); ok { - return o.asDatasetDatasetPackage() +func castLicense(o any) *License { + if o, ok := o.(AnyLicense); ok { + return o.asLicense() } return nil } -func (o *DatasetDatasetPackage) asDatasetDatasetPackage() *DatasetDatasetPackage { - return o +func castLicenseAddition(o any) *LicenseAddition { + if o, ok := o.(AnyLicenseAddition); ok { + return o.asLicenseAddition() + } + return nil } -type AnyDatasetDatasetPackage interface { - AnySoftwarePackage - asDatasetDatasetPackage() *DatasetDatasetPackage +func castLicenseExpression(o any) *LicenseExpression { + if o, ok := o.(AnyLicenseExpression); ok { + return o.asLicenseExpression() + } + return nil } -type DatasetDatasetPackageList []AnyDatasetDatasetPackage +func castLicenseInfo(o any) *LicenseInfo { + if o, ok := o.(AnyLicenseInfo); ok { + return o.asLicenseInfo() + } + return nil +} -func (o *DatasetDatasetPackageList) DatasetDatasetPackageIter() iter.Seq2[AnyDatasetDatasetPackage, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) +func castLifecycleScopedRelationship(o any) *LifecycleScopedRelationship { + if o, ok := o.(AnyLifecycleScopedRelationship); ok { + return o.asLifecycleScopedRelationship() + } + return nil } -type ExternalIRI struct { - iri string +func castListedLicense(o any) *ListedLicense { + if o, ok := o.(AnyListedLicense); ok { + return o.asListedLicense() + } + return nil } -func NewExternalIRI(iri string) *ExternalIRI { - return &ExternalIRI{iri: iri} +func castListedLicenseException(o any) *ListedLicenseException { + if o, ok := o.(AnyListedLicenseException); ok { + return o.asListedLicenseException() + } + return nil } -func (o *ExternalIRI) asAiEnergyConsumption() *AiEnergyConsumption { return nil } -func (o *ExternalIRI) asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription { return nil } -func (o *ExternalIRI) asCreationInfo() *CreationInfo { return nil } -func (o *ExternalIRI) asDictionaryEntry() *DictionaryEntry { return nil } -func (o *ExternalIRI) asElement() *Element { return nil } -func (o *ExternalIRI) asElementCollection() *ElementCollection { return nil } -func (o *ExternalIRI) asExternalIdentifier() *ExternalIdentifier { return nil } -func (o *ExternalIRI) asExternalMap() *ExternalMap { return nil } -func (o *ExternalIRI) asExternalRef() *ExternalRef { return nil } -func (o *ExternalIRI) asIndividualElement() *IndividualElement { return nil } -func (o *ExternalIRI) asIntegrityMethod() *IntegrityMethod { return nil } -func (o *ExternalIRI) asNamespaceMap() *NamespaceMap { return nil } -func (o *ExternalIRI) asPackageVerificationCode() *PackageVerificationCode { return nil } -func (o *ExternalIRI) asPositiveIntegerRange() *PositiveIntegerRange { return nil } -func (o *ExternalIRI) asRelationship() *Relationship { return nil } -func (o *ExternalIRI) asSpdxDocument() *SpdxDocument { return nil } -func (o *ExternalIRI) asTool() *Tool { return nil } -func (o *ExternalIRI) asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition { +func castNamespaceMap(o any) *NamespaceMap { + if o, ok := o.(AnyNamespaceMap); ok { + return o.asNamespaceMap() + } return nil } -func (o *ExternalIRI) asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException { + +func castOrLaterOperator(o any) *OrLaterOperator { + if o, ok := o.(AnyOrLaterOperator); ok { + return o.asOrLaterOperator() + } return nil } -func (o *ExternalIRI) asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry { return nil } -func (o *ExternalIRI) asExtensionExtension() *ExtensionExtension { return nil } -func (o *ExternalIRI) asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship { + +func castOrganization(o any) *Organization { + if o, ok := o.(AnyOrganization); ok { + return o.asOrganization() + } return nil } -func (o *ExternalIRI) asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo { return nil } -func (o *ExternalIRI) asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression { + +func castPackage(o any) *Package { + if o, ok := o.(AnyPackage); ok { + return o.asPackage() + } return nil } -func (o *ExternalIRI) asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText { + +func castPackageVerificationCode(o any) *PackageVerificationCode { + if o, ok := o.(AnyPackageVerificationCode); ok { + return o.asPackageVerificationCode() + } return nil } -func (o *ExternalIRI) asSoftwareContentIdentifier() *SoftwareContentIdentifier { return nil } -func (o *ExternalIRI) asBuildBuild() *BuildBuild { return nil } -func (o *ExternalIRI) asAgent() *Agent { return nil } -func (o *ExternalIRI) asAnnotation() *Annotation { return nil } -func (o *ExternalIRI) asArtifact() *Artifact { return nil } -func (o *ExternalIRI) asBundle() *Bundle { return nil } -func (o *ExternalIRI) asHash() *Hash { return nil } -func (o *ExternalIRI) asLifecycleScopedRelationship() *LifecycleScopedRelationship { return nil } -func (o *ExternalIRI) asOrganization() *Organization { return nil } -func (o *ExternalIRI) asPerson() *Person { return nil } -func (o *ExternalIRI) asSoftwareAgent() *SoftwareAgent { return nil } -func (o *ExternalIRI) asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet { + +func castPerson(o any) *Person { + if o, ok := o.(AnyPerson); ok { + return o.asPerson() + } return nil } -func (o *ExternalIRI) asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition { + +func castPositiveIntegerRange(o any) *PositiveIntegerRange { + if o, ok := o.(AnyPositiveIntegerRange); ok { + return o.asPositiveIntegerRange() + } return nil } -func (o *ExternalIRI) asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet { + +func castRelationship(o any) *Relationship { + if o, ok := o.(AnyRelationship); ok { + return o.asRelationship() + } return nil } -func (o *ExternalIRI) asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense { + +func castSbom(o any) *Sbom { + if o, ok := o.(AnySbom); ok { + return o.asSbom() + } return nil } -func (o *ExternalIRI) asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo { + +func castSimpleLicensingText(o any) *SimpleLicensingText { + if o, ok := o.(AnySimpleLicensingText); ok { + return o.asSimpleLicensingText() + } return nil } -func (o *ExternalIRI) asExpandedlicensingLicense() *ExpandedlicensingLicense { return nil } -func (o *ExternalIRI) asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense { return nil } -func (o *ExternalIRI) asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator { + +func castSnippet(o any) *Snippet { + if o, ok := o.(AnySnippet); ok { + return o.asSnippet() + } return nil } -func (o *ExternalIRI) asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator { + +func castSoftwareAgent(o any) *SoftwareAgent { + if o, ok := o.(AnySoftwareAgent); ok { + return o.asSoftwareAgent() + } return nil } -func (o *ExternalIRI) asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension { + +func castSoftwareArtifact(o any) *SoftwareArtifact { + if o, ok := o.(AnySoftwareArtifact); ok { + return o.asSoftwareArtifact() + } return nil } -func (o *ExternalIRI) asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship { + +func castSpdxDocument(o any) *SpdxDocument { + if o, ok := o.(AnySpdxDocument); ok { + return o.asSpdxDocument() + } return nil } -func (o *ExternalIRI) asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship { + +func castSsvcVulnAssessmentRelationship(o any) *SsvcVulnAssessmentRelationship { + if o, ok := o.(AnySsvcVulnAssessmentRelationship); ok { + return o.asSsvcVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship { + +func castTool(o any) *Tool { + if o, ok := o.(AnyTool); ok { + return o.asTool() + } return nil } -func (o *ExternalIRI) asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship { + +func castVexAffectedVulnAssessmentRelationship(o any) *VexAffectedVulnAssessmentRelationship { + if o, ok := o.(AnyVexAffectedVulnAssessmentRelationship); ok { + return o.asVexAffectedVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship { + +func castVexFixedVulnAssessmentRelationship(o any) *VexFixedVulnAssessmentRelationship { + if o, ok := o.(AnyVexFixedVulnAssessmentRelationship); ok { + return o.asVexFixedVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship { + +func castVexNotAffectedVulnAssessmentRelationship(o any) *VexNotAffectedVulnAssessmentRelationship { + if o, ok := o.(AnyVexNotAffectedVulnAssessmentRelationship); ok { + return o.asVexNotAffectedVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship { + +func castVexUnderInvestigationVulnAssessmentRelationship(o any) *VexUnderInvestigationVulnAssessmentRelationship { + if o, ok := o.(AnyVexUnderInvestigationVulnAssessmentRelationship); ok { + return o.asVexUnderInvestigationVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVulnerability() *SecurityVulnerability { return nil } -func (o *ExternalIRI) asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact { return nil } -func (o *ExternalIRI) asBom() *Bom { return nil } -func (o *ExternalIRI) asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense { return nil } -func (o *ExternalIRI) asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship { + +func castVexVulnAssessmentRelationship(o any) *VexVulnAssessmentRelationship { + if o, ok := o.(AnyVexVulnAssessmentRelationship); ok { + return o.asVexVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship { + +func castVulnAssessmentRelationship(o any) *VulnAssessmentRelationship { + if o, ok := o.(AnyVulnAssessmentRelationship); ok { + return o.asVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship { + +func castVulnerability(o any) *Vulnerability { + if o, ok := o.(AnyVulnerability); ok { + return o.asVulnerability() + } return nil } -func (o *ExternalIRI) asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship { + +func castWithAdditionOperator(o any) *WithAdditionOperator { + if o, ok := o.(AnyWithAdditionOperator); ok { + return o.asWithAdditionOperator() + } return nil } -func (o *ExternalIRI) asSoftwareFile() *SoftwareFile { return nil } -func (o *ExternalIRI) asSoftwarePackage() *SoftwarePackage { return nil } -func (o *ExternalIRI) asSoftwareSbom() *SoftwareSbom { return nil } -func (o *ExternalIRI) asSoftwareSnippet() *SoftwareSnippet { return nil } -func (o *ExternalIRI) asAiAIPackage() *AiAIPackage { return nil } -func (o *ExternalIRI) asDatasetDatasetPackage() *DatasetDatasetPackage { return nil } func cast[T any](value any) *T { var t T switch any(t).(type) { - case AiEnergyConsumption: - if v, ok := any(castAiEnergyConsumption(value)).(*T); ok { + case AIPackage: + if v, ok := any(castAIPackage(value)).(*T); ok { return v } - case AiEnergyConsumptionDescription: - if v, ok := any(castAiEnergyConsumptionDescription(value)).(*T); ok { + case Agent: + if v, ok := any(castAgent(value)).(*T); ok { return v } - case CreationInfo: - if v, ok := any(castCreationInfo(value)).(*T); ok { + case Annotation: + if v, ok := any(castAnnotation(value)).(*T); ok { return v } - case DictionaryEntry: - if v, ok := any(castDictionaryEntry(value)).(*T); ok { + case Artifact: + if v, ok := any(castArtifact(value)).(*T); ok { return v } - case Element: - if v, ok := any(castElement(value)).(*T); ok { + case Bom: + if v, ok := any(castBom(value)).(*T); ok { return v } - case ElementCollection: - if v, ok := any(castElementCollection(value)).(*T); ok { + case Build: + if v, ok := any(castBuild(value)).(*T); ok { return v } - case ExternalIdentifier: - if v, ok := any(castExternalIdentifier(value)).(*T); ok { + case Bundle: + if v, ok := any(castBundle(value)).(*T); ok { return v } - case ExternalMap: - if v, ok := any(castExternalMap(value)).(*T); ok { + case CdxPropertiesExtension: + if v, ok := any(castCdxPropertiesExtension(value)).(*T); ok { return v } - case ExternalRef: - if v, ok := any(castExternalRef(value)).(*T); ok { + case CdxPropertyEntry: + if v, ok := any(castCdxPropertyEntry(value)).(*T); ok { return v } - case IndividualElement: - if v, ok := any(castIndividualElement(value)).(*T); ok { + case ConjunctiveLicenseSet: + if v, ok := any(castConjunctiveLicenseSet(value)).(*T); ok { return v } - case IntegrityMethod: - if v, ok := any(castIntegrityMethod(value)).(*T); ok { + case ContentIdentifier: + if v, ok := any(castContentIdentifier(value)).(*T); ok { return v } - case NamespaceMap: - if v, ok := any(castNamespaceMap(value)).(*T); ok { + case CreationInfo: + if v, ok := any(castCreationInfo(value)).(*T); ok { return v } - case PackageVerificationCode: - if v, ok := any(castPackageVerificationCode(value)).(*T); ok { + case CustomLicense: + if v, ok := any(castCustomLicense(value)).(*T); ok { return v } - case PositiveIntegerRange: - if v, ok := any(castPositiveIntegerRange(value)).(*T); ok { + case CustomLicenseAddition: + if v, ok := any(castCustomLicenseAddition(value)).(*T); ok { return v } - case Relationship: - if v, ok := any(castRelationship(value)).(*T); ok { + case CvssV2VulnAssessmentRelationship: + if v, ok := any(castCvssV2VulnAssessmentRelationship(value)).(*T); ok { return v } - case SpdxDocument: - if v, ok := any(castSpdxDocument(value)).(*T); ok { + case CvssV3VulnAssessmentRelationship: + if v, ok := any(castCvssV3VulnAssessmentRelationship(value)).(*T); ok { return v } - case Tool: - if v, ok := any(castTool(value)).(*T); ok { + case CvssV4VulnAssessmentRelationship: + if v, ok := any(castCvssV4VulnAssessmentRelationship(value)).(*T); ok { return v } - case ExpandedlicensingLicenseAddition: - if v, ok := any(castExpandedlicensingLicenseAddition(value)).(*T); ok { + case DatasetPackage: + if v, ok := any(castDatasetPackage(value)).(*T); ok { return v } - case ExpandedlicensingListedLicenseException: - if v, ok := any(castExpandedlicensingListedLicenseException(value)).(*T); ok { + case DictionaryEntry: + if v, ok := any(castDictionaryEntry(value)).(*T); ok { return v } - case ExtensionCdxPropertyEntry: - if v, ok := any(castExtensionCdxPropertyEntry(value)).(*T); ok { + case DisjunctiveLicenseSet: + if v, ok := any(castDisjunctiveLicenseSet(value)).(*T); ok { return v } - case ExtensionExtension: - if v, ok := any(castExtensionExtension(value)).(*T); ok { + case Element: + if v, ok := any(castElement(value)).(*T); ok { return v } - case SecurityVulnAssessmentRelationship: - if v, ok := any(castSecurityVulnAssessmentRelationship(value)).(*T); ok { + case ElementCollection: + if v, ok := any(castElementCollection(value)).(*T); ok { return v } - case SimplelicensingAnyLicenseInfo: - if v, ok := any(castSimplelicensingAnyLicenseInfo(value)).(*T); ok { + case EnergyConsumption: + if v, ok := any(castEnergyConsumption(value)).(*T); ok { return v } - case SimplelicensingLicenseExpression: - if v, ok := any(castSimplelicensingLicenseExpression(value)).(*T); ok { + case EnergyConsumptionDescription: + if v, ok := any(castEnergyConsumptionDescription(value)).(*T); ok { return v } - case SimplelicensingSimpleLicensingText: - if v, ok := any(castSimplelicensingSimpleLicensingText(value)).(*T); ok { + case EpssVulnAssessmentRelationship: + if v, ok := any(castEpssVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareContentIdentifier: - if v, ok := any(castSoftwareContentIdentifier(value)).(*T); ok { + case ExploitCatalogVulnAssessmentRelationship: + if v, ok := any(castExploitCatalogVulnAssessmentRelationship(value)).(*T); ok { return v } - case BuildBuild: - if v, ok := any(castBuildBuild(value)).(*T); ok { + case ExtendableLicense: + if v, ok := any(castExtendableLicense(value)).(*T); ok { return v } - case Agent: - if v, ok := any(castAgent(value)).(*T); ok { + case ExternalIdentifier: + if v, ok := any(castExternalIdentifier(value)).(*T); ok { return v } - case Annotation: - if v, ok := any(castAnnotation(value)).(*T); ok { + case ExternalMap: + if v, ok := any(castExternalMap(value)).(*T); ok { return v } - case Artifact: - if v, ok := any(castArtifact(value)).(*T); ok { + case ExternalRef: + if v, ok := any(castExternalRef(value)).(*T); ok { return v } - case Bundle: - if v, ok := any(castBundle(value)).(*T); ok { + case File: + if v, ok := any(castFile(value)).(*T); ok { return v } case Hash: if v, ok := any(castHash(value)).(*T); ok { return v } - case LifecycleScopedRelationship: - if v, ok := any(castLifecycleScopedRelationship(value)).(*T); ok { - return v - } - case Organization: - if v, ok := any(castOrganization(value)).(*T); ok { + case IndividualElement: + if v, ok := any(castIndividualElement(value)).(*T); ok { return v } - case Person: - if v, ok := any(castPerson(value)).(*T); ok { + case IndividualLicensingInfo: + if v, ok := any(castIndividualLicensingInfo(value)).(*T); ok { return v } - case SoftwareAgent: - if v, ok := any(castSoftwareAgent(value)).(*T); ok { + case IntegrityMethod: + if v, ok := any(castIntegrityMethod(value)).(*T); ok { return v } - case ExpandedlicensingConjunctiveLicenseSet: - if v, ok := any(castExpandedlicensingConjunctiveLicenseSet(value)).(*T); ok { + case License: + if v, ok := any(castLicense(value)).(*T); ok { return v } - case ExpandedlicensingCustomLicenseAddition: - if v, ok := any(castExpandedlicensingCustomLicenseAddition(value)).(*T); ok { + case LicenseAddition: + if v, ok := any(castLicenseAddition(value)).(*T); ok { return v } - case ExpandedlicensingDisjunctiveLicenseSet: - if v, ok := any(castExpandedlicensingDisjunctiveLicenseSet(value)).(*T); ok { + case LicenseExpression: + if v, ok := any(castLicenseExpression(value)).(*T); ok { return v } - case ExpandedlicensingExtendableLicense: - if v, ok := any(castExpandedlicensingExtendableLicense(value)).(*T); ok { + case LicenseInfo: + if v, ok := any(castLicenseInfo(value)).(*T); ok { return v } - case ExpandedlicensingIndividualLicensingInfo: - if v, ok := any(castExpandedlicensingIndividualLicensingInfo(value)).(*T); ok { + case LifecycleScopedRelationship: + if v, ok := any(castLifecycleScopedRelationship(value)).(*T); ok { return v } - case ExpandedlicensingLicense: - if v, ok := any(castExpandedlicensingLicense(value)).(*T); ok { + case ListedLicense: + if v, ok := any(castListedLicense(value)).(*T); ok { return v } - case ExpandedlicensingListedLicense: - if v, ok := any(castExpandedlicensingListedLicense(value)).(*T); ok { + case ListedLicenseException: + if v, ok := any(castListedLicenseException(value)).(*T); ok { return v } - case ExpandedlicensingOrLaterOperator: - if v, ok := any(castExpandedlicensingOrLaterOperator(value)).(*T); ok { + case NamespaceMap: + if v, ok := any(castNamespaceMap(value)).(*T); ok { return v } - case ExpandedlicensingWithAdditionOperator: - if v, ok := any(castExpandedlicensingWithAdditionOperator(value)).(*T); ok { + case OrLaterOperator: + if v, ok := any(castOrLaterOperator(value)).(*T); ok { return v } - case ExtensionCdxPropertiesExtension: - if v, ok := any(castExtensionCdxPropertiesExtension(value)).(*T); ok { + case Organization: + if v, ok := any(castOrganization(value)).(*T); ok { return v } - case SecurityCvssV2VulnAssessmentRelationship: - if v, ok := any(castSecurityCvssV2VulnAssessmentRelationship(value)).(*T); ok { + case Package: + if v, ok := any(castPackage(value)).(*T); ok { return v } - case SecurityCvssV3VulnAssessmentRelationship: - if v, ok := any(castSecurityCvssV3VulnAssessmentRelationship(value)).(*T); ok { + case PackageVerificationCode: + if v, ok := any(castPackageVerificationCode(value)).(*T); ok { return v } - case SecurityCvssV4VulnAssessmentRelationship: - if v, ok := any(castSecurityCvssV4VulnAssessmentRelationship(value)).(*T); ok { + case Person: + if v, ok := any(castPerson(value)).(*T); ok { return v } - case SecurityEpssVulnAssessmentRelationship: - if v, ok := any(castSecurityEpssVulnAssessmentRelationship(value)).(*T); ok { + case PositiveIntegerRange: + if v, ok := any(castPositiveIntegerRange(value)).(*T); ok { return v } - case SecurityExploitCatalogVulnAssessmentRelationship: - if v, ok := any(castSecurityExploitCatalogVulnAssessmentRelationship(value)).(*T); ok { + case Relationship: + if v, ok := any(castRelationship(value)).(*T); ok { return v } - case SecuritySsvcVulnAssessmentRelationship: - if v, ok := any(castSecuritySsvcVulnAssessmentRelationship(value)).(*T); ok { + case Sbom: + if v, ok := any(castSbom(value)).(*T); ok { return v } - case SecurityVexVulnAssessmentRelationship: - if v, ok := any(castSecurityVexVulnAssessmentRelationship(value)).(*T); ok { + case SimpleLicensingText: + if v, ok := any(castSimpleLicensingText(value)).(*T); ok { return v } - case SecurityVulnerability: - if v, ok := any(castSecurityVulnerability(value)).(*T); ok { + case Snippet: + if v, ok := any(castSnippet(value)).(*T); ok { return v } - case SoftwareSoftwareArtifact: - if v, ok := any(castSoftwareSoftwareArtifact(value)).(*T); ok { + case SoftwareAgent: + if v, ok := any(castSoftwareAgent(value)).(*T); ok { return v } - case Bom: - if v, ok := any(castBom(value)).(*T); ok { + case SoftwareArtifact: + if v, ok := any(castSoftwareArtifact(value)).(*T); ok { return v } - case ExpandedlicensingCustomLicense: - if v, ok := any(castExpandedlicensingCustomLicense(value)).(*T); ok { + case SpdxDocument: + if v, ok := any(castSpdxDocument(value)).(*T); ok { return v } - case SecurityVexAffectedVulnAssessmentRelationship: - if v, ok := any(castSecurityVexAffectedVulnAssessmentRelationship(value)).(*T); ok { + case SsvcVulnAssessmentRelationship: + if v, ok := any(castSsvcVulnAssessmentRelationship(value)).(*T); ok { return v } - case SecurityVexFixedVulnAssessmentRelationship: - if v, ok := any(castSecurityVexFixedVulnAssessmentRelationship(value)).(*T); ok { + case Tool: + if v, ok := any(castTool(value)).(*T); ok { return v } - case SecurityVexNotAffectedVulnAssessmentRelationship: - if v, ok := any(castSecurityVexNotAffectedVulnAssessmentRelationship(value)).(*T); ok { + case VexAffectedVulnAssessmentRelationship: + if v, ok := any(castVexAffectedVulnAssessmentRelationship(value)).(*T); ok { return v } - case SecurityVexUnderInvestigationVulnAssessmentRelationship: - if v, ok := any(castSecurityVexUnderInvestigationVulnAssessmentRelationship(value)).(*T); ok { + case VexFixedVulnAssessmentRelationship: + if v, ok := any(castVexFixedVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareFile: - if v, ok := any(castSoftwareFile(value)).(*T); ok { + case VexNotAffectedVulnAssessmentRelationship: + if v, ok := any(castVexNotAffectedVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwarePackage: - if v, ok := any(castSoftwarePackage(value)).(*T); ok { + case VexUnderInvestigationVulnAssessmentRelationship: + if v, ok := any(castVexUnderInvestigationVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareSbom: - if v, ok := any(castSoftwareSbom(value)).(*T); ok { + case VexVulnAssessmentRelationship: + if v, ok := any(castVexVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareSnippet: - if v, ok := any(castSoftwareSnippet(value)).(*T); ok { + case VulnAssessmentRelationship: + if v, ok := any(castVulnAssessmentRelationship(value)).(*T); ok { return v } - case AiAIPackage: - if v, ok := any(castAiAIPackage(value)).(*T); ok { + case Vulnerability: + if v, ok := any(castVulnerability(value)).(*T); ok { return v } - case DatasetDatasetPackage: - if v, ok := any(castDatasetDatasetPackage(value)).(*T); ok { + case WithAdditionOperator: + if v, ok := any(castWithAdditionOperator(value)).(*T); ok { return v } } panic("invalid type cast, unknown type: " + reflect.TypeOf(t).String()) } -func As[T any, R any](value any, f func(v *T) R) R { +func As[T any, R any](value any, fn func(v *T) R) R { v := cast[T](value) if v != nil { - return f(v) + return fn(v) } var r R return r } + +func context() ld.Context { + return ld.NewContext().Register("https://spdx.org/rdf/3.0.1/spdx-context.jsonld", map[string]any{"@context": map[string]any{ + "Agent": "https://spdx.org/rdf/3.0.1/terms/Core/Agent", + "Annotation": "https://spdx.org/rdf/3.0.1/terms/Core/Annotation", + "AnnotationType": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType", + "Artifact": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact", + "Bom": "https://spdx.org/rdf/3.0.1/terms/Core/Bom", + "Bundle": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle", + "CreationInfo": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo", + "DictionaryEntry": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry", + "Element": "https://spdx.org/rdf/3.0.1/terms/Core/Element", + "ElementCollection": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection", + "ExternalIdentifier": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier", + "ExternalIdentifierType": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType", + "ExternalMap": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap", + "ExternalRef": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef", + "ExternalRefType": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType", + "Hash": "https://spdx.org/rdf/3.0.1/terms/Core/Hash", + "HashAlgorithm": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm", + "IndividualElement": "https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement", + "IntegrityMethod": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod", + "LifecycleScopeType": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType", + "LifecycleScopedRelationship": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship", + "NamespaceMap": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap", + "NoAssertionElement": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", + "NoneElement": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", + "Organization": "https://spdx.org/rdf/3.0.1/terms/Core/Organization", + "PackageVerificationCode": "https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode", + "Person": "https://spdx.org/rdf/3.0.1/terms/Core/Person", + "PositiveIntegerRange": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + "PresenceType": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType", + "ProfileIdentifierType": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType", + "Relationship": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship", + "RelationshipCompleteness": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness", + "RelationshipType": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType", + "SoftwareAgent": "https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent", + "SpdxDocument": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument", + "SpdxOrganization": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", + "SupportType": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType", + "Tool": "https://spdx.org/rdf/3.0.1/terms/Core/Tool", + "ai_AIPackage": "https://spdx.org/rdf/3.0.1/terms/AI/AIPackage", + "ai_EnergyConsumption": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption", + "ai_EnergyConsumptionDescription": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription", + "ai_EnergyUnitType": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType", + "ai_SafetyRiskAssessmentType": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType", + "ai_autonomyType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType", + "@type": "@vocab", + }, + "ai_domain": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/domain", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_energyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption", + "@type": "@vocab", + }, + "ai_energyQuantity": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "ai_energyUnit": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit", + "@type": "@vocab", + }, + "ai_finetuningEnergyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption", + "@type": "@vocab", + }, + "ai_hyperparameter": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter", + "@type": "@vocab", + }, + "ai_inferenceEnergyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption", + "@type": "@vocab", + }, + "ai_informationAboutApplication": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_informationAboutTraining": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_limitation": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/limitation", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_metric": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metric", + "@type": "@vocab", + }, + "ai_metricDecisionThreshold": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold", + "@type": "@vocab", + }, + "ai_modelDataPreprocessing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_modelExplainability": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_safetyRiskAssessment": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment", + "@type": "@vocab", + }, + "ai_standardCompliance": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_trainingEnergyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption", + "@type": "@vocab", + }, + "ai_typeOfModel": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_useSensitivePersonalInformation": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation", + "@type": "@vocab", + }, + "algorithm": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm", + "@type": "@vocab", + }, + "annotationType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType", + "@type": "@vocab", + }, + "beginIntegerRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange", + "@type": "http://www.w3.org/2001/XMLSchema#positiveInteger", + }, + "build_Build": "https://spdx.org/rdf/3.0.1/terms/Build/Build", + "build_buildEndTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "build_buildId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildId", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "build_buildStartTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "build_buildType": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildType", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "build_configSourceDigest": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest", + "@type": "@vocab", + }, + "build_configSourceEntrypoint": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "build_configSourceUri": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "build_environment": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/environment", + "@type": "@vocab", + }, + "build_parameter": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/parameter", + "@type": "@vocab", + }, + "builtTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "comment": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "completeness": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/completeness", + "@type": "@vocab", + }, + "contentType": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "context": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/context", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "created": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/created", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "createdBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy", + "@type": "@vocab", + }, + "createdUsing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing", + "@type": "@vocab", + }, + "creationInfo": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo", + "@type": "@vocab", + }, + "dataLicense": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense", + "@type": "@vocab", + }, + "dataset_ConfidentialityLevelType": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType", + "dataset_DatasetAvailabilityType": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType", + "dataset_DatasetPackage": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage", + "dataset_DatasetType": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType", + "dataset_anonymizationMethodUsed": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_confidentialityLevel": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel", + "@type": "@vocab", + }, + "dataset_dataCollectionProcess": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_dataPreprocessing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_datasetAvailability": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability", + "@type": "@vocab", + }, + "dataset_datasetNoise": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_datasetSize": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize", + "@type": "http://www.w3.org/2001/XMLSchema#nonNegativeInteger", + }, + "dataset_datasetType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType", + "@type": "@vocab", + }, + "dataset_datasetUpdateMechanism": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_hasSensitivePersonalInformation": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation", + "@type": "@vocab", + }, + "dataset_intendedUse": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_knownBias": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_sensor": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/sensor", + "@type": "@vocab", + }, + "definingArtifact": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact", + "@type": "@vocab", + }, + "description": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/description", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "element": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/element", + "@type": "@vocab", + }, + "endIntegerRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange", + "@type": "http://www.w3.org/2001/XMLSchema#positiveInteger", + }, + "endTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "expandedlicensing_ConjunctiveLicenseSet": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet", + "expandedlicensing_CustomLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense", + "expandedlicensing_CustomLicenseAddition": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition", + "expandedlicensing_DisjunctiveLicenseSet": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet", + "expandedlicensing_ExtendableLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense", + "expandedlicensing_IndividualLicensingInfo": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo", + "expandedlicensing_License": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License", + "expandedlicensing_LicenseAddition": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition", + "expandedlicensing_ListedLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense", + "expandedlicensing_ListedLicenseException": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException", + "expandedlicensing_NoAssertionLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", + "expandedlicensing_NoneLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", + "expandedlicensing_OrLaterOperator": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator", + "expandedlicensing_WithAdditionOperator": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator", + "expandedlicensing_additionText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_deprecatedVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_isDeprecatedAdditionId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_isDeprecatedLicenseId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_isFsfLibre": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_isOsiApproved": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_licenseXml": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_listVersionAdded": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_member": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member", + "@type": "@vocab", + }, + "expandedlicensing_obsoletedBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_seeAlso": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "expandedlicensing_standardAdditionTemplate": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_standardLicenseHeader": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_standardLicenseTemplate": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_subjectAddition": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition", + "@type": "@vocab", + }, + "expandedlicensing_subjectExtendableLicense": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense", + "@type": "@vocab", + }, + "expandedlicensing_subjectLicense": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense", + "@type": "@vocab", + }, + "extension": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/extension", + "@type": "@vocab", + }, + "extension_CdxPropertiesExtension": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension", + "extension_CdxPropertyEntry": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry", + "extension_Extension": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension", + "extension_cdxPropName": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "extension_cdxPropValue": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "extension_cdxProperty": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty", + "@type": "@vocab", + }, + "externalIdentifier": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier", + "@type": "@vocab", + }, + "externalIdentifierType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType", + "@type": "@vocab", + }, + "externalRef": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef", + "@type": "@vocab", + }, + "externalRefType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType", + "@type": "@vocab", + }, + "externalSpdxId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "from": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/from", + "@type": "@vocab", + }, + "hashValue": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "identifier": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifier", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "identifierLocator": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "import": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/import", + "@type": "@vocab", + }, + "issuingAuthority": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "key": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/key", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "locationHint": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "locator": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locator", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "name": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/name", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "namespace": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespace", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "namespaceMap": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap", + "@type": "@vocab", + }, + "originatedBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy", + "@type": "@vocab", + }, + "packageVerificationCodeExcludedFile": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "prefix": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/prefix", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "profileConformance": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance", + "@type": "@vocab", + }, + "relationshipType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType", + "@type": "@vocab", + }, + "releaseTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "rootElement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement", + "@type": "@vocab", + }, + "scope": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/scope", + "@type": "@vocab", + }, + "security_CvssSeverityType": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType", + "security_CvssV2VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship", + "security_CvssV3VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship", + "security_CvssV4VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship", + "security_EpssVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship", + "security_ExploitCatalogType": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType", + "security_ExploitCatalogVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship", + "security_SsvcDecisionType": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType", + "security_SsvcVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship", + "security_VexAffectedVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship", + "security_VexFixedVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship", + "security_VexJustificationType": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType", + "security_VexNotAffectedVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship", + "security_VexUnderInvestigationVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship", + "security_VexVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship", + "security_VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship", + "security_Vulnerability": "https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability", + "security_actionStatement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_actionStatementTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_assessedElement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/assessedElement", + "@type": "@vocab", + }, + "security_catalogType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType", + "@type": "@vocab", + }, + "security_decisionType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType", + "@type": "@vocab", + }, + "security_exploited": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/exploited", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "security_impactStatement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_impactStatementTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_justificationType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/justificationType", + "@type": "@vocab", + }, + "security_locator": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/locator", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "security_modifiedTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_percentile": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/percentile", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "security_probability": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/probability", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "security_publishedTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/publishedTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_score": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "security_severity": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity", + "@type": "@vocab", + }, + "security_statusNotes": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_vectorString": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_vexVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vexVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_withdrawnTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "simplelicensing_AnyLicenseInfo": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo", + "simplelicensing_LicenseExpression": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression", + "simplelicensing_SimpleLicensingText": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText", + "simplelicensing_customIdToUri": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri", + "@type": "@vocab", + }, + "simplelicensing_licenseExpression": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "simplelicensing_licenseListVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "simplelicensing_licenseText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_ContentIdentifier": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", + "software_ContentIdentifierType": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType", + "software_File": "https://spdx.org/rdf/3.0.1/terms/Software/File", + "software_FileKindType": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType", + "software_Package": "https://spdx.org/rdf/3.0.1/terms/Software/Package", + "software_Sbom": "https://spdx.org/rdf/3.0.1/terms/Software/Sbom", + "software_SbomType": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType", + "software_Snippet": "https://spdx.org/rdf/3.0.1/terms/Software/Snippet", + "software_SoftwareArtifact": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact", + "software_SoftwarePurpose": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose", + "software_additionalPurpose": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose", + "@type": "@vocab", + }, + "software_attributionText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_byteRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange", + "@type": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + }, + "software_contentIdentifier": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier", + "@type": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", + }, + "software_contentIdentifierType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType", + "@type": "@vocab", + }, + "software_contentIdentifierValue": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_copyrightText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_downloadLocation": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_fileKind": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind", + "@type": "@vocab", + }, + "software_homePage": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/homePage", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_lineRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange", + "@type": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + }, + "software_packageUrl": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_packageVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_primaryPurpose": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose", + "@type": "@vocab", + }, + "software_sbomType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType", + "@type": "@vocab", + }, + "software_snippetFromFile": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile", + "@type": "@vocab", + }, + "software_sourceInfo": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "spdx": "https://spdx.org/rdf/3.0.1/terms/", + "spdxId": "@id", + "specVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "standardName": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/standardName", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "startTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/startTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "statement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/statement", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "subject": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/subject", + "@type": "@vocab", + }, + "summary": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/summary", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "suppliedBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy", + "@type": "@vocab", + }, + "supportLevel": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel", + "@type": "@vocab", + }, + "to": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/to", + "@type": "@vocab", + }, + "type": "@type", + "validUntilTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "value": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/value", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "verifiedUsing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing", + "@type": "@vocab", + }, + }}, + NewExternalIRI, + AIPackage{}, + Agent{}, + Annotation{}, + AnnotationType{}, + AnnotationType_Other, + AnnotationType_Review, + Artifact{}, + Bom{}, + Build{}, + Bundle{}, + CdxPropertiesExtension{}, + CdxPropertyEntry{}, + ConfidentialityLevelType{}, + ConfidentialityLevelType_Amber, + ConfidentialityLevelType_Clear, + ConfidentialityLevelType_Green, + ConfidentialityLevelType_Red, + ConjunctiveLicenseSet{}, + ContentIdentifier{}, + ContentIdentifierType{}, + ContentIdentifierType_Gitoid, + ContentIdentifierType_Swhid, + CreationInfo{}, + CustomLicense{}, + CustomLicenseAddition{}, + CvssSeverityType{}, + CvssSeverityType_Critical, + CvssSeverityType_High, + CvssSeverityType_Low, + CvssSeverityType_Medium, + CvssSeverityType_None, + CvssV2VulnAssessmentRelationship{}, + CvssV3VulnAssessmentRelationship{}, + CvssV4VulnAssessmentRelationship{}, + DatasetAvailabilityType{}, + DatasetAvailabilityType_Clickthrough, + DatasetAvailabilityType_DirectDownload, + DatasetAvailabilityType_Query, + DatasetAvailabilityType_Registration, + DatasetAvailabilityType_ScrapingScript, + DatasetPackage{}, + DatasetType{}, + DatasetType_Audio, + DatasetType_Categorical, + DatasetType_Graph, + DatasetType_Image, + DatasetType_NoAssertion, + DatasetType_Numeric, + DatasetType_Other, + DatasetType_Sensor, + DatasetType_Structured, + DatasetType_Syntactic, + DatasetType_Text, + DatasetType_Timeseries, + DatasetType_Timestamp, + DatasetType_Video, + DictionaryEntry{}, + DisjunctiveLicenseSet{}, + Element{}, + ElementCollection{}, + EnergyConsumption{}, + EnergyConsumptionDescription{}, + EnergyUnitType{}, + EnergyUnitType_KilowattHour, + EnergyUnitType_Megajoule, + EnergyUnitType_Other, + EpssVulnAssessmentRelationship{}, + ExploitCatalogType{}, + ExploitCatalogType_Kev, + ExploitCatalogType_Other, + ExploitCatalogVulnAssessmentRelationship{}, + ExtendableLicense{}, + Extension{}, + ExternalIdentifier{}, + ExternalIdentifierType{}, + ExternalIdentifierType_Cpe22, + ExternalIdentifierType_Cpe23, + ExternalIdentifierType_Cve, + ExternalIdentifierType_Email, + ExternalIdentifierType_Gitoid, + ExternalIdentifierType_Other, + ExternalIdentifierType_PackageUrl, + ExternalIdentifierType_SecurityOther, + ExternalIdentifierType_Swhid, + ExternalIdentifierType_Swid, + ExternalIdentifierType_UrlScheme, + ExternalMap{}, + ExternalRef{}, + ExternalRefType{}, + ExternalRefType_AltDownloadLocation, + ExternalRefType_AltWebPage, + ExternalRefType_BinaryArtifact, + ExternalRefType_Bower, + ExternalRefType_BuildMeta, + ExternalRefType_BuildSystem, + ExternalRefType_CertificationReport, + ExternalRefType_Chat, + ExternalRefType_ComponentAnalysisReport, + ExternalRefType_Cwe, + ExternalRefType_Documentation, + ExternalRefType_DynamicAnalysisReport, + ExternalRefType_EolNotice, + ExternalRefType_ExportControlAssessment, + ExternalRefType_Funding, + ExternalRefType_IssueTracker, + ExternalRefType_License, + ExternalRefType_MailingList, + ExternalRefType_MavenCentral, + ExternalRefType_Metrics, + ExternalRefType_Npm, + ExternalRefType_Nuget, + ExternalRefType_Other, + ExternalRefType_PrivacyAssessment, + ExternalRefType_ProductMetadata, + ExternalRefType_PurchaseOrder, + ExternalRefType_QualityAssessmentReport, + ExternalRefType_ReleaseHistory, + ExternalRefType_ReleaseNotes, + ExternalRefType_RiskAssessment, + ExternalRefType_RuntimeAnalysisReport, + ExternalRefType_SecureSoftwareAttestation, + ExternalRefType_SecurityAdversaryModel, + ExternalRefType_SecurityAdvisory, + ExternalRefType_SecurityFix, + ExternalRefType_SecurityOther, + ExternalRefType_SecurityPenTestReport, + ExternalRefType_SecurityPolicy, + ExternalRefType_SecurityThreatModel, + ExternalRefType_SocialMedia, + ExternalRefType_SourceArtifact, + ExternalRefType_StaticAnalysisReport, + ExternalRefType_Support, + ExternalRefType_Vcs, + ExternalRefType_VulnerabilityDisclosureReport, + ExternalRefType_VulnerabilityExploitabilityAssessment, + File{}, + FileKindType{}, + FileKindType_Directory, + FileKindType_File, + Hash{}, + HashAlgorithm{}, + HashAlgorithm_Adler32, + HashAlgorithm_Blake2b256, + HashAlgorithm_Blake2b384, + HashAlgorithm_Blake2b512, + HashAlgorithm_Blake3, + HashAlgorithm_CrystalsDilithium, + HashAlgorithm_CrystalsKyber, + HashAlgorithm_Falcon, + HashAlgorithm_Md2, + HashAlgorithm_Md4, + HashAlgorithm_Md5, + HashAlgorithm_Md6, + HashAlgorithm_Other, + HashAlgorithm_Sha1, + HashAlgorithm_Sha224, + HashAlgorithm_Sha256, + HashAlgorithm_Sha384, + HashAlgorithm_Sha3_224, + HashAlgorithm_Sha3_256, + HashAlgorithm_Sha3_384, + HashAlgorithm_Sha3_512, + HashAlgorithm_Sha512, + IndividualElement{}, + IndividualElement_NoAssertionElement, + IndividualElement_NoneElement, + IndividualLicensingInfo{}, + IndividualLicensingInfo_NoAssertionLicense, + IndividualLicensingInfo_NoneLicense, + IntegrityMethod{}, + License{}, + LicenseAddition{}, + LicenseExpression{}, + LicenseInfo{}, + LifecycleScopeType{}, + LifecycleScopeType_Build, + LifecycleScopeType_Design, + LifecycleScopeType_Development, + LifecycleScopeType_Other, + LifecycleScopeType_Runtime, + LifecycleScopeType_Test, + LifecycleScopedRelationship{}, + ListedLicense{}, + ListedLicenseException{}, + NamespaceMap{}, + OrLaterOperator{}, + Organization{}, + Organization_SpdxOrganization, + Package{}, + PackageVerificationCode{}, + Person{}, + PositiveIntegerRange{}, + PresenceType{}, + PresenceType_No, + PresenceType_NoAssertion, + PresenceType_Yes, + ProfileIdentifierType{}, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Build, + ProfileIdentifierType_Core, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, + ProfileIdentifierType_Security, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_Software, + Relationship{}, + RelationshipCompleteness{}, + RelationshipCompleteness_Complete, + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_NoAssertion, + RelationshipType{}, + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + SafetyRiskAssessmentType{}, + SafetyRiskAssessmentType_High, + SafetyRiskAssessmentType_Low, + SafetyRiskAssessmentType_Medium, + SafetyRiskAssessmentType_Serious, + Sbom{}, + SbomType{}, + SbomType_Analyzed, + SbomType_Build, + SbomType_Deployed, + SbomType_Design, + SbomType_Runtime, + SbomType_Source, + SimpleLicensingText{}, + Snippet{}, + SoftwareAgent{}, + SoftwareArtifact{}, + SoftwarePurpose{}, + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_DiskImage, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + SpdxDocument{}, + SsvcDecisionType{}, + SsvcDecisionType_Act, + SsvcDecisionType_Attend, + SsvcDecisionType_Track, + SsvcDecisionType_TrackStar, + SsvcVulnAssessmentRelationship{}, + SupportType{}, + SupportType_Deployed, + SupportType_Development, + SupportType_EndOfSupport, + SupportType_LimitedSupport, + SupportType_NoAssertion, + SupportType_NoSupport, + SupportType_Support, + Tool{}, + VexAffectedVulnAssessmentRelationship{}, + VexFixedVulnAssessmentRelationship{}, + VexJustificationType{}, + VexJustificationType_ComponentNotPresent, + VexJustificationType_InlineMitigationsAlreadyExist, + VexJustificationType_VulnerableCodeCannotBeControlledByAdversary, + VexJustificationType_VulnerableCodeNotInExecutePath, + VexJustificationType_VulnerableCodeNotPresent, + VexNotAffectedVulnAssessmentRelationship{}, + VexUnderInvestigationVulnAssessmentRelationship{}, + VexVulnAssessmentRelationship{}, + VulnAssessmentRelationship{}, + Vulnerability{}, + WithAdditionOperator{}, + ) +} diff --git a/spdx/v3/v3_0/model_validations.go b/spdx/v3/v3_0/model_validations.go new file mode 100755 index 00000000..abd2da7c --- /dev/null +++ b/spdx/v3/v3_0/model_validations.go @@ -0,0 +1,878 @@ +// Generated by github.com/kzantow/go-ld +// +// SPDX-License-Identifier: MIT + +package v3_0 + +import "github.com/kzantow/go-ld" + +func (o *AIPackage) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Package), + ld.ValidateProperty(o, &o.UseSensitivePersonalInformation, + ld.ValidateIRI( + PresenceType_Yes, + PresenceType_No, + PresenceType_NoAssertion, + )), + ld.ValidateProperty(o, &o.AutonomyType, + ld.ValidateIRI( + PresenceType_Yes, + PresenceType_No, + PresenceType_NoAssertion, + )), + ld.ValidateProperty(o, &o.SafetyRiskAssessment, + ld.ValidateIRI( + SafetyRiskAssessmentType_Serious, + SafetyRiskAssessmentType_High, + SafetyRiskAssessmentType_Medium, + SafetyRiskAssessmentType_Low, + ))) +} + +func (o *Agent) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *Annotation) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.Subject), + ld.ValidateProperty(o, &o.ContentType, + ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), + ld.ValidateProperty(o, &o.AnnotationType, + ld.ValidateIRI( + AnnotationType_Other, + AnnotationType_Review, + ))) +} + +func (o *AnnotationType) Validate() error { + return ld.JoinErrors() +} + +func (o *Artifact) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + )))) +} + +func (o *Bom) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Bundle)) +} + +func (o *Build) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.BuildType)) +} + +func (o *Bundle) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ElementCollection)) +} + +func (o *CdxPropertiesExtension) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Extension), + ld.ValidateProperty(o, &o.CdxProperties, + ld.ValidateMinCount[CdxPropertyEntryList](1))) +} + +func (o *CdxPropertyEntry) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.CdxPropName)) +} + +func (o *ConfidentialityLevelType) Validate() error { + return ld.JoinErrors() +} + +func (o *ConjunctiveLicenseSet) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.Members, + ld.ValidateMinCount[LicenseInfoList](2))) +} + +func (o *ContentIdentifier) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.IntegrityMethod), + ld.ValidateProperty(o, &o.ContentIdentifierType, + ld.ValidateIRI( + ContentIdentifierType_Gitoid, + ContentIdentifierType_Swhid, + )), + ld.ValidateProperty(o, &o.ContentIdentifierValue)) +} + +func (o *ContentIdentifierType) Validate() error { + return ld.JoinErrors() +} + +func (o *CreationInfo) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SpecVersion, + ld.ValidateExpression("^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$")), + ld.ValidateProperty(o, &o.Created), + ld.ValidateProperty(o, &o.CreatedBy, + ld.ValidateMinCount[AgentList](1))) +} + +func (o *CustomLicense) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.License)) +} + +func (o *CustomLicenseAddition) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseAddition)) +} + +func (o *CvssSeverityType) Validate() error { + return ld.JoinErrors() +} + +func (o *CvssV2VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.VectorString), + ld.ValidateProperty(o, &o.Score)) +} + +func (o *CvssV3VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Score), + ld.ValidateProperty(o, &o.Severity, + ld.ValidateIRI( + CvssSeverityType_Critical, + CvssSeverityType_High, + CvssSeverityType_Medium, + CvssSeverityType_Low, + CvssSeverityType_None, + )), + ld.ValidateProperty(o, &o.VectorString)) +} + +func (o *CvssV4VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Severity, + ld.ValidateIRI( + CvssSeverityType_Critical, + CvssSeverityType_High, + CvssSeverityType_Medium, + CvssSeverityType_Low, + CvssSeverityType_None, + )), + ld.ValidateProperty(o, &o.VectorString), + ld.ValidateProperty(o, &o.Score)) +} + +func (o *DatasetAvailabilityType) Validate() error { + return ld.JoinErrors() +} + +func (o *DatasetPackage) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Package), + ld.ValidateProperty(o, &o.ConfidentialityLevel, + ld.ValidateIRI( + ConfidentialityLevelType_Red, + ConfidentialityLevelType_Amber, + ConfidentialityLevelType_Green, + ConfidentialityLevelType_Clear, + )), + ld.ValidateProperty(o, &o.DatasetAvailability, + ld.ValidateIRI( + DatasetAvailabilityType_Clickthrough, + DatasetAvailabilityType_DirectDownload, + DatasetAvailabilityType_Query, + DatasetAvailabilityType_Registration, + DatasetAvailabilityType_ScrapingScript, + )), + ld.ValidateProperty(o, &o.HasSensitivePersonalInformation, + ld.ValidateIRI( + PresenceType_Yes, + PresenceType_No, + PresenceType_NoAssertion, + )), + ld.ValidateProperty(o, &o.DatasetTypes, + ld.ValidateMinCount[[]DatasetType](1), + ld.ValidateAll(ld.ValidateIRI( + DatasetType_Audio, + DatasetType_Categorical, + DatasetType_Graph, + DatasetType_Image, + DatasetType_NoAssertion, + DatasetType_Numeric, + DatasetType_Other, + DatasetType_Sensor, + DatasetType_Structured, + DatasetType_Syntactic, + DatasetType_Text, + DatasetType_Timeseries, + DatasetType_Timestamp, + DatasetType_Video, + )))) +} + +func (o *DatasetType) Validate() error { + return ld.JoinErrors() +} + +func (o *DictionaryEntry) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Key)) +} + +func (o *DisjunctiveLicenseSet) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.Members, + ld.ValidateMinCount[LicenseInfoList](2))) +} + +func (o *Element) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.CreationInfo)) +} + +func (o *ElementCollection) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.ProfileConformances, + ld.ValidateAll(ld.ValidateIRI( + ProfileIdentifierType_Core, + ProfileIdentifierType_Software, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Security, + ProfileIdentifierType_Build, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, + )))) +} + +func (o *EnergyConsumption) Validate() error { + return ld.JoinErrors() +} + +func (o *EnergyConsumptionDescription) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.EnergyQuantity), + ld.ValidateProperty(o, &o.EnergyUnit, + ld.ValidateIRI( + EnergyUnitType_KilowattHour, + EnergyUnitType_Megajoule, + EnergyUnitType_Other, + ))) +} + +func (o *EnergyUnitType) Validate() error { + return ld.JoinErrors() +} + +func (o *EpssVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Probability), + ld.ValidateProperty(o, &o.Percentile)) +} + +func (o *ExploitCatalogType) Validate() error { + return ld.JoinErrors() +} + +func (o *ExploitCatalogVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Locator), + ld.ValidateProperty(o, &o.Exploited), + ld.ValidateProperty(o, &o.CatalogType, + ld.ValidateIRI( + ExploitCatalogType_Kev, + ExploitCatalogType_Other, + ))) +} + +func (o *ExtendableLicense) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo)) +} + +func (o *Extension) Validate() error { + return ld.JoinErrors() +} + +func (o *ExternalIdentifier) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Identifier), + ld.ValidateProperty(o, &o.ExternalIdentifierType, + ld.ValidateIRI( + ExternalIdentifierType_Cpe22, + ExternalIdentifierType_Cpe23, + ExternalIdentifierType_Cve, + ExternalIdentifierType_Email, + ExternalIdentifierType_Gitoid, + ExternalIdentifierType_Other, + ExternalIdentifierType_PackageUrl, + ExternalIdentifierType_SecurityOther, + ExternalIdentifierType_Swhid, + ExternalIdentifierType_Swid, + ExternalIdentifierType_UrlScheme, + ))) +} + +func (o *ExternalIdentifierType) Validate() error { + return ld.JoinErrors() +} + +func (o *ExternalMap) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ExternalSpdxId)) +} + +func (o *ExternalRef) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ContentType, + ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), + ld.ValidateProperty(o, &o.ExternalRefType, + ld.ValidateIRI( + ExternalRefType_AltDownloadLocation, + ExternalRefType_AltWebPage, + ExternalRefType_BinaryArtifact, + ExternalRefType_Bower, + ExternalRefType_BuildMeta, + ExternalRefType_BuildSystem, + ExternalRefType_Chat, + ExternalRefType_CertificationReport, + ExternalRefType_ComponentAnalysisReport, + ExternalRefType_Cwe, + ExternalRefType_Documentation, + ExternalRefType_DynamicAnalysisReport, + ExternalRefType_EolNotice, + ExternalRefType_ExportControlAssessment, + ExternalRefType_Funding, + ExternalRefType_IssueTracker, + ExternalRefType_MailingList, + ExternalRefType_MavenCentral, + ExternalRefType_Metrics, + ExternalRefType_Npm, + ExternalRefType_Nuget, + ExternalRefType_License, + ExternalRefType_Other, + ExternalRefType_PrivacyAssessment, + ExternalRefType_ProductMetadata, + ExternalRefType_PurchaseOrder, + ExternalRefType_QualityAssessmentReport, + ExternalRefType_ReleaseNotes, + ExternalRefType_ReleaseHistory, + ExternalRefType_RiskAssessment, + ExternalRefType_RuntimeAnalysisReport, + ExternalRefType_SecureSoftwareAttestation, + ExternalRefType_SecurityAdvisory, + ExternalRefType_SecurityAdversaryModel, + ExternalRefType_SecurityFix, + ExternalRefType_SecurityOther, + ExternalRefType_SecurityPenTestReport, + ExternalRefType_SecurityPolicy, + ExternalRefType_SecurityThreatModel, + ExternalRefType_SocialMedia, + ExternalRefType_SourceArtifact, + ExternalRefType_StaticAnalysisReport, + ExternalRefType_Support, + ExternalRefType_Vcs, + ExternalRefType_VulnerabilityDisclosureReport, + ExternalRefType_VulnerabilityExploitabilityAssessment, + ))) +} + +func (o *ExternalRefType) Validate() error { + return ld.JoinErrors() +} + +func (o *File) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SoftwareArtifact), + ld.ValidateProperty(o, &o.ContentType, + ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), + ld.ValidateProperty(o, &o.FileKind, + ld.ValidateIRI( + FileKindType_File, + FileKindType_Directory, + ))) +} + +func (o *FileKindType) Validate() error { + return ld.JoinErrors() +} + +func (o *Hash) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.IntegrityMethod), + ld.ValidateProperty(o, &o.HashValue), + ld.ValidateProperty(o, &o.Algorithm, + ld.ValidateIRI( + HashAlgorithm_Adler32, + HashAlgorithm_Blake2b256, + HashAlgorithm_Blake2b384, + HashAlgorithm_Blake2b512, + HashAlgorithm_Blake3, + HashAlgorithm_CrystalsDilithium, + HashAlgorithm_CrystalsKyber, + HashAlgorithm_Falcon, + HashAlgorithm_Md2, + HashAlgorithm_Md4, + HashAlgorithm_Md5, + HashAlgorithm_Md6, + HashAlgorithm_Other, + HashAlgorithm_Sha1, + HashAlgorithm_Sha224, + HashAlgorithm_Sha256, + HashAlgorithm_Sha384, + HashAlgorithm_Sha512, + HashAlgorithm_Sha3_224, + HashAlgorithm_Sha3_256, + HashAlgorithm_Sha3_384, + HashAlgorithm_Sha3_512, + ))) +} + +func (o *HashAlgorithm) Validate() error { + return ld.JoinErrors() +} + +func (o *IndividualElement) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *IndividualLicensingInfo) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo)) +} + +func (o *IntegrityMethod) Validate() error { + return ld.JoinErrors() +} + +func (o *License) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ExtendableLicense), + ld.ValidateProperty(o, &o.LicenseText)) +} + +func (o *LicenseAddition) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.AdditionText)) +} + +func (o *LicenseExpression) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.LicenseExpression), + ld.ValidateProperty(o, &o.LicenseListVersion, + ld.ValidateExpression("^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"))) +} + +func (o *LicenseInfo) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *LifecycleScopeType) Validate() error { + return ld.JoinErrors() +} + +func (o *LifecycleScopedRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Relationship), + ld.ValidateProperty(o, &o.Scope, + ld.ValidateIRI( + LifecycleScopeType_Design, + LifecycleScopeType_Development, + LifecycleScopeType_Build, + LifecycleScopeType_Test, + LifecycleScopeType_Runtime, + LifecycleScopeType_Other, + ))) +} + +func (o *ListedLicense) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.License)) +} + +func (o *ListedLicenseException) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseAddition)) +} + +func (o *NamespaceMap) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Namespace), + ld.ValidateProperty(o, &o.Prefix)) +} + +func (o *OrLaterOperator) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ExtendableLicense), + ld.ValidateProperty(o, &o.SubjectLicense)) +} + +func (o *Organization) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Agent)) +} + +func (o *Package) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SoftwareArtifact)) +} + +func (o *PackageVerificationCode) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.IntegrityMethod), + ld.ValidateProperty(o, &o.Algorithm, + ld.ValidateIRI( + HashAlgorithm_Adler32, + HashAlgorithm_Blake2b256, + HashAlgorithm_Blake2b384, + HashAlgorithm_Blake2b512, + HashAlgorithm_Blake3, + HashAlgorithm_CrystalsDilithium, + HashAlgorithm_CrystalsKyber, + HashAlgorithm_Falcon, + HashAlgorithm_Md2, + HashAlgorithm_Md4, + HashAlgorithm_Md5, + HashAlgorithm_Md6, + HashAlgorithm_Other, + HashAlgorithm_Sha1, + HashAlgorithm_Sha224, + HashAlgorithm_Sha256, + HashAlgorithm_Sha384, + HashAlgorithm_Sha512, + HashAlgorithm_Sha3_224, + HashAlgorithm_Sha3_256, + HashAlgorithm_Sha3_384, + HashAlgorithm_Sha3_512, + )), + ld.ValidateProperty(o, &o.HashValue)) +} + +func (o *Person) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Agent)) +} + +func (o *PositiveIntegerRange) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.EndIntegerRange), + ld.ValidateProperty(o, &o.BeginIntegerRange)) +} + +func (o *PresenceType) Validate() error { + return ld.JoinErrors() +} + +func (o *ProfileIdentifierType) Validate() error { + return ld.JoinErrors() +} + +func (o *Relationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.RelationshipType, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + ))) +} + +func (o *RelationshipCompleteness) Validate() error { + return ld.JoinErrors() +} + +func (o *RelationshipType) Validate() error { + return ld.JoinErrors() +} + +func (o *SafetyRiskAssessmentType) Validate() error { + return ld.JoinErrors() +} + +func (o *Sbom) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Bom), + ld.ValidateProperty(o, &o.SbomTypes, + ld.ValidateAll(ld.ValidateIRI( + SbomType_Design, + SbomType_Source, + SbomType_Build, + SbomType_Deployed, + SbomType_Runtime, + SbomType_Analyzed, + )))) +} + +func (o *SbomType) Validate() error { + return ld.JoinErrors() +} + +func (o *SimpleLicensingText) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.LicenseText)) +} + +func (o *Snippet) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SoftwareArtifact), + ld.ValidateProperty(o, &o.SnippetFromFile)) +} + +func (o *SoftwareAgent) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Agent)) +} + +func (o *SoftwareArtifact) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Artifact), + ld.ValidateProperty(o, &o.AdditionalPurposes, + ld.ValidateAll(ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))), + ld.ValidateProperty(o, &o.PrimaryPurpose, + ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))) +} + +func (o *SoftwarePurpose) Validate() error { + return ld.JoinErrors() +} + +func (o *SpdxDocument) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ElementCollection)) +} + +func (o *SsvcDecisionType) Validate() error { + return ld.JoinErrors() +} + +func (o *SsvcVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.DecisionType, + ld.ValidateIRI( + SsvcDecisionType_Act, + SsvcDecisionType_Attend, + SsvcDecisionType_Track, + SsvcDecisionType_TrackStar, + ))) +} + +func (o *SupportType) Validate() error { + return ld.JoinErrors() +} + +func (o *Tool) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *VexAffectedVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship), + ld.ValidateProperty(o, &o.ActionStatement)) +} + +func (o *VexFixedVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship)) +} + +func (o *VexJustificationType) Validate() error { + return ld.JoinErrors() +} + +func (o *VexNotAffectedVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship), + ld.ValidateProperty(o, &o.JustificationType, + ld.ValidateIRI( + VexJustificationType_ComponentNotPresent, + VexJustificationType_VulnerableCodeNotPresent, + VexJustificationType_VulnerableCodeCannotBeControlledByAdversary, + VexJustificationType_VulnerableCodeNotInExecutePath, + VexJustificationType_InlineMitigationsAlreadyExist, + ))) +} + +func (o *VexUnderInvestigationVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship)) +} + +func (o *VexVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship)) +} + +func (o *VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Relationship)) +} + +func (o *Vulnerability) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Artifact)) +} + +func (o *WithAdditionOperator) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.SubjectExtendableLicense), + ld.ValidateProperty(o, &o.SubjectAddition)) +} diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0/spdx.go index 93fb6741..bd00b7f4 100644 --- a/spdx/v3/v3_0/spdx.go +++ b/spdx/v3/v3_0/spdx.go @@ -1,8 +1,13 @@ package v3_0 import ( + "fmt" + "io" "reflect" "time" + + "github.com/davecgh/go-spew/spew" + "github.com/kzantow/go-ld" ) /* @@ -17,13 +22,19 @@ To regenerate, use something like this command: type Document struct { *SpdxDocument + LDContext ld.Context +} + +func LDContext() ld.Context { + return context() } -func NewDocument(conformance profileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { +func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { ci := &CreationInfo{ - Created: time.Now(), - CreatedBys: AgentList{createdBy}, - CreatedUsings: ToolList{createdUsing}, + SpecVersion: "3.0.1", // TODO is there a way to ascertain this version from generated code programmatically? + Created: time.Now(), + CreatedBy: AgentList{createdBy}, + CreatedUsing: ToolList{createdUsing}, } return &Document{ SpdxDocument: &SpdxDocument{ @@ -32,95 +43,91 @@ func NewDocument(conformance profileIdentifierType, name string, createdBy AnyAg Name: name, CreationInfo: ci, }, - ProfileConformances: []profileIdentifierType{conformance}, + ProfileConformances: []ProfileIdentifierType{conformance}, }, }, - //LDContext: LDContext(), + LDContext: context(), + } +} + +func (d *Document) Validate(setCreationInfo bool) error { + if setCreationInfo { + // all Elements need to have creationInfo set... + d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) } + return ld.ValidateGraph(d.SpdxDocument) } func (d *Document) Append(e ...AnyElement) { d.SpdxDocument.RootElements = append(d.SpdxDocument.RootElements, e...) - d.SpdxDocument.Elements = append(d.SpdxDocument.Elements, e...) } -func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { - iCreationInfoType := reflect.TypeOf((*AnyCreationInfo)(nil)).Elem() - ci := reflect.ValueOf(creationInfo) - _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { - if v.IsZero() { - return nil - } - t := v.Type() - if t.Kind() == reflect.Interface && v.IsNil() && t.Implements(iCreationInfoType) { - v.Set(ci) - } - return nil - }) +// ToJSON first processes the document by: +// - setting each Element's CreationInfo property to the SpdxDocument's CreationInfo if nil +// - collecting all element references to the top-level Elements slice +// +// ... and after this initial processing, outputs the document as compact JSON LD, +// including accounting for empty IDs by outputting blank node spdxId values +func (d *Document) ToJSON(writer io.Writer) error { + if d.SpdxDocument == nil { + return fmt.Errorf("no document object created") + } + + // all Elements need to have creationInfo set... + d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) + + // ensure the Elements + d.ensureAllDocumentElements() + + return d.LDContext.ToJSON(writer, d.SpdxDocument) } -func (d *Document) ensureSpdxIDs(doc *SpdxDocument, idGen idGenerator) { - iElementType := reflect.TypeOf((*AnyElement)(nil)).Elem() - _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { - if v.Type().Implements(iElementType) { - el, ok := v.Interface().(AnyElement) - if ok { - e := el.asElement() - if e != nil && e.ID == "" { - e.ID = idGen(el) - } - } +func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { + creationInfoInterfaceType := reflect.TypeOf((*AnyCreationInfo)(nil)).Elem() + ci := reflect.ValueOf(creationInfo) + _ = ld.VisitObjectGraph(doc, func(path []any, value reflect.Value) error { + t := value.Type() + if t == creationInfoInterfaceType && value.IsNil() { + value.Set(ci) } return nil }) } -type idGenerator func(e any) string - -func baseType(t reflect.Type) reflect.Type { - for t.Kind() == reflect.Ptr { - t = t.Elem() - } - return t -} - -func visitObjectGraph(visited map[reflect.Value]struct{}, v reflect.Value, visitor func(reflect.Value) error) error { - if _, ok := visited[v]; ok { - return nil - } - visited[v] = struct{}{} - if !v.IsValid() { - return nil - } - err := visitor(v) +func (d *Document) FromJSON(reader io.Reader) error { + graph, err := d.LDContext.FromJSON(reader) if err != nil { return err } - switch v.Kind() { - case reflect.Interface: - if !v.IsNil() { - return visitObjectGraph(visited, v.Elem(), visitor) - } - case reflect.Pointer: - if v.IsNil() { + for _, e := range graph { + if doc, ok := e.(*SpdxDocument); ok { + d.SpdxDocument = doc return nil } - return visitObjectGraph(visited, v.Elem(), visitor) - case reflect.Struct: - for i := 0; i < v.NumField(); i++ { - err = visitObjectGraph(visited, v.Field(i), visitor) - if err != nil { - return err - } + } + return fmt.Errorf("no SPDX document found") +} + +func (d *Document) ensureAllDocumentElements() { + all := map[reflect.Value]struct{}{} + for _, e := range d.Elements { + v := reflect.ValueOf(e) + if v.Kind() != reflect.Pointer { + panic("non-pointer type in elements: %v" + spew.Sdump(v)) } - case reflect.Slice: - for i := 0; i < v.Len(); i++ { - err = visitObjectGraph(visited, v.Index(i), visitor) - if err != nil { - return err + all[v] = struct{}{} + } + all[reflect.ValueOf(d.SpdxDocument)] = struct{}{} + _ = ld.VisitObjectGraph(d.SpdxDocument, func(path []any, value reflect.Value) error { + if value.Kind() == reflect.Pointer { + if _, ok := all[value]; ok { + return nil + } + if e, ok := value.Interface().(AnyElement); ok { + all[value] = struct{}{} + d.Elements = append(d.Elements, e) } } - default: - } - return nil + return nil + }) } diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0/spdx_test.go index 0f9e70c1..9be0eeb7 100644 --- a/spdx/v3/v3_0/spdx_test.go +++ b/spdx/v3/v3_0/spdx_test.go @@ -1,11 +1,217 @@ package v3_0_test import ( + "bytes" + "fmt" + "os" + "reflect" + "strings" "testing" + "time" + + "github.com/google/go-cmp/cmp" + "github.com/kzantow/go-ld" + "github.com/pmezard/go-difflib/difflib" + "github.com/stretchr/testify/require" spdx "github.com/spdx/tools-golang/spdx/v3/v3_0" ) +func Test_validateMinList(t *testing.T) { + a := &spdx.Person{} + a.Name = "me" + e := &spdx.CreationInfo{ + SpecVersion: "3.0.1", + Created: time.Now(), + CreatedUsing: nil, + Comment: "", + CreatedBy: spdx.AgentList{}, + } + err := e.Validate() + require.Error(t, err) + require.Contains(t, err.Error(), "must have") +} + +func Test_writer(t *testing.T) { + d := newTestDocument() + pkg1 := &spdx.Package{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "the pkg 2", + }}}} + file1 := &spdx.File{ + SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "a file", + }}}, + ContentType: "text", // validation error + FileKind: spdx.FileKindType{}, + } + d.Append( + &spdx.Sbom{Bom: spdx.Bom{Bundle: spdx.Bundle{ElementCollection: spdx.ElementCollection{ + Element: spdx.Element{ + Name: "My Bom", + }, + Elements: spdx.ElementList{}, + }}}, + SbomTypes: nil, + }, + file1, + pkg1, + &spdx.Package{ + SoftwareArtifact: spdx.SoftwareArtifact{ + Artifact: spdx.Artifact{ + Element: spdx.Element{ + ID: "some ID!", + Name: "some name", + Description: "descr", + ExternalIdentifiers: spdx.ExternalIdentifierList{ + &spdx.ExternalIdentifier{ + IdentifierLocators: []ld.URI{ + "locator1", + "locator2", + }, + Identifier: "CVE-2024-1234", + ExternalIdentifierType: spdx.ExternalIdentifierType_Cve, + }, + }, + ExternalRefs: nil, + Summary: "", + VerifiedUsings: nil, + }, + StandardNames: []string{ + "standard-name1", + "standard-name2", + }, + ReleaseTime: time.Now(), + }, + AdditionalPurposes: []spdx.SoftwarePurpose{ + spdx.SoftwarePurpose_Container, + spdx.SoftwarePurpose_Library, + }, + PrimaryPurpose: spdx.SoftwarePurpose_Application, + CopyrightText: "", + }, + }, + ) + + // many validation issues + err := d.Validate(false) + require.Error(t, err) + require.Contains(t, err.Error(), "CreationInfo") + + err = d.Validate(true) + require.Error(t, err) + require.NotContains(t, err.Error(), "CreationInfo") + + // fix validation issue + file1.ContentType = "text/plain" + err = d.Validate(false) // already use creationInfo + require.NoError(t, err) + + buf := bytes.Buffer{} + err = d.ToJSON(&buf) + require.NoError(t, err) + fmt.Printf("%#v\n", buf.String()) + + d2 := newTestDocument() + err = d2.FromJSON(&buf) + require.NoError(t, err) + // these would (correctly) cause a failure, to validate unexported and time fields are being properly checked: + //d2.RootElements.Packages().Views()[1].PrimaryPurpose = spdx.SoftwarePurpose_Archive + //_ = spdx.As(d2.CreationInfo, func(info *spdx.CreationInfo) error { + // info.Created = info.Created.Add(time.Hour) + // return nil + //}) + diff := cmp.Diff(d.SpdxDocument, d2.SpdxDocument, testOpts...) + if diff != "" { + t.Fatal(diff) + } +} + +var testOpts = []cmp.Option{ + cmp.Transformer("truncate_time.Time", func(t time.Time) time.Time { + return t.Truncate(time.Second) + }), + // export and compare unexported fields + cmp.Exporter(func(r reflect.Type) bool { + return true + }), +} + +func Test_reader(t *testing.T) { + f, err := os.Open("test.json") + require.NoError(t, err) + d := newTestDocument() + err = d.FromJSON(f) + require.NoError(t, err) + fmt.Printf("%#v\n", d) + + require.Equal(t, d.Elements.Files().Len(), 1) + for _, fi := range d.Elements.Files() { + if fi.PrimaryPurpose == spdx.SoftwarePurpose_Executable { + println("Got Executable File ID: " + fi.ID) + } + } + + // the example is incorrect, it doesn't include the package in the element root + pkgs := d.Elements.Packages().Views() + //require.Len(t, pkgs, 1) + //require.NotEqual(t, time.Time{}, pkgs[0].BuiltTime) + require.Empty(t, pkgs) // FIXME this shouldn't be true, but the example is wrong + + rels := d.Elements.Relationships().Views() + require.Len(t, rels, 1) + + if p, ok := rels[0].From.(*spdx.Package); ok { + require.NotEqual(t, time.Time{}, p.BuiltTime) + } + // this is the only reference to the package I see: + _ = spdx.As(rels[0].From, func(p *spdx.Package) error { + require.NotEqual(t, time.Time{}, p.BuiltTime) + return nil + }) +} + +func Test_readerExpanded(t *testing.T) { + f, err := os.Open("test.expanded.json") + require.NoError(t, err) + d := newTestDocument() + err = d.FromJSON(f) + require.NoError(t, err) + fmt.Printf("%#v\n", d) + for _, fi := range d.Elements.Files() { + println("File ID: " + fi.ID) + } + + pkgs := d.Elements.Packages().Views() + require.Len(t, pkgs, 1) + require.NotEqual(t, time.Time{}, pkgs[0].BuiltTime) +} + +func Test_reader2(t *testing.T) { + contents := ` + { + "@context": "https://spdx.org/rdf/3.0.1/spdx-context.jsonld", + "@graph": [ + { "spdxId": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization" }, + { "spdxId": "SpdxOrganization" }, +{ + "type": "CreationInfo", + "@id": "_:creationinfo", + "createdBy": [ + "http://spdx.example.com/Agent/JoshuaWatt" + ], + "specVersion": "3.0.1", + "created": "2024-03-06T00:00:00Z" + } + ] +} + ` + graph, err := spdx.LDContext().FromJSON(strings.NewReader(contents)) + require.NoError(t, err) + for _, fi := range graph { + println("Elem" + fmt.Sprintf("%#v", fi)) + } +} + func Test_exportImportExport(t *testing.T) { // create a document doc := spdx.NewDocument( @@ -26,23 +232,23 @@ func Test_exportImportExport(t *testing.T) { Name: "not-tools-golang", }}) - sbom := &spdx.SoftwareSbom{} + sbom := &spdx.Sbom{} doc.RootElements = append(doc.RootElements, sbom) // create a package - pkg1 := &spdx.SoftwarePackage{ - SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + pkg1 := &spdx.Package{ + SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ Name: "some-package-1", }}}, - SoftwarePackageVersion: "1.2.3", + PackageVersion: "1.2.3", } // create another package - pkg2 := &spdx.AiAIPackage{} + pkg2 := &spdx.AIPackage{} pkg2.Name = "some-package-2" - pkg2.SoftwarePackageVersion = "2.4.5" + pkg2.PackageVersion = "2.4.5" // add the packages to the sbom @@ -50,7 +256,7 @@ func Test_exportImportExport(t *testing.T) { // add a file - file1 := &spdx.SoftwareFile{SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + file1 := &spdx.File{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ Name: "/bin/bash", }}}} sbom.RootElements = append(sbom.RootElements, file1) @@ -60,7 +266,7 @@ func Test_exportImportExport(t *testing.T) { sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ From: file1, RelationshipType: spdx.RelationshipType_Contains, - Tos: spdx.ElementList{ + To: spdx.ElementList{ pkg1, pkg2, }, @@ -69,22 +275,65 @@ func Test_exportImportExport(t *testing.T) { sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ From: pkg1, RelationshipType: spdx.RelationshipType_DependsOn, - Tos: spdx.ElementList{ + To: spdx.ElementList{ pkg2, }, }) + // serialize + + buf := bytes.Buffer{} + err := doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + + json1 := buf.String() + fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + + // deserialize to a new document + + newDoc := newTestDocument() + err = newDoc.FromJSON(strings.NewReader(json1)) + if err != nil { + t.Error(err) + } + + // re-serialize + + buf.Reset() + err = newDoc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + json2 := buf.String() + fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + + // compare original to parsed and re-encoded + + diff := difflib.UnifiedDiff{ + A: difflib.SplitLines(json1), + B: difflib.SplitLines(json2), + FromFile: "Original", + ToFile: "Current", + Context: 3, + } + text, _ := difflib.GetUnifiedDiffString(diff) + if text != "" { + t.Errorf(text) + } + // some basic usage: - var pkgs []*spdx.SoftwarePackage - for _, sbom := range doc.RootElements.SoftwareSbomIter() { - for _, rel := range sbom.RootElements.RelationshipIter() { + var pkgs []*spdx.Package + for _, sbom := range doc.RootElements.Sboms() { + for _, rel := range sbom.RootElements.Relationships() { if rel.RelationshipType != spdx.RelationshipType_Contains { continue } - _ = spdx.As(rel.From, func(f *spdx.SoftwareFile) any { + _ = spdx.As(rel.From, func(f *spdx.File) any { if f.Name == "/bin/bash" { - for _, pkg := range rel.Tos.SoftwarePackageIter() { + for _, pkg := range rel.To.Packages() { pkgs = append(pkgs, pkg) } } @@ -98,8 +347,85 @@ func Test_exportImportExport(t *testing.T) { } } +func Test_aiProfile(t *testing.T) { + doc := spdx.NewDocument(spdx.ProfileIdentifierType_Ai, "", &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{ + Name: "tools-golang", + Summary: "a summary", + }}}, nil) + + aiPkg := &spdx.AIPackage{ + Package: spdx.Package{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "some ai package", + }}}}, + EnergyConsumption: &spdx.EnergyConsumption{ + FinetuningEnergyConsumptions: spdx.EnergyConsumptionDescriptionList{ + &spdx.EnergyConsumptionDescription{ + EnergyQuantity: 1.2, + EnergyUnit: spdx.EnergyUnitType_KilowattHour, + }, + }, + TrainingEnergyConsumptions: spdx.EnergyConsumptionDescriptionList{ + &spdx.EnergyConsumptionDescription{ + EnergyQuantity: 5032402, + EnergyUnit: spdx.EnergyUnitType_KilowattHour, + }, + }, + }, + TypeOfModels: []string{ + "Llama 3 8B", + }, + } + + doc.RootElements = append(doc.RootElements, aiPkg) + + // serialize + + buf := bytes.Buffer{} + err := doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + + json1 := buf.String() + fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + + // deserialize to a new document + + doc = newTestDocument() + //doc.RootElements.Append(&spdx.Agent{}) + err = doc.FromJSON(strings.NewReader(json1)) + if err != nil { + t.Error(err) + } + + // re-serialize + + buf.Reset() + err = doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + json2 := buf.String() + fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + + // compare original to parsed and re-encoded + + diff := difflib.UnifiedDiff{ + A: difflib.SplitLines(json1), + B: difflib.SplitLines(json2), + FromFile: "Original", + ToFile: "Current", + Context: 3, + } + text, _ := difflib.GetUnifiedDiffString(diff) + if text != "" { + t.Errorf(text) + } +} + func newTestDocument() *spdx.Document { - return spdx.NewDocument(spdx.ProfileIdentifierType_Lite, "test document", + //return spdx.NewDocument(spdx.ProfileIdentifierType_Lite, "test document", + return spdx.NewDocument(spdx.ProfileIdentifierType_Software, "test document", &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{Name: "tools-golang-tests-agent", Summary: "a summary"}}}, &spdx.Tool{Element: spdx.Element{Name: "tools-golang-tests-tool"}}) } diff --git a/spdx/v3/v3_0/util.go b/spdx/v3/v3_0/util.go deleted file mode 100644 index 2b75336f..00000000 --- a/spdx/v3/v3_0/util.go +++ /dev/null @@ -1,38 +0,0 @@ -// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT -// -// SPDX-License-Identifier: 0BSD - -package v3_0 - -import ( - "iter" -) - -func typeIter[T any, E any](values []E, cast func(any) *T) iter.Seq2[E, *T] { - if values == nil { - return func(yield func(E, *T) bool) {} - } - return func(yield func(E, *T) bool) { - for _, value := range values { - v := cast(value) - if v != nil { - if !yield(value, v) { - return - } - } - } - } -} - -func remove[T comparable, E ~[]T](slice *E, value T) { - if slice == nil { - return - } - s := *slice - for i := 0; i < len(*slice); i++ { - if s[i] == value { - *slice = append(s[0:i], s[:i+1]...) - i-- - } - } -} diff --git a/spdx/v3/v3_0/validator.go b/spdx/v3/v3_0/validator.go deleted file mode 100644 index 05ea49ed..00000000 --- a/spdx/v3/v3_0/validator.go +++ /dev/null @@ -1,1846 +0,0 @@ -// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT -// -// SPDX-License-Identifier: 0BSD - -package v3_0 - -import ( - "fmt" - "slices" - "strconv" - "strings" -) - -type ValidationError struct { - Path []string - Err error -} - -func (v ValidationError) String() string { - return strings.Join(v.Path, ".") + ": " + v.Err.Error() -} - -func (v ValidationError) Error() string { - return v.String() -} - -func newValidationError(path []string, err error) ValidationError { - return ValidationError{ - Path: path, - Err: err, - } -} - -type validator interface { - Validate(visited map[any]struct{}, path ...string) []ValidationError -} - -func validateInValues(path []string, value string, valid ...string) []ValidationError { - if slices.Contains(valid, value) { - return nil - } - return []ValidationError{newValidationError(path, fmt.Errorf("invalid value: '%v', expected: %v", value, valid))} -} - -func (o *AiEnergyConsumption) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - for i, v := range o.AiFinetuningEnergyConsumptions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiFinetuningEnergyConsumptions", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.AiInferenceEnergyConsumptions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiInferenceEnergyConsumptions", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.AiTrainingEnergyConsumptions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiTrainingEnergyConsumptions", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *AiEnergyConsumptionDescription) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - if o.AiEnergyUnit.ID == "" { - errs = append(errs, newValidationError(append(path, "AiEnergyUnit"), fmt.Errorf("required"))) - } - errs = append(errs, o.AiEnergyUnit.Validate(visited, append(path, "AiEnergyUnit")...)...) - - return errs -} - -func (o *AiEnergyUnitType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, AiEnergyUnitType_KilowattHour.ID, AiEnergyUnitType_Megajoule.ID, AiEnergyUnitType_Other.ID)...) - - return errs -} - -func (o *AiSafetyRiskAssessmentType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, AiSafetyRiskAssessmentType_High.ID, AiSafetyRiskAssessmentType_Low.ID, AiSafetyRiskAssessmentType_Medium.ID, AiSafetyRiskAssessmentType_Serious.ID)...) - - return errs -} - -func (o *AnnotationType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, AnnotationType_Other.ID, AnnotationType_Review.ID)...) - - return errs -} - -func (o *CreationInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.CreatedBys { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "CreatedBys", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.CreatedUsings { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "CreatedUsings", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - return errs -} - -func (o *DictionaryEntry) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *Element) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - if v, ok := o.CreationInfo.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "CreationInfo")...)...) - } - - // TODO: check for required - - for i, v := range o.Extensions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Extensions", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.ExternalIdentifiers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExternalIdentifiers", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.ExternalRefs { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExternalRefs", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.VerifiedUsings { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "VerifiedUsings", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ElementCollection) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - for i, v := range o.Elements { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Elements", strconv.Itoa(i))...)...) - } - } - - for _, v := range o.ProfileConformances { - errs = append(errs, v.Validate(visited, append(path, "ProfileConformances")...)...) - } - - for i, v := range o.RootElements { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "RootElements", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExternalIdentifier) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - if o.ExternalIdentifierType.ID == "" { - errs = append(errs, newValidationError(append(path, "ExternalIdentifierType"), fmt.Errorf("required"))) - } - errs = append(errs, o.ExternalIdentifierType.Validate(visited, append(path, "ExternalIdentifierType")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - // TODO: check for required - return errs -} - -func (o *ExternalIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, ExternalIdentifierType_Cpe22.ID, ExternalIdentifierType_Cpe23.ID, ExternalIdentifierType_Cve.ID, ExternalIdentifierType_Email.ID, ExternalIdentifierType_Gitoid.ID, ExternalIdentifierType_Other.ID, ExternalIdentifierType_PackageUrl.ID, ExternalIdentifierType_SecurityOther.ID, ExternalIdentifierType_Swhid.ID, ExternalIdentifierType_Swid.ID, ExternalIdentifierType_UrlScheme.ID)...) - - return errs -} - -func (o *ExternalMap) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - if v, ok := o.DefiningArtifact.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "DefiningArtifact")...)...) - } - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.VerifiedUsings { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "VerifiedUsings", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExternalRef) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - - errs = append(errs, o.ExternalRefType.Validate(visited, append(path, "ExternalRefType")...)...) - - // TODO: check for required/min/max/etc. - - return errs -} - -func (o *ExternalRefType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, ExternalRefType_AltDownloadLocation.ID, ExternalRefType_AltWebPage.ID, ExternalRefType_BinaryArtifact.ID, ExternalRefType_Bower.ID, ExternalRefType_BuildMeta.ID, ExternalRefType_BuildSystem.ID, ExternalRefType_CertificationReport.ID, ExternalRefType_Chat.ID, ExternalRefType_ComponentAnalysisReport.ID, ExternalRefType_Cwe.ID, ExternalRefType_Documentation.ID, ExternalRefType_DynamicAnalysisReport.ID, ExternalRefType_EolNotice.ID, ExternalRefType_ExportControlAssessment.ID, ExternalRefType_Funding.ID, ExternalRefType_IssueTracker.ID, ExternalRefType_License.ID, ExternalRefType_MailingList.ID, ExternalRefType_MavenCentral.ID, ExternalRefType_Metrics.ID, ExternalRefType_Npm.ID, ExternalRefType_Nuget.ID, ExternalRefType_Other.ID, ExternalRefType_PrivacyAssessment.ID, ExternalRefType_ProductMetadata.ID, ExternalRefType_PurchaseOrder.ID, ExternalRefType_QualityAssessmentReport.ID, ExternalRefType_ReleaseHistory.ID, ExternalRefType_ReleaseNotes.ID, ExternalRefType_RiskAssessment.ID, ExternalRefType_RuntimeAnalysisReport.ID, ExternalRefType_SecureSoftwareAttestation.ID, ExternalRefType_SecurityAdversaryModel.ID, ExternalRefType_SecurityAdvisory.ID, ExternalRefType_SecurityFix.ID, ExternalRefType_SecurityOther.ID, ExternalRefType_SecurityPenTestReport.ID, ExternalRefType_SecurityPolicy.ID, ExternalRefType_SecurityThreatModel.ID, ExternalRefType_SocialMedia.ID, ExternalRefType_SourceArtifact.ID, ExternalRefType_StaticAnalysisReport.ID, ExternalRefType_Support.ID, ExternalRefType_Vcs.ID, ExternalRefType_VulnerabilityDisclosureReport.ID, ExternalRefType_VulnerabilityExploitabilityAssessment.ID)...) - - return errs -} - -func (o *HashAlgorithm) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, HashAlgorithm_Adler32.ID, HashAlgorithm_Blake2b256.ID, HashAlgorithm_Blake2b384.ID, HashAlgorithm_Blake2b512.ID, HashAlgorithm_Blake3.ID, HashAlgorithm_CrystalsDilithium.ID, HashAlgorithm_CrystalsKyber.ID, HashAlgorithm_Falcon.ID, HashAlgorithm_Md2.ID, HashAlgorithm_Md4.ID, HashAlgorithm_Md5.ID, HashAlgorithm_Md6.ID, HashAlgorithm_Other.ID, HashAlgorithm_Sha1.ID, HashAlgorithm_Sha224.ID, HashAlgorithm_Sha256.ID, HashAlgorithm_Sha384.ID, HashAlgorithm_Sha3224.ID, HashAlgorithm_Sha3256.ID, HashAlgorithm_Sha3384.ID, HashAlgorithm_Sha3512.ID, HashAlgorithm_Sha512.ID)...) - - return errs -} - -func (o *IndividualElement) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - errs = append(errs, validateInValues(path, o.ID, IndividualElement_NoAssertionElement.ID, IndividualElement_NoneElement.ID)...) - - return errs -} - -func (o *IntegrityMethod) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - return errs -} - -func (o *LifecycleScopeType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, LifecycleScopeType_Build.ID, LifecycleScopeType_Design.ID, LifecycleScopeType_Development.ID, LifecycleScopeType_Other.ID, LifecycleScopeType_Runtime.ID, LifecycleScopeType_Test.ID)...) - - return errs -} - -func (o *NamespaceMap) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *PackageVerificationCode) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) - - if o.Algorithm.ID == "" { - errs = append(errs, newValidationError(append(path, "Algorithm"), fmt.Errorf("required"))) - } - errs = append(errs, o.Algorithm.Validate(visited, append(path, "Algorithm")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - return errs -} - -func (o *PositiveIntegerRange) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *PresenceType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, PresenceType_No.ID, PresenceType_NoAssertion.ID, PresenceType_Yes.ID)...) - - return errs -} - -func (o *ProfileIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, ProfileIdentifierType_Ai.ID, ProfileIdentifierType_Build.ID, ProfileIdentifierType_Core.ID, ProfileIdentifierType_Dataset.ID, ProfileIdentifierType_ExpandedLicensing.ID, ProfileIdentifierType_Extension.ID, ProfileIdentifierType_Lite.ID, ProfileIdentifierType_Security.ID, ProfileIdentifierType_SimpleLicensing.ID, ProfileIdentifierType_Software.ID)...) - - return errs -} - -func (o *Relationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - errs = append(errs, o.Completeness.Validate(visited, append(path, "Completeness")...)...) - - // TODO: check for required - - if v, ok := o.From.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "From")...)...) - } - - if o.RelationshipType.ID == "" { - errs = append(errs, newValidationError(append(path, "RelationshipType"), fmt.Errorf("required"))) - } - errs = append(errs, o.RelationshipType.Validate(visited, append(path, "RelationshipType")...)...) - - // TODO: check for required - - for i, v := range o.Tos { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Tos", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *RelationshipCompleteness) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, RelationshipCompleteness_Complete.ID, RelationshipCompleteness_Incomplete.ID, RelationshipCompleteness_NoAssertion.ID)...) - - return errs -} - -func (o *RelationshipType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, RelationshipType_Affects.ID, RelationshipType_AmendedBy.ID, RelationshipType_AncestorOf.ID, RelationshipType_AvailableFrom.ID, RelationshipType_Configures.ID, RelationshipType_Contains.ID, RelationshipType_CoordinatedBy.ID, RelationshipType_CopiedTo.ID, RelationshipType_DelegatedTo.ID, RelationshipType_DependsOn.ID, RelationshipType_DescendantOf.ID, RelationshipType_Describes.ID, RelationshipType_DoesNotAffect.ID, RelationshipType_ExpandsTo.ID, RelationshipType_ExploitCreatedBy.ID, RelationshipType_FixedBy.ID, RelationshipType_FixedIn.ID, RelationshipType_FoundBy.ID, RelationshipType_Generates.ID, RelationshipType_HasAddedFile.ID, RelationshipType_HasAssessmentFor.ID, RelationshipType_HasAssociatedVulnerability.ID, RelationshipType_HasConcludedLicense.ID, RelationshipType_HasDataFile.ID, RelationshipType_HasDeclaredLicense.ID, RelationshipType_HasDeletedFile.ID, RelationshipType_HasDependencyManifest.ID, RelationshipType_HasDistributionArtifact.ID, RelationshipType_HasDocumentation.ID, RelationshipType_HasDynamicLink.ID, RelationshipType_HasEvidence.ID, RelationshipType_HasExample.ID, RelationshipType_HasHost.ID, RelationshipType_HasInput.ID, RelationshipType_HasMetadata.ID, RelationshipType_HasOptionalComponent.ID, RelationshipType_HasOptionalDependency.ID, RelationshipType_HasOutput.ID, RelationshipType_HasPrerequisite.ID, RelationshipType_HasProvidedDependency.ID, RelationshipType_HasRequirement.ID, RelationshipType_HasSpecification.ID, RelationshipType_HasStaticLink.ID, RelationshipType_HasTest.ID, RelationshipType_HasTestCase.ID, RelationshipType_HasVariant.ID, RelationshipType_InvokedBy.ID, RelationshipType_ModifiedBy.ID, RelationshipType_Other.ID, RelationshipType_PackagedBy.ID, RelationshipType_PatchedBy.ID, RelationshipType_PublishedBy.ID, RelationshipType_ReportedBy.ID, RelationshipType_RepublishedBy.ID, RelationshipType_SerializedInArtifact.ID, RelationshipType_TestedOn.ID, RelationshipType_TrainedOn.ID, RelationshipType_UnderInvestigationFor.ID, RelationshipType_UsesTool.ID)...) - - return errs -} - -func (o *SpdxDocument) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ElementCollection.Validate(visited, path...)...) - - if v, ok := o.DataLicense.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "DataLicense")...)...) - } - - for i, v := range o.Imports { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Imports", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.NamespaceMaps { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "NamespaceMaps", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *SupportType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SupportType_Deployed.ID, SupportType_Development.ID, SupportType_EndOfSupport.ID, SupportType_LimitedSupport.ID, SupportType_NoAssertion.ID, SupportType_NoSupport.ID, SupportType_Support.ID)...) - - return errs -} - -func (o *Tool) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - return errs -} - -func (o *DatasetConfidentialityLevelType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, DatasetConfidentialityLevelType_Amber.ID, DatasetConfidentialityLevelType_Clear.ID, DatasetConfidentialityLevelType_Green.ID, DatasetConfidentialityLevelType_Red.ID)...) - - return errs -} - -func (o *DatasetDatasetAvailabilityType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, DatasetDatasetAvailabilityType_Clickthrough.ID, DatasetDatasetAvailabilityType_DirectDownload.ID, DatasetDatasetAvailabilityType_Query.ID, DatasetDatasetAvailabilityType_Registration.ID, DatasetDatasetAvailabilityType_ScrapingScript.ID)...) - - return errs -} - -func (o *DatasetDatasetType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, DatasetDatasetType_Audio.ID, DatasetDatasetType_Categorical.ID, DatasetDatasetType_Graph.ID, DatasetDatasetType_Image.ID, DatasetDatasetType_NoAssertion.ID, DatasetDatasetType_Numeric.ID, DatasetDatasetType_Other.ID, DatasetDatasetType_Sensor.ID, DatasetDatasetType_Structured.ID, DatasetDatasetType_Syntactic.ID, DatasetDatasetType_Text.ID, DatasetDatasetType_Timeseries.ID, DatasetDatasetType_Timestamp.ID, DatasetDatasetType_Video.ID)...) - - return errs -} - -func (o *ExpandedlicensingLicenseAddition) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - // TODO: check for required - return errs -} - -func (o *ExpandedlicensingListedLicenseException) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicenseAddition.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExtensionCdxPropertyEntry) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExtensionExtension) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - return errs -} - -func (o *SecurityCvssSeverityType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecurityCvssSeverityType_Critical.ID, SecurityCvssSeverityType_High.ID, SecurityCvssSeverityType_Low.ID, SecurityCvssSeverityType_Medium.ID, SecurityCvssSeverityType_None.ID)...) - - return errs -} - -func (o *SecurityExploitCatalogType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecurityExploitCatalogType_Kev.ID, SecurityExploitCatalogType_Other.ID)...) - - return errs -} - -func (o *SecuritySsvcDecisionType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecuritySsvcDecisionType_Act.ID, SecuritySsvcDecisionType_Attend.ID, SecuritySsvcDecisionType_Track.ID, SecuritySsvcDecisionType_TrackStar.ID)...) - - return errs -} - -func (o *SecurityVexJustificationType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecurityVexJustificationType_ComponentNotPresent.ID, SecurityVexJustificationType_InlineMitigationsAlreadyExist.ID, SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary.ID, SecurityVexJustificationType_VulnerableCodeNotInExecutePath.ID, SecurityVexJustificationType_VulnerableCodeNotPresent.ID)...) - - return errs -} - -func (o *SecurityVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Relationship.Validate(visited, path...)...) - - if v, ok := o.SuppliedBy.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SuppliedBy")...)...) - } - - if v, ok := o.SecurityAssessedElement.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SecurityAssessedElement")...)...) - } - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SimplelicensingAnyLicenseInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - return errs -} - -func (o *SimplelicensingLicenseExpression) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - for i, v := range o.SimplelicensingCustomIdToUris { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SimplelicensingCustomIdToUris", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SimplelicensingSimpleLicensingText) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - return errs -} - -func (o *SoftwareContentIdentifier) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) - - if o.SoftwareContentIdentifierType.ID == "" { - errs = append(errs, newValidationError(append(path, "SoftwareContentIdentifierType"), fmt.Errorf("required"))) - } - errs = append(errs, o.SoftwareContentIdentifierType.Validate(visited, append(path, "SoftwareContentIdentifierType")...)...) - - // TODO: check for required - return errs -} - -func (o *SoftwareContentIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareContentIdentifierType_Gitoid.ID, SoftwareContentIdentifierType_Swhid.ID)...) - - return errs -} - -func (o *SoftwareFileKindType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareFileKindType_Directory.ID, SoftwareFileKindType_File.ID)...) - - return errs -} - -func (o *SoftwareSbomType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareSbomType_Analyzed.ID, SoftwareSbomType_Build.ID, SoftwareSbomType_Deployed.ID, SoftwareSbomType_Design.ID, SoftwareSbomType_Runtime.ID, SoftwareSbomType_Source.ID)...) - - return errs -} - -func (o *SoftwareSoftwarePurpose) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareSoftwarePurpose_Application.ID, SoftwareSoftwarePurpose_Archive.ID, SoftwareSoftwarePurpose_Bom.ID, SoftwareSoftwarePurpose_Configuration.ID, SoftwareSoftwarePurpose_Container.ID, SoftwareSoftwarePurpose_Data.ID, SoftwareSoftwarePurpose_Device.ID, SoftwareSoftwarePurpose_DeviceDriver.ID, SoftwareSoftwarePurpose_DiskImage.ID, SoftwareSoftwarePurpose_Documentation.ID, SoftwareSoftwarePurpose_Evidence.ID, SoftwareSoftwarePurpose_Executable.ID, SoftwareSoftwarePurpose_File.ID, SoftwareSoftwarePurpose_FilesystemImage.ID, SoftwareSoftwarePurpose_Firmware.ID, SoftwareSoftwarePurpose_Framework.ID, SoftwareSoftwarePurpose_Install.ID, SoftwareSoftwarePurpose_Library.ID, SoftwareSoftwarePurpose_Manifest.ID, SoftwareSoftwarePurpose_Model.ID, SoftwareSoftwarePurpose_Module.ID, SoftwareSoftwarePurpose_OperatingSystem.ID, SoftwareSoftwarePurpose_Other.ID, SoftwareSoftwarePurpose_Patch.ID, SoftwareSoftwarePurpose_Platform.ID, SoftwareSoftwarePurpose_Requirement.ID, SoftwareSoftwarePurpose_Source.ID, SoftwareSoftwarePurpose_Specification.ID, SoftwareSoftwarePurpose_Test.ID)...) - - return errs -} - -func (o *BuildBuild) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.BuildConfigSourceDigests { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "BuildConfigSourceDigests", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required/min/max/etc. - - // TODO: check for required/min/max/etc. - - for i, v := range o.BuildEnvironments { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "BuildEnvironments", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.BuildParameters { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "BuildParameters", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *Agent) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - return errs -} - -func (o *Annotation) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - if o.AnnotationType.ID == "" { - errs = append(errs, newValidationError(append(path, "AnnotationType"), fmt.Errorf("required"))) - } - errs = append(errs, o.AnnotationType.Validate(visited, append(path, "AnnotationType")...)...) - - // TODO: check for required - - // TODO: check for required - - if v, ok := o.Subject.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Subject")...)...) - } - - return errs -} - -func (o *Artifact) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - - for i, v := range o.OriginatedBys { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "OriginatedBys", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - if v, ok := o.SuppliedBy.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SuppliedBy")...)...) - } - - for _, v := range o.SupportLevels { - errs = append(errs, v.Validate(visited, append(path, "SupportLevels")...)...) - } - - // TODO: check for required - return errs -} - -func (o *Bundle) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ElementCollection.Validate(visited, path...)...) - - // TODO: check for required - return errs -} - -func (o *Hash) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) - - if o.Algorithm.ID == "" { - errs = append(errs, newValidationError(append(path, "Algorithm"), fmt.Errorf("required"))) - } - errs = append(errs, o.Algorithm.Validate(visited, append(path, "Algorithm")...)...) - - // TODO: check for required - return errs -} - -func (o *LifecycleScopedRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Relationship.Validate(visited, path...)...) - - errs = append(errs, o.Scope.Validate(visited, append(path, "Scope")...)...) - - return errs -} - -func (o *Organization) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Agent.Validate(visited, path...)...) - - return errs -} - -func (o *Person) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Agent.Validate(visited, path...)...) - - return errs -} - -func (o *SoftwareAgent) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Agent.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingConjunctiveLicenseSet) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - for i, v := range o.ExpandedlicensingMembers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingMembers", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExpandedlicensingCustomLicenseAddition) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicenseAddition.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingDisjunctiveLicenseSet) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - for i, v := range o.ExpandedlicensingMembers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingMembers", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExpandedlicensingExtendableLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingIndividualLicensingInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - errs = append(errs, validateInValues(path, o.ID, ExpandedlicensingIndividualLicensingInfo_NoAssertionLicense.ID, ExpandedlicensingIndividualLicensingInfo_NoneLicense.ID)...) - - return errs -} - -func (o *ExpandedlicensingLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingExtendableLicense.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExpandedlicensingListedLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicense.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExpandedlicensingOrLaterOperator) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingExtendableLicense.Validate(visited, path...)...) - - if v, ok := o.ExpandedlicensingSubjectLicense.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectLicense")...)...) - } - - return errs -} - -func (o *ExpandedlicensingWithAdditionOperator) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - if v, ok := o.ExpandedlicensingSubjectAddition.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectAddition")...)...) - } - - if v, ok := o.ExpandedlicensingSubjectExtendableLicense.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectExtendableLicense")...)...) - } - - return errs -} - -func (o *ExtensionCdxPropertiesExtension) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExtensionExtension.Validate(visited, path...)...) - - for i, v := range o.ExtensionCdxPropertys { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExtensionCdxPropertys", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *SecurityCvssV2VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityCvssV3VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - if o.SecuritySeverity.ID == "" { - errs = append(errs, newValidationError(append(path, "SecuritySeverity"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecuritySeverity.Validate(visited, append(path, "SecuritySeverity")...)...) - - // TODO: check for required - return errs -} - -func (o *SecurityCvssV4VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - if o.SecuritySeverity.ID == "" { - errs = append(errs, newValidationError(append(path, "SecuritySeverity"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecuritySeverity.Validate(visited, append(path, "SecuritySeverity")...)...) - - // TODO: check for required - return errs -} - -func (o *SecurityEpssVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityExploitCatalogVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - if o.SecurityCatalogType.ID == "" { - errs = append(errs, newValidationError(append(path, "SecurityCatalogType"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecurityCatalogType.Validate(visited, append(path, "SecurityCatalogType")...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecuritySsvcVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - if o.SecurityDecisionType.ID == "" { - errs = append(errs, newValidationError(append(path, "SecurityDecisionType"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecurityDecisionType.Validate(visited, append(path, "SecurityDecisionType")...)...) - - return errs -} - -func (o *SecurityVexVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityVulnerability) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Artifact.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SoftwareSoftwareArtifact) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Artifact.Validate(visited, path...)...) - - for _, v := range o.SoftwareAdditionalPurposes { - errs = append(errs, v.Validate(visited, append(path, "SoftwareAdditionalPurposes")...)...) - } - - // TODO: check for required/min/max/etc. - - for i, v := range o.SoftwareContentIdentifiers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareContentIdentifiers", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - errs = append(errs, o.SoftwarePrimaryPurpose.Validate(visited, append(path, "SoftwarePrimaryPurpose")...)...) - - return errs -} - -func (o *Bom) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Bundle.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingCustomLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicense.Validate(visited, path...)...) - - return errs -} - -func (o *SecurityVexAffectedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityVexFixedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - return errs -} - -func (o *SecurityVexNotAffectedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - errs = append(errs, o.SecurityJustificationType.Validate(visited, append(path, "SecurityJustificationType")...)...) - - return errs -} - -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - return errs -} - -func (o *SoftwareFile) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) - - // TODO: check for required - - errs = append(errs, o.SoftwareFileKind.Validate(visited, append(path, "SoftwareFileKind")...)...) - - return errs -} - -func (o *SoftwarePackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SoftwareSbom) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Bom.Validate(visited, path...)...) - - for _, v := range o.SoftwareSbomTypes { - errs = append(errs, v.Validate(visited, append(path, "SoftwareSbomTypes")...)...) - } - - return errs -} - -func (o *SoftwareSnippet) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) - - if v, ok := o.SoftwareByteRange.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareByteRange")...)...) - } - - if v, ok := o.SoftwareLineRange.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareLineRange")...)...) - } - - if v, ok := o.SoftwareSnippetFromFile.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareSnippetFromFile")...)...) - } - - return errs -} - -func (o *AiAIPackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwarePackage.Validate(visited, path...)...) - - errs = append(errs, o.AiAutonomyType.Validate(visited, append(path, "AiAutonomyType")...)...) - - // TODO: check for required/min/max/etc. - - if v, ok := o.AiEnergyConsumption.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiEnergyConsumption")...)...) - } - - for i, v := range o.AiHyperparameters { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiHyperparameters", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.AiMetrics { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiMetrics", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.AiMetricDecisionThresholds { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiMetricDecisionThresholds", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required/min/max/etc. - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.AiSafetyRiskAssessment.Validate(visited, append(path, "AiSafetyRiskAssessment")...)...) - - // TODO: check for required/min/max/etc. - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.AiUseSensitivePersonalInformation.Validate(visited, append(path, "AiUseSensitivePersonalInformation")...)...) - - return errs -} - -func (o *DatasetDatasetPackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwarePackage.Validate(visited, path...)...) - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.DatasetConfidentialityLevel.Validate(visited, append(path, "DatasetConfidentialityLevel")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.DatasetDatasetAvailability.Validate(visited, append(path, "DatasetDatasetAvailability")...)...) - - // TODO: check for required - - // TODO: check for required - - if len(o.DatasetDatasetTypes) < 1 { - errs = append(errs, newValidationError(append(path, "DatasetDatasetTypes"), fmt.Errorf("required min count: %v", 1))) - } - for _, v := range o.DatasetDatasetTypes { - errs = append(errs, v.Validate(visited, append(path, "DatasetDatasetTypes")...)...) - } - - // TODO: check for required - - errs = append(errs, o.DatasetHasSensitivePersonalInformation.Validate(visited, append(path, "DatasetHasSensitivePersonalInformation")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - for i, v := range o.DatasetSensors { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "DatasetSensors", strconv.Itoa(i))...)...) - } - } - - return errs -} From a9d84dcb32f5e37b3aab20d98a252b87a6cca80d Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 12 Mar 2025 02:54:46 -0400 Subject: [PATCH 08/21] chore: functional converter with spdx 3 Signed-off-by: Keith Zantow --- convert/chain.go | 13 +++-- go.mod | 4 +- go.sum | 4 +- spdx/v2/v2_1/document.go | 9 ---- spdx/v2/v2_2/document.go | 10 ++-- spdx/v2/v2_3/document.go | 10 ++-- spdx/v3/v3_0/model.go | 100 ++++++++++++++++++++++++++++++++++++--- spdx/v3/v3_0/spdx.go | 63 +++++++++++++++++------- 8 files changed, 161 insertions(+), 52 deletions(-) diff --git a/convert/chain.go b/convert/chain.go index ac96733c..b0e8a924 100644 --- a/convert/chain.go +++ b/convert/chain.go @@ -9,17 +9,20 @@ import ( converter "github.com/anchore/go-struct-converter" "github.com/spdx/tools-golang/spdx/common" - "github.com/spdx/tools-golang/spdx/v2/v2_1" "github.com/spdx/tools-golang/spdx/v2/v2_2" "github.com/spdx/tools-golang/spdx/v2/v2_3" + "github.com/spdx/tools-golang/spdx/v3/v3_0" ) -var DocumentChain = converter.NewChain( - v2_1.Document{}, - v2_2.Document{}, - v2_3.Document{}, +var DocumentChain = converter.NewFuncChain( + v2_3.To_v2_2, v2_3.From_v2_2, + v2_2.From_v2_1, v2_2.To_v2_1, + v3_0.From_v2_3, ) +//). +// AutoPackageConverter(v3_0.Document{}, v2_3.Document{}) + // Document converts from one document to another document // For example, converting a document to the latest version could be done like: // diff --git a/go.mod b/go.mod index 07576e5d..82cd007e 100644 --- a/go.mod +++ b/go.mod @@ -1,9 +1,9 @@ module github.com/spdx/tools-golang -go 1.23.0 +go 1.23.5 require ( - github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664 + github.com/anchore/go-struct-converter v0.0.0-20250211213226-cce56d595160 github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.6.0 github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625 diff --git a/go.sum b/go.sum index 235de752..3be18cd4 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664 h1:TcUCZsLGIXJbqo9z9VX436XdpIyZ5Cs3b8XTIp+jRxs= -github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= +github.com/anchore/go-struct-converter v0.0.0-20250211213226-cce56d595160 h1:r8/1fxpbDMlQO6GgQiud1uL5eAu3p/NVUmfNx95/KY8= +github.com/anchore/go-struct-converter v0.0.0-20250211213226-cce56d595160/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= diff --git a/spdx/v2/v2_1/document.go b/spdx/v2/v2_1/document.go index bd6b41d4..5f69a790 100644 --- a/spdx/v2/v2_1/document.go +++ b/spdx/v2/v2_1/document.go @@ -4,8 +4,6 @@ package v2_1 import ( - converter "github.com/anchore/go-struct-converter" - "github.com/spdx/tools-golang/spdx/v2/common" ) @@ -70,10 +68,3 @@ type Document struct { // DEPRECATED in version 2.0 of spec Reviews []*Review `json:"-"` } - -func (d *Document) ConvertFrom(_ interface{}) error { - d.SPDXVersion = Version - return nil -} - -var _ converter.ConvertFrom = (*Document)(nil) diff --git a/spdx/v2/v2_2/document.go b/spdx/v2/v2_2/document.go index 5fcd33aa..b0371571 100644 --- a/spdx/v2/v2_2/document.go +++ b/spdx/v2/v2_2/document.go @@ -7,9 +7,8 @@ import ( "encoding/json" "fmt" - converter "github.com/anchore/go-struct-converter" - "github.com/spdx/tools-golang/spdx/v2/common" + "github.com/spdx/tools-golang/spdx/v2/v2_1" ) const Version = "SPDX-2.2" @@ -74,12 +73,13 @@ type Document struct { Reviews []*Review `json:"-"` } -func (d *Document) ConvertFrom(_ interface{}) error { +func From_v2_1(_ v2_1.Document, d *Document) { d.SPDXVersion = Version - return nil } -var _ converter.ConvertFrom = (*Document)(nil) +func To_v2_1(_ Document, d *v2_1.Document) { + d.SPDXVersion = v2_1.Version +} func (d *Document) UnmarshalJSON(b []byte) error { type doc Document diff --git a/spdx/v2/v2_3/document.go b/spdx/v2/v2_3/document.go index 62b7619b..eaf3463f 100644 --- a/spdx/v2/v2_3/document.go +++ b/spdx/v2/v2_3/document.go @@ -7,9 +7,8 @@ import ( "encoding/json" "fmt" - converter "github.com/anchore/go-struct-converter" - "github.com/spdx/tools-golang/spdx/v2/common" + "github.com/spdx/tools-golang/spdx/v2/v2_2" ) const Version = "SPDX-2.3" @@ -73,12 +72,13 @@ type Document struct { Reviews []*Review `json:"-" yaml:"-"` } -func (d *Document) ConvertFrom(_ interface{}) error { +func From_v2_2(_ v2_2.Document, d *Document) { d.SPDXVersion = Version - return nil } -var _ converter.ConvertFrom = (*Document)(nil) +func To_v2_2(_ Document, d *v2_2.Document) { + d.SPDXVersion = v2_2.Version +} func (d *Document) UnmarshalJSON(b []byte) error { type doc Document diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go index a306446c..53864b3f 100755 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -12,6 +12,7 @@ import ( ) type AnyAIPackage interface { + AnyPackage asAIPackage() *AIPackage } @@ -62,6 +63,7 @@ func (o *AIPackageList) AIPackages() ld.TypeSeq[AnyAIPackage, *AIPackage] { } type AnyAgent interface { + AnyElement asAgent() *Agent } @@ -94,6 +96,7 @@ func (o *AgentList) SoftwareAgents() ld.TypeSeq[AnyAgent, *SoftwareAgent] { } type AnyAnnotation interface { + AnyElement asAnnotation() *Annotation } @@ -138,6 +141,7 @@ var AnnotationType_Review = AnnotationType{ } type AnyArtifact interface { + AnyElement asArtifact() *Artifact } @@ -200,6 +204,7 @@ func (o *ArtifactList) Vulnerabilities() ld.TypeSeq[AnyArtifact, *Vulnerability] } type AnyBom interface { + AnyBundle asBom() *Bom } @@ -224,6 +229,7 @@ func (o *BomList) Sboms() ld.TypeSeq[AnyBom, *Sbom] { } type AnyBuild interface { + AnyElement asBuild() *Build } @@ -262,6 +268,7 @@ func (o *BuildList) Builds() ld.TypeSeq[AnyBuild, *Build] { } type AnyBundle interface { + AnyElementCollection asBundle() *Bundle } @@ -292,6 +299,7 @@ func (o *BundleList) Sboms() ld.TypeSeq[AnyBundle, *Sbom] { } type AnyCdxPropertiesExtension interface { + AnyExtension asCdxPropertiesExtension() *CdxPropertiesExtension } @@ -364,6 +372,7 @@ var ConfidentialityLevelType_Red = ConfidentialityLevelType{ } type AnyConjunctiveLicenseSet interface { + AnyLicenseInfo asConjunctiveLicenseSet() *ConjunctiveLicenseSet } @@ -386,6 +395,7 @@ func (o *ConjunctiveLicenseSetList) ConjunctiveLicenseSets() ld.TypeSeq[AnyConju } type AnyContentIdentifier interface { + AnyIntegrityMethod asContentIdentifier() *ContentIdentifier } @@ -456,6 +466,7 @@ func (o *CreationInfoList) CreationInfos() ld.TypeSeq[AnyCreationInfo, *Creation } type AnyCustomLicense interface { + AnyLicense asCustomLicense() *CustomLicense } @@ -476,6 +487,7 @@ func (o *CustomLicenseList) CustomLicenses() ld.TypeSeq[AnyCustomLicense, *Custo } type AnyCustomLicenseAddition interface { + AnyLicenseAddition asCustomLicenseAddition() *CustomLicenseAddition } @@ -527,6 +539,7 @@ var CvssSeverityType_None = CvssSeverityType{ } type AnyCvssV2VulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship } @@ -551,6 +564,7 @@ func (o *CvssV2VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships } type AnyCvssV3VulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship } @@ -577,6 +591,7 @@ func (o *CvssV3VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships } type AnyCvssV4VulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship } @@ -634,6 +649,7 @@ var DatasetAvailabilityType_ScrapingScript = DatasetAvailabilityType{ } type AnyDatasetPackage interface { + AnyPackage asDatasetPackage() *DatasetPackage } @@ -780,6 +796,7 @@ func (o *DictionaryEntryList) DictionaryEntries() ld.TypeSeq[AnyDictionaryEntry, } type AnyDisjunctiveLicenseSet interface { + AnyLicenseInfo asDisjunctiveLicenseSet() *DisjunctiveLicenseSet } @@ -816,7 +833,7 @@ type Element struct { // Name Identifies the name of an Element as designated by the creator. Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` // Extensions Specifies an Extension characterization of some aspect of an Element. - Extensions []Extension `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` // CreationInfo Provides information about the creation of the Element. CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element. @@ -825,8 +842,8 @@ type Element struct { ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` // Summary A short description of an Element. Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` - // VerifiedUsings Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. - VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` } func (o *Element) asElement() *Element { @@ -1040,6 +1057,7 @@ func (o *ElementList) WithAdditionOperators() ld.TypeSeq[AnyElement, *WithAdditi } type AnyElementCollection interface { + AnyElement asElementCollection() *ElementCollection } @@ -1153,6 +1171,7 @@ var EnergyUnitType_Other = EnergyUnitType{ } type AnyEpssVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship } @@ -1193,6 +1212,7 @@ var ExploitCatalogType_Other = ExploitCatalogType{ } type AnyExploitCatalogVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship } @@ -1219,6 +1239,7 @@ func (o *ExploitCatalogVulnAssessmentRelationshipList) ExploitCatalogVulnAssessm } type AnyExtendableLicense interface { + AnyLicenseInfo asExtendableLicense() *ExtendableLicense } @@ -1254,11 +1275,30 @@ func (o *ExtendableLicenseList) OrLaterOperators() ld.TypeSeq[AnyExtendableLicen return ld.NewTypeSeq(*o, castOrLaterOperator) } +type AnyExtension interface { + asExtension() *Extension +} + // Extension A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. type Extension struct { _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` - id string `iri:"@id"` + ID string `iri:"@id"` +} + +func (o *Extension) asExtension() *Extension { + return o +} + +type ExtensionList []AnyExtension + +func (o *ExtensionList) CdxPropertiesExtensions() ld.TypeSeq[AnyExtension, *CdxPropertiesExtension] { + return ld.NewTypeSeq(*o, castCdxPropertiesExtension) } + +func (o *ExtensionList) Extensions() ld.TypeSeq[AnyExtension, *Extension] { + return ld.NewTypeSeq(*o, castExtension) +} + type AnyExternalIdentifier interface { asExternalIdentifier() *ExternalIdentifier } @@ -1362,8 +1402,8 @@ type ExternalMap struct { ExternalSpdxId ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` // LocationHint Provides an indication of where to retrieve an external Element. LocationHint ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // VerifiedUsings Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. - VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` // DefiningArtifact Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element. DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" type:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` } @@ -1643,6 +1683,7 @@ var ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{ } type AnyFile interface { + AnySoftwareArtifact asFile() *File } @@ -1683,6 +1724,7 @@ var FileKindType_File = FileKindType{ } type AnyHash interface { + AnyIntegrityMethod asHash() *Hash } @@ -1823,6 +1865,7 @@ var HashAlgorithm_Sha512 = HashAlgorithm{ } type AnyIndividualElement interface { + AnyElement asIndividualElement() *IndividualElement } @@ -1853,6 +1896,7 @@ func (o *IndividualElementList) IndividualElements() ld.TypeSeq[AnyIndividualEle } type AnyIndividualLicensingInfo interface { + AnyLicenseInfo asIndividualLicensingInfo() *IndividualLicensingInfo } @@ -1917,6 +1961,7 @@ func (o *IntegrityMethodList) PackageVerificationCodes() ld.TypeSeq[AnyIntegrity } type AnyLicense interface { + AnyExtendableLicense asLicense() *License } @@ -1963,6 +2008,7 @@ func (o *LicenseList) ListedLicenses() ld.TypeSeq[AnyLicense, *ListedLicense] { } type AnyLicenseAddition interface { + AnyElement asLicenseAddition() *LicenseAddition } @@ -2003,6 +2049,7 @@ func (o *LicenseAdditionList) ListedLicenseExceptions() ld.TypeSeq[AnyLicenseAdd } type AnyLicenseExpression interface { + AnyLicenseInfo asLicenseExpression() *LicenseExpression } @@ -2029,6 +2076,7 @@ func (o *LicenseExpressionList) LicenseExpressions() ld.TypeSeq[AnyLicenseExpres } type AnyLicenseInfo interface { + AnyElement asLicenseInfo() *LicenseInfo } @@ -2125,6 +2173,7 @@ var LifecycleScopeType_Test = LifecycleScopeType{ } type AnyLifecycleScopedRelationship interface { + AnyRelationship asLifecycleScopedRelationship() *LifecycleScopedRelationship } @@ -2147,6 +2196,7 @@ func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationships() ld.Type } type AnyListedLicense interface { + AnyLicense asListedLicense() *ListedLicense } @@ -2171,6 +2221,7 @@ func (o *ListedLicenseList) ListedLicenses() ld.TypeSeq[AnyListedLicense, *Liste } type AnyListedLicenseException interface { + AnyLicenseAddition asListedLicenseException() *ListedLicenseException } @@ -2219,6 +2270,7 @@ func (o *NamespaceMapList) NamespaceMaps() ld.TypeSeq[AnyNamespaceMap, *Namespac } type AnyOrLaterOperator interface { + AnyExtendableLicense asOrLaterOperator() *OrLaterOperator } @@ -2241,6 +2293,7 @@ func (o *OrLaterOperatorList) OrLaterOperators() ld.TypeSeq[AnyOrLaterOperator, } type AnyOrganization interface { + AnyAgent asOrganization() *Organization } @@ -2266,6 +2319,7 @@ func (o *OrganizationList) Organizations() ld.TypeSeq[AnyOrganization, *Organiza } type AnyPackage interface { + AnySoftwareArtifact asPackage() *Package } @@ -2304,6 +2358,7 @@ func (o *PackageList) Packages() ld.TypeSeq[AnyPackage, *Package] { } type AnyPackageVerificationCode interface { + AnyIntegrityMethod asPackageVerificationCode() *PackageVerificationCode } @@ -2330,6 +2385,7 @@ func (o *PackageVerificationCodeList) PackageVerificationCodes() ld.TypeSeq[AnyP } type AnyPerson interface { + AnyAgent asPerson() *Person } @@ -2451,6 +2507,7 @@ var ProfileIdentifierType_Software = ProfileIdentifierType{ } type AnyRelationship interface { + AnyElement asRelationship() *Relationship } @@ -2883,6 +2940,7 @@ var SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{ } type AnySbom interface { + AnyBom asSbom() *Sbom } @@ -2941,6 +2999,7 @@ var SbomType_Source = SbomType{ } type AnySimpleLicensingText interface { + AnyElement asSimpleLicensingText() *SimpleLicensingText } @@ -2963,6 +3022,7 @@ func (o *SimpleLicensingTextList) SimpleLicensingTexts() ld.TypeSeq[AnySimpleLic } type AnySnippet interface { + AnySoftwareArtifact asSnippet() *Snippet } @@ -2989,6 +3049,7 @@ func (o *SnippetList) Snippets() ld.TypeSeq[AnySnippet, *Snippet] { } type AnySoftwareAgent interface { + AnyAgent asSoftwareAgent() *SoftwareAgent } @@ -3009,6 +3070,7 @@ func (o *SoftwareAgentList) SoftwareAgents() ld.TypeSeq[AnySoftwareAgent, *Softw } type AnySoftwareArtifact interface { + AnyArtifact asSoftwareArtifact() *SoftwareArtifact } @@ -3210,6 +3272,7 @@ var SoftwarePurpose_Test = SoftwarePurpose{ } type AnySpdxDocument interface { + AnyElementCollection asSpdxDocument() *SpdxDocument } @@ -3262,6 +3325,7 @@ var SsvcDecisionType_TrackStar = SsvcDecisionType{ } type AnySsvcVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship } @@ -3325,6 +3389,7 @@ var SupportType_Support = SupportType{ } type AnyTool interface { + AnyElement asTool() *Tool } @@ -3345,6 +3410,7 @@ func (o *ToolList) Tools() ld.TypeSeq[AnyTool, *Tool] { } type AnyVexAffectedVulnAssessmentRelationship interface { + AnyVexVulnAssessmentRelationship asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship } @@ -3369,6 +3435,7 @@ func (o *VexAffectedVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRel } type AnyVexFixedVulnAssessmentRelationship interface { + AnyVexVulnAssessmentRelationship asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship } @@ -3420,6 +3487,7 @@ var VexJustificationType_VulnerableCodeNotPresent = VexJustificationType{ } type AnyVexNotAffectedVulnAssessmentRelationship interface { + AnyVexVulnAssessmentRelationship asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship } @@ -3446,6 +3514,7 @@ func (o *VexNotAffectedVulnAssessmentRelationshipList) VexNotAffectedVulnAssessm } type AnyVexUnderInvestigationVulnAssessmentRelationship interface { + AnyVexVulnAssessmentRelationship asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship } @@ -3466,6 +3535,7 @@ func (o *VexUnderInvestigationVulnAssessmentRelationshipList) VexUnderInvestigat } type AnyVexVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship } @@ -3506,6 +3576,7 @@ func (o *VexVulnAssessmentRelationshipList) VexVulnAssessmentRelationships() ld. } type AnyVulnAssessmentRelationship interface { + AnyRelationship asVulnAssessmentRelationship() *VulnAssessmentRelationship } @@ -3580,6 +3651,7 @@ func (o *VulnAssessmentRelationshipList) VulnAssessmentRelationships() ld.TypeSe } type AnyVulnerability interface { + AnyArtifact asVulnerability() *Vulnerability } @@ -3606,6 +3678,7 @@ func (o *VulnerabilityList) Vulnerabilities() ld.TypeSeq[AnyVulnerability, *Vuln } type AnyWithAdditionOperator interface { + AnyLicenseInfo asWithAdditionOperator() *WithAdditionOperator } @@ -3748,6 +3821,10 @@ func (o *ExternalIRI) asExtendableLicense() *ExtendableLicense { return castExtendableLicense(o.value) } +func (o *ExternalIRI) asExtension() *Extension { + return castExtension(o.value) +} + func (o *ExternalIRI) asExternalIdentifier() *ExternalIdentifier { return castExternalIdentifier(o.value) } @@ -4093,6 +4170,13 @@ func castExtendableLicense(o any) *ExtendableLicense { return nil } +func castExtension(o any) *Extension { + if o, ok := o.(AnyExtension); ok { + return o.asExtension() + } + return nil +} + func castExternalIdentifier(o any) *ExternalIdentifier { if o, ok := o.(AnyExternalIdentifier); ok { return o.asExternalIdentifier() @@ -4477,6 +4561,10 @@ func cast[T any](value any) *T { if v, ok := any(castExtendableLicense(value)).(*T); ok { return v } + case Extension: + if v, ok := any(castExtension(value)).(*T); ok { + return v + } case ExternalIdentifier: if v, ok := any(castExternalIdentifier(value)).(*T); ok { return v diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0/spdx.go index bd00b7f4..5b2f93c9 100644 --- a/spdx/v3/v3_0/spdx.go +++ b/spdx/v3/v3_0/spdx.go @@ -1,6 +1,8 @@ package v3_0 import ( + "bytes" + "encoding/json" "fmt" "io" "reflect" @@ -11,49 +13,70 @@ import ( ) /* -SPDX 3 models and serialization code is generated from some different prototype golang support for shacl2code, in: https://github.com/kzantow-anchore/shacl2code - -To regenerate, use something like this command: -.venv/bin/python -m shacl2code generate -i https://spdx.org/rdf/3.0.1/spdx-model.ttl -i https://spdx.org/rdf/3.0.1/spdx-json-serialize-annotations.ttl -x https://spdx.org/rdf/3.0.1/spdx-context.jsonld golang ---package v3_0 --license MIT ---output $HOME/projects/tools-golang/spdx/v3/v3_0/model.go ---remap-props element=elements,extension=extensions,externalIdentifier=externalIdentifiers,externalRef=externalRefs,rootElement=rootElements +SPDX 3 models and serialization code is generated from github.com/kzantow/go-ld/cmd +To regenerate, run: go run ./cmd */ +const Version = "3.0.1" // TODO is there a way to ascertain this version from generated code programmatically? + type Document struct { - *SpdxDocument + SpdxDocument LDContext ld.Context } +func (d *Document) MarshalJSON() ([]byte, error) { + buf := bytes.Buffer{} + err := d.Write(&buf) + return buf.Bytes(), err +} + func LDContext() ld.Context { return context() } +func (d *Document) Write(w io.Writer) error { + return d.ToJSON(w) +} + func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { ci := &CreationInfo{ - SpecVersion: "3.0.1", // TODO is there a way to ascertain this version from generated code programmatically? + SpecVersion: Version, Created: time.Now(), CreatedBy: AgentList{createdBy}, CreatedUsing: ToolList{createdUsing}, } return &Document{ - SpdxDocument: &SpdxDocument{ + SpdxDocument: SpdxDocument{ ElementCollection: ElementCollection{ Element: Element{ Name: name, CreationInfo: ci, }, - ProfileConformances: []ProfileIdentifierType{conformance}, + ProfileConformances: conformanceFrom(conformance), }, }, LDContext: context(), } } +func conformanceFrom(conformance ProfileIdentifierType) []ProfileIdentifierType { + out := []ProfileIdentifierType{ProfileIdentifierType_Core} + switch conformance { + case ProfileIdentifierType_Core: + case ProfileIdentifierType_Software: + out = append(out, conformance) + case ProfileIdentifierType_Ai: + out = append(out, ProfileIdentifierType_Software, conformance) + case ProfileIdentifierType_Dataset: + out = append(out, ProfileIdentifierType_Software, ProfileIdentifierType_Ai, conformance) + } + return out +} + func (d *Document) Validate(setCreationInfo bool) error { if setCreationInfo { // all Elements need to have creationInfo set... - d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) + d.setCreationInfo(d.SpdxDocument.CreationInfo, &d.SpdxDocument) } return ld.ValidateGraph(d.SpdxDocument) } @@ -69,20 +92,24 @@ func (d *Document) Append(e ...AnyElement) { // ... and after this initial processing, outputs the document as compact JSON LD, // including accounting for empty IDs by outputting blank node spdxId values func (d *Document) ToJSON(writer io.Writer) error { - if d.SpdxDocument == nil { - return fmt.Errorf("no document object created") - } - // all Elements need to have creationInfo set... - d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) + d.setCreationInfo(d.SpdxDocument.CreationInfo, &d.SpdxDocument) // ensure the Elements d.ensureAllDocumentElements() + if d.LDContext == nil { + d.LDContext = context() + } return d.LDContext.ToJSON(writer, d.SpdxDocument) } +var _ json.Marshaler = (*Document)(nil) + func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { + if creationInfo == nil { + return + } creationInfoInterfaceType := reflect.TypeOf((*AnyCreationInfo)(nil)).Elem() ci := reflect.ValueOf(creationInfo) _ = ld.VisitObjectGraph(doc, func(path []any, value reflect.Value) error { @@ -101,7 +128,7 @@ func (d *Document) FromJSON(reader io.Reader) error { } for _, e := range graph { if doc, ok := e.(*SpdxDocument); ok { - d.SpdxDocument = doc + d.SpdxDocument = *doc return nil } } From 56f2c824589738d570ff7a80a18c7c83e919d3a9 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Tue, 5 Aug 2025 22:22:17 -0400 Subject: [PATCH 09/21] chore: add Cast function Signed-off-by: Keith Zantow --- go.mod | 2 +- go.sum | 4 ++-- spdx/v3/v3_0/model.go | 5 +++++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 82cd007e..d237778c 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/anchore/go-struct-converter v0.0.0-20250211213226-cce56d595160 github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.6.0 - github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625 + github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7 github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb github.com/stretchr/testify v1.10.0 diff --git a/go.sum b/go.sum index 3be18cd4..c48c1ab8 100644 --- a/go.sum +++ b/go.sum @@ -5,8 +5,8 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625 h1:xFbgOwCtZx5bu7Ggnn1eHhPyjIG2vtQgpio5zH6onUU= -github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625/go.mod h1:P7HdHSjYOcim2o9GWUj011qCd9bEOc+Bg8SeW6JKV8M= +github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7 h1:rBVkkYUZ9mUDmjp2+Y6KthUqbcSB+4kN82PZbuzYkNw= +github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7/go.mod h1:P7HdHSjYOcim2o9GWUj011qCd9bEOc+Bg8SeW6JKV8M= github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b h1:xyh6boGzDR4EpdEDe9ix1KhHNgOSiBjBocahA6FalEQ= github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b/go.mod h1:RVhE35veDX19r5gfUAR+IYHkAUuPwJO8Ie/qVeFaIzw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go index 53864b3f..21c1adb0 100755 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -4734,6 +4734,11 @@ func As[T any, R any](value any, fn func(v *T) R) R { return r } +// Cast provides a reference to any direct or embedded type, which can be edited directly +func Cast[T any](value any) *T { + return cast[T](value) +} + func context() ld.Context { return ld.NewContext().Register("https://spdx.org/rdf/3.0.1/spdx-context.jsonld", map[string]any{"@context": map[string]any{ "Agent": "https://spdx.org/rdf/3.0.1/terms/Core/Agent", From 1dbe8fed4fd1ec26871e564e19b5a74f9c1d88c0 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Tue, 5 Aug 2025 22:50:30 -0400 Subject: [PATCH 10/21] chore: upgrade go-struct-converter Signed-off-by: Keith Zantow --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index d237778c..ad103d4f 100644 --- a/go.mod +++ b/go.mod @@ -3,9 +3,9 @@ module github.com/spdx/tools-golang go 1.23.5 require ( - github.com/anchore/go-struct-converter v0.0.0-20250211213226-cce56d595160 + github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693 github.com/davecgh/go-spew v1.1.1 - github.com/google/go-cmp v0.6.0 + github.com/google/go-cmp v0.7.0 github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7 github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb diff --git a/go.sum b/go.sum index c48c1ab8..954c9d1e 100644 --- a/go.sum +++ b/go.sum @@ -1,10 +1,10 @@ -github.com/anchore/go-struct-converter v0.0.0-20250211213226-cce56d595160 h1:r8/1fxpbDMlQO6GgQiud1uL5eAu3p/NVUmfNx95/KY8= -github.com/anchore/go-struct-converter v0.0.0-20250211213226-cce56d595160/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= +github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693 h1:5mW2UozRrZkMhd6tEsN+T5tCk6XxI+qMLu4DmDTUZd4= +github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693/go.mod h1:SxEY1rkVuDSqQOnD1+G4A45wAKXPMum/a51ywvN/8o4= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7 h1:rBVkkYUZ9mUDmjp2+Y6KthUqbcSB+4kN82PZbuzYkNw= github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7/go.mod h1:P7HdHSjYOcim2o9GWUj011qCd9bEOc+Bg8SeW6JKV8M= github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b h1:xyh6boGzDR4EpdEDe9ix1KhHNgOSiBjBocahA6FalEQ= From e693934281a2e0520a94344476c1f02b2e066a18 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Tue, 5 Aug 2025 22:55:04 -0400 Subject: [PATCH 11/21] chore: prototype convert function Signed-off-by: Keith Zantow --- spdx/v3/v3_0/convert.go | 280 ++++++++++++++++++++++++ spdx/v3/v3_0/spdx_serialization_test.go | 184 ++++++++++++++++ 2 files changed, 464 insertions(+) create mode 100644 spdx/v3/v3_0/convert.go create mode 100644 spdx/v3/v3_0/spdx_serialization_test.go diff --git a/spdx/v3/v3_0/convert.go b/spdx/v3/v3_0/convert.go new file mode 100644 index 00000000..2f795167 --- /dev/null +++ b/spdx/v3/v3_0/convert.go @@ -0,0 +1,280 @@ +package v3_0 + +import ( + "fmt" + "os" + "slices" + "strings" + "time" + + "github.com/kzantow/go-ld" + + "github.com/spdx/tools-golang/spdx/v2/common" + "github.com/spdx/tools-golang/spdx/v2/v2_3" +) + +func From_v2_3(doc v2_3.Document, d *Document) { + if d.CreationInfo == nil { + d.CreationInfo = &CreationInfo{} + } + if c, ok := d.CreationInfo.(*CreationInfo); ok { + c.SpecVersion = Version + } + + idMap := map[string]any{} + + d.ID = string(doc.SPDXIdentifier) + d.Comment = doc.DocumentComment + d.CreationInfo = convert23CreationInfo(doc.CreationInfo) + d.Name = doc.DocumentName + d.DataLicense = &LicenseInfo{Element: Element{ + Name: doc.DataLicense, + }} + + for _, pkg := range doc.Packages { + newPkg := convert23Package(idMap, pkg) + if newPkg != nil { + d.RootElements = append(d.RootElements, newPkg) + idMap[string(pkg.PackageSPDXIdentifier)] = newPkg + } + } + + for _, file := range doc.Files { + newFile := convert23File(idMap, file) + if newFile != nil { + d.RootElements = append(d.RootElements, newFile) + idMap[string(file.FileSPDXIdentifier)] = newFile + } + } + + rels := relMap{} + for _, rel := range doc.Relationships { + newRel := convert23Relationship(idMap, rel) + if newRel != nil { + rels.add(newRel) + } + } + for _, relTypes := range rels { + for _, to := range relTypes { + d.RootElements = append(d.RootElements, to) + } + } +} + +type relMap map[AnyElement]map[RelationshipType]*Relationship + +func (r relMap) add(relationship *Relationship) { + relTypes := r[relationship.From] + if relTypes == nil { + relTypes = map[RelationshipType]*Relationship{} + r[relationship.From] = relTypes + } + existing := relTypes[relationship.RelationshipType] + if existing == nil { + relTypes[relationship.RelationshipType] = relationship + return + } + existing.To = appendUnique(existing.To, relationship.To...) +} + +func appendUnique[T comparable](existing []T, adding ...T) []T { + for _, add := range adding { + if slices.Contains(existing, add) { + continue + } + existing = append(existing, add) + } + return existing +} + +func convert23Relationship(idMap map[string]any, rel *v2_3.Relationship) *Relationship { + if rel == nil { + return nil + } + from, _ := idMap[string(rel.RefA.ElementRefID)].(AnyElement) + to, _ := idMap[string(rel.RefB.ElementRefID)].(AnyElement) + if from == nil || to == nil { + return nil + } + return &Relationship{ + Element: Element{ + Comment: rel.RelationshipComment, + }, + From: from, + RelationshipType: convert23RelationshipType(rel.Relationship), + To: []AnyElement{to}, + } +} + +func convert23RelationshipType(relationship string) RelationshipType { + switch strings.ToLower(relationship) { + case "contains", "contained_by": + return RelationshipType_Contains + case "depends_on", "dependency_of": + return RelationshipType_DependsOn + } + return RelationshipType{} +} + +func convert23CreationInfo(info *v2_3.CreationInfo) *CreationInfo { + return &CreationInfo{ + Comment: info.CreatorComment, + Created: convert23Time(info.Created), + CreatedBy: convert23Creators(info.Creators), + SpecVersion: info.LicenseListVersion, + } +} + +func convert23Creators(creators []common.Creator) []AnyAgent { + var out []AnyAgent + for _, c := range creators { + out = append(out, convert23Agent(c.CreatorType, c.Creator)) + } + return out +} + +func convert23Agent(agentType string, agent string) AnyAgent { + switch strings.ToLower(agentType) { + case "person": + return &Person{Agent: Agent{Element: Element{ + Name: agent, + }}} + case "organization", "org": + return &Organization{Agent: Agent{Element: Element{ + Name: agent, + }}} + } + return nil +} + +func convert23File(idMap map[string]any, file *v2_3.File) AnyFile { + if file == nil { + return nil + } + return &File{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{Element: Element{ + ID: string(file.FileSPDXIdentifier), + Comment: file.FileComment, + Name: file.FileName, + }}, + CopyrightText: file.FileCopyrightText, + AttributionTexts: file.FileAttributionTexts, + }, + FileKind: FileKindType_File, + } +} + +func convert23Package(idMap map[string]any, pkg *v2_3.Package) *Package { + if pkg == nil { + return nil + } + return &Package{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: string(pkg.PackageSPDXIdentifier), + Name: pkg.PackageName, + Summary: pkg.PackageSummary, + Comment: pkg.PackageComment, + Description: pkg.PackageDescription, + ExternalIdentifiers: convert23ExternalIdentifiers(pkg.PackageExternalReferences), + VerifiedUsing: convert23VerifiedUsing(pkg.PackageVerificationCode), + }, + BuiltTime: convert23Time(pkg.BuiltDate), + OriginatedBy: convert23PackageOriginator(pkg.PackageOriginator), + ReleaseTime: convert23Time(pkg.ReleaseDate), + SuppliedBy: convert23Supplier(pkg.PackageSupplier), + ValidUntilTime: convert23Time(pkg.ValidUntilDate), + }, + AttributionTexts: pkg.PackageAttributionTexts, + CopyrightText: pkg.PackageCopyrightText, + PrimaryPurpose: convert23PrimaryPurpose(pkg.PrimaryPackagePurpose), + }, + + DownloadLocation: convert23URI(pkg.PackageDownloadLocation), + HomePage: convert23URI(pkg.PackageHomePage), + PackageUrl: convert23PackageUrl(pkg.PackageExternalReferences), + PackageVersion: pkg.PackageVersion, + SourceInfo: pkg.PackageSourceInfo, + } +} + +func convert23Time(date string) time.Time { + t, err := time.Parse(time.RFC3339, date) + if err != nil { + logDropped(err) + return time.Time{} + } + return t +} + +func convert23URI(uri string) ld.URI { + return ld.URI(uri) +} + +func logDropped(value any) { + _, _ = fmt.Fprintf(os.Stderr, "dropped: %v", value) +} + +func convert23PackageUrl(references []*v2_3.PackageExternalReference) ld.URI { + for _, ref := range references { + if ref.RefType == common.TypePackageManagerPURL { + return convert23URI(ref.Locator) + } + } + return "" +} + +func convert23PrimaryPurpose(purpose string) SoftwarePurpose { + switch purpose { + case "container": + return SoftwarePurpose_Container + case "library": + return SoftwarePurpose_Library + case "application": + return SoftwarePurpose_Application + } + return SoftwarePurpose{} +} + +func convert23Supplier(supplier *common.Supplier) AnyAgent { + if supplier == nil { + return nil + } + return convert23Agent(supplier.SupplierType, supplier.Supplier) +} + +func convert23PackageOriginator(originator *common.Originator) []AnyAgent { + if originator == nil { + return nil + } + return []AnyAgent{convert23Agent(originator.OriginatorType, originator.Originator)} +} + +func convert23VerifiedUsing(verificationCode *common.PackageVerificationCode) []AnyIntegrityMethod { + return nil // TODO +} + +func convert23ExternalIdentifiers(references []*v2_3.PackageExternalReference) []AnyExternalIdentifier { + var out []AnyExternalIdentifier + for _, r := range references { + typ := ExternalIdentifierType{} + switch r.RefType { + case common.TypeSecurityCPE22Type: + typ = ExternalIdentifierType_Cpe22 + case common.TypeSecurityCPE23Type: + typ = ExternalIdentifierType_Cpe23 + case common.TypePackageManagerPURL: + typ = ExternalIdentifierType_PackageUrl + default: + continue // unknown + } + out = append(out, &ExternalIdentifier{ + Comment: r.ExternalRefComment, + ExternalIdentifierType: typ, + Identifier: r.Locator, + }) + } + return out +} diff --git a/spdx/v3/v3_0/spdx_serialization_test.go b/spdx/v3/v3_0/spdx_serialization_test.go new file mode 100644 index 00000000..7c768135 --- /dev/null +++ b/spdx/v3/v3_0/spdx_serialization_test.go @@ -0,0 +1,184 @@ +package v3_0 + +import ( + "bytes" + "strings" + "testing" + "time" + + "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" +) + +func Test_spdxExportImportExport(t *testing.T) { + doc := SpdxDocument{ + DataLicense: nil, + Imports: nil, + } + + doc.ID = "new-id" + + agent := &SoftwareAgent{Agent: Agent{Element: Element{ + Name: "some-agent", + Summary: "summary", + }}} + c := &CreationInfo{ + Comment: "some-comment", + Created: time.Now(), + CreatedBy: AgentList{ + agent, + }, + CreatedUsing: []AnyTool{ + &Tool{Element: Element{ + ExternalIdentifiers: ExternalIdentifierList{ + &ExternalIdentifier{ + ExternalIdentifierType: ExternalIdentifierType_Cpe23, + Identifier: "cpe23:a:myvendor:my-product:*:*:*:*:*:*:*", + }, + }, + Name: "not-tools-golang", + }}, + }, + SpecVersion: "", + } + agent.CreationInfo = c + + // add a package + + pkg1 := &Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + Name: "some-package-1", + CreationInfo: c, + }}}, + PackageVersion: "1.2.3", + } + pkg2 := &Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + Name: "some-package-2", + CreationInfo: c, + }}}, + PackageVersion: "2.4.5", + } + doc.Elements = append(doc.Elements, pkg2) + + file1 := &File{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + Name: "/bin/bash", + CreationInfo: c, + }}}} + doc.Elements = append(doc.Elements, file1) + + // add relationships + + doc.Elements = append(doc.Elements, + &Relationship{Element: Element{ + CreationInfo: c, + }, + From: file1, + RelationshipType: RelationshipType_Contains, + To: ElementList{ + pkg1, + pkg2, + }, + }, + ) + + doc.Elements = append(doc.Elements, + &Relationship{Element: Element{ + CreationInfo: c, + }, + From: pkg1, + RelationshipType: RelationshipType_DependsOn, + To: ElementList{ + pkg2, + }, + }, + ) + + doc.Elements = append(doc.Elements, + &AIPackage{Package: Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + CreationInfo: c, + }}}}, + TypeOfModels: []string{"a model"}, + }, + ) + + got := encodeDecode(t, &doc) + + // some basic verification: + + var pkgs PackageList + for _, rel := range got.RootElements.Relationships() { + if rel.RelationshipType != RelationshipType_Contains { + continue + } + _ = As(rel.From, func(from *File) any { + if from.Name == "/bin/bash" { + for _, pkg := range rel.To.Packages() { + pkgs = append(pkgs, pkg) + } + } + return nil + }) + } + if len(pkgs) != 2 { + t.Error("wrong packages returned") + } +} + +func Test_stringSlice(t *testing.T) { + p := &AIPackage{ + TypeOfModels: []string{"a model"}, + } + encodeDecode(t, p) +} + +func Test_profileConformance(t *testing.T) { + doc := &SpdxDocument{ElementCollection: ElementCollection{ + ProfileConformances: []ProfileIdentifierType{ + ProfileIdentifierType_Software, + }, + }} + encodeDecode(t, doc) +} + +func Test_externalID(t *testing.T) { + doc := &SpdxDocument{ElementCollection: ElementCollection{ + Elements: ElementList{ + NewExternalIRI("http://someplace.org/ac7b643f0b2d"), + }, + }} + encodeDecode(t, doc) +} + +// encodeDecode encodes to JSON, decodes from the JSON, and re-encodes in JSON to validate nothing is lost +func encodeDecode[T comparable](t *testing.T, obj T) T { + // serialization: + buf := bytes.Buffer{} + err := context().ToJSON(&buf, obj) + if err != nil { + t.Fatal(err) + } + + json1 := buf.String() + t.Logf("--------- initial JSON: ----------\n%s\n\n", json1) + + // deserialization: + graph, err := context().FromJSON(strings.NewReader(json1)) + var got T + for _, entry := range graph { + if e, ok := entry.(T); ok { + got = e + break + } + } + + var empty T + if got == empty { + t.Fatalf("did not find object in graph, json: %s", json1) + } + + diff := cmp.Diff(obj, got, cmpopts.IgnoreUnexported((*T)(nil))) + if diff != "" { + t.Fatal(diff) + } + + return got +} From 75e046c76fb87199d998c662510b61f37720ac2a Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 08:58:04 -0400 Subject: [PATCH 12/21] feat(wip): struct-based v3 serializations Signed-off-by: Keith Zantow --- Makefile | 4 + convert/chain.go | 4 +- go.mod | 8 +- go.sum | 16 +- json/reader.go | 8 + spdx/v3/internal/generate/main.go | 94 ++ spdx/v3/internal/serialize_json.go | 373 ++++++ spdx/v3/v3_0/convert.go | 280 ---- spdx/v3/v3_0_1/convert.go | 905 +++++++++++++ spdx/v3/v3_0_1/convert_test.go | 155 +++ spdx/v3/v3_0_1/convert_v23_test.go | 336 +++++ spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java | 1128 +++++++++++++++++ spdx/v3/v3_0_1/convert_v301_test.go | 608 +++++++++ spdx/v3/{v3_0 => v3_0_1}/model.go | 561 ++++---- spdx/v3/{v3_0 => v3_0_1}/model_validations.go | 42 +- spdx/v3/{v3_0 => v3_0_1}/spdx.go | 57 +- .../spdx_serialization_test.go | 37 +- spdx/v3/{v3_0 => v3_0_1}/spdx_test.go | 248 ++-- spdx/v3/v3_0_1/testdata/test.expanded.json | 242 ++++ spdx/v3/v3_0_1/testdata/test.json | 98 ++ 20 files changed, 4504 insertions(+), 700 deletions(-) create mode 100644 spdx/v3/internal/generate/main.go create mode 100644 spdx/v3/internal/serialize_json.go delete mode 100644 spdx/v3/v3_0/convert.go create mode 100644 spdx/v3/v3_0_1/convert.go create mode 100644 spdx/v3/v3_0_1/convert_test.go create mode 100644 spdx/v3/v3_0_1/convert_v23_test.go create mode 100644 spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java create mode 100644 spdx/v3/v3_0_1/convert_v301_test.go rename spdx/v3/{v3_0 => v3_0_1}/model.go (93%) rename spdx/v3/{v3_0 => v3_0_1}/model_validations.go (97%) rename spdx/v3/{v3_0 => v3_0_1}/spdx.go (77%) rename spdx/v3/{v3_0 => v3_0_1}/spdx_serialization_test.go (80%) rename spdx/v3/{v3_0 => v3_0_1}/spdx_test.go (62%) create mode 100755 spdx/v3/v3_0_1/testdata/test.expanded.json create mode 100644 spdx/v3/v3_0_1/testdata/test.json diff --git a/Makefile b/Makefile index b5f3765b..0dc217df 100644 --- a/Makefile +++ b/Makefile @@ -20,3 +20,7 @@ unit: fuzz: go test -v -run=Fuzz -fuzz=FuzzShouldIgnore ./utils -fuzztime=10s go test -v -run=Fuzz -fuzz=FuzzPackageCanGetVerificationCode ./utils -fuzztime=10s + +.PHONY: generate +generate: + go run ./spdx/v3/internal/generate diff --git a/convert/chain.go b/convert/chain.go index b0e8a924..7e24b913 100644 --- a/convert/chain.go +++ b/convert/chain.go @@ -11,13 +11,13 @@ import ( "github.com/spdx/tools-golang/spdx/common" "github.com/spdx/tools-golang/spdx/v2/v2_2" "github.com/spdx/tools-golang/spdx/v2/v2_3" - "github.com/spdx/tools-golang/spdx/v3/v3_0" + "github.com/spdx/tools-golang/spdx/v3/v3_0_1" ) var DocumentChain = converter.NewFuncChain( v2_3.To_v2_2, v2_3.From_v2_2, v2_2.From_v2_1, v2_2.To_v2_1, - v3_0.From_v2_3, + v3_0_1.From_v2_3, ) //). diff --git a/go.mod b/go.mod index 0d2cdb55..2d7ffd8a 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693 github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.7.0 - github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7 + github.com/kzantow/go-ld v0.0.0-20251005195049-7f77d34103cd github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb github.com/stretchr/testify v1.11.1 @@ -14,14 +14,12 @@ require ( ) require ( - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) require ( - github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/piprate/json-gold v0.7.0 // indirect github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 61d50058..82bca03e 100644 --- a/go.sum +++ b/go.sum @@ -1,11 +1,23 @@ -github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 h1:aM1rlcoLz8y5B2r4tTLMiVTrMtpfY0O8EScKJxaSaEc= -github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= +github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693 h1:5mW2UozRrZkMhd6tEsN+T5tCk6XxI+qMLu4DmDTUZd4= +github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693/go.mod h1:SxEY1rkVuDSqQOnD1+G4A45wAKXPMum/a51ywvN/8o4= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7 h1:rBVkkYUZ9mUDmjp2+Y6KthUqbcSB+4kN82PZbuzYkNw= +github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7/go.mod h1:P7HdHSjYOcim2o9GWUj011qCd9bEOc+Bg8SeW6JKV8M= +github.com/kzantow/go-ld v0.0.0-20251005195049-7f77d34103cd h1:MI91BbB76MLGRwt3dLQ0tUQI+IzpF2AaTz1x0cJOXjw= +github.com/kzantow/go-ld v0.0.0-20251005195049-7f77d34103cd/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= +github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b h1:xyh6boGzDR4EpdEDe9ix1KhHNgOSiBjBocahA6FalEQ= +github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b/go.mod h1:RVhE35veDX19r5gfUAR+IYHkAUuPwJO8Ie/qVeFaIzw= +github.com/piprate/json-gold v0.7.0 h1:bEMirgA5y8Z2loTQfxyIFfY+EflxH1CTP6r/KIlcJNw= +github.com/piprate/json-gold v0.7.0/go.mod h1:RVhE35veDX19r5gfUAR+IYHkAUuPwJO8Ie/qVeFaIzw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 h1:J9b7z+QKAmPf4YLrFg6oQUotqHQeUNWwkvo7jZp1GLU= +github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb h1:bLo8hvc8XFm9J47r690TUKBzcjSWdJDxmjXJZ+/f92U= github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= diff --git a/json/reader.go b/json/reader.go index f1a0b989..6847f42b 100644 --- a/json/reader.go +++ b/json/reader.go @@ -14,6 +14,7 @@ import ( "github.com/spdx/tools-golang/spdx/v2/v2_1" "github.com/spdx/tools-golang/spdx/v2/v2_2" "github.com/spdx/tools-golang/spdx/v2/v2_3" + "github.com/spdx/tools-golang/spdx/v3/v3_0_1" ) // Read takes an io.Reader and returns a fully-parsed current model SPDX Document @@ -75,6 +76,13 @@ func ReadInto(content io.Reader, doc common.AnyDocument) error { return err } data = doc + case v3_0_1.Version: + var doc v3_0_1.Document + err = json.Unmarshal(buf.Bytes(), &doc) + if err != nil { + return err + } + data = doc default: return fmt.Errorf("unsupported SDPX version: %s", version) } diff --git a/spdx/v3/internal/generate/main.go b/spdx/v3/internal/generate/main.go new file mode 100644 index 00000000..7729bae6 --- /dev/null +++ b/spdx/v3/internal/generate/main.go @@ -0,0 +1,94 @@ +package main + +import ( + "fmt" + "os" + "path/filepath" + "regexp" + "strings" + + "github.com/kzantow/go-ld/shaclgen" +) + +func main() { + versions := []string{ + //"3.0.0", + "3.0.1", + } + + for _, version := range versions { + packageName := "v" + strings.ReplaceAll(version, ".", "_") + fileName, err := filepath.Abs(fmt.Sprintf("spdx/v3/%s/model.go", packageName)) + if err != nil { + panic(err) + } + err = os.MkdirAll(fmt.Sprintf("spdx/v3/%s", packageName), 0o755) + if err != nil { + panic(err) + } + + fmt.Printf("Generating SPDX %s to %s\n", version, fileName) + + shaclgen.Generate( + shaclgen.EnableLog(), + shaclgen.PackageName(packageName), + shaclgen.LicenseID("MIT"), + shaclgen.OutputFile(fileName), + shaclgen.RenameFunc(renameFunc), + shaclgen.JsonLDContext(fmt.Sprintf("https://spdx.org/rdf/%s/spdx-context.jsonld", version)), + shaclgen.SHACLTypes(fmt.Sprintf("https://spdx.org/rdf/%s/spdx-model.ttl", version)), + ) + + contents, err := os.ReadFile(fileName) + if err != nil { + panic(err) + } + // hack to work around go-ld not compacting certain types + regexp.MustCompile(`(?m)": map[string]any{.*?},\n`).ReplaceAll(contents, []byte(`": map[string]any{ + },`)) + } +} + +func renameFunc(typ shaclgen.NameType, name string, c *shaclgen.Class) string { + if typ == shaclgen.NameTypeField { + // get rid of property stutters + if c != nil && c.GoName != name && !strings.EqualFold(name, "PackageURL") { + shortName := strings.TrimPrefix(name, c.GoName) + if !strings.EqualFold(shortName, "id") { + name = shortName + } + } + + return replaceSuffixes(name, map[string]string{ + "Bies": "By", + "Tos": "To", + "CreatedUsings": "CreatedUsing", + "VerifiedUsings": "VerifiedUsing", + "Id": "ID", + "Url": "URL", + }) + } + switch name { + case "AnyLicenseInfo": + return "LicenseInfo" + case "Bom": + return "BOM" + case "BOMS": + return "BOMs" + case "Sbom": + return "SBOM" + case "SBOMS": + return "SBOMs" + } + return "" +} + +func replaceSuffixes(value string, suffixToReplacement map[string]string) string { + for suffix, replacement := range suffixToReplacement { + if strings.HasSuffix(value, suffix) { + value = strings.TrimSuffix(value, suffix) + return value + replacement + } + } + return value +} diff --git a/spdx/v3/internal/serialize_json.go b/spdx/v3/internal/serialize_json.go new file mode 100644 index 00000000..cdf09803 --- /dev/null +++ b/spdx/v3/internal/serialize_json.go @@ -0,0 +1,373 @@ +package internal + +import ( + "encoding/json" + "errors" + "fmt" + "io" + "os" + "reflect" + "strings" + "time" + + "github.com/google/uuid" + "github.com/kzantow/go-ld" +) + +var Debug = os.Getenv("SPDX_DEBUG") == "true" + +type ldContextProvider interface { + LDContexts() map[string]map[string]any +} + +func ToJSON(spdxContext string, ldContext ld.Context, document any, writer io.Writer) error { + // we only compact the spdx context, not extensions, so ignore any other contexts + ctx := ldContext.(ldContextProvider).LDContexts()[spdxContext] + if ctx == nil { + return fmt.Errorf("spdx context %v not found", spdxContext) + } + + ctx, _ = ctx[ld.JsonContextProp].(map[string]any) + if ctx == nil { + return fmt.Errorf("spdx @context %v not found", spdxContext) + } + + aliases := map[string]string{} + prefixes := map[string]string{} + + for k, v := range ctx { + switch v := v.(type) { + case string: + aliases[v] = k + case map[string]any: + fieldIRI, _ := v[ld.JsonIdProp].(string) + if fieldIRI != "" { + aliases[fieldIRI] = k + subContext, _ := v[ld.JsonContextProp].(map[string]any) + if subContext != nil { + prefix, _ := subContext[ld.JsonVocabProp].(string) + if prefix != "" { + prefixes[fieldIRI] = prefix + } + } + } + } + } + + s := &serializer{ + contextURL: spdxContext, + aliases: aliases, + prefixes: prefixes, + nextID: map[reflect.Type]int{}, + ids: map[reflect.Value]string{}, + in: document, + } + + maps, err := s.toMaps(document) + if err != nil { + return err + } + enc := json.NewEncoder(writer) + enc.SetEscapeHTML(false) + enc.SetIndent("", "") + return enc.Encode(maps) +} + +type serializer struct { + contextURL string + nextID map[reflect.Type]int + ids map[reflect.Value]string + aliases map[string]string + prefixes map[string]string + graph []any + in any +} + +func (s *serializer) toMaps(document any) (map[string]any, error) { + _, errs := s.serialize(reflect.ValueOf(document), "") + return map[string]any{ + "@context": s.contextURL, + "@graph": s.graph, + }, errors.Join(errs...) +} + +func (s *serializer) serialize(v reflect.Value, prefix string) (any, []error) { + out, err := s.serializeValue(v, prefix) + if sv, ok := out.(string); ok { + return strings.TrimPrefix(sv, prefix), err + } + return out, err +} + +func (s *serializer) serializeValue(v reflect.Value, prefix string) (any, []error) { + id := s.ids[v] + if id != "" { + return id, nil + } + if !v.IsValid() { + return nil, nil + } + ptrV := v + if v.Kind() == reflect.Pointer { + if v.IsNil() { + return nil, nil + } + id := s.ids[v] + if id != "" { + return id, nil + } + v = v.Elem() + } + + switch v.Kind() { + case reflect.String, reflect.Bool, reflect.Float32, reflect.Float64, + reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, + reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + return s.serializeSingleValue(v) + case reflect.Interface: + return s.serialize(v.Elem(), prefix) + case reflect.Slice: + return s.serializeSlice(v, prefix) + case reflect.Struct: + return s.serializeStruct(ptrV, v) + default: + panic(fmt.Errorf("unsupported type: %v", v)) + } +} + +func (s *serializer) serializeSingleValue(v reflect.Value) (any, []error) { + return getValue(v), nil +} + +func (s *serializer) serializeSlice(v reflect.Value, prefix string) (any, []error) { + // if this function is called, we have a non-nil slice that may be empty, we always + // want to return a slice rather than nil + sz := v.Len() + serialized := make([]any, 0, sz) + var errs []error + for i := 0; i < v.Len(); i++ { + elem := v.Index(i) + if Debug { + tmp := fmt.Sprintf("%#v", elem) + fmt.Println(tmp) + } + got, err := s.serialize(elem, prefix) + if err != nil { + errs = append(errs, err...) + } else { + serialized = append(serialized, got) + } + } + return serialized, errs +} + +func (s *serializer) serializeStruct(ptrV reflect.Value, v reflect.Value) (any, []error) { + var errs []error + data, ok := s.serializeDataStruct(v) + if ok { + return data, nil + } + + typeName := s.typeName(ptrV) + if typeName == "" { + if Debug { + tmp := fmt.Sprintf("no type for: %#v", ptrV) + fmt.Println(tmp) + } + // structs without types must have an external ID + id, err := ld.GetID(v) + if err != nil { + return "", []error{err} + } + if isExternalID(id) { + return id, nil + } + panic(fmt.Errorf("unable to get typeName or ID for: %v", ptrV.Interface())) + } + + serialized := map[string]any{} + idField := "" + errs = append(errs, s.serializeProps(ptrV, v, &idField, serialized)...) + + id, _ := serialized[idField].(string) + switch len(serialized) { + case 0: + return nil, nil + case 1: + // if the only field output is an external ID, output directly as a string + if isExternalID(id) { + return id, nil + } + } + + typeField := s.aliases[ld.JsonTypeProp] + if typeField == "" { + typeField = ld.JsonTypeProp + } + + serialized[typeField] = typeName + + // move elements to top-level graph + if id != "" { + // this struct needs to be serialized to the graph, and return the id reference to it + s.graph = append(s.graph, serialized) + return id, errs + } + + return serialized, errs +} + +func (s *serializer) serializeProps(ptrV reflect.Value, v reflect.Value, idField *string, serialized map[string]any) (errs []error) { + t := v.Type() + for i := 0; i < v.NumField(); i++ { + f := t.Field(i) + + fv := v.Field(i) + + iri := f.Tag.Get(ld.GoIriTagName) + if iri == "" { + if f.Anonymous && f.Type.Kind() == reflect.Struct { // embedded parent type + errs = append(errs, s.serializeProps(ptrV, fv, idField, serialized)...) + } + continue + } + + k := s.aliases[iri] + if k == "" { + k = iri + } + + if iri == ld.JsonIdProp { + // some types must use @id and allow blank node IDs + if blankNodeAllowed(ptrV) { + if ld.RefCount(ptrV, s.in) == 1 { + continue // don't create an ID, output inline + } + k = iri + } + *idField = k + if isUnset(fv) { + newID := s.newID(ptrV) + s.ids[ptrV] = newID + fv = reflect.ValueOf(newID) + } else { + id := fv.String() + //if !strings.HasPrefix(id, "_:") { + // id = "_:" + id + //} + s.ids[ptrV] = id + } + } + + if isUnset(fv) { + if f.Tag.Get("required") != "true" { + continue + } else if f.Type.Kind() == reflect.Slice { + // always output arrays instead of nil + fv = reflect.MakeSlice(f.Type, 0, 0) + } + } + + serializedField, err := s.serialize(fv, s.prefixes[iri]) + if err != nil { + errs = append(errs, err...) + continue + } + + serialized[k] = serializedField + } + return errs +} + +func blankNodeAllowed(v reflect.Value) bool { + if v.Kind() == reflect.Pointer { + t := v.Type().Elem() + f, ok := ld.FieldByType[ld.Type](t) + if ok { + return strings.Contains(f.Tag.Get(ld.GoNodeKindTagName), "BlankNode") + } + } + return false +} + +func (s *serializer) getId(v reflect.Value) (string, error) { + id, _ := ld.GetID(v) + if id != "" { + return id, nil + } + id = s.ids[v] + return id, nil +} + +func (s *serializer) newID(v reflect.Value) string { + if blankNodeAllowed(v) { + t := v.Elem().Type() + num := s.nextID[t] + 1 + s.nextID[t] = num + return fmt.Sprintf("_:%s_%d", t.Name(), num) + } + u := uuid.New() + return fmt.Sprintf("urn:uuid:%v", u.String()) +} + +func (s *serializer) typeName(v reflect.Value) string { + for v.Kind() == reflect.Pointer { + v = v.Elem() + } + f, ok := ld.FieldByType[ld.Type](v.Type()) + if ok { + iri := f.Tag.Get(ld.GoIriTagName) + alias := s.aliases[iri] + if alias != "" { + return alias + } + return iri + } + return "" +} + +func (s *serializer) serializeDataStruct(v reflect.Value) (any, bool) { + if v.CanInterface() { + switch val := v.Interface().(type) { + case time.Time: + return val.UTC().Format(time.RFC3339), true + } + } + return nil, false +} + +func isUnset(fv reflect.Value) bool { + if !fv.IsValid() { + return true + } + switch fv.Kind() { + case reflect.Pointer, reflect.Interface, reflect.Slice, reflect.Map: + return fv.IsNil() + default: + return fv.IsZero() + } +} + +func getValue(v reflect.Value) any { + switch v.Kind() { + case reflect.String: + return v.String() + case reflect.Bool: + return v.Bool() + case reflect.Float32, reflect.Float64: + return v.Float() + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return v.Int() + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + return v.Uint() + default: + if !v.CanInterface() { + return nil + } + return v.Interface() + } +} + +func isExternalID(id string) bool { + return strings.HasPrefix(id, "http://") || strings.HasPrefix(id, "https://") +} diff --git a/spdx/v3/v3_0/convert.go b/spdx/v3/v3_0/convert.go deleted file mode 100644 index 2f795167..00000000 --- a/spdx/v3/v3_0/convert.go +++ /dev/null @@ -1,280 +0,0 @@ -package v3_0 - -import ( - "fmt" - "os" - "slices" - "strings" - "time" - - "github.com/kzantow/go-ld" - - "github.com/spdx/tools-golang/spdx/v2/common" - "github.com/spdx/tools-golang/spdx/v2/v2_3" -) - -func From_v2_3(doc v2_3.Document, d *Document) { - if d.CreationInfo == nil { - d.CreationInfo = &CreationInfo{} - } - if c, ok := d.CreationInfo.(*CreationInfo); ok { - c.SpecVersion = Version - } - - idMap := map[string]any{} - - d.ID = string(doc.SPDXIdentifier) - d.Comment = doc.DocumentComment - d.CreationInfo = convert23CreationInfo(doc.CreationInfo) - d.Name = doc.DocumentName - d.DataLicense = &LicenseInfo{Element: Element{ - Name: doc.DataLicense, - }} - - for _, pkg := range doc.Packages { - newPkg := convert23Package(idMap, pkg) - if newPkg != nil { - d.RootElements = append(d.RootElements, newPkg) - idMap[string(pkg.PackageSPDXIdentifier)] = newPkg - } - } - - for _, file := range doc.Files { - newFile := convert23File(idMap, file) - if newFile != nil { - d.RootElements = append(d.RootElements, newFile) - idMap[string(file.FileSPDXIdentifier)] = newFile - } - } - - rels := relMap{} - for _, rel := range doc.Relationships { - newRel := convert23Relationship(idMap, rel) - if newRel != nil { - rels.add(newRel) - } - } - for _, relTypes := range rels { - for _, to := range relTypes { - d.RootElements = append(d.RootElements, to) - } - } -} - -type relMap map[AnyElement]map[RelationshipType]*Relationship - -func (r relMap) add(relationship *Relationship) { - relTypes := r[relationship.From] - if relTypes == nil { - relTypes = map[RelationshipType]*Relationship{} - r[relationship.From] = relTypes - } - existing := relTypes[relationship.RelationshipType] - if existing == nil { - relTypes[relationship.RelationshipType] = relationship - return - } - existing.To = appendUnique(existing.To, relationship.To...) -} - -func appendUnique[T comparable](existing []T, adding ...T) []T { - for _, add := range adding { - if slices.Contains(existing, add) { - continue - } - existing = append(existing, add) - } - return existing -} - -func convert23Relationship(idMap map[string]any, rel *v2_3.Relationship) *Relationship { - if rel == nil { - return nil - } - from, _ := idMap[string(rel.RefA.ElementRefID)].(AnyElement) - to, _ := idMap[string(rel.RefB.ElementRefID)].(AnyElement) - if from == nil || to == nil { - return nil - } - return &Relationship{ - Element: Element{ - Comment: rel.RelationshipComment, - }, - From: from, - RelationshipType: convert23RelationshipType(rel.Relationship), - To: []AnyElement{to}, - } -} - -func convert23RelationshipType(relationship string) RelationshipType { - switch strings.ToLower(relationship) { - case "contains", "contained_by": - return RelationshipType_Contains - case "depends_on", "dependency_of": - return RelationshipType_DependsOn - } - return RelationshipType{} -} - -func convert23CreationInfo(info *v2_3.CreationInfo) *CreationInfo { - return &CreationInfo{ - Comment: info.CreatorComment, - Created: convert23Time(info.Created), - CreatedBy: convert23Creators(info.Creators), - SpecVersion: info.LicenseListVersion, - } -} - -func convert23Creators(creators []common.Creator) []AnyAgent { - var out []AnyAgent - for _, c := range creators { - out = append(out, convert23Agent(c.CreatorType, c.Creator)) - } - return out -} - -func convert23Agent(agentType string, agent string) AnyAgent { - switch strings.ToLower(agentType) { - case "person": - return &Person{Agent: Agent{Element: Element{ - Name: agent, - }}} - case "organization", "org": - return &Organization{Agent: Agent{Element: Element{ - Name: agent, - }}} - } - return nil -} - -func convert23File(idMap map[string]any, file *v2_3.File) AnyFile { - if file == nil { - return nil - } - return &File{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{Element: Element{ - ID: string(file.FileSPDXIdentifier), - Comment: file.FileComment, - Name: file.FileName, - }}, - CopyrightText: file.FileCopyrightText, - AttributionTexts: file.FileAttributionTexts, - }, - FileKind: FileKindType_File, - } -} - -func convert23Package(idMap map[string]any, pkg *v2_3.Package) *Package { - if pkg == nil { - return nil - } - return &Package{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: string(pkg.PackageSPDXIdentifier), - Name: pkg.PackageName, - Summary: pkg.PackageSummary, - Comment: pkg.PackageComment, - Description: pkg.PackageDescription, - ExternalIdentifiers: convert23ExternalIdentifiers(pkg.PackageExternalReferences), - VerifiedUsing: convert23VerifiedUsing(pkg.PackageVerificationCode), - }, - BuiltTime: convert23Time(pkg.BuiltDate), - OriginatedBy: convert23PackageOriginator(pkg.PackageOriginator), - ReleaseTime: convert23Time(pkg.ReleaseDate), - SuppliedBy: convert23Supplier(pkg.PackageSupplier), - ValidUntilTime: convert23Time(pkg.ValidUntilDate), - }, - AttributionTexts: pkg.PackageAttributionTexts, - CopyrightText: pkg.PackageCopyrightText, - PrimaryPurpose: convert23PrimaryPurpose(pkg.PrimaryPackagePurpose), - }, - - DownloadLocation: convert23URI(pkg.PackageDownloadLocation), - HomePage: convert23URI(pkg.PackageHomePage), - PackageUrl: convert23PackageUrl(pkg.PackageExternalReferences), - PackageVersion: pkg.PackageVersion, - SourceInfo: pkg.PackageSourceInfo, - } -} - -func convert23Time(date string) time.Time { - t, err := time.Parse(time.RFC3339, date) - if err != nil { - logDropped(err) - return time.Time{} - } - return t -} - -func convert23URI(uri string) ld.URI { - return ld.URI(uri) -} - -func logDropped(value any) { - _, _ = fmt.Fprintf(os.Stderr, "dropped: %v", value) -} - -func convert23PackageUrl(references []*v2_3.PackageExternalReference) ld.URI { - for _, ref := range references { - if ref.RefType == common.TypePackageManagerPURL { - return convert23URI(ref.Locator) - } - } - return "" -} - -func convert23PrimaryPurpose(purpose string) SoftwarePurpose { - switch purpose { - case "container": - return SoftwarePurpose_Container - case "library": - return SoftwarePurpose_Library - case "application": - return SoftwarePurpose_Application - } - return SoftwarePurpose{} -} - -func convert23Supplier(supplier *common.Supplier) AnyAgent { - if supplier == nil { - return nil - } - return convert23Agent(supplier.SupplierType, supplier.Supplier) -} - -func convert23PackageOriginator(originator *common.Originator) []AnyAgent { - if originator == nil { - return nil - } - return []AnyAgent{convert23Agent(originator.OriginatorType, originator.Originator)} -} - -func convert23VerifiedUsing(verificationCode *common.PackageVerificationCode) []AnyIntegrityMethod { - return nil // TODO -} - -func convert23ExternalIdentifiers(references []*v2_3.PackageExternalReference) []AnyExternalIdentifier { - var out []AnyExternalIdentifier - for _, r := range references { - typ := ExternalIdentifierType{} - switch r.RefType { - case common.TypeSecurityCPE22Type: - typ = ExternalIdentifierType_Cpe22 - case common.TypeSecurityCPE23Type: - typ = ExternalIdentifierType_Cpe23 - case common.TypePackageManagerPURL: - typ = ExternalIdentifierType_PackageUrl - default: - continue // unknown - } - out = append(out, &ExternalIdentifier{ - Comment: r.ExternalRefComment, - ExternalIdentifierType: typ, - Identifier: r.Locator, - }) - } - return out -} diff --git a/spdx/v3/v3_0_1/convert.go b/spdx/v3/v3_0_1/convert.go new file mode 100644 index 00000000..efd943b3 --- /dev/null +++ b/spdx/v3/v3_0_1/convert.go @@ -0,0 +1,905 @@ +package v3_0_1 + +import ( + "fmt" + "os" + "reflect" + "regexp" + "slices" + "strings" + "time" + + "github.com/kzantow/go-ld" + "github.com/spdx/tools-golang/spdx/v3/internal" + + "github.com/spdx/tools-golang/spdx/v2/common" + "github.com/spdx/tools-golang/spdx/v2/v2_3" +) + +func From_v2_3(doc v2_3.Document, d *Document) { + c := newDocumentConverter(d) + + // namespace is used to prefix document IDs + if doc.DocumentNamespace != "" { + d.NamespaceMaps = NamespaceMapList{ + &NamespaceMap{ + Namespace: URI(doc.DocumentNamespace), + }, + } + c.namespace = "ns" + } + + // set creationInfo of the converter so all created objects use the original + c.creationInfo = c.convert23creationInfo(doc.CreationInfo) + + if d.CreationInfo == nil { + d.CreationInfo = c.creationInfo + } + + if len(d.ProfileConformances) == 0 { + d.ProfileConformances = []ProfileIdentifierType{ProfileIdentifierType_Core, ProfileIdentifierType_Software} + } + + d.ID = string(doc.SPDXIdentifier) + d.Comment = doc.DocumentComment + d.Imports = list[ExternalMapList](c.convert23externalDocumentRef, doc.ExternalDocumentReferences...) + d.Name = doc.DocumentName + d.DataLicense = c.convert23licenseString(doc.DataLicense) + + var converted ElementList + for _, l := range doc.OtherLicenses { + converted = append(converted, c.convert23license(l)) + } + + for _, pkg := range doc.Packages { + converted = append(converted, c.convert23package(pkg)) + } + + for _, file := range doc.Files { + converted = append(converted, c.convert23file(file)) + } + + for _, a := range doc.Annotations { + converted = append(converted, c.convert23annotation(a)) + } + + for _, s := range doc.Snippets { + converted = append(converted, c.convert23snippet(s)) + } + + var relationships ElementList + for _, rel := range doc.Relationships { + r := c.convert23relationship(rel) + if r != nil { + c.sbom.Elements = append(c.sbom.Elements, r) + converted = append(relationships, r) + } + } + + // if the user did not add elements to the document via relationships, + // just add all elements directly + if len(c.sbom.RootElements) == 0 { + c.sbom.RootElements = append(notNil(converted), notNil(relationships)...) + } else { + c.sbom.Elements = append(c.sbom.Elements, notNil(converted)...) + } +} + +func newDocumentConverter(d *Document) *documentConverter { + // Java tools prefix all these values with: http://spdx.org/rdf/references/ + // I'm assuming this is because they are converted to RDF when imported, which we are not doing + const referencePrefix = "" + + if d.LDContext == nil { + d.LDContext = context() + } + sbom := &SBOM{} + d.RootElements = ElementList{sbom} + c := &documentConverter{ + emailExtractor: regexp.MustCompile(`(.*)\s*[(<]([^)>]+)[)>]$`), + relationshipMap: map[any][]*Relationship{}, + sbom: sbom, + idMap: duplicateLower(map[string]any{ + "SPDXRef-DOCUMENT": sbom, + }), + lifecycleMap: duplicateLower(map[string]LifecycleScopeType{ + "BUILD_TOOL_OF": LifecycleScopeType_Build, + "DEPENDS_ON": LifecycleScopeType_Build, + "DEV_DEPENDENCY_OF": LifecycleScopeType_Development, + "DEV_TOOL_OF": LifecycleScopeType_Development, + "RUNTIME_DEPENDENCY_OF": LifecycleScopeType_Runtime, + "TEST_DEPENDENCY_OF": LifecycleScopeType_Test, + "TEST_TOOL_OF": LifecycleScopeType_Test, + }), + inverseRelationshipMap: duplicateLower(map[string]RelationshipType{ + "DESCRIBED_BY": RelationshipType_Describes, + "BUILD_TOOL_OF": RelationshipType_UsesTool, + "CONTAINED_BY": RelationshipType_Contains, + "COPY_OF": RelationshipType_CopiedTo, + "DATA_FILE_OF": RelationshipType_HasDataFile, + "DOCUMENTATION_OF": RelationshipType_HasDocumentation, + "DYNAMIC_LINK": RelationshipType_HasDynamicLink, + "EXPANDED_FROM_ARCHIVE": RelationshipType_ExpandsTo, + "FILE_ADDED": RelationshipType_HasAddedFile, + "FILE_DELETED": RelationshipType_HasDeletedFile, + "GENERATED_FROM": RelationshipType_Generates, + "METAFILE_OF": RelationshipType_HasMetadata, + "OPTIONAL_COMPONENT_OF": RelationshipType_HasOptionalComponent, + "PACKAGE_OF": RelationshipType_PackagedBy, + "PATCH_APPLIED": RelationshipType_PatchedBy, + "PATCH_FOR": RelationshipType_PatchedBy, + "AMENDS": RelationshipType_AmendedBy, + "TEST_CASE_OF": RelationshipType_HasTestCase, + "PREREQUISITE_FOR": RelationshipType_HasPrerequisite, + "VARIANT_OF": RelationshipType_HasVariant, + "BUILD_DEPENDENCY_OF": RelationshipType_DependsOn, + "DEPENDENCY_MANIFEST_OF": RelationshipType_HasDependencyManifest, + "DEPENDENCY_OF": RelationshipType_DependsOn, + "DEV_DEPENDENCY_OF": RelationshipType_DependsOn, + "DEV_TOOL_OF": RelationshipType_UsesTool, + "EXAMPLE_OF": RelationshipType_HasExample, + "OPTIONAL_DEPENDENCY_OF": RelationshipType_HasOptionalDependency, + "PROVIDED_DEPENDENCY_OF": RelationshipType_HasProvidedDependency, + "RUNTIME_DEPENDENCY_OF": RelationshipType_DependsOn, + "TEST_DEPENDENCY_OF": RelationshipType_DependsOn, + "TEST_OF": RelationshipType_HasTest, + "TEST_TOOL_OF": RelationshipType_UsesTool, + "REQUIREMENT_DESCRIPTION_FOR": RelationshipType_HasRequirement, + "SPECIFICATION_FOR": RelationshipType_HasSpecification, + }), + relationshipTypeMap: duplicateLower(map[string]RelationshipType{ + "DESCRIBES": RelationshipType_Describes, + "ANCESTOR_OF": RelationshipType_AncestorOf, + "CONTAINS": RelationshipType_Contains, + "DESCENDANT_OF": RelationshipType_DescendantOf, + "DISTRIBUTION_ARTIFACT": RelationshipType_HasDistributionArtifact, + "FILE_MODIFIED": RelationshipType_ModifiedBy, + "GENERATES": RelationshipType_Generates, + "OTHER": RelationshipType_Other, + "STATIC_LINK": RelationshipType_HasStaticLink, + "HAS_PREREQUISITE": RelationshipType_HasPrerequisite, + "DEPENDS_ON": RelationshipType_DependsOn, + }), + hashAlgorithmMap: duplicateLower(map[string]HashAlgorithm{ + "ADLER32": HashAlgorithm_Other, + "BLAKE2b_256": HashAlgorithm_Blake2b256, + "BLAKE2b_384": HashAlgorithm_Blake2b384, + "BLAKE2b_512": HashAlgorithm_Blake2b512, + "BLAKE3": HashAlgorithm_Blake3, + "MD2": HashAlgorithm_Md2, + "MD4": HashAlgorithm_Md4, + "MD5": HashAlgorithm_Md5, + "MD6": HashAlgorithm_Md6, + "SHA1": HashAlgorithm_Sha1, + "SHA224": HashAlgorithm_Sha224, + "SHA256": HashAlgorithm_Sha256, + "SHA384": HashAlgorithm_Sha384, + "SHA3_256": HashAlgorithm_Sha3_256, + "SHA3_384": HashAlgorithm_Sha3_384, + "SHA3_512": HashAlgorithm_Sha3_512, + "SHA512": HashAlgorithm_Sha3_512, + }), + annotationTypeMap: duplicateLower(map[string]AnnotationType{ + "OTHER": AnnotationType_Other, + "REVIEW": AnnotationType_Review, + }), + contentIdentifierTypeMap: duplicateLower(map[string]ContentIdentifierType{ + referencePrefix + "gitoid": ContentIdentifierType_Gitoid, + referencePrefix + "swh": ContentIdentifierType_Swhid, + }), + externalIdentifierTypeMap: duplicateLower(map[string]ExternalIdentifierType{ + referencePrefix + "cpe22Type": ExternalIdentifierType_Cpe22, + referencePrefix + "cpe23Type": ExternalIdentifierType_Cpe23, + referencePrefix + "swid": ExternalIdentifierType_Swid, + referencePrefix + "purl": ExternalIdentifierType_PackageURL, + }), + externalRefTypeMap: duplicateLower(map[string]ExternalRefType{ + referencePrefix + "maven-central": ExternalRefType_MavenCentral, + referencePrefix + "npm": ExternalRefType_Npm, + referencePrefix + "nuget": ExternalRefType_Nuget, + referencePrefix + "bower": ExternalRefType_Bower, + referencePrefix + "advisory": ExternalRefType_SecurityAdvisory, + referencePrefix + "fix": ExternalRefType_SecurityFix, + referencePrefix + "url": ExternalRefType_SecurityOther, + }), + primaryPurposeMap: duplicateLower(map[string]SoftwarePurpose{ + "APPLICATION": SoftwarePurpose_Application, + "ARCHIVE": SoftwarePurpose_Archive, + "CONTAINER": SoftwarePurpose_Container, + "DEVICE": SoftwarePurpose_Device, + "FILE": SoftwarePurpose_File, + "FIRMWARE": SoftwarePurpose_Firmware, + "FRAMEWORK": SoftwarePurpose_Framework, + "INSTALL": SoftwarePurpose_Install, + "LIBRARY": SoftwarePurpose_Library, + "OPERATING_SYSTEM": SoftwarePurpose_OperatingSystem, + "OTHER": SoftwarePurpose_Other, + "SOURCE": SoftwarePurpose_Source, + }), + } + return c +} + +type documentConverter struct { + sbom *SBOM + namespace string + idMap map[string]any + creationInfo AnyCreationInfo + relationshipMap map[any][]*Relationship + relationshipTypeMap map[string]RelationshipType + inverseRelationshipMap map[string]RelationshipType + lifecycleMap map[string]LifecycleScopeType + hashAlgorithmMap map[string]HashAlgorithm + annotationTypeMap map[string]AnnotationType + contentIdentifierTypeMap map[string]ContentIdentifierType + externalIdentifierTypeMap map[string]ExternalIdentifierType + externalRefTypeMap map[string]ExternalRefType + primaryPurposeMap map[string]SoftwarePurpose + emailExtractor *regexp.Regexp +} + +func (c *documentConverter) addRelationship(r *Relationship) { + rels := c.relationshipMap[r.From] + for _, existing := range rels { + if existing.Type == r.Type { + if r.Comment != existing.Comment { + continue + } + existing.To = appendUnique(existing.To, r.To...) + return + } + } + c.relationshipMap[r.From] = append(c.relationshipMap[r.From], r) +} + +func (c *documentConverter) convert23relationship(rel *v2_3.Relationship) AnyRelationship { + if rel == nil { + return nil + } + from, _ := c.idMap[string(rel.RefA.ElementRefID)].(AnyElement) + to, _ := c.idMap[string(rel.RefB.ElementRefID)].(AnyElement) + if from == nil || to == nil { + c.logDropped(rel) + return nil + } + + typ, invert := c.convert23relationshipType(rel.Relationship) + if invert { + to, from = from, to + } + + // SPDX 3 direct document elements are in RootElement list, not relationships + if from == c.sbom { + // TODO are there special cases depending on type? + c.sbom.RootElements = append(c.sbom.RootElements, to) + return nil + } + + r := &Relationship{ + Element: Element{ + Comment: rel.RelationshipComment, + }, + From: from, + Type: typ, + To: ElementList{to}, + } + c.addRelationship(r) + return r +} + +func (c *documentConverter) convert23relationshipType(typ string) (RelationshipType, bool) { + typ = strings.ToUpper(typ) + out, ok := c.relationshipTypeMap[typ] + if ok { + return out, false + } + out, ok = c.inverseRelationshipMap[typ] + if ok { + return out, true + } + return RelationshipType{}, false +} + +func (c *documentConverter) convert23creationInfo(info *v2_3.CreationInfo) AnyCreationInfo { + if info == nil || len(info.Creators) == 0 { + return nil + } + ci := &CreationInfo{ + Comment: info.CreatorComment, + Created: c.convert23time(info.Created), + CreatedBy: list[AgentList](c.convert23creator, info.Creators...), + CreatedUsing: list[ToolList](c.convert23tool, info.Creators...), + // TODO should this be set? + // SpecVersion: info.LicenseListVersion, + } + + // update circular references, which will be set to nil by default + for _, a := range ci.CreatedBy.Agents() { + a.CreationInfo = ci + } + for _, a := range ci.CreatedUsing.Tools() { + a.CreationInfo = ci + } + + return ci +} + +func (c *documentConverter) convert23tool(creator common.Creator) AnyTool { + if strings.ToLower(creator.CreatorType) != "tool" { + return nil + } + + if creator.Creator != "" { + c.logDropped(creator) + return nil + } + + return &Tool{ + Element: Element{ + CreationInfo: c.creationInfo, + Name: creator.Creator, + }, + } +} + +func (c *documentConverter) convert23creator(creator common.Creator) AnyAgent { + return c.convert23agent(creator.CreatorType, creator.Creator) +} + +func (c *documentConverter) convert23originator(creator *common.Originator) AnyAgent { + return c.convert23agent(creator.OriginatorType, creator.Originator) +} + +func (c *documentConverter) convert23supplier(creator *common.Supplier) AnyAgent { + return c.convert23agent(creator.SupplierType, creator.Supplier) +} + +func (c *documentConverter) convert23annotator(creator *common.Annotator) AnyAgent { + return c.convert23agent(creator.AnnotatorType, creator.Annotator) +} + +func (c *documentConverter) convert23contributors(contributors ...string) AgentList { + var agents AgentList + for _, contributor := range contributors { + parts := strings.Split(contributor, ":") + if len(parts) > 1 && strings.EqualFold(parts[0], "person") { + contributor = parts[1] + } + agent := c.convert23agent("person", contributor) + if agent != nil { + agents = append(agents, agent) + } + } + return agents +} + +func (c *documentConverter) convert23agent(typ, name string) AnyAgent { + name = strings.TrimSpace(name) + if name == "" { + return nil + } + emailValue := "" + match := c.emailExtractor.FindStringSubmatch(name) + if len(match) > 2 { + name = strings.TrimSpace(match[1]) + emailValue = strings.TrimSpace(match[2]) + } + var out AnyAgent + switch strings.ToLower(typ) { + case "person": + out = &Person{Agent: Agent{Element: Element{ + CreationInfo: c.creationInfo, + Name: name, + }}} + case "organization", "org": + out = &Organization{Agent: Agent{Element: Element{ + CreationInfo: c.creationInfo, + Name: name, + }}} + case "tool": // handled elsewhere + default: + c.logDropped(fmt.Sprintf("unknown agent type: %v with value: %v", typ, name)) + } + if emailValue != "" { + Cast[Element](out).ExternalIdentifiers = externalIdentifierListEmail(emailValue) + } + return out +} + +func (c *documentConverter) convert23file(f *v2_3.File) AnyFile { + if f == nil { + return nil + } + + out := &File{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: string(f.FileSPDXIdentifier), + Comment: f.FileComment, + Name: f.FileName, + Description: f.FileNotice, + ExternalRefs: nil, + Summary: "", + VerifiedUsing: list[IntegrityMethodList](c.convert23checksum, f.Checksums...), + }, + StandardNames: nil, + BuiltTime: time.Time{}, + ReleaseTime: time.Time{}, + SupportLevels: nil, + SuppliedBy: nil, + OriginatedBy: c.convert23contributors(f.FileContributors...), + ValidUntilTime: time.Time{}, + }, + AttributionTexts: f.FileAttributionTexts, + CopyrightText: f.FileCopyrightText, + }, + ContentType: "", + Kind: FileKindType_File, + } + + for _, s := range f.Snippets { + v3 := c.convert23snippet(*s) + c.addRelationship(&Relationship{ + Type: RelationshipType_Contains, + From: out, + To: ElementList{v3}, + }) + } + + for _, a := range f.Annotations { + v3 := c.convert23annotation(&a) + c.addRelationship(&Relationship{ + Type: RelationshipType_Describes, + From: v3, + To: ElementList{out}, + }) + } + + c.idMap[string(f.FileSPDXIdentifier)] = out + return out +} + +func (c *documentConverter) convert23package(pkg *v2_3.Package) AnyPackage { + if pkg == nil { + return nil + } + + verificationCodes := list[IntegrityMethodList](c.convert23packageVerificationCode, pkg.PackageVerificationCode) + + for _, checksum := range pkg.PackageChecksums { + ck := c.convert23checksum(checksum) + if ck != nil { + verificationCodes = append(verificationCodes, ck) + } + } + + id := string(pkg.PackageSPDXIdentifier) + out := &Package{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: id, + Name: pkg.PackageName, + Summary: pkg.PackageSummary, + Comment: pkg.PackageComment, + Description: pkg.PackageDescription, + ExternalIdentifiers: list[ExternalIdentifierList](c.convert23externalIdentifier, pkg.PackageExternalReferences...), + VerifiedUsing: verificationCodes, + }, + BuiltTime: c.convert23time(pkg.BuiltDate), + OriginatedBy: list[AgentList](c.convert23originator, pkg.PackageOriginator), + ReleaseTime: c.convert23time(pkg.ReleaseDate), + SuppliedBy: c.convert23supplier(pkg.PackageSupplier), + ValidUntilTime: c.convert23time(pkg.ValidUntilDate), + }, + AttributionTexts: pkg.PackageAttributionTexts, + CopyrightText: pkg.PackageCopyrightText, + PrimaryPurpose: c.convert23purpose(pkg.PrimaryPackagePurpose), + }, + Version: pkg.PackageVersion, + DownloadLocation: c.convert23uri(pkg.PackageDownloadLocation), + HomePage: c.convert23uri(pkg.PackageHomePage), + PackageURL: c.convert23packageUrl(pkg.PackageExternalReferences), + SourceInfo: pkg.PackageSourceInfo, + } + + for obj, ident := range out.ExternalIdentifiers.ExternalIdentifiers() { + if ident.Type == ExternalIdentifierType_PackageURL { + if ident.Comment != "" { + continue + } + purl := ld.URI(ident.Identifier) + if purl.Validate() == nil { + out.PackageURL = purl + out.ExternalIdentifiers = slices.DeleteFunc(out.ExternalIdentifiers, func(identifier AnyExternalIdentifier) bool { + return identifier == obj + }) + break + } + } + } + + c.idMap[id] = out + + if pkg.PackageLicenseComments != "" { + if out.Comment == "" { + out.Comment = pkg.PackageLicenseComments + } else { + // this appears to be the behavior from the Java tools: + // https://github.com/spdx/Spdx-Java-Library/blob/e3640e27a423a5562c52bcc4075cce9ac35f433a/src/main/java/org/spdx/library/conversion/Spdx2to3Converter.java#L1233 + out.Comment += ";" + pkg.PackageLicenseComments + } + } + + for _, l := range pkg.PackageLicenseInfoFromFiles { + d := c.convert23licenseString(l) + if d != nil { + c.addRelationship(&Relationship{ + Type: RelationshipType_HasConcludedLicense, + From: out, + To: ElementList{d}, + }) + } + } + d := c.convert23licenseString(pkg.PackageLicenseDeclared) + if d != nil { + c.addRelationship(&Relationship{ + Type: RelationshipType_HasDeclaredLicense, + From: out, + To: ElementList{d}, + }) + } + + d = c.convert23licenseString(pkg.PackageLicenseConcluded) + if d != nil { + c.addRelationship(&Relationship{ + Type: RelationshipType_HasConcludedLicense, + From: out, + To: ElementList{d}, + }) + } + + for _, f := range pkg.Files { + v3file := c.convert23file(f) + if v3file == nil { + continue + } + c.addRelationship(&Relationship{ + Type: RelationshipType_Contains, + From: out, + To: ElementList{v3file}, + }) + } + + return out +} + +func (c *documentConverter) convert23time(date string) time.Time { + if date == "" { + return time.Time{} + } + t, err := time.Parse(time.RFC3339, date) + if err != nil { + c.logDropped(err) + } + return t +} + +func (c *documentConverter) convert23uri(uri string) ld.URI { + out := ld.URI(uri) + if out.Validate() == nil { + return out + } + c.logDropped(out) + return "" +} + +func (c *documentConverter) logDropped(value any) { + if value == nil || !internal.Debug { + return + } + _, _ = fmt.Fprintf(os.Stderr, "dropped: %v", value) +} + +func (c *documentConverter) convert23packageUrl(references []*v2_3.PackageExternalReference) ld.URI { + for _, ref := range references { + if ref.RefType == common.TypePackageManagerPURL { + return c.convert23uri(ref.Locator) + } + } + return "" +} + +func (c *documentConverter) convert23purpose(purpose string) SoftwarePurpose { + return c.primaryPurposeMap[strings.ToLower(purpose)] +} + +func (c *documentConverter) convert23packageVerificationCode(v *common.PackageVerificationCode) AnyIntegrityMethod { + if v == nil || v.Value == "" { + c.logDropped(v) + return nil + } + return &PackageVerificationCode{ + Algorithm: HashAlgorithm_Sha1, + HashValue: v.Value, + ExcludedFiles: v.ExcludedFiles, + } +} + +func (c *documentConverter) convert23externalIdentifier(r *v2_3.PackageExternalReference) AnyExternalIdentifier { + if r == nil { + return nil + } + typ, ok := c.externalIdentifierTypeMap[r.RefType] + if !ok || r.Locator == "" { + c.logDropped(r) + return nil + } + return &ExternalIdentifier{ + Comment: r.ExternalRefComment, + Type: typ, + Identifier: r.Locator, + } +} + +func (c *documentConverter) convert23license(l *v2_3.OtherLicense) AnyLicenseInfo { + if l == nil { + return nil + } + + var seeAlso []ld.URI + for _, ref := range l.LicenseCrossReferences { + seeAlso = append(seeAlso, ld.URI(ref)) + } + + out := &CustomLicense{ + License: License{ + ExtendableLicense: ExtendableLicense{ + LicenseInfo: LicenseInfo{ + Element: Element{ + Name: l.LicenseName, + Comment: l.LicenseComment, + }, + }, + }, + SeeAlsos: seeAlso, + Text: l.ExtractedText, + }, + } + + c.idMap[l.LicenseIdentifier] = out + + return out +} + +func (c *documentConverter) convert23licenseString(licenseString string) AnyLicenseInfo { + if licenseString == "" { + return nil + } + + var out AnyLicenseInfo + if strings.HasPrefix(licenseString, "LicenseRef-") { + license, _ := c.idMap[licenseString].(AnyLicenseInfo) + if license != nil { + return license + } + out = &CustomLicense{ + License: License{ + ExtendableLicense: ExtendableLicense{ + LicenseInfo: LicenseInfo{ + Element: Element{ + Name: licenseString, + }, + }, + }, + Text: licenseString, + }, + } + } else { + out = &ListedLicense{ + License: License{ + ExtendableLicense: ExtendableLicense{ + LicenseInfo: LicenseInfo{ + Element: Element{ + Name: licenseString, + }, + }, + }, + }, + } + } + + return out +} + +func (c *documentConverter) convert23externalDocumentRef(r v2_3.ExternalDocumentRef) AnyExternalMap { + if r.DocumentRefID == "" || r.URI == "" { + c.logDropped(r) + return nil + } + return &ExternalMap{ + ExternalSpdxID: ld.URI(r.DocumentRefID), + LocationHint: ld.URI(r.URI), + VerifiedUsing: list[IntegrityMethodList](c.convert23checksum, r.Checksum), + } +} + +func (c *documentConverter) convert23checksum(checksum common.Checksum) AnyIntegrityMethod { + if checksum.Value == "" { + c.logDropped(checksum) + return nil + } + return &Hash{ + Value: checksum.Value, + Algorithm: c.hashAlgorithmMap[string(checksum.Algorithm)], + } +} + +func (c *documentConverter) convert23annotation(a *v2_3.Annotation) AnyAnnotation { + if a == nil { + return nil + } + + typ, ok := c.annotationTypeMap[strings.ToUpper(a.AnnotationType)] + if !ok { + c.logDropped(a) + return nil + } + + out := &Annotation{ + Element: Element{ + CreationInfo: &CreationInfo{ + Created: c.convert23time(a.AnnotationDate), + CreatedBy: list[AgentList](c.convert23annotator, &a.Annotator), + }, + }, + Type: typ, + Statement: a.AnnotationComment, + } + + to, _ := c.idMap[string(a.AnnotationSPDXIdentifier.ElementRefID)].(AnyElement) + if to != nil { + c.addRelationship(&Relationship{ + Type: RelationshipType_Describes, + From: out, + To: ElementList{to}, + }) + } + return out +} + +func (c *documentConverter) convert23snippet(s v2_3.Snippet) AnyElement { + snippetFile, _ := c.idMap[string(s.SnippetFromFileSPDXIdentifier)].(AnyFile) + + var licenses LicenseInfoList + d := c.convert23licenseString(s.SnippetLicenseConcluded) + if licenseInfo := Cast[LicenseInfo](d); licenseInfo != nil { + licenseInfo.Comment = s.SnippetLicenseComments + licenses = append(licenses, d) + } + + for _, licenseInfo := range s.LicenseInfoInSnippet { + d = c.convert23licenseString(licenseInfo) + if licenseInfo := Cast[LicenseInfo](d); licenseInfo != nil { + licenseInfo.Comment = s.SnippetLicenseComments + licenses = append(licenses, d) + } + } + + var allSnippets ElementList + + for _, r := range s.Ranges { + // there are 2 spots that might hold references to the file, try to handle them both: + f, _ := c.idMap[string(r.StartPointer.FileSPDXIdentifier)].(AnyFile) + if f == nil { + f = snippetFile + } + if snippetFile == nil { + snippetFile = f + } + newSnippet := &Snippet{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: string(s.SnippetSPDXIdentifier), + Comment: s.SnippetComment, + Name: s.SnippetName, + }, + }, + CopyrightText: s.SnippetCopyrightText, + AttributionTexts: s.SnippetAttributionTexts, + }, + FromFile: f, + LineRange: &PositiveIntegerRange{ + BeginIntegerRange: ld.PositiveInt(r.StartPointer.LineNumber), + EndIntegerRange: ld.PositiveInt(r.EndPointer.LineNumber), + }, + ByteRange: &PositiveIntegerRange{ + BeginIntegerRange: ld.PositiveInt(r.StartPointer.Offset), + EndIntegerRange: ld.PositiveInt(r.EndPointer.Offset), + }, + } + + for _, l := range licenses { + c.addRelationship(&Relationship{ + Type: RelationshipType_HasConcludedLicense, + From: newSnippet, + To: ElementList{l}, + }) + } + + allSnippets = append(allSnippets, newSnippet) + } + + var out AnyElement + switch len(allSnippets) { + case 0: + case 1: + out = allSnippets[0] + default: + out = &Bundle{ + ElementCollection: ElementCollection{ + Elements: allSnippets, + }, + } + } + + c.idMap[string(s.SnippetSPDXIdentifier)] = out + + if snippetFile != nil { + c.addRelationship(&Relationship{ + Type: RelationshipType_Describes, + From: out, + To: ElementList{snippetFile}, + }) + } + + return out +} + +func appendUnique[T comparable](existing []T, adding ...T) []T { + for _, add := range adding { + if isNil(add) || slices.Contains(existing, add) { + continue + } + existing = append(existing, add) + } + return existing +} + +func list[ListType ~[]To, From, To any](convertFunc func(From) To, values ...From) ListType { + var out ListType + for _, v := range values { + if isNil(v) { + continue + } + o := convertFunc(v) + if isNil(o) { + continue + } + out = append(out, o) + } + return out +} + +func isNil(o any) bool { + v := reflect.ValueOf(o) + return !v.IsValid() || v.IsZero() +} + +func externalIdentifierListEmail(emailAddr string) ExternalIdentifierList { + return ExternalIdentifierList{ + &ExternalIdentifier{ + Type: ExternalIdentifierType_Email, + Identifier: emailAddr, + }, + } +} + +func duplicateLower[T any](m map[string]T) map[string]T { + for k, v := range m { + m[strings.ToLower(k)] = v + } + return m +} diff --git a/spdx/v3/v3_0_1/convert_test.go b/spdx/v3/v3_0_1/convert_test.go new file mode 100644 index 00000000..319a9c47 --- /dev/null +++ b/spdx/v3/v3_0_1/convert_test.go @@ -0,0 +1,155 @@ +package v3_0_1 + +import ( + "testing" + + "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" + "github.com/kzantow/go-ld" + "github.com/stretchr/testify/require" +) + +func Test_convertElements(t *testing.T) { + tests := []struct { + name string + expected any + convert func(*documentConverter) any + }{ + { + name: "creationInfo", + expected: v301creationInfo(), + convert: func(c *documentConverter) any { + return c.convert23creationInfo(v23creationInfo()) + }, + }, + { + name: "externalDocumentRef", + expected: v301externalMap1(), + convert: func(c *documentConverter) any { + return c.convert23externalDocumentRef(*v23externalDocumentRef1()) + }, + }, + { + name: "snippet", + expected: first(v301snippet1(nil)), + convert: func(c *documentConverter) any { + return c.convert23snippet(*v23snippet1()) + }, + }, + { + name: "annotation", + expected: v301annotation1(nil), + convert: func(c *documentConverter) any { + return c.convert23annotation(v23annotation1()) + }, + }, + { + name: "otherLicense", + expected: v301customLicense1(), + convert: func(c *documentConverter) any { + return c.convert23license(v23customLicense1()) + }, + }, + { + name: "file", + expected: first(v301file1()), + convert: func(c *documentConverter) any { + return c.convert23file(v23file1()) + }, + }, + { + name: "package", + expected: first(v301package1()), + convert: func(c *documentConverter) any { + return c.convert23package(v23package1()) + }, + }, + { + name: "full document", + expected: v301doc(), + convert: func(c *documentConverter) any { + d := &Document{} + From_v2_3(*v23doc(), d) + return d + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + c := newTestConverter() + got := tt.convert(c) + if tt.expected == nil { + require.Nil(t, got) + return + } + require.NotNil(t, got) + diff := cmp.Diff(tt.expected, got, diffOpts()...) + if diff != "" { + t.Errorf("mismatch (-want +got):\n%s", diff) + } + }) + } +} + +func each[Element, View any](s ld.TypeSeq[Element, View]) []View { + var out []View + for _, v := range s { + out = append(out, v) + } + return out +} + +func Test_documentConversion(t *testing.T) { + expected := v301doc() + + converted := &Document{} + From_v2_3(*v23doc(), converted) + + startPkgs := each(expected.Elements.Packages()) + gotPkgs := each(converted.Elements.Packages()) + if diff := cmp.Diff(startPkgs, gotPkgs, diffOpts()...); diff != "" { + t.Errorf("mismatch (-want +got):\n%s", diff) + } + + startRels := each(expected.Elements.Relationships()) + gotRels := each(converted.Elements.Relationships()) + if diff := cmp.Diff(startRels, gotRels, diffOpts()...); diff != "" { + t.Errorf("mismatch (-want +got):\n%s", diff) + } +} + +func diffOpts() []cmp.Option { + var out []cmp.Option + out = append(out, + cmpopts.IgnoreFields(Document{}, "LDContext"), + cmpopts.IgnoreFields(Element{}, "ID", "CreationInfo"), + cmpopts.IgnoreFields(ElementCollection{}, "Elements"), // we only want to compare RootElements + cmpopts.IgnoreFields(CreationInfo{}, "CreatedUsing"), + cmpopts.EquateComparable( + ExternalIdentifierType{}, + HashAlgorithm{}, + FileKindType{}, + SoftwarePurpose{}, + PresenceType{}, + SafetyRiskAssessmentType{}, + RelationshipCompleteness{}, + RelationshipType{}, + AnnotationType{}, + ProfileIdentifierType{}, + ExternalIRI{}, + ), + ) + return out +} + +func newTestConverter() *documentConverter { + d := Document{ + LDContext: context(), + } + return newDocumentConverter(&d) +} + +func first[T1, T2 any](v1 T1, _ T2) T1 { + return v1 +} diff --git a/spdx/v3/v3_0_1/convert_v23_test.go b/spdx/v3/v3_0_1/convert_v23_test.go new file mode 100644 index 00000000..f941c512 --- /dev/null +++ b/spdx/v3/v3_0_1/convert_v23_test.go @@ -0,0 +1,336 @@ +package v3_0_1 + +import ( + "github.com/spdx/tools-golang/spdx/v2/common" + "github.com/spdx/tools-golang/spdx/v2/v2_3" +) + +func v23doc() *v2_3.Document { + return &v2_3.Document{ + SPDXVersion: v2_3.Version, + DataLicense: v2_3.DataLicense, + SPDXIdentifier: "SPDXRef-DOCUMENT", + DocumentName: "Example Software Package", + DocumentComment: "This is a sample SPDX document for testing purposes.", + CreationInfo: v23creationInfo(), + DocumentNamespace: "https://example.com/spdx/example-software-1.0.0", + ExternalDocumentReferences: []v2_3.ExternalDocumentRef{ + *v23externalDocumentRef1(), + *v23externalDocumentRef2(), + }, + Packages: []*v2_3.Package{ + v23package1(), + v23package2(), + }, + Files: []*v2_3.File{ + v23file1(), + v23file2(), + }, + OtherLicenses: []*v2_3.OtherLicense{ + v23customLicense1(), + v23customLicense2(), + }, + Annotations: []*v2_3.Annotation{ + v23annotation1(), + v23annotation2(), + }, + Snippets: []v2_3.Snippet{ + *v23snippet1(), + *v23snippet2(), + }, + Relationships: []*v2_3.Relationship{ + { + RefA: common.DocElementID{ElementRefID: "SPDXRef-DOCUMENT"}, + RefB: common.DocElementID{ElementRefID: "SPDXRef-Package-ExampleLib"}, // pkg1 + Relationship: common.TypeRelationshipDescribe, + RelationshipComment: "Document describes the main package", + }, + { + RefA: common.DocElementID{ElementRefID: "SPDXRef-Package-ExampleLib"}, + RefB: common.DocElementID{ElementRefID: "SPDXRef-Package-UtilityTools"}, + Relationship: common.TypeRelationshipDependsOn, + RelationshipComment: "Main package depends on utility tools", + }, + { + RefA: common.DocElementID{ElementRefID: "SPDXRef-Package-ExampleLib"}, + RefB: common.DocElementID{ElementRefID: "SPDXRef-File-Main"}, + Relationship: common.TypeRelationshipContains, + RelationshipComment: "Package contains main source file", + }, + }, + // Reviews are dropped + } +} + +func v23creationInfo() *v2_3.CreationInfo { + return &v2_3.CreationInfo{ + Created: "2023-01-15T10:30:00Z", + Creators: []common.Creator{ + {CreatorType: "Person", Creator: "John Doe (john@example.com)"}, + {CreatorType: "Tool", Creator: "tools-golang-v1.1.0"}, + }, + LicenseListVersion: "3.19", + CreatorComment: "Created during automated build process", + } +} + +func v23package1() *v2_3.Package { + return &v2_3.Package{ + Annotations: []v2_3.Annotation{ + *v23annotation1(), + }, + PackageName: "example-library", + PackageSPDXIdentifier: "SPDXRef-Package-ExampleLib", + PackageDescription: "This is a detailed description of the example library package.", + PackageVersion: "1.2.3", + PackageSupplier: &common.Supplier{ + Supplier: "Example Corp (support@example.com)", + SupplierType: "Organization", + }, + PackageOriginator: &common.Originator{ + Originator: "Jane Smith (jane@example.com)", + OriginatorType: "Person", + }, + PackageDownloadLocation: "https://github.com/example/library/archive/v1.2.3.tar.gz", + FilesAnalyzed: true, + Files: []*v2_3.File{ + v23file1(), + }, + IsFilesAnalyzedTagPresent: true, + PackageVerificationCode: &common.PackageVerificationCode{ + Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", + ExcludedFiles: []string{"./exclude1.txt", "./exclude2.txt"}, + }, + PackageChecksums: []common.Checksum{ + {Algorithm: common.SHA1, Value: "aabbccdd"}, + {Algorithm: common.SHA256, Value: "11223344"}, + }, + PackageHomePage: "https://example.com/library", + PackageSourceInfo: "Built from git tag v1.2.3", + PackageLicenseConcluded: "MIT", + PackageLicenseInfoFromFiles: []string{"MIT", "Apache-2.0"}, + PackageLicenseDeclared: "MIT", + PackageLicenseComments: "License determined from LICENSE file", + PackageCopyrightText: "Copyright 2023 Example Corp", + PackageSummary: "A sample library for demonstration", + PackageComment: "Package built with standard configuration", + PackageExternalReferences: []*v2_3.PackageExternalReference{ + { + Category: common.CategoryPackageManager, + RefType: common.TypePackageManagerPURL, + Locator: "pkg:npm/example-library@1.2.3", + ExternalRefComment: "NPM package reference", + }, + { + Category: common.CategoryPackageManager, + RefType: common.TypePackageManagerPURL, + Locator: "pkg:npm/example-library-main@1.2.3", + }, + { + Category: common.CategorySecurity, + RefType: common.TypeSecurityCPE23Type, + Locator: "cpe:2.3:a:example:library:1.2.3:*:*:*:*:*:*:*", + ExternalRefComment: "CPE reference for security scanning", + }, + }, + PackageAttributionTexts: []string{ + "This package includes code from Project ABC", + "Special thanks to the open source community", + }, + PrimaryPackagePurpose: "Library", // TODO constant? + ReleaseDate: "2023-01-10T00:00:00Z", + BuiltDate: "2023-01-15T08:00:00Z", + ValidUntilDate: "2025-01-10T00:00:00Z", + } +} + +func v23package2() *v2_3.Package { + return &v2_3.Package{ + PackageName: "utility-tools", + PackageSPDXIdentifier: "SPDXRef-Package-UtilityTools", + PackageVersion: "2.1.0", + PackageSupplier: &common.Supplier{ + Supplier: "Bob Johnson (bob@tools.com)", + SupplierType: "Person", + }, + PackageDownloadLocation: "https://tools.com/download/utility-tools-2.1.0.zip", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + PackageChecksums: []common.Checksum{ + {Algorithm: common.SHA256, Value: "ffaabbcc11223344"}, + }, + PackageHomePage: "https://tools.com/utility", + PackageLicenseConcluded: "Apache-2.0", + PackageLicenseDeclared: "Apache-2.0", + PackageCopyrightText: "Copyright 2023 Tools Inc", + PackageSummary: "Collection of utility tools", + PackageDescription: "A comprehensive set of utility tools for developers.", + PrimaryPackagePurpose: "Application", // TODO constant? + } +} +func v23customLicense1() *v2_3.OtherLicense { + return &v2_3.OtherLicense{ + LicenseIdentifier: "LicenseRef-CustomLicense1", + ExtractedText: "This is a custom license text for demonstration purposes.\n\nPermission is granted to use this software...", + LicenseName: "Custom Example License", + LicenseCrossReferences: []string{ + "https://example.com/licenses/custom", + }, + LicenseComment: "Custom license used for internal tools", + } +} + +func v23customLicense2() *v2_3.OtherLicense { + return &v2_3.OtherLicense{ + LicenseIdentifier: "LicenseRef-CustomLicense2", + ExtractedText: "Another custom license text with different terms.\n\nThis software may be used under the following conditions...", + LicenseName: "Another Custom License", + LicenseCrossReferences: []string{ + "https://example.com/licenses/another-custom", + "https://internal.example.com/legal/licenses", + }, + LicenseComment: "License for third-party components", + } +} + +func v23file1() *v2_3.File { + return &v2_3.File{ + FileName: "./src/other.c", + FileSPDXIdentifier: common.ElementID("SPDXRef-File-Other"), + FileTypes: []string{"FILE"}, + Checksums: []common.Checksum{ + {Algorithm: common.SHA1, Value: "da39a3ee5e6b4b0d3255bfef95601890afd80709"}, + {Algorithm: common.MD5, Value: "d41d8cd98f00b204e9800998ecf8427e"}, + }, + LicenseConcluded: "MIT", + LicenseInfoInFiles: []string{"MIT"}, + LicenseComments: "License applies to this file", + FileCopyrightText: "Copyright 2023 Example Corp", + ArtifactOfProjects: []*v2_3.ArtifactOfProject{}, + FileComment: "Other application entry point", + FileNotice: "This file contains the other function", + FileContributors: []string{"Other John Doe (john@doe.com)", "Jane Smith "}, + FileAttributionTexts: []string{ + "Based on other example code from something", + }, + //FileDependencies: nil, // skipped + Snippets: map[common.ElementID]*v2_3.Snippet{ + "SPDXRef-Snippet1": v23snippet1(), + }, + Annotations: []v2_3.Annotation{ + *v23annotation1(), + }, + FileDependencies: []string{"dep1", "dep2"}, + } +} + +func v23file2() *v2_3.File { + return &v2_3.File{ + FileName: "./include/header.h", + FileSPDXIdentifier: common.ElementID("SPDXRef-File-Header"), + Checksums: []common.Checksum{ + {Algorithm: common.SHA256, Value: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"}, + }, + LicenseConcluded: "MIT", + LicenseInfoInFiles: []string{"MIT"}, + FileCopyrightText: "Copyright 2023 Example Corp", + FileComment: "Header file with function declarations", + FileTypes: []string{"HEADER"}, + } +} + +func v23externalDocumentRef1() *v2_3.ExternalDocumentRef { + return &v2_3.ExternalDocumentRef{ + DocumentRefID: "DocumentRef-External1", + URI: "https://external.com/spdx/external-doc-1.0.0", + Checksum: common.Checksum{ + Algorithm: common.SHA1, + Value: "da39a3ee5e6b4b0d3255bfef95601890afd80709", + }, + } +} + +func v23externalDocumentRef2() *v2_3.ExternalDocumentRef { + return &v2_3.ExternalDocumentRef{ + DocumentRefID: "DocumentRef-External2", + URI: "https://external2.com/spdx/external-doc-2.0.0", + Checksum: common.Checksum{ + Algorithm: common.SHA256, + Value: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + }, + } +} + +func v23annotation1() *v2_3.Annotation { + return &v2_3.Annotation{ + Annotator: common.Annotator{ + Annotator: "Person: Security Team (security@example.com)", + AnnotatorType: "Person", + }, + AnnotationType: "REVIEW", + AnnotationSPDXIdentifier: common.DocElementID{ElementRefID: "SPDXRef-Package-ExampleLib"}, + AnnotationDate: "2023-01-20T14:30:00Z", + AnnotationComment: "Security review completed - no vulnerabilities found", + } +} + +func v23annotation2() *v2_3.Annotation { + return &v2_3.Annotation{ + Annotator: common.Annotator{ + Annotator: "Tool: vulnerability-scanner-v1.5", + AnnotatorType: "Tool", + }, + AnnotationType: "OTHER", + AnnotationSPDXIdentifier: common.DocElementID{ElementRefID: "SPDXRef-Package-UtilityTools"}, + AnnotationDate: "2023-01-21T09:15:00Z", + AnnotationComment: "Automated scan completed - clean", + } +} + +func v23snippet1() *v2_3.Snippet { + return &v2_3.Snippet{ + SnippetSPDXIdentifier: common.ElementID("SPDXRef-Snippet1"), + SnippetFromFileSPDXIdentifier: common.ElementID("SPDXRef-File-Main"), + Ranges: []common.SnippetRange{ + { + StartPointer: common.SnippetRangePointer{ + Offset: 100, + LineNumber: 10, + }, + EndPointer: common.SnippetRangePointer{ + Offset: 200, + LineNumber: 15, + }, + }, + }, + SnippetLicenseConcluded: "MIT", + LicenseInfoInSnippet: []string{"MIT"}, + SnippetLicenseComments: "License applies to this code snippet", + SnippetCopyrightText: "Copyright 2023 Example Corp", + SnippetComment: "Key algorithm implementation", + SnippetName: "Core Algorithm", + SnippetAttributionTexts: []string{"Algorithm based on research paper XYZ"}, + } +} + +func v23snippet2() *v2_3.Snippet { + return &v2_3.Snippet{ + SnippetSPDXIdentifier: common.ElementID("SPDXRef-Snippet2"), + SnippetFromFileSPDXIdentifier: common.ElementID("SPDXRef-File-Header"), + Ranges: []common.SnippetRange{ + { + StartPointer: common.SnippetRangePointer{Offset: 50}, + EndPointer: common.SnippetRangePointer{Offset: 150}, + }, + { + StartPointer: common.SnippetRangePointer{LineNumber: 5}, + EndPointer: common.SnippetRangePointer{LineNumber: 8}, + }, + }, + SnippetLicenseConcluded: "MIT", + LicenseInfoInSnippet: []string{"MIT"}, + SnippetCopyrightText: "Copyright 2023 Example Corp", + SnippetComment: "Function declarations", + SnippetName: "API Declarations", + } +} diff --git a/spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java b/spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java new file mode 100644 index 00000000..eb50d343 --- /dev/null +++ b/spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java @@ -0,0 +1,1128 @@ +/** + * SPDX-FileCopyrightText: Copyright (c) 2024 Source Auditor Inc. + * SPDX-FileType: SOURCE + * SPDX-License-Identifier: Apache-2.0 + *

+ * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + *

+ * http://www.apache.org/licenses/LICENSE-2.0 + *

+ * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.spdx.library.conversion; + +import java.util.*; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import java.util.stream.Collectors; + +import javax.annotation.Nullable; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.spdx.core.IModelCopyManager; +import org.spdx.core.InvalidSPDXAnalysisException; +import org.spdx.library.ListedLicenses; +import org.spdx.library.model.v2.SpdxConstantsCompatV2; +import org.spdx.library.model.v2.SpdxCreatorInformation; +import org.spdx.library.model.v2.pointer.ByteOffsetPointer; +import org.spdx.library.model.v2.pointer.LineCharPointer; +import org.spdx.library.model.v2.pointer.StartEndPointer; +import org.spdx.library.model.v3_0_1.ModelObjectV3; +import org.spdx.library.model.v3_0_1.SpdxConstantsV3; +import org.spdx.library.model.v3_0_1.SpdxModelClassFactoryV3; +import org.spdx.library.model.v3_0_1.core.Agent; +import org.spdx.library.model.v3_0_1.core.Annotation; +import org.spdx.library.model.v3_0_1.core.AnnotationType; +import org.spdx.library.model.v3_0_1.core.CreationInfo; +import org.spdx.library.model.v3_0_1.core.Element; +import org.spdx.library.model.v3_0_1.core.ExternalElement; +import org.spdx.library.model.v3_0_1.core.ExternalIdentifier; +import org.spdx.library.model.v3_0_1.core.ExternalIdentifierType; +import org.spdx.library.model.v3_0_1.core.ExternalMap; +import org.spdx.library.model.v3_0_1.core.ExternalRefType; +import org.spdx.library.model.v3_0_1.core.Hash; +import org.spdx.library.model.v3_0_1.core.HashAlgorithm; +import org.spdx.library.model.v3_0_1.core.IntegrityMethod; +import org.spdx.library.model.v3_0_1.core.LifecycleScopeType; +import org.spdx.library.model.v3_0_1.core.LifecycleScopedRelationship; +import org.spdx.library.model.v3_0_1.core.NamespaceMap; +import org.spdx.library.model.v3_0_1.core.NoAssertionElement; +import org.spdx.library.model.v3_0_1.core.NoneElement; +import org.spdx.library.model.v3_0_1.core.Organization; +import org.spdx.library.model.v3_0_1.core.PackageVerificationCode; +import org.spdx.library.model.v3_0_1.core.Person; +import org.spdx.library.model.v3_0_1.core.Relationship; +import org.spdx.library.model.v3_0_1.core.RelationshipCompleteness; +import org.spdx.library.model.v3_0_1.core.RelationshipType; +import org.spdx.library.model.v3_0_1.core.SpdxDocument; +import org.spdx.library.model.v3_0_1.core.Tool; +import org.spdx.library.model.v3_0_1.expandedlicensing.ConjunctiveLicenseSet; +import org.spdx.library.model.v3_0_1.expandedlicensing.CustomLicense; +import org.spdx.library.model.v3_0_1.expandedlicensing.CustomLicenseAddition; +import org.spdx.library.model.v3_0_1.expandedlicensing.DisjunctiveLicenseSet; +import org.spdx.library.model.v3_0_1.expandedlicensing.ExtendableLicense; +import org.spdx.library.model.v3_0_1.expandedlicensing.ExternalCustomLicense; +import org.spdx.library.model.v3_0_1.expandedlicensing.License; +import org.spdx.library.model.v3_0_1.expandedlicensing.LicenseAddition; +import org.spdx.library.model.v3_0_1.expandedlicensing.ListedLicense; +import org.spdx.library.model.v3_0_1.expandedlicensing.ListedLicenseException; +import org.spdx.library.model.v3_0_1.expandedlicensing.NoAssertionLicense; +import org.spdx.library.model.v3_0_1.expandedlicensing.NoneLicense; +import org.spdx.library.model.v3_0_1.expandedlicensing.OrLaterOperator; +import org.spdx.library.model.v3_0_1.expandedlicensing.WithAdditionOperator; +import org.spdx.library.model.v3_0_1.simplelicensing.AnyLicenseInfo; +import org.spdx.library.model.v3_0_1.simplelicensing.LicenseExpression; +import org.spdx.library.model.v3_0_1.software.ContentIdentifierType; +import org.spdx.library.model.v3_0_1.software.Snippet; +import org.spdx.library.model.v3_0_1.software.SoftwareArtifact; +import org.spdx.library.model.v3_0_1.software.SoftwarePurpose; +import org.spdx.library.model.v3_0_1.software.SpdxFile; +import org.spdx.library.model.v3_0_1.software.SpdxPackage; +import org.spdx.storage.IModelStore; +import org.spdx.storage.IModelStore.IdType; +import org.spdx.storage.listedlicense.SpdxListedLicenseModelStore; + +/** + * Converts SPDX spec version 2.X objects to SPDX spec version 3.X and stores the result in the + * toModelStore + * + * @author Gary O'Neall + */ +@SuppressWarnings({"OptionalGetWithoutIsPresent", "LoggingSimilarMessage"}) +public class Spdx2to3Converter implements ISpdxConverter { + + static final Logger logger = LoggerFactory.getLogger(Spdx2to3Converter.class); + + static final Pattern SPDX_2_CREATOR_PATTERN = Pattern.compile("(Person|Organization):\\s*([^(]+)\\s*(\\(([^)]*)\\))?"); + + public static final Map RELATIONSHIP_TYPE_MAP; + + public static final Map LIFECYCLE_SCOPE_MAP; + + public static final Set SWAP_TO_FROM_REL_TYPES; + + public static final Map ANNOTATION_TYPE_MAP; + + public static final Map HASH_ALGORITH_MAP; + + public static final Map CONTENT_IDENTIFIER_TYPE_MAP; + + public static final Map EXTERNAL_IDENTIFIER_TYPE_MAP; + + public static final Map EXTERNAL_REF_TYPE_MAP; + + public static final Map PURPOSE_MAP; + + static { + } + + String toSpecVersion; + IModelStore toModelStore; + Map alreadyConverted = Collections.synchronizedMap(new HashMap<>()); + CreationInfo defaultCreationInfo; + String defaultUriPrefix; + /** + * Map of the documentUri to information captured from the ExternalDocumentRef from the document + */ + Map, ExternalMapInfo>> docUriToExternalMap = Collections.synchronizedMap(new HashMap<>()); + + private final IModelCopyManager copyManager; + + private int documentIndex = 0; + + private final boolean complexLicenses; + + /** + * @param fromObjectUri object URI of the SPDX object copied from + * @return true if the SPDX object has already been copied + */ + public boolean alreadyCopied(String fromObjectUri) { + return this.alreadyConverted.containsKey(fromObjectUri); + } + + /** + * @param spdx2CreatorInfo SPDX 2 creation information + * @param spdx3CreationInfo SPDX 3 creation information + * @return true of the values of the SPDX 2 creation information are equivalent to the SPDX 3 creation information + * @throws InvalidSPDXAnalysisException on error fetching model data + */ + private boolean equivalentCreationInfo(SpdxCreatorInformation spdx2CreatorInfo, + CreationInfo spdx3CreationInfo) throws InvalidSPDXAnalysisException { + } + + /** + * Coy all element properties from the SPDX spec version 2 element to the SPDX version 3 element + * @param fromElement SPDX spec version 2 SpdxElement + * @param toElement SPDX spec version 3 element + * @throws InvalidSPDXAnalysisException on any errors converting element properties + */ + private void convertElementProperties(org.spdx.library.model.v2.SpdxElement fromElement, Element toElement) throws InvalidSPDXAnalysisException { + toElement.setCreationInfo(defaultCreationInfo); + for (org.spdx.library.model.v2.Annotation fromAnnotation:fromElement.getAnnotations()) { + convertAndStore(fromAnnotation, toElement); + } + toElement.setComment(fromElement.getComment().orElse(null)); + toElement.setName(fromElement.getName().orElse(null)); + for (org.spdx.library.model.v2.Relationship fromRelationship:fromElement.getRelationships()) { + convertAndStore(fromRelationship, toElement); + } + } + + /** + * @param fromObjectUri Object URI of the SPDX spec version 2 object being converted from + * @param toType SPDX spec version 3 type + * @return optional of the existing object - if it exists + * @throws InvalidSPDXAnalysisException if there is an error creating the existing model object + */ + protected Optional getExistingObject(String fromObjectUri, String toType) throws InvalidSPDXAnalysisException { + String toObjectUri = alreadyConverted.get(fromObjectUri); + if (Objects.isNull(toObjectUri)) { + return Optional.empty(); + } else { + return Optional.of(SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, toType, copyManager, false, defaultUriPrefix)); + } + } + + /** + * Converts an SPDX spec version 2 relationship to an SPDX spec version 3 relationship + * @param fromRelationship relationship to convert from + * @param containingElement Element which contains the property referring to the fromRelationship + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public Relationship convertAndStore(org.spdx.library.model.v2.Relationship fromRelationship, + Element containingElement) throws InvalidSPDXAnalysisException { + org.spdx.library.model.v2.enumerations.RelationshipType fromRelationshipType = fromRelationship.getRelationshipType(); + LifecycleScopeType scope = LIFECYCLE_SCOPE_MAP.get(fromRelationshipType); + String fromUri = fromRelationship.getObjectUri(); + String relationshipType = Objects.isNull(scope) ? SpdxConstantsV3.CORE_RELATIONSHIP : SpdxConstantsV3.CORE_LIFECYCLE_SCOPED_RELATIONSHIP; + Optional existing = getExistingObject(fromUri, + relationshipType); + if (existing.isPresent()) { + return (Relationship)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String exitingUri = alreadyConverted.putIfAbsent(fromUri, toObjectUri); + if (Objects.nonNull(exitingUri)) { + return (Relationship)getExistingObject(fromUri, + relationshipType).get(); + } + Relationship toRelationship; + if (Objects.isNull(scope)) { + toRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); + } else { + toRelationship = (LifecycleScopedRelationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.CORE_LIFECYCLE_SCOPED_RELATIONSHIP, copyManager, true, defaultUriPrefix); + } + toRelationship.setCreationInfo(defaultCreationInfo); + toRelationship.setRelationshipType(RELATIONSHIP_TYPE_MAP.get(fromRelationshipType)); + if (SWAP_TO_FROM_REL_TYPES.contains(fromRelationshipType)) { + toRelationship.getTos().add(containingElement); + } else { + toRelationship.setFrom(containingElement); + } + toRelationship.setFrom(containingElement); + toRelationship.setComment(fromRelationship.getComment().orElse(null)); + Optional relatedSpdxElement = fromRelationship.getRelatedSpdxElement(); + RelationshipCompleteness completeness = RelationshipCompleteness.NO_ASSERTION; + if (relatedSpdxElement.isPresent() && relatedSpdxElement.get() instanceof org.spdx.library.model.v2.SpdxNoneElement) { + completeness = RelationshipCompleteness.COMPLETE; + } + toRelationship.setCompleteness(completeness); + if (relatedSpdxElement.isPresent() && + !((relatedSpdxElement.get() instanceof org.spdx.library.model.v2.SpdxNoneElement) || + (relatedSpdxElement.get() instanceof org.spdx.library.model.v2.SpdxNoAssertionElement))) { + if (SWAP_TO_FROM_REL_TYPES.contains(fromRelationshipType)) { + toRelationship.setFrom(convertAndStore(relatedSpdxElement.get())); + } else { + toRelationship.getTos().add(convertAndStore(relatedSpdxElement.get())); + } + } + if (Objects.nonNull(scope)) { + ((LifecycleScopedRelationship)toRelationship).setScope(scope); + } + toRelationship.setCreationInfo(defaultCreationInfo); + return toRelationship; + } + + /** + * Converts an SPDX spec version 2 annotation to an SPDX spec version 3 annotation + * @param fromAnnotation annotation to convert from + * @param toElement Element which contains the property referring to the fromAnnotation + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public Annotation convertAndStore(org.spdx.library.model.v2.Annotation fromAnnotation, Element toElement) throws InvalidSPDXAnalysisException { + String fromUri = fromAnnotation.getObjectUri(); + Optional existing = getExistingObject(fromUri, SpdxConstantsV3.CORE_ANNOTATION); + if (existing.isPresent()) { + return (Annotation)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String exitingUri = alreadyConverted.putIfAbsent(fromUri, toObjectUri); + if (Objects.nonNull(exitingUri)) { + return (Annotation)getExistingObject(fromUri, SpdxConstantsV3.CORE_ANNOTATION).get(); + } + Annotation toAnnotation = (Annotation)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.CORE_ANNOTATION, copyManager, true, defaultUriPrefix); + + toAnnotation.setAnnotationType(ANNOTATION_TYPE_MAP.get(fromAnnotation.getAnnotationType())); + toAnnotation.setStatement(fromAnnotation.getComment()); + toAnnotation.setSubject(toElement); + CreationInfo creationInfo = new CreationInfo.CreationInfoBuilder(toModelStore, toModelStore.getNextId(IdType.Anonymous), null) + .setCreated(fromAnnotation.getAnnotationDate()) + .setSpecVersion(SpdxConstantsV3.MODEL_SPEC_VERSION) + .addAllCreatedUsing(defaultCreationInfo.getCreatedUsings()) + .build(); + creationInfo.setIdPrefix(defaultUriPrefix); + creationInfo.getCreatedBys().add(stringToAgent(fromAnnotation.getAnnotator(), creationInfo)); + toAnnotation.setCreationInfo(creationInfo); + return toAnnotation; + } + + /** + * Converts an SPDX spec version 2 SPDX document to an SPDX spec version 3 SPDX document and store the result + * in the toStore + * @param fromDoc SPDX spec version 2 document to convert from + * @return SPDX spec version 3 document converted from the version 2 document + * @throws InvalidSPDXAnalysisException on any errors converting the SPDX document + */ + public SpdxDocument convertAndStore(org.spdx.library.model.v2.SpdxDocument fromDoc) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromDoc.getObjectUri(), SpdxConstantsV3.CORE_SPDX_DOCUMENT); + if (existing.isPresent()) { + return (SpdxDocument)existing.get(); + } + String toObjectUri = defaultUriPrefix + "document" + documentIndex++; + String existingUri = this.alreadyConverted.putIfAbsent(fromDoc.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (SpdxDocument)getExistingObject(fromDoc.getObjectUri(), SpdxConstantsV3.CORE_SPDX_DOCUMENT).get(); + } + SpdxDocument toDoc = (SpdxDocument)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.CORE_SPDX_DOCUMENT, copyManager, true, defaultUriPrefix); + // NOTE: We have to add the external doc refs first so that the ExternalMap will be properly populated + for (org.spdx.library.model.v2.ExternalDocumentRef externalDocRef:fromDoc.getExternalDocumentRefs()) { + toDoc.getNamespaceMaps().add(convertAndStore(externalDocRef, toDoc.getSpdxImports())); + } + convertElementProperties(fromDoc, toDoc); + if (!equivalentCreationInfo(Objects.requireNonNull(fromDoc.getCreationInfo()), defaultCreationInfo)) { + toDoc.setCreationInfo(convertCreationInfo(fromDoc.getCreationInfo(), this.toModelStore, this.defaultUriPrefix)); + } + toDoc.setDataLicense(convertAndStore(fromDoc.getDataLicense())); + toDoc.getRootElements().addAll(fromDoc.getDocumentDescribes().stream().map(spdxElement -> { + try { + return convertAndStore(spdxElement); + } catch (InvalidSPDXAnalysisException e) { + logger.error("Error converting SPDX elements from spec version 2 to spec version 3", e); + throw new RuntimeException(e); + } + } + ).collect(Collectors.toList())); + for (org.spdx.library.model.v2.license.ExtractedLicenseInfo extractedLicense:fromDoc.getExtractedLicenseInfos()) { + convertAndStore(extractedLicense); + } + return toDoc; + } + + /** + * Converts the externalDocRef to a NamespaceMap and store the NamespaceMap. + * The document information is also retained in the externalDocRefMap such that any subsequent + * references to the external documents can be captured in the ExternalMap for the document + * @param externalDocRef SPDX Model V2 external document reference + * @param docImports SPDX document imports to track any added external references + * @return the namespace map correlating the documentRef ID to the document URI + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public NamespaceMap convertAndStore(org.spdx.library.model.v2.ExternalDocumentRef externalDocRef, + Collection docImports) throws InvalidSPDXAnalysisException { + // Add information to the docUriToExternalMap - this will be used if we run across any references + // to the external document namespaces + Optional docChecksum = externalDocRef.getChecksum(); + Optional externalDocumentHash = docChecksum.isPresent() ? Optional.of(convertAndStore(docChecksum.get())) : Optional.empty(); + docUriToExternalMap.putIfAbsent(externalDocRef.getSpdxDocumentNamespace(), Collections.synchronizedMap(new HashMap<>())); + Map, ExternalMapInfo> externalMapInfoMap = docUriToExternalMap.get(externalDocRef.getSpdxDocumentNamespace()); + externalMapInfoMap.put(docImports, new ExternalMapInfo(externalDocRef.getId(), externalDocRef.getSpdxDocumentNamespace(), + externalDocumentHash, docImports)); + Optional existing = getExistingObject(externalDocRef.getObjectUri(), SpdxConstantsV3.CORE_NAMESPACE_MAP); + if (existing.isPresent()) { + return (NamespaceMap)existing.get(); + } + String toObjectUri = toModelStore.getNextId(IdType.Anonymous); + String existingUri = this.alreadyConverted.putIfAbsent(externalDocRef.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (NamespaceMap)getExistingObject(externalDocRef.getObjectUri(), SpdxConstantsV3.CORE_NAMESPACE_MAP).get(); + } + NamespaceMap toNamespaceMap = (NamespaceMap)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.CORE_NAMESPACE_MAP, copyManager, true, defaultUriPrefix); + toNamespaceMap.setPrefix(externalDocRef.getId()); + toNamespaceMap.setNamespace(externalDocRef.getSpdxDocumentNamespace() + "#"); + return toNamespaceMap; + } + + /** + * Converts an SPDX spec version 2 SPDX ConjunctiveLicenseSet to an SPDX spec version 3 SPDX ConjunctiveLicenseSet and store the result + * in the toStore + * @param fromConjunctiveLicenseSet an SPDX spec version 2 ConjunctiveLicenseSet to convert from + * @return an SPDX spec version 3 ConjunctiveLicenseSet + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public ConjunctiveLicenseSet convertAndStore(org.spdx.library.model.v2.license.ConjunctiveLicenseSet fromConjunctiveLicenseSet) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromConjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CONJUNCTIVE_LICENSE_SET); + if (existing.isPresent()) { + return (ConjunctiveLicenseSet)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromConjunctiveLicenseSet.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (ConjunctiveLicenseSet)getExistingObject(fromConjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CONJUNCTIVE_LICENSE_SET).get(); + } + ConjunctiveLicenseSet toConjunctiveLicenseSet = (ConjunctiveLicenseSet)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_CONJUNCTIVE_LICENSE_SET, copyManager, true, defaultUriPrefix); + for (org.spdx.library.model.v2.license.AnyLicenseInfo fromMember:fromConjunctiveLicenseSet.getMembers()) { + toConjunctiveLicenseSet.getMembers().add(convertAndStore(fromMember)); + } + toConjunctiveLicenseSet.setCreationInfo(defaultCreationInfo); + return toConjunctiveLicenseSet; + } + + /** + * Converts an SPDX spec version 2 SPDX DisjunctiveLicenseSet to an SPDX spec version 3 SPDX DisjunctiveLicenseSet and store the result + * in the toStore + * @param fromDisjunctiveLicenseSet an SPDX spec version 2 DisjunctiveLicenseSet to convert from + * @return an SPDX spec version 3 DisjunctiveLicenseSet + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public DisjunctiveLicenseSet convertAndStore(org.spdx.library.model.v2.license.DisjunctiveLicenseSet fromDisjunctiveLicenseSet) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromDisjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_DISJUNCTIVE_LICENSE_SET); + if (existing.isPresent()) { + return (DisjunctiveLicenseSet)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromDisjunctiveLicenseSet.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (DisjunctiveLicenseSet)getExistingObject(fromDisjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_DISJUNCTIVE_LICENSE_SET).get(); + } + DisjunctiveLicenseSet toDisjunctiveLicenseSet = (DisjunctiveLicenseSet)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_DISJUNCTIVE_LICENSE_SET, copyManager, true, defaultUriPrefix); + for (org.spdx.library.model.v2.license.AnyLicenseInfo fromMember:fromDisjunctiveLicenseSet.getMembers()) { + toDisjunctiveLicenseSet.getMembers().add(convertAndStore(fromMember)); + } + toDisjunctiveLicenseSet.setCreationInfo(defaultCreationInfo); + return toDisjunctiveLicenseSet; + } + + /** + * Converts an SPDX spec version 2 SPDX ExtractedLicenseInfo to an SPDX spec version 3 SPDX CustomLicense and store the result + * in the toStore + * @param fromExtractedLicenseInfo an SPDX spec version 2 ExtractedLicenseInfo to convert from + * @return an SPDX spec version 3 CustomLicense + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public CustomLicense convertAndStore(org.spdx.library.model.v2.license.ExtractedLicenseInfo fromExtractedLicenseInfo) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromExtractedLicenseInfo.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE); + if (existing.isPresent()) { + return (CustomLicense)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromExtractedLicenseInfo.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (CustomLicense)getExistingObject(fromExtractedLicenseInfo.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE).get(); + } + CustomLicense toCustomLicense = (CustomLicense)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE, copyManager, true, defaultUriPrefix); + toCustomLicense.setCreationInfo(defaultCreationInfo); + toCustomLicense.setLicenseText(fromExtractedLicenseInfo.getExtractedText()); + toCustomLicense.setName(fromExtractedLicenseInfo.getName()); + toCustomLicense.getSeeAlsos().addAll(fromExtractedLicenseInfo.getSeeAlso()); + toCustomLicense.setComment(fromExtractedLicenseInfo.getComment()); + return toCustomLicense; + } + + /** + * Converts an SPDX spec version 2 SPDX OrLaterOperator to an SPDX spec version 3 SPDX OrLaterOperator and store the result + * in the toStore + * @param fromOrLaterOperator an SPDX spec version 2 OrLaterOperator to convert from + * @return an SPDX spec version 3 OrLaterOperator + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public OrLaterOperator convertAndStore(org.spdx.library.model.v2.license.OrLaterOperator fromOrLaterOperator) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromOrLaterOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_OR_LATER_OPERATOR); + if (existing.isPresent()) { + return (OrLaterOperator)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromOrLaterOperator.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (OrLaterOperator)getExistingObject(fromOrLaterOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_OR_LATER_OPERATOR).get(); + } + OrLaterOperator toOrLaterOperator = (OrLaterOperator)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_OR_LATER_OPERATOR, copyManager, true, defaultUriPrefix); + toOrLaterOperator.setCreationInfo(defaultCreationInfo); + toOrLaterOperator.setSubjectLicense((License)convertAndStore(fromOrLaterOperator.getLicense())); + return toOrLaterOperator; + } + + /** + * Converts an SPDX spec version 2 SPDX SpdxListedLicense to an SPDX spec version 3 SPDX ListedLicense and store the result + * in the toStore + * @param fromSpdxListedLicense an SPDX spec version 2 SpdxListedLicense to convert from + * @return an SPDX spec version 3 ListedLicense + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public ListedLicense convertAndStore(org.spdx.library.model.v2.license.SpdxListedLicense fromSpdxListedLicense) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromSpdxListedLicense.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE); + if (existing.isPresent()) { + return (ListedLicense)existing.get(); + } + String existingUri = this.alreadyConverted.putIfAbsent(fromSpdxListedLicense.getObjectUri(), fromSpdxListedLicense.getObjectUri()); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (ListedLicense)getExistingObject(fromSpdxListedLicense.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE).get(); + } + String licenseId = SpdxListedLicenseModelStore.objectUriToLicenseOrExceptionId(fromSpdxListedLicense.getObjectUri()); + if (ListedLicenses.getListedLicenses().isSpdxListedLicenseId(licenseId)) { + ListedLicense retval = ListedLicenses.getListedLicenses().getListedLicenseById(licenseId); + if (complexLicenses) { + copyManager.copy(toModelStore, fromSpdxListedLicense.getObjectUri(), retval.getModelStore(), + fromSpdxListedLicense.getObjectUri(), toSpecVersion, null); + } + return retval; + } + ListedLicense toListedLicense = (ListedLicense)SpdxModelClassFactoryV3.getModelObject(toModelStore, + fromSpdxListedLicense.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE, copyManager, true, defaultUriPrefix); + toListedLicense.setCreationInfo(defaultCreationInfo); + toListedLicense.setComment(fromSpdxListedLicense.getComment()); + // fromSpdxListedLicense.getCrossRef()) - no equivalent in SPDX version 3.X + toListedLicense.setDeprecatedVersion(fromSpdxListedLicense.getDeprecatedVersion()); + toListedLicense.setIsFsfLibre(fromSpdxListedLicense.getFsfLibre()); + // fromSpdxListedLicense.getLicenseHeaderHtml(); - no equivalent in SPDX version 3.X + toListedLicense.setLicenseText(fromSpdxListedLicense.getLicenseText()); + // fromSpdxListedLicense.getLicenseTextHtml(); - no equivalent in SPDX version 3.X + toListedLicense.setName(fromSpdxListedLicense.getName()); + toListedLicense.getSeeAlsos().addAll(fromSpdxListedLicense.getSeeAlso()); + toListedLicense.setStandardLicenseHeader(fromSpdxListedLicense.getStandardLicenseHeader()); + // fromSpdxListedLicense.getStandardLicenseHeaderTemplate(); - no equivalent in SPDX version 3.X + toListedLicense.setStandardLicenseTemplate(fromSpdxListedLicense.getStandardLicenseTemplate()); + toListedLicense.setIsDeprecatedLicenseId(fromSpdxListedLicense.isDeprecated()); + toListedLicense.setIsOsiApproved(fromSpdxListedLicense.isOsiApproved()); + return toListedLicense; + } + + /** + * Converts an SPDX spec version 2 SPDX WithExceptionOperator to an SPDX spec version 3 SPDX WithAdditionOperator and store the result + * in the toStore + * @param fromWithExceptionOperator an SPDX spec version 2 WithExceptionOperator to convert from + * @return an SPDX spec version 3 WithAdditionOperator + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public WithAdditionOperator convertAndStore(org.spdx.library.model.v2.license.WithExceptionOperator fromWithExceptionOperator) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromWithExceptionOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_WITH_ADDITION_OPERATOR); + if (existing.isPresent()) { + return (WithAdditionOperator)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromWithExceptionOperator.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (WithAdditionOperator)getExistingObject(fromWithExceptionOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_WITH_ADDITION_OPERATOR).get(); + } + WithAdditionOperator toWithAdditionOperator = (WithAdditionOperator)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_WITH_ADDITION_OPERATOR, copyManager, true, defaultUriPrefix); + toWithAdditionOperator.setCreationInfo(defaultCreationInfo); + toWithAdditionOperator.setSubjectAddition(convertAndStore(fromWithExceptionOperator.getException())); + toWithAdditionOperator.setSubjectExtendableLicense((ExtendableLicense)convertAndStore(fromWithExceptionOperator.getLicense())); + return toWithAdditionOperator; + } + + + /** + * Converts an SPDX spec version 2 SPDX LicenseException to an SPDX spec version 3 LicenseAddition and store the result + * in the toStore + * @param fromException an SPDX spec version 2 LicenseException to convert from + * @return an SPDX spec version 3 LicenseAddition + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public LicenseAddition convertAndStore(org.spdx.library.model.v2.license.LicenseException fromException) throws InvalidSPDXAnalysisException { + if (fromException instanceof org.spdx.library.model.v2.license.ListedLicenseException) { + return convertAndStore((org.spdx.library.model.v2.license.ListedLicenseException)fromException); + } + Optional existing = getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE_ADDITION); + if (existing.isPresent()) { + return (CustomLicenseAddition)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromException.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (CustomLicenseAddition)getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE_ADDITION).get(); + } + CustomLicenseAddition toCustomAddition = (CustomLicenseAddition)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE_ADDITION, copyManager, true, defaultUriPrefix); + convertLicenseAdditionProperties(fromException, toCustomAddition); + return toCustomAddition; + } + + /** + * Convert and add properties from the fromException to the toAddition + * @param fromException SPDX spec version 2 LicenseException to copy properties from + * @param toAddition SPDX spec version 3 LicenseAddition to copy properties to + * @throws InvalidSPDXAnalysisException on any errors converting + */ + private void convertLicenseAdditionProperties( + org.spdx.library.model.v2.license.LicenseException fromException, + LicenseAddition toAddition) throws InvalidSPDXAnalysisException { + toAddition.setCreationInfo(defaultCreationInfo); + toAddition.setAdditionText(fromException.getLicenseExceptionText()); + toAddition.setComment(fromException.getComment()); + toAddition.setName(fromException.getName()); + toAddition.setStandardAdditionTemplate(fromException.getLicenseExceptionTemplate()); + toAddition.getSeeAlsos().addAll(fromException.getSeeAlso()); + } + + /** + * Converts an SPDX spec version 2 SPDX ListedLicenseException to an SPDX spec version 3 ListedLicenseAddition and store the result + * in the toStore + * @param fromException an SPDX spec version 2 ListedLicenseException to convert from + * @return an SPDX spec version 3 ListedLicenseException + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public ListedLicenseException convertAndStore(org.spdx.library.model.v2.license.ListedLicenseException fromException) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE_EXCEPTION); + if (existing.isPresent()) { + return (ListedLicenseException)existing.get(); + } + String existingUri = this.alreadyConverted.putIfAbsent(fromException.getObjectUri(), fromException.getObjectUri()); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (ListedLicenseException)getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE_EXCEPTION).get(); + } + String exceptionId = SpdxListedLicenseModelStore.objectUriToLicenseOrExceptionId(fromException.getObjectUri()); + if (ListedLicenses.getListedLicenses().isSpdxListedExceptionId(exceptionId)) { + ListedLicenseException retval = ListedLicenses.getListedLicenses().getListedExceptionById(exceptionId); + if (complexLicenses) { + copyManager.copy(toModelStore, fromException.getObjectUri(), retval.getModelStore(), + fromException.getObjectUri(), toSpecVersion, null); + } + return retval; + } + ListedLicenseException toListedException = (ListedLicenseException)SpdxModelClassFactoryV3.getModelObject(toModelStore, + fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE_EXCEPTION, copyManager, true, defaultUriPrefix); + convertLicenseAdditionProperties(fromException, toListedException); + toListedException.setDeprecatedVersion(fromException.getDeprecatedVersion()); + toListedException.setIsDeprecatedAdditionId(fromException.isDeprecated()); + // fromException.getExample(); - no SPDX spec version 3 equivalent + // fromException.getExceptionTextHtml(); - no SPDX spec version 3 equivalent + return toListedException; + } + + /** + * Converts an SPDX spec version 2 SPDX AnyLicenseInfo to an SPDX spec version 3 LicenseExpression + * @param fromLicense an SPDX spec version 2 AnyLicenseInfo + * @return an SPDX spec version 3 LicenseExpression + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public LicenseExpression convertToLicenseExpression(org.spdx.library.model.v2.license.AnyLicenseInfo fromLicense) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromLicense.getObjectUri(), SpdxConstantsV3.SIMPLE_LICENSING_LICENSE_EXPRESSION); + if (existing.isPresent()) { + return (LicenseExpression)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromLicense.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (LicenseExpression)getExistingObject(fromLicense.getObjectUri(), SpdxConstantsV3.SIMPLE_LICENSING_LICENSE_EXPRESSION).get(); + } + LicenseExpression licenseExpression = (LicenseExpression)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.SIMPLE_LICENSING_LICENSE_EXPRESSION, copyManager, true, defaultUriPrefix); + licenseExpression.setCreationInfo(defaultCreationInfo); + String expression = fromLicense.toString(); + licenseExpression.setLicenseExpression(expression); + StringTokenizer tokenizer = new StringTokenizer(expression, "() "); + while (tokenizer.hasMoreTokens()) { + String token = tokenizer.nextToken().trim(); + if (token.startsWith(SpdxConstantsCompatV2.NON_STD_LICENSE_ID_PRENUM)) { + licenseExpression.getCustomIdToUris().add(licenseExpression.createDictionaryEntry(toModelStore.getNextId(IdType.Anonymous)) + .setKey(token) + .setValue(defaultUriPrefix + token) + .build()); + } + } + return licenseExpression; + } + + /** + * Converts an SPDX spec version 2 SPDX AnyLicenseInfo to an SPDX spec version 3 SPDX AnyLicenseInfo and store the result + * @param fromLicense an SPDX spec version 2 AnyLicenseInfo + * @return an SPDX spec version 3 AnyLicenseInfo + * @throws InvalidSPDXAnalysisException on any errors converting + */ + public AnyLicenseInfo convertAndStore(org.spdx.library.model.v2.license.AnyLicenseInfo fromLicense) throws InvalidSPDXAnalysisException { + if (!complexLicenses) { + return convertToLicenseExpression(fromLicense); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.ConjunctiveLicenseSet) { + return convertAndStore((org.spdx.library.model.v2.license.ConjunctiveLicenseSet)fromLicense); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.DisjunctiveLicenseSet) { + return convertAndStore((org.spdx.library.model.v2.license.DisjunctiveLicenseSet)fromLicense); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.ExternalExtractedLicenseInfo) { + String externalUri = ((org.spdx.library.model.v2.license.ExternalExtractedLicenseInfo)fromLicense).getIndividualURI(); + logger.warn("Referencing an external SPDX 2 element with URI {} while converting from SPDX 2 to 3", externalUri); + addExternalMapInfo(externalUri); + return new ExternalCustomLicense(externalUri); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.ExtractedLicenseInfo) { + return convertAndStore((org.spdx.library.model.v2.license.ExtractedLicenseInfo)fromLicense); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.OrLaterOperator) { + return convertAndStore((org.spdx.library.model.v2.license.OrLaterOperator)fromLicense); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.SpdxListedLicense) { + return convertAndStore((org.spdx.library.model.v2.license.SpdxListedLicense)fromLicense); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.SpdxNoneLicense) { + return new NoneLicense(); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.SpdxNoAssertionLicense) { + return new NoAssertionLicense(); + } else if (fromLicense instanceof org.spdx.library.model.v2.license.WithExceptionOperator) { + return convertAndStore((org.spdx.library.model.v2.license.WithExceptionOperator)fromLicense); + } else { + throw new InvalidSPDXAnalysisException("Can not convert the from AnyLicenseInfo type "+fromLicense.getType()); + } + } + + /** + * Converts the Element and stores all properties in the toStore + * @param fromElement element to convert from + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public Element convertAndStore(org.spdx.library.model.v2.SpdxElement fromElement) throws InvalidSPDXAnalysisException { + if (fromElement instanceof org.spdx.library.model.v2.SpdxFile) { + return convertAndStore((org.spdx.library.model.v2.SpdxFile)fromElement); + } else if (fromElement instanceof org.spdx.library.model.v2.SpdxPackage) { + return convertAndStore((org.spdx.library.model.v2.SpdxPackage)fromElement); + } else if (fromElement instanceof org.spdx.library.model.v2.SpdxSnippet) { + return convertAndStore((org.spdx.library.model.v2.SpdxSnippet)fromElement); + } else if (fromElement instanceof org.spdx.library.model.v2.SpdxNoAssertionElement) { + return new NoAssertionElement(); + } else if (fromElement instanceof org.spdx.library.model.v2.SpdxNoneElement) { + return new NoneElement(); + } else if (fromElement instanceof org.spdx.library.model.v2.ExternalSpdxElement) { + String externalUri = ((org.spdx.library.model.v2.ExternalSpdxElement)fromElement).getIndividualURI(); + logger.warn("Referencing an external SPDX 2 element with URI {} while converting from SPDX 2 to 3", externalUri); + addExternalMapInfo(externalUri); + return new ExternalElement(externalUri); + } else if (fromElement instanceof org.spdx.library.model.v2.SpdxDocument) { + return convertAndStore((org.spdx.library.model.v2.SpdxDocument)fromElement); + } else { + throw new InvalidSPDXAnalysisException("Conversion of SPDX 2 type" + fromElement.getType()+" is not currently supported"); + } + } + + /** + * Creates ExternalMaps for a reference to an external SPDX element or license + * @param externalUri URI of the external element + * @throws InvalidSPDXAnalysisException on error creating ExternalMap + */ + private void addExternalMapInfo(String externalUri) throws InvalidSPDXAnalysisException { + Objects.requireNonNull(externalUri, "External URI can not be null"); + String[] parts = externalUri.split("#"); + if (parts.length != 2) { + logger.warn("{} is not a valid SPDX Spec version 2 external referenced - should have a document uri + '#' + ID", externalUri); + return; + } + Map, ExternalMapInfo> externalMapMap = docUriToExternalMap.get(parts[0]); + if (Objects.isNull(externalMapMap)) { + logger.warn("No corresponding ExternalDocumentRefs for {}", externalUri); + return; + } + synchronized(externalMapMap) { + for (ExternalMapInfo mapInfo:externalMapMap.values()) { + mapInfo.addExternalMap(externalUri, toModelStore); + } + } + + } + + /** + * Converts the SPDX 2 SpdxFile to an SPDX 3 SpdxFile and returns the converted file + * @param spdxFile SPDX file to convert from + * @return SPDX 3 SpdxFile + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public SpdxFile convertAndStore(org.spdx.library.model.v2.SpdxFile spdxFile) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(spdxFile.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_FILE); + if (existing.isPresent()) { + return (SpdxFile)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(spdxFile.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (SpdxFile)getExistingObject(spdxFile.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_FILE).get(); + } + SpdxFile toFile = (SpdxFile)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.SOFTWARE_SPDX_FILE, copyManager, true, defaultUriPrefix); + convertItemProperties(spdxFile, toFile); + + for (org.spdx.library.model.v2.Checksum checksum:spdxFile.getChecksums()) { + toFile.getVerifiedUsings().add(convertAndStore(checksum)); + } + // spdxFile.getFileContributors(); - No equivalent SPDX 3 property + // spdxFile.getFileDependency(); - deprecated - skipping + + for (org.spdx.library.model.v2.enumerations.FileType fileType : spdxFile.getFileTypes()) { + convertAndAddFileType(fileType, toFile); + } + Optional noticeText = spdxFile.getNoticeText(); + + noticeText.ifPresent(s -> toFile.getAttributionTexts().add(s)); + // - this is already captured in the checksums - String sha1 = spdxFile.getSha1(); + return toFile; + } + + /** + * Converts the SPDX spec version 2 Checksum to an SPDX spec version 3 Hash and store the result + * @param checksum SPDX spec version 2 Checksum + * @return SPDX spec version 3 Hash + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public Hash convertAndStore(org.spdx.library.model.v2.Checksum checksum) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(checksum.getObjectUri(), SpdxConstantsV3.CORE_HASH); + if (existing.isPresent()) { + return (Hash)existing.get(); + } + String toObjectUri = toModelStore.getNextId(IdType.Anonymous); + String existingUri = this.alreadyConverted.putIfAbsent(checksum.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (Hash)getExistingObject(checksum.getObjectUri(), SpdxConstantsV3.CORE_HASH).get(); + } + Hash toHash = (Hash)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.CORE_HASH, copyManager, true, defaultUriPrefix); + toHash.setAlgorithm(HASH_ALGORITH_MAP.get(checksum.getAlgorithm())); + toHash.setHashValue(checksum.getValue()); + return toHash; + } + + /** + * Converts an SPDX spec version 2 FileType to the corresponding SPDX model 3 software purpose and/or content type + * and adds that information to the file + * @param fileType SPDX spec version 2 FileType to convert and add + * @param file SPDX spec version 3 SpdxFile to add the software purpose or content type to + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + private void convertAndAddFileType(org.spdx.library.model.v2.enumerations.FileType fileType, SpdxFile file) throws InvalidSPDXAnalysisException { + switch (fileType) { + case ARCHIVE: addSoftwarePurpose(SoftwarePurpose.ARCHIVE, file); break; + case BINARY: file.setContentType("application/octet-stream"); break; + case SOURCE: addSoftwarePurpose(SoftwarePurpose.SOURCE, file); break; + case TEXT: file.setContentType("text/plain"); break; + case APPLICATION: addSoftwarePurpose(SoftwarePurpose.APPLICATION, file); break; + case AUDIO: file.setContentType("audio/*"); break; + case IMAGE: file.setContentType("image/*"); break; + case VIDEO: file.setContentType("video/*"); break; + case DOCUMENTATION: addSoftwarePurpose(SoftwarePurpose.DOCUMENTATION, file); break; + case SPDX: file.setContentType("text/spdx"); break; + case OTHER: addSoftwarePurpose(SoftwarePurpose.OTHER, file); break; + + default: throw new InvalidSPDXAnalysisException("Unknown file type "+fileType); + } + } + + /** + * Adds a Software Purpose to a SoftwareArtifact. If the primaryPurpose is already used, add as an additionalPurpose + * @param purpose purpose to add + * @param artifact artifact to add the purpose to + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + private void addSoftwarePurpose(SoftwarePurpose purpose, + SoftwareArtifact artifact) throws InvalidSPDXAnalysisException { + if (artifact.getPrimaryPurpose().isPresent()) { + artifact.getAdditionalPurposes().add(purpose); + } else { + artifact.setPrimaryPurpose(purpose); + } + } + + /** + * Converts and copies properties from the fromItem to the toArtifact + * @param fromItem SPDX spec version 2 Item to copy properties from + * @param toArtifact SPDX spec version 3 SoftwareArtifact to copy properties to + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + private void convertItemProperties(org.spdx.library.model.v2.SpdxItem fromItem, SoftwareArtifact toArtifact) throws InvalidSPDXAnalysisException { + convertElementProperties(fromItem, toArtifact); + toArtifact.getAttributionTexts().addAll(fromItem.getAttributionText()); + toArtifact.setCopyrightText(fromItem.getCopyrightText()); + Optional licenseComments = fromItem.getLicenseComments(); + if (licenseComments.isPresent()) { + Optional existingComment = toArtifact.getComment(); + toArtifact.setComment(existingComment.map(s -> s + ";" + licenseComments.get()).orElseGet(licenseComments::get)); + } + org.spdx.library.model.v2.license.AnyLicenseInfo concludedLicense = fromItem.getLicenseConcluded(); + if (Objects.nonNull(concludedLicense)) { + Relationship concludedRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, + defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId), SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); + concludedRelationship.setCreationInfo(defaultCreationInfo); + concludedRelationship.setFrom(toArtifact); + concludedRelationship.getTos().add(convertAndStore(concludedLicense)); + concludedRelationship.setRelationshipType(RelationshipType.HAS_CONCLUDED_LICENSE); + } + if (!(fromItem instanceof org.spdx.library.model.v2.SpdxPackage)) { + // we use the license concluded for the SPDX package + for (org.spdx.library.model.v2.license.AnyLicenseInfo declaredLicense:fromItem.getLicenseInfoFromFiles()) { + Relationship declaredRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, + defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId), SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); + declaredRelationship.setCreationInfo(defaultCreationInfo); + declaredRelationship.setFrom(toArtifact); + declaredRelationship.getTos().add(convertAndStore(declaredLicense)); + declaredRelationship.setRelationshipType(RelationshipType.HAS_DECLARED_LICENSE); + } + } + } + + /** + * Converts the SPDX 2 SpdxPackage to an SPDX 3 SpdxPackage and returns the converted package + * @param spdxPackage SPDX package to convert from + * @return SPDX 3 SpdxPackage + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public SpdxPackage convertAndStore(org.spdx.library.model.v2.SpdxPackage spdxPackage) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(spdxPackage.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_PACKAGE); + if (existing.isPresent()) { + return (SpdxPackage)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(spdxPackage.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (SpdxPackage)getExistingObject(spdxPackage.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_PACKAGE).get(); + } + SpdxPackage toPackage = (SpdxPackage)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.SOFTWARE_SPDX_PACKAGE, copyManager, true, defaultUriPrefix); + convertItemProperties(spdxPackage, toPackage); + toPackage.setBuiltTime(spdxPackage.getBuiltDate().orElse(null)); + toPackage.setDescription(spdxPackage.getDescription().orElse(null)); + toPackage.setDownloadLocation(spdxPackage.getDownloadLocation().orElse(null)); + for (org.spdx.library.model.v2.ExternalRef externalRef:spdxPackage.getExternalRefs()) { + addExternalRefToArtifact(externalRef, toPackage); + } + // spdxPackage.getFiles() - these should be captured in relationships + toPackage.setHomePage(spdxPackage.getHomepage().orElse(null)); + Optional originator = spdxPackage.getOriginator(); + if (originator.isPresent()) { + toPackage.getOriginatedBys().add(stringToAgent(originator.get(), toPackage.getCreationInfo())); + } + Optional packageFileName = spdxPackage.getPackageFileName(); + if (packageFileName.isPresent()) { + addPackageFileNameToPackage(packageFileName.get(), toPackage, spdxPackage.getChecksums()); + } + Optional pkgVerificationCode = spdxPackage.getPackageVerificationCode(); + if (pkgVerificationCode.isPresent()) { + toPackage.getVerifiedUsings().add(convertAndStore(pkgVerificationCode.get())); + } + Optional primaryPurpose = spdxPackage.getPrimaryPurpose(); + if (primaryPurpose.isPresent()) { + if (toPackage.getPrimaryPurpose().isPresent()) { + toPackage.getAdditionalPurposes().add(toPackage.getPrimaryPurpose().get()); + } + toPackage.setPrimaryPurpose(PURPOSE_MAP.get(primaryPurpose.get())); + } + toPackage.setReleaseTime(spdxPackage.getReleaseDate().orElse(null)); + toPackage.setSourceInfo(spdxPackage.getSourceInfo().orElse(null)); + toPackage.setSummary(spdxPackage.getSummary().orElse(null)); + Optional supplier = spdxPackage.getSupplier(); + if (supplier.isPresent()) { + toPackage.setSuppliedBy(stringToAgent(supplier.get(), toPackage.getCreationInfo())); + } + toPackage.setValidUntilTime(spdxPackage.getValidUntilDate().orElse(null)); + toPackage.setPackageVersion(spdxPackage.getVersionInfo().orElse(null)); + + org.spdx.library.model.v2.license.AnyLicenseInfo declaredLicense = spdxPackage.getLicenseDeclared(); + if (Objects.nonNull(declaredLicense)) { + Relationship declaredRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, + defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId), SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); + declaredRelationship.setCreationInfo(defaultCreationInfo); + declaredRelationship.setFrom(toPackage); + declaredRelationship.getTos().add(convertAndStore(declaredLicense)); + declaredRelationship.setRelationshipType(RelationshipType.HAS_DECLARED_LICENSE); + } + return toPackage; + } + + /** + * Converts the spdxPackageVerificationCode to an IntegrityMethod and store the result in the toModelStore + * @param spdxPackageVerificationCode SPDX Spec version 2 package verification code + * @return the package verification code integrity method + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public IntegrityMethod convertAndStore( + org.spdx.library.model.v2.SpdxPackageVerificationCode spdxPackageVerificationCode) throws InvalidSPDXAnalysisException { + PackageVerificationCode pkgVerificationCode = (PackageVerificationCode)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toModelStore.getNextId(IdType.Anonymous), SpdxConstantsV3.CORE_PACKAGE_VERIFICATION_CODE, + copyManager, true, defaultUriPrefix); + + pkgVerificationCode.setAlgorithm(HashAlgorithm.SHA1); + pkgVerificationCode.setHashValue(spdxPackageVerificationCode.getValue()); + pkgVerificationCode.getPackageVerificationCodeExcludedFiles().addAll(spdxPackageVerificationCode.getExcludedFileNames()); + return pkgVerificationCode; + } + + /** + * Create a File artifact and add that to toPackage as a relationship + * @param fileName Name of the File artifact + * @param toPackage package to add the file to + * @param fileChecksums checksums for the file + * @throws InvalidSPDXAnalysisException on SPDX parsing errors + */ + private void addPackageFileNameToPackage(String fileName, + SpdxPackage toPackage, Collection fileChecksums) throws InvalidSPDXAnalysisException { + SpdxFile file = toPackage.createSpdxFile(defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId)) + .setName(fileName) + .build(); + for (org.spdx.library.model.v2.Checksum checksum : fileChecksums) { + file.getVerifiedUsings().add(convertAndStore(checksum)); + } + toPackage.createRelationship(defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId)) + .setRelationshipType(RelationshipType.HAS_DISTRIBUTION_ARTIFACT) + .setFrom(toPackage) + .addTo(file) + .setCompleteness(RelationshipCompleteness.COMPLETE) + .build(); + } + + /** + * @param externalRef SPDX Spec version 2 External Ref to add to the package + * @param artifact SPDX Spec version 3 Artifact to add either an ExternalRef or ExternalId depending on the externalRef type + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + private void addExternalRefToArtifact(org.spdx.library.model.v2.ExternalRef externalRef, + SoftwareArtifact artifact) throws InvalidSPDXAnalysisException { + addExternalRefToArtifact(externalRef, artifact, toModelStore); + } + + /** + * @param externalRef SPDX Spec version 2 External Ref to add to the package + * @param artifact SPDX Spec version 3 Artifact to add either an ExternalRef or ExternalId depending on the externalRef type + * @param modelStore modelStore to use for creating any SPDX objects + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public static void addExternalRefToArtifact(org.spdx.library.model.v2.ExternalRef externalRef, + SoftwareArtifact artifact, IModelStore modelStore) throws InvalidSPDXAnalysisException { + addExternalRefToArtifact(externalRef.getReferenceCategory(), externalRef.getReferenceType(), + externalRef.getReferenceLocator(), externalRef.getComment().orElse(null), artifact, modelStore); + } + + /** + * @param referenceCategory Reference category for external ref + * @param referenceType Reference type for external ref + * @param referenceLocator Locator for external ref + * @param comment External reference comment + * @param artifact Artifact which contains the external ref + * @param modelStore modelStore to use for creating any SPDX objects + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public static void addExternalRefToArtifact(org.spdx.library.model.v2.enumerations.ReferenceCategory referenceCategory, + org.spdx.library.model.v2.ReferenceType referenceType, String referenceLocator, @Nullable String comment, + SoftwareArtifact artifact, IModelStore modelStore) throws InvalidSPDXAnalysisException { + Objects.requireNonNull(referenceType); + switch (referenceType.getIndividualURI()) { + case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "cpe22Type": + case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "cpe23Type": + case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "swid": + artifact.getExternalIdentifiers().add(artifact.createExternalIdentifier(modelStore.getNextId(IdType.Anonymous)) + .setExternalIdentifierType(EXTERNAL_IDENTIFIER_TYPE_MAP.get(referenceType.getIndividualURI())) + .setIdentifier(referenceLocator) + .setComment(comment) + .build()); break; + case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "purl": { + if (artifact instanceof SpdxPackage) { + ((SpdxPackage)artifact).setPackageUrl(referenceLocator); + } else { + artifact.getExternalIdentifiers().add(artifact.createExternalIdentifier(modelStore.getNextId(IdType.Anonymous)) + .setExternalIdentifierType(EXTERNAL_IDENTIFIER_TYPE_MAP.get(referenceType.getIndividualURI())) + .setIdentifier(referenceLocator) + .setComment(comment) + .build()); break; + } + } break; + case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "swh": + case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "gitoid": + artifact.getContentIdentifiers().add(artifact.createContentIdentifier(modelStore.getNextId(IdType.Anonymous)) + .setContentIdentifierType(CONTENT_IDENTIFIER_TYPE_MAP.get(referenceType.getIndividualURI())) + .setContentIdentifierValue(referenceLocator) + .setComment(comment) + .build()); break; + default: { + ExternalRefType externalRefType = EXTERNAL_REF_TYPE_MAP.get(referenceType.getIndividualURI()); + if (Objects.isNull(externalRefType)) { + switch (referenceCategory) { + case PACKAGE_MANAGER: externalRefType = ExternalRefType.BUILD_SYSTEM; break; + case SECURITY: externalRefType = ExternalRefType.SECURITY_OTHER; break; + default: externalRefType = ExternalRefType.OTHER; + } + } + artifact.getExternalRefs().add(artifact.createExternalRef(modelStore.getNextId(IdType.Anonymous)) + .setExternalRefType(externalRefType) + .addLocator(referenceLocator) + .setComment(comment) + .build()); + } + } + } + + /** + * Converts the SPDX 2 SpdxSnippet to an SPDX 3 Snippet and returns the converted snippet + * @param fromSnippet SPDX 2 snippet to convert from + * @return SPDX 3 Snippet + * @throws InvalidSPDXAnalysisException on any error in conversion + */ + public Snippet convertAndStore(org.spdx.library.model.v2.SpdxSnippet fromSnippet) throws InvalidSPDXAnalysisException { + Optional existing = getExistingObject(fromSnippet.getObjectUri(), SpdxConstantsV3.SOFTWARE_SNIPPET); + if (existing.isPresent()) { + return (Snippet)existing.get(); + } + String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); + String existingUri = this.alreadyConverted.putIfAbsent(fromSnippet.getObjectUri(), toObjectUri); + if (Objects.nonNull(existingUri)) { + // small window if conversion occurred since the last check already converted + return (Snippet)getExistingObject(fromSnippet.getObjectUri(), SpdxConstantsV3.SOFTWARE_SNIPPET).get(); + } + Snippet toSnippet = (Snippet)SpdxModelClassFactoryV3.getModelObject(toModelStore, + toObjectUri, SpdxConstantsV3.SOFTWARE_SNIPPET, copyManager, true, defaultUriPrefix); + convertItemProperties(fromSnippet, toSnippet); + StartEndPointer fromByteRange = fromSnippet.getByteRange(); + if (Objects.nonNull(fromByteRange)) { + // noinspection DataFlowIssue + ByteOffsetPointer startPointer = (ByteOffsetPointer) fromByteRange.getStartPointer(); + ByteOffsetPointer endPointer = (ByteOffsetPointer) fromByteRange.getEndPointer(); + if (Objects.nonNull(startPointer) && Objects.nonNull(endPointer)) { + toSnippet.setByteRange(toSnippet + .createPositiveIntegerRange(toModelStore.getNextId(IdType.Anonymous)) + .setBeginIntegerRange(startPointer.getOffset()) + .setEndIntegerRange(endPointer.getOffset()).build()); + } + } + Optional fromLineRange = fromSnippet.getLineRange(); + if (fromLineRange.isPresent()) { + // noinspection DataFlowIssue + LineCharPointer startPointer = (LineCharPointer) fromLineRange.get().getStartPointer(); + LineCharPointer endPointer = (LineCharPointer) fromLineRange.get().getEndPointer(); + if (Objects.nonNull(startPointer) && Objects.nonNull(endPointer)) { + toSnippet.setLineRange(toSnippet + .createPositiveIntegerRange(toModelStore.getNextId(IdType.Anonymous)) + .setBeginIntegerRange(startPointer.getLineNumber()) + .setEndIntegerRange(endPointer.getLineNumber()).build()); + } + } + toSnippet.setSnippetFromFile(convertAndStore(Objects.requireNonNull(fromSnippet.getSnippetFromFile()))); + return toSnippet; + } +} \ No newline at end of file diff --git a/spdx/v3/v3_0_1/convert_v301_test.go b/spdx/v3/v3_0_1/convert_v301_test.go new file mode 100644 index 00000000..5afb72ba --- /dev/null +++ b/spdx/v3/v3_0_1/convert_v301_test.go @@ -0,0 +1,608 @@ +package v3_0_1 + +import ( + "time" + + "github.com/kzantow/go-ld" + "github.com/spdx/tools-golang/spdx/v2/v2_3" +) + +func v301doc() *Document { + ci := v301creationInfo() + + d := NewDocument( + ProfileIdentifierType_Software, + "Example Software Package", + ci.CreatedBy[0], + ci.CreatedUsing[0], + ) + d.DataLicense = &ListedLicense{ + License: License{ + ExtendableLicense: ExtendableLicense{ + LicenseInfo: LicenseInfo{ + Element: Element{ + Name: v2_3.DataLicense, + }, + }, + }, + }, + } + d.SpdxDocument.ID = "SPDXRef-DOCUMENT" + d.CreationInfo.(*CreationInfo).Created = parseTime("2023-01-15T10:30:00Z") + d.SpdxDocument.Element.Comment = "This is a sample SPDX document for testing purposes." + d.NamespaceMaps = NamespaceMapList{ + &NamespaceMap{ + Namespace: "https://example.com/spdx/example-software-1.0.0", + }, + } + + sbom := &SBOM{} + d.RootElements = ElementList{sbom} + + // Add external document references + d.Imports = ExternalMapList{ + v301externalMap1(), + v301externalMap2(), + } + + sbom.Elements = append(sbom.Elements, + v301customLicense1(), + v301customLicense2(), + ) + + pkg1, extraElems := v301package1() + sbom.Elements = append(sbom.Elements, extraElems...) + sbom.Elements = append(sbom.Elements, pkg1) + + // pkg1 is the only thing referenced directly as a document root element + sbom.RootElements = append(sbom.RootElements, pkg1) + + pkg2, extraElems := v301package2() + sbom.Elements = append(sbom.Elements, extraElems...) + sbom.Elements = append(sbom.Elements, pkg2) + + file1, extraElems := v301file1() + sbom.Elements = append(sbom.Elements, file1) + sbom.Elements = append(sbom.Elements, extraElems...) + + file2, extraElems := v301file2() + sbom.Elements = append(sbom.Elements, file2) + sbom.Elements = append(sbom.Elements, extraElems...) + + sbom.Elements = append(sbom.Elements, + v301annotation1(pkg1), + v301annotation2(pkg2), + ) + + snippet1, extraElems := v301snippet1(file1) + sbom.Elements = append(sbom.Elements, snippet1) + sbom.Elements = append(sbom.Elements, extraElems...) + + snippet2, extraElems := v301snippet2(file2) + sbom.Elements = append(sbom.Elements, snippet2) + sbom.Elements = append(sbom.Elements, extraElems...) + + sbom.Elements = append(sbom.Elements, + // SpdxRef-DOCUMENT relationships are handled by object structure + &Relationship{ + From: pkg1, + To: ElementList{pkg2}, + Type: RelationshipType_DependsOn, + Element: Element{ + Comment: "Main package depends on utility tools", + }, + }, + &Relationship{ + From: pkg1, + To: ElementList{file1}, + Type: RelationshipType_Contains, + Element: Element{ + Comment: "Package contains main source file", + }, + }, + ) + + return d +} + +func v301creationInfo() *CreationInfo { + return &CreationInfo{ + + Created: parseTime("2023-01-15T10:30:00Z"), + CreatedBy: AgentList{ + &Person{ + Agent: Agent{ + Element: Element{ + Name: "John Doe", + ExternalIdentifiers: externalIdentifierListEmail("john@example.com"), + }, + }, + }, + }, + CreatedUsing: ToolList{ + &Tool{ + Element: Element{ + Name: "tools-golang-v1.1.0", + }, + }, + }, + + //LicenseListVersion: "3.19", + Comment: "Created during automated build process", + } +} + +func v301package1() (*Package, ElementList) { + p := &Package{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: "SPDXRef-Package-ExampleLib", + Name: "example-library", + Description: "This is a detailed description of the example library package.", + Summary: "A sample library for demonstration", + Comment: "Package built with standard configuration" + ";License determined from LICENSE file", + + VerifiedUsing: IntegrityMethodList{ + &PackageVerificationCode{ + Algorithm: HashAlgorithm_Sha1, + HashValue: "d6a770ba38583ed4bb4525bd96e50461655d2758", + ExcludedFiles: []string{"./exclude1.txt", "./exclude2.txt"}, + }, + &Hash{ + Algorithm: HashAlgorithm_Sha1, + Value: "aabbccdd", + }, + &Hash{ + Algorithm: HashAlgorithm_Sha256, + Value: "11223344", + }, + }, + ExternalIdentifiers: ExternalIdentifierList{ + &ExternalIdentifier{ + Type: ExternalIdentifierType_PackageURL, + Identifier: "pkg:npm/example-library@1.2.3", + Comment: "NPM package reference", + }, + &ExternalIdentifier{ + Type: ExternalIdentifierType_Cpe23, + Identifier: "cpe:2.3:a:example:library:1.2.3:*:*:*:*:*:*:*", + Comment: "CPE reference for security scanning", + }, + }, + }, + SuppliedBy: &Organization{ + Agent: Agent{ + Element: Element{ + Name: "Example Corp", + ExternalIdentifiers: externalIdentifierListEmail("support@example.com"), + }, + }, + }, + + OriginatedBy: AgentList{ + &Person{ + Agent: Agent{ + Element: Element{ + Name: "Jane Smith", + ExternalIdentifiers: externalIdentifierListEmail("jane@example.com"), + }, + }, + }, + }, + + ReleaseTime: parseTime("2023-01-10T00:00:00Z"), + BuiltTime: parseTime("2023-01-15T08:00:00Z"), + ValidUntilTime: parseTime("2025-01-10T00:00:00Z"), + }, + CopyrightText: "Copyright 2023 Example Corp", + AttributionTexts: []string{ + "This package includes code from Project ABC", + "Special thanks to the open source community", + }, + //FilesAnalyzed: true, + PrimaryPurpose: SoftwarePurpose_Library, + }, + Version: "1.2.3", + HomePage: "https://example.com/library", + SourceInfo: "Built from git tag v1.2.3", + DownloadLocation: "https://github.com/example/library/archive/v1.2.3.tar.gz", + PackageURL: "pkg:npm/example-library-main@1.2.3", + } + + // comment was appended to pkg comment: "License determined from LICENSE file" + + l := &ListedLicense{} + l.Name = "MIT" + + l2 := &ListedLicense{} + l2.Name = "Apache-2.0" + + r1 := &Relationship{ + Type: RelationshipType_HasConcludedLicense, + To: ElementList{l}, + From: p, + } + + r2 := &Relationship{ + Type: RelationshipType_HasDeclaredLicense, + To: ElementList{l}, + From: p, + } + + r3 := &Relationship{ + Type: RelationshipType_HasConcludedLicense, + To: ElementList{l2}, + From: p, + } + + return p, ElementList{l, r1, r2, l2, r3} +} + +func v301package2() (*Package, ElementList) { + p := &Package{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: "SPDXRef-Package-UtilityTools", + Name: "utility-tools", + Description: "A comprehensive set of utility tools for developers.", + Summary: "Collection of utility tools", + + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Algorithm: HashAlgorithm_Sha256, + Value: "ffaabbcc11223344", + }, + }, + }, + SuppliedBy: &Person{ + Agent: Agent{ + Element: Element{ + Name: "Bob Johnson", + ExternalIdentifiers: externalIdentifierListEmail("bob@tools.com"), + }, + }, + }, + }, + CopyrightText: "Copyright 2023 Tools Inc", + PrimaryPurpose: SoftwarePurpose_Application, + }, + Version: "2.1.0", + HomePage: ld.URI("https://tools.com/utility"), + DownloadLocation: ld.URI("https://tools.com/download/utility-tools-2.1.0.zip"), + } + + l := &ListedLicense{} + l.Name = "Apache-2.0" + + r1 := &Relationship{ + Type: RelationshipType_HasConcludedLicense, + To: ElementList{l}, + From: p, + } + + r2 := &Relationship{ + Type: RelationshipType_HasDeclaredLicense, + To: ElementList{l}, + From: p, + } + + return p, ElementList{l, r1, r2} +} + +func v301customLicense1() AnyLicense { + return &CustomLicense{ + License: License{ + ExtendableLicense: ExtendableLicense{ + LicenseInfo: LicenseInfo{ + Element: Element{ + ID: "LicenseRef-CustomLicense1", + Name: "Custom Example License", + Comment: "Custom license used for internal tools", + }, + }, + }, + SeeAlsos: []ld.URI{ + "https://example.com/licenses/custom", + }, + Text: "This is a custom license text for demonstration purposes.\n\nPermission is granted to use this software...", + }, + } +} + +func v301customLicense2() AnyLicense { + return &CustomLicense{ + License: License{ + ExtendableLicense: ExtendableLicense{ + LicenseInfo: LicenseInfo{ + Element: Element{ + ID: "LicenseRef-CustomLicense2", + Name: "Another Custom License", + Comment: "License for third-party components", + }, + }, + }, + SeeAlsos: []ld.URI{ + "https://example.com/licenses/another-custom", + "https://internal.example.com/legal/licenses", + }, + Text: "Another custom license text with different terms.\n\nThis software may be used under the following conditions...", + }, + } +} + +func v301file1() (AnyFile, ElementList) { + f := &File{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: "SPDXRef-File-Other", + Name: "./src/other.c", + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Value: "da39a3ee5e6b4b0d3255bfef95601890afd80709", + Algorithm: HashAlgorithm_Sha1, + }, + &Hash{ + Value: "d41d8cd98f00b204e9800998ecf8427e", + Algorithm: HashAlgorithm_Md5, + }, + }, + Comment: "Other application entry point", + Description: "This file contains the other function", + }, + OriginatedBy: AgentList{ + &Person{ + Agent: Agent{ + Element: Element{ + Name: "Other John Doe", + ExternalIdentifiers: externalIdentifierListEmail("john@doe.com"), + }, + }, + }, + &Person{ + Agent: Agent{ + Element: Element{ + Name: "Jane Smith", + ExternalIdentifiers: externalIdentifierListEmail("jane.smith@example.org"), + }, + }, + }, + }, + }, + + CopyrightText: "Copyright 2023 Example Corp", + AttributionTexts: []string{ + "Based on other example code from something", + }, + //FileTypes: []FileType{ + // FileType_Source, + //}, + //PrimaryPurpose: SoftwarePurpose_Source, + }, + Kind: FileKindType_File, + } + + l := &ListedLicense{} + l.Name = "MIT" + + r1 := &Relationship{ + Type: RelationshipType_HasConcludedLicense, + To: ElementList{l}, + From: f, + } + + r2 := &Relationship{ + Type: RelationshipType_HasDeclaredLicense, + To: ElementList{l}, + From: f, + } + + return f, ElementList{l, r1, r2} +} + +func v301file2() (*File, ElementList) { + f := &File{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: "SPDXRef-File-Header", + + Name: "./include/header.h", + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Value: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + Algorithm: HashAlgorithm_Sha256, + }, + }, + Comment: "Header file with function declarations", + }, + }, + CopyrightText: "Copyright 2023 Example Corp", + //FileTypes: []FileType{ + // FileType_Header, + //}, + }, + } + + l := &ListedLicense{} + l.Name = "MIT" + + r1 := &Relationship{ + Type: RelationshipType_HasConcludedLicense, + To: ElementList{l}, + From: f, + } + + r2 := &Relationship{ + Type: RelationshipType_HasDeclaredLicense, + To: ElementList{l}, + From: f, + } + + return f, ElementList{l, r1, r2} +} + +func v301externalMap1() *ExternalMap { + return &ExternalMap{ + ExternalSpdxID: "DocumentRef-External1", + LocationHint: "https://external.com/spdx/external-doc-1.0.0", + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Algorithm: HashAlgorithm_Sha1, + Value: "da39a3ee5e6b4b0d3255bfef95601890afd80709", + }, + }, + } +} + +func v301externalMap2() *ExternalMap { + return &ExternalMap{ + ExternalSpdxID: "DocumentRef-External2", + LocationHint: "https://external2.com/spdx/external-doc-2.0.0", + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Algorithm: HashAlgorithm_Sha256, + Value: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + }, + }, + } +} + +func v301annotation1(subject AnyElement) *Annotation { + return &Annotation{ + Type: AnnotationType_Review, + Element: Element{ + ID: "SPDXRef-Annotation-1", + CreationInfo: &CreationInfo{ + Created: parseTime("2023-01-20T14:30:00Z"), + CreatedBy: AgentList{ + &Person{ + Agent: Agent{ + Element: Element{ + Name: "Security Team", + ExternalIdentifiers: externalIdentifierListEmail("security@example.com"), + }, + }, + }, + }, + }, + }, + Subject: subject, + Statement: "Security review completed - no vulnerabilities found", + } +} + +func v301annotation2(subject AnyElement) *Annotation { + return &Annotation{ + Type: AnnotationType_Other, + Element: Element{ + ID: "SPDXRef-Annotation-2", + CreationInfo: &CreationInfo{ + Created: parseTime("2023-01-21T09:15:00Z"), + CreatedBy: AgentList{ + &Person{ + Agent: Agent{ + Element: Element{ + Name: "vulnerability-scanner-v1.5", + }, + }, + }, + }, + }, + Comment: "Automated scan completed - clean", + }, + Subject: subject, + } +} + +func v301snippet1(fileRef AnyFile) (AnyElement, ElementList) { + s := &Snippet{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: "SPDXRef-Snippet1", + Name: "Core Algorithm", + Comment: "Key algorithm implementation", + }, + }, + CopyrightText: "Copyright 2023 Example Corp", + AttributionTexts: []string{"Algorithm based on research paper XYZ"}, + }, + FromFile: fileRef, + ByteRange: &PositiveIntegerRange{ + BeginIntegerRange: 100, + EndIntegerRange: 200, + }, + LineRange: &PositiveIntegerRange{ + BeginIntegerRange: 10, + EndIntegerRange: 15, + }, + + //LicenseComments: "License applies to this code snippet", + } + + l := &ListedLicense{} + l.Name = "MIT" + + r1 := &Relationship{ + Type: RelationshipType_HasConcludedLicense, + To: ElementList{l}, + From: s, + } + + r2 := &Relationship{ + Type: RelationshipType_HasDeclaredLicense, + To: ElementList{l}, + From: s, + } + + return s, ElementList{l, r1, r2} +} + +func v301snippet2(fileRef AnyFile) (AnySnippet, ElementList) { + s := &Snippet{ + SoftwareArtifact: SoftwareArtifact{ + Artifact: Artifact{ + Element: Element{ + ID: "SPDXRef-Snippet2", + Name: "API Declarations", + Comment: "Function declarations", + }, + }, + CopyrightText: "Copyright 2023 Example Corp", + }, + FromFile: fileRef, + ByteRange: &PositiveIntegerRange{ + EndIntegerRange: 50, + BeginIntegerRange: 150, + }, + LineRange: &PositiveIntegerRange{ + EndIntegerRange: 5, + BeginIntegerRange: 8, + }, + } + + l := &ListedLicense{} + l.Name = "MIT" + + r1 := &Relationship{ + Type: RelationshipType_HasConcludedLicense, + To: ElementList{l}, + From: s, + } + + r2 := &Relationship{ + Type: RelationshipType_HasDeclaredLicense, + To: ElementList{l}, + From: s, + } + + return s, ElementList{l, r1, r2} +} + +func parseTime(s string) time.Time { + t, _ := time.Parse(time.RFC3339, s) + return t +} diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0_1/model.go similarity index 93% rename from spdx/v3/v3_0/model.go rename to spdx/v3/v3_0_1/model.go index 21c1adb0..3bd8ffc9 100755 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0_1/model.go @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: MIT -package v3_0 +package v3_0_1 import ( "reflect" @@ -18,21 +18,21 @@ type AnyAIPackage interface { // AIPackage Specifies an AI package and its associated information. type AIPackage struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/AIPackage"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/AIPackage" node-kind:"http://www.w3.org/ns/shacl#IRI"` Package // Domains Captures the domain in which the AI package can be used. Domains []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/domain" type:"http://www.w3.org/2001/XMLSchema#string"` // EnergyConsumption Indicates the amount of energy consumption incurred by an AI model. EnergyConsumption AnyEnergyConsumption `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption"` - // ModelDataPreprocessings Describes all the preprocessing steps applied to the training data before the\nmodel training. + // ModelDataPreprocessings Describes all the preprocessing steps applied to the training data before the model training. ModelDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" type:"http://www.w3.org/2001/XMLSchema#string"` - // UseSensitivePersonalInformation Records if sensitive personal information is used during model training or\ncould be used during the inference. + // UseSensitivePersonalInformation Records if sensitive personal information is used during model training or could be used during the inference. UseSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` - // AutonomyType Indicates whether the system can perform a decision or action without human\ninvolvement or guidance. + // AutonomyType Indicates whether the system can perform a decision or action without human involvement or guidance. AutonomyType PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` // SafetyRiskAssessment Records the results of general safety risk assessment of the AI system. SafetyRiskAssessment SafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" type:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType"` - // Hyperparameters Records a hyperparameter used to build the AI model contained in the AI\npackage. + // Hyperparameters Records a hyperparameter used to build the AI model contained in the AI package. Hyperparameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` // Limitation Captures a limitation of the AI software. Limitation string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/limitation" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -40,11 +40,11 @@ type AIPackage struct { ModelExplainabilities []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" type:"http://www.w3.org/2001/XMLSchema#string"` // StandardCompliances Captures a standard that is being complied with. StandardCompliances []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" type:"http://www.w3.org/2001/XMLSchema#string"` - // MetricDecisionThresholds Captures the threshold that was used for computation of a metric described in\nthe metric field. + // MetricDecisionThresholds Captures the threshold that was used for computation of a metric described in the metric field. MetricDecisionThresholds DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` // TypeOfModels Records the type of the model used in the AI software. TypeOfModels []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" type:"http://www.w3.org/2001/XMLSchema#string"` - // InformationAboutApplication Provides relevant information about the AI software, not including the model\ndescription. + // InformationAboutApplication Provides relevant information about the AI software, not including the model description. InformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" type:"http://www.w3.org/2001/XMLSchema#string"` // InformationAboutTraining Describes relevant information about different steps of the training process. InformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -69,7 +69,7 @@ type AnyAgent interface { // Agent represents anything with the potential to act on a system. type Agent struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Agent" node-kind:"http://www.w3.org/ns/shacl#IRI"` Element } @@ -102,7 +102,7 @@ type AnyAnnotation interface { // Annotation An assertion made in relation to one or more elements. type Annotation struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Annotation"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Annotation" node-kind:"http://www.w3.org/ns/shacl#IRI"` Element // Subject An Element an annotator has made an assertion about. Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` @@ -110,8 +110,8 @@ type Annotation struct { ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` // Statement Commentary on an assertion that an annotator has made. Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" type:"http://www.w3.org/2001/XMLSchema#string"` - // AnnotationType Describes the type of annotation. - AnnotationType AnnotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` + // Type Describes the type of annotation. + Type AnnotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` } func (o *Annotation) asAnnotation() *Annotation { @@ -126,7 +126,7 @@ func (o *AnnotationList) Annotations() ld.TypeSeq[AnyAnnotation, *Annotation] { // AnnotationType Specifies the type of an annotation. type AnnotationType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" node-kind:""` id string `iri:"@id"` } @@ -147,7 +147,6 @@ type AnyArtifact interface { // Artifact A distinct article or unit within the digital domain. type Artifact struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` Element // StandardNames The name of a relevant standard that may apply to an artifact. StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -157,11 +156,11 @@ type Artifact struct { ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` // SupportLevels Specifies the level of support associated with an artifact. SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` - // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element. + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` // OriginatedBy Identifies from where or whom the Element originally came. OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` - // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be\nreassessed. + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` } @@ -203,29 +202,29 @@ func (o *ArtifactList) Vulnerabilities() ld.TypeSeq[AnyArtifact, *Vulnerability] return ld.NewTypeSeq(*o, castVulnerability) } -type AnyBom interface { +type AnyBOM interface { AnyBundle - asBom() *Bom + asBOM() *BOM } -// Bom A container for a grouping of SPDX-3.0 content characterizing details\n(provenence, composition, licensing, etc.) about a product. -type Bom struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bom"` +// BOM A container for a grouping of SPDX-3.0 content characterizing details (provenence, composition, licensing, etc.) about a product. +type BOM struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bom" node-kind:"http://www.w3.org/ns/shacl#IRI"` Bundle } -func (o *Bom) asBom() *Bom { +func (o *BOM) asBOM() *BOM { return o } -type BomList []AnyBom +type BOMList []AnyBOM -func (o *BomList) Boms() ld.TypeSeq[AnyBom, *Bom] { - return ld.NewTypeSeq(*o, castBom) +func (o *BOMList) BOMs() ld.TypeSeq[AnyBOM, *BOM] { + return ld.NewTypeSeq(*o, castBOM) } -func (o *BomList) Sboms() ld.TypeSeq[AnyBom, *Sbom] { - return ld.NewTypeSeq(*o, castSbom) +func (o *BOMList) SBOMs() ld.TypeSeq[AnyBOM, *SBOM] { + return ld.NewTypeSeq(*o, castSBOM) } type AnyBuild interface { @@ -235,24 +234,24 @@ type AnyBuild interface { // Build Class that describes a build instance of software/artifacts. type Build struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Build/Build"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Build/Build" node-kind:"http://www.w3.org/ns/shacl#IRI"` Element - // BuildId A buildId is a locally unique identifier used by a builder to identify a unique\ninstance of a build produced by it. - BuildId string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuildID A buildId is a locally unique identifier used by a builder to identify a unique instance of a build produced by it. + BuildID string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" type:"http://www.w3.org/2001/XMLSchema#string"` // ConfigSourceUris Property that describes the URI of the build configuration source file. - ConfigSourceUris []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // BuildStartTime Property describing the start time of a build. - BuildStartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // ConfigSourceDigests Property that describes the digest of the build configuration file used to\ninvoke a build. + ConfigSourceUris []URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // StartTime Property describing the start time of a build. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ConfigSourceDigests Property that describes the digest of the build configuration file used to invoke a build. ConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" type:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` // Parameters Property describing a parameter used in an instance of a build. Parameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` - // BuildType A buildType is a hint that is used to indicate the toolchain, platform, or\ninfrastructure that the build was invoked on. - BuildType ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Type A buildType is a hint that is used to indicate the toolchain, platform, or infrastructure that the build was invoked on. + Type URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` // ConfigSourceEntrypoints Property describes the invocation entrypoint of a build. ConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" type:"http://www.w3.org/2001/XMLSchema#string"` - // BuildEndTime Property that describes the time at which a build stops. - BuildEndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // EndTime Property that describes the time at which a build stops. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` // Environments Property describing the session in which a build is invoked. Environments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` } @@ -274,9 +273,9 @@ type AnyBundle interface { // Bundle A collection of Elements that have a shared context. type Bundle struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bundle"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bundle" node-kind:"http://www.w3.org/ns/shacl#IRI"` ElementCollection - // Context Gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under. + // Context Gives information about the circumstances or unifying properties that Elements of the bundle have been assembled under. Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" type:"http://www.w3.org/2001/XMLSchema#string"` } @@ -286,16 +285,16 @@ func (o *Bundle) asBundle() *Bundle { type BundleList []AnyBundle -func (o *BundleList) Boms() ld.TypeSeq[AnyBundle, *Bom] { - return ld.NewTypeSeq(*o, castBom) +func (o *BundleList) BOMs() ld.TypeSeq[AnyBundle, *BOM] { + return ld.NewTypeSeq(*o, castBOM) } func (o *BundleList) Bundles() ld.TypeSeq[AnyBundle, *Bundle] { return ld.NewTypeSeq(*o, castBundle) } -func (o *BundleList) Sboms() ld.TypeSeq[AnyBundle, *Sbom] { - return ld.NewTypeSeq(*o, castSbom) +func (o *BundleList) SBOMs() ld.TypeSeq[AnyBundle, *SBOM] { + return ld.NewTypeSeq(*o, castSBOM) } type AnyCdxPropertiesExtension interface { @@ -305,7 +304,7 @@ type AnyCdxPropertiesExtension interface { // CdxPropertiesExtension A type of extension consisting of a list of name value pairs. type CdxPropertiesExtension struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` Extension // CdxProperties Provides a map of a property names to a values. CdxProperties CdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` @@ -327,7 +326,7 @@ type AnyCdxPropertyEntry interface { // CdxPropertyEntry A property name with an associated value. type CdxPropertyEntry struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` // CdxPropValue A value used in a CdxPropertyEntry name-value pair. CdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -347,7 +346,7 @@ func (o *CdxPropertyEntryList) CdxPropertyEntries() ld.TypeSeq[AnyCdxPropertyEnt // ConfidentialityLevelType Categories of confidentiality level. type ConfidentialityLevelType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" node-kind:""` id string `iri:"@id"` } @@ -376,9 +375,9 @@ type AnyConjunctiveLicenseSet interface { asConjunctiveLicenseSet() *ConjunctiveLicenseSet } -// ConjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information\nwhere all elements apply. +// ConjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where all elements apply. type ConjunctiveLicenseSet struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet" node-kind:"http://www.w3.org/ns/shacl#IRI"` LicenseInfo // Members A license expression participating in a license set. Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` @@ -401,12 +400,12 @@ type AnyContentIdentifier interface { // ContentIdentifier A canonical, unique, immutable identifier type ContentIdentifier struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` IntegrityMethod - // ContentIdentifierType Specifies the type of the content identifier. - ContentIdentifierType ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` - // ContentIdentifierValue Specifies the value of the content identifier. - ContentIdentifierValue ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Type Specifies the type of the content identifier. + Type ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` + // Value Specifies the value of the content identifier. + Value URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` } func (o *ContentIdentifier) asContentIdentifier() *ContentIdentifier { @@ -421,7 +420,7 @@ func (o *ContentIdentifierList) ContentIdentifiers() ld.TypeSeq[AnyContentIdenti // ContentIdentifierType Specifies the type of a content identifier. type ContentIdentifierType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" node-kind:""` id string `iri:"@id"` } @@ -441,15 +440,15 @@ type AnyCreationInfo interface { // CreationInfo Provides information about the creation of the Element. type CreationInfo struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` - // SpecVersion Provides a reference number that can be used to understand how to parse and\ninterpret an Element. + // SpecVersion Provides a reference number that can be used to understand how to parse and interpret an Element. SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` // Created Identifies when the Element was originally created. Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" required:"true" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` // CreatedUsing Identifies the tooling that was used during the creation of the Element. CreatedUsing ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` - // Comment Provide consumers with comments by the creator of the Element about the\nElement. + // Comment Provide consumers with comments by the creator of the Element about the Element. Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` // CreatedBy Identifies who or what created the Element. CreatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` @@ -472,7 +471,7 @@ type AnyCustomLicense interface { // CustomLicense A license that is not listed on the SPDX License List. type CustomLicense struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense" node-kind:"http://www.w3.org/ns/shacl#IRI"` License } @@ -493,7 +492,7 @@ type AnyCustomLicenseAddition interface { // CustomLicenseAddition A license addition that is not listed on the SPDX Exceptions List. type CustomLicenseAddition struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition" node-kind:"http://www.w3.org/ns/shacl#IRI"` LicenseAddition } @@ -509,7 +508,7 @@ func (o *CustomLicenseAdditionList) CustomLicenseAdditions() ld.TypeSeq[AnyCusto // CvssSeverityType Specifies the CVSS base, temporal, threat, or environmental severity type. type CvssSeverityType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" node-kind:""` id string `iri:"@id"` } @@ -545,7 +544,7 @@ type AnyCvssV2VulnAssessmentRelationship interface { // CvssV2VulnAssessmentRelationship Provides a CVSS version 2.0 assessment for a vulnerability. type CvssV2VulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VulnAssessmentRelationship // VectorString Specifies the CVSS vector string for a vulnerability. VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -570,7 +569,7 @@ type AnyCvssV3VulnAssessmentRelationship interface { // CvssV3VulnAssessmentRelationship Provides a CVSS version 3 assessment for a vulnerability. type CvssV3VulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VulnAssessmentRelationship // Score Provides a numerical (0-10) representation of the severity of a vulnerability. Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` @@ -597,7 +596,7 @@ type AnyCvssV4VulnAssessmentRelationship interface { // CvssV4VulnAssessmentRelationship Provides a CVSS version 4 assessment for a vulnerability. type CvssV4VulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VulnAssessmentRelationship // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` @@ -619,7 +618,7 @@ func (o *CvssV4VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships // DatasetAvailabilityType Availability of dataset. type DatasetAvailabilityType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" node-kind:""` id string `iri:"@id"` } @@ -655,7 +654,7 @@ type AnyDatasetPackage interface { // DatasetPackage Specifies a data package and its associated information. type DatasetPackage struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage" node-kind:"http://www.w3.org/ns/shacl#IRI"` Package // ConfidentialityLevel Describes the confidentiality level of the data points contained in the dataset. ConfidentialityLevel ConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` @@ -666,7 +665,7 @@ type DatasetPackage struct { // DatasetNoise Describes potentially noisy elements of the dataset. DatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" type:"http://www.w3.org/2001/XMLSchema#string"` // DatasetSize Captures the size of the dataset. - DatasetSize ld.NonNegativeInt `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" type:"http://www.w3.org/2001/XMLSchema#nonNegativeInteger"` + DatasetSize NonNegativeInt `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" type:"http://www.w3.org/2001/XMLSchema#nonNegativeInteger"` // Sensors Describes a sensor used for collecting the data. Sensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` // IntendedUse Describes what the given dataset should be used for. @@ -697,7 +696,7 @@ func (o *DatasetPackageList) DatasetPackages() ld.TypeSeq[AnyDatasetPackage, *Da // DatasetType Enumeration of dataset types. type DatasetType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" node-kind:""` id string `iri:"@id"` } @@ -777,7 +776,7 @@ type AnyDictionaryEntry interface { // DictionaryEntry A key with an associated value. type DictionaryEntry struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` // Value A value used in a generic key-value pair. Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -800,9 +799,9 @@ type AnyDisjunctiveLicenseSet interface { asDisjunctiveLicenseSet() *DisjunctiveLicenseSet } -// DisjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where\nonly one of the elements applies. +// DisjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where only one of the elements applies. type DisjunctiveLicenseSet struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet" node-kind:"http://www.w3.org/ns/shacl#IRI"` LicenseInfo // Members A license expression participating in a license set. Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` @@ -824,11 +823,10 @@ type AnyElement interface { // Element Base domain class from which all other SPDX-3.0 domain classes derive. type Element struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` - ID string `iri:"@id"` + ID string `iri:"@id"` // Description Provides a detailed description of the Element. Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` - // Comment Provide consumers with comments by the creator of the Element about the\nElement. + // Comment Provide consumers with comments by the creator of the Element about the Element. Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` // Name Identifies the name of an Element as designated by the creator. Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -836,13 +834,13 @@ type Element struct { Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` // CreationInfo Provides information about the creation of the Element. CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` - // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element. + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` - // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element. + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` // Summary A short description of an Element. Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` - // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` } @@ -868,8 +866,8 @@ func (o *ElementList) Artifacts() ld.TypeSeq[AnyElement, *Artifact] { return ld.NewTypeSeq(*o, castArtifact) } -func (o *ElementList) Boms() ld.TypeSeq[AnyElement, *Bom] { - return ld.NewTypeSeq(*o, castBom) +func (o *ElementList) BOMs() ld.TypeSeq[AnyElement, *BOM] { + return ld.NewTypeSeq(*o, castBOM) } func (o *ElementList) Builds() ld.TypeSeq[AnyElement, *Build] { @@ -992,8 +990,8 @@ func (o *ElementList) Relationships() ld.TypeSeq[AnyElement, *Relationship] { return ld.NewTypeSeq(*o, castRelationship) } -func (o *ElementList) Sboms() ld.TypeSeq[AnyElement, *Sbom] { - return ld.NewTypeSeq(*o, castSbom) +func (o *ElementList) SBOMs() ld.TypeSeq[AnyElement, *SBOM] { + return ld.NewTypeSeq(*o, castSBOM) } func (o *ElementList) SimpleLicensingTexts() ld.TypeSeq[AnyElement, *SimpleLicensingText] { @@ -1063,13 +1061,12 @@ type AnyElementCollection interface { // ElementCollection A collection of Elements, not necessarily with unifying context. type ElementCollection struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection"` Element // Elements Refers to one or more Elements that are part of an ElementCollection. Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` // RootElements This property is used to denote the root Element(s) of a tree of elements contained in a BOM. RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` - // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to\nconform to. + // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to conform to. ProfileConformances []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" type:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` } @@ -1079,8 +1076,8 @@ func (o *ElementCollection) asElementCollection() *ElementCollection { type ElementCollectionList []AnyElementCollection -func (o *ElementCollectionList) Boms() ld.TypeSeq[AnyElementCollection, *Bom] { - return ld.NewTypeSeq(*o, castBom) +func (o *ElementCollectionList) BOMs() ld.TypeSeq[AnyElementCollection, *BOM] { + return ld.NewTypeSeq(*o, castBOM) } func (o *ElementCollectionList) Bundles() ld.TypeSeq[AnyElementCollection, *Bundle] { @@ -1091,8 +1088,8 @@ func (o *ElementCollectionList) ElementCollections() ld.TypeSeq[AnyElementCollec return ld.NewTypeSeq(*o, castElementCollection) } -func (o *ElementCollectionList) Sboms() ld.TypeSeq[AnyElementCollection, *Sbom] { - return ld.NewTypeSeq(*o, castSbom) +func (o *ElementCollectionList) SBOMs() ld.TypeSeq[AnyElementCollection, *SBOM] { + return ld.NewTypeSeq(*o, castSBOM) } func (o *ElementCollectionList) SpdxDocuments() ld.TypeSeq[AnyElementCollection, *SpdxDocument] { @@ -1103,15 +1100,15 @@ type AnyEnergyConsumption interface { asEnergyConsumption() *EnergyConsumption } -// EnergyConsumption A class for describing the energy consumption incurred by an AI model in\ndifferent stages of its lifecycle. +// EnergyConsumption A class for describing the energy consumption incurred by an AI model in different stages of its lifecycle. type EnergyConsumption struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` - // InferenceEnergyConsumptions Specifies the amount of energy consumed during inference time by an AI model\nthat is being used in the AI system. + // InferenceEnergyConsumptions Specifies the amount of energy consumed during inference time by an AI model that is being used in the AI system. InferenceEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` - // TrainingEnergyConsumptions Specifies the amount of energy consumed when training the AI model that is\nbeing used in the AI system. + // TrainingEnergyConsumptions Specifies the amount of energy consumed when training the AI model that is being used in the AI system. TrainingEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` - // FinetuningEnergyConsumptions Specifies the amount of energy consumed when finetuning the AI model that is\nbeing used in the AI system. + // FinetuningEnergyConsumptions Specifies the amount of energy consumed when finetuning the AI model that is being used in the AI system. FinetuningEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` } @@ -1129,9 +1126,9 @@ type AnyEnergyConsumptionDescription interface { asEnergyConsumptionDescription() *EnergyConsumptionDescription } -// EnergyConsumptionDescription The class that helps note down the quantity of energy consumption and the unit\nused for measurement. +// EnergyConsumptionDescription The class that helps note down the quantity of energy consumption and the unit used for measurement. type EnergyConsumptionDescription struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` // EnergyQuantity Represents the energy quantity. EnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` @@ -1151,7 +1148,7 @@ func (o *EnergyConsumptionDescriptionList) EnergyConsumptionDescriptions() ld.Ty // EnergyUnitType Specifies the unit of energy consumption. type EnergyUnitType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" node-kind:""` id string `iri:"@id"` } @@ -1177,7 +1174,7 @@ type AnyEpssVulnAssessmentRelationship interface { // EpssVulnAssessmentRelationship Provides an EPSS assessment for a vulnerability. type EpssVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VulnAssessmentRelationship // Probability A probability score between 0 and 1 of a vulnerability being exploited. Probability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` @@ -1197,7 +1194,7 @@ func (o *EpssVulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() l // ExploitCatalogType Specifies the exploit catalog type. type ExploitCatalogType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" node-kind:""` id string `iri:"@id"` } @@ -1218,10 +1215,10 @@ type AnyExploitCatalogVulnAssessmentRelationship interface { // ExploitCatalogVulnAssessmentRelationship Provides an exploit assessment of a vulnerability. type ExploitCatalogVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VulnAssessmentRelationship // Locator Provides the location of an exploit catalog. - Locator ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + Locator URI `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` // Exploited Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. Exploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" required:"true" type:"http://www.w3.org/2001/XMLSchema#boolean"` // CatalogType Specifies the exploit catalog type. @@ -1245,7 +1242,6 @@ type AnyExtendableLicense interface { // ExtendableLicense Abstract class representing a License or an OrLaterOperator. type ExtendableLicense struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` LicenseInfo } @@ -1281,8 +1277,7 @@ type AnyExtension interface { // Extension A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. type Extension struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` - ID string `iri:"@id"` + ID string `iri:"@id"` } func (o *Extension) asExtension() *Extension { @@ -1305,18 +1300,18 @@ type AnyExternalIdentifier interface { // ExternalIdentifier A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. type ExternalIdentifier struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` // Identifier Uniquely identifies an external element. Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` // IssuingAuthority An entity that is authorized to issue identification credentials. IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" type:"http://www.w3.org/2001/XMLSchema#string"` - // Comment Provide consumers with comments by the creator of the Element about the\nElement. + // Comment Provide consumers with comments by the creator of the Element about the Element. Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` // IdentifierLocators Provides the location for more information regarding an external identifier. - IdentifierLocators []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // ExternalIdentifierType Specifies the type of the external identifier. - ExternalIdentifierType ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` + IdentifierLocators []URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Type Specifies the type of the external identifier. + Type ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` } func (o *ExternalIdentifier) asExternalIdentifier() *ExternalIdentifier { @@ -1331,7 +1326,7 @@ func (o *ExternalIdentifierList) ExternalIdentifiers() ld.TypeSeq[AnyExternalIde // ExternalIdentifierType Specifies the type of an external identifier. type ExternalIdentifierType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" node-kind:""` id string `iri:"@id"` } @@ -1365,8 +1360,8 @@ var ExternalIdentifierType_Other = ExternalIdentifierType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", } -// ExternalIdentifierType_PackageUrl Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. -var ExternalIdentifierType_PackageUrl = ExternalIdentifierType{ +// ExternalIdentifierType_PackageURL Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. +var ExternalIdentifierType_PackageURL = ExternalIdentifierType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", } @@ -1394,17 +1389,17 @@ type AnyExternalMap interface { asExternalMap() *ExternalMap } -// ExternalMap A map of Element identifiers that are used within an SpdxDocument but defined\nexternal to that SpdxDocument. +// ExternalMap A map of Element identifiers that are used within an SpdxDocument but defined external to that SpdxDocument. type ExternalMap struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` - // ExternalSpdxId Identifies an external Element used within an SpdxDocument but defined\nexternal to that SpdxDocument. - ExternalSpdxId ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // ExternalSpdxID Identifies an external Element used within an SpdxDocument but defined external to that SpdxDocument. + ExternalSpdxID URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` // LocationHint Provides an indication of where to retrieve an external Element. - LocationHint ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + LocationHint URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` - // DefiningArtifact Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element. + // DefiningArtifact Artifact representing a serialization instance of SPDX data containing the definition of a particular Element. DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" type:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` } @@ -1424,15 +1419,15 @@ type AnyExternalRef interface { // ExternalRef A reference to a resource outside the scope of SPDX-3.0 content related to an Element. type ExternalRef struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` // Locators Provides the location of an external reference. Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" type:"http://www.w3.org/2001/XMLSchema#string"` // ContentType Provides information about the content type of an Element or a Property. ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` - // ExternalRefType Specifies the type of the external reference. - ExternalRefType ExternalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` - // Comment Provide consumers with comments by the creator of the Element about the\nElement. + // Type Specifies the type of the external reference. + Type ExternalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` + // Comment Provide consumers with comments by the creator of the Element about the Element. Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` } @@ -1448,7 +1443,7 @@ func (o *ExternalRefList) ExternalRefs() ld.TypeSeq[AnyExternalRef, *ExternalRef // ExternalRefType Specifies the type of an external reference. type ExternalRefType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" node-kind:""` id string `iri:"@id"` } @@ -1689,12 +1684,12 @@ type AnyFile interface { // File Refers to any object that stores content on a computer. type File struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File" node-kind:"http://www.w3.org/ns/shacl#IRI"` SoftwareArtifact // ContentType Provides information about the content type of an Element or a Property. ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` - // FileKind Describes if a given file is a directory or non-directory kind of file. - FileKind FileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" type:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` + // Kind Describes if a given file is a directory or non-directory kind of file. + Kind FileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" type:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` } func (o *File) asFile() *File { @@ -1709,7 +1704,7 @@ func (o *FileList) Files() ld.TypeSeq[AnyFile, *File] { // FileKindType Enumeration of the different kinds of SPDX file. type FileKindType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" node-kind:""` id string `iri:"@id"` } @@ -1730,10 +1725,10 @@ type AnyHash interface { // Hash A mathematically calculated representation of a grouping of data. type Hash struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Hash" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` IntegrityMethod - // HashValue The result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Value The result of applying a hash algorithm to an Element. + Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` // Algorithm Specifies the algorithm used for calculating the hash value. Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` } @@ -1750,7 +1745,7 @@ func (o *HashList) Hashes() ld.TypeSeq[AnyHash, *Hash] { // HashAlgorithm A mathematical algorithm that maps data of arbitrary size to a bit string. type HashAlgorithm struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" node-kind:""` id string `iri:"@id"` } @@ -1869,9 +1864,9 @@ type AnyIndividualElement interface { asIndividualElement() *IndividualElement } -// IndividualElement A concrete subclass of Element used by Individuals in the\nCore profile. +// IndividualElement A concrete subclass of Element used by Individuals in the Core profile. type IndividualElement struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement" node-kind:"http://www.w3.org/ns/shacl#IRI"` Element } @@ -1900,9 +1895,9 @@ type AnyIndividualLicensingInfo interface { asIndividualLicensingInfo() *IndividualLicensingInfo } -// IndividualLicensingInfo A concrete subclass of AnyLicenseInfo used by Individuals in the\nExpandedLicensing profile. +// IndividualLicensingInfo A concrete subclass of AnyLicenseInfo used by Individuals in the ExpandedLicensing profile. type IndividualLicensingInfo struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" node-kind:"http://www.w3.org/ns/shacl#IRI"` LicenseInfo } @@ -1932,9 +1927,8 @@ type AnyIntegrityMethod interface { // IntegrityMethod Provides an independently reproducible mechanism that permits verification of a specific Element. type IntegrityMethod struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` - ID string `iri:"@id"` - // Comment Provide consumers with comments by the creator of the Element about the\nElement. + ID string `iri:"@id"` + // Comment Provide consumers with comments by the creator of the Element about the Element. Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` } @@ -1967,23 +1961,22 @@ type AnyLicense interface { // License Abstract class for the portion of an AnyLicenseInfo representing a license. type License struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` ExtendableLicense // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. - SeeAlsos []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // IsDeprecatedLicenseId Specifies whether a license or additional text identifier has been marked as\ndeprecated. - IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" type:"http://www.w3.org/2001/XMLSchema#boolean"` - // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition. + SeeAlsos []URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedLicenseID Specifies whether a license or additional text identifier has been marked as deprecated. + IsDeprecatedLicenseID bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated License or LicenseAddition. ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` - // StandardLicenseHeader Provides a License author's preferred text to indicate that a file is covered\nby the License. + // StandardLicenseHeader Provides a License author's preferred text to indicate that a file is covered by the License. StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" type:"http://www.w3.org/2001/XMLSchema#string"` - // LicenseText Identifies the full text of a License or Addition. - LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // IsOsiApproved Specifies whether the License is listed as approved by the\nOpen Source Initiative (OSI). + // Text Identifies the full text of a License or Addition. + Text string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsOsiApproved Specifies whether the License is listed as approved by the Open Source Initiative (OSI). IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" type:"http://www.w3.org/2001/XMLSchema#boolean"` - // LicenseXml Identifies all the text and metadata associated with a license in the license\nXML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` - // IsFsfLibre Specifies whether the License is listed as free by the\nFree Software Foundation (FSF). + // Xml Identifies all the text and metadata associated with a license in the license XML format. + Xml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsFsfLibre Specifies whether the License is listed as free by the Free Software Foundation (FSF). IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" type:"http://www.w3.org/2001/XMLSchema#boolean"` // StandardLicenseTemplate Identifies the full text of a License, in SPDX templating format. StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -2012,22 +2005,21 @@ type AnyLicenseAddition interface { asLicenseAddition() *LicenseAddition } -// LicenseAddition Abstract class for additional text intended to be added to a License, but\nwhich is not itself a standalone License. +// LicenseAddition Abstract class for additional text intended to be added to a License, but which is not itself a standalone License. type LicenseAddition struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition"` Element // AdditionText Identifies the full text of a LicenseAddition. AdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition. + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated License or LicenseAddition. ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` - // LicenseXml Identifies all the text and metadata associated with a license in the license\nXML format. + // LicenseXml Identifies all the text and metadata associated with a license in the license XML format. LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` // StandardAdditionTemplate Identifies the full text of a LicenseAddition, in SPDX templating format. StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. - SeeAlsos []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // IsDeprecatedAdditionId Specifies whether an additional text identifier has been marked as deprecated. - IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" type:"http://www.w3.org/2001/XMLSchema#boolean"` + SeeAlsos []URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedAdditionID Specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionID bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" type:"http://www.w3.org/2001/XMLSchema#boolean"` } func (o *LicenseAddition) asLicenseAddition() *LicenseAddition { @@ -2055,11 +2047,11 @@ type AnyLicenseExpression interface { // LicenseExpression An SPDX Element containing an SPDX license expression string. type LicenseExpression struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression" node-kind:"http://www.w3.org/ns/shacl#IRI"` LicenseInfo // LicenseExpression A string in the license expression format. LicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // CustomIdToUris Maps a LicenseRef or AdditionRef string for a Custom License or a Custom\nLicense Addition to its URI ID. + // CustomIdToUris Maps a LicenseRef or AdditionRef string for a Custom License or a Custom License Addition to its URI ID. CustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` // LicenseListVersion The version of the SPDX License List used in the license expression. LicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -2082,7 +2074,6 @@ type AnyLicenseInfo interface { // LicenseInfo Abstract class representing a license combination consisting of one or more licenses. type LicenseInfo struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` Element } @@ -2138,7 +2129,7 @@ func (o *LicenseInfoList) WithAdditionOperators() ld.TypeSeq[AnyLicenseInfo, *Wi // LifecycleScopeType Provide an enumerated set of lifecycle phases that can provide context to relationships. type LifecycleScopeType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" node-kind:""` id string `iri:"@id"` } @@ -2179,7 +2170,7 @@ type AnyLifecycleScopedRelationship interface { // LifecycleScopedRelationship Provide context for a relationship that occurs in the lifecycle. type LifecycleScopedRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` Relationship // Scope Capture the scope of information about a specific relationship between elements. Scope LifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" type:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` @@ -2202,11 +2193,11 @@ type AnyListedLicense interface { // ListedLicense A license that is listed on the SPDX License List. type ListedLicense struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense" node-kind:"http://www.w3.org/ns/shacl#IRI"` License - // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added. + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or ListedLicenseException identifier was first added. ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` - // DeprecatedVersion Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated. + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception identifier was deprecated. DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` } @@ -2227,11 +2218,11 @@ type AnyListedLicenseException interface { // ListedLicenseException A license exception that is listed on the SPDX Exceptions list. type ListedLicenseException struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException" node-kind:"http://www.w3.org/ns/shacl#IRI"` LicenseAddition - // DeprecatedVersion Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated. + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception identifier was deprecated. DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` - // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added. + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or ListedLicenseException identifier was first added. ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` } @@ -2251,10 +2242,10 @@ type AnyNamespaceMap interface { // NamespaceMap A mapping between prefixes and namespace partial URIs. type NamespaceMap struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` - // Namespace Provides an unambiguous mechanism for conveying a URI fragment portion of an\nElement ID. - Namespace ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Namespace Provides an unambiguous mechanism for conveying a URI fragment portion of an Element ID. + Namespace URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` // Prefix A substitute for a URI. Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } @@ -2274,9 +2265,9 @@ type AnyOrLaterOperator interface { asOrLaterOperator() *OrLaterOperator } -// OrLaterOperator Portion of an AnyLicenseInfo representing this version, or any later version,\nof the indicated License. +// OrLaterOperator Portion of an AnyLicenseInfo representing this version, or any later version, of the indicated License. type OrLaterOperator struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator" node-kind:"http://www.w3.org/ns/shacl#IRI"` ExtendableLicense // SubjectLicense A License participating in an 'or later' model. SubjectLicense AnyLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` @@ -2299,7 +2290,7 @@ type AnyOrganization interface { // Organization A group of people who work together in an organized way for a shared purpose. type Organization struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Organization"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Organization" node-kind:"http://www.w3.org/ns/shacl#IRI"` Agent } @@ -2323,20 +2314,20 @@ type AnyPackage interface { asPackage() *Package } -// Package Refers to any unit of content that can be associated with a distribution of\nsoftware. +// Package Refers to any unit of content that can be associated with a distribution of software. type Package struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Package"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Package" node-kind:"http://www.w3.org/ns/shacl#IRI"` SoftwareArtifact - // SourceInfo Records any relevant background information or additional comments\nabout the origin of the package. + // SourceInfo Records any relevant background information or additional comments about the origin of the package. SourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" type:"http://www.w3.org/2001/XMLSchema#string"` - // HomePage A place for the SPDX document creator to record a website that serves as the\npackage's home page. - HomePage ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // PackageVersion Identify the version of a package. - PackageVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` - // PackageUrl Provides a place for the SPDX data creator to record the package URL string\n(in accordance with the Package URL specification) for a software Package. - PackageUrl ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time\nthat the document was created. - DownloadLocation ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // HomePage A place for the SPDX document creator to record a website that serves as the package's home page. + HomePage URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Version Identify the version of a package. + Version string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageURL Provides a place for the SPDX data creator to record the package URL string (in accordance with the Package URL specification) for a software Package. + PackageURL URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time that the document was created. + DownloadLocation URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` } func (o *Package) asPackage() *Package { @@ -2364,14 +2355,14 @@ type AnyPackageVerificationCode interface { // PackageVerificationCode An SPDX version 2.X compatible verification method for software packages. type PackageVerificationCode struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` IntegrityMethod // Algorithm Specifies the algorithm used for calculating the hash value. Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` // HashValue The result of applying a hash algorithm to an Element. HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // PackageVerificationCodeExcludedFiles The relative file name of a file to be excluded from the\n`PackageVerificationCode`. - PackageVerificationCodeExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" type:"http://www.w3.org/2001/XMLSchema#string"` + // ExcludedFiles The relative file name of a file to be excluded from the `PackageVerificationCode`. + ExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" type:"http://www.w3.org/2001/XMLSchema#string"` } func (o *PackageVerificationCode) asPackageVerificationCode() *PackageVerificationCode { @@ -2391,7 +2382,7 @@ type AnyPerson interface { // Person An individual human being. type Person struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Person"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Person" node-kind:"http://www.w3.org/ns/shacl#IRI"` Agent } @@ -2411,12 +2402,12 @@ type AnyPositiveIntegerRange interface { // PositiveIntegerRange A tuple of two positive integers that define a range. type PositiveIntegerRange struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` ID string `iri:"@id"` // EndIntegerRange Defines the end of a range. - EndIntegerRange ld.PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` + EndIntegerRange PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` // BeginIntegerRange Defines the beginning of a range. - BeginIntegerRange ld.PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` + BeginIntegerRange PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` } func (o *PositiveIntegerRange) asPositiveIntegerRange() *PositiveIntegerRange { @@ -2431,7 +2422,7 @@ func (o *PositiveIntegerRangeList) PositiveIntegerRanges() ld.TypeSeq[AnyPositiv // PresenceType Categories of presence or absence. type PresenceType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" node-kind:""` id string `iri:"@id"` } @@ -2452,7 +2443,7 @@ var PresenceType_Yes = PresenceType{ // ProfileIdentifierType Enumeration of the valid profiles. type ProfileIdentifierType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" node-kind:""` id string `iri:"@id"` } @@ -2513,7 +2504,7 @@ type AnyRelationship interface { // Relationship Describes a relationship between one or more elements. type Relationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Relationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Relationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` Element // Completeness Provides information about the completeness of relationships. Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` @@ -2523,8 +2514,8 @@ type Relationship struct { To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` // From References the Element on the left-hand side of a relationship. From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` - // RelationshipType Information about the relationship between two Elements. - RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` // StartTime Specifies the time from which an element is applicable / valid. StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` } @@ -2593,7 +2584,7 @@ func (o *RelationshipList) VulnAssessmentRelationships() ld.TypeSeq[AnyRelations // RelationshipCompleteness Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. type RelationshipCompleteness struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" node-kind:""` id string `iri:"@id"` } @@ -2614,7 +2605,7 @@ var RelationshipCompleteness_NoAssertion = RelationshipCompleteness{ // RelationshipType Information about the relationship between two Elements. type RelationshipType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" node-kind:""` id string `iri:"@id"` } @@ -2913,9 +2904,32 @@ var RelationshipType_UsesTool = RelationshipType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", } +type AnySBOM interface { + AnyBOM + asSBOM() *SBOM +} + +// SBOM A collection of SPDX Elements describing a single package. +type SBOM struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Sbom" node-kind:"http://www.w3.org/ns/shacl#IRI"` + BOM + // SbomTypes Provides information about the type of an SBOM. + SbomTypes []SbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" type:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` +} + +func (o *SBOM) asSBOM() *SBOM { + return o +} + +type SBOMList []AnySBOM + +func (o *SBOMList) SBOMs() ld.TypeSeq[AnySBOM, *SBOM] { + return ld.NewTypeSeq(*o, castSBOM) +} + // SafetyRiskAssessmentType Specifies the safety risk level. type SafetyRiskAssessmentType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" node-kind:""` id string `iri:"@id"` } @@ -2939,32 +2953,9 @@ var SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{ id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", } -type AnySbom interface { - AnyBom - asSbom() *Sbom -} - -// Sbom A collection of SPDX Elements describing a single package. -type Sbom struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Sbom"` - Bom - // SbomTypes Provides information about the type of an SBOM. - SbomTypes []SbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" type:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` -} - -func (o *Sbom) asSbom() *Sbom { - return o -} - -type SbomList []AnySbom - -func (o *SbomList) Sboms() ld.TypeSeq[AnySbom, *Sbom] { - return ld.NewTypeSeq(*o, castSbom) -} - -// SbomType Provides a set of values to be used to describe the common types of SBOMs that\ntools may create. +// SbomType Provides a set of values to be used to describe the common types of SBOMs that tools may create. type SbomType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType" node-kind:""` id string `iri:"@id"` } @@ -3005,7 +2996,7 @@ type AnySimpleLicensingText interface { // SimpleLicensingText A license or addition that is not listed on the SPDX License List. type SimpleLicensingText struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText" node-kind:"http://www.w3.org/ns/shacl#IRI"` Element // LicenseText Identifies the full text of a License or Addition. LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -3028,13 +3019,13 @@ type AnySnippet interface { // Snippet Describes a certain part of a file. type Snippet struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Snippet"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Snippet" node-kind:"http://www.w3.org/ns/shacl#IRI"` SoftwareArtifact - // SnippetFromFile Defines the original host file that the snippet information applies to. - SnippetFromFile AnyFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/File"` - // LineRange Defines the line range in the original host file that the snippet information\napplies to. + // FromFile Defines the original host file that the snippet information applies to. + FromFile AnyFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + // LineRange Defines the line range in the original host file that the snippet information applies to. LineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` - // ByteRange Defines the byte range in the original host file that the snippet information\napplies to. + // ByteRange Defines the byte range in the original host file that the snippet information applies to. ByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` } @@ -3055,7 +3046,7 @@ type AnySoftwareAgent interface { // SoftwareAgent A software agent. type SoftwareAgent struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent" node-kind:"http://www.w3.org/ns/shacl#IRI"` Agent } @@ -3076,17 +3067,16 @@ type AnySoftwareArtifact interface { // SoftwareArtifact A distinct article or unit related to Software. type SoftwareArtifact struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` Artifact - // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be\nused for verifying its identity and/or integrity. + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be used for verifying its identity and/or integrity. ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` - // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for\na software Package, File or Snippet. + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for a software Package, File or Snippet. AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` // AdditionalPurposes Provides additional purpose information of the software artifact. AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` // PrimaryPurpose Provides information about the primary purpose of the software artifact. PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` - // CopyrightText Identifies the text of one or more copyright notices for a software Package,\nFile or Snippet, if any. + // CopyrightText Identifies the text of one or more copyright notices for a software Package, File or Snippet, if any. CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` } @@ -3122,7 +3112,7 @@ func (o *SoftwareArtifactList) SoftwareArtifacts() ld.TypeSeq[AnySoftwareArtifac // SoftwarePurpose Provides information about the primary purpose of an Element. type SoftwarePurpose struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" node-kind:""` id string `iri:"@id"` } @@ -3278,9 +3268,9 @@ type AnySpdxDocument interface { // SpdxDocument A collection of SPDX Elements that could potentially be serialized. type SpdxDocument struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument" node-kind:"http://www.w3.org/ns/shacl#IRI"` ElementCollection - // DataLicense Provides the license under which the SPDX documentation of the Element can be\nused. + // DataLicense Provides the license under which the SPDX documentation of the Element can be used. DataLicense AnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` // NamespaceMaps Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" type:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` @@ -3300,7 +3290,7 @@ func (o *SpdxDocumentList) SpdxDocuments() ld.TypeSeq[AnySpdxDocument, *SpdxDocu // SsvcDecisionType Specifies the SSVC decision type. type SsvcDecisionType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" node-kind:""` id string `iri:"@id"` } @@ -3331,9 +3321,9 @@ type AnySsvcVulnAssessmentRelationship interface { // SsvcVulnAssessmentRelationship Provides an SSVC assessment for a vulnerability. type SsvcVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VulnAssessmentRelationship - // DecisionType Provide the enumeration of possible decisions in the\n[Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). + // DecisionType Provide the enumeration of possible decisions in the [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). DecisionType SsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` } @@ -3349,7 +3339,7 @@ func (o *SsvcVulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() l // SupportType Indicates the type of support that is associated with an artifact. type SupportType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType" node-kind:""` id string `iri:"@id"` } @@ -3395,7 +3385,7 @@ type AnyTool interface { // Tool An element of hardware and/or software utilized to carry out a particular function. type Tool struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Tool" node-kind:"http://www.w3.org/ns/shacl#IRI"` Element } @@ -3414,13 +3404,13 @@ type AnyVexAffectedVulnAssessmentRelationship interface { asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship } -// VexAffectedVulnAssessmentRelationship Connects a vulnerability and an element designating the element as a product\naffected by the vulnerability. +// VexAffectedVulnAssessmentRelationship Connects a vulnerability and an element designating the element as a product affected by the vulnerability. type VexAffectedVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VexVulnAssessmentRelationship - // ActionStatement Provides advise on how to mitigate or remediate a vulnerability when a VEX product\nis affected by it. + // ActionStatement Provides advise on how to mitigate or remediate a vulnerability when a VEX product is affected by it. ActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // ActionStatementTime Records the time when a recommended action was communicated in a VEX statement\nto mitigate a vulnerability. + // ActionStatementTime Records the time when a recommended action was communicated in a VEX statement to mitigate a vulnerability. ActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` } @@ -3439,9 +3429,9 @@ type AnyVexFixedVulnAssessmentRelationship interface { asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship } -// VexFixedVulnAssessmentRelationship Links a vulnerability and elements representing products (in the VEX sense) where\na fix has been applied and are no longer affected. +// VexFixedVulnAssessmentRelationship Links a vulnerability and elements representing products (in the VEX sense) where a fix has been applied and are no longer affected. type VexFixedVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VexVulnAssessmentRelationship } @@ -3457,7 +3447,7 @@ func (o *VexFixedVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelations // VexJustificationType Specifies the VEX justification type. type VexJustificationType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" node-kind:""` id string `iri:"@id"` } @@ -3491,15 +3481,15 @@ type AnyVexNotAffectedVulnAssessmentRelationship interface { asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship } -// VexNotAffectedVulnAssessmentRelationship Links a vulnerability and one or more elements designating the latter as products\nnot affected by the vulnerability. +// VexNotAffectedVulnAssessmentRelationship Links a vulnerability and one or more elements designating the latter as products not affected by the vulnerability. type VexNotAffectedVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VexVulnAssessmentRelationship // ImpactStatementTime Timestamp of impact statement. ImpactStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // ImpactStatement Explains why a VEX product is not affected by a vulnerability. It is an\nalternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable\njustification label. + // ImpactStatement Explains why a VEX product is not affected by a vulnerability. It is an alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable justification label. ImpactStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" type:"http://www.w3.org/2001/XMLSchema#string"` - // JustificationType Impact justification label to be used when linking a vulnerability to an element\nrepresenting a VEX product with a VexNotAffectedVulnAssessmentRelationship\nrelationship. + // JustificationType Impact justification label to be used when linking a vulnerability to an element representing a VEX product with a VexNotAffectedVulnAssessmentRelationship relationship. JustificationType VexJustificationType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/justificationType" type:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType"` } @@ -3518,9 +3508,9 @@ type AnyVexUnderInvestigationVulnAssessmentRelationship interface { asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship } -// VexUnderInvestigationVulnAssessmentRelationship Designates elements as products where the impact of a vulnerability is being\ninvestigated. +// VexUnderInvestigationVulnAssessmentRelationship Designates elements as products where the impact of a vulnerability is being investigated. type VexUnderInvestigationVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` VexVulnAssessmentRelationship } @@ -3541,7 +3531,6 @@ type AnyVexVulnAssessmentRelationship interface { // VexVulnAssessmentRelationship Abstract ancestor class for all VEX relationships type VexVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship"` VulnAssessmentRelationship // StatusNotes Conveys information about how VEX status was determined. StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` @@ -3582,13 +3571,12 @@ type AnyVulnAssessmentRelationship interface { // VulnAssessmentRelationship Abstract ancestor class for all vulnerability assessments type VulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship"` Relationship - // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element. + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was\nfound. + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` // PublishedTime Specifies the time when a vulnerability was published. PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` @@ -3657,7 +3645,7 @@ type AnyVulnerability interface { // Vulnerability Specifies a vulnerability and its associated information. type Vulnerability struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability" node-kind:"http://www.w3.org/ns/shacl#IRI"` Artifact // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` @@ -3682,9 +3670,9 @@ type AnyWithAdditionOperator interface { asWithAdditionOperator() *WithAdditionOperator } -// WithAdditionOperator Portion of an AnyLicenseInfo representing a License which has additional\ntext applied to it. +// WithAdditionOperator Portion of an AnyLicenseInfo representing a License which has additional text applied to it. type WithAdditionOperator struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator"` + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator" node-kind:"http://www.w3.org/ns/shacl#IRI"` LicenseInfo // SubjectExtendableLicense A License participating in a 'with addition' model. SubjectExtendableLicense AnyExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` @@ -3729,8 +3717,8 @@ func (o *ExternalIRI) asArtifact() *Artifact { return castArtifact(o.value) } -func (o *ExternalIRI) asBom() *Bom { - return castBom(o.value) +func (o *ExternalIRI) asBOM() *BOM { + return castBOM(o.value) } func (o *ExternalIRI) asBuild() *Build { @@ -3917,8 +3905,8 @@ func (o *ExternalIRI) asRelationship() *Relationship { return castRelationship(o.value) } -func (o *ExternalIRI) asSbom() *Sbom { - return castSbom(o.value) +func (o *ExternalIRI) asSBOM() *SBOM { + return castSBOM(o.value) } func (o *ExternalIRI) asSimpleLicensingText() *SimpleLicensingText { @@ -4009,9 +3997,9 @@ func castArtifact(o any) *Artifact { return nil } -func castBom(o any) *Bom { - if o, ok := o.(AnyBom); ok { - return o.asBom() +func castBOM(o any) *BOM { + if o, ok := o.(AnyBOM); ok { + return o.asBOM() } return nil } @@ -4338,9 +4326,9 @@ func castRelationship(o any) *Relationship { return nil } -func castSbom(o any) *Sbom { - if o, ok := o.(AnySbom); ok { - return o.asSbom() +func castSBOM(o any) *SBOM { + if o, ok := o.(AnySBOM); ok { + return o.asSBOM() } return nil } @@ -4450,7 +4438,7 @@ func castWithAdditionOperator(o any) *WithAdditionOperator { return nil } -func cast[T any](value any) *T { +func Cast[T any](value any) *T { var t T switch any(t).(type) { case AIPackage: @@ -4469,8 +4457,8 @@ func cast[T any](value any) *T { if v, ok := any(castArtifact(value)).(*T); ok { return v } - case Bom: - if v, ok := any(castBom(value)).(*T); ok { + case BOM: + if v, ok := any(castBOM(value)).(*T); ok { return v } case Build: @@ -4657,8 +4645,8 @@ func cast[T any](value any) *T { if v, ok := any(castRelationship(value)).(*T); ok { return v } - case Sbom: - if v, ok := any(castSbom(value)).(*T); ok { + case SBOM: + if v, ok := any(castSBOM(value)).(*T); ok { return v } case SimpleLicensingText: @@ -4726,7 +4714,7 @@ func cast[T any](value any) *T { } func As[T any, R any](value any, fn func(v *T) R) R { - v := cast[T](value) + v := Cast[T](value) if v != nil { return fn(v) } @@ -4734,10 +4722,11 @@ func As[T any, R any](value any, fn func(v *T) R) R { return r } -// Cast provides a reference to any direct or embedded type, which can be edited directly -func Cast[T any](value any) *T { - return cast[T](value) -} +type ( + PositiveInt = ld.PositiveInt + URI = ld.URI + NonNegativeInt = ld.NonNegativeInt +) func context() ld.Context { return ld.NewContext().Register("https://spdx.org/rdf/3.0.1/spdx-context.jsonld", map[string]any{"@context": map[string]any{ @@ -5510,7 +5499,7 @@ func context() ld.Context { AnnotationType_Other, AnnotationType_Review, Artifact{}, - Bom{}, + BOM{}, Build{}, Bundle{}, CdxPropertiesExtension{}, @@ -5584,7 +5573,7 @@ func context() ld.Context { ExternalIdentifierType_Email, ExternalIdentifierType_Gitoid, ExternalIdentifierType_Other, - ExternalIdentifierType_PackageUrl, + ExternalIdentifierType_PackageURL, ExternalIdentifierType_SecurityOther, ExternalIdentifierType_Swhid, ExternalIdentifierType_Swid, @@ -5775,12 +5764,12 @@ func context() ld.Context { RelationshipType_TrainedOn, RelationshipType_UnderInvestigationFor, RelationshipType_UsesTool, + SBOM{}, SafetyRiskAssessmentType{}, SafetyRiskAssessmentType_High, SafetyRiskAssessmentType_Low, SafetyRiskAssessmentType_Medium, SafetyRiskAssessmentType_Serious, - Sbom{}, SbomType{}, SbomType_Analyzed, SbomType_Build, diff --git a/spdx/v3/v3_0/model_validations.go b/spdx/v3/v3_0_1/model_validations.go similarity index 97% rename from spdx/v3/v3_0/model_validations.go rename to spdx/v3/v3_0_1/model_validations.go index abd2da7c..ece7ee59 100755 --- a/spdx/v3/v3_0/model_validations.go +++ b/spdx/v3/v3_0_1/model_validations.go @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: MIT -package v3_0 +package v3_0_1 import "github.com/kzantow/go-ld" @@ -41,7 +41,7 @@ func (o *Annotation) Validate() error { ld.ValidateProperty(o, &o.Subject), ld.ValidateProperty(o, &o.ContentType, ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), - ld.ValidateProperty(o, &o.AnnotationType, + ld.ValidateProperty(o, &o.Type, ld.ValidateIRI( AnnotationType_Other, AnnotationType_Review, @@ -67,7 +67,7 @@ func (o *Artifact) Validate() error { )))) } -func (o *Bom) Validate() error { +func (o *BOM) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.Bundle)) } @@ -75,7 +75,7 @@ func (o *Bom) Validate() error { func (o *Build) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.Element), - ld.ValidateProperty(o, &o.BuildType)) + ld.ValidateProperty(o, &o.Type)) } func (o *Bundle) Validate() error { @@ -109,12 +109,12 @@ func (o *ConjunctiveLicenseSet) Validate() error { func (o *ContentIdentifier) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.IntegrityMethod), - ld.ValidateProperty(o, &o.ContentIdentifierType, + ld.ValidateProperty(o, &o.Type, ld.ValidateIRI( ContentIdentifierType_Gitoid, ContentIdentifierType_Swhid, )), - ld.ValidateProperty(o, &o.ContentIdentifierValue)) + ld.ValidateProperty(o, &o.Value)) } func (o *ContentIdentifierType) Validate() error { @@ -322,7 +322,7 @@ func (o *Extension) Validate() error { func (o *ExternalIdentifier) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.Identifier), - ld.ValidateProperty(o, &o.ExternalIdentifierType, + ld.ValidateProperty(o, &o.Type, ld.ValidateIRI( ExternalIdentifierType_Cpe22, ExternalIdentifierType_Cpe23, @@ -330,7 +330,7 @@ func (o *ExternalIdentifier) Validate() error { ExternalIdentifierType_Email, ExternalIdentifierType_Gitoid, ExternalIdentifierType_Other, - ExternalIdentifierType_PackageUrl, + ExternalIdentifierType_PackageURL, ExternalIdentifierType_SecurityOther, ExternalIdentifierType_Swhid, ExternalIdentifierType_Swid, @@ -344,14 +344,14 @@ func (o *ExternalIdentifierType) Validate() error { func (o *ExternalMap) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.ExternalSpdxId)) + ld.ValidateProperty(o, &o.ExternalSpdxID)) } func (o *ExternalRef) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.ContentType, ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), - ld.ValidateProperty(o, &o.ExternalRefType, + ld.ValidateProperty(o, &o.Type, ld.ValidateIRI( ExternalRefType_AltDownloadLocation, ExternalRefType_AltWebPage, @@ -411,7 +411,7 @@ func (o *File) Validate() error { ld.ValidateProperty(o, &o.SoftwareArtifact), ld.ValidateProperty(o, &o.ContentType, ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), - ld.ValidateProperty(o, &o.FileKind, + ld.ValidateProperty(o, &o.Kind, ld.ValidateIRI( FileKindType_File, FileKindType_Directory, @@ -425,7 +425,7 @@ func (o *FileKindType) Validate() error { func (o *Hash) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.IntegrityMethod), - ld.ValidateProperty(o, &o.HashValue), + ld.ValidateProperty(o, &o.Value), ld.ValidateProperty(o, &o.Algorithm, ld.ValidateIRI( HashAlgorithm_Adler32, @@ -474,7 +474,7 @@ func (o *IntegrityMethod) Validate() error { func (o *License) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.ExtendableLicense), - ld.ValidateProperty(o, &o.LicenseText)) + ld.ValidateProperty(o, &o.Text)) } func (o *LicenseAddition) Validate() error { @@ -608,7 +608,7 @@ func (o *Relationship) Validate() error { ld.ValidateProperty(o, &o.To, ld.ValidateMinCount[ElementList](1)), ld.ValidateProperty(o, &o.From), - ld.ValidateProperty(o, &o.RelationshipType, + ld.ValidateProperty(o, &o.Type, ld.ValidateIRI( RelationshipType_Affects, RelationshipType_AmendedBy, @@ -680,13 +680,9 @@ func (o *RelationshipType) Validate() error { return ld.JoinErrors() } -func (o *SafetyRiskAssessmentType) Validate() error { - return ld.JoinErrors() -} - -func (o *Sbom) Validate() error { +func (o *SBOM) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Bom), + ld.ValidateProperty(o, &o.BOM), ld.ValidateProperty(o, &o.SbomTypes, ld.ValidateAll(ld.ValidateIRI( SbomType_Design, @@ -698,6 +694,10 @@ func (o *Sbom) Validate() error { )))) } +func (o *SafetyRiskAssessmentType) Validate() error { + return ld.JoinErrors() +} + func (o *SbomType) Validate() error { return ld.JoinErrors() } @@ -711,7 +711,7 @@ func (o *SimpleLicensingText) Validate() error { func (o *Snippet) Validate() error { return ld.JoinErrors( ld.ValidateProperty(o, &o.SoftwareArtifact), - ld.ValidateProperty(o, &o.SnippetFromFile)) + ld.ValidateProperty(o, &o.FromFile)) } func (o *SoftwareAgent) Validate() error { diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0_1/spdx.go similarity index 77% rename from spdx/v3/v3_0/spdx.go rename to spdx/v3/v3_0_1/spdx.go index 5b2f93c9..9ae8cbe8 100644 --- a/spdx/v3/v3_0/spdx.go +++ b/spdx/v3/v3_0_1/spdx.go @@ -1,4 +1,4 @@ -package v3_0 +package v3_0_1 import ( "bytes" @@ -10,11 +10,12 @@ import ( "github.com/davecgh/go-spew/spew" "github.com/kzantow/go-ld" + "github.com/spdx/tools-golang/spdx/v3/internal" ) /* -SPDX 3 models and serialization code is generated from github.com/kzantow/go-ld/cmd -To regenerate, run: go run ./cmd +SPDX 3 models and serialization code is generated from internal/generate/main.go +To regenerate all models, run: make generate */ const Version = "3.0.1" // TODO is there a way to ascertain this version from generated code programmatically? @@ -24,16 +25,26 @@ type Document struct { LDContext ld.Context } +func (d *Document) UnmarshalJSON(data []byte) error { + if d.LDContext == nil { + d.LDContext = context() + } + err := d.FromJSON(bytes.NewReader(data)) + if err != nil { + return err + } + return nil +} + func (d *Document) MarshalJSON() ([]byte, error) { + if d.LDContext == nil { + d.LDContext = context() + } buf := bytes.Buffer{} err := d.Write(&buf) return buf.Bytes(), err } -func LDContext() ld.Context { - return context() -} - func (d *Document) Write(w io.Writer) error { return d.ToJSON(w) } @@ -42,8 +53,8 @@ func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAg ci := &CreationInfo{ SpecVersion: Version, Created: time.Now(), - CreatedBy: AgentList{createdBy}, - CreatedUsing: ToolList{createdUsing}, + CreatedBy: notNil(AgentList{createdBy}), + CreatedUsing: notNil(ToolList{createdUsing}), } return &Document{ SpdxDocument: SpdxDocument{ @@ -81,9 +92,10 @@ func (d *Document) Validate(setCreationInfo bool) error { return ld.ValidateGraph(d.SpdxDocument) } -func (d *Document) Append(e ...AnyElement) { - d.SpdxDocument.RootElements = append(d.SpdxDocument.RootElements, e...) -} +//func (d *Document) Append(e ...AnyElement) { +// d.SpdxDocument.Elements = append(d.SpdxDocument.Elements, e...) +// d.SpdxDocument.RootElements = append(d.SpdxDocument.RootElements, e...) +//} // ToJSON first processes the document by: // - setting each Element's CreationInfo property to the SpdxDocument's CreationInfo if nil @@ -101,10 +113,9 @@ func (d *Document) ToJSON(writer io.Writer) error { if d.LDContext == nil { d.LDContext = context() } - return d.LDContext.ToJSON(writer, d.SpdxDocument) -} -var _ json.Marshaler = (*Document)(nil) + return internal.ToJSON("https://spdx.org/rdf/3.0.1/spdx-context.jsonld", d.LDContext, &d.SpdxDocument, writer) +} func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { if creationInfo == nil { @@ -158,3 +169,19 @@ func (d *Document) ensureAllDocumentElements() { return nil }) } + +var _ interface { + json.Marshaler + json.Unmarshaler +} = (*Document)(nil) + +func notNil[T any, ListType ~[]T](values ListType) ListType { + var out ListType + for _, v := range values { + if isNil(v) { + continue + } + out = append(out, v) + } + return out +} diff --git a/spdx/v3/v3_0/spdx_serialization_test.go b/spdx/v3/v3_0_1/spdx_serialization_test.go similarity index 80% rename from spdx/v3/v3_0/spdx_serialization_test.go rename to spdx/v3/v3_0_1/spdx_serialization_test.go index 7c768135..3817a53c 100644 --- a/spdx/v3/v3_0/spdx_serialization_test.go +++ b/spdx/v3/v3_0_1/spdx_serialization_test.go @@ -1,4 +1,4 @@ -package v3_0 +package v3_0_1 import ( "bytes" @@ -7,7 +7,7 @@ import ( "time" "github.com/google/go-cmp/cmp" - "github.com/google/go-cmp/cmp/cmpopts" + "github.com/spdx/tools-golang/spdx/v3/internal" ) func Test_spdxExportImportExport(t *testing.T) { @@ -32,8 +32,8 @@ func Test_spdxExportImportExport(t *testing.T) { &Tool{Element: Element{ ExternalIdentifiers: ExternalIdentifierList{ &ExternalIdentifier{ - ExternalIdentifierType: ExternalIdentifierType_Cpe23, - Identifier: "cpe23:a:myvendor:my-product:*:*:*:*:*:*:*", + Type: ExternalIdentifierType_Cpe23, + Identifier: "cpe23:a:myvendor:my-product:*:*:*:*:*:*:*", }, }, Name: "not-tools-golang", @@ -49,30 +49,30 @@ func Test_spdxExportImportExport(t *testing.T) { Name: "some-package-1", CreationInfo: c, }}}, - PackageVersion: "1.2.3", + Version: "1.2.3", } pkg2 := &Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ Name: "some-package-2", CreationInfo: c, }}}, - PackageVersion: "2.4.5", + Version: "2.4.5", } - doc.Elements = append(doc.Elements, pkg2) + doc.RootElements = append(doc.RootElements, pkg2) file1 := &File{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ Name: "/bin/bash", CreationInfo: c, }}}} - doc.Elements = append(doc.Elements, file1) + doc.RootElements = append(doc.RootElements, file1) // add relationships - doc.Elements = append(doc.Elements, + doc.RootElements = append(doc.RootElements, &Relationship{Element: Element{ CreationInfo: c, }, - From: file1, - RelationshipType: RelationshipType_Contains, + From: file1, + Type: RelationshipType_Contains, To: ElementList{ pkg1, pkg2, @@ -80,19 +80,19 @@ func Test_spdxExportImportExport(t *testing.T) { }, ) - doc.Elements = append(doc.Elements, + doc.RootElements = append(doc.RootElements, &Relationship{Element: Element{ CreationInfo: c, }, - From: pkg1, - RelationshipType: RelationshipType_DependsOn, + From: pkg1, + Type: RelationshipType_DependsOn, To: ElementList{ pkg2, }, }, ) - doc.Elements = append(doc.Elements, + doc.RootElements = append(doc.RootElements, &AIPackage{Package: Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ CreationInfo: c, }}}}, @@ -106,7 +106,7 @@ func Test_spdxExportImportExport(t *testing.T) { var pkgs PackageList for _, rel := range got.RootElements.Relationships() { - if rel.RelationshipType != RelationshipType_Contains { + if rel.Type != RelationshipType_Contains { continue } _ = As(rel.From, func(from *File) any { @@ -152,7 +152,8 @@ func Test_externalID(t *testing.T) { func encodeDecode[T comparable](t *testing.T, obj T) T { // serialization: buf := bytes.Buffer{} - err := context().ToJSON(&buf, obj) + err := internal.ToJSON("https://spdx.org/rdf/3.0.1/spdx-context.jsonld", context(), obj, &buf) + //err := context().ToJSON(&buf, obj) if err != nil { t.Fatal(err) } @@ -175,7 +176,7 @@ func encodeDecode[T comparable](t *testing.T, obj T) T { t.Fatalf("did not find object in graph, json: %s", json1) } - diff := cmp.Diff(obj, got, cmpopts.IgnoreUnexported((*T)(nil))) + diff := cmp.Diff(obj, got, diffOpts()...) if diff != "" { t.Fatal(diff) } diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0_1/spdx_test.go similarity index 62% rename from spdx/v3/v3_0/spdx_test.go rename to spdx/v3/v3_0_1/spdx_test.go index 9be0eeb7..19b568ab 100644 --- a/spdx/v3/v3_0/spdx_test.go +++ b/spdx/v3/v3_0_1/spdx_test.go @@ -1,22 +1,123 @@ -package v3_0_test +package v3_0_1_test import ( "bytes" + "encoding/json" "fmt" "os" + "path/filepath" "reflect" "strings" "testing" "time" "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" "github.com/kzantow/go-ld" "github.com/pmezard/go-difflib/difflib" "github.com/stretchr/testify/require" - spdx "github.com/spdx/tools-golang/spdx/v3/v3_0" + spdx "github.com/spdx/tools-golang/spdx/v3/v3_0_1" ) +func Test_customSerialization(t *testing.T) { + d := spdx.NewDocument(spdx.ProfileIdentifierType_Software, "adoc", &spdx.Person{ + Agent: spdx.Agent{ + Element: spdx.Element{ + Name: "Keith", + ExternalIdentifiers: spdx.ExternalIdentifierList{ + &spdx.ExternalIdentifier{ + Type: spdx.ExternalIdentifierType_Email, + Identifier: "keith@example.com", + }, + }, + }, + }, + }, nil) + + sbom := &spdx.SBOM{} + d.RootElements = spdx.ElementList{sbom} // only 1 element appended to document RootElement list + + p := &spdx.Package{} + p.Name = "a pkg" + sbom.RootElements = append(sbom.RootElements, p) + + p.ContentIdentifiers = append(p.ContentIdentifiers, &spdx.ContentIdentifier{ + Type: spdx.ContentIdentifierType_Gitoid, + Value: "http://example.org", + }) + + a := &spdx.Person{ + Agent: spdx.Agent{ + Element: spdx.Element{ + Name: "Alice", + }, + }, + } + sbom.RootElements = append(sbom.RootElements, a) + + validationErr := d.Validate(false) + require.Error(t, validationErr) // we did not set creationInfo, should be invalid document + t.Log(validationErr.Error()) + + contents := bytes.Buffer{} + err := d.ToJSON(&contents) + require.NoError(t, err) + + structure := map[string]any{} + err = json.Unmarshal(contents.Bytes(), &structure) + require.NoError(t, err) + + contents.Reset() + enc := json.NewEncoder(&contents) + enc.SetEscapeHTML(false) + enc.SetIndent("", " ") + err = enc.Encode(structure) + home, err := os.UserHomeDir() + require.NoError(t, err) + err = os.WriteFile(filepath.Join(home, "Downloads", "spdx3-sample.json"), contents.Bytes(), 0o755) + require.NoError(t, err) + + graph := structure["@graph"].([]any) + + var spdxDoc map[string]any + for _, e := range graph { + if e, ok := e.(map[string]any); ok { + if e["type"] == "SpdxDocument" { + spdxDoc = e + break + } + } + } + require.NotNil(t, spdxDoc) + + rootElements, _ := spdxDoc["rootElement"].([]any) + require.NotNil(t, rootElements) + + serializedSBOMId := "" + for _, e := range rootElements { + if e, ok := e.(string); ok { + serializedSBOMId = e + } + } + require.NotEmpty(t, serializedSBOMId) + + // sbom is serialized to the graph root, find it by id: + var serializedSBOM map[string]any + for _, e := range graph { + if e, ok := e.(map[string]any); ok { + if e["type"] == "software_Sbom" && e["spdxId"] == serializedSBOMId { + serializedSBOM = e + } + } + } + require.NotNil(t, serializedSBOM) + + rootElements, _ = serializedSBOM["rootElement"].([]any) + require.NotNil(t, rootElements) + require.Len(t, rootElements, 2) // we specifically added 2 elements to the SBOM +} + func Test_validateMinList(t *testing.T) { a := &spdx.Person{} a.Name = "me" @@ -42,16 +143,15 @@ func Test_writer(t *testing.T) { Name: "a file", }}}, ContentType: "text", // validation error - FileKind: spdx.FileKindType{}, + Kind: spdx.FileKindType{}, } - d.Append( - &spdx.Sbom{Bom: spdx.Bom{Bundle: spdx.Bundle{ElementCollection: spdx.ElementCollection{ + d.RootElements = spdx.ElementList{ + &spdx.SBOM{BOM: spdx.BOM{Bundle: spdx.Bundle{ElementCollection: spdx.ElementCollection{ Element: spdx.Element{ Name: "My Bom", }, Elements: spdx.ElementList{}, }}}, - SbomTypes: nil, }, file1, pkg1, @@ -68,13 +168,13 @@ func Test_writer(t *testing.T) { "locator1", "locator2", }, - Identifier: "CVE-2024-1234", - ExternalIdentifierType: spdx.ExternalIdentifierType_Cve, + Identifier: "CVE-2024-1234", + Type: spdx.ExternalIdentifierType_Cve, }, }, - ExternalRefs: nil, - Summary: "", - VerifiedUsings: nil, + ExternalRefs: nil, + Summary: "", + VerifiedUsing: nil, }, StandardNames: []string{ "standard-name1", @@ -90,7 +190,7 @@ func Test_writer(t *testing.T) { CopyrightText: "", }, }, - ) + } // many validation issues err := d.Validate(false) @@ -120,7 +220,11 @@ func Test_writer(t *testing.T) { // info.Created = info.Created.Add(time.Hour) // return nil //}) - diff := cmp.Diff(d.SpdxDocument, d2.SpdxDocument, testOpts...) + diff := cmp.Diff(d.SpdxDocument, d2.SpdxDocument, append(testOpts, + cmpopts.IgnoreFields(spdx.Element{}, "ID"), + cmpopts.IgnoreFields(spdx.Element{}, "CreationInfo"), + cmpopts.EquateEmpty(), + )...) if diff != "" { t.Fatal(diff) } @@ -137,41 +241,39 @@ var testOpts = []cmp.Option{ } func Test_reader(t *testing.T) { - f, err := os.Open("test.json") + f, err := os.Open("testdata/test.json") require.NoError(t, err) d := newTestDocument() err = d.FromJSON(f) require.NoError(t, err) - fmt.Printf("%#v\n", d) + t.Logf("sample document:\n%#v", d) - require.Equal(t, d.Elements.Files().Len(), 1) - for _, fi := range d.Elements.Files() { - if fi.PrimaryPurpose == spdx.SoftwarePurpose_Executable { - println("Got Executable File ID: " + fi.ID) - } - } + sboms := each(d.RootElements.SBOMs()) + require.Len(t, sboms, 1) - // the example is incorrect, it doesn't include the package in the element root - pkgs := d.Elements.Packages().Views() - //require.Len(t, pkgs, 1) - //require.NotEqual(t, time.Time{}, pkgs[0].BuiltTime) - require.Empty(t, pkgs) // FIXME this shouldn't be true, but the example is wrong + packages := each(sboms[0].RootElements.Packages()) + require.Len(t, packages, 1) - rels := d.Elements.Relationships().Views() + rels := each(d.Elements.Relationships()) require.Len(t, rels, 1) - if p, ok := rels[0].From.(*spdx.Package); ok { - require.NotEqual(t, time.Time{}, p.BuiltTime) - } // this is the only reference to the package I see: - _ = spdx.As(rels[0].From, func(p *spdx.Package) error { - require.NotEqual(t, time.Time{}, p.BuiltTime) - return nil - }) + p := spdx.Cast[spdx.Package](rels[0].From) + require.NotNil(t, p) + require.NotEqual(t, time.Time{}, p.BuiltTime) + require.Equal(t, "my-package", p.Name) +} + +func each[Element, View any](s ld.TypeSeq[Element, View]) []View { + var out []View + for _, v := range s { + out = append(out, v) + } + return out } func Test_readerExpanded(t *testing.T) { - f, err := os.Open("test.expanded.json") + f, err := os.Open("testdata/test.expanded.json") require.NoError(t, err) d := newTestDocument() err = d.FromJSON(f) @@ -181,35 +283,39 @@ func Test_readerExpanded(t *testing.T) { println("File ID: " + fi.ID) } - pkgs := d.Elements.Packages().Views() - require.Len(t, pkgs, 1) - require.NotEqual(t, time.Time{}, pkgs[0].BuiltTime) + sboms := each(d.RootElements.SBOMs()) + require.Len(t, sboms, 1) + + packages := each(sboms[0].RootElements.Packages()) + require.Len(t, packages, 1) + + rels := each(d.Elements.Relationships()) + require.Len(t, rels, 1) + + // this is the only reference to the package I see: + p := spdx.Cast[spdx.Package](rels[0].From) + require.NotNil(t, p) + require.NotEqual(t, time.Time{}, p.BuiltTime) + require.Equal(t, "my-package", p.Name) } func Test_reader2(t *testing.T) { - contents := ` - { - "@context": "https://spdx.org/rdf/3.0.1/spdx-context.jsonld", - "@graph": [ - { "spdxId": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization" }, - { "spdxId": "SpdxOrganization" }, -{ - "type": "CreationInfo", - "@id": "_:creationinfo", - "createdBy": [ - "http://spdx.example.com/Agent/JoshuaWatt" - ], - "specVersion": "3.0.1", - "created": "2024-03-06T00:00:00Z" - } - ] -} - ` - graph, err := spdx.LDContext().FromJSON(strings.NewReader(contents)) + contents := `{ + "@context": "https://spdx.org/rdf/3.0.1/spdx-context.jsonld", + "@graph": [ + { "type": "SpdxDocument", + "element": [ "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization" ] + } + ] + }` + + d := newTestDocument() + err := d.FromJSON(strings.NewReader(contents)) require.NoError(t, err) - for _, fi := range graph { - println("Elem" + fmt.Sprintf("%#v", fi)) - } + require.Len(t, d.Elements, 1) + spdxOrgID, _ := ld.GetID(spdx.Organization_SpdxOrganization) + gotID, _ := ld.GetID(d.Elements[0]) + require.Equal(t, spdxOrgID, gotID) } func Test_exportImportExport(t *testing.T) { @@ -224,15 +330,15 @@ func Test_exportImportExport(t *testing.T) { &spdx.Tool{Element: spdx.Element{ ExternalIdentifiers: spdx.ExternalIdentifierList{ &spdx.ExternalIdentifier{ - ExternalIdentifierType: spdx.ExternalIdentifierType_Cpe23, - Identifier: "cpe:2.3:a:myvendor:my-product:*:*:*:*:*:*:*:*", + Type: spdx.ExternalIdentifierType_Cpe23, + Identifier: "cpe:2.3:a:myvendor:my-product:*:*:*:*:*:*:*:*", }, }, ExternalRefs: nil, Name: "not-tools-golang", }}) - sbom := &spdx.Sbom{} + sbom := &spdx.SBOM{} doc.RootElements = append(doc.RootElements, sbom) // create a package @@ -241,14 +347,14 @@ func Test_exportImportExport(t *testing.T) { SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ Name: "some-package-1", }}}, - PackageVersion: "1.2.3", + Version: "1.2.3", } // create another package pkg2 := &spdx.AIPackage{} pkg2.Name = "some-package-2" - pkg2.PackageVersion = "2.4.5" + pkg2.Version = "2.4.5" // add the packages to the sbom @@ -264,8 +370,8 @@ func Test_exportImportExport(t *testing.T) { // add relationships sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ - From: file1, - RelationshipType: spdx.RelationshipType_Contains, + From: file1, + Type: spdx.RelationshipType_Contains, To: spdx.ElementList{ pkg1, pkg2, @@ -273,8 +379,8 @@ func Test_exportImportExport(t *testing.T) { }) sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ - From: pkg1, - RelationshipType: spdx.RelationshipType_DependsOn, + From: pkg1, + Type: spdx.RelationshipType_DependsOn, To: spdx.ElementList{ pkg2, }, @@ -326,9 +432,9 @@ func Test_exportImportExport(t *testing.T) { // some basic usage: var pkgs []*spdx.Package - for _, sbom := range doc.RootElements.Sboms() { + for _, sbom := range doc.RootElements.SBOMs() { for _, rel := range sbom.RootElements.Relationships() { - if rel.RelationshipType != spdx.RelationshipType_Contains { + if rel.Type != spdx.RelationshipType_Contains { continue } _ = spdx.As(rel.From, func(f *spdx.File) any { diff --git a/spdx/v3/v3_0_1/testdata/test.expanded.json b/spdx/v3/v3_0_1/testdata/test.expanded.json new file mode 100755 index 00000000..20a1ea72 --- /dev/null +++ b/spdx/v3/v3_0_1/testdata/test.expanded.json @@ -0,0 +1,242 @@ +[ + { + "@id": "_:creationinfo", + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/created": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + "@value": "2024-03-06T00:00:00Z" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/createdBy": [ + { + "@id": "http://spdx.example.com/Agent/JoshuaWatt" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/specVersion": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "3.0.1" + } + ] + }, + { + "@id": "http://spdx.example.com/Agent/JoshuaWatt", + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Core/Person" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo": [ + { + "@id": "_:creationinfo" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier": [ + { + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/identifier": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "JPEWhacker@gmail.com" + } + ] + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/name": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "Joshua Watt" + } + ] + }, + { + "@id": "http://spdx.example.com/Document1", + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo": [ + { + "@id": "_:creationinfo" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/element": [ + { + "@id": "http://spdx.example.com/BOM1" + }, + { + "@id": "http://spdx.example.com/Agent/JoshuaWatt" + }, + { + "@id": "http://spdx.example.com/Package1/myprogram" + }, + { + "@id": "http://spdx.example.com/Relationship/1" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/rootElement": [ + { + "@id": "http://spdx.example.com/BOM1" + } + ] + }, + { + "@id": "http://spdx.example.com/BOM1", + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Software/Sbom" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo": [ + { + "@id": "_:creationinfo" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/element": [ + { + "@id": "http://spdx.example.com/Package1/myprogram" + }, + { + "@id": "http://spdx.example.com/Package1" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/rootElement": [ + { + "@id": "http://spdx.example.com/Package1" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Software/sbomType": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build" + } + ] + }, + { + "@id": "http://spdx.example.com/Package1", + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Software/Package" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/builtTime": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + "@value": "2024-03-06T00:00:00Z" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo": [ + { + "@id": "_:creationinfo" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/name": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "my-package" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy": [ + { + "@id": "http://spdx.example.com/Agent/JoshuaWatt" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + "@value": "http://dl.example.com/my-package_1.0.0.tar" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "1.0.0" + } + ] + }, + { + "@id": "http://spdx.example.com/Package1/myprogram", + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Software/File" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/builtTime": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + "@value": "2024-03-06T00:00:00Z" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo": [ + { + "@id": "_:creationinfo" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/name": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "myprogram" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy": [ + { + "@id": "http://spdx.example.com/Agent/JoshuaWatt" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText": [ + { + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "Copyright 2024, Joshua Watt" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable" + } + ] + }, + { + "@id": "http://spdx.example.com/Relationship/1", + "@type": [ + "https://spdx.org/rdf/3.0.1/terms/Core/Relationship" + ], + "https://spdx.org/rdf/3.0.1/terms/Core/completeness": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo": [ + { + "@id": "_:creationinfo" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/from": [ + { + "@id": "http://spdx.example.com/Package1" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains" + } + ], + "https://spdx.org/rdf/3.0.1/terms/Core/to": [ + { + "@id": "http://spdx.example.com/Package1/myprogram" + } + ] + } +] diff --git a/spdx/v3/v3_0_1/testdata/test.json b/spdx/v3/v3_0_1/testdata/test.json new file mode 100644 index 00000000..dfa6d959 --- /dev/null +++ b/spdx/v3/v3_0_1/testdata/test.json @@ -0,0 +1,98 @@ +{ + "@context": "https://spdx.org/rdf/3.0.1/spdx-context.jsonld", + "@graph": [ + { + "type": "CreationInfo", + "@id": "_:creationinfo", + "createdBy": [ + "http://spdx.example.com/Agent/JoshuaWatt" + ], + "specVersion": "3.0.1", + "created": "2024-03-06T00:00:00Z" + }, + { + "type": "Person", + "spdxId": "http://spdx.example.com/Agent/JoshuaWatt", + "name": "Joshua Watt", + "creationInfo": "_:creationinfo", + "externalIdentifier": [ + { + "type": "ExternalIdentifier", + "externalIdentifierType": "email", + "identifier": "JPEWhacker@gmail.com" + } + ] + }, + { + "type": "SpdxDocument", + "spdxId": "http://spdx.example.com/Document1", + "creationInfo": "_:creationinfo", + "rootElement": [ + "http://spdx.example.com/BOM1" + ], + "element": [ + "http://spdx.example.com/BOM1", + "http://spdx.example.com/Agent/JoshuaWatt", + "http://spdx.example.com/Package1/myprogram", + "http://spdx.example.com/Relationship/1" + ], + "profileConformance": [ + "core", + "software" + ] + }, + { + "type": "software_Sbom", + "spdxId": "http://spdx.example.com/BOM1", + "creationInfo": "_:creationinfo", + "rootElement": [ + "http://spdx.example.com/Package1" + ], + "element": [ + "http://spdx.example.com/Package1/myprogram", + "http://spdx.example.com/Package1" + ], + "software_sbomType": [ + "build" + ] + }, + { + "type": "software_Package", + "spdxId": "http://spdx.example.com/Package1", + "creationInfo": "_:creationinfo", + "name": "my-package", + "software_packageVersion": "1.0.0", + "software_downloadLocation": "http://dl.example.com/my-package_1.0.0.tar", + "builtTime": "2024-03-06T00:00:00Z", + "originatedBy": [ + "http://spdx.example.com/Agent/JoshuaWatt" + ] + }, + { + "type": "software_File", + "spdxId": "http://spdx.example.com/Package1/myprogram", + "creationInfo": "_:creationinfo", + "name": "myprogram", + "software_primaryPurpose": "executable", + "software_additionalPurpose": [ + "application" + ], + "software_copyrightText": "Copyright 2024, Joshua Watt", + "builtTime": "2024-03-06T00:00:00Z", + "originatedBy": [ + "http://spdx.example.com/Agent/JoshuaWatt" + ] + }, + { + "type": "Relationship", + "spdxId": "http://spdx.example.com/Relationship/1", + "creationInfo": "_:creationinfo", + "from": "http://spdx.example.com/Package1", + "relationshipType": "contains", + "to": [ + "http://spdx.example.com/Package1/myprogram" + ], + "completeness": "complete" + } + ] +} \ No newline at end of file From 293fbfb32a57e0c7ccb08eeb1bd388dae1bdd89d Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 09:19:17 -0400 Subject: [PATCH 13/21] chore: update cpe Signed-off-by: Keith Zantow --- spdx/v3/v3_0_1/spdx_serialization_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spdx/v3/v3_0_1/spdx_serialization_test.go b/spdx/v3/v3_0_1/spdx_serialization_test.go index 3817a53c..b228d31d 100644 --- a/spdx/v3/v3_0_1/spdx_serialization_test.go +++ b/spdx/v3/v3_0_1/spdx_serialization_test.go @@ -33,7 +33,7 @@ func Test_spdxExportImportExport(t *testing.T) { ExternalIdentifiers: ExternalIdentifierList{ &ExternalIdentifier{ Type: ExternalIdentifierType_Cpe23, - Identifier: "cpe23:a:myvendor:my-product:*:*:*:*:*:*:*", + Identifier: "cpe:2.3:a:myvendor:my-product:*:*:*:*:*:*:*:*", }, }, Name: "not-tools-golang", From 5a408adace57150758cd1fd05198eb0fcb681217 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 10:39:07 -0400 Subject: [PATCH 14/21] chore: erroneous commit Signed-off-by: Keith Zantow --- spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java | 1128 -------------------- 1 file changed, 1128 deletions(-) delete mode 100644 spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java diff --git a/spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java b/spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java deleted file mode 100644 index eb50d343..00000000 --- a/spdx/v3/v3_0_1/convert_v2_3_to_v3_0_1.java +++ /dev/null @@ -1,1128 +0,0 @@ -/** - * SPDX-FileCopyrightText: Copyright (c) 2024 Source Auditor Inc. - * SPDX-FileType: SOURCE - * SPDX-License-Identifier: Apache-2.0 - *

- * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - *

- * http://www.apache.org/licenses/LICENSE-2.0 - *

- * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.spdx.library.conversion; - -import java.util.*; -import java.util.regex.Matcher; -import java.util.regex.Pattern; -import java.util.stream.Collectors; - -import javax.annotation.Nullable; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.spdx.core.IModelCopyManager; -import org.spdx.core.InvalidSPDXAnalysisException; -import org.spdx.library.ListedLicenses; -import org.spdx.library.model.v2.SpdxConstantsCompatV2; -import org.spdx.library.model.v2.SpdxCreatorInformation; -import org.spdx.library.model.v2.pointer.ByteOffsetPointer; -import org.spdx.library.model.v2.pointer.LineCharPointer; -import org.spdx.library.model.v2.pointer.StartEndPointer; -import org.spdx.library.model.v3_0_1.ModelObjectV3; -import org.spdx.library.model.v3_0_1.SpdxConstantsV3; -import org.spdx.library.model.v3_0_1.SpdxModelClassFactoryV3; -import org.spdx.library.model.v3_0_1.core.Agent; -import org.spdx.library.model.v3_0_1.core.Annotation; -import org.spdx.library.model.v3_0_1.core.AnnotationType; -import org.spdx.library.model.v3_0_1.core.CreationInfo; -import org.spdx.library.model.v3_0_1.core.Element; -import org.spdx.library.model.v3_0_1.core.ExternalElement; -import org.spdx.library.model.v3_0_1.core.ExternalIdentifier; -import org.spdx.library.model.v3_0_1.core.ExternalIdentifierType; -import org.spdx.library.model.v3_0_1.core.ExternalMap; -import org.spdx.library.model.v3_0_1.core.ExternalRefType; -import org.spdx.library.model.v3_0_1.core.Hash; -import org.spdx.library.model.v3_0_1.core.HashAlgorithm; -import org.spdx.library.model.v3_0_1.core.IntegrityMethod; -import org.spdx.library.model.v3_0_1.core.LifecycleScopeType; -import org.spdx.library.model.v3_0_1.core.LifecycleScopedRelationship; -import org.spdx.library.model.v3_0_1.core.NamespaceMap; -import org.spdx.library.model.v3_0_1.core.NoAssertionElement; -import org.spdx.library.model.v3_0_1.core.NoneElement; -import org.spdx.library.model.v3_0_1.core.Organization; -import org.spdx.library.model.v3_0_1.core.PackageVerificationCode; -import org.spdx.library.model.v3_0_1.core.Person; -import org.spdx.library.model.v3_0_1.core.Relationship; -import org.spdx.library.model.v3_0_1.core.RelationshipCompleteness; -import org.spdx.library.model.v3_0_1.core.RelationshipType; -import org.spdx.library.model.v3_0_1.core.SpdxDocument; -import org.spdx.library.model.v3_0_1.core.Tool; -import org.spdx.library.model.v3_0_1.expandedlicensing.ConjunctiveLicenseSet; -import org.spdx.library.model.v3_0_1.expandedlicensing.CustomLicense; -import org.spdx.library.model.v3_0_1.expandedlicensing.CustomLicenseAddition; -import org.spdx.library.model.v3_0_1.expandedlicensing.DisjunctiveLicenseSet; -import org.spdx.library.model.v3_0_1.expandedlicensing.ExtendableLicense; -import org.spdx.library.model.v3_0_1.expandedlicensing.ExternalCustomLicense; -import org.spdx.library.model.v3_0_1.expandedlicensing.License; -import org.spdx.library.model.v3_0_1.expandedlicensing.LicenseAddition; -import org.spdx.library.model.v3_0_1.expandedlicensing.ListedLicense; -import org.spdx.library.model.v3_0_1.expandedlicensing.ListedLicenseException; -import org.spdx.library.model.v3_0_1.expandedlicensing.NoAssertionLicense; -import org.spdx.library.model.v3_0_1.expandedlicensing.NoneLicense; -import org.spdx.library.model.v3_0_1.expandedlicensing.OrLaterOperator; -import org.spdx.library.model.v3_0_1.expandedlicensing.WithAdditionOperator; -import org.spdx.library.model.v3_0_1.simplelicensing.AnyLicenseInfo; -import org.spdx.library.model.v3_0_1.simplelicensing.LicenseExpression; -import org.spdx.library.model.v3_0_1.software.ContentIdentifierType; -import org.spdx.library.model.v3_0_1.software.Snippet; -import org.spdx.library.model.v3_0_1.software.SoftwareArtifact; -import org.spdx.library.model.v3_0_1.software.SoftwarePurpose; -import org.spdx.library.model.v3_0_1.software.SpdxFile; -import org.spdx.library.model.v3_0_1.software.SpdxPackage; -import org.spdx.storage.IModelStore; -import org.spdx.storage.IModelStore.IdType; -import org.spdx.storage.listedlicense.SpdxListedLicenseModelStore; - -/** - * Converts SPDX spec version 2.X objects to SPDX spec version 3.X and stores the result in the - * toModelStore - * - * @author Gary O'Neall - */ -@SuppressWarnings({"OptionalGetWithoutIsPresent", "LoggingSimilarMessage"}) -public class Spdx2to3Converter implements ISpdxConverter { - - static final Logger logger = LoggerFactory.getLogger(Spdx2to3Converter.class); - - static final Pattern SPDX_2_CREATOR_PATTERN = Pattern.compile("(Person|Organization):\\s*([^(]+)\\s*(\\(([^)]*)\\))?"); - - public static final Map RELATIONSHIP_TYPE_MAP; - - public static final Map LIFECYCLE_SCOPE_MAP; - - public static final Set SWAP_TO_FROM_REL_TYPES; - - public static final Map ANNOTATION_TYPE_MAP; - - public static final Map HASH_ALGORITH_MAP; - - public static final Map CONTENT_IDENTIFIER_TYPE_MAP; - - public static final Map EXTERNAL_IDENTIFIER_TYPE_MAP; - - public static final Map EXTERNAL_REF_TYPE_MAP; - - public static final Map PURPOSE_MAP; - - static { - } - - String toSpecVersion; - IModelStore toModelStore; - Map alreadyConverted = Collections.synchronizedMap(new HashMap<>()); - CreationInfo defaultCreationInfo; - String defaultUriPrefix; - /** - * Map of the documentUri to information captured from the ExternalDocumentRef from the document - */ - Map, ExternalMapInfo>> docUriToExternalMap = Collections.synchronizedMap(new HashMap<>()); - - private final IModelCopyManager copyManager; - - private int documentIndex = 0; - - private final boolean complexLicenses; - - /** - * @param fromObjectUri object URI of the SPDX object copied from - * @return true if the SPDX object has already been copied - */ - public boolean alreadyCopied(String fromObjectUri) { - return this.alreadyConverted.containsKey(fromObjectUri); - } - - /** - * @param spdx2CreatorInfo SPDX 2 creation information - * @param spdx3CreationInfo SPDX 3 creation information - * @return true of the values of the SPDX 2 creation information are equivalent to the SPDX 3 creation information - * @throws InvalidSPDXAnalysisException on error fetching model data - */ - private boolean equivalentCreationInfo(SpdxCreatorInformation spdx2CreatorInfo, - CreationInfo spdx3CreationInfo) throws InvalidSPDXAnalysisException { - } - - /** - * Coy all element properties from the SPDX spec version 2 element to the SPDX version 3 element - * @param fromElement SPDX spec version 2 SpdxElement - * @param toElement SPDX spec version 3 element - * @throws InvalidSPDXAnalysisException on any errors converting element properties - */ - private void convertElementProperties(org.spdx.library.model.v2.SpdxElement fromElement, Element toElement) throws InvalidSPDXAnalysisException { - toElement.setCreationInfo(defaultCreationInfo); - for (org.spdx.library.model.v2.Annotation fromAnnotation:fromElement.getAnnotations()) { - convertAndStore(fromAnnotation, toElement); - } - toElement.setComment(fromElement.getComment().orElse(null)); - toElement.setName(fromElement.getName().orElse(null)); - for (org.spdx.library.model.v2.Relationship fromRelationship:fromElement.getRelationships()) { - convertAndStore(fromRelationship, toElement); - } - } - - /** - * @param fromObjectUri Object URI of the SPDX spec version 2 object being converted from - * @param toType SPDX spec version 3 type - * @return optional of the existing object - if it exists - * @throws InvalidSPDXAnalysisException if there is an error creating the existing model object - */ - protected Optional getExistingObject(String fromObjectUri, String toType) throws InvalidSPDXAnalysisException { - String toObjectUri = alreadyConverted.get(fromObjectUri); - if (Objects.isNull(toObjectUri)) { - return Optional.empty(); - } else { - return Optional.of(SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, toType, copyManager, false, defaultUriPrefix)); - } - } - - /** - * Converts an SPDX spec version 2 relationship to an SPDX spec version 3 relationship - * @param fromRelationship relationship to convert from - * @param containingElement Element which contains the property referring to the fromRelationship - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public Relationship convertAndStore(org.spdx.library.model.v2.Relationship fromRelationship, - Element containingElement) throws InvalidSPDXAnalysisException { - org.spdx.library.model.v2.enumerations.RelationshipType fromRelationshipType = fromRelationship.getRelationshipType(); - LifecycleScopeType scope = LIFECYCLE_SCOPE_MAP.get(fromRelationshipType); - String fromUri = fromRelationship.getObjectUri(); - String relationshipType = Objects.isNull(scope) ? SpdxConstantsV3.CORE_RELATIONSHIP : SpdxConstantsV3.CORE_LIFECYCLE_SCOPED_RELATIONSHIP; - Optional existing = getExistingObject(fromUri, - relationshipType); - if (existing.isPresent()) { - return (Relationship)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String exitingUri = alreadyConverted.putIfAbsent(fromUri, toObjectUri); - if (Objects.nonNull(exitingUri)) { - return (Relationship)getExistingObject(fromUri, - relationshipType).get(); - } - Relationship toRelationship; - if (Objects.isNull(scope)) { - toRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); - } else { - toRelationship = (LifecycleScopedRelationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.CORE_LIFECYCLE_SCOPED_RELATIONSHIP, copyManager, true, defaultUriPrefix); - } - toRelationship.setCreationInfo(defaultCreationInfo); - toRelationship.setRelationshipType(RELATIONSHIP_TYPE_MAP.get(fromRelationshipType)); - if (SWAP_TO_FROM_REL_TYPES.contains(fromRelationshipType)) { - toRelationship.getTos().add(containingElement); - } else { - toRelationship.setFrom(containingElement); - } - toRelationship.setFrom(containingElement); - toRelationship.setComment(fromRelationship.getComment().orElse(null)); - Optional relatedSpdxElement = fromRelationship.getRelatedSpdxElement(); - RelationshipCompleteness completeness = RelationshipCompleteness.NO_ASSERTION; - if (relatedSpdxElement.isPresent() && relatedSpdxElement.get() instanceof org.spdx.library.model.v2.SpdxNoneElement) { - completeness = RelationshipCompleteness.COMPLETE; - } - toRelationship.setCompleteness(completeness); - if (relatedSpdxElement.isPresent() && - !((relatedSpdxElement.get() instanceof org.spdx.library.model.v2.SpdxNoneElement) || - (relatedSpdxElement.get() instanceof org.spdx.library.model.v2.SpdxNoAssertionElement))) { - if (SWAP_TO_FROM_REL_TYPES.contains(fromRelationshipType)) { - toRelationship.setFrom(convertAndStore(relatedSpdxElement.get())); - } else { - toRelationship.getTos().add(convertAndStore(relatedSpdxElement.get())); - } - } - if (Objects.nonNull(scope)) { - ((LifecycleScopedRelationship)toRelationship).setScope(scope); - } - toRelationship.setCreationInfo(defaultCreationInfo); - return toRelationship; - } - - /** - * Converts an SPDX spec version 2 annotation to an SPDX spec version 3 annotation - * @param fromAnnotation annotation to convert from - * @param toElement Element which contains the property referring to the fromAnnotation - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public Annotation convertAndStore(org.spdx.library.model.v2.Annotation fromAnnotation, Element toElement) throws InvalidSPDXAnalysisException { - String fromUri = fromAnnotation.getObjectUri(); - Optional existing = getExistingObject(fromUri, SpdxConstantsV3.CORE_ANNOTATION); - if (existing.isPresent()) { - return (Annotation)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String exitingUri = alreadyConverted.putIfAbsent(fromUri, toObjectUri); - if (Objects.nonNull(exitingUri)) { - return (Annotation)getExistingObject(fromUri, SpdxConstantsV3.CORE_ANNOTATION).get(); - } - Annotation toAnnotation = (Annotation)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.CORE_ANNOTATION, copyManager, true, defaultUriPrefix); - - toAnnotation.setAnnotationType(ANNOTATION_TYPE_MAP.get(fromAnnotation.getAnnotationType())); - toAnnotation.setStatement(fromAnnotation.getComment()); - toAnnotation.setSubject(toElement); - CreationInfo creationInfo = new CreationInfo.CreationInfoBuilder(toModelStore, toModelStore.getNextId(IdType.Anonymous), null) - .setCreated(fromAnnotation.getAnnotationDate()) - .setSpecVersion(SpdxConstantsV3.MODEL_SPEC_VERSION) - .addAllCreatedUsing(defaultCreationInfo.getCreatedUsings()) - .build(); - creationInfo.setIdPrefix(defaultUriPrefix); - creationInfo.getCreatedBys().add(stringToAgent(fromAnnotation.getAnnotator(), creationInfo)); - toAnnotation.setCreationInfo(creationInfo); - return toAnnotation; - } - - /** - * Converts an SPDX spec version 2 SPDX document to an SPDX spec version 3 SPDX document and store the result - * in the toStore - * @param fromDoc SPDX spec version 2 document to convert from - * @return SPDX spec version 3 document converted from the version 2 document - * @throws InvalidSPDXAnalysisException on any errors converting the SPDX document - */ - public SpdxDocument convertAndStore(org.spdx.library.model.v2.SpdxDocument fromDoc) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromDoc.getObjectUri(), SpdxConstantsV3.CORE_SPDX_DOCUMENT); - if (existing.isPresent()) { - return (SpdxDocument)existing.get(); - } - String toObjectUri = defaultUriPrefix + "document" + documentIndex++; - String existingUri = this.alreadyConverted.putIfAbsent(fromDoc.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (SpdxDocument)getExistingObject(fromDoc.getObjectUri(), SpdxConstantsV3.CORE_SPDX_DOCUMENT).get(); - } - SpdxDocument toDoc = (SpdxDocument)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.CORE_SPDX_DOCUMENT, copyManager, true, defaultUriPrefix); - // NOTE: We have to add the external doc refs first so that the ExternalMap will be properly populated - for (org.spdx.library.model.v2.ExternalDocumentRef externalDocRef:fromDoc.getExternalDocumentRefs()) { - toDoc.getNamespaceMaps().add(convertAndStore(externalDocRef, toDoc.getSpdxImports())); - } - convertElementProperties(fromDoc, toDoc); - if (!equivalentCreationInfo(Objects.requireNonNull(fromDoc.getCreationInfo()), defaultCreationInfo)) { - toDoc.setCreationInfo(convertCreationInfo(fromDoc.getCreationInfo(), this.toModelStore, this.defaultUriPrefix)); - } - toDoc.setDataLicense(convertAndStore(fromDoc.getDataLicense())); - toDoc.getRootElements().addAll(fromDoc.getDocumentDescribes().stream().map(spdxElement -> { - try { - return convertAndStore(spdxElement); - } catch (InvalidSPDXAnalysisException e) { - logger.error("Error converting SPDX elements from spec version 2 to spec version 3", e); - throw new RuntimeException(e); - } - } - ).collect(Collectors.toList())); - for (org.spdx.library.model.v2.license.ExtractedLicenseInfo extractedLicense:fromDoc.getExtractedLicenseInfos()) { - convertAndStore(extractedLicense); - } - return toDoc; - } - - /** - * Converts the externalDocRef to a NamespaceMap and store the NamespaceMap. - * The document information is also retained in the externalDocRefMap such that any subsequent - * references to the external documents can be captured in the ExternalMap for the document - * @param externalDocRef SPDX Model V2 external document reference - * @param docImports SPDX document imports to track any added external references - * @return the namespace map correlating the documentRef ID to the document URI - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public NamespaceMap convertAndStore(org.spdx.library.model.v2.ExternalDocumentRef externalDocRef, - Collection docImports) throws InvalidSPDXAnalysisException { - // Add information to the docUriToExternalMap - this will be used if we run across any references - // to the external document namespaces - Optional docChecksum = externalDocRef.getChecksum(); - Optional externalDocumentHash = docChecksum.isPresent() ? Optional.of(convertAndStore(docChecksum.get())) : Optional.empty(); - docUriToExternalMap.putIfAbsent(externalDocRef.getSpdxDocumentNamespace(), Collections.synchronizedMap(new HashMap<>())); - Map, ExternalMapInfo> externalMapInfoMap = docUriToExternalMap.get(externalDocRef.getSpdxDocumentNamespace()); - externalMapInfoMap.put(docImports, new ExternalMapInfo(externalDocRef.getId(), externalDocRef.getSpdxDocumentNamespace(), - externalDocumentHash, docImports)); - Optional existing = getExistingObject(externalDocRef.getObjectUri(), SpdxConstantsV3.CORE_NAMESPACE_MAP); - if (existing.isPresent()) { - return (NamespaceMap)existing.get(); - } - String toObjectUri = toModelStore.getNextId(IdType.Anonymous); - String existingUri = this.alreadyConverted.putIfAbsent(externalDocRef.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (NamespaceMap)getExistingObject(externalDocRef.getObjectUri(), SpdxConstantsV3.CORE_NAMESPACE_MAP).get(); - } - NamespaceMap toNamespaceMap = (NamespaceMap)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.CORE_NAMESPACE_MAP, copyManager, true, defaultUriPrefix); - toNamespaceMap.setPrefix(externalDocRef.getId()); - toNamespaceMap.setNamespace(externalDocRef.getSpdxDocumentNamespace() + "#"); - return toNamespaceMap; - } - - /** - * Converts an SPDX spec version 2 SPDX ConjunctiveLicenseSet to an SPDX spec version 3 SPDX ConjunctiveLicenseSet and store the result - * in the toStore - * @param fromConjunctiveLicenseSet an SPDX spec version 2 ConjunctiveLicenseSet to convert from - * @return an SPDX spec version 3 ConjunctiveLicenseSet - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public ConjunctiveLicenseSet convertAndStore(org.spdx.library.model.v2.license.ConjunctiveLicenseSet fromConjunctiveLicenseSet) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromConjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CONJUNCTIVE_LICENSE_SET); - if (existing.isPresent()) { - return (ConjunctiveLicenseSet)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromConjunctiveLicenseSet.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (ConjunctiveLicenseSet)getExistingObject(fromConjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CONJUNCTIVE_LICENSE_SET).get(); - } - ConjunctiveLicenseSet toConjunctiveLicenseSet = (ConjunctiveLicenseSet)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_CONJUNCTIVE_LICENSE_SET, copyManager, true, defaultUriPrefix); - for (org.spdx.library.model.v2.license.AnyLicenseInfo fromMember:fromConjunctiveLicenseSet.getMembers()) { - toConjunctiveLicenseSet.getMembers().add(convertAndStore(fromMember)); - } - toConjunctiveLicenseSet.setCreationInfo(defaultCreationInfo); - return toConjunctiveLicenseSet; - } - - /** - * Converts an SPDX spec version 2 SPDX DisjunctiveLicenseSet to an SPDX spec version 3 SPDX DisjunctiveLicenseSet and store the result - * in the toStore - * @param fromDisjunctiveLicenseSet an SPDX spec version 2 DisjunctiveLicenseSet to convert from - * @return an SPDX spec version 3 DisjunctiveLicenseSet - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public DisjunctiveLicenseSet convertAndStore(org.spdx.library.model.v2.license.DisjunctiveLicenseSet fromDisjunctiveLicenseSet) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromDisjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_DISJUNCTIVE_LICENSE_SET); - if (existing.isPresent()) { - return (DisjunctiveLicenseSet)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromDisjunctiveLicenseSet.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (DisjunctiveLicenseSet)getExistingObject(fromDisjunctiveLicenseSet.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_DISJUNCTIVE_LICENSE_SET).get(); - } - DisjunctiveLicenseSet toDisjunctiveLicenseSet = (DisjunctiveLicenseSet)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_DISJUNCTIVE_LICENSE_SET, copyManager, true, defaultUriPrefix); - for (org.spdx.library.model.v2.license.AnyLicenseInfo fromMember:fromDisjunctiveLicenseSet.getMembers()) { - toDisjunctiveLicenseSet.getMembers().add(convertAndStore(fromMember)); - } - toDisjunctiveLicenseSet.setCreationInfo(defaultCreationInfo); - return toDisjunctiveLicenseSet; - } - - /** - * Converts an SPDX spec version 2 SPDX ExtractedLicenseInfo to an SPDX spec version 3 SPDX CustomLicense and store the result - * in the toStore - * @param fromExtractedLicenseInfo an SPDX spec version 2 ExtractedLicenseInfo to convert from - * @return an SPDX spec version 3 CustomLicense - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public CustomLicense convertAndStore(org.spdx.library.model.v2.license.ExtractedLicenseInfo fromExtractedLicenseInfo) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromExtractedLicenseInfo.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE); - if (existing.isPresent()) { - return (CustomLicense)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromExtractedLicenseInfo.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (CustomLicense)getExistingObject(fromExtractedLicenseInfo.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE).get(); - } - CustomLicense toCustomLicense = (CustomLicense)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE, copyManager, true, defaultUriPrefix); - toCustomLicense.setCreationInfo(defaultCreationInfo); - toCustomLicense.setLicenseText(fromExtractedLicenseInfo.getExtractedText()); - toCustomLicense.setName(fromExtractedLicenseInfo.getName()); - toCustomLicense.getSeeAlsos().addAll(fromExtractedLicenseInfo.getSeeAlso()); - toCustomLicense.setComment(fromExtractedLicenseInfo.getComment()); - return toCustomLicense; - } - - /** - * Converts an SPDX spec version 2 SPDX OrLaterOperator to an SPDX spec version 3 SPDX OrLaterOperator and store the result - * in the toStore - * @param fromOrLaterOperator an SPDX spec version 2 OrLaterOperator to convert from - * @return an SPDX spec version 3 OrLaterOperator - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public OrLaterOperator convertAndStore(org.spdx.library.model.v2.license.OrLaterOperator fromOrLaterOperator) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromOrLaterOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_OR_LATER_OPERATOR); - if (existing.isPresent()) { - return (OrLaterOperator)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromOrLaterOperator.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (OrLaterOperator)getExistingObject(fromOrLaterOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_OR_LATER_OPERATOR).get(); - } - OrLaterOperator toOrLaterOperator = (OrLaterOperator)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_OR_LATER_OPERATOR, copyManager, true, defaultUriPrefix); - toOrLaterOperator.setCreationInfo(defaultCreationInfo); - toOrLaterOperator.setSubjectLicense((License)convertAndStore(fromOrLaterOperator.getLicense())); - return toOrLaterOperator; - } - - /** - * Converts an SPDX spec version 2 SPDX SpdxListedLicense to an SPDX spec version 3 SPDX ListedLicense and store the result - * in the toStore - * @param fromSpdxListedLicense an SPDX spec version 2 SpdxListedLicense to convert from - * @return an SPDX spec version 3 ListedLicense - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public ListedLicense convertAndStore(org.spdx.library.model.v2.license.SpdxListedLicense fromSpdxListedLicense) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromSpdxListedLicense.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE); - if (existing.isPresent()) { - return (ListedLicense)existing.get(); - } - String existingUri = this.alreadyConverted.putIfAbsent(fromSpdxListedLicense.getObjectUri(), fromSpdxListedLicense.getObjectUri()); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (ListedLicense)getExistingObject(fromSpdxListedLicense.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE).get(); - } - String licenseId = SpdxListedLicenseModelStore.objectUriToLicenseOrExceptionId(fromSpdxListedLicense.getObjectUri()); - if (ListedLicenses.getListedLicenses().isSpdxListedLicenseId(licenseId)) { - ListedLicense retval = ListedLicenses.getListedLicenses().getListedLicenseById(licenseId); - if (complexLicenses) { - copyManager.copy(toModelStore, fromSpdxListedLicense.getObjectUri(), retval.getModelStore(), - fromSpdxListedLicense.getObjectUri(), toSpecVersion, null); - } - return retval; - } - ListedLicense toListedLicense = (ListedLicense)SpdxModelClassFactoryV3.getModelObject(toModelStore, - fromSpdxListedLicense.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE, copyManager, true, defaultUriPrefix); - toListedLicense.setCreationInfo(defaultCreationInfo); - toListedLicense.setComment(fromSpdxListedLicense.getComment()); - // fromSpdxListedLicense.getCrossRef()) - no equivalent in SPDX version 3.X - toListedLicense.setDeprecatedVersion(fromSpdxListedLicense.getDeprecatedVersion()); - toListedLicense.setIsFsfLibre(fromSpdxListedLicense.getFsfLibre()); - // fromSpdxListedLicense.getLicenseHeaderHtml(); - no equivalent in SPDX version 3.X - toListedLicense.setLicenseText(fromSpdxListedLicense.getLicenseText()); - // fromSpdxListedLicense.getLicenseTextHtml(); - no equivalent in SPDX version 3.X - toListedLicense.setName(fromSpdxListedLicense.getName()); - toListedLicense.getSeeAlsos().addAll(fromSpdxListedLicense.getSeeAlso()); - toListedLicense.setStandardLicenseHeader(fromSpdxListedLicense.getStandardLicenseHeader()); - // fromSpdxListedLicense.getStandardLicenseHeaderTemplate(); - no equivalent in SPDX version 3.X - toListedLicense.setStandardLicenseTemplate(fromSpdxListedLicense.getStandardLicenseTemplate()); - toListedLicense.setIsDeprecatedLicenseId(fromSpdxListedLicense.isDeprecated()); - toListedLicense.setIsOsiApproved(fromSpdxListedLicense.isOsiApproved()); - return toListedLicense; - } - - /** - * Converts an SPDX spec version 2 SPDX WithExceptionOperator to an SPDX spec version 3 SPDX WithAdditionOperator and store the result - * in the toStore - * @param fromWithExceptionOperator an SPDX spec version 2 WithExceptionOperator to convert from - * @return an SPDX spec version 3 WithAdditionOperator - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public WithAdditionOperator convertAndStore(org.spdx.library.model.v2.license.WithExceptionOperator fromWithExceptionOperator) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromWithExceptionOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_WITH_ADDITION_OPERATOR); - if (existing.isPresent()) { - return (WithAdditionOperator)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromWithExceptionOperator.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (WithAdditionOperator)getExistingObject(fromWithExceptionOperator.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_WITH_ADDITION_OPERATOR).get(); - } - WithAdditionOperator toWithAdditionOperator = (WithAdditionOperator)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_WITH_ADDITION_OPERATOR, copyManager, true, defaultUriPrefix); - toWithAdditionOperator.setCreationInfo(defaultCreationInfo); - toWithAdditionOperator.setSubjectAddition(convertAndStore(fromWithExceptionOperator.getException())); - toWithAdditionOperator.setSubjectExtendableLicense((ExtendableLicense)convertAndStore(fromWithExceptionOperator.getLicense())); - return toWithAdditionOperator; - } - - - /** - * Converts an SPDX spec version 2 SPDX LicenseException to an SPDX spec version 3 LicenseAddition and store the result - * in the toStore - * @param fromException an SPDX spec version 2 LicenseException to convert from - * @return an SPDX spec version 3 LicenseAddition - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public LicenseAddition convertAndStore(org.spdx.library.model.v2.license.LicenseException fromException) throws InvalidSPDXAnalysisException { - if (fromException instanceof org.spdx.library.model.v2.license.ListedLicenseException) { - return convertAndStore((org.spdx.library.model.v2.license.ListedLicenseException)fromException); - } - Optional existing = getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE_ADDITION); - if (existing.isPresent()) { - return (CustomLicenseAddition)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromException.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (CustomLicenseAddition)getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE_ADDITION).get(); - } - CustomLicenseAddition toCustomAddition = (CustomLicenseAddition)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.EXPANDED_LICENSING_CUSTOM_LICENSE_ADDITION, copyManager, true, defaultUriPrefix); - convertLicenseAdditionProperties(fromException, toCustomAddition); - return toCustomAddition; - } - - /** - * Convert and add properties from the fromException to the toAddition - * @param fromException SPDX spec version 2 LicenseException to copy properties from - * @param toAddition SPDX spec version 3 LicenseAddition to copy properties to - * @throws InvalidSPDXAnalysisException on any errors converting - */ - private void convertLicenseAdditionProperties( - org.spdx.library.model.v2.license.LicenseException fromException, - LicenseAddition toAddition) throws InvalidSPDXAnalysisException { - toAddition.setCreationInfo(defaultCreationInfo); - toAddition.setAdditionText(fromException.getLicenseExceptionText()); - toAddition.setComment(fromException.getComment()); - toAddition.setName(fromException.getName()); - toAddition.setStandardAdditionTemplate(fromException.getLicenseExceptionTemplate()); - toAddition.getSeeAlsos().addAll(fromException.getSeeAlso()); - } - - /** - * Converts an SPDX spec version 2 SPDX ListedLicenseException to an SPDX spec version 3 ListedLicenseAddition and store the result - * in the toStore - * @param fromException an SPDX spec version 2 ListedLicenseException to convert from - * @return an SPDX spec version 3 ListedLicenseException - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public ListedLicenseException convertAndStore(org.spdx.library.model.v2.license.ListedLicenseException fromException) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE_EXCEPTION); - if (existing.isPresent()) { - return (ListedLicenseException)existing.get(); - } - String existingUri = this.alreadyConverted.putIfAbsent(fromException.getObjectUri(), fromException.getObjectUri()); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (ListedLicenseException)getExistingObject(fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE_EXCEPTION).get(); - } - String exceptionId = SpdxListedLicenseModelStore.objectUriToLicenseOrExceptionId(fromException.getObjectUri()); - if (ListedLicenses.getListedLicenses().isSpdxListedExceptionId(exceptionId)) { - ListedLicenseException retval = ListedLicenses.getListedLicenses().getListedExceptionById(exceptionId); - if (complexLicenses) { - copyManager.copy(toModelStore, fromException.getObjectUri(), retval.getModelStore(), - fromException.getObjectUri(), toSpecVersion, null); - } - return retval; - } - ListedLicenseException toListedException = (ListedLicenseException)SpdxModelClassFactoryV3.getModelObject(toModelStore, - fromException.getObjectUri(), SpdxConstantsV3.EXPANDED_LICENSING_LISTED_LICENSE_EXCEPTION, copyManager, true, defaultUriPrefix); - convertLicenseAdditionProperties(fromException, toListedException); - toListedException.setDeprecatedVersion(fromException.getDeprecatedVersion()); - toListedException.setIsDeprecatedAdditionId(fromException.isDeprecated()); - // fromException.getExample(); - no SPDX spec version 3 equivalent - // fromException.getExceptionTextHtml(); - no SPDX spec version 3 equivalent - return toListedException; - } - - /** - * Converts an SPDX spec version 2 SPDX AnyLicenseInfo to an SPDX spec version 3 LicenseExpression - * @param fromLicense an SPDX spec version 2 AnyLicenseInfo - * @return an SPDX spec version 3 LicenseExpression - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public LicenseExpression convertToLicenseExpression(org.spdx.library.model.v2.license.AnyLicenseInfo fromLicense) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromLicense.getObjectUri(), SpdxConstantsV3.SIMPLE_LICENSING_LICENSE_EXPRESSION); - if (existing.isPresent()) { - return (LicenseExpression)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromLicense.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (LicenseExpression)getExistingObject(fromLicense.getObjectUri(), SpdxConstantsV3.SIMPLE_LICENSING_LICENSE_EXPRESSION).get(); - } - LicenseExpression licenseExpression = (LicenseExpression)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.SIMPLE_LICENSING_LICENSE_EXPRESSION, copyManager, true, defaultUriPrefix); - licenseExpression.setCreationInfo(defaultCreationInfo); - String expression = fromLicense.toString(); - licenseExpression.setLicenseExpression(expression); - StringTokenizer tokenizer = new StringTokenizer(expression, "() "); - while (tokenizer.hasMoreTokens()) { - String token = tokenizer.nextToken().trim(); - if (token.startsWith(SpdxConstantsCompatV2.NON_STD_LICENSE_ID_PRENUM)) { - licenseExpression.getCustomIdToUris().add(licenseExpression.createDictionaryEntry(toModelStore.getNextId(IdType.Anonymous)) - .setKey(token) - .setValue(defaultUriPrefix + token) - .build()); - } - } - return licenseExpression; - } - - /** - * Converts an SPDX spec version 2 SPDX AnyLicenseInfo to an SPDX spec version 3 SPDX AnyLicenseInfo and store the result - * @param fromLicense an SPDX spec version 2 AnyLicenseInfo - * @return an SPDX spec version 3 AnyLicenseInfo - * @throws InvalidSPDXAnalysisException on any errors converting - */ - public AnyLicenseInfo convertAndStore(org.spdx.library.model.v2.license.AnyLicenseInfo fromLicense) throws InvalidSPDXAnalysisException { - if (!complexLicenses) { - return convertToLicenseExpression(fromLicense); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.ConjunctiveLicenseSet) { - return convertAndStore((org.spdx.library.model.v2.license.ConjunctiveLicenseSet)fromLicense); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.DisjunctiveLicenseSet) { - return convertAndStore((org.spdx.library.model.v2.license.DisjunctiveLicenseSet)fromLicense); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.ExternalExtractedLicenseInfo) { - String externalUri = ((org.spdx.library.model.v2.license.ExternalExtractedLicenseInfo)fromLicense).getIndividualURI(); - logger.warn("Referencing an external SPDX 2 element with URI {} while converting from SPDX 2 to 3", externalUri); - addExternalMapInfo(externalUri); - return new ExternalCustomLicense(externalUri); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.ExtractedLicenseInfo) { - return convertAndStore((org.spdx.library.model.v2.license.ExtractedLicenseInfo)fromLicense); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.OrLaterOperator) { - return convertAndStore((org.spdx.library.model.v2.license.OrLaterOperator)fromLicense); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.SpdxListedLicense) { - return convertAndStore((org.spdx.library.model.v2.license.SpdxListedLicense)fromLicense); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.SpdxNoneLicense) { - return new NoneLicense(); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.SpdxNoAssertionLicense) { - return new NoAssertionLicense(); - } else if (fromLicense instanceof org.spdx.library.model.v2.license.WithExceptionOperator) { - return convertAndStore((org.spdx.library.model.v2.license.WithExceptionOperator)fromLicense); - } else { - throw new InvalidSPDXAnalysisException("Can not convert the from AnyLicenseInfo type "+fromLicense.getType()); - } - } - - /** - * Converts the Element and stores all properties in the toStore - * @param fromElement element to convert from - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public Element convertAndStore(org.spdx.library.model.v2.SpdxElement fromElement) throws InvalidSPDXAnalysisException { - if (fromElement instanceof org.spdx.library.model.v2.SpdxFile) { - return convertAndStore((org.spdx.library.model.v2.SpdxFile)fromElement); - } else if (fromElement instanceof org.spdx.library.model.v2.SpdxPackage) { - return convertAndStore((org.spdx.library.model.v2.SpdxPackage)fromElement); - } else if (fromElement instanceof org.spdx.library.model.v2.SpdxSnippet) { - return convertAndStore((org.spdx.library.model.v2.SpdxSnippet)fromElement); - } else if (fromElement instanceof org.spdx.library.model.v2.SpdxNoAssertionElement) { - return new NoAssertionElement(); - } else if (fromElement instanceof org.spdx.library.model.v2.SpdxNoneElement) { - return new NoneElement(); - } else if (fromElement instanceof org.spdx.library.model.v2.ExternalSpdxElement) { - String externalUri = ((org.spdx.library.model.v2.ExternalSpdxElement)fromElement).getIndividualURI(); - logger.warn("Referencing an external SPDX 2 element with URI {} while converting from SPDX 2 to 3", externalUri); - addExternalMapInfo(externalUri); - return new ExternalElement(externalUri); - } else if (fromElement instanceof org.spdx.library.model.v2.SpdxDocument) { - return convertAndStore((org.spdx.library.model.v2.SpdxDocument)fromElement); - } else { - throw new InvalidSPDXAnalysisException("Conversion of SPDX 2 type" + fromElement.getType()+" is not currently supported"); - } - } - - /** - * Creates ExternalMaps for a reference to an external SPDX element or license - * @param externalUri URI of the external element - * @throws InvalidSPDXAnalysisException on error creating ExternalMap - */ - private void addExternalMapInfo(String externalUri) throws InvalidSPDXAnalysisException { - Objects.requireNonNull(externalUri, "External URI can not be null"); - String[] parts = externalUri.split("#"); - if (parts.length != 2) { - logger.warn("{} is not a valid SPDX Spec version 2 external referenced - should have a document uri + '#' + ID", externalUri); - return; - } - Map, ExternalMapInfo> externalMapMap = docUriToExternalMap.get(parts[0]); - if (Objects.isNull(externalMapMap)) { - logger.warn("No corresponding ExternalDocumentRefs for {}", externalUri); - return; - } - synchronized(externalMapMap) { - for (ExternalMapInfo mapInfo:externalMapMap.values()) { - mapInfo.addExternalMap(externalUri, toModelStore); - } - } - - } - - /** - * Converts the SPDX 2 SpdxFile to an SPDX 3 SpdxFile and returns the converted file - * @param spdxFile SPDX file to convert from - * @return SPDX 3 SpdxFile - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public SpdxFile convertAndStore(org.spdx.library.model.v2.SpdxFile spdxFile) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(spdxFile.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_FILE); - if (existing.isPresent()) { - return (SpdxFile)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(spdxFile.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (SpdxFile)getExistingObject(spdxFile.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_FILE).get(); - } - SpdxFile toFile = (SpdxFile)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.SOFTWARE_SPDX_FILE, copyManager, true, defaultUriPrefix); - convertItemProperties(spdxFile, toFile); - - for (org.spdx.library.model.v2.Checksum checksum:spdxFile.getChecksums()) { - toFile.getVerifiedUsings().add(convertAndStore(checksum)); - } - // spdxFile.getFileContributors(); - No equivalent SPDX 3 property - // spdxFile.getFileDependency(); - deprecated - skipping - - for (org.spdx.library.model.v2.enumerations.FileType fileType : spdxFile.getFileTypes()) { - convertAndAddFileType(fileType, toFile); - } - Optional noticeText = spdxFile.getNoticeText(); - - noticeText.ifPresent(s -> toFile.getAttributionTexts().add(s)); - // - this is already captured in the checksums - String sha1 = spdxFile.getSha1(); - return toFile; - } - - /** - * Converts the SPDX spec version 2 Checksum to an SPDX spec version 3 Hash and store the result - * @param checksum SPDX spec version 2 Checksum - * @return SPDX spec version 3 Hash - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public Hash convertAndStore(org.spdx.library.model.v2.Checksum checksum) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(checksum.getObjectUri(), SpdxConstantsV3.CORE_HASH); - if (existing.isPresent()) { - return (Hash)existing.get(); - } - String toObjectUri = toModelStore.getNextId(IdType.Anonymous); - String existingUri = this.alreadyConverted.putIfAbsent(checksum.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (Hash)getExistingObject(checksum.getObjectUri(), SpdxConstantsV3.CORE_HASH).get(); - } - Hash toHash = (Hash)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.CORE_HASH, copyManager, true, defaultUriPrefix); - toHash.setAlgorithm(HASH_ALGORITH_MAP.get(checksum.getAlgorithm())); - toHash.setHashValue(checksum.getValue()); - return toHash; - } - - /** - * Converts an SPDX spec version 2 FileType to the corresponding SPDX model 3 software purpose and/or content type - * and adds that information to the file - * @param fileType SPDX spec version 2 FileType to convert and add - * @param file SPDX spec version 3 SpdxFile to add the software purpose or content type to - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - private void convertAndAddFileType(org.spdx.library.model.v2.enumerations.FileType fileType, SpdxFile file) throws InvalidSPDXAnalysisException { - switch (fileType) { - case ARCHIVE: addSoftwarePurpose(SoftwarePurpose.ARCHIVE, file); break; - case BINARY: file.setContentType("application/octet-stream"); break; - case SOURCE: addSoftwarePurpose(SoftwarePurpose.SOURCE, file); break; - case TEXT: file.setContentType("text/plain"); break; - case APPLICATION: addSoftwarePurpose(SoftwarePurpose.APPLICATION, file); break; - case AUDIO: file.setContentType("audio/*"); break; - case IMAGE: file.setContentType("image/*"); break; - case VIDEO: file.setContentType("video/*"); break; - case DOCUMENTATION: addSoftwarePurpose(SoftwarePurpose.DOCUMENTATION, file); break; - case SPDX: file.setContentType("text/spdx"); break; - case OTHER: addSoftwarePurpose(SoftwarePurpose.OTHER, file); break; - - default: throw new InvalidSPDXAnalysisException("Unknown file type "+fileType); - } - } - - /** - * Adds a Software Purpose to a SoftwareArtifact. If the primaryPurpose is already used, add as an additionalPurpose - * @param purpose purpose to add - * @param artifact artifact to add the purpose to - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - private void addSoftwarePurpose(SoftwarePurpose purpose, - SoftwareArtifact artifact) throws InvalidSPDXAnalysisException { - if (artifact.getPrimaryPurpose().isPresent()) { - artifact.getAdditionalPurposes().add(purpose); - } else { - artifact.setPrimaryPurpose(purpose); - } - } - - /** - * Converts and copies properties from the fromItem to the toArtifact - * @param fromItem SPDX spec version 2 Item to copy properties from - * @param toArtifact SPDX spec version 3 SoftwareArtifact to copy properties to - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - private void convertItemProperties(org.spdx.library.model.v2.SpdxItem fromItem, SoftwareArtifact toArtifact) throws InvalidSPDXAnalysisException { - convertElementProperties(fromItem, toArtifact); - toArtifact.getAttributionTexts().addAll(fromItem.getAttributionText()); - toArtifact.setCopyrightText(fromItem.getCopyrightText()); - Optional licenseComments = fromItem.getLicenseComments(); - if (licenseComments.isPresent()) { - Optional existingComment = toArtifact.getComment(); - toArtifact.setComment(existingComment.map(s -> s + ";" + licenseComments.get()).orElseGet(licenseComments::get)); - } - org.spdx.library.model.v2.license.AnyLicenseInfo concludedLicense = fromItem.getLicenseConcluded(); - if (Objects.nonNull(concludedLicense)) { - Relationship concludedRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, - defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId), SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); - concludedRelationship.setCreationInfo(defaultCreationInfo); - concludedRelationship.setFrom(toArtifact); - concludedRelationship.getTos().add(convertAndStore(concludedLicense)); - concludedRelationship.setRelationshipType(RelationshipType.HAS_CONCLUDED_LICENSE); - } - if (!(fromItem instanceof org.spdx.library.model.v2.SpdxPackage)) { - // we use the license concluded for the SPDX package - for (org.spdx.library.model.v2.license.AnyLicenseInfo declaredLicense:fromItem.getLicenseInfoFromFiles()) { - Relationship declaredRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, - defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId), SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); - declaredRelationship.setCreationInfo(defaultCreationInfo); - declaredRelationship.setFrom(toArtifact); - declaredRelationship.getTos().add(convertAndStore(declaredLicense)); - declaredRelationship.setRelationshipType(RelationshipType.HAS_DECLARED_LICENSE); - } - } - } - - /** - * Converts the SPDX 2 SpdxPackage to an SPDX 3 SpdxPackage and returns the converted package - * @param spdxPackage SPDX package to convert from - * @return SPDX 3 SpdxPackage - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public SpdxPackage convertAndStore(org.spdx.library.model.v2.SpdxPackage spdxPackage) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(spdxPackage.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_PACKAGE); - if (existing.isPresent()) { - return (SpdxPackage)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(spdxPackage.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (SpdxPackage)getExistingObject(spdxPackage.getObjectUri(), SpdxConstantsV3.SOFTWARE_SPDX_PACKAGE).get(); - } - SpdxPackage toPackage = (SpdxPackage)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.SOFTWARE_SPDX_PACKAGE, copyManager, true, defaultUriPrefix); - convertItemProperties(spdxPackage, toPackage); - toPackage.setBuiltTime(spdxPackage.getBuiltDate().orElse(null)); - toPackage.setDescription(spdxPackage.getDescription().orElse(null)); - toPackage.setDownloadLocation(spdxPackage.getDownloadLocation().orElse(null)); - for (org.spdx.library.model.v2.ExternalRef externalRef:spdxPackage.getExternalRefs()) { - addExternalRefToArtifact(externalRef, toPackage); - } - // spdxPackage.getFiles() - these should be captured in relationships - toPackage.setHomePage(spdxPackage.getHomepage().orElse(null)); - Optional originator = spdxPackage.getOriginator(); - if (originator.isPresent()) { - toPackage.getOriginatedBys().add(stringToAgent(originator.get(), toPackage.getCreationInfo())); - } - Optional packageFileName = spdxPackage.getPackageFileName(); - if (packageFileName.isPresent()) { - addPackageFileNameToPackage(packageFileName.get(), toPackage, spdxPackage.getChecksums()); - } - Optional pkgVerificationCode = spdxPackage.getPackageVerificationCode(); - if (pkgVerificationCode.isPresent()) { - toPackage.getVerifiedUsings().add(convertAndStore(pkgVerificationCode.get())); - } - Optional primaryPurpose = spdxPackage.getPrimaryPurpose(); - if (primaryPurpose.isPresent()) { - if (toPackage.getPrimaryPurpose().isPresent()) { - toPackage.getAdditionalPurposes().add(toPackage.getPrimaryPurpose().get()); - } - toPackage.setPrimaryPurpose(PURPOSE_MAP.get(primaryPurpose.get())); - } - toPackage.setReleaseTime(spdxPackage.getReleaseDate().orElse(null)); - toPackage.setSourceInfo(spdxPackage.getSourceInfo().orElse(null)); - toPackage.setSummary(spdxPackage.getSummary().orElse(null)); - Optional supplier = spdxPackage.getSupplier(); - if (supplier.isPresent()) { - toPackage.setSuppliedBy(stringToAgent(supplier.get(), toPackage.getCreationInfo())); - } - toPackage.setValidUntilTime(spdxPackage.getValidUntilDate().orElse(null)); - toPackage.setPackageVersion(spdxPackage.getVersionInfo().orElse(null)); - - org.spdx.library.model.v2.license.AnyLicenseInfo declaredLicense = spdxPackage.getLicenseDeclared(); - if (Objects.nonNull(declaredLicense)) { - Relationship declaredRelationship = (Relationship)SpdxModelClassFactoryV3.getModelObject(toModelStore, - defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId), SpdxConstantsV3.CORE_RELATIONSHIP, copyManager, true, defaultUriPrefix); - declaredRelationship.setCreationInfo(defaultCreationInfo); - declaredRelationship.setFrom(toPackage); - declaredRelationship.getTos().add(convertAndStore(declaredLicense)); - declaredRelationship.setRelationshipType(RelationshipType.HAS_DECLARED_LICENSE); - } - return toPackage; - } - - /** - * Converts the spdxPackageVerificationCode to an IntegrityMethod and store the result in the toModelStore - * @param spdxPackageVerificationCode SPDX Spec version 2 package verification code - * @return the package verification code integrity method - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public IntegrityMethod convertAndStore( - org.spdx.library.model.v2.SpdxPackageVerificationCode spdxPackageVerificationCode) throws InvalidSPDXAnalysisException { - PackageVerificationCode pkgVerificationCode = (PackageVerificationCode)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toModelStore.getNextId(IdType.Anonymous), SpdxConstantsV3.CORE_PACKAGE_VERIFICATION_CODE, - copyManager, true, defaultUriPrefix); - - pkgVerificationCode.setAlgorithm(HashAlgorithm.SHA1); - pkgVerificationCode.setHashValue(spdxPackageVerificationCode.getValue()); - pkgVerificationCode.getPackageVerificationCodeExcludedFiles().addAll(spdxPackageVerificationCode.getExcludedFileNames()); - return pkgVerificationCode; - } - - /** - * Create a File artifact and add that to toPackage as a relationship - * @param fileName Name of the File artifact - * @param toPackage package to add the file to - * @param fileChecksums checksums for the file - * @throws InvalidSPDXAnalysisException on SPDX parsing errors - */ - private void addPackageFileNameToPackage(String fileName, - SpdxPackage toPackage, Collection fileChecksums) throws InvalidSPDXAnalysisException { - SpdxFile file = toPackage.createSpdxFile(defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId)) - .setName(fileName) - .build(); - for (org.spdx.library.model.v2.Checksum checksum : fileChecksums) { - file.getVerifiedUsings().add(convertAndStore(checksum)); - } - toPackage.createRelationship(defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId)) - .setRelationshipType(RelationshipType.HAS_DISTRIBUTION_ARTIFACT) - .setFrom(toPackage) - .addTo(file) - .setCompleteness(RelationshipCompleteness.COMPLETE) - .build(); - } - - /** - * @param externalRef SPDX Spec version 2 External Ref to add to the package - * @param artifact SPDX Spec version 3 Artifact to add either an ExternalRef or ExternalId depending on the externalRef type - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - private void addExternalRefToArtifact(org.spdx.library.model.v2.ExternalRef externalRef, - SoftwareArtifact artifact) throws InvalidSPDXAnalysisException { - addExternalRefToArtifact(externalRef, artifact, toModelStore); - } - - /** - * @param externalRef SPDX Spec version 2 External Ref to add to the package - * @param artifact SPDX Spec version 3 Artifact to add either an ExternalRef or ExternalId depending on the externalRef type - * @param modelStore modelStore to use for creating any SPDX objects - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public static void addExternalRefToArtifact(org.spdx.library.model.v2.ExternalRef externalRef, - SoftwareArtifact artifact, IModelStore modelStore) throws InvalidSPDXAnalysisException { - addExternalRefToArtifact(externalRef.getReferenceCategory(), externalRef.getReferenceType(), - externalRef.getReferenceLocator(), externalRef.getComment().orElse(null), artifact, modelStore); - } - - /** - * @param referenceCategory Reference category for external ref - * @param referenceType Reference type for external ref - * @param referenceLocator Locator for external ref - * @param comment External reference comment - * @param artifact Artifact which contains the external ref - * @param modelStore modelStore to use for creating any SPDX objects - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public static void addExternalRefToArtifact(org.spdx.library.model.v2.enumerations.ReferenceCategory referenceCategory, - org.spdx.library.model.v2.ReferenceType referenceType, String referenceLocator, @Nullable String comment, - SoftwareArtifact artifact, IModelStore modelStore) throws InvalidSPDXAnalysisException { - Objects.requireNonNull(referenceType); - switch (referenceType.getIndividualURI()) { - case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "cpe22Type": - case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "cpe23Type": - case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "swid": - artifact.getExternalIdentifiers().add(artifact.createExternalIdentifier(modelStore.getNextId(IdType.Anonymous)) - .setExternalIdentifierType(EXTERNAL_IDENTIFIER_TYPE_MAP.get(referenceType.getIndividualURI())) - .setIdentifier(referenceLocator) - .setComment(comment) - .build()); break; - case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "purl": { - if (artifact instanceof SpdxPackage) { - ((SpdxPackage)artifact).setPackageUrl(referenceLocator); - } else { - artifact.getExternalIdentifiers().add(artifact.createExternalIdentifier(modelStore.getNextId(IdType.Anonymous)) - .setExternalIdentifierType(EXTERNAL_IDENTIFIER_TYPE_MAP.get(referenceType.getIndividualURI())) - .setIdentifier(referenceLocator) - .setComment(comment) - .build()); break; - } - } break; - case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "swh": - case SpdxConstantsCompatV2.SPDX_LISTED_REFERENCE_TYPES_PREFIX + "gitoid": - artifact.getContentIdentifiers().add(artifact.createContentIdentifier(modelStore.getNextId(IdType.Anonymous)) - .setContentIdentifierType(CONTENT_IDENTIFIER_TYPE_MAP.get(referenceType.getIndividualURI())) - .setContentIdentifierValue(referenceLocator) - .setComment(comment) - .build()); break; - default: { - ExternalRefType externalRefType = EXTERNAL_REF_TYPE_MAP.get(referenceType.getIndividualURI()); - if (Objects.isNull(externalRefType)) { - switch (referenceCategory) { - case PACKAGE_MANAGER: externalRefType = ExternalRefType.BUILD_SYSTEM; break; - case SECURITY: externalRefType = ExternalRefType.SECURITY_OTHER; break; - default: externalRefType = ExternalRefType.OTHER; - } - } - artifact.getExternalRefs().add(artifact.createExternalRef(modelStore.getNextId(IdType.Anonymous)) - .setExternalRefType(externalRefType) - .addLocator(referenceLocator) - .setComment(comment) - .build()); - } - } - } - - /** - * Converts the SPDX 2 SpdxSnippet to an SPDX 3 Snippet and returns the converted snippet - * @param fromSnippet SPDX 2 snippet to convert from - * @return SPDX 3 Snippet - * @throws InvalidSPDXAnalysisException on any error in conversion - */ - public Snippet convertAndStore(org.spdx.library.model.v2.SpdxSnippet fromSnippet) throws InvalidSPDXAnalysisException { - Optional existing = getExistingObject(fromSnippet.getObjectUri(), SpdxConstantsV3.SOFTWARE_SNIPPET); - if (existing.isPresent()) { - return (Snippet)existing.get(); - } - String toObjectUri = defaultUriPrefix + toModelStore.getNextId(IdType.SpdxId); - String existingUri = this.alreadyConverted.putIfAbsent(fromSnippet.getObjectUri(), toObjectUri); - if (Objects.nonNull(existingUri)) { - // small window if conversion occurred since the last check already converted - return (Snippet)getExistingObject(fromSnippet.getObjectUri(), SpdxConstantsV3.SOFTWARE_SNIPPET).get(); - } - Snippet toSnippet = (Snippet)SpdxModelClassFactoryV3.getModelObject(toModelStore, - toObjectUri, SpdxConstantsV3.SOFTWARE_SNIPPET, copyManager, true, defaultUriPrefix); - convertItemProperties(fromSnippet, toSnippet); - StartEndPointer fromByteRange = fromSnippet.getByteRange(); - if (Objects.nonNull(fromByteRange)) { - // noinspection DataFlowIssue - ByteOffsetPointer startPointer = (ByteOffsetPointer) fromByteRange.getStartPointer(); - ByteOffsetPointer endPointer = (ByteOffsetPointer) fromByteRange.getEndPointer(); - if (Objects.nonNull(startPointer) && Objects.nonNull(endPointer)) { - toSnippet.setByteRange(toSnippet - .createPositiveIntegerRange(toModelStore.getNextId(IdType.Anonymous)) - .setBeginIntegerRange(startPointer.getOffset()) - .setEndIntegerRange(endPointer.getOffset()).build()); - } - } - Optional fromLineRange = fromSnippet.getLineRange(); - if (fromLineRange.isPresent()) { - // noinspection DataFlowIssue - LineCharPointer startPointer = (LineCharPointer) fromLineRange.get().getStartPointer(); - LineCharPointer endPointer = (LineCharPointer) fromLineRange.get().getEndPointer(); - if (Objects.nonNull(startPointer) && Objects.nonNull(endPointer)) { - toSnippet.setLineRange(toSnippet - .createPositiveIntegerRange(toModelStore.getNextId(IdType.Anonymous)) - .setBeginIntegerRange(startPointer.getLineNumber()) - .setEndIntegerRange(endPointer.getLineNumber()).build()); - } - } - toSnippet.setSnippetFromFile(convertAndStore(Objects.requireNonNull(fromSnippet.getSnippetFromFile()))); - return toSnippet; - } -} \ No newline at end of file From 7df12e9b6305d52f02395797b5c3b886d69336c6 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 11:07:57 -0400 Subject: [PATCH 15/21] feat: flat struct generation, update tests Signed-off-by: Keith Zantow --- go.mod | 15 +- go.sum | 38 +- spdx/v2/v2_2/example/example.go | 2 +- spdx/v2/v2_3/example/example.go | 2 +- spdx/v3/internal/generate/main.go | 1 + spdx/v3/v3_0_1/convert.go | 213 +- spdx/v3/v3_0_1/convert_test.go | 48 +- spdx/v3/v3_0_1/convert_v301_test.go | 421 +- spdx/v3/v3_0_1/model.go | 12458 +++++++++++++++----- spdx/v3/v3_0_1/model_validations.go | 1376 ++- spdx/v3/v3_0_1/spdx.go | 11 +- spdx/v3/v3_0_1/spdx_serialization_test.go | 62 +- spdx/v3/v3_0_1/spdx_test.go | 230 +- 13 files changed, 11097 insertions(+), 3780 deletions(-) diff --git a/go.mod b/go.mod index 2d7ffd8a..8cb6ae80 100644 --- a/go.mod +++ b/go.mod @@ -3,10 +3,11 @@ module github.com/spdx/tools-golang go 1.23.5 require ( - github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693 + github.com/anchore/go-struct-converter v0.0.0-20251008145103-b79fc8ba4f45 github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.7.0 - github.com/kzantow/go-ld v0.0.0-20251005195049-7f77d34103cd + github.com/google/uuid v1.6.0 + github.com/kzantow/go-ld v0.0.0-20251008150111-0c38e7504ec5 github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb github.com/stretchr/testify v1.11.1 @@ -19,7 +20,15 @@ require ( ) require ( - github.com/google/uuid v1.6.0 // indirect + github.com/dave/jennifer v1.7.1 // indirect + github.com/deiu/gon3 v0.0.0-20241212124032-93153c038193 // indirect + github.com/deiu/rdf2go v0.0.0-20241212211204-b661ba0dfd25 // indirect + github.com/gertd/go-pluralize v0.2.1 // indirect + github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326 // indirect github.com/piprate/json-gold v0.7.0 // indirect github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect + github.com/rychipman/easylex v0.0.0-20160129204217-49ee7767142f // indirect + golang.org/x/mod v0.14.0 // indirect + golang.org/x/tools v0.17.0 // indirect + mvdan.cc/gofumpt v0.7.0 // indirect ) diff --git a/go.sum b/go.sum index 82bca03e..43efb3e7 100644 --- a/go.sum +++ b/go.sum @@ -1,23 +1,39 @@ -github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693 h1:5mW2UozRrZkMhd6tEsN+T5tCk6XxI+qMLu4DmDTUZd4= -github.com/anchore/go-struct-converter v0.0.0-20250312065156-fb4bbb7d1693/go.mod h1:SxEY1rkVuDSqQOnD1+G4A45wAKXPMum/a51ywvN/8o4= +github.com/anchore/go-struct-converter v0.0.0-20251008145103-b79fc8ba4f45 h1:sqkP57/1/85SgWDHHJmY4ubBJUIpGlto6JZql6Dpp34= +github.com/anchore/go-struct-converter v0.0.0-20251008145103-b79fc8ba4f45/go.mod h1:SxEY1rkVuDSqQOnD1+G4A45wAKXPMum/a51ywvN/8o4= +github.com/dave/jennifer v1.7.1 h1:B4jJJDHelWcDhlRQxWeo0Npa/pYKBLrirAQoTN45txo= +github.com/dave/jennifer v1.7.1/go.mod h1:nXbxhEmQfOZhWml3D1cDK5M1FLnMSozpbFN/m3RmGZc= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/deiu/gon3 v0.0.0-20241212124032-93153c038193 h1:EQBdXSCO7r+0KQE/pN6v+RAH7p6+yz+6pbCfHh+ETME= +github.com/deiu/gon3 v0.0.0-20241212124032-93153c038193/go.mod h1:EdezkFZtCJELxMo+YIX5B5i5ofz9U+n+xSxWku6mOS0= +github.com/deiu/rdf2go v0.0.0-20241212211204-b661ba0dfd25 h1:drltZW/t3SgIHpURgCii68Jq0zvpcGhtkWRf3zmbxpc= +github.com/deiu/rdf2go v0.0.0-20241212211204-b661ba0dfd25/go.mod h1:AAL3UBTBShUaH3y68LyhlSjz6S6DoHoMSpAWvnCiTCs= +github.com/gertd/go-pluralize v0.2.1 h1:M3uASbVjMnTsPb0PNqg+E/24Vwigyo/tvyMTtAlLgiA= +github.com/gertd/go-pluralize v0.2.1/go.mod h1:rbYaKDbsXxmRfr8uygAEKhOWsjyrrqrkHVpZvoOp8zk= +github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI= +github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7 h1:rBVkkYUZ9mUDmjp2+Y6KthUqbcSB+4kN82PZbuzYkNw= -github.com/kzantow/go-ld v0.0.0-20250806021826-ebdb59bc88e7/go.mod h1:P7HdHSjYOcim2o9GWUj011qCd9bEOc+Bg8SeW6JKV8M= -github.com/kzantow/go-ld v0.0.0-20251005195049-7f77d34103cd h1:MI91BbB76MLGRwt3dLQ0tUQI+IzpF2AaTz1x0cJOXjw= -github.com/kzantow/go-ld v0.0.0-20251005195049-7f77d34103cd/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= -github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b h1:xyh6boGzDR4EpdEDe9ix1KhHNgOSiBjBocahA6FalEQ= -github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b/go.mod h1:RVhE35veDX19r5gfUAR+IYHkAUuPwJO8Ie/qVeFaIzw= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kzantow/go-ld v0.0.0-20251008150111-0c38e7504ec5 h1:++nXIbpRtenMC9zYq8amBhLxeWo/nWMCIgJjOExdrVo= +github.com/kzantow/go-ld v0.0.0-20251008150111-0c38e7504ec5/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= +github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326 h1:YP3lfXXYiQV5MKeUqVnxRP5uuMQTLPx+PGYm1UBoU98= +github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326/go.mod h1:nfqkuSNlsk1bvti/oa7TThx4KmRMBmSxf3okHI9wp3E= github.com/piprate/json-gold v0.7.0 h1:bEMirgA5y8Z2loTQfxyIFfY+EflxH1CTP6r/KIlcJNw= github.com/piprate/json-gold v0.7.0/go.mod h1:RVhE35veDX19r5gfUAR+IYHkAUuPwJO8Ie/qVeFaIzw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 h1:J9b7z+QKAmPf4YLrFg6oQUotqHQeUNWwkvo7jZp1GLU= github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/rychipman/easylex v0.0.0-20160129204217-49ee7767142f h1:L2/fBPABieQnQzfV40k2Zw7IcvZbt0CN5TgwUl8zDCs= +github.com/rychipman/easylex v0.0.0-20160129204217-49ee7767142f/go.mod h1:MZ2GRTcqmve6EoSbErWgCR+Ash4p8Gc5esHe8MDErss= github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb h1:bLo8hvc8XFm9J47r690TUKBzcjSWdJDxmjXJZ+/f92U= github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= @@ -26,9 +42,15 @@ go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= go.yaml.in/yaml/v3 v3.0.3 h1:bXOww4E/J3f66rav3pX3m8w6jDE4knZjGOw8b5Y6iNE= go.yaml.in/yaml/v3 v3.0.3/go.mod h1:tBHosrYAkRZjRAOREWbDnBXUf08JOwYq++0QNwQiWzI= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +mvdan.cc/gofumpt v0.7.0 h1:bg91ttqXmi9y2xawvkuMXyvAA/1ZGJqYAEGjXuP0JXU= +mvdan.cc/gofumpt v0.7.0/go.mod h1:txVFJy/Sc/mvaycET54pV8SW8gWxTlUuGHVEcncmNUo= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/spdx/v2/v2_2/example/example.go b/spdx/v2/v2_2/example/example.go index 501eb773..d7cb9289 100644 --- a/spdx/v2/v2_2/example/example.go +++ b/spdx/v2/v2_2/example/example.go @@ -12,7 +12,7 @@ import ( // Copy provides a deep copy of the example func Copy() spdx.Document { out := spdx.Document{} - err := converter.Convert(example, &out) + err := converter.Clone(example, &out) if err != nil { panic(fmt.Errorf("unable to convert example doc: %w", err)) } diff --git a/spdx/v2/v2_3/example/example.go b/spdx/v2/v2_3/example/example.go index e426d876..647d5b65 100644 --- a/spdx/v2/v2_3/example/example.go +++ b/spdx/v2/v2_3/example/example.go @@ -12,7 +12,7 @@ import ( // Copy provides a deep copy of the example func Copy() spdx.Document { out := spdx.Document{} - err := converter.Convert(example, &out) + err := converter.Clone(example, &out) if err != nil { panic(fmt.Errorf("unable to convert example doc: %w", err)) } diff --git a/spdx/v3/internal/generate/main.go b/spdx/v3/internal/generate/main.go index 7729bae6..2eca7b0c 100644 --- a/spdx/v3/internal/generate/main.go +++ b/spdx/v3/internal/generate/main.go @@ -31,6 +31,7 @@ func main() { shaclgen.Generate( shaclgen.EnableLog(), + shaclgen.UseFlatStruct(true), shaclgen.PackageName(packageName), shaclgen.LicenseID("MIT"), shaclgen.OutputFile(fileName), diff --git a/spdx/v3/v3_0_1/convert.go b/spdx/v3/v3_0_1/convert.go index efd943b3..2704f47e 100644 --- a/spdx/v3/v3_0_1/convert.go +++ b/spdx/v3/v3_0_1/convert.go @@ -10,10 +10,10 @@ import ( "time" "github.com/kzantow/go-ld" - "github.com/spdx/tools-golang/spdx/v3/internal" "github.com/spdx/tools-golang/spdx/v2/common" "github.com/spdx/tools-golang/spdx/v2/v2_3" + "github.com/spdx/tools-golang/spdx/v3/internal" ) func From_v2_3(doc v2_3.Document, d *Document) { @@ -276,12 +276,10 @@ func (c *documentConverter) convert23relationship(rel *v2_3.Relationship) AnyRel } r := &Relationship{ - Element: Element{ - Comment: rel.RelationshipComment, - }, - From: from, - Type: typ, - To: ElementList{to}, + Comment: rel.RelationshipComment, + From: from, + Type: typ, + To: ElementList{to}, } c.addRelationship(r) return r @@ -315,10 +313,10 @@ func (c *documentConverter) convert23creationInfo(info *v2_3.CreationInfo) AnyCr // update circular references, which will be set to nil by default for _, a := range ci.CreatedBy.Agents() { - a.CreationInfo = ci + a.SetCreationInfo(ci) } for _, a := range ci.CreatedUsing.Tools() { - a.CreationInfo = ci + a.SetCreationInfo(ci) } return ci @@ -335,10 +333,8 @@ func (c *documentConverter) convert23tool(creator common.Creator) AnyTool { } return &Tool{ - Element: Element{ - CreationInfo: c.creationInfo, - Name: creator.Creator, - }, + CreationInfo: c.creationInfo, + Name: creator.Creator, } } @@ -387,21 +383,21 @@ func (c *documentConverter) convert23agent(typ, name string) AnyAgent { var out AnyAgent switch strings.ToLower(typ) { case "person": - out = &Person{Agent: Agent{Element: Element{ + out = &Person{ CreationInfo: c.creationInfo, Name: name, - }}} + } case "organization", "org": - out = &Organization{Agent: Agent{Element: Element{ + out = &Organization{ CreationInfo: c.creationInfo, Name: name, - }}} + } case "tool": // handled elsewhere default: c.logDropped(fmt.Sprintf("unknown agent type: %v with value: %v", typ, name)) } if emailValue != "" { - Cast[Element](out).ExternalIdentifiers = externalIdentifierListEmail(emailValue) + out.SetExternalIdentifiers(externalIdentifierListEmail(emailValue)) } return out } @@ -412,30 +408,24 @@ func (c *documentConverter) convert23file(f *v2_3.File) AnyFile { } out := &File{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: string(f.FileSPDXIdentifier), - Comment: f.FileComment, - Name: f.FileName, - Description: f.FileNotice, - ExternalRefs: nil, - Summary: "", - VerifiedUsing: list[IntegrityMethodList](c.convert23checksum, f.Checksums...), - }, - StandardNames: nil, - BuiltTime: time.Time{}, - ReleaseTime: time.Time{}, - SupportLevels: nil, - SuppliedBy: nil, - OriginatedBy: c.convert23contributors(f.FileContributors...), - ValidUntilTime: time.Time{}, - }, - AttributionTexts: f.FileAttributionTexts, - CopyrightText: f.FileCopyrightText, - }, - ContentType: "", - Kind: FileKindType_File, + ID: string(f.FileSPDXIdentifier), + Comment: f.FileComment, + Name: f.FileName, + Description: f.FileNotice, + ExternalRefs: nil, + Summary: "", + VerifiedUsing: list[IntegrityMethodList](c.convert23checksum, f.Checksums...), + StandardNames: nil, + BuiltTime: time.Time{}, + ReleaseTime: time.Time{}, + SupportLevels: nil, + SuppliedBy: nil, + OriginatedBy: c.convert23contributors(f.FileContributors...), + ValidUntilTime: time.Time{}, + AttributionTexts: f.FileAttributionTexts, + CopyrightText: f.FileCopyrightText, + ContentType: "", + Kind: FileKindType_File, } for _, s := range f.Snippets { @@ -476,44 +466,39 @@ func (c *documentConverter) convert23package(pkg *v2_3.Package) AnyPackage { id := string(pkg.PackageSPDXIdentifier) out := &Package{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: id, - Name: pkg.PackageName, - Summary: pkg.PackageSummary, - Comment: pkg.PackageComment, - Description: pkg.PackageDescription, - ExternalIdentifiers: list[ExternalIdentifierList](c.convert23externalIdentifier, pkg.PackageExternalReferences...), - VerifiedUsing: verificationCodes, - }, - BuiltTime: c.convert23time(pkg.BuiltDate), - OriginatedBy: list[AgentList](c.convert23originator, pkg.PackageOriginator), - ReleaseTime: c.convert23time(pkg.ReleaseDate), - SuppliedBy: c.convert23supplier(pkg.PackageSupplier), - ValidUntilTime: c.convert23time(pkg.ValidUntilDate), - }, - AttributionTexts: pkg.PackageAttributionTexts, - CopyrightText: pkg.PackageCopyrightText, - PrimaryPurpose: c.convert23purpose(pkg.PrimaryPackagePurpose), - }, - Version: pkg.PackageVersion, - DownloadLocation: c.convert23uri(pkg.PackageDownloadLocation), - HomePage: c.convert23uri(pkg.PackageHomePage), - PackageURL: c.convert23packageUrl(pkg.PackageExternalReferences), - SourceInfo: pkg.PackageSourceInfo, - } - - for obj, ident := range out.ExternalIdentifiers.ExternalIdentifiers() { - if ident.Type == ExternalIdentifierType_PackageURL { - if ident.Comment != "" { + ID: id, + Name: pkg.PackageName, + Summary: pkg.PackageSummary, + Comment: pkg.PackageComment, + Description: pkg.PackageDescription, + ExternalIdentifiers: list[ExternalIdentifierList](c.convert23externalIdentifier, pkg.PackageExternalReferences...), + VerifiedUsing: verificationCodes, + BuiltTime: c.convert23time(pkg.BuiltDate), + OriginatedBy: list[AgentList](c.convert23originator, pkg.PackageOriginator), + ReleaseTime: c.convert23time(pkg.ReleaseDate), + SuppliedBy: c.convert23supplier(pkg.PackageSupplier), + ValidUntilTime: c.convert23time(pkg.ValidUntilDate), + AttributionTexts: pkg.PackageAttributionTexts, + CopyrightText: pkg.PackageCopyrightText, + PrimaryPurpose: c.convert23purpose(pkg.PrimaryPackagePurpose), + Version: pkg.PackageVersion, + DownloadLocation: c.convert23uri(pkg.PackageDownloadLocation), + HomePage: c.convert23uri(pkg.PackageHomePage), + PackageURL: c.convert23packageUrl(pkg.PackageExternalReferences), + SourceInfo: pkg.PackageSourceInfo, + } + + // move the first valid PURL to the PackageURL field + for _, ident := range out.ExternalIdentifiers.ExternalIdentifiers() { + if ident.GetType() == ExternalIdentifierType_PackageURL { + if ident.GetComment() != "" { continue } - purl := ld.URI(ident.Identifier) + purl := URI(ident.GetIdentifier()) if purl.Validate() == nil { out.PackageURL = purl out.ExternalIdentifiers = slices.DeleteFunc(out.ExternalIdentifiers, func(identifier AnyExternalIdentifier) bool { - return identifier == obj + return identifier.GetIdentifier() == string(purl) }) break } @@ -654,18 +639,10 @@ func (c *documentConverter) convert23license(l *v2_3.OtherLicense) AnyLicenseInf } out := &CustomLicense{ - License: License{ - ExtendableLicense: ExtendableLicense{ - LicenseInfo: LicenseInfo{ - Element: Element{ - Name: l.LicenseName, - Comment: l.LicenseComment, - }, - }, - }, - SeeAlsos: seeAlso, - Text: l.ExtractedText, - }, + Name: l.LicenseName, + Comment: l.LicenseComment, + SeeAlsos: seeAlso, + Text: l.ExtractedText, } c.idMap[l.LicenseIdentifier] = out @@ -685,28 +662,12 @@ func (c *documentConverter) convert23licenseString(licenseString string) AnyLice return license } out = &CustomLicense{ - License: License{ - ExtendableLicense: ExtendableLicense{ - LicenseInfo: LicenseInfo{ - Element: Element{ - Name: licenseString, - }, - }, - }, - Text: licenseString, - }, + Name: licenseString, + Text: licenseString, } } else { out = &ListedLicense{ - License: License{ - ExtendableLicense: ExtendableLicense{ - LicenseInfo: LicenseInfo{ - Element: Element{ - Name: licenseString, - }, - }, - }, - }, + Name: licenseString, } } @@ -748,11 +709,9 @@ func (c *documentConverter) convert23annotation(a *v2_3.Annotation) AnyAnnotatio } out := &Annotation{ - Element: Element{ - CreationInfo: &CreationInfo{ - Created: c.convert23time(a.AnnotationDate), - CreatedBy: list[AgentList](c.convert23annotator, &a.Annotator), - }, + CreationInfo: &CreationInfo{ + Created: c.convert23time(a.AnnotationDate), + CreatedBy: list[AgentList](c.convert23annotator, &a.Annotator), }, Type: typ, Statement: a.AnnotationComment, @@ -774,15 +733,13 @@ func (c *documentConverter) convert23snippet(s v2_3.Snippet) AnyElement { var licenses LicenseInfoList d := c.convert23licenseString(s.SnippetLicenseConcluded) - if licenseInfo := Cast[LicenseInfo](d); licenseInfo != nil { - licenseInfo.Comment = s.SnippetLicenseComments - licenses = append(licenses, d) - } + d.SetComment(s.SnippetLicenseComments) + licenses = append(licenses, d) for _, licenseInfo := range s.LicenseInfoInSnippet { d = c.convert23licenseString(licenseInfo) - if licenseInfo := Cast[LicenseInfo](d); licenseInfo != nil { - licenseInfo.Comment = s.SnippetLicenseComments + if d != nil { + d.SetComment(s.SnippetLicenseComments) licenses = append(licenses, d) } } @@ -799,18 +756,12 @@ func (c *documentConverter) convert23snippet(s v2_3.Snippet) AnyElement { snippetFile = f } newSnippet := &Snippet{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: string(s.SnippetSPDXIdentifier), - Comment: s.SnippetComment, - Name: s.SnippetName, - }, - }, - CopyrightText: s.SnippetCopyrightText, - AttributionTexts: s.SnippetAttributionTexts, - }, - FromFile: f, + ID: string(s.SnippetSPDXIdentifier), + Comment: s.SnippetComment, + Name: s.SnippetName, + CopyrightText: s.SnippetCopyrightText, + AttributionTexts: s.SnippetAttributionTexts, + FromFile: f, LineRange: &PositiveIntegerRange{ BeginIntegerRange: ld.PositiveInt(r.StartPointer.LineNumber), EndIntegerRange: ld.PositiveInt(r.EndPointer.LineNumber), @@ -839,9 +790,7 @@ func (c *documentConverter) convert23snippet(s v2_3.Snippet) AnyElement { out = allSnippets[0] default: out = &Bundle{ - ElementCollection: ElementCollection{ - Elements: allSnippets, - }, + Elements: allSnippets, } } diff --git a/spdx/v3/v3_0_1/convert_test.go b/spdx/v3/v3_0_1/convert_test.go index 319a9c47..99458931 100644 --- a/spdx/v3/v3_0_1/convert_test.go +++ b/spdx/v3/v3_0_1/convert_test.go @@ -5,7 +5,6 @@ import ( "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" - "github.com/kzantow/go-ld" "github.com/stretchr/testify/require" ) @@ -92,28 +91,20 @@ func Test_convertElements(t *testing.T) { } } -func each[Element, View any](s ld.TypeSeq[Element, View]) []View { - var out []View - for _, v := range s { - out = append(out, v) - } - return out -} - func Test_documentConversion(t *testing.T) { expected := v301doc() converted := &Document{} From_v2_3(*v23doc(), converted) - startPkgs := each(expected.Elements.Packages()) - gotPkgs := each(converted.Elements.Packages()) + startPkgs := expected.Elements.Packages() + gotPkgs := converted.Elements.Packages() if diff := cmp.Diff(startPkgs, gotPkgs, diffOpts()...); diff != "" { t.Errorf("mismatch (-want +got):\n%s", diff) } - startRels := each(expected.Elements.Relationships()) - gotRels := each(converted.Elements.Relationships()) + startRels := expected.Elements.Relationships() + gotRels := converted.Elements.Relationships() if diff := cmp.Diff(startRels, gotRels, diffOpts()...); diff != "" { t.Errorf("mismatch (-want +got):\n%s", diff) } @@ -121,10 +112,37 @@ func Test_documentConversion(t *testing.T) { func diffOpts() []cmp.Option { var out []cmp.Option + for _, t := range []any{ + Package{}, + AIPackage{}, + Relationship{}, + File{}, + Snippet{}, + Annotation{}, + Tool{}, + Person{}, + Organization{}, + CustomLicense{}, + ListedLicense{}, + SpdxDocument{}, + SBOM{}, + } { + out = append(out, + cmpopts.IgnoreUnexported(t), + cmpopts.IgnoreFields(t, "ID", "CreationInfo"), + ) + } + for _, t := range []any{ + SpdxDocument{}, + SBOM{}, + Bundle{}, + } { + out = append(out, + cmpopts.IgnoreFields(t, "Elements"), + ) + } out = append(out, cmpopts.IgnoreFields(Document{}, "LDContext"), - cmpopts.IgnoreFields(Element{}, "ID", "CreationInfo"), - cmpopts.IgnoreFields(ElementCollection{}, "Elements"), // we only want to compare RootElements cmpopts.IgnoreFields(CreationInfo{}, "CreatedUsing"), cmpopts.EquateComparable( ExternalIdentifierType{}, diff --git a/spdx/v3/v3_0_1/convert_v301_test.go b/spdx/v3/v3_0_1/convert_v301_test.go index 5afb72ba..bac39b07 100644 --- a/spdx/v3/v3_0_1/convert_v301_test.go +++ b/spdx/v3/v3_0_1/convert_v301_test.go @@ -4,6 +4,7 @@ import ( "time" "github.com/kzantow/go-ld" + "github.com/spdx/tools-golang/spdx/v2/v2_3" ) @@ -17,19 +18,11 @@ func v301doc() *Document { ci.CreatedUsing[0], ) d.DataLicense = &ListedLicense{ - License: License{ - ExtendableLicense: ExtendableLicense{ - LicenseInfo: LicenseInfo{ - Element: Element{ - Name: v2_3.DataLicense, - }, - }, - }, - }, + Name: v2_3.DataLicense, } d.SpdxDocument.ID = "SPDXRef-DOCUMENT" d.CreationInfo.(*CreationInfo).Created = parseTime("2023-01-15T10:30:00Z") - d.SpdxDocument.Element.Comment = "This is a sample SPDX document for testing purposes." + d.SpdxDocument.Comment = "This is a sample SPDX document for testing purposes." d.NamespaceMaps = NamespaceMapList{ &NamespaceMap{ Namespace: "https://example.com/spdx/example-software-1.0.0", @@ -85,20 +78,16 @@ func v301doc() *Document { sbom.Elements = append(sbom.Elements, // SpdxRef-DOCUMENT relationships are handled by object structure &Relationship{ - From: pkg1, - To: ElementList{pkg2}, - Type: RelationshipType_DependsOn, - Element: Element{ - Comment: "Main package depends on utility tools", - }, + From: pkg1, + To: ElementList{pkg2}, + Type: RelationshipType_DependsOn, + Comment: "Main package depends on utility tools", }, &Relationship{ - From: pkg1, - To: ElementList{file1}, - Type: RelationshipType_Contains, - Element: Element{ - Comment: "Package contains main source file", - }, + From: pkg1, + To: ElementList{file1}, + Type: RelationshipType_Contains, + Comment: "Package contains main source file", }, ) @@ -111,19 +100,13 @@ func v301creationInfo() *CreationInfo { Created: parseTime("2023-01-15T10:30:00Z"), CreatedBy: AgentList{ &Person{ - Agent: Agent{ - Element: Element{ - Name: "John Doe", - ExternalIdentifiers: externalIdentifierListEmail("john@example.com"), - }, - }, + Name: "John Doe", + ExternalIdentifiers: externalIdentifierListEmail("john@example.com"), }, }, CreatedUsing: ToolList{ &Tool{ - Element: Element{ - Name: "tools-golang-v1.1.0", - }, + Name: "tools-golang-v1.1.0", }, }, @@ -134,75 +117,61 @@ func v301creationInfo() *CreationInfo { func v301package1() (*Package, ElementList) { p := &Package{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: "SPDXRef-Package-ExampleLib", - Name: "example-library", - Description: "This is a detailed description of the example library package.", - Summary: "A sample library for demonstration", - Comment: "Package built with standard configuration" + ";License determined from LICENSE file", - - VerifiedUsing: IntegrityMethodList{ - &PackageVerificationCode{ - Algorithm: HashAlgorithm_Sha1, - HashValue: "d6a770ba38583ed4bb4525bd96e50461655d2758", - ExcludedFiles: []string{"./exclude1.txt", "./exclude2.txt"}, - }, - &Hash{ - Algorithm: HashAlgorithm_Sha1, - Value: "aabbccdd", - }, - &Hash{ - Algorithm: HashAlgorithm_Sha256, - Value: "11223344", - }, - }, - ExternalIdentifiers: ExternalIdentifierList{ - &ExternalIdentifier{ - Type: ExternalIdentifierType_PackageURL, - Identifier: "pkg:npm/example-library@1.2.3", - Comment: "NPM package reference", - }, - &ExternalIdentifier{ - Type: ExternalIdentifierType_Cpe23, - Identifier: "cpe:2.3:a:example:library:1.2.3:*:*:*:*:*:*:*", - Comment: "CPE reference for security scanning", - }, - }, - }, - SuppliedBy: &Organization{ - Agent: Agent{ - Element: Element{ - Name: "Example Corp", - ExternalIdentifiers: externalIdentifierListEmail("support@example.com"), - }, - }, - }, - - OriginatedBy: AgentList{ - &Person{ - Agent: Agent{ - Element: Element{ - Name: "Jane Smith", - ExternalIdentifiers: externalIdentifierListEmail("jane@example.com"), - }, - }, - }, - }, + ID: "SPDXRef-Package-ExampleLib", + Name: "example-library", + Description: "This is a detailed description of the example library package.", + Summary: "A sample library for demonstration", + Comment: "Package built with standard configuration" + ";License determined from LICENSE file", - ReleaseTime: parseTime("2023-01-10T00:00:00Z"), - BuiltTime: parseTime("2023-01-15T08:00:00Z"), - ValidUntilTime: parseTime("2025-01-10T00:00:00Z"), + VerifiedUsing: IntegrityMethodList{ + &PackageVerificationCode{ + Algorithm: HashAlgorithm_Sha1, + HashValue: "d6a770ba38583ed4bb4525bd96e50461655d2758", + ExcludedFiles: []string{"./exclude1.txt", "./exclude2.txt"}, + }, + &Hash{ + Algorithm: HashAlgorithm_Sha1, + Value: "aabbccdd", + }, + &Hash{ + Algorithm: HashAlgorithm_Sha256, + Value: "11223344", + }, + }, + ExternalIdentifiers: ExternalIdentifierList{ + &ExternalIdentifier{ + Type: ExternalIdentifierType_PackageURL, + Identifier: "pkg:npm/example-library@1.2.3", + Comment: "NPM package reference", + }, + &ExternalIdentifier{ + Type: ExternalIdentifierType_Cpe23, + Identifier: "cpe:2.3:a:example:library:1.2.3:*:*:*:*:*:*:*", + Comment: "CPE reference for security scanning", }, - CopyrightText: "Copyright 2023 Example Corp", - AttributionTexts: []string{ - "This package includes code from Project ABC", - "Special thanks to the open source community", + }, + SuppliedBy: &Organization{ + Name: "Example Corp", + ExternalIdentifiers: externalIdentifierListEmail("support@example.com"), + }, + + OriginatedBy: AgentList{ + &Person{ + Name: "Jane Smith", + ExternalIdentifiers: externalIdentifierListEmail("jane@example.com"), }, - //FilesAnalyzed: true, - PrimaryPurpose: SoftwarePurpose_Library, }, + + ReleaseTime: parseTime("2023-01-10T00:00:00Z"), + BuiltTime: parseTime("2023-01-15T08:00:00Z"), + ValidUntilTime: parseTime("2025-01-10T00:00:00Z"), + CopyrightText: "Copyright 2023 Example Corp", + AttributionTexts: []string{ + "This package includes code from Project ABC", + "Special thanks to the open source community", + }, + //FilesAnalyzed: true, + PrimaryPurpose: SoftwarePurpose_Library, Version: "1.2.3", HomePage: "https://example.com/library", SourceInfo: "Built from git tag v1.2.3", @@ -241,33 +210,23 @@ func v301package1() (*Package, ElementList) { func v301package2() (*Package, ElementList) { p := &Package{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: "SPDXRef-Package-UtilityTools", - Name: "utility-tools", - Description: "A comprehensive set of utility tools for developers.", - Summary: "Collection of utility tools", - - VerifiedUsing: IntegrityMethodList{ - &Hash{ - Algorithm: HashAlgorithm_Sha256, - Value: "ffaabbcc11223344", - }, - }, - }, - SuppliedBy: &Person{ - Agent: Agent{ - Element: Element{ - Name: "Bob Johnson", - ExternalIdentifiers: externalIdentifierListEmail("bob@tools.com"), - }, - }, - }, + ID: "SPDXRef-Package-UtilityTools", + Name: "utility-tools", + Description: "A comprehensive set of utility tools for developers.", + Summary: "Collection of utility tools", + + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Algorithm: HashAlgorithm_Sha256, + Value: "ffaabbcc11223344", }, - CopyrightText: "Copyright 2023 Tools Inc", - PrimaryPurpose: SoftwarePurpose_Application, }, + SuppliedBy: &Person{ + Name: "Bob Johnson", + ExternalIdentifiers: externalIdentifierListEmail("bob@tools.com"), + }, + CopyrightText: "Copyright 2023 Tools Inc", + PrimaryPurpose: SoftwarePurpose_Application, Version: "2.1.0", HomePage: ld.URI("https://tools.com/utility"), DownloadLocation: ld.URI("https://tools.com/download/utility-tools-2.1.0.zip"), @@ -293,94 +252,64 @@ func v301package2() (*Package, ElementList) { func v301customLicense1() AnyLicense { return &CustomLicense{ - License: License{ - ExtendableLicense: ExtendableLicense{ - LicenseInfo: LicenseInfo{ - Element: Element{ - ID: "LicenseRef-CustomLicense1", - Name: "Custom Example License", - Comment: "Custom license used for internal tools", - }, - }, - }, - SeeAlsos: []ld.URI{ - "https://example.com/licenses/custom", - }, - Text: "This is a custom license text for demonstration purposes.\n\nPermission is granted to use this software...", + ID: "LicenseRef-CustomLicense1", + Name: "Custom Example License", + Comment: "Custom license used for internal tools", + SeeAlsos: []ld.URI{ + "https://example.com/licenses/custom", }, + Text: "This is a custom license text for demonstration purposes.\n\nPermission is granted to use this software...", } } func v301customLicense2() AnyLicense { return &CustomLicense{ - License: License{ - ExtendableLicense: ExtendableLicense{ - LicenseInfo: LicenseInfo{ - Element: Element{ - ID: "LicenseRef-CustomLicense2", - Name: "Another Custom License", - Comment: "License for third-party components", - }, - }, - }, - SeeAlsos: []ld.URI{ - "https://example.com/licenses/another-custom", - "https://internal.example.com/legal/licenses", - }, - Text: "Another custom license text with different terms.\n\nThis software may be used under the following conditions...", + ID: "LicenseRef-CustomLicense2", + Name: "Another Custom License", + Comment: "License for third-party components", + SeeAlsos: []ld.URI{ + "https://example.com/licenses/another-custom", + "https://internal.example.com/legal/licenses", }, + Text: "Another custom license text with different terms.\n\nThis software may be used under the following conditions...", } } func v301file1() (AnyFile, ElementList) { f := &File{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: "SPDXRef-File-Other", - Name: "./src/other.c", - VerifiedUsing: IntegrityMethodList{ - &Hash{ - Value: "da39a3ee5e6b4b0d3255bfef95601890afd80709", - Algorithm: HashAlgorithm_Sha1, - }, - &Hash{ - Value: "d41d8cd98f00b204e9800998ecf8427e", - Algorithm: HashAlgorithm_Md5, - }, - }, - Comment: "Other application entry point", - Description: "This file contains the other function", - }, - OriginatedBy: AgentList{ - &Person{ - Agent: Agent{ - Element: Element{ - Name: "Other John Doe", - ExternalIdentifiers: externalIdentifierListEmail("john@doe.com"), - }, - }, - }, - &Person{ - Agent: Agent{ - Element: Element{ - Name: "Jane Smith", - ExternalIdentifiers: externalIdentifierListEmail("jane.smith@example.org"), - }, - }, - }, - }, + ID: "SPDXRef-File-Other", + Name: "./src/other.c", + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Value: "da39a3ee5e6b4b0d3255bfef95601890afd80709", + Algorithm: HashAlgorithm_Sha1, }, - - CopyrightText: "Copyright 2023 Example Corp", - AttributionTexts: []string{ - "Based on other example code from something", + &Hash{ + Value: "d41d8cd98f00b204e9800998ecf8427e", + Algorithm: HashAlgorithm_Md5, + }, + }, + Comment: "Other application entry point", + Description: "This file contains the other function", + OriginatedBy: AgentList{ + &Person{ + Name: "Other John Doe", + ExternalIdentifiers: externalIdentifierListEmail("john@doe.com"), + }, + &Person{ + Name: "Jane Smith", + ExternalIdentifiers: externalIdentifierListEmail("jane.smith@example.org"), }, - //FileTypes: []FileType{ - // FileType_Source, - //}, - //PrimaryPurpose: SoftwarePurpose_Source, }, + + CopyrightText: "Copyright 2023 Example Corp", + AttributionTexts: []string{ + "Based on other example code from something", + }, + //FileTypes: []FileType{ + // FileType_Source, + //}, + //PrimaryPurpose: SoftwarePurpose_Source, Kind: FileKindType_File, } @@ -404,26 +333,20 @@ func v301file1() (AnyFile, ElementList) { func v301file2() (*File, ElementList) { f := &File{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: "SPDXRef-File-Header", - - Name: "./include/header.h", - VerifiedUsing: IntegrityMethodList{ - &Hash{ - Value: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", - Algorithm: HashAlgorithm_Sha256, - }, - }, - Comment: "Header file with function declarations", - }, + ID: "SPDXRef-File-Header", + + Name: "./include/header.h", + VerifiedUsing: IntegrityMethodList{ + &Hash{ + Value: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + Algorithm: HashAlgorithm_Sha256, }, - CopyrightText: "Copyright 2023 Example Corp", - //FileTypes: []FileType{ - // FileType_Header, - //}, }, + Comment: "Header file with function declarations", + CopyrightText: "Copyright 2023 Example Corp", + //FileTypes: []FileType{ + // FileType_Header, + //}, } l := &ListedLicense{} @@ -473,19 +396,13 @@ func v301externalMap2() *ExternalMap { func v301annotation1(subject AnyElement) *Annotation { return &Annotation{ Type: AnnotationType_Review, - Element: Element{ - ID: "SPDXRef-Annotation-1", - CreationInfo: &CreationInfo{ - Created: parseTime("2023-01-20T14:30:00Z"), - CreatedBy: AgentList{ - &Person{ - Agent: Agent{ - Element: Element{ - Name: "Security Team", - ExternalIdentifiers: externalIdentifierListEmail("security@example.com"), - }, - }, - }, + ID: "SPDXRef-Annotation-1", + CreationInfo: &CreationInfo{ + Created: parseTime("2023-01-20T14:30:00Z"), + CreatedBy: AgentList{ + &Person{ + Name: "Security Team", + ExternalIdentifiers: externalIdentifierListEmail("security@example.com"), }, }, }, @@ -497,40 +414,28 @@ func v301annotation1(subject AnyElement) *Annotation { func v301annotation2(subject AnyElement) *Annotation { return &Annotation{ Type: AnnotationType_Other, - Element: Element{ - ID: "SPDXRef-Annotation-2", - CreationInfo: &CreationInfo{ - Created: parseTime("2023-01-21T09:15:00Z"), - CreatedBy: AgentList{ - &Person{ - Agent: Agent{ - Element: Element{ - Name: "vulnerability-scanner-v1.5", - }, - }, - }, + ID: "SPDXRef-Annotation-2", + CreationInfo: &CreationInfo{ + Created: parseTime("2023-01-21T09:15:00Z"), + CreatedBy: AgentList{ + &Person{ + Name: "vulnerability-scanner-v1.5", }, }, - Comment: "Automated scan completed - clean", }, + Comment: "Automated scan completed - clean", Subject: subject, } } func v301snippet1(fileRef AnyFile) (AnyElement, ElementList) { s := &Snippet{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: "SPDXRef-Snippet1", - Name: "Core Algorithm", - Comment: "Key algorithm implementation", - }, - }, - CopyrightText: "Copyright 2023 Example Corp", - AttributionTexts: []string{"Algorithm based on research paper XYZ"}, - }, - FromFile: fileRef, + ID: "SPDXRef-Snippet1", + Name: "Core Algorithm", + Comment: "Key algorithm implementation", + CopyrightText: "Copyright 2023 Example Corp", + AttributionTexts: []string{"Algorithm based on research paper XYZ"}, + FromFile: fileRef, ByteRange: &PositiveIntegerRange{ BeginIntegerRange: 100, EndIntegerRange: 200, @@ -563,17 +468,11 @@ func v301snippet1(fileRef AnyFile) (AnyElement, ElementList) { func v301snippet2(fileRef AnyFile) (AnySnippet, ElementList) { s := &Snippet{ - SoftwareArtifact: SoftwareArtifact{ - Artifact: Artifact{ - Element: Element{ - ID: "SPDXRef-Snippet2", - Name: "API Declarations", - Comment: "Function declarations", - }, - }, - CopyrightText: "Copyright 2023 Example Corp", - }, - FromFile: fileRef, + ID: "SPDXRef-Snippet2", + Name: "API Declarations", + Comment: "Function declarations", + CopyrightText: "Copyright 2023 Example Corp", + FromFile: fileRef, ByteRange: &PositiveIntegerRange{ EndIntegerRange: 50, BeginIntegerRange: 150, diff --git a/spdx/v3/v3_0_1/model.go b/spdx/v3/v3_0_1/model.go index 3bd8ffc9..12a0f5b6 100755 --- a/spdx/v3/v3_0_1/model.go +++ b/spdx/v3/v3_0_1/model.go @@ -5,7 +5,6 @@ package v3_0_1 import ( - "reflect" "time" "github.com/kzantow/go-ld" @@ -13,13 +12,95 @@ import ( type AnyAIPackage interface { AnyPackage - asAIPackage() *AIPackage + asAIPackage() + GetDomains() []string + SetDomains([]string) + GetEnergyConsumption() AnyEnergyConsumption + SetEnergyConsumption(AnyEnergyConsumption) + GetModelDataPreprocessings() []string + SetModelDataPreprocessings([]string) + GetUseSensitivePersonalInformation() PresenceType + SetUseSensitivePersonalInformation(PresenceType) + GetAutonomyType() PresenceType + SetAutonomyType(PresenceType) + GetSafetyRiskAssessment() SafetyRiskAssessmentType + SetSafetyRiskAssessment(SafetyRiskAssessmentType) + GetHyperparameters() DictionaryEntryList + SetHyperparameters(DictionaryEntryList) + GetLimitation() string + SetLimitation(string) + GetModelExplainabilities() []string + SetModelExplainabilities([]string) + GetStandardCompliances() []string + SetStandardCompliances([]string) + GetMetricDecisionThresholds() DictionaryEntryList + SetMetricDecisionThresholds(DictionaryEntryList) + GetTypeOfModels() []string + SetTypeOfModels([]string) + GetInformationAboutApplication() string + SetInformationAboutApplication(string) + GetInformationAboutTraining() string + SetInformationAboutTraining(string) + GetMetrics() DictionaryEntryList + SetMetrics(DictionaryEntryList) } // AIPackage Specifies an AI package and its associated information. type AIPackage struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/AIPackage" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Package + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/AIPackage" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be used for verifying its identity and/or integrity. + ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for a software Package, File or Snippet. + AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` + // AdditionalPurposes Provides additional purpose information of the software artifact. + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // PrimaryPurpose Provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // CopyrightText Identifies the text of one or more copyright notices for a software Package, File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` + // SourceInfo Records any relevant background information or additional comments about the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" type:"http://www.w3.org/2001/XMLSchema#string"` + // HomePage A place for the SPDX document creator to record a website that serves as the package's home page. + HomePage URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Version Identify the version of a package. + Version string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageURL Provides a place for the SPDX data creator to record the package URL string (in accordance with the Package URL specification) for a software Package. + PackageURL URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time that the document was created. + DownloadLocation URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` // Domains Captures the domain in which the AI package can be used. Domains []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/domain" type:"http://www.w3.org/2001/XMLSchema#string"` // EnergyConsumption Indicates the amount of energy consumption incurred by an AI model. @@ -52,778 +133,483 @@ type AIPackage struct { Metrics DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metric" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` } -func (o *AIPackage) asAIPackage() *AIPackage { - return o +func (o *AIPackage) asAIPackage() {} +func (o *AIPackage) asPackage() {} +func (o *AIPackage) asSoftwareArtifact() {} +func (o *AIPackage) asArtifact() {} +func (o *AIPackage) asElement() {} +func (o *AIPackage) GetDescription() string { + return o.Description } -type AIPackageList []AnyAIPackage - -func (o *AIPackageList) AIPackages() ld.TypeSeq[AnyAIPackage, *AIPackage] { - return ld.NewTypeSeq(*o, castAIPackage) +func (o *AIPackage) SetDescription(v string) { + o.Description = v } -type AnyAgent interface { - AnyElement - asAgent() *Agent +func (o *AIPackage) GetComment() string { + return o.Comment } -// Agent represents anything with the potential to act on a system. -type Agent struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Agent" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Element +func (o *AIPackage) SetComment(v string) { + o.Comment = v } -func (o *Agent) asAgent() *Agent { - return o +func (o *AIPackage) GetName() string { + return o.Name } -type AgentList []AnyAgent - -func (o *AgentList) Agents() ld.TypeSeq[AnyAgent, *Agent] { - return ld.NewTypeSeq(*o, castAgent) +func (o *AIPackage) SetName(v string) { + o.Name = v } -func (o *AgentList) Organizations() ld.TypeSeq[AnyAgent, *Organization] { - return ld.NewTypeSeq(*o, castOrganization) +func (o *AIPackage) GetExtensions() ExtensionList { + return o.Extensions } -func (o *AgentList) People() ld.TypeSeq[AnyAgent, *Person] { - return ld.NewTypeSeq(*o, castPerson) +func (o *AIPackage) SetExtensions(v ExtensionList) { + o.Extensions = v } -func (o *AgentList) SoftwareAgents() ld.TypeSeq[AnyAgent, *SoftwareAgent] { - return ld.NewTypeSeq(*o, castSoftwareAgent) +func (o *AIPackage) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -type AnyAnnotation interface { - AnyElement - asAnnotation() *Annotation +func (o *AIPackage) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -// Annotation An assertion made in relation to one or more elements. -type Annotation struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Annotation" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Element - // Subject An Element an annotator has made an assertion about. - Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` - // ContentType Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` - // Statement Commentary on an assertion that an annotator has made. - Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" type:"http://www.w3.org/2001/XMLSchema#string"` - // Type Describes the type of annotation. - Type AnnotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` +func (o *AIPackage) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -func (o *Annotation) asAnnotation() *Annotation { - return o +func (o *AIPackage) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -type AnnotationList []AnyAnnotation - -func (o *AnnotationList) Annotations() ld.TypeSeq[AnyAnnotation, *Annotation] { - return ld.NewTypeSeq(*o, castAnnotation) +func (o *AIPackage) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// AnnotationType Specifies the type of an annotation. -type AnnotationType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" node-kind:""` - id string `iri:"@id"` +func (o *AIPackage) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// AnnotationType_Other Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). -var AnnotationType_Other = AnnotationType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", +func (o *AIPackage) GetSummary() string { + return o.Summary } -// AnnotationType_Review Used when someone reviews the Element. -var AnnotationType_Review = AnnotationType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review", +func (o *AIPackage) SetSummary(v string) { + o.Summary = v } -type AnyArtifact interface { - AnyElement - asArtifact() *Artifact +func (o *AIPackage) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// Artifact A distinct article or unit within the digital domain. -type Artifact struct { - Element - // StandardNames The name of a relevant standard that may apply to an artifact. - StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` - // BuiltTime Specifies the time an artifact was built. - BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // ReleaseTime Specifies the time an artifact was released. - ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // SupportLevels Specifies the level of support associated with an artifact. - SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` - // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. - SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` - // OriginatedBy Identifies from where or whom the Element originally came. - OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` - // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. - ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +func (o *AIPackage) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -func (o *Artifact) asArtifact() *Artifact { - return o +func (o *AIPackage) GetStandardNames() []string { + return o.StandardNames } -type ArtifactList []AnyArtifact - -func (o *ArtifactList) AIPackages() ld.TypeSeq[AnyArtifact, *AIPackage] { - return ld.NewTypeSeq(*o, castAIPackage) +func (o *AIPackage) SetStandardNames(v []string) { + o.StandardNames = v } -func (o *ArtifactList) Artifacts() ld.TypeSeq[AnyArtifact, *Artifact] { - return ld.NewTypeSeq(*o, castArtifact) +func (o *AIPackage) GetBuiltTime() time.Time { + return o.BuiltTime } -func (o *ArtifactList) DatasetPackages() ld.TypeSeq[AnyArtifact, *DatasetPackage] { - return ld.NewTypeSeq(*o, castDatasetPackage) +func (o *AIPackage) SetBuiltTime(v time.Time) { + o.BuiltTime = v } -func (o *ArtifactList) Files() ld.TypeSeq[AnyArtifact, *File] { - return ld.NewTypeSeq(*o, castFile) +func (o *AIPackage) GetReleaseTime() time.Time { + return o.ReleaseTime } -func (o *ArtifactList) Packages() ld.TypeSeq[AnyArtifact, *Package] { - return ld.NewTypeSeq(*o, castPackage) +func (o *AIPackage) SetReleaseTime(v time.Time) { + o.ReleaseTime = v } -func (o *ArtifactList) Snippets() ld.TypeSeq[AnyArtifact, *Snippet] { - return ld.NewTypeSeq(*o, castSnippet) +func (o *AIPackage) GetSupportLevels() []SupportType { + return o.SupportLevels } -func (o *ArtifactList) SoftwareArtifacts() ld.TypeSeq[AnyArtifact, *SoftwareArtifact] { - return ld.NewTypeSeq(*o, castSoftwareArtifact) +func (o *AIPackage) SetSupportLevels(v []SupportType) { + o.SupportLevels = v } -func (o *ArtifactList) Vulnerabilities() ld.TypeSeq[AnyArtifact, *Vulnerability] { - return ld.NewTypeSeq(*o, castVulnerability) +func (o *AIPackage) GetSuppliedBy() AnyAgent { + return o.SuppliedBy } -type AnyBOM interface { - AnyBundle - asBOM() *BOM +func (o *AIPackage) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v } -// BOM A container for a grouping of SPDX-3.0 content characterizing details (provenence, composition, licensing, etc.) about a product. -type BOM struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bom" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Bundle +func (o *AIPackage) GetOriginatedBy() AgentList { + return o.OriginatedBy } -func (o *BOM) asBOM() *BOM { - return o +func (o *AIPackage) SetOriginatedBy(v AgentList) { + o.OriginatedBy = v } -type BOMList []AnyBOM - -func (o *BOMList) BOMs() ld.TypeSeq[AnyBOM, *BOM] { - return ld.NewTypeSeq(*o, castBOM) +func (o *AIPackage) GetValidUntilTime() time.Time { + return o.ValidUntilTime } -func (o *BOMList) SBOMs() ld.TypeSeq[AnyBOM, *SBOM] { - return ld.NewTypeSeq(*o, castSBOM) +func (o *AIPackage) SetValidUntilTime(v time.Time) { + o.ValidUntilTime = v } -type AnyBuild interface { - AnyElement - asBuild() *Build +func (o *AIPackage) GetContentIdentifiers() ContentIdentifierList { + return o.ContentIdentifiers } -// Build Class that describes a build instance of software/artifacts. -type Build struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Build/Build" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Element - // BuildID A buildId is a locally unique identifier used by a builder to identify a unique instance of a build produced by it. - BuildID string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" type:"http://www.w3.org/2001/XMLSchema#string"` - // ConfigSourceUris Property that describes the URI of the build configuration source file. - ConfigSourceUris []URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // StartTime Property describing the start time of a build. - StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // ConfigSourceDigests Property that describes the digest of the build configuration file used to invoke a build. - ConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" type:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` - // Parameters Property describing a parameter used in an instance of a build. - Parameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` - // Type A buildType is a hint that is used to indicate the toolchain, platform, or infrastructure that the build was invoked on. - Type URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // ConfigSourceEntrypoints Property describes the invocation entrypoint of a build. - ConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" type:"http://www.w3.org/2001/XMLSchema#string"` - // EndTime Property that describes the time at which a build stops. - EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // Environments Property describing the session in which a build is invoked. - Environments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` +func (o *AIPackage) SetContentIdentifiers(v ContentIdentifierList) { + o.ContentIdentifiers = v } -func (o *Build) asBuild() *Build { - return o +func (o *AIPackage) GetAttributionTexts() []string { + return o.AttributionTexts } -type BuildList []AnyBuild - -func (o *BuildList) Builds() ld.TypeSeq[AnyBuild, *Build] { - return ld.NewTypeSeq(*o, castBuild) +func (o *AIPackage) SetAttributionTexts(v []string) { + o.AttributionTexts = v } -type AnyBundle interface { - AnyElementCollection - asBundle() *Bundle +func (o *AIPackage) GetAdditionalPurposes() []SoftwarePurpose { + return o.AdditionalPurposes } -// Bundle A collection of Elements that have a shared context. -type Bundle struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bundle" node-kind:"http://www.w3.org/ns/shacl#IRI"` - ElementCollection - // Context Gives information about the circumstances or unifying properties that Elements of the bundle have been assembled under. - Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *AIPackage) SetAdditionalPurposes(v []SoftwarePurpose) { + o.AdditionalPurposes = v } -func (o *Bundle) asBundle() *Bundle { - return o +func (o *AIPackage) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose } -type BundleList []AnyBundle - -func (o *BundleList) BOMs() ld.TypeSeq[AnyBundle, *BOM] { - return ld.NewTypeSeq(*o, castBOM) +func (o *AIPackage) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v } -func (o *BundleList) Bundles() ld.TypeSeq[AnyBundle, *Bundle] { - return ld.NewTypeSeq(*o, castBundle) +func (o *AIPackage) GetCopyrightText() string { + return o.CopyrightText } -func (o *BundleList) SBOMs() ld.TypeSeq[AnyBundle, *SBOM] { - return ld.NewTypeSeq(*o, castSBOM) +func (o *AIPackage) SetCopyrightText(v string) { + o.CopyrightText = v } -type AnyCdxPropertiesExtension interface { - AnyExtension - asCdxPropertiesExtension() *CdxPropertiesExtension +func (o *AIPackage) GetSourceInfo() string { + return o.SourceInfo } -// CdxPropertiesExtension A type of extension consisting of a list of name value pairs. -type CdxPropertiesExtension struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - Extension - // CdxProperties Provides a map of a property names to a values. - CdxProperties CdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` +func (o *AIPackage) SetSourceInfo(v string) { + o.SourceInfo = v } -func (o *CdxPropertiesExtension) asCdxPropertiesExtension() *CdxPropertiesExtension { - return o +func (o *AIPackage) GetHomePage() URI { + return o.HomePage } -type CdxPropertiesExtensionList []AnyCdxPropertiesExtension - -func (o *CdxPropertiesExtensionList) CdxPropertiesExtensions() ld.TypeSeq[AnyCdxPropertiesExtension, *CdxPropertiesExtension] { - return ld.NewTypeSeq(*o, castCdxPropertiesExtension) +func (o *AIPackage) SetHomePage(v URI) { + o.HomePage = v } -type AnyCdxPropertyEntry interface { - asCdxPropertyEntry() *CdxPropertyEntry +func (o *AIPackage) GetVersion() string { + return o.Version } -// CdxPropertyEntry A property name with an associated value. -type CdxPropertyEntry struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // CdxPropValue A value used in a CdxPropertyEntry name-value pair. - CdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" type:"http://www.w3.org/2001/XMLSchema#string"` - // CdxPropName A name used in a CdxPropertyEntry name-value pair. - CdxPropName string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *AIPackage) SetVersion(v string) { + o.Version = v } -func (o *CdxPropertyEntry) asCdxPropertyEntry() *CdxPropertyEntry { - return o +func (o *AIPackage) GetPackageURL() URI { + return o.PackageURL } -type CdxPropertyEntryList []AnyCdxPropertyEntry - -func (o *CdxPropertyEntryList) CdxPropertyEntries() ld.TypeSeq[AnyCdxPropertyEntry, *CdxPropertyEntry] { - return ld.NewTypeSeq(*o, castCdxPropertyEntry) +func (o *AIPackage) SetPackageURL(v URI) { + o.PackageURL = v } -// ConfidentialityLevelType Categories of confidentiality level. -type ConfidentialityLevelType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" node-kind:""` - id string `iri:"@id"` +func (o *AIPackage) GetDownloadLocation() URI { + return o.DownloadLocation } -// ConfidentialityLevelType_Amber Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. -var ConfidentialityLevelType_Amber = ConfidentialityLevelType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", +func (o *AIPackage) SetDownloadLocation(v URI) { + o.DownloadLocation = v } -// ConfidentialityLevelType_Clear Dataset may be distributed freely, without restriction. -var ConfidentialityLevelType_Clear = ConfidentialityLevelType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear", +func (o *AIPackage) GetDomains() []string { + return o.Domains } -// ConfidentialityLevelType_Green Dataset can be shared within a community of peers and partners. -var ConfidentialityLevelType_Green = ConfidentialityLevelType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green", +func (o *AIPackage) SetDomains(v []string) { + o.Domains = v } -// ConfidentialityLevelType_Red Data points in the dataset are highly confidential and can only be shared with named recipients. -var ConfidentialityLevelType_Red = ConfidentialityLevelType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red", +func (o *AIPackage) GetEnergyConsumption() AnyEnergyConsumption { + return o.EnergyConsumption } -type AnyConjunctiveLicenseSet interface { - AnyLicenseInfo - asConjunctiveLicenseSet() *ConjunctiveLicenseSet +func (o *AIPackage) SetEnergyConsumption(v AnyEnergyConsumption) { + o.EnergyConsumption = v } -// ConjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where all elements apply. -type ConjunctiveLicenseSet struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet" node-kind:"http://www.w3.org/ns/shacl#IRI"` - LicenseInfo - // Members A license expression participating in a license set. - Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` +func (o *AIPackage) GetModelDataPreprocessings() []string { + return o.ModelDataPreprocessings } -func (o *ConjunctiveLicenseSet) asConjunctiveLicenseSet() *ConjunctiveLicenseSet { - return o +func (o *AIPackage) SetModelDataPreprocessings(v []string) { + o.ModelDataPreprocessings = v } -type ConjunctiveLicenseSetList []AnyConjunctiveLicenseSet - -func (o *ConjunctiveLicenseSetList) ConjunctiveLicenseSets() ld.TypeSeq[AnyConjunctiveLicenseSet, *ConjunctiveLicenseSet] { - return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) +func (o *AIPackage) GetUseSensitivePersonalInformation() PresenceType { + return o.UseSensitivePersonalInformation } -type AnyContentIdentifier interface { - AnyIntegrityMethod - asContentIdentifier() *ContentIdentifier +func (o *AIPackage) SetUseSensitivePersonalInformation(v PresenceType) { + o.UseSensitivePersonalInformation = v } -// ContentIdentifier A canonical, unique, immutable identifier -type ContentIdentifier struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - IntegrityMethod - // Type Specifies the type of the content identifier. - Type ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` - // Value Specifies the value of the content identifier. - Value URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` +func (o *AIPackage) GetAutonomyType() PresenceType { + return o.AutonomyType } -func (o *ContentIdentifier) asContentIdentifier() *ContentIdentifier { - return o +func (o *AIPackage) SetAutonomyType(v PresenceType) { + o.AutonomyType = v } -type ContentIdentifierList []AnyContentIdentifier - -func (o *ContentIdentifierList) ContentIdentifiers() ld.TypeSeq[AnyContentIdentifier, *ContentIdentifier] { - return ld.NewTypeSeq(*o, castContentIdentifier) +func (o *AIPackage) GetSafetyRiskAssessment() SafetyRiskAssessmentType { + return o.SafetyRiskAssessment } -// ContentIdentifierType Specifies the type of a content identifier. -type ContentIdentifierType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" node-kind:""` - id string `iri:"@id"` +func (o *AIPackage) SetSafetyRiskAssessment(v SafetyRiskAssessmentType) { + o.SafetyRiskAssessment = v } -// ContentIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var ContentIdentifierType_Gitoid = ContentIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", +func (o *AIPackage) GetHyperparameters() DictionaryEntryList { + return o.Hyperparameters } -// ContentIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var ContentIdentifierType_Swhid = ContentIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid", +func (o *AIPackage) SetHyperparameters(v DictionaryEntryList) { + o.Hyperparameters = v } -type AnyCreationInfo interface { - asCreationInfo() *CreationInfo +func (o *AIPackage) GetLimitation() string { + return o.Limitation } -// CreationInfo Provides information about the creation of the Element. -type CreationInfo struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // SpecVersion Provides a reference number that can be used to understand how to parse and interpret an Element. - SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // Created Identifies when the Element was originally created. - Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" required:"true" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // CreatedUsing Identifies the tooling that was used during the creation of the Element. - CreatedUsing ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` - // Comment Provide consumers with comments by the creator of the Element about the Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` - // CreatedBy Identifies who or what created the Element. - CreatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` +func (o *AIPackage) SetLimitation(v string) { + o.Limitation = v } -func (o *CreationInfo) asCreationInfo() *CreationInfo { - return o +func (o *AIPackage) GetModelExplainabilities() []string { + return o.ModelExplainabilities } -type CreationInfoList []AnyCreationInfo - -func (o *CreationInfoList) CreationInfos() ld.TypeSeq[AnyCreationInfo, *CreationInfo] { - return ld.NewTypeSeq(*o, castCreationInfo) +func (o *AIPackage) SetModelExplainabilities(v []string) { + o.ModelExplainabilities = v } -type AnyCustomLicense interface { - AnyLicense - asCustomLicense() *CustomLicense +func (o *AIPackage) GetStandardCompliances() []string { + return o.StandardCompliances } -// CustomLicense A license that is not listed on the SPDX License List. -type CustomLicense struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense" node-kind:"http://www.w3.org/ns/shacl#IRI"` - License +func (o *AIPackage) SetStandardCompliances(v []string) { + o.StandardCompliances = v } -func (o *CustomLicense) asCustomLicense() *CustomLicense { - return o +func (o *AIPackage) GetMetricDecisionThresholds() DictionaryEntryList { + return o.MetricDecisionThresholds } -type CustomLicenseList []AnyCustomLicense - -func (o *CustomLicenseList) CustomLicenses() ld.TypeSeq[AnyCustomLicense, *CustomLicense] { - return ld.NewTypeSeq(*o, castCustomLicense) +func (o *AIPackage) SetMetricDecisionThresholds(v DictionaryEntryList) { + o.MetricDecisionThresholds = v } -type AnyCustomLicenseAddition interface { - AnyLicenseAddition - asCustomLicenseAddition() *CustomLicenseAddition +func (o *AIPackage) GetTypeOfModels() []string { + return o.TypeOfModels } -// CustomLicenseAddition A license addition that is not listed on the SPDX Exceptions List. -type CustomLicenseAddition struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition" node-kind:"http://www.w3.org/ns/shacl#IRI"` - LicenseAddition +func (o *AIPackage) SetTypeOfModels(v []string) { + o.TypeOfModels = v } -func (o *CustomLicenseAddition) asCustomLicenseAddition() *CustomLicenseAddition { - return o +func (o *AIPackage) GetInformationAboutApplication() string { + return o.InformationAboutApplication } -type CustomLicenseAdditionList []AnyCustomLicenseAddition - -func (o *CustomLicenseAdditionList) CustomLicenseAdditions() ld.TypeSeq[AnyCustomLicenseAddition, *CustomLicenseAddition] { - return ld.NewTypeSeq(*o, castCustomLicenseAddition) +func (o *AIPackage) SetInformationAboutApplication(v string) { + o.InformationAboutApplication = v } -// CvssSeverityType Specifies the CVSS base, temporal, threat, or environmental severity type. -type CvssSeverityType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" node-kind:""` - id string `iri:"@id"` +func (o *AIPackage) GetInformationAboutTraining() string { + return o.InformationAboutTraining } -// CvssSeverityType_Critical When a CVSS score is between 9.0 - 10.0 -var CvssSeverityType_Critical = CvssSeverityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", +func (o *AIPackage) SetInformationAboutTraining(v string) { + o.InformationAboutTraining = v } -// CvssSeverityType_High When a CVSS score is between 7.0 - 8.9 -var CvssSeverityType_High = CvssSeverityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", +func (o *AIPackage) GetMetrics() DictionaryEntryList { + return o.Metrics } -// CvssSeverityType_Low When a CVSS score is between 0.1 - 3.9 -var CvssSeverityType_Low = CvssSeverityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", +func (o *AIPackage) SetMetrics(v DictionaryEntryList) { + o.Metrics = v } -// CvssSeverityType_Medium When a CVSS score is between 4.0 - 6.9 -var CvssSeverityType_Medium = CvssSeverityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", -} +type AIPackageList []AnyAIPackage -// CvssSeverityType_None When a CVSS score is 0.0 -var CvssSeverityType_None = CvssSeverityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", +func (v AIPackageList) AIPackages() []AnyAIPackage { + return ld.SliceOf[AnyAIPackage](v) } -type AnyCvssV2VulnAssessmentRelationship interface { - AnyVulnAssessmentRelationship - asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship -} - -// CvssV2VulnAssessmentRelationship Provides a CVSS version 2.0 assessment for a vulnerability. -type CvssV2VulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VulnAssessmentRelationship - // VectorString Specifies the CVSS vector string for a vulnerability. - VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // Score Provides a numerical (0-10) representation of the severity of a vulnerability. - Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` -} - -func (o *CvssV2VulnAssessmentRelationship) asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship { - return o -} - -type CvssV2VulnAssessmentRelationshipList []AnyCvssV2VulnAssessmentRelationship - -func (o *CvssV2VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV2VulnAssessmentRelationship, *CvssV2VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) -} - -type AnyCvssV3VulnAssessmentRelationship interface { - AnyVulnAssessmentRelationship - asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship -} - -// CvssV3VulnAssessmentRelationship Provides a CVSS version 3 assessment for a vulnerability. -type CvssV3VulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VulnAssessmentRelationship - // Score Provides a numerical (0-10) representation of the severity of a vulnerability. - Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` - // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` - // VectorString Specifies the CVSS vector string for a vulnerability. - VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` -} - -func (o *CvssV3VulnAssessmentRelationship) asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship { - return o -} - -type CvssV3VulnAssessmentRelationshipList []AnyCvssV3VulnAssessmentRelationship - -func (o *CvssV3VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV3VulnAssessmentRelationship, *CvssV3VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) -} - -type AnyCvssV4VulnAssessmentRelationship interface { - AnyVulnAssessmentRelationship - asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship -} - -// CvssV4VulnAssessmentRelationship Provides a CVSS version 4 assessment for a vulnerability. -type CvssV4VulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VulnAssessmentRelationship - // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` - // VectorString Specifies the CVSS vector string for a vulnerability. - VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // Score Provides a numerical (0-10) representation of the severity of a vulnerability. - Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` -} - -func (o *CvssV4VulnAssessmentRelationship) asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship { - return o -} - -type CvssV4VulnAssessmentRelationshipList []AnyCvssV4VulnAssessmentRelationship - -func (o *CvssV4VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV4VulnAssessmentRelationship, *CvssV4VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) -} - -// DatasetAvailabilityType Availability of dataset. -type DatasetAvailabilityType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" node-kind:""` - id string `iri:"@id"` +type AnyAgent interface { + AnyElement + asAgent() } -// DatasetAvailabilityType_Clickthrough the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. -var DatasetAvailabilityType_Clickthrough = DatasetAvailabilityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", +// Agent represents anything with the potential to act on a system. +type Agent struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Agent" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` } -// DatasetAvailabilityType_DirectDownload the dataset is publicly available and can be downloaded directly. -var DatasetAvailabilityType_DirectDownload = DatasetAvailabilityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload", +func (o *Agent) asAgent() {} +func (o *Agent) asElement() {} +func (o *Agent) GetDescription() string { + return o.Description } -// DatasetAvailabilityType_Query the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. -var DatasetAvailabilityType_Query = DatasetAvailabilityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query", +func (o *Agent) SetDescription(v string) { + o.Description = v } -// DatasetAvailabilityType_Registration the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. -var DatasetAvailabilityType_Registration = DatasetAvailabilityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration", +func (o *Agent) GetComment() string { + return o.Comment } -// DatasetAvailabilityType_ScrapingScript the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. -var DatasetAvailabilityType_ScrapingScript = DatasetAvailabilityType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript", +func (o *Agent) SetComment(v string) { + o.Comment = v } -type AnyDatasetPackage interface { - AnyPackage - asDatasetPackage() *DatasetPackage +func (o *Agent) GetName() string { + return o.Name } -// DatasetPackage Specifies a data package and its associated information. -type DatasetPackage struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Package - // ConfidentialityLevel Describes the confidentiality level of the data points contained in the dataset. - ConfidentialityLevel ConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` - // AnonymizationMethodUseds Describes the anonymization methods used. - AnonymizationMethodUseds []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" type:"http://www.w3.org/2001/XMLSchema#string"` - // DatasetUpdateMechanism Describes a mechanism to update the dataset. - DatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" type:"http://www.w3.org/2001/XMLSchema#string"` - // DatasetNoise Describes potentially noisy elements of the dataset. - DatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" type:"http://www.w3.org/2001/XMLSchema#string"` - // DatasetSize Captures the size of the dataset. - DatasetSize NonNegativeInt `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" type:"http://www.w3.org/2001/XMLSchema#nonNegativeInteger"` - // Sensors Describes a sensor used for collecting the data. - Sensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` - // IntendedUse Describes what the given dataset should be used for. - IntendedUse string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" type:"http://www.w3.org/2001/XMLSchema#string"` - // DataPreprocessings Describes the preprocessing steps that were applied to the raw data to create the given dataset. - DataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" type:"http://www.w3.org/2001/XMLSchema#string"` - // KnownBias Records the biases that the dataset is known to encompass. - KnownBias []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" type:"http://www.w3.org/2001/XMLSchema#string"` - // DatasetAvailability The field describes the availability of a dataset. - DatasetAvailability DatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType"` - // HasSensitivePersonalInformation Describes if any sensitive personal information is present in the dataset. - HasSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` - // DataCollectionProcess Describes how the dataset was collected. - DataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" type:"http://www.w3.org/2001/XMLSchema#string"` - // DatasetTypes Describes the type of the given dataset. - DatasetTypes []DatasetType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType"` +func (o *Agent) SetName(v string) { + o.Name = v } -func (o *DatasetPackage) asDatasetPackage() *DatasetPackage { - return o +func (o *Agent) GetExtensions() ExtensionList { + return o.Extensions } -type DatasetPackageList []AnyDatasetPackage - -func (o *DatasetPackageList) DatasetPackages() ld.TypeSeq[AnyDatasetPackage, *DatasetPackage] { - return ld.NewTypeSeq(*o, castDatasetPackage) +func (o *Agent) SetExtensions(v ExtensionList) { + o.Extensions = v } -// DatasetType Enumeration of dataset types. -type DatasetType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" node-kind:""` - id string `iri:"@id"` +func (o *Agent) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// DatasetType_Audio data is audio based, such as a collection of music from the 80s. -var DatasetType_Audio = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", +func (o *Agent) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -// DatasetType_Categorical data that is classified into a discrete number of categories, such as the eye color of a population of people. -var DatasetType_Categorical = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical", +func (o *Agent) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -// DatasetType_Graph data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. -var DatasetType_Graph = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph", +func (o *Agent) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// DatasetType_Image data is a collection of images such as pictures of animals. -var DatasetType_Image = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image", +func (o *Agent) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// DatasetType_NoAssertion data type is not known. -var DatasetType_NoAssertion = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion", +func (o *Agent) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// DatasetType_Numeric data consists only of numeric entries. -var DatasetType_Numeric = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric", +func (o *Agent) GetSummary() string { + return o.Summary } -// DatasetType_Other data is of a type not included in this list. -var DatasetType_Other = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other", +func (o *Agent) SetSummary(v string) { + o.Summary = v } -// DatasetType_Sensor data is recorded from a physical sensor, such as a thermometer reading or biometric device. -var DatasetType_Sensor = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor", +func (o *Agent) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// DatasetType_Structured data is stored in tabular format or retrieved from a relational database. -var DatasetType_Structured = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured", +func (o *Agent) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -// DatasetType_Syntactic data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. -var DatasetType_Syntactic = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic", -} +type AgentList []AnyAgent -// DatasetType_Text data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. -var DatasetType_Text = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text", +func (v AgentList) Agents() []AnyAgent { + return ld.SliceOf[AnyAgent](v) } -// DatasetType_Timeseries data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. -var DatasetType_Timeseries = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries", +func (v AgentList) Organizations() []AnyOrganization { + return ld.SliceOf[AnyOrganization](v) } -// DatasetType_Timestamp data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. -var DatasetType_Timestamp = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp", +func (v AgentList) People() []AnyPerson { + return ld.SliceOf[AnyPerson](v) } -// DatasetType_Video data is video based, such as a collection of movie clips featuring Tom Hanks. -var DatasetType_Video = DatasetType{ - id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video", +func (v AgentList) SoftwareAgents() []AnySoftwareAgent { + return ld.SliceOf[AnySoftwareAgent](v) } -type AnyDictionaryEntry interface { - asDictionaryEntry() *DictionaryEntry +type AnyAnnotation interface { + AnyElement + asAnnotation() + GetSubject() AnyElement + SetSubject(AnyElement) + GetContentType() string + SetContentType(string) + GetStatement() string + SetStatement(string) + GetType() AnnotationType + SetType(AnnotationType) } -// DictionaryEntry A key with an associated value. -type DictionaryEntry struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` +// Annotation An assertion made in relation to one or more elements. +type Annotation struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Annotation" node-kind:"http://www.w3.org/ns/shacl#IRI"` ID string `iri:"@id"` - // Value A value used in a generic key-value pair. - Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" type:"http://www.w3.org/2001/XMLSchema#string"` - // Key A key used in a generic key-value pair. - Key string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/key" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` -} - -func (o *DictionaryEntry) asDictionaryEntry() *DictionaryEntry { - return o -} - -type DictionaryEntryList []AnyDictionaryEntry - -func (o *DictionaryEntryList) DictionaryEntries() ld.TypeSeq[AnyDictionaryEntry, *DictionaryEntry] { - return ld.NewTypeSeq(*o, castDictionaryEntry) -} - -type AnyDisjunctiveLicenseSet interface { - AnyLicenseInfo - asDisjunctiveLicenseSet() *DisjunctiveLicenseSet -} - -// DisjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where only one of the elements applies. -type DisjunctiveLicenseSet struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet" node-kind:"http://www.w3.org/ns/shacl#IRI"` - LicenseInfo - // Members A license expression participating in a license set. - Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` -} - -func (o *DisjunctiveLicenseSet) asDisjunctiveLicenseSet() *DisjunctiveLicenseSet { - return o -} - -type DisjunctiveLicenseSetList []AnyDisjunctiveLicenseSet - -func (o *DisjunctiveLicenseSetList) DisjunctiveLicenseSets() ld.TypeSeq[AnyDisjunctiveLicenseSet, *DisjunctiveLicenseSet] { - return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) -} - -type AnyElement interface { - asElement() *Element -} - -// Element Base domain class from which all other SPDX-3.0 domain classes derive. -type Element struct { - ID string `iri:"@id"` // Description Provides a detailed description of the Element. Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` // Comment Provide consumers with comments by the creator of the Element about the Element. @@ -842,1126 +628,1123 @@ type Element struct { Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Subject An Element an annotator has made an assertion about. + Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // Statement Commentary on an assertion that an annotator has made. + Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" type:"http://www.w3.org/2001/XMLSchema#string"` + // Type Describes the type of annotation. + Type AnnotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` } -func (o *Element) asElement() *Element { - return o -} - -type ElementList []AnyElement - -func (o *ElementList) AIPackages() ld.TypeSeq[AnyElement, *AIPackage] { - return ld.NewTypeSeq(*o, castAIPackage) -} - -func (o *ElementList) Agents() ld.TypeSeq[AnyElement, *Agent] { - return ld.NewTypeSeq(*o, castAgent) -} - -func (o *ElementList) Annotations() ld.TypeSeq[AnyElement, *Annotation] { - return ld.NewTypeSeq(*o, castAnnotation) -} - -func (o *ElementList) Artifacts() ld.TypeSeq[AnyElement, *Artifact] { - return ld.NewTypeSeq(*o, castArtifact) +func (o *Annotation) asAnnotation() {} +func (o *Annotation) asElement() {} +func (o *Annotation) GetDescription() string { + return o.Description } -func (o *ElementList) BOMs() ld.TypeSeq[AnyElement, *BOM] { - return ld.NewTypeSeq(*o, castBOM) +func (o *Annotation) SetDescription(v string) { + o.Description = v } -func (o *ElementList) Builds() ld.TypeSeq[AnyElement, *Build] { - return ld.NewTypeSeq(*o, castBuild) +func (o *Annotation) GetComment() string { + return o.Comment } -func (o *ElementList) Bundles() ld.TypeSeq[AnyElement, *Bundle] { - return ld.NewTypeSeq(*o, castBundle) +func (o *Annotation) SetComment(v string) { + o.Comment = v } -func (o *ElementList) ConjunctiveLicenseSets() ld.TypeSeq[AnyElement, *ConjunctiveLicenseSet] { - return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) +func (o *Annotation) GetName() string { + return o.Name } -func (o *ElementList) CustomLicenses() ld.TypeSeq[AnyElement, *CustomLicense] { - return ld.NewTypeSeq(*o, castCustomLicense) +func (o *Annotation) SetName(v string) { + o.Name = v } -func (o *ElementList) CustomLicenseAdditions() ld.TypeSeq[AnyElement, *CustomLicenseAddition] { - return ld.NewTypeSeq(*o, castCustomLicenseAddition) +func (o *Annotation) GetExtensions() ExtensionList { + return o.Extensions } -func (o *ElementList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV2VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) +func (o *Annotation) SetExtensions(v ExtensionList) { + o.Extensions = v } -func (o *ElementList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV3VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +func (o *Annotation) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -func (o *ElementList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV4VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) +func (o *Annotation) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *ElementList) DatasetPackages() ld.TypeSeq[AnyElement, *DatasetPackage] { - return ld.NewTypeSeq(*o, castDatasetPackage) +func (o *Annotation) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -func (o *ElementList) DisjunctiveLicenseSets() ld.TypeSeq[AnyElement, *DisjunctiveLicenseSet] { - return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) +func (o *Annotation) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -func (o *ElementList) Elements() ld.TypeSeq[AnyElement, *Element] { - return ld.NewTypeSeq(*o, castElement) +func (o *Annotation) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -func (o *ElementList) ElementCollections() ld.TypeSeq[AnyElement, *ElementCollection] { - return ld.NewTypeSeq(*o, castElementCollection) +func (o *Annotation) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -func (o *ElementList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *EpssVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +func (o *Annotation) GetSummary() string { + return o.Summary } -func (o *ElementList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *ExploitCatalogVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) +func (o *Annotation) SetSummary(v string) { + o.Summary = v } -func (o *ElementList) ExtendableLicenses() ld.TypeSeq[AnyElement, *ExtendableLicense] { - return ld.NewTypeSeq(*o, castExtendableLicense) +func (o *Annotation) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -func (o *ElementList) Files() ld.TypeSeq[AnyElement, *File] { - return ld.NewTypeSeq(*o, castFile) +func (o *Annotation) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -func (o *ElementList) IndividualElements() ld.TypeSeq[AnyElement, *IndividualElement] { - return ld.NewTypeSeq(*o, castIndividualElement) +func (o *Annotation) GetSubject() AnyElement { + return o.Subject } -func (o *ElementList) IndividualLicensingInfos() ld.TypeSeq[AnyElement, *IndividualLicensingInfo] { - return ld.NewTypeSeq(*o, castIndividualLicensingInfo) +func (o *Annotation) SetSubject(v AnyElement) { + o.Subject = v } -func (o *ElementList) Licenses() ld.TypeSeq[AnyElement, *License] { - return ld.NewTypeSeq(*o, castLicense) +func (o *Annotation) GetContentType() string { + return o.ContentType } -func (o *ElementList) LicenseAdditions() ld.TypeSeq[AnyElement, *LicenseAddition] { - return ld.NewTypeSeq(*o, castLicenseAddition) +func (o *Annotation) SetContentType(v string) { + o.ContentType = v } -func (o *ElementList) LicenseExpressions() ld.TypeSeq[AnyElement, *LicenseExpression] { - return ld.NewTypeSeq(*o, castLicenseExpression) +func (o *Annotation) GetStatement() string { + return o.Statement } -func (o *ElementList) LicenseInfos() ld.TypeSeq[AnyElement, *LicenseInfo] { - return ld.NewTypeSeq(*o, castLicenseInfo) +func (o *Annotation) SetStatement(v string) { + o.Statement = v } -func (o *ElementList) LifecycleScopedRelationships() ld.TypeSeq[AnyElement, *LifecycleScopedRelationship] { - return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) +func (o *Annotation) GetType() AnnotationType { + return o.Type } -func (o *ElementList) ListedLicenses() ld.TypeSeq[AnyElement, *ListedLicense] { - return ld.NewTypeSeq(*o, castListedLicense) +func (o *Annotation) SetType(v AnnotationType) { + o.Type = v } -func (o *ElementList) ListedLicenseExceptions() ld.TypeSeq[AnyElement, *ListedLicenseException] { - return ld.NewTypeSeq(*o, castListedLicenseException) -} +type AnnotationList []AnyAnnotation -func (o *ElementList) OrLaterOperators() ld.TypeSeq[AnyElement, *OrLaterOperator] { - return ld.NewTypeSeq(*o, castOrLaterOperator) +func (v AnnotationList) Annotations() []AnyAnnotation { + return ld.SliceOf[AnyAnnotation](v) } -func (o *ElementList) Organizations() ld.TypeSeq[AnyElement, *Organization] { - return ld.NewTypeSeq(*o, castOrganization) +// AnnotationType Specifies the type of an annotation. +type AnnotationType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" node-kind:""` + id string `iri:"@id"` } -func (o *ElementList) Packages() ld.TypeSeq[AnyElement, *Package] { - return ld.NewTypeSeq(*o, castPackage) +// AnnotationType_Other Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). +var AnnotationType_Other = AnnotationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", } -func (o *ElementList) People() ld.TypeSeq[AnyElement, *Person] { - return ld.NewTypeSeq(*o, castPerson) +// AnnotationType_Review Used when someone reviews the Element. +var AnnotationType_Review = AnnotationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review", } -func (o *ElementList) Relationships() ld.TypeSeq[AnyElement, *Relationship] { - return ld.NewTypeSeq(*o, castRelationship) +type AnyArtifact interface { + AnyElement + asArtifact() + GetStandardNames() []string + SetStandardNames([]string) + GetBuiltTime() time.Time + SetBuiltTime(time.Time) + GetReleaseTime() time.Time + SetReleaseTime(time.Time) + GetSupportLevels() []SupportType + SetSupportLevels([]SupportType) + GetSuppliedBy() AnyAgent + SetSuppliedBy(AnyAgent) + GetOriginatedBy() AgentList + SetOriginatedBy(AgentList) + GetValidUntilTime() time.Time + SetValidUntilTime(time.Time) } -func (o *ElementList) SBOMs() ld.TypeSeq[AnyElement, *SBOM] { - return ld.NewTypeSeq(*o, castSBOM) -} +// Artifact A distinct article or unit within the digital domain. +type ArtifactList []AnyArtifact -func (o *ElementList) SimpleLicensingTexts() ld.TypeSeq[AnyElement, *SimpleLicensingText] { - return ld.NewTypeSeq(*o, castSimpleLicensingText) +func (v ArtifactList) AIPackages() []AnyAIPackage { + return ld.SliceOf[AnyAIPackage](v) } -func (o *ElementList) Snippets() ld.TypeSeq[AnyElement, *Snippet] { - return ld.NewTypeSeq(*o, castSnippet) +func (v ArtifactList) Artifacts() []AnyArtifact { + return ld.SliceOf[AnyArtifact](v) } -func (o *ElementList) SoftwareAgents() ld.TypeSeq[AnyElement, *SoftwareAgent] { - return ld.NewTypeSeq(*o, castSoftwareAgent) +func (v ArtifactList) DatasetPackages() []AnyDatasetPackage { + return ld.SliceOf[AnyDatasetPackage](v) } -func (o *ElementList) SoftwareArtifacts() ld.TypeSeq[AnyElement, *SoftwareArtifact] { - return ld.NewTypeSeq(*o, castSoftwareArtifact) +func (v ArtifactList) Files() []AnyFile { + return ld.SliceOf[AnyFile](v) } -func (o *ElementList) SpdxDocuments() ld.TypeSeq[AnyElement, *SpdxDocument] { - return ld.NewTypeSeq(*o, castSpdxDocument) +func (v ArtifactList) Packages() []AnyPackage { + return ld.SliceOf[AnyPackage](v) } -func (o *ElementList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *SsvcVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) +func (v ArtifactList) Snippets() []AnySnippet { + return ld.SliceOf[AnySnippet](v) } -func (o *ElementList) Tools() ld.TypeSeq[AnyElement, *Tool] { - return ld.NewTypeSeq(*o, castTool) +func (v ArtifactList) SoftwareArtifacts() []AnySoftwareArtifact { + return ld.SliceOf[AnySoftwareArtifact](v) } -func (o *ElementList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +func (v ArtifactList) Vulnerabilities() []AnyVulnerability { + return ld.SliceOf[AnyVulnerability](v) } -func (o *ElementList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexFixedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +type AnyBOM interface { + AnyBundle + asBOM() } -func (o *ElementList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexNotAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) -} - -func (o *ElementList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexUnderInvestigationVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) -} - -func (o *ElementList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) -} - -func (o *ElementList) VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) -} - -func (o *ElementList) Vulnerabilities() ld.TypeSeq[AnyElement, *Vulnerability] { - return ld.NewTypeSeq(*o, castVulnerability) -} - -func (o *ElementList) WithAdditionOperators() ld.TypeSeq[AnyElement, *WithAdditionOperator] { - return ld.NewTypeSeq(*o, castWithAdditionOperator) -} - -type AnyElementCollection interface { - AnyElement - asElementCollection() *ElementCollection -} - -// ElementCollection A collection of Elements, not necessarily with unifying context. -type ElementCollection struct { - Element +// BOM A container for a grouping of SPDX-3.0 content characterizing details (provenence, composition, licensing, etc.) about a product. +type BOM struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bom" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` // Elements Refers to one or more Elements that are part of an ElementCollection. Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` // RootElements This property is used to denote the root Element(s) of a tree of elements contained in a BOM. RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to conform to. ProfileConformances []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" type:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` + // Context Gives information about the circumstances or unifying properties that Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *ElementCollection) asElementCollection() *ElementCollection { - return o +func (o *BOM) asBOM() {} +func (o *BOM) asBundle() {} +func (o *BOM) asElementCollection() {} +func (o *BOM) asElement() {} +func (o *BOM) GetDescription() string { + return o.Description } -type ElementCollectionList []AnyElementCollection - -func (o *ElementCollectionList) BOMs() ld.TypeSeq[AnyElementCollection, *BOM] { - return ld.NewTypeSeq(*o, castBOM) +func (o *BOM) SetDescription(v string) { + o.Description = v } -func (o *ElementCollectionList) Bundles() ld.TypeSeq[AnyElementCollection, *Bundle] { - return ld.NewTypeSeq(*o, castBundle) +func (o *BOM) GetComment() string { + return o.Comment } -func (o *ElementCollectionList) ElementCollections() ld.TypeSeq[AnyElementCollection, *ElementCollection] { - return ld.NewTypeSeq(*o, castElementCollection) +func (o *BOM) SetComment(v string) { + o.Comment = v } -func (o *ElementCollectionList) SBOMs() ld.TypeSeq[AnyElementCollection, *SBOM] { - return ld.NewTypeSeq(*o, castSBOM) +func (o *BOM) GetName() string { + return o.Name } -func (o *ElementCollectionList) SpdxDocuments() ld.TypeSeq[AnyElementCollection, *SpdxDocument] { - return ld.NewTypeSeq(*o, castSpdxDocument) +func (o *BOM) SetName(v string) { + o.Name = v } -type AnyEnergyConsumption interface { - asEnergyConsumption() *EnergyConsumption +func (o *BOM) GetExtensions() ExtensionList { + return o.Extensions } -// EnergyConsumption A class for describing the energy consumption incurred by an AI model in different stages of its lifecycle. -type EnergyConsumption struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // InferenceEnergyConsumptions Specifies the amount of energy consumed during inference time by an AI model that is being used in the AI system. - InferenceEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` - // TrainingEnergyConsumptions Specifies the amount of energy consumed when training the AI model that is being used in the AI system. - TrainingEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` - // FinetuningEnergyConsumptions Specifies the amount of energy consumed when finetuning the AI model that is being used in the AI system. - FinetuningEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` +func (o *BOM) SetExtensions(v ExtensionList) { + o.Extensions = v } -func (o *EnergyConsumption) asEnergyConsumption() *EnergyConsumption { - return o +func (o *BOM) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -type EnergyConsumptionList []AnyEnergyConsumption - -func (o *EnergyConsumptionList) EnergyConsumptions() ld.TypeSeq[AnyEnergyConsumption, *EnergyConsumption] { - return ld.NewTypeSeq(*o, castEnergyConsumption) +func (o *BOM) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -type AnyEnergyConsumptionDescription interface { - asEnergyConsumptionDescription() *EnergyConsumptionDescription +func (o *BOM) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -// EnergyConsumptionDescription The class that helps note down the quantity of energy consumption and the unit used for measurement. -type EnergyConsumptionDescription struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // EnergyQuantity Represents the energy quantity. - EnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` - // EnergyUnit Specifies the unit in which energy is measured. - EnergyUnit EnergyUnitType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType"` +func (o *BOM) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -func (o *EnergyConsumptionDescription) asEnergyConsumptionDescription() *EnergyConsumptionDescription { - return o +func (o *BOM) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -type EnergyConsumptionDescriptionList []AnyEnergyConsumptionDescription - -func (o *EnergyConsumptionDescriptionList) EnergyConsumptionDescriptions() ld.TypeSeq[AnyEnergyConsumptionDescription, *EnergyConsumptionDescription] { - return ld.NewTypeSeq(*o, castEnergyConsumptionDescription) +func (o *BOM) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// EnergyUnitType Specifies the unit of energy consumption. -type EnergyUnitType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" node-kind:""` - id string `iri:"@id"` +func (o *BOM) GetSummary() string { + return o.Summary } -// EnergyUnitType_KilowattHour Kilowatt-hour. -var EnergyUnitType_KilowattHour = EnergyUnitType{ - id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", +func (o *BOM) SetSummary(v string) { + o.Summary = v } -// EnergyUnitType_Megajoule Megajoule. -var EnergyUnitType_Megajoule = EnergyUnitType{ - id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule", +func (o *BOM) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// EnergyUnitType_Other Any other units of energy measurement. -var EnergyUnitType_Other = EnergyUnitType{ - id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other", +func (o *BOM) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -type AnyEpssVulnAssessmentRelationship interface { - AnyVulnAssessmentRelationship - asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship +func (o *BOM) GetElements() ElementList { + return o.Elements } -// EpssVulnAssessmentRelationship Provides an EPSS assessment for a vulnerability. -type EpssVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VulnAssessmentRelationship - // Probability A probability score between 0 and 1 of a vulnerability being exploited. - Probability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` - // Percentile The percentile of the current probability score. - Percentile float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/percentile" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` +func (o *BOM) SetElements(v ElementList) { + o.Elements = v } -func (o *EpssVulnAssessmentRelationship) asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship { - return o +func (o *BOM) GetRootElements() ElementList { + return o.RootElements } -type EpssVulnAssessmentRelationshipList []AnyEpssVulnAssessmentRelationship - -func (o *EpssVulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyEpssVulnAssessmentRelationship, *EpssVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +func (o *BOM) SetRootElements(v ElementList) { + o.RootElements = v } -// ExploitCatalogType Specifies the exploit catalog type. -type ExploitCatalogType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" node-kind:""` - id string `iri:"@id"` +func (o *BOM) GetProfileConformances() []ProfileIdentifierType { + return o.ProfileConformances } -// ExploitCatalogType_Kev CISA's Known Exploited Vulnerability (KEV) Catalog -var ExploitCatalogType_Kev = ExploitCatalogType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", +func (o *BOM) SetProfileConformances(v []ProfileIdentifierType) { + o.ProfileConformances = v } -// ExploitCatalogType_Other Other exploit catalogs -var ExploitCatalogType_Other = ExploitCatalogType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other", +func (o *BOM) GetContext() string { + return o.Context } -type AnyExploitCatalogVulnAssessmentRelationship interface { - AnyVulnAssessmentRelationship - asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship +func (o *BOM) SetContext(v string) { + o.Context = v } -// ExploitCatalogVulnAssessmentRelationship Provides an exploit assessment of a vulnerability. -type ExploitCatalogVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VulnAssessmentRelationship - // Locator Provides the location of an exploit catalog. - Locator URI `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // Exploited Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - Exploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" required:"true" type:"http://www.w3.org/2001/XMLSchema#boolean"` - // CatalogType Specifies the exploit catalog type. - CatalogType ExploitCatalogType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/catalogType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType"` -} +type BOMList []AnyBOM -func (o *ExploitCatalogVulnAssessmentRelationship) asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship { - return o +func (v BOMList) BOMs() []AnyBOM { + return ld.SliceOf[AnyBOM](v) } -type ExploitCatalogVulnAssessmentRelationshipList []AnyExploitCatalogVulnAssessmentRelationship - -func (o *ExploitCatalogVulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyExploitCatalogVulnAssessmentRelationship, *ExploitCatalogVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) +func (v BOMList) SBOMs() []AnySBOM { + return ld.SliceOf[AnySBOM](v) } -type AnyExtendableLicense interface { - AnyLicenseInfo - asExtendableLicense() *ExtendableLicense +type AnyBuild interface { + AnyElement + asBuild() + GetBuildID() string + SetBuildID(string) + GetConfigSourceUris() []URI + SetConfigSourceUris([]URI) + GetStartTime() time.Time + SetStartTime(time.Time) + GetConfigSourceDigests() HashList + SetConfigSourceDigests(HashList) + GetParameters() DictionaryEntryList + SetParameters(DictionaryEntryList) + GetType() URI + SetType(URI) + GetConfigSourceEntrypoints() []string + SetConfigSourceEntrypoints([]string) + GetEndTime() time.Time + SetEndTime(time.Time) + GetEnvironments() DictionaryEntryList + SetEnvironments(DictionaryEntryList) } -// ExtendableLicense Abstract class representing a License or an OrLaterOperator. -type ExtendableLicense struct { - LicenseInfo +// Build Class that describes a build instance of software/artifacts. +type Build struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Build/Build" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // BuildID A buildId is a locally unique identifier used by a builder to identify a unique instance of a build produced by it. + BuildID string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" type:"http://www.w3.org/2001/XMLSchema#string"` + // ConfigSourceUris Property that describes the URI of the build configuration source file. + ConfigSourceUris []URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // StartTime Property describing the start time of a build. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ConfigSourceDigests Property that describes the digest of the build configuration file used to invoke a build. + ConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" type:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` + // Parameters Property describing a parameter used in an instance of a build. + Parameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // Type A buildType is a hint that is used to indicate the toolchain, platform, or infrastructure that the build was invoked on. + Type URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // ConfigSourceEntrypoints Property describes the invocation entrypoint of a build. + ConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" type:"http://www.w3.org/2001/XMLSchema#string"` + // EndTime Property that describes the time at which a build stops. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Environments Property describing the session in which a build is invoked. + Environments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` } -func (o *ExtendableLicense) asExtendableLicense() *ExtendableLicense { - return o +func (o *Build) asBuild() {} +func (o *Build) asElement() {} +func (o *Build) GetDescription() string { + return o.Description } -type ExtendableLicenseList []AnyExtendableLicense - -func (o *ExtendableLicenseList) CustomLicenses() ld.TypeSeq[AnyExtendableLicense, *CustomLicense] { - return ld.NewTypeSeq(*o, castCustomLicense) +func (o *Build) SetDescription(v string) { + o.Description = v } -func (o *ExtendableLicenseList) ExtendableLicenses() ld.TypeSeq[AnyExtendableLicense, *ExtendableLicense] { - return ld.NewTypeSeq(*o, castExtendableLicense) +func (o *Build) GetComment() string { + return o.Comment } -func (o *ExtendableLicenseList) Licenses() ld.TypeSeq[AnyExtendableLicense, *License] { - return ld.NewTypeSeq(*o, castLicense) +func (o *Build) SetComment(v string) { + o.Comment = v } -func (o *ExtendableLicenseList) ListedLicenses() ld.TypeSeq[AnyExtendableLicense, *ListedLicense] { - return ld.NewTypeSeq(*o, castListedLicense) +func (o *Build) GetName() string { + return o.Name } -func (o *ExtendableLicenseList) OrLaterOperators() ld.TypeSeq[AnyExtendableLicense, *OrLaterOperator] { - return ld.NewTypeSeq(*o, castOrLaterOperator) +func (o *Build) SetName(v string) { + o.Name = v } -type AnyExtension interface { - asExtension() *Extension +func (o *Build) GetExtensions() ExtensionList { + return o.Extensions } -// Extension A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. -type Extension struct { - ID string `iri:"@id"` +func (o *Build) SetExtensions(v ExtensionList) { + o.Extensions = v } -func (o *Extension) asExtension() *Extension { - return o +func (o *Build) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -type ExtensionList []AnyExtension - -func (o *ExtensionList) CdxPropertiesExtensions() ld.TypeSeq[AnyExtension, *CdxPropertiesExtension] { - return ld.NewTypeSeq(*o, castCdxPropertiesExtension) +func (o *Build) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *ExtensionList) Extensions() ld.TypeSeq[AnyExtension, *Extension] { - return ld.NewTypeSeq(*o, castExtension) +func (o *Build) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -type AnyExternalIdentifier interface { - asExternalIdentifier() *ExternalIdentifier +func (o *Build) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// ExternalIdentifier A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. -type ExternalIdentifier struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // Identifier Uniquely identifies an external element. - Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // IssuingAuthority An entity that is authorized to issue identification credentials. - IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" type:"http://www.w3.org/2001/XMLSchema#string"` - // Comment Provide consumers with comments by the creator of the Element about the Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` - // IdentifierLocators Provides the location for more information regarding an external identifier. - IdentifierLocators []URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // Type Specifies the type of the external identifier. - Type ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` +func (o *Build) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -func (o *ExternalIdentifier) asExternalIdentifier() *ExternalIdentifier { - return o +func (o *Build) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -type ExternalIdentifierList []AnyExternalIdentifier +func (o *Build) GetSummary() string { + return o.Summary +} -func (o *ExternalIdentifierList) ExternalIdentifiers() ld.TypeSeq[AnyExternalIdentifier, *ExternalIdentifier] { - return ld.NewTypeSeq(*o, castExternalIdentifier) +func (o *Build) SetSummary(v string) { + o.Summary = v } -// ExternalIdentifierType Specifies the type of an external identifier. -type ExternalIdentifierType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" node-kind:""` - id string `iri:"@id"` +func (o *Build) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// ExternalIdentifierType_Cpe22 [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) -var ExternalIdentifierType_Cpe22 = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", +func (o *Build) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -// ExternalIdentifierType_Cpe23 [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) -var ExternalIdentifierType_Cpe23 = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23", +func (o *Build) GetBuildID() string { + return o.BuildID } -// ExternalIdentifierType_Cve Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). -var ExternalIdentifierType_Cve = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve", +func (o *Build) SetBuildID(v string) { + o.BuildID = v } -// ExternalIdentifierType_Email Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. -var ExternalIdentifierType_Email = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email", +func (o *Build) GetConfigSourceUris() []URI { + return o.ConfigSourceUris } -// ExternalIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var ExternalIdentifierType_Gitoid = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid", +func (o *Build) SetConfigSourceUris(v []URI) { + o.ConfigSourceUris = v } -// ExternalIdentifierType_Other Used when the type does not match any of the other options. -var ExternalIdentifierType_Other = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", +func (o *Build) GetStartTime() time.Time { + return o.StartTime } -// ExternalIdentifierType_PackageURL Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. -var ExternalIdentifierType_PackageURL = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", +func (o *Build) SetStartTime(v time.Time) { + o.StartTime = v } -// ExternalIdentifierType_SecurityOther Used when there is a security related identifier of unspecified type. -var ExternalIdentifierType_SecurityOther = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther", +func (o *Build) GetConfigSourceDigests() HashList { + return o.ConfigSourceDigests } -// ExternalIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var ExternalIdentifierType_Swhid = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid", +func (o *Build) SetConfigSourceDigests(v HashList) { + o.ConfigSourceDigests = v } -// ExternalIdentifierType_Swid Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. -var ExternalIdentifierType_Swid = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid", +func (o *Build) GetParameters() DictionaryEntryList { + return o.Parameters } -// ExternalIdentifierType_UrlScheme [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. -var ExternalIdentifierType_UrlScheme = ExternalIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme", +func (o *Build) SetParameters(v DictionaryEntryList) { + o.Parameters = v } -type AnyExternalMap interface { - asExternalMap() *ExternalMap +func (o *Build) GetType() URI { + return o.Type } -// ExternalMap A map of Element identifiers that are used within an SpdxDocument but defined external to that SpdxDocument. -type ExternalMap struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // ExternalSpdxID Identifies an external Element used within an SpdxDocument but defined external to that SpdxDocument. - ExternalSpdxID URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // LocationHint Provides an indication of where to retrieve an external Element. - LocationHint URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. - VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` - // DefiningArtifact Artifact representing a serialization instance of SPDX data containing the definition of a particular Element. - DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" type:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` +func (o *Build) SetType(v URI) { + o.Type = v } -func (o *ExternalMap) asExternalMap() *ExternalMap { - return o +func (o *Build) GetConfigSourceEntrypoints() []string { + return o.ConfigSourceEntrypoints } -type ExternalMapList []AnyExternalMap +func (o *Build) SetConfigSourceEntrypoints(v []string) { + o.ConfigSourceEntrypoints = v +} -func (o *ExternalMapList) ExternalMaps() ld.TypeSeq[AnyExternalMap, *ExternalMap] { - return ld.NewTypeSeq(*o, castExternalMap) +func (o *Build) GetEndTime() time.Time { + return o.EndTime } -type AnyExternalRef interface { - asExternalRef() *ExternalRef +func (o *Build) SetEndTime(v time.Time) { + o.EndTime = v } -// ExternalRef A reference to a resource outside the scope of SPDX-3.0 content related to an Element. -type ExternalRef struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // Locators Provides the location of an external reference. - Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" type:"http://www.w3.org/2001/XMLSchema#string"` - // ContentType Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` - // Type Specifies the type of the external reference. - Type ExternalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` - // Comment Provide consumers with comments by the creator of the Element about the Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *Build) GetEnvironments() DictionaryEntryList { + return o.Environments } -func (o *ExternalRef) asExternalRef() *ExternalRef { - return o +func (o *Build) SetEnvironments(v DictionaryEntryList) { + o.Environments = v } -type ExternalRefList []AnyExternalRef +type BuildList []AnyBuild -func (o *ExternalRefList) ExternalRefs() ld.TypeSeq[AnyExternalRef, *ExternalRef] { - return ld.NewTypeSeq(*o, castExternalRef) +func (v BuildList) Builds() []AnyBuild { + return ld.SliceOf[AnyBuild](v) } -// ExternalRefType Specifies the type of an external reference. -type ExternalRefType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" node-kind:""` - id string `iri:"@id"` +type AnyBundle interface { + AnyElementCollection + asBundle() + GetContext() string + SetContext(string) } -// ExternalRefType_AltDownloadLocation A reference to an alternative download location. -var ExternalRefType_AltDownloadLocation = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", +// Bundle A collection of Elements that have a shared context. +type Bundle struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bundle" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Elements Refers to one or more Elements that are part of an ElementCollection. + Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // RootElements This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to conform to. + ProfileConformances []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" type:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` + // Context Gives information about the circumstances or unifying properties that Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" type:"http://www.w3.org/2001/XMLSchema#string"` } -// ExternalRefType_AltWebPage A reference to an alternative web page. -var ExternalRefType_AltWebPage = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage", +func (o *Bundle) asBundle() {} +func (o *Bundle) asElementCollection() {} +func (o *Bundle) asElement() {} +func (o *Bundle) GetDescription() string { + return o.Description } -// ExternalRefType_BinaryArtifact A reference to binary artifacts related to a package. -var ExternalRefType_BinaryArtifact = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact", +func (o *Bundle) SetDescription(v string) { + o.Description = v } -// ExternalRefType_Bower A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install). -var ExternalRefType_Bower = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower", +func (o *Bundle) GetComment() string { + return o.Comment } -// ExternalRefType_BuildMeta A reference build metadata related to a published package. -var ExternalRefType_BuildMeta = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta", +func (o *Bundle) SetComment(v string) { + o.Comment = v } -// ExternalRefType_BuildSystem A reference build system used to create or publish the package. -var ExternalRefType_BuildSystem = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem", +func (o *Bundle) GetName() string { + return o.Name } -// ExternalRefType_CertificationReport A reference to a certification report for a package from an accredited/independent body. -var ExternalRefType_CertificationReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport", +func (o *Bundle) SetName(v string) { + o.Name = v } -// ExternalRefType_Chat A reference to the instant messaging system used by the maintainer for a package. -var ExternalRefType_Chat = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat", +func (o *Bundle) GetExtensions() ExtensionList { + return o.Extensions } -// ExternalRefType_ComponentAnalysisReport A reference to a Software Composition Analysis (SCA) report. -var ExternalRefType_ComponentAnalysisReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport", +func (o *Bundle) SetExtensions(v ExtensionList) { + o.Extensions = v } -// ExternalRefType_Cwe [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). -var ExternalRefType_Cwe = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe", +func (o *Bundle) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// ExternalRefType_Documentation A reference to the documentation for a package. -var ExternalRefType_Documentation = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation", +func (o *Bundle) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -// ExternalRefType_DynamicAnalysisReport A reference to a dynamic analysis report for a package. -var ExternalRefType_DynamicAnalysisReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport", +func (o *Bundle) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -// ExternalRefType_EolNotice A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. -var ExternalRefType_EolNotice = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice", +func (o *Bundle) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// ExternalRefType_ExportControlAssessment A reference to a export control assessment for a package. -var ExternalRefType_ExportControlAssessment = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment", +func (o *Bundle) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// ExternalRefType_Funding A reference to funding information related to a package. -var ExternalRefType_Funding = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding", +func (o *Bundle) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// ExternalRefType_IssueTracker A reference to the issue tracker for a package. -var ExternalRefType_IssueTracker = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker", +func (o *Bundle) GetSummary() string { + return o.Summary } -// ExternalRefType_License A reference to additional license information related to an artifact. -var ExternalRefType_License = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license", +func (o *Bundle) SetSummary(v string) { + o.Summary = v } -// ExternalRefType_MailingList A reference to the mailing list used by the maintainer for a package. -var ExternalRefType_MailingList = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList", +func (o *Bundle) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// ExternalRefType_MavenCentral A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. -var ExternalRefType_MavenCentral = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral", +func (o *Bundle) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -// ExternalRefType_Metrics A reference to metrics related to package such as OpenSSF scorecards. -var ExternalRefType_Metrics = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics", +func (o *Bundle) GetElements() ElementList { + return o.Elements } -// ExternalRefType_Npm A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. -var ExternalRefType_Npm = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm", +func (o *Bundle) SetElements(v ElementList) { + o.Elements = v } -// ExternalRefType_Nuget A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. -var ExternalRefType_Nuget = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget", +func (o *Bundle) GetRootElements() ElementList { + return o.RootElements } -// ExternalRefType_Other Used when the type does not match any of the other options. -var ExternalRefType_Other = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other", +func (o *Bundle) SetRootElements(v ElementList) { + o.RootElements = v } -// ExternalRefType_PrivacyAssessment A reference to a privacy assessment for a package. -var ExternalRefType_PrivacyAssessment = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment", +func (o *Bundle) GetProfileConformances() []ProfileIdentifierType { + return o.ProfileConformances } -// ExternalRefType_ProductMetadata A reference to additional product metadata such as reference within organization's product catalog. -var ExternalRefType_ProductMetadata = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata", +func (o *Bundle) SetProfileConformances(v []ProfileIdentifierType) { + o.ProfileConformances = v } -// ExternalRefType_PurchaseOrder A reference to a purchase order for a package. -var ExternalRefType_PurchaseOrder = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder", +func (o *Bundle) GetContext() string { + return o.Context } -// ExternalRefType_QualityAssessmentReport A reference to a quality assessment for a package. -var ExternalRefType_QualityAssessmentReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport", +func (o *Bundle) SetContext(v string) { + o.Context = v } -// ExternalRefType_ReleaseHistory A reference to a published list of releases for a package. -var ExternalRefType_ReleaseHistory = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory", +type BundleList []AnyBundle + +func (v BundleList) BOMs() []AnyBOM { + return ld.SliceOf[AnyBOM](v) } -// ExternalRefType_ReleaseNotes A reference to the release notes for a package. -var ExternalRefType_ReleaseNotes = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes", +func (v BundleList) Bundles() []AnyBundle { + return ld.SliceOf[AnyBundle](v) } -// ExternalRefType_RiskAssessment A reference to a risk assessment for a package. -var ExternalRefType_RiskAssessment = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment", +func (v BundleList) SBOMs() []AnySBOM { + return ld.SliceOf[AnySBOM](v) } -// ExternalRefType_RuntimeAnalysisReport A reference to a runtime analysis report for a package. -var ExternalRefType_RuntimeAnalysisReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport", +type AnyCdxPropertiesExtension interface { + AnyExtension + asCdxPropertiesExtension() + GetCdxProperties() CdxPropertyEntryList + SetCdxProperties(CdxPropertyEntryList) } -// ExternalRefType_SecureSoftwareAttestation A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). -var ExternalRefType_SecureSoftwareAttestation = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation", +// CdxPropertiesExtension A type of extension consisting of a list of name value pairs. +type CdxPropertiesExtension struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // CdxProperties Provides a map of a property names to a values. + CdxProperties CdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` } -// ExternalRefType_SecurityAdversaryModel A reference to the security adversary model for a package. -var ExternalRefType_SecurityAdversaryModel = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel", +func (o *CdxPropertiesExtension) asCdxPropertiesExtension() {} +func (o *CdxPropertiesExtension) asExtension() {} +func (o *CdxPropertiesExtension) GetCdxProperties() CdxPropertyEntryList { + return o.CdxProperties } -// ExternalRefType_SecurityAdvisory A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. -var ExternalRefType_SecurityAdvisory = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory", +func (o *CdxPropertiesExtension) SetCdxProperties(v CdxPropertyEntryList) { + o.CdxProperties = v } -// ExternalRefType_SecurityFix A reference to the patch or source code that fixes a vulnerability. -var ExternalRefType_SecurityFix = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix", +type CdxPropertiesExtensionList []AnyCdxPropertiesExtension + +func (v CdxPropertiesExtensionList) CdxPropertiesExtensions() []AnyCdxPropertiesExtension { + return ld.SliceOf[AnyCdxPropertiesExtension](v) } -// ExternalRefType_SecurityOther A reference to related security information of unspecified type. -var ExternalRefType_SecurityOther = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther", +type AnyCdxPropertyEntry interface { + asCdxPropertyEntry() + GetCdxPropValue() string + SetCdxPropValue(string) + GetCdxPropName() string + SetCdxPropName(string) } -// ExternalRefType_SecurityPenTestReport A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. -var ExternalRefType_SecurityPenTestReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport", +// CdxPropertyEntry A property name with an associated value. +type CdxPropertyEntry struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // CdxPropValue A value used in a CdxPropertyEntry name-value pair. + CdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" type:"http://www.w3.org/2001/XMLSchema#string"` + // CdxPropName A name used in a CdxPropertyEntry name-value pair. + CdxPropName string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -// ExternalRefType_SecurityPolicy A reference to instructions for reporting newly discovered security vulnerabilities for a package. -var ExternalRefType_SecurityPolicy = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy", +func (o *CdxPropertyEntry) asCdxPropertyEntry() {} +func (o *CdxPropertyEntry) GetCdxPropValue() string { + return o.CdxPropValue } -// ExternalRefType_SecurityThreatModel A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. -var ExternalRefType_SecurityThreatModel = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel", +func (o *CdxPropertyEntry) SetCdxPropValue(v string) { + o.CdxPropValue = v } -// ExternalRefType_SocialMedia A reference to a social media channel for a package. -var ExternalRefType_SocialMedia = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia", +func (o *CdxPropertyEntry) GetCdxPropName() string { + return o.CdxPropName } -// ExternalRefType_SourceArtifact A reference to an artifact containing the sources for a package. -var ExternalRefType_SourceArtifact = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact", +func (o *CdxPropertyEntry) SetCdxPropName(v string) { + o.CdxPropName = v } -// ExternalRefType_StaticAnalysisReport A reference to a static analysis report for a package. -var ExternalRefType_StaticAnalysisReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport", +type CdxPropertyEntryList []AnyCdxPropertyEntry + +func (v CdxPropertyEntryList) CdxPropertyEntries() []AnyCdxPropertyEntry { + return ld.SliceOf[AnyCdxPropertyEntry](v) } -// ExternalRefType_Support A reference to the software support channel or other support information for a package. -var ExternalRefType_Support = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support", +// ConfidentialityLevelType Categories of confidentiality level. +type ConfidentialityLevelType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" node-kind:""` + id string `iri:"@id"` } -// ExternalRefType_Vcs A reference to a version control system related to a software artifact. -var ExternalRefType_Vcs = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs", +// ConfidentialityLevelType_Amber Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. +var ConfidentialityLevelType_Amber = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", } -// ExternalRefType_VulnerabilityDisclosureReport A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). -var ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport", +// ConfidentialityLevelType_Clear Dataset may be distributed freely, without restriction. +var ConfidentialityLevelType_Clear = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear", } -// ExternalRefType_VulnerabilityExploitabilityAssessment A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). -var ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment", +// ConfidentialityLevelType_Green Dataset can be shared within a community of peers and partners. +var ConfidentialityLevelType_Green = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green", } -type AnyFile interface { - AnySoftwareArtifact - asFile() *File +// ConfidentialityLevelType_Red Data points in the dataset are highly confidential and can only be shared with named recipients. +var ConfidentialityLevelType_Red = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red", } -// File Refers to any object that stores content on a computer. -type File struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File" node-kind:"http://www.w3.org/ns/shacl#IRI"` - SoftwareArtifact - // ContentType Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` - // Kind Describes if a given file is a directory or non-directory kind of file. - Kind FileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" type:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` +type AnyConjunctiveLicenseSet interface { + AnyLicenseInfo + asConjunctiveLicenseSet() + GetMembers() LicenseInfoList + SetMembers(LicenseInfoList) } -func (o *File) asFile() *File { - return o +// ConjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where all elements apply. +type ConjunctiveLicenseSet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Members A license expression participating in a license set. + Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` } -type FileList []AnyFile +func (o *ConjunctiveLicenseSet) asConjunctiveLicenseSet() {} +func (o *ConjunctiveLicenseSet) asLicenseInfo() {} +func (o *ConjunctiveLicenseSet) asElement() {} +func (o *ConjunctiveLicenseSet) GetDescription() string { + return o.Description +} -func (o *FileList) Files() ld.TypeSeq[AnyFile, *File] { - return ld.NewTypeSeq(*o, castFile) +func (o *ConjunctiveLicenseSet) SetDescription(v string) { + o.Description = v } -// FileKindType Enumeration of the different kinds of SPDX file. -type FileKindType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" node-kind:""` - id string `iri:"@id"` +func (o *ConjunctiveLicenseSet) GetComment() string { + return o.Comment } -// FileKindType_Directory The file represents a directory and all content stored in that directory. -var FileKindType_Directory = FileKindType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", +func (o *ConjunctiveLicenseSet) SetComment(v string) { + o.Comment = v } -// FileKindType_File The file represents a single file (default). -var FileKindType_File = FileKindType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file", +func (o *ConjunctiveLicenseSet) GetName() string { + return o.Name } -type AnyHash interface { - AnyIntegrityMethod - asHash() *Hash +func (o *ConjunctiveLicenseSet) SetName(v string) { + o.Name = v } -// Hash A mathematically calculated representation of a grouping of data. -type Hash struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Hash" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - IntegrityMethod - // Value The result of applying a hash algorithm to an Element. - Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // Algorithm Specifies the algorithm used for calculating the hash value. - Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` +func (o *ConjunctiveLicenseSet) GetExtensions() ExtensionList { + return o.Extensions } -func (o *Hash) asHash() *Hash { - return o +func (o *ConjunctiveLicenseSet) SetExtensions(v ExtensionList) { + o.Extensions = v } -type HashList []AnyHash - -func (o *HashList) Hashes() ld.TypeSeq[AnyHash, *Hash] { - return ld.NewTypeSeq(*o, castHash) -} - -// HashAlgorithm A mathematical algorithm that maps data of arbitrary size to a bit string. -type HashAlgorithm struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" node-kind:""` - id string `iri:"@id"` -} - -// HashAlgorithm_Adler32 Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. -var HashAlgorithm_Adler32 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32", +func (o *ConjunctiveLicenseSet) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// HashAlgorithm_Blake2b256 BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b256 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", +func (o *ConjunctiveLicenseSet) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -// HashAlgorithm_Blake2b384 BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b384 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", +func (o *ConjunctiveLicenseSet) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -// HashAlgorithm_Blake2b512 BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b512 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", +func (o *ConjunctiveLicenseSet) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// HashAlgorithm_Blake3 [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) -var HashAlgorithm_Blake3 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", +func (o *ConjunctiveLicenseSet) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// HashAlgorithm_CrystalsDilithium [Dilithium](https://pq-crystals.org/dilithium/) -var HashAlgorithm_CrystalsDilithium = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", +func (o *ConjunctiveLicenseSet) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// HashAlgorithm_CrystalsKyber [Kyber](https://pq-crystals.org/kyber/) -var HashAlgorithm_CrystalsKyber = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", +func (o *ConjunctiveLicenseSet) GetSummary() string { + return o.Summary } -// HashAlgorithm_Falcon [FALCON](https://falcon-sign.info/falcon.pdf) -var HashAlgorithm_Falcon = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", +func (o *ConjunctiveLicenseSet) SetSummary(v string) { + o.Summary = v } -// HashAlgorithm_Md2 MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). -var HashAlgorithm_Md2 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", +func (o *ConjunctiveLicenseSet) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// HashAlgorithm_Md4 MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). -var HashAlgorithm_Md4 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", +func (o *ConjunctiveLicenseSet) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -// HashAlgorithm_Md5 MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). -var HashAlgorithm_Md5 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", +func (o *ConjunctiveLicenseSet) GetMembers() LicenseInfoList { + return o.Members } -// HashAlgorithm_Md6 [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) -var HashAlgorithm_Md6 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", +func (o *ConjunctiveLicenseSet) SetMembers(v LicenseInfoList) { + o.Members = v } -// HashAlgorithm_Other any hashing algorithm that does not exist in this list of entries -var HashAlgorithm_Other = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", -} +type ConjunctiveLicenseSetList []AnyConjunctiveLicenseSet -// HashAlgorithm_Sha1 SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). -var HashAlgorithm_Sha1 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", +func (v ConjunctiveLicenseSetList) ConjunctiveLicenseSets() []AnyConjunctiveLicenseSet { + return ld.SliceOf[AnyConjunctiveLicenseSet](v) } -// HashAlgorithm_Sha224 SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). -var HashAlgorithm_Sha224 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", +type AnyContentIdentifier interface { + AnyIntegrityMethod + asContentIdentifier() + GetType() ContentIdentifierType + SetType(ContentIdentifierType) + GetValue() URI + SetValue(URI) } -// HashAlgorithm_Sha256 SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha256 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", +// ContentIdentifier A canonical, unique, immutable identifier +type ContentIdentifier struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Type Specifies the type of the content identifier. + Type ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` + // Value Specifies the value of the content identifier. + Value URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` } -// HashAlgorithm_Sha384 SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha384 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", +func (o *ContentIdentifier) asContentIdentifier() {} +func (o *ContentIdentifier) asIntegrityMethod() {} +func (o *ContentIdentifier) GetComment() string { + return o.Comment } -// HashAlgorithm_Sha3_224 SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3_224 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", +func (o *ContentIdentifier) SetComment(v string) { + o.Comment = v } -// HashAlgorithm_Sha3_256 SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3_256 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", +func (o *ContentIdentifier) GetType() ContentIdentifierType { + return o.Type } -// HashAlgorithm_Sha3_384 SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3_384 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", +func (o *ContentIdentifier) SetType(v ContentIdentifierType) { + o.Type = v } -// HashAlgorithm_Sha3_512 SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3_512 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", +func (o *ContentIdentifier) GetValue() URI { + return o.Value } -// HashAlgorithm_Sha512 SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha512 = HashAlgorithm{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", +func (o *ContentIdentifier) SetValue(v URI) { + o.Value = v } -type AnyIndividualElement interface { - AnyElement - asIndividualElement() *IndividualElement -} +type ContentIdentifierList []AnyContentIdentifier -// IndividualElement A concrete subclass of Element used by Individuals in the Core profile. -type IndividualElement struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Element +func (v ContentIdentifierList) ContentIdentifiers() []AnyContentIdentifier { + return ld.SliceOf[AnyContentIdentifier](v) } -func (o *IndividualElement) asIndividualElement() *IndividualElement { - return o +// ContentIdentifierType Specifies the type of a content identifier. +type ContentIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" node-kind:""` + id string `iri:"@id"` } -// IndividualElement_NoAssertionElement An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number). -var IndividualElement_NoAssertionElement AnyIndividualElement = &ExternalIRI{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", +// ContentIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var ContentIdentifierType_Gitoid = ContentIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", } -// IndividualElement_NoneElement An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero. -var IndividualElement_NoneElement AnyIndividualElement = &ExternalIRI{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", +// ContentIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var ContentIdentifierType_Swhid = ContentIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid", } -type IndividualElementList []AnyIndividualElement - -func (o *IndividualElementList) IndividualElements() ld.TypeSeq[AnyIndividualElement, *IndividualElement] { - return ld.NewTypeSeq(*o, castIndividualElement) +type AnyCreationInfo interface { + asCreationInfo() + GetSpecVersion() string + SetSpecVersion(string) + GetCreated() time.Time + SetCreated(time.Time) + GetCreatedUsing() ToolList + SetCreatedUsing(ToolList) + GetComment() string + SetComment(string) + GetCreatedBy() AgentList + SetCreatedBy(AgentList) } -type AnyIndividualLicensingInfo interface { - AnyLicenseInfo - asIndividualLicensingInfo() *IndividualLicensingInfo +// CreationInfo Provides information about the creation of the Element. +type CreationInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // SpecVersion Provides a reference number that can be used to understand how to parse and interpret an Element. + SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Created Identifies when the Element was originally created. + Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" required:"true" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // CreatedUsing Identifies the tooling that was used during the creation of the Element. + CreatedUsing ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // CreatedBy Identifies who or what created the Element. + CreatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` } -// IndividualLicensingInfo A concrete subclass of AnyLicenseInfo used by Individuals in the ExpandedLicensing profile. -type IndividualLicensingInfo struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" node-kind:"http://www.w3.org/ns/shacl#IRI"` - LicenseInfo +func (o *CreationInfo) asCreationInfo() {} +func (o *CreationInfo) GetSpecVersion() string { + return o.SpecVersion } -func (o *IndividualLicensingInfo) asIndividualLicensingInfo() *IndividualLicensingInfo { - return o +func (o *CreationInfo) SetSpecVersion(v string) { + o.SpecVersion = v } -// IndividualLicensingInfo_NoAssertionLicense An Individual Value for License when no assertion can be made about its actual\nvalue. -var IndividualLicensingInfo_NoAssertionLicense AnyIndividualLicensingInfo = &ExternalIRI{ - id: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", +func (o *CreationInfo) GetCreated() time.Time { + return o.Created } -// IndividualLicensingInfo_NoneLicense An Individual Value for License where the SPDX data creator determines that no\nlicense is present. -var IndividualLicensingInfo_NoneLicense AnyIndividualLicensingInfo = &ExternalIRI{ - id: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", +func (o *CreationInfo) SetCreated(v time.Time) { + o.Created = v } -type IndividualLicensingInfoList []AnyIndividualLicensingInfo - -func (o *IndividualLicensingInfoList) IndividualLicensingInfos() ld.TypeSeq[AnyIndividualLicensingInfo, *IndividualLicensingInfo] { - return ld.NewTypeSeq(*o, castIndividualLicensingInfo) +func (o *CreationInfo) GetCreatedUsing() ToolList { + return o.CreatedUsing } -type AnyIntegrityMethod interface { - asIntegrityMethod() *IntegrityMethod +func (o *CreationInfo) SetCreatedUsing(v ToolList) { + o.CreatedUsing = v } -// IntegrityMethod Provides an independently reproducible mechanism that permits verification of a specific Element. -type IntegrityMethod struct { - ID string `iri:"@id"` - // Comment Provide consumers with comments by the creator of the Element about the Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *CreationInfo) GetComment() string { + return o.Comment } -func (o *IntegrityMethod) asIntegrityMethod() *IntegrityMethod { - return o +func (o *CreationInfo) SetComment(v string) { + o.Comment = v } -type IntegrityMethodList []AnyIntegrityMethod - -func (o *IntegrityMethodList) ContentIdentifiers() ld.TypeSeq[AnyIntegrityMethod, *ContentIdentifier] { - return ld.NewTypeSeq(*o, castContentIdentifier) +func (o *CreationInfo) GetCreatedBy() AgentList { + return o.CreatedBy } -func (o *IntegrityMethodList) Hashes() ld.TypeSeq[AnyIntegrityMethod, *Hash] { - return ld.NewTypeSeq(*o, castHash) +func (o *CreationInfo) SetCreatedBy(v AgentList) { + o.CreatedBy = v } -func (o *IntegrityMethodList) IntegrityMethods() ld.TypeSeq[AnyIntegrityMethod, *IntegrityMethod] { - return ld.NewTypeSeq(*o, castIntegrityMethod) -} +type CreationInfoList []AnyCreationInfo -func (o *IntegrityMethodList) PackageVerificationCodes() ld.TypeSeq[AnyIntegrityMethod, *PackageVerificationCode] { - return ld.NewTypeSeq(*o, castPackageVerificationCode) +func (v CreationInfoList) CreationInfos() []AnyCreationInfo { + return ld.SliceOf[AnyCreationInfo](v) } -type AnyLicense interface { - AnyExtendableLicense - asLicense() *License +type AnyCustomLicense interface { + AnyLicense + asCustomLicense() } -// License Abstract class for the portion of an AnyLicenseInfo representing a license. -type License struct { - ExtendableLicense +// CustomLicense A license that is not listed on the SPDX License List. +type CustomLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. SeeAlsos []URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` // IsDeprecatedLicenseID Specifies whether a license or additional text identifier has been marked as deprecated. @@ -1982,1467 +1765,8316 @@ type License struct { StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *License) asLicense() *License { - return o -} - -type LicenseList []AnyLicense - -func (o *LicenseList) CustomLicenses() ld.TypeSeq[AnyLicense, *CustomLicense] { - return ld.NewTypeSeq(*o, castCustomLicense) -} - -func (o *LicenseList) Licenses() ld.TypeSeq[AnyLicense, *License] { - return ld.NewTypeSeq(*o, castLicense) -} - -func (o *LicenseList) ListedLicenses() ld.TypeSeq[AnyLicense, *ListedLicense] { - return ld.NewTypeSeq(*o, castListedLicense) -} - -type AnyLicenseAddition interface { - AnyElement - asLicenseAddition() *LicenseAddition -} - -// LicenseAddition Abstract class for additional text intended to be added to a License, but which is not itself a standalone License. -type LicenseAddition struct { - Element - // AdditionText Identifies the full text of a LicenseAddition. - AdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated License or LicenseAddition. - ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` - // LicenseXml Identifies all the text and metadata associated with a license in the license XML format. - LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` - // StandardAdditionTemplate Identifies the full text of a LicenseAddition, in SPDX templating format. - StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` - // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. - SeeAlsos []URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // IsDeprecatedAdditionID Specifies whether an additional text identifier has been marked as deprecated. - IsDeprecatedAdditionID bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" type:"http://www.w3.org/2001/XMLSchema#boolean"` -} - -func (o *LicenseAddition) asLicenseAddition() *LicenseAddition { - return o +func (o *CustomLicense) asCustomLicense() {} +func (o *CustomLicense) asLicense() {} +func (o *CustomLicense) asExtendableLicense() {} +func (o *CustomLicense) asLicenseInfo() {} +func (o *CustomLicense) asElement() {} +func (o *CustomLicense) GetDescription() string { + return o.Description } -type LicenseAdditionList []AnyLicenseAddition - -func (o *LicenseAdditionList) CustomLicenseAdditions() ld.TypeSeq[AnyLicenseAddition, *CustomLicenseAddition] { - return ld.NewTypeSeq(*o, castCustomLicenseAddition) +func (o *CustomLicense) SetDescription(v string) { + o.Description = v } -func (o *LicenseAdditionList) LicenseAdditions() ld.TypeSeq[AnyLicenseAddition, *LicenseAddition] { - return ld.NewTypeSeq(*o, castLicenseAddition) +func (o *CustomLicense) GetComment() string { + return o.Comment } -func (o *LicenseAdditionList) ListedLicenseExceptions() ld.TypeSeq[AnyLicenseAddition, *ListedLicenseException] { - return ld.NewTypeSeq(*o, castListedLicenseException) +func (o *CustomLicense) SetComment(v string) { + o.Comment = v } -type AnyLicenseExpression interface { - AnyLicenseInfo - asLicenseExpression() *LicenseExpression +func (o *CustomLicense) GetName() string { + return o.Name } -// LicenseExpression An SPDX Element containing an SPDX license expression string. -type LicenseExpression struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression" node-kind:"http://www.w3.org/ns/shacl#IRI"` - LicenseInfo - // LicenseExpression A string in the license expression format. - LicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // CustomIdToUris Maps a LicenseRef or AdditionRef string for a Custom License or a Custom License Addition to its URI ID. - CustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` - // LicenseListVersion The version of the SPDX License List used in the license expression. - LicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *CustomLicense) SetName(v string) { + o.Name = v } -func (o *LicenseExpression) asLicenseExpression() *LicenseExpression { - return o +func (o *CustomLicense) GetExtensions() ExtensionList { + return o.Extensions } -type LicenseExpressionList []AnyLicenseExpression - -func (o *LicenseExpressionList) LicenseExpressions() ld.TypeSeq[AnyLicenseExpression, *LicenseExpression] { - return ld.NewTypeSeq(*o, castLicenseExpression) +func (o *CustomLicense) SetExtensions(v ExtensionList) { + o.Extensions = v } -type AnyLicenseInfo interface { - AnyElement - asLicenseInfo() *LicenseInfo +func (o *CustomLicense) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// LicenseInfo Abstract class representing a license combination consisting of one or more licenses. -type LicenseInfo struct { - Element +func (o *CustomLicense) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *LicenseInfo) asLicenseInfo() *LicenseInfo { - return o +func (o *CustomLicense) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -type LicenseInfoList []AnyLicenseInfo - -func (o *LicenseInfoList) ConjunctiveLicenseSets() ld.TypeSeq[AnyLicenseInfo, *ConjunctiveLicenseSet] { - return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) +func (o *CustomLicense) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -func (o *LicenseInfoList) CustomLicenses() ld.TypeSeq[AnyLicenseInfo, *CustomLicense] { - return ld.NewTypeSeq(*o, castCustomLicense) +func (o *CustomLicense) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -func (o *LicenseInfoList) DisjunctiveLicenseSets() ld.TypeSeq[AnyLicenseInfo, *DisjunctiveLicenseSet] { - return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) +func (o *CustomLicense) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -func (o *LicenseInfoList) ExtendableLicenses() ld.TypeSeq[AnyLicenseInfo, *ExtendableLicense] { - return ld.NewTypeSeq(*o, castExtendableLicense) +func (o *CustomLicense) GetSummary() string { + return o.Summary } -func (o *LicenseInfoList) IndividualLicensingInfos() ld.TypeSeq[AnyLicenseInfo, *IndividualLicensingInfo] { - return ld.NewTypeSeq(*o, castIndividualLicensingInfo) +func (o *CustomLicense) SetSummary(v string) { + o.Summary = v } -func (o *LicenseInfoList) Licenses() ld.TypeSeq[AnyLicenseInfo, *License] { - return ld.NewTypeSeq(*o, castLicense) +func (o *CustomLicense) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -func (o *LicenseInfoList) LicenseExpressions() ld.TypeSeq[AnyLicenseInfo, *LicenseExpression] { - return ld.NewTypeSeq(*o, castLicenseExpression) +func (o *CustomLicense) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -func (o *LicenseInfoList) LicenseInfos() ld.TypeSeq[AnyLicenseInfo, *LicenseInfo] { - return ld.NewTypeSeq(*o, castLicenseInfo) +func (o *CustomLicense) GetSeeAlsos() []URI { + return o.SeeAlsos } -func (o *LicenseInfoList) ListedLicenses() ld.TypeSeq[AnyLicenseInfo, *ListedLicense] { - return ld.NewTypeSeq(*o, castListedLicense) +func (o *CustomLicense) SetSeeAlsos(v []URI) { + o.SeeAlsos = v } -func (o *LicenseInfoList) OrLaterOperators() ld.TypeSeq[AnyLicenseInfo, *OrLaterOperator] { - return ld.NewTypeSeq(*o, castOrLaterOperator) +func (o *CustomLicense) GetIsDeprecatedLicenseID() bool { + return o.IsDeprecatedLicenseID } -func (o *LicenseInfoList) WithAdditionOperators() ld.TypeSeq[AnyLicenseInfo, *WithAdditionOperator] { - return ld.NewTypeSeq(*o, castWithAdditionOperator) +func (o *CustomLicense) SetIsDeprecatedLicenseID(v bool) { + o.IsDeprecatedLicenseID = v } -// LifecycleScopeType Provide an enumerated set of lifecycle phases that can provide context to relationships. -type LifecycleScopeType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" node-kind:""` - id string `iri:"@id"` +func (o *CustomLicense) GetObsoletedBy() string { + return o.ObsoletedBy } -// LifecycleScopeType_Build A relationship has specific context implications during an element's build phase, during development. -var LifecycleScopeType_Build = LifecycleScopeType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", +func (o *CustomLicense) SetObsoletedBy(v string) { + o.ObsoletedBy = v } -// LifecycleScopeType_Design A relationship has specific context implications during an element's design. -var LifecycleScopeType_Design = LifecycleScopeType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design", +func (o *CustomLicense) GetStandardLicenseHeader() string { + return o.StandardLicenseHeader } -// LifecycleScopeType_Development A relationship has specific context implications during development phase of an element. -var LifecycleScopeType_Development = LifecycleScopeType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development", +func (o *CustomLicense) SetStandardLicenseHeader(v string) { + o.StandardLicenseHeader = v } -// LifecycleScopeType_Other A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. -var LifecycleScopeType_Other = LifecycleScopeType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other", +func (o *CustomLicense) GetText() string { + return o.Text } -// LifecycleScopeType_Runtime A relationship has specific context implications during the execution phase of an element. -var LifecycleScopeType_Runtime = LifecycleScopeType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime", +func (o *CustomLicense) SetText(v string) { + o.Text = v } -// LifecycleScopeType_Test A relationship has specific context implications during an element's testing phase, during development. -var LifecycleScopeType_Test = LifecycleScopeType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test", +func (o *CustomLicense) GetIsOsiApproved() bool { + return o.IsOsiApproved } -type AnyLifecycleScopedRelationship interface { - AnyRelationship - asLifecycleScopedRelationship() *LifecycleScopedRelationship +func (o *CustomLicense) SetIsOsiApproved(v bool) { + o.IsOsiApproved = v } -// LifecycleScopedRelationship Provide context for a relationship that occurs in the lifecycle. -type LifecycleScopedRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Relationship - // Scope Capture the scope of information about a specific relationship between elements. - Scope LifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" type:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` +func (o *CustomLicense) GetXml() string { + return o.Xml } -func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() *LifecycleScopedRelationship { - return o +func (o *CustomLicense) SetXml(v string) { + o.Xml = v } -type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship - -func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationships() ld.TypeSeq[AnyLifecycleScopedRelationship, *LifecycleScopedRelationship] { - return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) +func (o *CustomLicense) GetIsFsfLibre() bool { + return o.IsFsfLibre } -type AnyListedLicense interface { - AnyLicense - asListedLicense() *ListedLicense +func (o *CustomLicense) SetIsFsfLibre(v bool) { + o.IsFsfLibre = v } -// ListedLicense A license that is listed on the SPDX License List. -type ListedLicense struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense" node-kind:"http://www.w3.org/ns/shacl#IRI"` - License - // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or ListedLicenseException identifier was first added. - ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` - // DeprecatedVersion Specifies the SPDX License List version in which this license or exception identifier was deprecated. - DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *CustomLicense) GetStandardLicenseTemplate() string { + return o.StandardLicenseTemplate } -func (o *ListedLicense) asListedLicense() *ListedLicense { - return o +func (o *CustomLicense) SetStandardLicenseTemplate(v string) { + o.StandardLicenseTemplate = v } -type ListedLicenseList []AnyListedLicense +type CustomLicenseList []AnyCustomLicense -func (o *ListedLicenseList) ListedLicenses() ld.TypeSeq[AnyListedLicense, *ListedLicense] { - return ld.NewTypeSeq(*o, castListedLicense) +func (v CustomLicenseList) CustomLicenses() []AnyCustomLicense { + return ld.SliceOf[AnyCustomLicense](v) } -type AnyListedLicenseException interface { +type AnyCustomLicenseAddition interface { AnyLicenseAddition - asListedLicenseException() *ListedLicenseException + asCustomLicenseAddition() } -// ListedLicenseException A license exception that is listed on the SPDX Exceptions list. -type ListedLicenseException struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException" node-kind:"http://www.w3.org/ns/shacl#IRI"` - LicenseAddition - // DeprecatedVersion Specifies the SPDX License List version in which this license or exception identifier was deprecated. - DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` - // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or ListedLicenseException identifier was first added. - ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` +// CustomLicenseAddition A license addition that is not listed on the SPDX Exceptions List. +type CustomLicenseAddition struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // AdditionText Identifies the full text of a LicenseAddition. + AdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` + // LicenseXml Identifies all the text and metadata associated with a license in the license XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardAdditionTemplate Identifies the full text of a LicenseAddition, in SPDX templating format. + StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` + // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. + SeeAlsos []URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedAdditionID Specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionID bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" type:"http://www.w3.org/2001/XMLSchema#boolean"` } -func (o *ListedLicenseException) asListedLicenseException() *ListedLicenseException { - return o +func (o *CustomLicenseAddition) asCustomLicenseAddition() {} +func (o *CustomLicenseAddition) asLicenseAddition() {} +func (o *CustomLicenseAddition) asElement() {} +func (o *CustomLicenseAddition) GetDescription() string { + return o.Description } -type ListedLicenseExceptionList []AnyListedLicenseException +func (o *CustomLicenseAddition) SetDescription(v string) { + o.Description = v +} -func (o *ListedLicenseExceptionList) ListedLicenseExceptions() ld.TypeSeq[AnyListedLicenseException, *ListedLicenseException] { - return ld.NewTypeSeq(*o, castListedLicenseException) +func (o *CustomLicenseAddition) GetComment() string { + return o.Comment } -type AnyNamespaceMap interface { - asNamespaceMap() *NamespaceMap +func (o *CustomLicenseAddition) SetComment(v string) { + o.Comment = v } -// NamespaceMap A mapping between prefixes and namespace partial URIs. -type NamespaceMap struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - ID string `iri:"@id"` - // Namespace Provides an unambiguous mechanism for conveying a URI fragment portion of an Element ID. - Namespace URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // Prefix A substitute for a URI. - Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *CustomLicenseAddition) GetName() string { + return o.Name } -func (o *NamespaceMap) asNamespaceMap() *NamespaceMap { - return o +func (o *CustomLicenseAddition) SetName(v string) { + o.Name = v } -type NamespaceMapList []AnyNamespaceMap +func (o *CustomLicenseAddition) GetExtensions() ExtensionList { + return o.Extensions +} -func (o *NamespaceMapList) NamespaceMaps() ld.TypeSeq[AnyNamespaceMap, *NamespaceMap] { - return ld.NewTypeSeq(*o, castNamespaceMap) +func (o *CustomLicenseAddition) SetExtensions(v ExtensionList) { + o.Extensions = v } -type AnyOrLaterOperator interface { - AnyExtendableLicense - asOrLaterOperator() *OrLaterOperator +func (o *CustomLicenseAddition) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// OrLaterOperator Portion of an AnyLicenseInfo representing this version, or any later version, of the indicated License. -type OrLaterOperator struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator" node-kind:"http://www.w3.org/ns/shacl#IRI"` - ExtendableLicense - // SubjectLicense A License participating in an 'or later' model. - SubjectLicense AnyLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` +func (o *CustomLicenseAddition) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *OrLaterOperator) asOrLaterOperator() *OrLaterOperator { - return o +func (o *CustomLicenseAddition) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -type OrLaterOperatorList []AnyOrLaterOperator +func (o *CustomLicenseAddition) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} -func (o *OrLaterOperatorList) OrLaterOperators() ld.TypeSeq[AnyOrLaterOperator, *OrLaterOperator] { - return ld.NewTypeSeq(*o, castOrLaterOperator) +func (o *CustomLicenseAddition) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -type AnyOrganization interface { - AnyAgent - asOrganization() *Organization +func (o *CustomLicenseAddition) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// Organization A group of people who work together in an organized way for a shared purpose. -type Organization struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Organization" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Agent +func (o *CustomLicenseAddition) GetSummary() string { + return o.Summary } -func (o *Organization) asOrganization() *Organization { - return o +func (o *CustomLicenseAddition) SetSummary(v string) { + o.Summary = v } -// Organization_SpdxOrganization An Organization representing the SPDX Project. -var Organization_SpdxOrganization AnyOrganization = &ExternalIRI{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", +func (o *CustomLicenseAddition) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -type OrganizationList []AnyOrganization +func (o *CustomLicenseAddition) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} -func (o *OrganizationList) Organizations() ld.TypeSeq[AnyOrganization, *Organization] { - return ld.NewTypeSeq(*o, castOrganization) +func (o *CustomLicenseAddition) GetAdditionText() string { + return o.AdditionText } -type AnyPackage interface { - AnySoftwareArtifact - asPackage() *Package +func (o *CustomLicenseAddition) SetAdditionText(v string) { + o.AdditionText = v } -// Package Refers to any unit of content that can be associated with a distribution of software. -type Package struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Package" node-kind:"http://www.w3.org/ns/shacl#IRI"` - SoftwareArtifact - // SourceInfo Records any relevant background information or additional comments about the origin of the package. - SourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" type:"http://www.w3.org/2001/XMLSchema#string"` - // HomePage A place for the SPDX document creator to record a website that serves as the package's home page. - HomePage URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // Version Identify the version of a package. - Version string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` - // PackageURL Provides a place for the SPDX data creator to record the package URL string (in accordance with the Package URL specification) for a software Package. - PackageURL URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` - // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time that the document was created. - DownloadLocation URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` +func (o *CustomLicenseAddition) GetObsoletedBy() string { + return o.ObsoletedBy } -func (o *Package) asPackage() *Package { - return o +func (o *CustomLicenseAddition) SetObsoletedBy(v string) { + o.ObsoletedBy = v } -type PackageList []AnyPackage +func (o *CustomLicenseAddition) GetLicenseXml() string { + return o.LicenseXml +} -func (o *PackageList) AIPackages() ld.TypeSeq[AnyPackage, *AIPackage] { - return ld.NewTypeSeq(*o, castAIPackage) +func (o *CustomLicenseAddition) SetLicenseXml(v string) { + o.LicenseXml = v } -func (o *PackageList) DatasetPackages() ld.TypeSeq[AnyPackage, *DatasetPackage] { - return ld.NewTypeSeq(*o, castDatasetPackage) +func (o *CustomLicenseAddition) GetStandardAdditionTemplate() string { + return o.StandardAdditionTemplate } -func (o *PackageList) Packages() ld.TypeSeq[AnyPackage, *Package] { - return ld.NewTypeSeq(*o, castPackage) +func (o *CustomLicenseAddition) SetStandardAdditionTemplate(v string) { + o.StandardAdditionTemplate = v } -type AnyPackageVerificationCode interface { - AnyIntegrityMethod - asPackageVerificationCode() *PackageVerificationCode +func (o *CustomLicenseAddition) GetSeeAlsos() []URI { + return o.SeeAlsos } -// PackageVerificationCode An SPDX version 2.X compatible verification method for software packages. -type PackageVerificationCode struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` - IntegrityMethod - // Algorithm Specifies the algorithm used for calculating the hash value. - Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` - // HashValue The result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // ExcludedFiles The relative file name of a file to be excluded from the `PackageVerificationCode`. - ExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *CustomLicenseAddition) SetSeeAlsos(v []URI) { + o.SeeAlsos = v } -func (o *PackageVerificationCode) asPackageVerificationCode() *PackageVerificationCode { - return o +func (o *CustomLicenseAddition) GetIsDeprecatedAdditionID() bool { + return o.IsDeprecatedAdditionID } -type PackageVerificationCodeList []AnyPackageVerificationCode +func (o *CustomLicenseAddition) SetIsDeprecatedAdditionID(v bool) { + o.IsDeprecatedAdditionID = v +} + +type CustomLicenseAdditionList []AnyCustomLicenseAddition -func (o *PackageVerificationCodeList) PackageVerificationCodes() ld.TypeSeq[AnyPackageVerificationCode, *PackageVerificationCode] { - return ld.NewTypeSeq(*o, castPackageVerificationCode) +func (v CustomLicenseAdditionList) CustomLicenseAdditions() []AnyCustomLicenseAddition { + return ld.SliceOf[AnyCustomLicenseAddition](v) } -type AnyPerson interface { - AnyAgent - asPerson() *Person +// CvssSeverityType Specifies the CVSS base, temporal, threat, or environmental severity type. +type CvssSeverityType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" node-kind:""` + id string `iri:"@id"` } -// Person An individual human being. -type Person struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Person" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Agent +// CvssSeverityType_Critical When a CVSS score is between 9.0 - 10.0 +var CvssSeverityType_Critical = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", } -func (o *Person) asPerson() *Person { - return o +// CvssSeverityType_High When a CVSS score is between 7.0 - 8.9 +var CvssSeverityType_High = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", } -type PersonList []AnyPerson +// CvssSeverityType_Low When a CVSS score is between 0.1 - 3.9 +var CvssSeverityType_Low = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", +} -func (o *PersonList) People() ld.TypeSeq[AnyPerson, *Person] { - return ld.NewTypeSeq(*o, castPerson) +// CvssSeverityType_Medium When a CVSS score is between 4.0 - 6.9 +var CvssSeverityType_Medium = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", } -type AnyPositiveIntegerRange interface { - asPositiveIntegerRange() *PositiveIntegerRange +// CvssSeverityType_None When a CVSS score is 0.0 +var CvssSeverityType_None = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", } -// PositiveIntegerRange A tuple of two positive integers that define a range. -type PositiveIntegerRange struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` +type AnyCvssV2VulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship + asCvssV2VulnAssessmentRelationship() + GetVectorString() string + SetVectorString(string) + GetScore() float64 + SetScore(float64) +} + +// CvssV2VulnAssessmentRelationship Provides a CVSS version 2.0 assessment for a vulnerability. +type CvssV2VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` ID string `iri:"@id"` - // EndIntegerRange Defines the end of a range. - EndIntegerRange PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` - // BeginIntegerRange Defines the beginning of a range. - BeginIntegerRange PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` } -func (o *PositiveIntegerRange) asPositiveIntegerRange() *PositiveIntegerRange { - return o +func (o *CvssV2VulnAssessmentRelationship) asCvssV2VulnAssessmentRelationship() {} +func (o *CvssV2VulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *CvssV2VulnAssessmentRelationship) asRelationship() {} +func (o *CvssV2VulnAssessmentRelationship) asElement() {} +func (o *CvssV2VulnAssessmentRelationship) GetDescription() string { + return o.Description } -type PositiveIntegerRangeList []AnyPositiveIntegerRange +func (o *CvssV2VulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} -func (o *PositiveIntegerRangeList) PositiveIntegerRanges() ld.TypeSeq[AnyPositiveIntegerRange, *PositiveIntegerRange] { - return ld.NewTypeSeq(*o, castPositiveIntegerRange) +func (o *CvssV2VulnAssessmentRelationship) GetComment() string { + return o.Comment } -// PresenceType Categories of presence or absence. -type PresenceType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" node-kind:""` - id string `iri:"@id"` +func (o *CvssV2VulnAssessmentRelationship) SetComment(v string) { + o.Comment = v } -// PresenceType_No Indicates absence of the field. -var PresenceType_No = PresenceType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", +func (o *CvssV2VulnAssessmentRelationship) GetName() string { + return o.Name } -// PresenceType_NoAssertion Makes no assertion about the field. -var PresenceType_NoAssertion = PresenceType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", +func (o *CvssV2VulnAssessmentRelationship) SetName(v string) { + o.Name = v } -// PresenceType_Yes Indicates presence of the field. -var PresenceType_Yes = PresenceType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", +func (o *CvssV2VulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions } -// ProfileIdentifierType Enumeration of the valid profiles. -type ProfileIdentifierType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" node-kind:""` - id string `iri:"@id"` +func (o *CvssV2VulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v } -// ProfileIdentifierType_Ai the element follows the AI profile specification -var ProfileIdentifierType_Ai = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", +func (o *CvssV2VulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// ProfileIdentifierType_Build the element follows the Build profile specification -var ProfileIdentifierType_Build = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build", +func (o *CvssV2VulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -// ProfileIdentifierType_Core the element follows the Core profile specification -var ProfileIdentifierType_Core = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core", +func (o *CvssV2VulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -// ProfileIdentifierType_Dataset the element follows the Dataset profile specification -var ProfileIdentifierType_Dataset = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset", +func (o *CvssV2VulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// ProfileIdentifierType_ExpandedLicensing the element follows the ExpandedLicensing profile specification -var ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing", +func (o *CvssV2VulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// ProfileIdentifierType_Extension the element follows the Extension profile specification -var ProfileIdentifierType_Extension = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension", +func (o *CvssV2VulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// ProfileIdentifierType_Lite the element follows the Lite profile specification -var ProfileIdentifierType_Lite = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite", +func (o *CvssV2VulnAssessmentRelationship) GetSummary() string { + return o.Summary } -// ProfileIdentifierType_Security the element follows the Security profile specification -var ProfileIdentifierType_Security = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security", +func (o *CvssV2VulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v } -// ProfileIdentifierType_SimpleLicensing the element follows the SimpleLicensing profile specification -var ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing", +func (o *CvssV2VulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// ProfileIdentifierType_Software the element follows the Software profile specification -var ProfileIdentifierType_Software = ProfileIdentifierType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software", +func (o *CvssV2VulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -type AnyRelationship interface { - AnyElement - asRelationship() *Relationship +func (o *CvssV2VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness } -// Relationship Describes a relationship between one or more elements. -type Relationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Relationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Element - // Completeness Provides information about the completeness of relationships. - Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` - // EndTime Specifies the time from which an element is no longer applicable / valid. - EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // To References an Element on the right-hand side of a relationship. - To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` - // From References the Element on the left-hand side of a relationship. - From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` - // Type Information about the relationship between two Elements. - Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` - // StartTime Specifies the time from which an element is applicable / valid. - StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +func (o *CvssV2VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime +} + +func (o *CvssV2VulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetTo() ElementList { + return o.To +} + +func (o *CvssV2VulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetFrom() AnyElement { + return o.From +} + +func (o *CvssV2VulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetType() RelationshipType { + return o.Type +} + +func (o *CvssV2VulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime +} + +func (o *CvssV2VulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *CvssV2VulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime +} + +func (o *CvssV2VulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement +} + +func (o *CvssV2VulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime +} + +func (o *CvssV2VulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime +} + +func (o *CvssV2VulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetVectorString() string { + return o.VectorString +} + +func (o *CvssV2VulnAssessmentRelationship) SetVectorString(v string) { + o.VectorString = v +} + +func (o *CvssV2VulnAssessmentRelationship) GetScore() float64 { + return o.Score +} + +func (o *CvssV2VulnAssessmentRelationship) SetScore(v float64) { + o.Score = v +} + +type CvssV2VulnAssessmentRelationshipList []AnyCvssV2VulnAssessmentRelationship + +func (v CvssV2VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() []AnyCvssV2VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV2VulnAssessmentRelationship](v) +} + +type AnyCvssV3VulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship + asCvssV3VulnAssessmentRelationship() + GetScore() float64 + SetScore(float64) + GetSeverity() CvssSeverityType + SetSeverity(CvssSeverityType) + GetVectorString() string + SetVectorString(string) +} + +// CvssV3VulnAssessmentRelationship Provides a CVSS version 3 assessment for a vulnerability. +type CvssV3VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *CvssV3VulnAssessmentRelationship) asCvssV3VulnAssessmentRelationship() {} +func (o *CvssV3VulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *CvssV3VulnAssessmentRelationship) asRelationship() {} +func (o *CvssV3VulnAssessmentRelationship) asElement() {} +func (o *CvssV3VulnAssessmentRelationship) GetDescription() string { + return o.Description +} + +func (o *CvssV3VulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetComment() string { + return o.Comment +} + +func (o *CvssV3VulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetName() string { + return o.Name +} + +func (o *CvssV3VulnAssessmentRelationship) SetName(v string) { + o.Name = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *CvssV3VulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *CvssV3VulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *CvssV3VulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *CvssV3VulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetSummary() string { + return o.Summary +} + +func (o *CvssV3VulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *CvssV3VulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} + +func (o *CvssV3VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime +} + +func (o *CvssV3VulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetTo() ElementList { + return o.To +} + +func (o *CvssV3VulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetFrom() AnyElement { + return o.From +} + +func (o *CvssV3VulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetType() RelationshipType { + return o.Type +} + +func (o *CvssV3VulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime +} + +func (o *CvssV3VulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *CvssV3VulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime +} + +func (o *CvssV3VulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement +} + +func (o *CvssV3VulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime +} + +func (o *CvssV3VulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime +} + +func (o *CvssV3VulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetScore() float64 { + return o.Score +} + +func (o *CvssV3VulnAssessmentRelationship) SetScore(v float64) { + o.Score = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetSeverity() CvssSeverityType { + return o.Severity +} + +func (o *CvssV3VulnAssessmentRelationship) SetSeverity(v CvssSeverityType) { + o.Severity = v +} + +func (o *CvssV3VulnAssessmentRelationship) GetVectorString() string { + return o.VectorString +} + +func (o *CvssV3VulnAssessmentRelationship) SetVectorString(v string) { + o.VectorString = v +} + +type CvssV3VulnAssessmentRelationshipList []AnyCvssV3VulnAssessmentRelationship + +func (v CvssV3VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() []AnyCvssV3VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV3VulnAssessmentRelationship](v) +} + +type AnyCvssV4VulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship + asCvssV4VulnAssessmentRelationship() + GetSeverity() CvssSeverityType + SetSeverity(CvssSeverityType) + GetVectorString() string + SetVectorString(string) + GetScore() float64 + SetScore(float64) +} + +// CvssV4VulnAssessmentRelationship Provides a CVSS version 4 assessment for a vulnerability. +type CvssV4VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` +} + +func (o *CvssV4VulnAssessmentRelationship) asCvssV4VulnAssessmentRelationship() {} +func (o *CvssV4VulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *CvssV4VulnAssessmentRelationship) asRelationship() {} +func (o *CvssV4VulnAssessmentRelationship) asElement() {} +func (o *CvssV4VulnAssessmentRelationship) GetDescription() string { + return o.Description +} + +func (o *CvssV4VulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetComment() string { + return o.Comment +} + +func (o *CvssV4VulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetName() string { + return o.Name +} + +func (o *CvssV4VulnAssessmentRelationship) SetName(v string) { + o.Name = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *CvssV4VulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *CvssV4VulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *CvssV4VulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *CvssV4VulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetSummary() string { + return o.Summary +} + +func (o *CvssV4VulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *CvssV4VulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} + +func (o *CvssV4VulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime +} + +func (o *CvssV4VulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetTo() ElementList { + return o.To +} + +func (o *CvssV4VulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetFrom() AnyElement { + return o.From +} + +func (o *CvssV4VulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetType() RelationshipType { + return o.Type +} + +func (o *CvssV4VulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime +} + +func (o *CvssV4VulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *CvssV4VulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime +} + +func (o *CvssV4VulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement +} + +func (o *CvssV4VulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime +} + +func (o *CvssV4VulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime +} + +func (o *CvssV4VulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetSeverity() CvssSeverityType { + return o.Severity +} + +func (o *CvssV4VulnAssessmentRelationship) SetSeverity(v CvssSeverityType) { + o.Severity = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetVectorString() string { + return o.VectorString +} + +func (o *CvssV4VulnAssessmentRelationship) SetVectorString(v string) { + o.VectorString = v +} + +func (o *CvssV4VulnAssessmentRelationship) GetScore() float64 { + return o.Score +} + +func (o *CvssV4VulnAssessmentRelationship) SetScore(v float64) { + o.Score = v +} + +type CvssV4VulnAssessmentRelationshipList []AnyCvssV4VulnAssessmentRelationship + +func (v CvssV4VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() []AnyCvssV4VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV4VulnAssessmentRelationship](v) +} + +// DatasetAvailabilityType Availability of dataset. +type DatasetAvailabilityType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" node-kind:""` + id string `iri:"@id"` +} + +// DatasetAvailabilityType_Clickthrough the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. +var DatasetAvailabilityType_Clickthrough = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", +} + +// DatasetAvailabilityType_DirectDownload the dataset is publicly available and can be downloaded directly. +var DatasetAvailabilityType_DirectDownload = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload", +} + +// DatasetAvailabilityType_Query the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. +var DatasetAvailabilityType_Query = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query", +} + +// DatasetAvailabilityType_Registration the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. +var DatasetAvailabilityType_Registration = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration", +} + +// DatasetAvailabilityType_ScrapingScript the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. +var DatasetAvailabilityType_ScrapingScript = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript", +} + +type AnyDatasetPackage interface { + AnyPackage + asDatasetPackage() + GetConfidentialityLevel() ConfidentialityLevelType + SetConfidentialityLevel(ConfidentialityLevelType) + GetAnonymizationMethodUseds() []string + SetAnonymizationMethodUseds([]string) + GetDatasetUpdateMechanism() string + SetDatasetUpdateMechanism(string) + GetDatasetNoise() string + SetDatasetNoise(string) + GetDatasetSize() NonNegativeInt + SetDatasetSize(NonNegativeInt) + GetSensors() DictionaryEntryList + SetSensors(DictionaryEntryList) + GetIntendedUse() string + SetIntendedUse(string) + GetDataPreprocessings() []string + SetDataPreprocessings([]string) + GetKnownBias() []string + SetKnownBias([]string) + GetDatasetAvailability() DatasetAvailabilityType + SetDatasetAvailability(DatasetAvailabilityType) + GetHasSensitivePersonalInformation() PresenceType + SetHasSensitivePersonalInformation(PresenceType) + GetDataCollectionProcess() string + SetDataCollectionProcess(string) + GetDatasetTypes() []DatasetType + SetDatasetTypes([]DatasetType) +} + +// DatasetPackage Specifies a data package and its associated information. +type DatasetPackage struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be used for verifying its identity and/or integrity. + ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for a software Package, File or Snippet. + AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` + // AdditionalPurposes Provides additional purpose information of the software artifact. + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // PrimaryPurpose Provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // CopyrightText Identifies the text of one or more copyright notices for a software Package, File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` + // SourceInfo Records any relevant background information or additional comments about the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" type:"http://www.w3.org/2001/XMLSchema#string"` + // HomePage A place for the SPDX document creator to record a website that serves as the package's home page. + HomePage URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Version Identify the version of a package. + Version string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageURL Provides a place for the SPDX data creator to record the package URL string (in accordance with the Package URL specification) for a software Package. + PackageURL URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time that the document was created. + DownloadLocation URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // ConfidentialityLevel Describes the confidentiality level of the data points contained in the dataset. + ConfidentialityLevel ConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` + // AnonymizationMethodUseds Describes the anonymization methods used. + AnonymizationMethodUseds []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetUpdateMechanism Describes a mechanism to update the dataset. + DatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetNoise Describes potentially noisy elements of the dataset. + DatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetSize Captures the size of the dataset. + DatasetSize NonNegativeInt `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" type:"http://www.w3.org/2001/XMLSchema#nonNegativeInteger"` + // Sensors Describes a sensor used for collecting the data. + Sensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // IntendedUse Describes what the given dataset should be used for. + IntendedUse string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" type:"http://www.w3.org/2001/XMLSchema#string"` + // DataPreprocessings Describes the preprocessing steps that were applied to the raw data to create the given dataset. + DataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" type:"http://www.w3.org/2001/XMLSchema#string"` + // KnownBias Records the biases that the dataset is known to encompass. + KnownBias []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetAvailability The field describes the availability of a dataset. + DatasetAvailability DatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType"` + // HasSensitivePersonalInformation Describes if any sensitive personal information is present in the dataset. + HasSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + // DataCollectionProcess Describes how the dataset was collected. + DataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetTypes Describes the type of the given dataset. + DatasetTypes []DatasetType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType"` +} + +func (o *DatasetPackage) asDatasetPackage() {} +func (o *DatasetPackage) asPackage() {} +func (o *DatasetPackage) asSoftwareArtifact() {} +func (o *DatasetPackage) asArtifact() {} +func (o *DatasetPackage) asElement() {} +func (o *DatasetPackage) GetDescription() string { + return o.Description +} + +func (o *DatasetPackage) SetDescription(v string) { + o.Description = v +} + +func (o *DatasetPackage) GetComment() string { + return o.Comment +} + +func (o *DatasetPackage) SetComment(v string) { + o.Comment = v +} + +func (o *DatasetPackage) GetName() string { + return o.Name +} + +func (o *DatasetPackage) SetName(v string) { + o.Name = v +} + +func (o *DatasetPackage) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *DatasetPackage) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *DatasetPackage) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *DatasetPackage) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *DatasetPackage) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *DatasetPackage) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *DatasetPackage) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *DatasetPackage) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *DatasetPackage) GetSummary() string { + return o.Summary +} + +func (o *DatasetPackage) SetSummary(v string) { + o.Summary = v +} + +func (o *DatasetPackage) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *DatasetPackage) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *DatasetPackage) GetStandardNames() []string { + return o.StandardNames +} + +func (o *DatasetPackage) SetStandardNames(v []string) { + o.StandardNames = v +} + +func (o *DatasetPackage) GetBuiltTime() time.Time { + return o.BuiltTime +} + +func (o *DatasetPackage) SetBuiltTime(v time.Time) { + o.BuiltTime = v +} + +func (o *DatasetPackage) GetReleaseTime() time.Time { + return o.ReleaseTime +} + +func (o *DatasetPackage) SetReleaseTime(v time.Time) { + o.ReleaseTime = v +} + +func (o *DatasetPackage) GetSupportLevels() []SupportType { + return o.SupportLevels +} + +func (o *DatasetPackage) SetSupportLevels(v []SupportType) { + o.SupportLevels = v +} + +func (o *DatasetPackage) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *DatasetPackage) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *DatasetPackage) GetOriginatedBy() AgentList { + return o.OriginatedBy +} + +func (o *DatasetPackage) SetOriginatedBy(v AgentList) { + o.OriginatedBy = v +} + +func (o *DatasetPackage) GetValidUntilTime() time.Time { + return o.ValidUntilTime +} + +func (o *DatasetPackage) SetValidUntilTime(v time.Time) { + o.ValidUntilTime = v +} + +func (o *DatasetPackage) GetContentIdentifiers() ContentIdentifierList { + return o.ContentIdentifiers +} + +func (o *DatasetPackage) SetContentIdentifiers(v ContentIdentifierList) { + o.ContentIdentifiers = v +} + +func (o *DatasetPackage) GetAttributionTexts() []string { + return o.AttributionTexts +} + +func (o *DatasetPackage) SetAttributionTexts(v []string) { + o.AttributionTexts = v +} + +func (o *DatasetPackage) GetAdditionalPurposes() []SoftwarePurpose { + return o.AdditionalPurposes +} + +func (o *DatasetPackage) SetAdditionalPurposes(v []SoftwarePurpose) { + o.AdditionalPurposes = v +} + +func (o *DatasetPackage) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} + +func (o *DatasetPackage) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *DatasetPackage) GetCopyrightText() string { + return o.CopyrightText +} + +func (o *DatasetPackage) SetCopyrightText(v string) { + o.CopyrightText = v +} + +func (o *DatasetPackage) GetSourceInfo() string { + return o.SourceInfo +} + +func (o *DatasetPackage) SetSourceInfo(v string) { + o.SourceInfo = v +} + +func (o *DatasetPackage) GetHomePage() URI { + return o.HomePage +} + +func (o *DatasetPackage) SetHomePage(v URI) { + o.HomePage = v +} + +func (o *DatasetPackage) GetVersion() string { + return o.Version +} + +func (o *DatasetPackage) SetVersion(v string) { + o.Version = v +} + +func (o *DatasetPackage) GetPackageURL() URI { + return o.PackageURL +} + +func (o *DatasetPackage) SetPackageURL(v URI) { + o.PackageURL = v +} + +func (o *DatasetPackage) GetDownloadLocation() URI { + return o.DownloadLocation +} + +func (o *DatasetPackage) SetDownloadLocation(v URI) { + o.DownloadLocation = v +} + +func (o *DatasetPackage) GetConfidentialityLevel() ConfidentialityLevelType { + return o.ConfidentialityLevel +} + +func (o *DatasetPackage) SetConfidentialityLevel(v ConfidentialityLevelType) { + o.ConfidentialityLevel = v +} + +func (o *DatasetPackage) GetAnonymizationMethodUseds() []string { + return o.AnonymizationMethodUseds +} + +func (o *DatasetPackage) SetAnonymizationMethodUseds(v []string) { + o.AnonymizationMethodUseds = v +} + +func (o *DatasetPackage) GetDatasetUpdateMechanism() string { + return o.DatasetUpdateMechanism +} + +func (o *DatasetPackage) SetDatasetUpdateMechanism(v string) { + o.DatasetUpdateMechanism = v +} + +func (o *DatasetPackage) GetDatasetNoise() string { + return o.DatasetNoise +} + +func (o *DatasetPackage) SetDatasetNoise(v string) { + o.DatasetNoise = v +} + +func (o *DatasetPackage) GetDatasetSize() NonNegativeInt { + return o.DatasetSize +} + +func (o *DatasetPackage) SetDatasetSize(v NonNegativeInt) { + o.DatasetSize = v +} + +func (o *DatasetPackage) GetSensors() DictionaryEntryList { + return o.Sensors +} + +func (o *DatasetPackage) SetSensors(v DictionaryEntryList) { + o.Sensors = v +} + +func (o *DatasetPackage) GetIntendedUse() string { + return o.IntendedUse +} + +func (o *DatasetPackage) SetIntendedUse(v string) { + o.IntendedUse = v +} + +func (o *DatasetPackage) GetDataPreprocessings() []string { + return o.DataPreprocessings +} + +func (o *DatasetPackage) SetDataPreprocessings(v []string) { + o.DataPreprocessings = v +} + +func (o *DatasetPackage) GetKnownBias() []string { + return o.KnownBias +} + +func (o *DatasetPackage) SetKnownBias(v []string) { + o.KnownBias = v +} + +func (o *DatasetPackage) GetDatasetAvailability() DatasetAvailabilityType { + return o.DatasetAvailability +} + +func (o *DatasetPackage) SetDatasetAvailability(v DatasetAvailabilityType) { + o.DatasetAvailability = v +} + +func (o *DatasetPackage) GetHasSensitivePersonalInformation() PresenceType { + return o.HasSensitivePersonalInformation +} + +func (o *DatasetPackage) SetHasSensitivePersonalInformation(v PresenceType) { + o.HasSensitivePersonalInformation = v +} + +func (o *DatasetPackage) GetDataCollectionProcess() string { + return o.DataCollectionProcess +} + +func (o *DatasetPackage) SetDataCollectionProcess(v string) { + o.DataCollectionProcess = v +} + +func (o *DatasetPackage) GetDatasetTypes() []DatasetType { + return o.DatasetTypes +} + +func (o *DatasetPackage) SetDatasetTypes(v []DatasetType) { + o.DatasetTypes = v +} + +type DatasetPackageList []AnyDatasetPackage + +func (v DatasetPackageList) DatasetPackages() []AnyDatasetPackage { + return ld.SliceOf[AnyDatasetPackage](v) +} + +// DatasetType Enumeration of dataset types. +type DatasetType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" node-kind:""` + id string `iri:"@id"` +} + +// DatasetType_Audio data is audio based, such as a collection of music from the 80s. +var DatasetType_Audio = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", +} + +// DatasetType_Categorical data that is classified into a discrete number of categories, such as the eye color of a population of people. +var DatasetType_Categorical = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical", +} + +// DatasetType_Graph data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. +var DatasetType_Graph = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph", +} + +// DatasetType_Image data is a collection of images such as pictures of animals. +var DatasetType_Image = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image", +} + +// DatasetType_NoAssertion data type is not known. +var DatasetType_NoAssertion = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion", +} + +// DatasetType_Numeric data consists only of numeric entries. +var DatasetType_Numeric = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric", +} + +// DatasetType_Other data is of a type not included in this list. +var DatasetType_Other = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other", +} + +// DatasetType_Sensor data is recorded from a physical sensor, such as a thermometer reading or biometric device. +var DatasetType_Sensor = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor", +} + +// DatasetType_Structured data is stored in tabular format or retrieved from a relational database. +var DatasetType_Structured = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured", +} + +// DatasetType_Syntactic data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. +var DatasetType_Syntactic = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic", +} + +// DatasetType_Text data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. +var DatasetType_Text = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text", +} + +// DatasetType_Timeseries data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. +var DatasetType_Timeseries = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries", +} + +// DatasetType_Timestamp data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. +var DatasetType_Timestamp = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp", +} + +// DatasetType_Video data is video based, such as a collection of movie clips featuring Tom Hanks. +var DatasetType_Video = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video", +} + +type AnyDictionaryEntry interface { + asDictionaryEntry() + GetValue() string + SetValue(string) + GetKey() string + SetKey(string) +} + +// DictionaryEntry A key with an associated value. +type DictionaryEntry struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // Value A value used in a generic key-value pair. + Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" type:"http://www.w3.org/2001/XMLSchema#string"` + // Key A key used in a generic key-value pair. + Key string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/key" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *DictionaryEntry) asDictionaryEntry() {} +func (o *DictionaryEntry) GetValue() string { + return o.Value +} + +func (o *DictionaryEntry) SetValue(v string) { + o.Value = v +} + +func (o *DictionaryEntry) GetKey() string { + return o.Key +} + +func (o *DictionaryEntry) SetKey(v string) { + o.Key = v +} + +type DictionaryEntryList []AnyDictionaryEntry + +func (v DictionaryEntryList) DictionaryEntries() []AnyDictionaryEntry { + return ld.SliceOf[AnyDictionaryEntry](v) +} + +type AnyDisjunctiveLicenseSet interface { + AnyLicenseInfo + asDisjunctiveLicenseSet() + GetMembers() LicenseInfoList + SetMembers(LicenseInfoList) +} + +// DisjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where only one of the elements applies. +type DisjunctiveLicenseSet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Members A license expression participating in a license set. + Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` +} + +func (o *DisjunctiveLicenseSet) asDisjunctiveLicenseSet() {} +func (o *DisjunctiveLicenseSet) asLicenseInfo() {} +func (o *DisjunctiveLicenseSet) asElement() {} +func (o *DisjunctiveLicenseSet) GetDescription() string { + return o.Description +} + +func (o *DisjunctiveLicenseSet) SetDescription(v string) { + o.Description = v +} + +func (o *DisjunctiveLicenseSet) GetComment() string { + return o.Comment +} + +func (o *DisjunctiveLicenseSet) SetComment(v string) { + o.Comment = v +} + +func (o *DisjunctiveLicenseSet) GetName() string { + return o.Name +} + +func (o *DisjunctiveLicenseSet) SetName(v string) { + o.Name = v +} + +func (o *DisjunctiveLicenseSet) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *DisjunctiveLicenseSet) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *DisjunctiveLicenseSet) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *DisjunctiveLicenseSet) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *DisjunctiveLicenseSet) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *DisjunctiveLicenseSet) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *DisjunctiveLicenseSet) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *DisjunctiveLicenseSet) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *DisjunctiveLicenseSet) GetSummary() string { + return o.Summary +} + +func (o *DisjunctiveLicenseSet) SetSummary(v string) { + o.Summary = v +} + +func (o *DisjunctiveLicenseSet) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *DisjunctiveLicenseSet) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *DisjunctiveLicenseSet) GetMembers() LicenseInfoList { + return o.Members +} + +func (o *DisjunctiveLicenseSet) SetMembers(v LicenseInfoList) { + o.Members = v +} + +type DisjunctiveLicenseSetList []AnyDisjunctiveLicenseSet + +func (v DisjunctiveLicenseSetList) DisjunctiveLicenseSets() []AnyDisjunctiveLicenseSet { + return ld.SliceOf[AnyDisjunctiveLicenseSet](v) +} + +type AnyElement interface { + asElement() + GetDescription() string + SetDescription(string) + GetComment() string + SetComment(string) + GetName() string + SetName(string) + GetExtensions() ExtensionList + SetExtensions(ExtensionList) + GetCreationInfo() AnyCreationInfo + SetCreationInfo(AnyCreationInfo) + GetExternalIdentifiers() ExternalIdentifierList + SetExternalIdentifiers(ExternalIdentifierList) + GetExternalRefs() ExternalRefList + SetExternalRefs(ExternalRefList) + GetSummary() string + SetSummary(string) + GetVerifiedUsing() IntegrityMethodList + SetVerifiedUsing(IntegrityMethodList) +} + +// Element Base domain class from which all other SPDX-3.0 domain classes derive. +type ElementList []AnyElement + +func (v ElementList) AIPackages() []AnyAIPackage { + return ld.SliceOf[AnyAIPackage](v) +} + +func (v ElementList) Agents() []AnyAgent { + return ld.SliceOf[AnyAgent](v) +} + +func (v ElementList) Annotations() []AnyAnnotation { + return ld.SliceOf[AnyAnnotation](v) +} + +func (v ElementList) Artifacts() []AnyArtifact { + return ld.SliceOf[AnyArtifact](v) +} + +func (v ElementList) BOMs() []AnyBOM { + return ld.SliceOf[AnyBOM](v) +} + +func (v ElementList) Builds() []AnyBuild { + return ld.SliceOf[AnyBuild](v) +} + +func (v ElementList) Bundles() []AnyBundle { + return ld.SliceOf[AnyBundle](v) +} + +func (v ElementList) ConjunctiveLicenseSets() []AnyConjunctiveLicenseSet { + return ld.SliceOf[AnyConjunctiveLicenseSet](v) +} + +func (v ElementList) CustomLicenses() []AnyCustomLicense { + return ld.SliceOf[AnyCustomLicense](v) +} + +func (v ElementList) CustomLicenseAdditions() []AnyCustomLicenseAddition { + return ld.SliceOf[AnyCustomLicenseAddition](v) +} + +func (v ElementList) CvssV2VulnAssessmentRelationships() []AnyCvssV2VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV2VulnAssessmentRelationship](v) +} + +func (v ElementList) CvssV3VulnAssessmentRelationships() []AnyCvssV3VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV3VulnAssessmentRelationship](v) +} + +func (v ElementList) CvssV4VulnAssessmentRelationships() []AnyCvssV4VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV4VulnAssessmentRelationship](v) +} + +func (v ElementList) DatasetPackages() []AnyDatasetPackage { + return ld.SliceOf[AnyDatasetPackage](v) +} + +func (v ElementList) DisjunctiveLicenseSets() []AnyDisjunctiveLicenseSet { + return ld.SliceOf[AnyDisjunctiveLicenseSet](v) +} + +func (v ElementList) Elements() []AnyElement { + return ld.SliceOf[AnyElement](v) +} + +func (v ElementList) ElementCollections() []AnyElementCollection { + return ld.SliceOf[AnyElementCollection](v) +} + +func (v ElementList) EpssVulnAssessmentRelationships() []AnyEpssVulnAssessmentRelationship { + return ld.SliceOf[AnyEpssVulnAssessmentRelationship](v) +} + +func (v ElementList) ExploitCatalogVulnAssessmentRelationships() []AnyExploitCatalogVulnAssessmentRelationship { + return ld.SliceOf[AnyExploitCatalogVulnAssessmentRelationship](v) +} + +func (v ElementList) ExtendableLicenses() []AnyExtendableLicense { + return ld.SliceOf[AnyExtendableLicense](v) +} + +func (v ElementList) Files() []AnyFile { + return ld.SliceOf[AnyFile](v) +} + +func (v ElementList) IndividualElements() []AnyIndividualElement { + return ld.SliceOf[AnyIndividualElement](v) +} + +func (v ElementList) IndividualLicensingInfos() []AnyIndividualLicensingInfo { + return ld.SliceOf[AnyIndividualLicensingInfo](v) +} + +func (v ElementList) Licenses() []AnyLicense { + return ld.SliceOf[AnyLicense](v) +} + +func (v ElementList) LicenseAdditions() []AnyLicenseAddition { + return ld.SliceOf[AnyLicenseAddition](v) +} + +func (v ElementList) LicenseExpressions() []AnyLicenseExpression { + return ld.SliceOf[AnyLicenseExpression](v) +} + +func (v ElementList) LicenseInfos() []AnyLicenseInfo { + return ld.SliceOf[AnyLicenseInfo](v) +} + +func (v ElementList) LifecycleScopedRelationships() []AnyLifecycleScopedRelationship { + return ld.SliceOf[AnyLifecycleScopedRelationship](v) +} + +func (v ElementList) ListedLicenses() []AnyListedLicense { + return ld.SliceOf[AnyListedLicense](v) +} + +func (v ElementList) ListedLicenseExceptions() []AnyListedLicenseException { + return ld.SliceOf[AnyListedLicenseException](v) +} + +func (v ElementList) OrLaterOperators() []AnyOrLaterOperator { + return ld.SliceOf[AnyOrLaterOperator](v) +} + +func (v ElementList) Organizations() []AnyOrganization { + return ld.SliceOf[AnyOrganization](v) +} + +func (v ElementList) Packages() []AnyPackage { + return ld.SliceOf[AnyPackage](v) +} + +func (v ElementList) People() []AnyPerson { + return ld.SliceOf[AnyPerson](v) +} + +func (v ElementList) Relationships() []AnyRelationship { + return ld.SliceOf[AnyRelationship](v) +} + +func (v ElementList) SBOMs() []AnySBOM { + return ld.SliceOf[AnySBOM](v) +} + +func (v ElementList) SimpleLicensingTexts() []AnySimpleLicensingText { + return ld.SliceOf[AnySimpleLicensingText](v) +} + +func (v ElementList) Snippets() []AnySnippet { + return ld.SliceOf[AnySnippet](v) +} + +func (v ElementList) SoftwareAgents() []AnySoftwareAgent { + return ld.SliceOf[AnySoftwareAgent](v) +} + +func (v ElementList) SoftwareArtifacts() []AnySoftwareArtifact { + return ld.SliceOf[AnySoftwareArtifact](v) +} + +func (v ElementList) SpdxDocuments() []AnySpdxDocument { + return ld.SliceOf[AnySpdxDocument](v) +} + +func (v ElementList) SsvcVulnAssessmentRelationships() []AnySsvcVulnAssessmentRelationship { + return ld.SliceOf[AnySsvcVulnAssessmentRelationship](v) +} + +func (v ElementList) Tools() []AnyTool { + return ld.SliceOf[AnyTool](v) +} + +func (v ElementList) VexAffectedVulnAssessmentRelationships() []AnyVexAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexAffectedVulnAssessmentRelationship](v) +} + +func (v ElementList) VexFixedVulnAssessmentRelationships() []AnyVexFixedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexFixedVulnAssessmentRelationship](v) +} + +func (v ElementList) VexNotAffectedVulnAssessmentRelationships() []AnyVexNotAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexNotAffectedVulnAssessmentRelationship](v) +} + +func (v ElementList) VexUnderInvestigationVulnAssessmentRelationships() []AnyVexUnderInvestigationVulnAssessmentRelationship { + return ld.SliceOf[AnyVexUnderInvestigationVulnAssessmentRelationship](v) +} + +func (v ElementList) VexVulnAssessmentRelationships() []AnyVexVulnAssessmentRelationship { + return ld.SliceOf[AnyVexVulnAssessmentRelationship](v) +} + +func (v ElementList) VulnAssessmentRelationships() []AnyVulnAssessmentRelationship { + return ld.SliceOf[AnyVulnAssessmentRelationship](v) +} + +func (v ElementList) Vulnerabilities() []AnyVulnerability { + return ld.SliceOf[AnyVulnerability](v) +} + +func (v ElementList) WithAdditionOperators() []AnyWithAdditionOperator { + return ld.SliceOf[AnyWithAdditionOperator](v) +} + +type AnyElementCollection interface { + AnyElement + asElementCollection() + GetElements() ElementList + SetElements(ElementList) + GetRootElements() ElementList + SetRootElements(ElementList) + GetProfileConformances() []ProfileIdentifierType + SetProfileConformances([]ProfileIdentifierType) +} + +// ElementCollection A collection of Elements, not necessarily with unifying context. +type ElementCollectionList []AnyElementCollection + +func (v ElementCollectionList) BOMs() []AnyBOM { + return ld.SliceOf[AnyBOM](v) +} + +func (v ElementCollectionList) Bundles() []AnyBundle { + return ld.SliceOf[AnyBundle](v) +} + +func (v ElementCollectionList) ElementCollections() []AnyElementCollection { + return ld.SliceOf[AnyElementCollection](v) +} + +func (v ElementCollectionList) SBOMs() []AnySBOM { + return ld.SliceOf[AnySBOM](v) +} + +func (v ElementCollectionList) SpdxDocuments() []AnySpdxDocument { + return ld.SliceOf[AnySpdxDocument](v) +} + +type AnyEnergyConsumption interface { + asEnergyConsumption() + GetInferenceEnergyConsumptions() EnergyConsumptionDescriptionList + SetInferenceEnergyConsumptions(EnergyConsumptionDescriptionList) + GetTrainingEnergyConsumptions() EnergyConsumptionDescriptionList + SetTrainingEnergyConsumptions(EnergyConsumptionDescriptionList) + GetFinetuningEnergyConsumptions() EnergyConsumptionDescriptionList + SetFinetuningEnergyConsumptions(EnergyConsumptionDescriptionList) +} + +// EnergyConsumption A class for describing the energy consumption incurred by an AI model in different stages of its lifecycle. +type EnergyConsumption struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // InferenceEnergyConsumptions Specifies the amount of energy consumed during inference time by an AI model that is being used in the AI system. + InferenceEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + // TrainingEnergyConsumptions Specifies the amount of energy consumed when training the AI model that is being used in the AI system. + TrainingEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + // FinetuningEnergyConsumptions Specifies the amount of energy consumed when finetuning the AI model that is being used in the AI system. + FinetuningEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` +} + +func (o *EnergyConsumption) asEnergyConsumption() {} +func (o *EnergyConsumption) GetInferenceEnergyConsumptions() EnergyConsumptionDescriptionList { + return o.InferenceEnergyConsumptions +} + +func (o *EnergyConsumption) SetInferenceEnergyConsumptions(v EnergyConsumptionDescriptionList) { + o.InferenceEnergyConsumptions = v +} + +func (o *EnergyConsumption) GetTrainingEnergyConsumptions() EnergyConsumptionDescriptionList { + return o.TrainingEnergyConsumptions +} + +func (o *EnergyConsumption) SetTrainingEnergyConsumptions(v EnergyConsumptionDescriptionList) { + o.TrainingEnergyConsumptions = v +} + +func (o *EnergyConsumption) GetFinetuningEnergyConsumptions() EnergyConsumptionDescriptionList { + return o.FinetuningEnergyConsumptions +} + +func (o *EnergyConsumption) SetFinetuningEnergyConsumptions(v EnergyConsumptionDescriptionList) { + o.FinetuningEnergyConsumptions = v +} + +type EnergyConsumptionList []AnyEnergyConsumption + +func (v EnergyConsumptionList) EnergyConsumptions() []AnyEnergyConsumption { + return ld.SliceOf[AnyEnergyConsumption](v) +} + +type AnyEnergyConsumptionDescription interface { + asEnergyConsumptionDescription() + GetEnergyQuantity() float64 + SetEnergyQuantity(float64) + GetEnergyUnit() EnergyUnitType + SetEnergyUnit(EnergyUnitType) +} + +// EnergyConsumptionDescription The class that helps note down the quantity of energy consumption and the unit used for measurement. +type EnergyConsumptionDescription struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // EnergyQuantity Represents the energy quantity. + EnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // EnergyUnit Specifies the unit in which energy is measured. + EnergyUnit EnergyUnitType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType"` +} + +func (o *EnergyConsumptionDescription) asEnergyConsumptionDescription() {} +func (o *EnergyConsumptionDescription) GetEnergyQuantity() float64 { + return o.EnergyQuantity +} + +func (o *EnergyConsumptionDescription) SetEnergyQuantity(v float64) { + o.EnergyQuantity = v +} + +func (o *EnergyConsumptionDescription) GetEnergyUnit() EnergyUnitType { + return o.EnergyUnit +} + +func (o *EnergyConsumptionDescription) SetEnergyUnit(v EnergyUnitType) { + o.EnergyUnit = v +} + +type EnergyConsumptionDescriptionList []AnyEnergyConsumptionDescription + +func (v EnergyConsumptionDescriptionList) EnergyConsumptionDescriptions() []AnyEnergyConsumptionDescription { + return ld.SliceOf[AnyEnergyConsumptionDescription](v) +} + +// EnergyUnitType Specifies the unit of energy consumption. +type EnergyUnitType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" node-kind:""` + id string `iri:"@id"` +} + +// EnergyUnitType_KilowattHour Kilowatt-hour. +var EnergyUnitType_KilowattHour = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", +} + +// EnergyUnitType_Megajoule Megajoule. +var EnergyUnitType_Megajoule = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule", +} + +// EnergyUnitType_Other Any other units of energy measurement. +var EnergyUnitType_Other = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other", +} + +type AnyEpssVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship + asEpssVulnAssessmentRelationship() + GetProbability() float64 + SetProbability(float64) + GetPercentile() float64 + SetPercentile(float64) +} + +// EpssVulnAssessmentRelationship Provides an EPSS assessment for a vulnerability. +type EpssVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Probability A probability score between 0 and 1 of a vulnerability being exploited. + Probability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // Percentile The percentile of the current probability score. + Percentile float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/percentile" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` +} + +func (o *EpssVulnAssessmentRelationship) asEpssVulnAssessmentRelationship() {} +func (o *EpssVulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *EpssVulnAssessmentRelationship) asRelationship() {} +func (o *EpssVulnAssessmentRelationship) asElement() {} +func (o *EpssVulnAssessmentRelationship) GetDescription() string { + return o.Description +} + +func (o *EpssVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} + +func (o *EpssVulnAssessmentRelationship) GetComment() string { + return o.Comment +} + +func (o *EpssVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} + +func (o *EpssVulnAssessmentRelationship) GetName() string { + return o.Name +} + +func (o *EpssVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} + +func (o *EpssVulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *EpssVulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *EpssVulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *EpssVulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *EpssVulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *EpssVulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *EpssVulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *EpssVulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *EpssVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} + +func (o *EpssVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} + +func (o *EpssVulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *EpssVulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *EpssVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} + +func (o *EpssVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *EpssVulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime +} + +func (o *EpssVulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v +} + +func (o *EpssVulnAssessmentRelationship) GetTo() ElementList { + return o.To +} + +func (o *EpssVulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v +} + +func (o *EpssVulnAssessmentRelationship) GetFrom() AnyElement { + return o.From +} + +func (o *EpssVulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v +} + +func (o *EpssVulnAssessmentRelationship) GetType() RelationshipType { + return o.Type +} + +func (o *EpssVulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v +} + +func (o *EpssVulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime +} + +func (o *EpssVulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v +} + +func (o *EpssVulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *EpssVulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *EpssVulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime +} + +func (o *EpssVulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v +} + +func (o *EpssVulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement +} + +func (o *EpssVulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v +} + +func (o *EpssVulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime +} + +func (o *EpssVulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v +} + +func (o *EpssVulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime +} + +func (o *EpssVulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v +} + +func (o *EpssVulnAssessmentRelationship) GetProbability() float64 { + return o.Probability +} + +func (o *EpssVulnAssessmentRelationship) SetProbability(v float64) { + o.Probability = v +} + +func (o *EpssVulnAssessmentRelationship) GetPercentile() float64 { + return o.Percentile +} + +func (o *EpssVulnAssessmentRelationship) SetPercentile(v float64) { + o.Percentile = v +} + +type EpssVulnAssessmentRelationshipList []AnyEpssVulnAssessmentRelationship + +func (v EpssVulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() []AnyEpssVulnAssessmentRelationship { + return ld.SliceOf[AnyEpssVulnAssessmentRelationship](v) +} + +// ExploitCatalogType Specifies the exploit catalog type. +type ExploitCatalogType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" node-kind:""` + id string `iri:"@id"` +} + +// ExploitCatalogType_Kev CISA's Known Exploited Vulnerability (KEV) Catalog +var ExploitCatalogType_Kev = ExploitCatalogType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", +} + +// ExploitCatalogType_Other Other exploit catalogs +var ExploitCatalogType_Other = ExploitCatalogType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other", +} + +type AnyExploitCatalogVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship + asExploitCatalogVulnAssessmentRelationship() + GetLocator() URI + SetLocator(URI) + GetExploited() bool + SetExploited(bool) + GetCatalogType() ExploitCatalogType + SetCatalogType(ExploitCatalogType) +} + +// ExploitCatalogVulnAssessmentRelationship Provides an exploit assessment of a vulnerability. +type ExploitCatalogVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Locator Provides the location of an exploit catalog. + Locator URI `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Exploited Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + Exploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" required:"true" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // CatalogType Specifies the exploit catalog type. + CatalogType ExploitCatalogType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/catalogType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType"` +} + +func (o *ExploitCatalogVulnAssessmentRelationship) asExploitCatalogVulnAssessmentRelationship() {} +func (o *ExploitCatalogVulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *ExploitCatalogVulnAssessmentRelationship) asRelationship() {} +func (o *ExploitCatalogVulnAssessmentRelationship) asElement() {} +func (o *ExploitCatalogVulnAssessmentRelationship) GetDescription() string { + return o.Description +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetComment() string { + return o.Comment +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetName() string { + return o.Name +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetName(v string) { + o.Name = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetTo() ElementList { + return o.To +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetFrom() AnyElement { + return o.From +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetType() RelationshipType { + return o.Type +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetLocator() URI { + return o.Locator +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetLocator(v URI) { + o.Locator = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetExploited() bool { + return o.Exploited +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetExploited(v bool) { + o.Exploited = v +} + +func (o *ExploitCatalogVulnAssessmentRelationship) GetCatalogType() ExploitCatalogType { + return o.CatalogType +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetCatalogType(v ExploitCatalogType) { + o.CatalogType = v +} + +type ExploitCatalogVulnAssessmentRelationshipList []AnyExploitCatalogVulnAssessmentRelationship + +func (v ExploitCatalogVulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() []AnyExploitCatalogVulnAssessmentRelationship { + return ld.SliceOf[AnyExploitCatalogVulnAssessmentRelationship](v) +} + +type AnyExtendableLicense interface { + AnyLicenseInfo + asExtendableLicense() +} + +// ExtendableLicense Abstract class representing a License or an OrLaterOperator. +type ExtendableLicenseList []AnyExtendableLicense + +func (v ExtendableLicenseList) CustomLicenses() []AnyCustomLicense { + return ld.SliceOf[AnyCustomLicense](v) +} + +func (v ExtendableLicenseList) ExtendableLicenses() []AnyExtendableLicense { + return ld.SliceOf[AnyExtendableLicense](v) +} + +func (v ExtendableLicenseList) Licenses() []AnyLicense { + return ld.SliceOf[AnyLicense](v) +} + +func (v ExtendableLicenseList) ListedLicenses() []AnyListedLicense { + return ld.SliceOf[AnyListedLicense](v) +} + +func (v ExtendableLicenseList) OrLaterOperators() []AnyOrLaterOperator { + return ld.SliceOf[AnyOrLaterOperator](v) +} + +type AnyExtension interface { + asExtension() +} + +// Extension A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. +type ExtensionList []AnyExtension + +func (v ExtensionList) CdxPropertiesExtensions() []AnyCdxPropertiesExtension { + return ld.SliceOf[AnyCdxPropertiesExtension](v) +} + +func (v ExtensionList) Extensions() []AnyExtension { + return ld.SliceOf[AnyExtension](v) +} + +type AnyExternalIdentifier interface { + asExternalIdentifier() + GetIdentifier() string + SetIdentifier(string) + GetIssuingAuthority() string + SetIssuingAuthority(string) + GetComment() string + SetComment(string) + GetIdentifierLocators() []URI + SetIdentifierLocators([]URI) + GetType() ExternalIdentifierType + SetType(ExternalIdentifierType) +} + +// ExternalIdentifier A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. +type ExternalIdentifier struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // Identifier Uniquely identifies an external element. + Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // IssuingAuthority An entity that is authorized to issue identification credentials. + IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // IdentifierLocators Provides the location for more information regarding an external identifier. + IdentifierLocators []URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Type Specifies the type of the external identifier. + Type ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` +} + +func (o *ExternalIdentifier) asExternalIdentifier() {} +func (o *ExternalIdentifier) GetIdentifier() string { + return o.Identifier +} + +func (o *ExternalIdentifier) SetIdentifier(v string) { + o.Identifier = v +} + +func (o *ExternalIdentifier) GetIssuingAuthority() string { + return o.IssuingAuthority +} + +func (o *ExternalIdentifier) SetIssuingAuthority(v string) { + o.IssuingAuthority = v +} + +func (o *ExternalIdentifier) GetComment() string { + return o.Comment +} + +func (o *ExternalIdentifier) SetComment(v string) { + o.Comment = v +} + +func (o *ExternalIdentifier) GetIdentifierLocators() []URI { + return o.IdentifierLocators +} + +func (o *ExternalIdentifier) SetIdentifierLocators(v []URI) { + o.IdentifierLocators = v +} + +func (o *ExternalIdentifier) GetType() ExternalIdentifierType { + return o.Type +} + +func (o *ExternalIdentifier) SetType(v ExternalIdentifierType) { + o.Type = v +} + +type ExternalIdentifierList []AnyExternalIdentifier + +func (v ExternalIdentifierList) ExternalIdentifiers() []AnyExternalIdentifier { + return ld.SliceOf[AnyExternalIdentifier](v) +} + +// ExternalIdentifierType Specifies the type of an external identifier. +type ExternalIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" node-kind:""` + id string `iri:"@id"` +} + +// ExternalIdentifierType_Cpe22 [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) +var ExternalIdentifierType_Cpe22 = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", +} + +// ExternalIdentifierType_Cpe23 [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) +var ExternalIdentifierType_Cpe23 = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23", +} + +// ExternalIdentifierType_Cve Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). +var ExternalIdentifierType_Cve = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve", +} + +// ExternalIdentifierType_Email Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. +var ExternalIdentifierType_Email = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email", +} + +// ExternalIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var ExternalIdentifierType_Gitoid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid", +} + +// ExternalIdentifierType_Other Used when the type does not match any of the other options. +var ExternalIdentifierType_Other = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", +} + +// ExternalIdentifierType_PackageURL Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. +var ExternalIdentifierType_PackageURL = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", +} + +// ExternalIdentifierType_SecurityOther Used when there is a security related identifier of unspecified type. +var ExternalIdentifierType_SecurityOther = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther", +} + +// ExternalIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var ExternalIdentifierType_Swhid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid", +} + +// ExternalIdentifierType_Swid Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. +var ExternalIdentifierType_Swid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid", +} + +// ExternalIdentifierType_UrlScheme [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. +var ExternalIdentifierType_UrlScheme = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme", +} + +type AnyExternalMap interface { + asExternalMap() + GetExternalSpdxID() URI + SetExternalSpdxID(URI) + GetLocationHint() URI + SetLocationHint(URI) + GetVerifiedUsing() IntegrityMethodList + SetVerifiedUsing(IntegrityMethodList) + GetDefiningArtifact() AnyArtifact + SetDefiningArtifact(AnyArtifact) +} + +// ExternalMap A map of Element identifiers that are used within an SpdxDocument but defined external to that SpdxDocument. +type ExternalMap struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // ExternalSpdxID Identifies an external Element used within an SpdxDocument but defined external to that SpdxDocument. + ExternalSpdxID URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // LocationHint Provides an indication of where to retrieve an external Element. + LocationHint URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // DefiningArtifact Artifact representing a serialization instance of SPDX data containing the definition of a particular Element. + DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" type:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` +} + +func (o *ExternalMap) asExternalMap() {} +func (o *ExternalMap) GetExternalSpdxID() URI { + return o.ExternalSpdxID +} + +func (o *ExternalMap) SetExternalSpdxID(v URI) { + o.ExternalSpdxID = v +} + +func (o *ExternalMap) GetLocationHint() URI { + return o.LocationHint +} + +func (o *ExternalMap) SetLocationHint(v URI) { + o.LocationHint = v +} + +func (o *ExternalMap) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *ExternalMap) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *ExternalMap) GetDefiningArtifact() AnyArtifact { + return o.DefiningArtifact +} + +func (o *ExternalMap) SetDefiningArtifact(v AnyArtifact) { + o.DefiningArtifact = v +} + +type ExternalMapList []AnyExternalMap + +func (v ExternalMapList) ExternalMaps() []AnyExternalMap { + return ld.SliceOf[AnyExternalMap](v) +} + +type AnyExternalRef interface { + asExternalRef() + GetLocators() []string + SetLocators([]string) + GetContentType() string + SetContentType(string) + GetType() ExternalRefType + SetType(ExternalRefType) + GetComment() string + SetComment(string) +} + +// ExternalRef A reference to a resource outside the scope of SPDX-3.0 content related to an Element. +type ExternalRef struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // Locators Provides the location of an external reference. + Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" type:"http://www.w3.org/2001/XMLSchema#string"` + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // Type Specifies the type of the external reference. + Type ExternalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *ExternalRef) asExternalRef() {} +func (o *ExternalRef) GetLocators() []string { + return o.Locators +} + +func (o *ExternalRef) SetLocators(v []string) { + o.Locators = v +} + +func (o *ExternalRef) GetContentType() string { + return o.ContentType +} + +func (o *ExternalRef) SetContentType(v string) { + o.ContentType = v +} + +func (o *ExternalRef) GetType() ExternalRefType { + return o.Type +} + +func (o *ExternalRef) SetType(v ExternalRefType) { + o.Type = v +} + +func (o *ExternalRef) GetComment() string { + return o.Comment +} + +func (o *ExternalRef) SetComment(v string) { + o.Comment = v +} + +type ExternalRefList []AnyExternalRef + +func (v ExternalRefList) ExternalRefs() []AnyExternalRef { + return ld.SliceOf[AnyExternalRef](v) +} + +// ExternalRefType Specifies the type of an external reference. +type ExternalRefType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" node-kind:""` + id string `iri:"@id"` +} + +// ExternalRefType_AltDownloadLocation A reference to an alternative download location. +var ExternalRefType_AltDownloadLocation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", +} + +// ExternalRefType_AltWebPage A reference to an alternative web page. +var ExternalRefType_AltWebPage = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage", +} + +// ExternalRefType_BinaryArtifact A reference to binary artifacts related to a package. +var ExternalRefType_BinaryArtifact = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact", +} + +// ExternalRefType_Bower A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install). +var ExternalRefType_Bower = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower", +} + +// ExternalRefType_BuildMeta A reference build metadata related to a published package. +var ExternalRefType_BuildMeta = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta", +} + +// ExternalRefType_BuildSystem A reference build system used to create or publish the package. +var ExternalRefType_BuildSystem = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem", +} + +// ExternalRefType_CertificationReport A reference to a certification report for a package from an accredited/independent body. +var ExternalRefType_CertificationReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport", +} + +// ExternalRefType_Chat A reference to the instant messaging system used by the maintainer for a package. +var ExternalRefType_Chat = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat", +} + +// ExternalRefType_ComponentAnalysisReport A reference to a Software Composition Analysis (SCA) report. +var ExternalRefType_ComponentAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport", +} + +// ExternalRefType_Cwe [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). +var ExternalRefType_Cwe = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe", +} + +// ExternalRefType_Documentation A reference to the documentation for a package. +var ExternalRefType_Documentation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation", +} + +// ExternalRefType_DynamicAnalysisReport A reference to a dynamic analysis report for a package. +var ExternalRefType_DynamicAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport", +} + +// ExternalRefType_EolNotice A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. +var ExternalRefType_EolNotice = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice", +} + +// ExternalRefType_ExportControlAssessment A reference to a export control assessment for a package. +var ExternalRefType_ExportControlAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment", +} + +// ExternalRefType_Funding A reference to funding information related to a package. +var ExternalRefType_Funding = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding", +} + +// ExternalRefType_IssueTracker A reference to the issue tracker for a package. +var ExternalRefType_IssueTracker = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker", +} + +// ExternalRefType_License A reference to additional license information related to an artifact. +var ExternalRefType_License = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license", +} + +// ExternalRefType_MailingList A reference to the mailing list used by the maintainer for a package. +var ExternalRefType_MailingList = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList", +} + +// ExternalRefType_MavenCentral A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. +var ExternalRefType_MavenCentral = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral", +} + +// ExternalRefType_Metrics A reference to metrics related to package such as OpenSSF scorecards. +var ExternalRefType_Metrics = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics", +} + +// ExternalRefType_Npm A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. +var ExternalRefType_Npm = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm", +} + +// ExternalRefType_Nuget A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. +var ExternalRefType_Nuget = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget", +} + +// ExternalRefType_Other Used when the type does not match any of the other options. +var ExternalRefType_Other = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other", +} + +// ExternalRefType_PrivacyAssessment A reference to a privacy assessment for a package. +var ExternalRefType_PrivacyAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment", +} + +// ExternalRefType_ProductMetadata A reference to additional product metadata such as reference within organization's product catalog. +var ExternalRefType_ProductMetadata = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata", +} + +// ExternalRefType_PurchaseOrder A reference to a purchase order for a package. +var ExternalRefType_PurchaseOrder = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder", +} + +// ExternalRefType_QualityAssessmentReport A reference to a quality assessment for a package. +var ExternalRefType_QualityAssessmentReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport", +} + +// ExternalRefType_ReleaseHistory A reference to a published list of releases for a package. +var ExternalRefType_ReleaseHistory = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory", +} + +// ExternalRefType_ReleaseNotes A reference to the release notes for a package. +var ExternalRefType_ReleaseNotes = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes", +} + +// ExternalRefType_RiskAssessment A reference to a risk assessment for a package. +var ExternalRefType_RiskAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment", +} + +// ExternalRefType_RuntimeAnalysisReport A reference to a runtime analysis report for a package. +var ExternalRefType_RuntimeAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport", +} + +// ExternalRefType_SecureSoftwareAttestation A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). +var ExternalRefType_SecureSoftwareAttestation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation", +} + +// ExternalRefType_SecurityAdversaryModel A reference to the security adversary model for a package. +var ExternalRefType_SecurityAdversaryModel = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel", +} + +// ExternalRefType_SecurityAdvisory A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. +var ExternalRefType_SecurityAdvisory = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory", +} + +// ExternalRefType_SecurityFix A reference to the patch or source code that fixes a vulnerability. +var ExternalRefType_SecurityFix = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix", +} + +// ExternalRefType_SecurityOther A reference to related security information of unspecified type. +var ExternalRefType_SecurityOther = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther", +} + +// ExternalRefType_SecurityPenTestReport A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. +var ExternalRefType_SecurityPenTestReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport", +} + +// ExternalRefType_SecurityPolicy A reference to instructions for reporting newly discovered security vulnerabilities for a package. +var ExternalRefType_SecurityPolicy = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy", +} + +// ExternalRefType_SecurityThreatModel A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. +var ExternalRefType_SecurityThreatModel = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel", +} + +// ExternalRefType_SocialMedia A reference to a social media channel for a package. +var ExternalRefType_SocialMedia = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia", +} + +// ExternalRefType_SourceArtifact A reference to an artifact containing the sources for a package. +var ExternalRefType_SourceArtifact = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact", +} + +// ExternalRefType_StaticAnalysisReport A reference to a static analysis report for a package. +var ExternalRefType_StaticAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport", +} + +// ExternalRefType_Support A reference to the software support channel or other support information for a package. +var ExternalRefType_Support = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support", +} + +// ExternalRefType_Vcs A reference to a version control system related to a software artifact. +var ExternalRefType_Vcs = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs", +} + +// ExternalRefType_VulnerabilityDisclosureReport A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). +var ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport", +} + +// ExternalRefType_VulnerabilityExploitabilityAssessment A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). +var ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment", +} + +type AnyFile interface { + AnySoftwareArtifact + asFile() + GetContentType() string + SetContentType(string) + GetKind() FileKindType + SetKind(FileKindType) +} + +// File Refers to any object that stores content on a computer. +type File struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be used for verifying its identity and/or integrity. + ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for a software Package, File or Snippet. + AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` + // AdditionalPurposes Provides additional purpose information of the software artifact. + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // PrimaryPurpose Provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // CopyrightText Identifies the text of one or more copyright notices for a software Package, File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // Kind Describes if a given file is a directory or non-directory kind of file. + Kind FileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" type:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` +} + +func (o *File) asFile() {} +func (o *File) asSoftwareArtifact() {} +func (o *File) asArtifact() {} +func (o *File) asElement() {} +func (o *File) GetDescription() string { + return o.Description +} + +func (o *File) SetDescription(v string) { + o.Description = v +} + +func (o *File) GetComment() string { + return o.Comment +} + +func (o *File) SetComment(v string) { + o.Comment = v +} + +func (o *File) GetName() string { + return o.Name +} + +func (o *File) SetName(v string) { + o.Name = v +} + +func (o *File) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *File) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *File) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *File) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *File) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *File) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *File) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *File) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *File) GetSummary() string { + return o.Summary +} + +func (o *File) SetSummary(v string) { + o.Summary = v +} + +func (o *File) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *File) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *File) GetStandardNames() []string { + return o.StandardNames +} + +func (o *File) SetStandardNames(v []string) { + o.StandardNames = v +} + +func (o *File) GetBuiltTime() time.Time { + return o.BuiltTime +} + +func (o *File) SetBuiltTime(v time.Time) { + o.BuiltTime = v +} + +func (o *File) GetReleaseTime() time.Time { + return o.ReleaseTime +} + +func (o *File) SetReleaseTime(v time.Time) { + o.ReleaseTime = v +} + +func (o *File) GetSupportLevels() []SupportType { + return o.SupportLevels +} + +func (o *File) SetSupportLevels(v []SupportType) { + o.SupportLevels = v +} + +func (o *File) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *File) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *File) GetOriginatedBy() AgentList { + return o.OriginatedBy +} + +func (o *File) SetOriginatedBy(v AgentList) { + o.OriginatedBy = v +} + +func (o *File) GetValidUntilTime() time.Time { + return o.ValidUntilTime +} + +func (o *File) SetValidUntilTime(v time.Time) { + o.ValidUntilTime = v +} + +func (o *File) GetContentIdentifiers() ContentIdentifierList { + return o.ContentIdentifiers +} + +func (o *File) SetContentIdentifiers(v ContentIdentifierList) { + o.ContentIdentifiers = v +} + +func (o *File) GetAttributionTexts() []string { + return o.AttributionTexts +} + +func (o *File) SetAttributionTexts(v []string) { + o.AttributionTexts = v +} + +func (o *File) GetAdditionalPurposes() []SoftwarePurpose { + return o.AdditionalPurposes +} + +func (o *File) SetAdditionalPurposes(v []SoftwarePurpose) { + o.AdditionalPurposes = v +} + +func (o *File) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} + +func (o *File) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *File) GetCopyrightText() string { + return o.CopyrightText +} + +func (o *File) SetCopyrightText(v string) { + o.CopyrightText = v +} + +func (o *File) GetContentType() string { + return o.ContentType +} + +func (o *File) SetContentType(v string) { + o.ContentType = v +} + +func (o *File) GetKind() FileKindType { + return o.Kind +} + +func (o *File) SetKind(v FileKindType) { + o.Kind = v +} + +type FileList []AnyFile + +func (v FileList) Files() []AnyFile { + return ld.SliceOf[AnyFile](v) +} + +// FileKindType Enumeration of the different kinds of SPDX file. +type FileKindType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" node-kind:""` + id string `iri:"@id"` +} + +// FileKindType_Directory The file represents a directory and all content stored in that directory. +var FileKindType_Directory = FileKindType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", +} + +// FileKindType_File The file represents a single file (default). +var FileKindType_File = FileKindType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file", +} + +type AnyHash interface { + AnyIntegrityMethod + asHash() + GetValue() string + SetValue(string) + GetAlgorithm() HashAlgorithm + SetAlgorithm(HashAlgorithm) +} + +// Hash A mathematically calculated representation of a grouping of data. +type Hash struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Hash" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Value The result of applying a hash algorithm to an Element. + Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Algorithm Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` +} + +func (o *Hash) asHash() {} +func (o *Hash) asIntegrityMethod() {} +func (o *Hash) GetComment() string { + return o.Comment +} + +func (o *Hash) SetComment(v string) { + o.Comment = v +} + +func (o *Hash) GetValue() string { + return o.Value +} + +func (o *Hash) SetValue(v string) { + o.Value = v +} + +func (o *Hash) GetAlgorithm() HashAlgorithm { + return o.Algorithm +} + +func (o *Hash) SetAlgorithm(v HashAlgorithm) { + o.Algorithm = v +} + +type HashList []AnyHash + +func (v HashList) Hashes() []AnyHash { + return ld.SliceOf[AnyHash](v) +} + +// HashAlgorithm A mathematical algorithm that maps data of arbitrary size to a bit string. +type HashAlgorithm struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" node-kind:""` + id string `iri:"@id"` +} + +// HashAlgorithm_Adler32 Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. +var HashAlgorithm_Adler32 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32", +} + +// HashAlgorithm_Blake2b256 BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", +} + +// HashAlgorithm_Blake2b384 BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", +} + +// HashAlgorithm_Blake2b512 BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", +} + +// HashAlgorithm_Blake3 [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) +var HashAlgorithm_Blake3 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", +} + +// HashAlgorithm_CrystalsDilithium [Dilithium](https://pq-crystals.org/dilithium/) +var HashAlgorithm_CrystalsDilithium = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", +} + +// HashAlgorithm_CrystalsKyber [Kyber](https://pq-crystals.org/kyber/) +var HashAlgorithm_CrystalsKyber = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", +} + +// HashAlgorithm_Falcon [FALCON](https://falcon-sign.info/falcon.pdf) +var HashAlgorithm_Falcon = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", +} + +// HashAlgorithm_Md2 MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). +var HashAlgorithm_Md2 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", +} + +// HashAlgorithm_Md4 MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). +var HashAlgorithm_Md4 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", +} + +// HashAlgorithm_Md5 MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). +var HashAlgorithm_Md5 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", +} + +// HashAlgorithm_Md6 [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) +var HashAlgorithm_Md6 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", +} + +// HashAlgorithm_Other any hashing algorithm that does not exist in this list of entries +var HashAlgorithm_Other = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", +} + +// HashAlgorithm_Sha1 SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). +var HashAlgorithm_Sha1 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", +} + +// HashAlgorithm_Sha224 SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). +var HashAlgorithm_Sha224 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", +} + +// HashAlgorithm_Sha256 SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", +} + +// HashAlgorithm_Sha384 SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", +} + +// HashAlgorithm_Sha3_224 SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_224 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", +} + +// HashAlgorithm_Sha3_256 SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", +} + +// HashAlgorithm_Sha3_384 SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", +} + +// HashAlgorithm_Sha3_512 SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", +} + +// HashAlgorithm_Sha512 SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", +} + +type AnyIndividualElement interface { + AnyElement + asIndividualElement() +} + +// IndividualElement A concrete subclass of Element used by Individuals in the Core profile. +type IndividualElement struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` +} + +func (o *IndividualElement) asIndividualElement() {} +func (o *IndividualElement) asElement() {} +func (o *IndividualElement) GetDescription() string { + return o.Description +} + +func (o *IndividualElement) SetDescription(v string) { + o.Description = v +} + +func (o *IndividualElement) GetComment() string { + return o.Comment +} + +func (o *IndividualElement) SetComment(v string) { + o.Comment = v +} + +func (o *IndividualElement) GetName() string { + return o.Name +} + +func (o *IndividualElement) SetName(v string) { + o.Name = v +} + +func (o *IndividualElement) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *IndividualElement) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *IndividualElement) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *IndividualElement) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *IndividualElement) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *IndividualElement) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *IndividualElement) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *IndividualElement) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *IndividualElement) GetSummary() string { + return o.Summary +} + +func (o *IndividualElement) SetSummary(v string) { + o.Summary = v +} + +func (o *IndividualElement) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *IndividualElement) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +// IndividualElement_NoAssertionElement An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number). +var IndividualElement_NoAssertionElement AnyIndividualElement = &IndividualElement{ + ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", +} + +// IndividualElement_NoneElement An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero. +var IndividualElement_NoneElement AnyIndividualElement = &IndividualElement{ + ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", +} + +type IndividualElementList []AnyIndividualElement + +func (v IndividualElementList) IndividualElements() []AnyIndividualElement { + return ld.SliceOf[AnyIndividualElement](v) +} + +type AnyIndividualLicensingInfo interface { + AnyLicenseInfo + asIndividualLicensingInfo() +} + +// IndividualLicensingInfo A concrete subclass of AnyLicenseInfo used by Individuals in the ExpandedLicensing profile. +type IndividualLicensingInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` +} + +func (o *IndividualLicensingInfo) asIndividualLicensingInfo() {} +func (o *IndividualLicensingInfo) asLicenseInfo() {} +func (o *IndividualLicensingInfo) asElement() {} +func (o *IndividualLicensingInfo) GetDescription() string { + return o.Description +} + +func (o *IndividualLicensingInfo) SetDescription(v string) { + o.Description = v +} + +func (o *IndividualLicensingInfo) GetComment() string { + return o.Comment +} + +func (o *IndividualLicensingInfo) SetComment(v string) { + o.Comment = v +} + +func (o *IndividualLicensingInfo) GetName() string { + return o.Name +} + +func (o *IndividualLicensingInfo) SetName(v string) { + o.Name = v +} + +func (o *IndividualLicensingInfo) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *IndividualLicensingInfo) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *IndividualLicensingInfo) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *IndividualLicensingInfo) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *IndividualLicensingInfo) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *IndividualLicensingInfo) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *IndividualLicensingInfo) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *IndividualLicensingInfo) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *IndividualLicensingInfo) GetSummary() string { + return o.Summary +} + +func (o *IndividualLicensingInfo) SetSummary(v string) { + o.Summary = v +} + +func (o *IndividualLicensingInfo) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *IndividualLicensingInfo) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +// IndividualLicensingInfo_NoAssertionLicense An Individual Value for License when no assertion can be made about its actual\nvalue. +var IndividualLicensingInfo_NoAssertionLicense AnyIndividualLicensingInfo = &IndividualLicensingInfo{ + ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", +} + +// IndividualLicensingInfo_NoneLicense An Individual Value for License where the SPDX data creator determines that no\nlicense is present. +var IndividualLicensingInfo_NoneLicense AnyIndividualLicensingInfo = &IndividualLicensingInfo{ + ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", +} + +type IndividualLicensingInfoList []AnyIndividualLicensingInfo + +func (v IndividualLicensingInfoList) IndividualLicensingInfos() []AnyIndividualLicensingInfo { + return ld.SliceOf[AnyIndividualLicensingInfo](v) +} + +type AnyIntegrityMethod interface { + asIntegrityMethod() + GetComment() string + SetComment(string) +} + +// IntegrityMethod Provides an independently reproducible mechanism that permits verification of a specific Element. +type IntegrityMethodList []AnyIntegrityMethod + +func (v IntegrityMethodList) ContentIdentifiers() []AnyContentIdentifier { + return ld.SliceOf[AnyContentIdentifier](v) +} + +func (v IntegrityMethodList) Hashes() []AnyHash { + return ld.SliceOf[AnyHash](v) +} + +func (v IntegrityMethodList) IntegrityMethods() []AnyIntegrityMethod { + return ld.SliceOf[AnyIntegrityMethod](v) +} + +func (v IntegrityMethodList) PackageVerificationCodes() []AnyPackageVerificationCode { + return ld.SliceOf[AnyPackageVerificationCode](v) +} + +type AnyLicense interface { + AnyExtendableLicense + asLicense() + GetSeeAlsos() []URI + SetSeeAlsos([]URI) + GetIsDeprecatedLicenseID() bool + SetIsDeprecatedLicenseID(bool) + GetObsoletedBy() string + SetObsoletedBy(string) + GetStandardLicenseHeader() string + SetStandardLicenseHeader(string) + GetText() string + SetText(string) + GetIsOsiApproved() bool + SetIsOsiApproved(bool) + GetXml() string + SetXml(string) + GetIsFsfLibre() bool + SetIsFsfLibre(bool) + GetStandardLicenseTemplate() string + SetStandardLicenseTemplate(string) +} + +// License Abstract class for the portion of an AnyLicenseInfo representing a license. +type LicenseList []AnyLicense + +func (v LicenseList) CustomLicenses() []AnyCustomLicense { + return ld.SliceOf[AnyCustomLicense](v) +} + +func (v LicenseList) Licenses() []AnyLicense { + return ld.SliceOf[AnyLicense](v) +} + +func (v LicenseList) ListedLicenses() []AnyListedLicense { + return ld.SliceOf[AnyListedLicense](v) +} + +type AnyLicenseAddition interface { + AnyElement + asLicenseAddition() + GetAdditionText() string + SetAdditionText(string) + GetObsoletedBy() string + SetObsoletedBy(string) + GetLicenseXml() string + SetLicenseXml(string) + GetStandardAdditionTemplate() string + SetStandardAdditionTemplate(string) + GetSeeAlsos() []URI + SetSeeAlsos([]URI) + GetIsDeprecatedAdditionID() bool + SetIsDeprecatedAdditionID(bool) +} + +// LicenseAddition Abstract class for additional text intended to be added to a License, but which is not itself a standalone License. +type LicenseAdditionList []AnyLicenseAddition + +func (v LicenseAdditionList) CustomLicenseAdditions() []AnyCustomLicenseAddition { + return ld.SliceOf[AnyCustomLicenseAddition](v) +} + +func (v LicenseAdditionList) LicenseAdditions() []AnyLicenseAddition { + return ld.SliceOf[AnyLicenseAddition](v) +} + +func (v LicenseAdditionList) ListedLicenseExceptions() []AnyListedLicenseException { + return ld.SliceOf[AnyListedLicenseException](v) +} + +type AnyLicenseExpression interface { + AnyLicenseInfo + asLicenseExpression() + GetLicenseExpression() string + SetLicenseExpression(string) + GetCustomIdToUris() DictionaryEntryList + SetCustomIdToUris(DictionaryEntryList) + GetLicenseListVersion() string + SetLicenseListVersion(string) +} + +// LicenseExpression An SPDX Element containing an SPDX license expression string. +type LicenseExpression struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // LicenseExpression A string in the license expression format. + LicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // CustomIdToUris Maps a LicenseRef or AdditionRef string for a Custom License or a Custom License Addition to its URI ID. + CustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // LicenseListVersion The version of the SPDX License List used in the license expression. + LicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *LicenseExpression) asLicenseExpression() {} +func (o *LicenseExpression) asLicenseInfo() {} +func (o *LicenseExpression) asElement() {} +func (o *LicenseExpression) GetDescription() string { + return o.Description +} + +func (o *LicenseExpression) SetDescription(v string) { + o.Description = v +} + +func (o *LicenseExpression) GetComment() string { + return o.Comment +} + +func (o *LicenseExpression) SetComment(v string) { + o.Comment = v +} + +func (o *LicenseExpression) GetName() string { + return o.Name +} + +func (o *LicenseExpression) SetName(v string) { + o.Name = v +} + +func (o *LicenseExpression) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *LicenseExpression) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *LicenseExpression) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *LicenseExpression) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *LicenseExpression) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *LicenseExpression) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *LicenseExpression) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *LicenseExpression) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *LicenseExpression) GetSummary() string { + return o.Summary +} + +func (o *LicenseExpression) SetSummary(v string) { + o.Summary = v +} + +func (o *LicenseExpression) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *LicenseExpression) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *LicenseExpression) GetLicenseExpression() string { + return o.LicenseExpression +} + +func (o *LicenseExpression) SetLicenseExpression(v string) { + o.LicenseExpression = v +} + +func (o *LicenseExpression) GetCustomIdToUris() DictionaryEntryList { + return o.CustomIdToUris +} + +func (o *LicenseExpression) SetCustomIdToUris(v DictionaryEntryList) { + o.CustomIdToUris = v +} + +func (o *LicenseExpression) GetLicenseListVersion() string { + return o.LicenseListVersion +} + +func (o *LicenseExpression) SetLicenseListVersion(v string) { + o.LicenseListVersion = v +} + +type LicenseExpressionList []AnyLicenseExpression + +func (v LicenseExpressionList) LicenseExpressions() []AnyLicenseExpression { + return ld.SliceOf[AnyLicenseExpression](v) +} + +type AnyLicenseInfo interface { + AnyElement + asLicenseInfo() +} + +// LicenseInfo Abstract class representing a license combination consisting of one or more licenses. +type LicenseInfoList []AnyLicenseInfo + +func (v LicenseInfoList) ConjunctiveLicenseSets() []AnyConjunctiveLicenseSet { + return ld.SliceOf[AnyConjunctiveLicenseSet](v) +} + +func (v LicenseInfoList) CustomLicenses() []AnyCustomLicense { + return ld.SliceOf[AnyCustomLicense](v) +} + +func (v LicenseInfoList) DisjunctiveLicenseSets() []AnyDisjunctiveLicenseSet { + return ld.SliceOf[AnyDisjunctiveLicenseSet](v) +} + +func (v LicenseInfoList) ExtendableLicenses() []AnyExtendableLicense { + return ld.SliceOf[AnyExtendableLicense](v) +} + +func (v LicenseInfoList) IndividualLicensingInfos() []AnyIndividualLicensingInfo { + return ld.SliceOf[AnyIndividualLicensingInfo](v) +} + +func (v LicenseInfoList) Licenses() []AnyLicense { + return ld.SliceOf[AnyLicense](v) +} + +func (v LicenseInfoList) LicenseExpressions() []AnyLicenseExpression { + return ld.SliceOf[AnyLicenseExpression](v) +} + +func (v LicenseInfoList) LicenseInfos() []AnyLicenseInfo { + return ld.SliceOf[AnyLicenseInfo](v) +} + +func (v LicenseInfoList) ListedLicenses() []AnyListedLicense { + return ld.SliceOf[AnyListedLicense](v) +} + +func (v LicenseInfoList) OrLaterOperators() []AnyOrLaterOperator { + return ld.SliceOf[AnyOrLaterOperator](v) +} + +func (v LicenseInfoList) WithAdditionOperators() []AnyWithAdditionOperator { + return ld.SliceOf[AnyWithAdditionOperator](v) +} + +// LifecycleScopeType Provide an enumerated set of lifecycle phases that can provide context to relationships. +type LifecycleScopeType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" node-kind:""` + id string `iri:"@id"` +} + +// LifecycleScopeType_Build A relationship has specific context implications during an element's build phase, during development. +var LifecycleScopeType_Build = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", +} + +// LifecycleScopeType_Design A relationship has specific context implications during an element's design. +var LifecycleScopeType_Design = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design", +} + +// LifecycleScopeType_Development A relationship has specific context implications during development phase of an element. +var LifecycleScopeType_Development = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development", +} + +// LifecycleScopeType_Other A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. +var LifecycleScopeType_Other = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other", +} + +// LifecycleScopeType_Runtime A relationship has specific context implications during the execution phase of an element. +var LifecycleScopeType_Runtime = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime", +} + +// LifecycleScopeType_Test A relationship has specific context implications during an element's testing phase, during development. +var LifecycleScopeType_Test = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test", +} + +type AnyLifecycleScopedRelationship interface { + AnyRelationship + asLifecycleScopedRelationship() + GetScope() LifecycleScopeType + SetScope(LifecycleScopeType) +} + +// LifecycleScopedRelationship Provide context for a relationship that occurs in the lifecycle. +type LifecycleScopedRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Scope Capture the scope of information about a specific relationship between elements. + Scope LifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" type:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` +} + +func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() {} +func (o *LifecycleScopedRelationship) asRelationship() {} +func (o *LifecycleScopedRelationship) asElement() {} +func (o *LifecycleScopedRelationship) GetDescription() string { + return o.Description +} + +func (o *LifecycleScopedRelationship) SetDescription(v string) { + o.Description = v +} + +func (o *LifecycleScopedRelationship) GetComment() string { + return o.Comment +} + +func (o *LifecycleScopedRelationship) SetComment(v string) { + o.Comment = v +} + +func (o *LifecycleScopedRelationship) GetName() string { + return o.Name +} + +func (o *LifecycleScopedRelationship) SetName(v string) { + o.Name = v +} + +func (o *LifecycleScopedRelationship) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *LifecycleScopedRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *LifecycleScopedRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *LifecycleScopedRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *LifecycleScopedRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *LifecycleScopedRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *LifecycleScopedRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *LifecycleScopedRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *LifecycleScopedRelationship) GetSummary() string { + return o.Summary +} + +func (o *LifecycleScopedRelationship) SetSummary(v string) { + o.Summary = v +} + +func (o *LifecycleScopedRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *LifecycleScopedRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *LifecycleScopedRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} + +func (o *LifecycleScopedRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *LifecycleScopedRelationship) GetEndTime() time.Time { + return o.EndTime +} + +func (o *LifecycleScopedRelationship) SetEndTime(v time.Time) { + o.EndTime = v +} + +func (o *LifecycleScopedRelationship) GetTo() ElementList { + return o.To +} + +func (o *LifecycleScopedRelationship) SetTo(v ElementList) { + o.To = v +} + +func (o *LifecycleScopedRelationship) GetFrom() AnyElement { + return o.From +} + +func (o *LifecycleScopedRelationship) SetFrom(v AnyElement) { + o.From = v +} + +func (o *LifecycleScopedRelationship) GetType() RelationshipType { + return o.Type +} + +func (o *LifecycleScopedRelationship) SetType(v RelationshipType) { + o.Type = v +} + +func (o *LifecycleScopedRelationship) GetStartTime() time.Time { + return o.StartTime +} + +func (o *LifecycleScopedRelationship) SetStartTime(v time.Time) { + o.StartTime = v +} + +func (o *LifecycleScopedRelationship) GetScope() LifecycleScopeType { + return o.Scope +} + +func (o *LifecycleScopedRelationship) SetScope(v LifecycleScopeType) { + o.Scope = v +} + +type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship + +func (v LifecycleScopedRelationshipList) LifecycleScopedRelationships() []AnyLifecycleScopedRelationship { + return ld.SliceOf[AnyLifecycleScopedRelationship](v) +} + +type AnyListedLicense interface { + AnyLicense + asListedLicense() + GetListVersionAdded() string + SetListVersionAdded(string) + GetDeprecatedVersion() string + SetDeprecatedVersion(string) +} + +// ListedLicense A license that is listed on the SPDX License List. +type ListedLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. + SeeAlsos []URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedLicenseID Specifies whether a license or additional text identifier has been marked as deprecated. + IsDeprecatedLicenseID bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardLicenseHeader Provides a License author's preferred text to indicate that a file is covered by the License. + StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" type:"http://www.w3.org/2001/XMLSchema#string"` + // Text Identifies the full text of a License or Addition. + Text string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsOsiApproved Specifies whether the License is listed as approved by the Open Source Initiative (OSI). + IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // Xml Identifies all the text and metadata associated with a license in the license XML format. + Xml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsFsfLibre Specifies whether the License is listed as free by the Free Software Foundation (FSF). + IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // StandardLicenseTemplate Identifies the full text of a License, in SPDX templating format. + StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or ListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception identifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *ListedLicense) asListedLicense() {} +func (o *ListedLicense) asLicense() {} +func (o *ListedLicense) asExtendableLicense() {} +func (o *ListedLicense) asLicenseInfo() {} +func (o *ListedLicense) asElement() {} +func (o *ListedLicense) GetDescription() string { + return o.Description +} + +func (o *ListedLicense) SetDescription(v string) { + o.Description = v +} + +func (o *ListedLicense) GetComment() string { + return o.Comment +} + +func (o *ListedLicense) SetComment(v string) { + o.Comment = v +} + +func (o *ListedLicense) GetName() string { + return o.Name +} + +func (o *ListedLicense) SetName(v string) { + o.Name = v +} + +func (o *ListedLicense) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *ListedLicense) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *ListedLicense) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *ListedLicense) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *ListedLicense) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *ListedLicense) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *ListedLicense) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *ListedLicense) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *ListedLicense) GetSummary() string { + return o.Summary +} + +func (o *ListedLicense) SetSummary(v string) { + o.Summary = v +} + +func (o *ListedLicense) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *ListedLicense) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *ListedLicense) GetSeeAlsos() []URI { + return o.SeeAlsos +} + +func (o *ListedLicense) SetSeeAlsos(v []URI) { + o.SeeAlsos = v +} + +func (o *ListedLicense) GetIsDeprecatedLicenseID() bool { + return o.IsDeprecatedLicenseID +} + +func (o *ListedLicense) SetIsDeprecatedLicenseID(v bool) { + o.IsDeprecatedLicenseID = v +} + +func (o *ListedLicense) GetObsoletedBy() string { + return o.ObsoletedBy +} + +func (o *ListedLicense) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} + +func (o *ListedLicense) GetStandardLicenseHeader() string { + return o.StandardLicenseHeader +} + +func (o *ListedLicense) SetStandardLicenseHeader(v string) { + o.StandardLicenseHeader = v +} + +func (o *ListedLicense) GetText() string { + return o.Text +} + +func (o *ListedLicense) SetText(v string) { + o.Text = v +} + +func (o *ListedLicense) GetIsOsiApproved() bool { + return o.IsOsiApproved +} + +func (o *ListedLicense) SetIsOsiApproved(v bool) { + o.IsOsiApproved = v +} + +func (o *ListedLicense) GetXml() string { + return o.Xml +} + +func (o *ListedLicense) SetXml(v string) { + o.Xml = v +} + +func (o *ListedLicense) GetIsFsfLibre() bool { + return o.IsFsfLibre +} + +func (o *ListedLicense) SetIsFsfLibre(v bool) { + o.IsFsfLibre = v +} + +func (o *ListedLicense) GetStandardLicenseTemplate() string { + return o.StandardLicenseTemplate +} + +func (o *ListedLicense) SetStandardLicenseTemplate(v string) { + o.StandardLicenseTemplate = v +} + +func (o *ListedLicense) GetListVersionAdded() string { + return o.ListVersionAdded +} + +func (o *ListedLicense) SetListVersionAdded(v string) { + o.ListVersionAdded = v +} + +func (o *ListedLicense) GetDeprecatedVersion() string { + return o.DeprecatedVersion +} + +func (o *ListedLicense) SetDeprecatedVersion(v string) { + o.DeprecatedVersion = v +} + +type ListedLicenseList []AnyListedLicense + +func (v ListedLicenseList) ListedLicenses() []AnyListedLicense { + return ld.SliceOf[AnyListedLicense](v) +} + +type AnyListedLicenseException interface { + AnyLicenseAddition + asListedLicenseException() + GetDeprecatedVersion() string + SetDeprecatedVersion(string) + GetListVersionAdded() string + SetListVersionAdded(string) +} + +// ListedLicenseException A license exception that is listed on the SPDX Exceptions list. +type ListedLicenseException struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // AdditionText Identifies the full text of a LicenseAddition. + AdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated License or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` + // LicenseXml Identifies all the text and metadata associated with a license in the license XML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardAdditionTemplate Identifies the full text of a LicenseAddition, in SPDX templating format. + StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` + // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. + SeeAlsos []URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedAdditionID Specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionID bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception identifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or ListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *ListedLicenseException) asListedLicenseException() {} +func (o *ListedLicenseException) asLicenseAddition() {} +func (o *ListedLicenseException) asElement() {} +func (o *ListedLicenseException) GetDescription() string { + return o.Description +} + +func (o *ListedLicenseException) SetDescription(v string) { + o.Description = v +} + +func (o *ListedLicenseException) GetComment() string { + return o.Comment +} + +func (o *ListedLicenseException) SetComment(v string) { + o.Comment = v +} + +func (o *ListedLicenseException) GetName() string { + return o.Name +} + +func (o *ListedLicenseException) SetName(v string) { + o.Name = v +} + +func (o *ListedLicenseException) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *ListedLicenseException) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *ListedLicenseException) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *ListedLicenseException) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *ListedLicenseException) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *ListedLicenseException) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *ListedLicenseException) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *ListedLicenseException) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *ListedLicenseException) GetSummary() string { + return o.Summary +} + +func (o *ListedLicenseException) SetSummary(v string) { + o.Summary = v +} + +func (o *ListedLicenseException) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *ListedLicenseException) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *ListedLicenseException) GetAdditionText() string { + return o.AdditionText +} + +func (o *ListedLicenseException) SetAdditionText(v string) { + o.AdditionText = v +} + +func (o *ListedLicenseException) GetObsoletedBy() string { + return o.ObsoletedBy +} + +func (o *ListedLicenseException) SetObsoletedBy(v string) { + o.ObsoletedBy = v +} + +func (o *ListedLicenseException) GetLicenseXml() string { + return o.LicenseXml +} + +func (o *ListedLicenseException) SetLicenseXml(v string) { + o.LicenseXml = v +} + +func (o *ListedLicenseException) GetStandardAdditionTemplate() string { + return o.StandardAdditionTemplate +} + +func (o *ListedLicenseException) SetStandardAdditionTemplate(v string) { + o.StandardAdditionTemplate = v +} + +func (o *ListedLicenseException) GetSeeAlsos() []URI { + return o.SeeAlsos +} + +func (o *ListedLicenseException) SetSeeAlsos(v []URI) { + o.SeeAlsos = v +} + +func (o *ListedLicenseException) GetIsDeprecatedAdditionID() bool { + return o.IsDeprecatedAdditionID +} + +func (o *ListedLicenseException) SetIsDeprecatedAdditionID(v bool) { + o.IsDeprecatedAdditionID = v +} + +func (o *ListedLicenseException) GetDeprecatedVersion() string { + return o.DeprecatedVersion +} + +func (o *ListedLicenseException) SetDeprecatedVersion(v string) { + o.DeprecatedVersion = v +} + +func (o *ListedLicenseException) GetListVersionAdded() string { + return o.ListVersionAdded +} + +func (o *ListedLicenseException) SetListVersionAdded(v string) { + o.ListVersionAdded = v +} + +type ListedLicenseExceptionList []AnyListedLicenseException + +func (v ListedLicenseExceptionList) ListedLicenseExceptions() []AnyListedLicenseException { + return ld.SliceOf[AnyListedLicenseException](v) +} + +type AnyNamespaceMap interface { + asNamespaceMap() + GetNamespace() URI + SetNamespace(URI) + GetPrefix() string + SetPrefix(string) +} + +// NamespaceMap A mapping between prefixes and namespace partial URIs. +type NamespaceMap struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // Namespace Provides an unambiguous mechanism for conveying a URI fragment portion of an Element ID. + Namespace URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Prefix A substitute for a URI. + Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *NamespaceMap) asNamespaceMap() {} +func (o *NamespaceMap) GetNamespace() URI { + return o.Namespace +} + +func (o *NamespaceMap) SetNamespace(v URI) { + o.Namespace = v +} + +func (o *NamespaceMap) GetPrefix() string { + return o.Prefix +} + +func (o *NamespaceMap) SetPrefix(v string) { + o.Prefix = v +} + +type NamespaceMapList []AnyNamespaceMap + +func (v NamespaceMapList) NamespaceMaps() []AnyNamespaceMap { + return ld.SliceOf[AnyNamespaceMap](v) +} + +type AnyOrLaterOperator interface { + AnyExtendableLicense + asOrLaterOperator() + GetSubjectLicense() AnyLicense + SetSubjectLicense(AnyLicense) +} + +// OrLaterOperator Portion of an AnyLicenseInfo representing this version, or any later version, of the indicated License. +type OrLaterOperator struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // SubjectLicense A License participating in an 'or later' model. + SubjectLicense AnyLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` +} + +func (o *OrLaterOperator) asOrLaterOperator() {} +func (o *OrLaterOperator) asExtendableLicense() {} +func (o *OrLaterOperator) asLicenseInfo() {} +func (o *OrLaterOperator) asElement() {} +func (o *OrLaterOperator) GetDescription() string { + return o.Description +} + +func (o *OrLaterOperator) SetDescription(v string) { + o.Description = v +} + +func (o *OrLaterOperator) GetComment() string { + return o.Comment +} + +func (o *OrLaterOperator) SetComment(v string) { + o.Comment = v +} + +func (o *OrLaterOperator) GetName() string { + return o.Name +} + +func (o *OrLaterOperator) SetName(v string) { + o.Name = v +} + +func (o *OrLaterOperator) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *OrLaterOperator) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *OrLaterOperator) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *OrLaterOperator) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *OrLaterOperator) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *OrLaterOperator) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *OrLaterOperator) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *OrLaterOperator) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *OrLaterOperator) GetSummary() string { + return o.Summary +} + +func (o *OrLaterOperator) SetSummary(v string) { + o.Summary = v +} + +func (o *OrLaterOperator) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *OrLaterOperator) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *OrLaterOperator) GetSubjectLicense() AnyLicense { + return o.SubjectLicense +} + +func (o *OrLaterOperator) SetSubjectLicense(v AnyLicense) { + o.SubjectLicense = v +} + +type OrLaterOperatorList []AnyOrLaterOperator + +func (v OrLaterOperatorList) OrLaterOperators() []AnyOrLaterOperator { + return ld.SliceOf[AnyOrLaterOperator](v) +} + +type AnyOrganization interface { + AnyAgent + asOrganization() +} + +// Organization A group of people who work together in an organized way for a shared purpose. +type Organization struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Organization" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` +} + +func (o *Organization) asOrganization() {} +func (o *Organization) asAgent() {} +func (o *Organization) asElement() {} +func (o *Organization) GetDescription() string { + return o.Description +} + +func (o *Organization) SetDescription(v string) { + o.Description = v +} + +func (o *Organization) GetComment() string { + return o.Comment +} + +func (o *Organization) SetComment(v string) { + o.Comment = v +} + +func (o *Organization) GetName() string { + return o.Name +} + +func (o *Organization) SetName(v string) { + o.Name = v +} + +func (o *Organization) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *Organization) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *Organization) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *Organization) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *Organization) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *Organization) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *Organization) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *Organization) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *Organization) GetSummary() string { + return o.Summary +} + +func (o *Organization) SetSummary(v string) { + o.Summary = v +} + +func (o *Organization) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *Organization) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +// Organization_SpdxOrganization An Organization representing the SPDX Project. +var Organization_SpdxOrganization AnyOrganization = &Organization{ + ID: "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", +} + +type OrganizationList []AnyOrganization + +func (v OrganizationList) Organizations() []AnyOrganization { + return ld.SliceOf[AnyOrganization](v) +} + +type AnyPackage interface { + AnySoftwareArtifact + asPackage() + GetSourceInfo() string + SetSourceInfo(string) + GetHomePage() URI + SetHomePage(URI) + GetVersion() string + SetVersion(string) + GetPackageURL() URI + SetPackageURL(URI) + GetDownloadLocation() URI + SetDownloadLocation(URI) +} + +// Package Refers to any unit of content that can be associated with a distribution of software. +type Package struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Package" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be used for verifying its identity and/or integrity. + ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for a software Package, File or Snippet. + AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` + // AdditionalPurposes Provides additional purpose information of the software artifact. + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // PrimaryPurpose Provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // CopyrightText Identifies the text of one or more copyright notices for a software Package, File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` + // SourceInfo Records any relevant background information or additional comments about the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" type:"http://www.w3.org/2001/XMLSchema#string"` + // HomePage A place for the SPDX document creator to record a website that serves as the package's home page. + HomePage URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Version Identify the version of a package. + Version string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageURL Provides a place for the SPDX data creator to record the package URL string (in accordance with the Package URL specification) for a software Package. + PackageURL URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time that the document was created. + DownloadLocation URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` +} + +func (o *Package) asPackage() {} +func (o *Package) asSoftwareArtifact() {} +func (o *Package) asArtifact() {} +func (o *Package) asElement() {} +func (o *Package) GetDescription() string { + return o.Description +} + +func (o *Package) SetDescription(v string) { + o.Description = v +} + +func (o *Package) GetComment() string { + return o.Comment +} + +func (o *Package) SetComment(v string) { + o.Comment = v +} + +func (o *Package) GetName() string { + return o.Name +} + +func (o *Package) SetName(v string) { + o.Name = v +} + +func (o *Package) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *Package) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *Package) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *Package) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *Package) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *Package) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *Package) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *Package) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *Package) GetSummary() string { + return o.Summary +} + +func (o *Package) SetSummary(v string) { + o.Summary = v +} + +func (o *Package) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *Package) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *Package) GetStandardNames() []string { + return o.StandardNames +} + +func (o *Package) SetStandardNames(v []string) { + o.StandardNames = v +} + +func (o *Package) GetBuiltTime() time.Time { + return o.BuiltTime +} + +func (o *Package) SetBuiltTime(v time.Time) { + o.BuiltTime = v +} + +func (o *Package) GetReleaseTime() time.Time { + return o.ReleaseTime +} + +func (o *Package) SetReleaseTime(v time.Time) { + o.ReleaseTime = v +} + +func (o *Package) GetSupportLevels() []SupportType { + return o.SupportLevels +} + +func (o *Package) SetSupportLevels(v []SupportType) { + o.SupportLevels = v +} + +func (o *Package) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *Package) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *Package) GetOriginatedBy() AgentList { + return o.OriginatedBy +} + +func (o *Package) SetOriginatedBy(v AgentList) { + o.OriginatedBy = v +} + +func (o *Package) GetValidUntilTime() time.Time { + return o.ValidUntilTime +} + +func (o *Package) SetValidUntilTime(v time.Time) { + o.ValidUntilTime = v +} + +func (o *Package) GetContentIdentifiers() ContentIdentifierList { + return o.ContentIdentifiers +} + +func (o *Package) SetContentIdentifiers(v ContentIdentifierList) { + o.ContentIdentifiers = v +} + +func (o *Package) GetAttributionTexts() []string { + return o.AttributionTexts +} + +func (o *Package) SetAttributionTexts(v []string) { + o.AttributionTexts = v +} + +func (o *Package) GetAdditionalPurposes() []SoftwarePurpose { + return o.AdditionalPurposes +} + +func (o *Package) SetAdditionalPurposes(v []SoftwarePurpose) { + o.AdditionalPurposes = v +} + +func (o *Package) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} + +func (o *Package) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *Package) GetCopyrightText() string { + return o.CopyrightText +} + +func (o *Package) SetCopyrightText(v string) { + o.CopyrightText = v +} + +func (o *Package) GetSourceInfo() string { + return o.SourceInfo +} + +func (o *Package) SetSourceInfo(v string) { + o.SourceInfo = v +} + +func (o *Package) GetHomePage() URI { + return o.HomePage +} + +func (o *Package) SetHomePage(v URI) { + o.HomePage = v +} + +func (o *Package) GetVersion() string { + return o.Version +} + +func (o *Package) SetVersion(v string) { + o.Version = v +} + +func (o *Package) GetPackageURL() URI { + return o.PackageURL +} + +func (o *Package) SetPackageURL(v URI) { + o.PackageURL = v +} + +func (o *Package) GetDownloadLocation() URI { + return o.DownloadLocation +} + +func (o *Package) SetDownloadLocation(v URI) { + o.DownloadLocation = v +} + +type PackageList []AnyPackage + +func (v PackageList) AIPackages() []AnyAIPackage { + return ld.SliceOf[AnyAIPackage](v) +} + +func (v PackageList) DatasetPackages() []AnyDatasetPackage { + return ld.SliceOf[AnyDatasetPackage](v) +} + +func (v PackageList) Packages() []AnyPackage { + return ld.SliceOf[AnyPackage](v) +} + +type AnyPackageVerificationCode interface { + AnyIntegrityMethod + asPackageVerificationCode() + GetAlgorithm() HashAlgorithm + SetAlgorithm(HashAlgorithm) + GetHashValue() string + SetHashValue(string) + GetExcludedFiles() []string + SetExcludedFiles([]string) +} + +// PackageVerificationCode An SPDX version 2.X compatible verification method for software packages. +type PackageVerificationCode struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Algorithm Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` + // HashValue The result of applying a hash algorithm to an Element. + HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ExcludedFiles The relative file name of a file to be excluded from the `PackageVerificationCode`. + ExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *PackageVerificationCode) asPackageVerificationCode() {} +func (o *PackageVerificationCode) asIntegrityMethod() {} +func (o *PackageVerificationCode) GetComment() string { + return o.Comment +} + +func (o *PackageVerificationCode) SetComment(v string) { + o.Comment = v +} + +func (o *PackageVerificationCode) GetAlgorithm() HashAlgorithm { + return o.Algorithm +} + +func (o *PackageVerificationCode) SetAlgorithm(v HashAlgorithm) { + o.Algorithm = v +} + +func (o *PackageVerificationCode) GetHashValue() string { + return o.HashValue +} + +func (o *PackageVerificationCode) SetHashValue(v string) { + o.HashValue = v +} + +func (o *PackageVerificationCode) GetExcludedFiles() []string { + return o.ExcludedFiles +} + +func (o *PackageVerificationCode) SetExcludedFiles(v []string) { + o.ExcludedFiles = v +} + +type PackageVerificationCodeList []AnyPackageVerificationCode + +func (v PackageVerificationCodeList) PackageVerificationCodes() []AnyPackageVerificationCode { + return ld.SliceOf[AnyPackageVerificationCode](v) +} + +type AnyPerson interface { + AnyAgent + asPerson() +} + +// Person An individual human being. +type Person struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Person" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` +} + +func (o *Person) asPerson() {} +func (o *Person) asAgent() {} +func (o *Person) asElement() {} +func (o *Person) GetDescription() string { + return o.Description +} + +func (o *Person) SetDescription(v string) { + o.Description = v +} + +func (o *Person) GetComment() string { + return o.Comment +} + +func (o *Person) SetComment(v string) { + o.Comment = v +} + +func (o *Person) GetName() string { + return o.Name +} + +func (o *Person) SetName(v string) { + o.Name = v +} + +func (o *Person) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *Person) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *Person) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *Person) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *Person) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *Person) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *Person) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *Person) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *Person) GetSummary() string { + return o.Summary +} + +func (o *Person) SetSummary(v string) { + o.Summary = v +} + +func (o *Person) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *Person) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +type PersonList []AnyPerson + +func (v PersonList) People() []AnyPerson { + return ld.SliceOf[AnyPerson](v) +} + +type AnyPositiveIntegerRange interface { + asPositiveIntegerRange() + GetEndIntegerRange() PositiveInt + SetEndIntegerRange(PositiveInt) + GetBeginIntegerRange() PositiveInt + SetBeginIntegerRange(PositiveInt) +} + +// PositiveIntegerRange A tuple of two positive integers that define a range. +type PositiveIntegerRange struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" node-kind:"http://www.w3.org/ns/shacl#BlankNodeOrIRI"` + ID string `iri:"@id"` + // EndIntegerRange Defines the end of a range. + EndIntegerRange PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` + // BeginIntegerRange Defines the beginning of a range. + BeginIntegerRange PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` +} + +func (o *PositiveIntegerRange) asPositiveIntegerRange() {} +func (o *PositiveIntegerRange) GetEndIntegerRange() PositiveInt { + return o.EndIntegerRange +} + +func (o *PositiveIntegerRange) SetEndIntegerRange(v PositiveInt) { + o.EndIntegerRange = v +} + +func (o *PositiveIntegerRange) GetBeginIntegerRange() PositiveInt { + return o.BeginIntegerRange +} + +func (o *PositiveIntegerRange) SetBeginIntegerRange(v PositiveInt) { + o.BeginIntegerRange = v +} + +type PositiveIntegerRangeList []AnyPositiveIntegerRange + +func (v PositiveIntegerRangeList) PositiveIntegerRanges() []AnyPositiveIntegerRange { + return ld.SliceOf[AnyPositiveIntegerRange](v) +} + +// PresenceType Categories of presence or absence. +type PresenceType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" node-kind:""` + id string `iri:"@id"` +} + +// PresenceType_No Indicates absence of the field. +var PresenceType_No = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", +} + +// PresenceType_NoAssertion Makes no assertion about the field. +var PresenceType_NoAssertion = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", +} + +// PresenceType_Yes Indicates presence of the field. +var PresenceType_Yes = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", +} + +// ProfileIdentifierType Enumeration of the valid profiles. +type ProfileIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" node-kind:""` + id string `iri:"@id"` +} + +// ProfileIdentifierType_Ai the element follows the AI profile specification +var ProfileIdentifierType_Ai = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", +} + +// ProfileIdentifierType_Build the element follows the Build profile specification +var ProfileIdentifierType_Build = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build", +} + +// ProfileIdentifierType_Core the element follows the Core profile specification +var ProfileIdentifierType_Core = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core", +} + +// ProfileIdentifierType_Dataset the element follows the Dataset profile specification +var ProfileIdentifierType_Dataset = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset", +} + +// ProfileIdentifierType_ExpandedLicensing the element follows the ExpandedLicensing profile specification +var ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing", +} + +// ProfileIdentifierType_Extension the element follows the Extension profile specification +var ProfileIdentifierType_Extension = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension", +} + +// ProfileIdentifierType_Lite the element follows the Lite profile specification +var ProfileIdentifierType_Lite = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite", +} + +// ProfileIdentifierType_Security the element follows the Security profile specification +var ProfileIdentifierType_Security = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security", +} + +// ProfileIdentifierType_SimpleLicensing the element follows the SimpleLicensing profile specification +var ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing", +} + +// ProfileIdentifierType_Software the element follows the Software profile specification +var ProfileIdentifierType_Software = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software", +} + +type AnyRelationship interface { + AnyElement + asRelationship() + GetCompleteness() RelationshipCompleteness + SetCompleteness(RelationshipCompleteness) + GetEndTime() time.Time + SetEndTime(time.Time) + GetTo() ElementList + SetTo(ElementList) + GetFrom() AnyElement + SetFrom(AnyElement) + GetType() RelationshipType + SetType(RelationshipType) + GetStartTime() time.Time + SetStartTime(time.Time) +} + +// Relationship Describes a relationship between one or more elements. +type Relationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Relationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} + +func (o *Relationship) asRelationship() {} +func (o *Relationship) asElement() {} +func (o *Relationship) GetDescription() string { + return o.Description +} + +func (o *Relationship) SetDescription(v string) { + o.Description = v +} + +func (o *Relationship) GetComment() string { + return o.Comment +} + +func (o *Relationship) SetComment(v string) { + o.Comment = v +} + +func (o *Relationship) GetName() string { + return o.Name +} + +func (o *Relationship) SetName(v string) { + o.Name = v +} + +func (o *Relationship) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *Relationship) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *Relationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *Relationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *Relationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *Relationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *Relationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *Relationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *Relationship) GetSummary() string { + return o.Summary +} + +func (o *Relationship) SetSummary(v string) { + o.Summary = v +} + +func (o *Relationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *Relationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *Relationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} + +func (o *Relationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *Relationship) GetEndTime() time.Time { + return o.EndTime +} + +func (o *Relationship) SetEndTime(v time.Time) { + o.EndTime = v +} + +func (o *Relationship) GetTo() ElementList { + return o.To +} + +func (o *Relationship) SetTo(v ElementList) { + o.To = v +} + +func (o *Relationship) GetFrom() AnyElement { + return o.From +} + +func (o *Relationship) SetFrom(v AnyElement) { + o.From = v +} + +func (o *Relationship) GetType() RelationshipType { + return o.Type +} + +func (o *Relationship) SetType(v RelationshipType) { + o.Type = v +} + +func (o *Relationship) GetStartTime() time.Time { + return o.StartTime +} + +func (o *Relationship) SetStartTime(v time.Time) { + o.StartTime = v +} + +type RelationshipList []AnyRelationship + +func (v RelationshipList) CvssV2VulnAssessmentRelationships() []AnyCvssV2VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV2VulnAssessmentRelationship](v) +} + +func (v RelationshipList) CvssV3VulnAssessmentRelationships() []AnyCvssV3VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV3VulnAssessmentRelationship](v) +} + +func (v RelationshipList) CvssV4VulnAssessmentRelationships() []AnyCvssV4VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV4VulnAssessmentRelationship](v) +} + +func (v RelationshipList) EpssVulnAssessmentRelationships() []AnyEpssVulnAssessmentRelationship { + return ld.SliceOf[AnyEpssVulnAssessmentRelationship](v) +} + +func (v RelationshipList) ExploitCatalogVulnAssessmentRelationships() []AnyExploitCatalogVulnAssessmentRelationship { + return ld.SliceOf[AnyExploitCatalogVulnAssessmentRelationship](v) +} + +func (v RelationshipList) LifecycleScopedRelationships() []AnyLifecycleScopedRelationship { + return ld.SliceOf[AnyLifecycleScopedRelationship](v) +} + +func (v RelationshipList) Relationships() []AnyRelationship { + return ld.SliceOf[AnyRelationship](v) +} + +func (v RelationshipList) SsvcVulnAssessmentRelationships() []AnySsvcVulnAssessmentRelationship { + return ld.SliceOf[AnySsvcVulnAssessmentRelationship](v) +} + +func (v RelationshipList) VexAffectedVulnAssessmentRelationships() []AnyVexAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexAffectedVulnAssessmentRelationship](v) +} + +func (v RelationshipList) VexFixedVulnAssessmentRelationships() []AnyVexFixedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexFixedVulnAssessmentRelationship](v) +} + +func (v RelationshipList) VexNotAffectedVulnAssessmentRelationships() []AnyVexNotAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexNotAffectedVulnAssessmentRelationship](v) +} + +func (v RelationshipList) VexUnderInvestigationVulnAssessmentRelationships() []AnyVexUnderInvestigationVulnAssessmentRelationship { + return ld.SliceOf[AnyVexUnderInvestigationVulnAssessmentRelationship](v) +} + +func (v RelationshipList) VexVulnAssessmentRelationships() []AnyVexVulnAssessmentRelationship { + return ld.SliceOf[AnyVexVulnAssessmentRelationship](v) +} + +func (v RelationshipList) VulnAssessmentRelationships() []AnyVulnAssessmentRelationship { + return ld.SliceOf[AnyVulnAssessmentRelationship](v) +} + +// RelationshipCompleteness Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. +type RelationshipCompleteness struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" node-kind:""` + id string `iri:"@id"` +} + +// RelationshipCompleteness_Complete The relationship is known to be exhaustive. +var RelationshipCompleteness_Complete = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", +} + +// RelationshipCompleteness_Incomplete The relationship is known not to be exhaustive. +var RelationshipCompleteness_Incomplete = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete", +} + +// RelationshipCompleteness_NoAssertion No assertion can be made about the completeness of the relationship. +var RelationshipCompleteness_NoAssertion = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion", +} + +// RelationshipType Information about the relationship between two Elements. +type RelationshipType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" node-kind:""` + id string `iri:"@id"` +} + +// RelationshipType_Affects The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_Affects = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", +} + +// RelationshipType_AmendedBy The `from` Element is amended by each `to` Element. +var RelationshipType_AmendedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy", +} + +// RelationshipType_AncestorOf The `from` Element is an ancestor of each `to` Element. +var RelationshipType_AncestorOf = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf", +} + +// RelationshipType_AvailableFrom The `from` Element is available from the additional supplier described by each `to` Element. +var RelationshipType_AvailableFrom = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom", +} + +// RelationshipType_Configures The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. +var RelationshipType_Configures = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures", +} + +// RelationshipType_Contains The `from` Element contains each `to` Element. +var RelationshipType_Contains = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains", +} + +// RelationshipType_CoordinatedBy The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). +var RelationshipType_CoordinatedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy", +} + +// RelationshipType_CopiedTo The `from` Element has been copied to each `to` Element. +var RelationshipType_CopiedTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo", +} + +// RelationshipType_DelegatedTo The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). +var RelationshipType_DelegatedTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo", +} + +// RelationshipType_DependsOn The `from` Element depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_DependsOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn", +} + +// RelationshipType_DescendantOf The `from` Element is a descendant of each `to` Element. +var RelationshipType_DescendantOf = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf", +} + +// RelationshipType_Describes The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. +var RelationshipType_Describes = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes", +} + +// RelationshipType_DoesNotAffect The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_DoesNotAffect = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect", +} + +// RelationshipType_ExpandsTo The `from` archive expands out as an artifact described by each `to` Element. +var RelationshipType_ExpandsTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo", +} + +// RelationshipType_ExploitCreatedBy The `from` Vulnerability has had an exploit created against it by each `to` Agent. +var RelationshipType_ExploitCreatedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy", +} + +// RelationshipType_FixedBy Designates a `from` Vulnerability has been fixed by the `to` Agent(s). +var RelationshipType_FixedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy", +} + +// RelationshipType_FixedIn A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. +var RelationshipType_FixedIn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn", +} + +// RelationshipType_FoundBy Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). +var RelationshipType_FoundBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy", +} + +// RelationshipType_Generates The `from` Element generates each `to` Element. +var RelationshipType_Generates = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates", +} + +// RelationshipType_HasAddedFile Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). +var RelationshipType_HasAddedFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile", +} + +// RelationshipType_HasAssessmentFor Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. +var RelationshipType_HasAssessmentFor = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor", +} + +// RelationshipType_HasAssociatedVulnerability Used to associate a `from` Artifact with each `to` Vulnerability. +var RelationshipType_HasAssociatedVulnerability = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability", +} + +// RelationshipType_HasConcludedLicense The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. +var RelationshipType_HasConcludedLicense = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense", +} + +// RelationshipType_HasDataFile The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. +var RelationshipType_HasDataFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile", +} + +// RelationshipType_HasDeclaredLicense The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. +var RelationshipType_HasDeclaredLicense = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense", +} + +// RelationshipType_HasDeletedFile Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). +var RelationshipType_HasDeletedFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile", +} + +// RelationshipType_HasDependencyManifest The `from` Element has manifest files that contain dependency information in each `to` Element. +var RelationshipType_HasDependencyManifest = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest", +} + +// RelationshipType_HasDistributionArtifact The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). +var RelationshipType_HasDistributionArtifact = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact", +} + +// RelationshipType_HasDocumentation The `from` Element is documented by each `to` Element. +var RelationshipType_HasDocumentation = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation", +} + +// RelationshipType_HasDynamicLink The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasDynamicLink = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink", +} + +// RelationshipType_HasEvidence Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). +var RelationshipType_HasEvidence = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence", +} + +// RelationshipType_HasExample Every `to` Element is an example for the `from` Element (`from` hasExample `to`). +var RelationshipType_HasExample = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample", +} + +// RelationshipType_HasHost The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). +var RelationshipType_HasHost = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost", +} + +// RelationshipType_HasInput The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. +var RelationshipType_HasInput = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput", +} + +// RelationshipType_HasMetadata Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). +var RelationshipType_HasMetadata = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata", +} + +// RelationshipType_HasOptionalComponent Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). +var RelationshipType_HasOptionalComponent = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent", +} + +// RelationshipType_HasOptionalDependency The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasOptionalDependency = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency", +} + +// RelationshipType_HasOutput The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. +var RelationshipType_HasOutput = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput", +} + +// RelationshipType_HasPrerequisite The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasPrerequisite = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite", +} + +// RelationshipType_HasProvidedDependency The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. +var RelationshipType_HasProvidedDependency = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency", +} + +// RelationshipType_HasRequirement The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasRequirement = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement", +} + +// RelationshipType_HasSpecification Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. +var RelationshipType_HasSpecification = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification", +} + +// RelationshipType_HasStaticLink The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasStaticLink = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink", +} + +// RelationshipType_HasTest Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. +var RelationshipType_HasTest = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest", +} + +// RelationshipType_HasTestCase Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). +var RelationshipType_HasTestCase = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase", +} + +// RelationshipType_HasVariant Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). +var RelationshipType_HasVariant = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant", +} + +// RelationshipType_InvokedBy The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). +var RelationshipType_InvokedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy", +} + +// RelationshipType_ModifiedBy The `from` Element is modified by each `to` Element. +var RelationshipType_ModifiedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy", +} + +// RelationshipType_Other Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). +var RelationshipType_Other = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other", +} + +// RelationshipType_PackagedBy Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). +var RelationshipType_PackagedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy", +} + +// RelationshipType_PatchedBy Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). +var RelationshipType_PatchedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy", +} + +// RelationshipType_PublishedBy Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. +var RelationshipType_PublishedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy", +} + +// RelationshipType_ReportedBy Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. +var RelationshipType_ReportedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy", +} + +// RelationshipType_RepublishedBy Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. +var RelationshipType_RepublishedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy", +} + +// RelationshipType_SerializedInArtifact The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. +var RelationshipType_SerializedInArtifact = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact", +} + +// RelationshipType_TestedOn The `from` Element has been tested on the `to` Element(s). +var RelationshipType_TestedOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn", +} + +// RelationshipType_TrainedOn The `from` Element has been trained on the `to` Element(s). +var RelationshipType_TrainedOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn", +} + +// RelationshipType_UnderInvestigationFor The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. +var RelationshipType_UnderInvestigationFor = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor", +} + +// RelationshipType_UsesTool The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. +var RelationshipType_UsesTool = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", +} + +type AnySBOM interface { + AnyBOM + asSBOM() + GetSbomTypes() []SbomType + SetSbomTypes([]SbomType) +} + +// SBOM A collection of SPDX Elements describing a single package. +type SBOM struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Sbom" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Elements Refers to one or more Elements that are part of an ElementCollection. + Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // RootElements This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to conform to. + ProfileConformances []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" type:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` + // Context Gives information about the circumstances or unifying properties that Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" type:"http://www.w3.org/2001/XMLSchema#string"` + // SbomTypes Provides information about the type of an SBOM. + SbomTypes []SbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" type:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` +} + +func (o *SBOM) asSBOM() {} +func (o *SBOM) asBOM() {} +func (o *SBOM) asBundle() {} +func (o *SBOM) asElementCollection() {} +func (o *SBOM) asElement() {} +func (o *SBOM) GetDescription() string { + return o.Description +} + +func (o *SBOM) SetDescription(v string) { + o.Description = v +} + +func (o *SBOM) GetComment() string { + return o.Comment +} + +func (o *SBOM) SetComment(v string) { + o.Comment = v +} + +func (o *SBOM) GetName() string { + return o.Name +} + +func (o *SBOM) SetName(v string) { + o.Name = v +} + +func (o *SBOM) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *SBOM) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *SBOM) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *SBOM) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *SBOM) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *SBOM) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *SBOM) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *SBOM) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *SBOM) GetSummary() string { + return o.Summary +} + +func (o *SBOM) SetSummary(v string) { + o.Summary = v +} + +func (o *SBOM) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *SBOM) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *SBOM) GetElements() ElementList { + return o.Elements +} + +func (o *SBOM) SetElements(v ElementList) { + o.Elements = v +} + +func (o *SBOM) GetRootElements() ElementList { + return o.RootElements +} + +func (o *SBOM) SetRootElements(v ElementList) { + o.RootElements = v +} + +func (o *SBOM) GetProfileConformances() []ProfileIdentifierType { + return o.ProfileConformances +} + +func (o *SBOM) SetProfileConformances(v []ProfileIdentifierType) { + o.ProfileConformances = v +} + +func (o *SBOM) GetContext() string { + return o.Context +} + +func (o *SBOM) SetContext(v string) { + o.Context = v +} + +func (o *SBOM) GetSbomTypes() []SbomType { + return o.SbomTypes +} + +func (o *SBOM) SetSbomTypes(v []SbomType) { + o.SbomTypes = v +} + +type SBOMList []AnySBOM + +func (v SBOMList) SBOMs() []AnySBOM { + return ld.SliceOf[AnySBOM](v) +} + +// SafetyRiskAssessmentType Specifies the safety risk level. +type SafetyRiskAssessmentType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" node-kind:""` + id string `iri:"@id"` +} + +// SafetyRiskAssessmentType_High The second-highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_High = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", +} + +// SafetyRiskAssessmentType_Low Low/no risk is posed by an AI system. +var SafetyRiskAssessmentType_Low = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low", +} + +// SafetyRiskAssessmentType_Medium The third-highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_Medium = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium", +} + +// SafetyRiskAssessmentType_Serious The highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", +} + +// SbomType Provides a set of values to be used to describe the common types of SBOMs that tools may create. +type SbomType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType" node-kind:""` + id string `iri:"@id"` +} + +// SbomType_Analyzed SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM. +var SbomType_Analyzed = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", +} + +// SbomType_Build SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. +var SbomType_Build = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build", +} + +// SbomType_Deployed SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. +var SbomType_Deployed = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed", +} + +// SbomType_Design SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. +var SbomType_Design = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design", +} + +// SbomType_Runtime SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM. +var SbomType_Runtime = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime", +} + +// SbomType_Source SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. +var SbomType_Source = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source", +} + +type AnySimpleLicensingText interface { + AnyElement + asSimpleLicensingText() + GetLicenseText() string + SetLicenseText(string) +} + +// SimpleLicensingText A license or addition that is not listed on the SPDX License List. +type SimpleLicensingText struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // LicenseText Identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *SimpleLicensingText) asSimpleLicensingText() {} +func (o *SimpleLicensingText) asElement() {} +func (o *SimpleLicensingText) GetDescription() string { + return o.Description +} + +func (o *SimpleLicensingText) SetDescription(v string) { + o.Description = v +} + +func (o *SimpleLicensingText) GetComment() string { + return o.Comment +} + +func (o *SimpleLicensingText) SetComment(v string) { + o.Comment = v +} + +func (o *SimpleLicensingText) GetName() string { + return o.Name +} + +func (o *SimpleLicensingText) SetName(v string) { + o.Name = v +} + +func (o *SimpleLicensingText) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *SimpleLicensingText) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *SimpleLicensingText) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *SimpleLicensingText) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *SimpleLicensingText) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *SimpleLicensingText) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *SimpleLicensingText) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *SimpleLicensingText) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *SimpleLicensingText) GetSummary() string { + return o.Summary +} + +func (o *SimpleLicensingText) SetSummary(v string) { + o.Summary = v +} + +func (o *SimpleLicensingText) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *SimpleLicensingText) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *SimpleLicensingText) GetLicenseText() string { + return o.LicenseText +} + +func (o *SimpleLicensingText) SetLicenseText(v string) { + o.LicenseText = v +} + +type SimpleLicensingTextList []AnySimpleLicensingText + +func (v SimpleLicensingTextList) SimpleLicensingTexts() []AnySimpleLicensingText { + return ld.SliceOf[AnySimpleLicensingText](v) +} + +type AnySnippet interface { + AnySoftwareArtifact + asSnippet() + GetFromFile() AnyFile + SetFromFile(AnyFile) + GetLineRange() AnyPositiveIntegerRange + SetLineRange(AnyPositiveIntegerRange) + GetByteRange() AnyPositiveIntegerRange + SetByteRange(AnyPositiveIntegerRange) +} + +// Snippet Describes a certain part of a file. +type Snippet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Snippet" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be used for verifying its identity and/or integrity. + ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for a software Package, File or Snippet. + AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` + // AdditionalPurposes Provides additional purpose information of the software artifact. + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // PrimaryPurpose Provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // CopyrightText Identifies the text of one or more copyright notices for a software Package, File or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` + // FromFile Defines the original host file that the snippet information applies to. + FromFile AnyFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + // LineRange Defines the line range in the original host file that the snippet information applies to. + LineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` + // ByteRange Defines the byte range in the original host file that the snippet information applies to. + ByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` +} + +func (o *Snippet) asSnippet() {} +func (o *Snippet) asSoftwareArtifact() {} +func (o *Snippet) asArtifact() {} +func (o *Snippet) asElement() {} +func (o *Snippet) GetDescription() string { + return o.Description +} + +func (o *Snippet) SetDescription(v string) { + o.Description = v +} + +func (o *Snippet) GetComment() string { + return o.Comment +} + +func (o *Snippet) SetComment(v string) { + o.Comment = v +} + +func (o *Snippet) GetName() string { + return o.Name +} + +func (o *Snippet) SetName(v string) { + o.Name = v +} + +func (o *Snippet) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *Snippet) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *Snippet) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *Snippet) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *Snippet) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *Snippet) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *Snippet) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *Snippet) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *Snippet) GetSummary() string { + return o.Summary +} + +func (o *Snippet) SetSummary(v string) { + o.Summary = v +} + +func (o *Snippet) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *Snippet) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *Snippet) GetStandardNames() []string { + return o.StandardNames +} + +func (o *Snippet) SetStandardNames(v []string) { + o.StandardNames = v +} + +func (o *Snippet) GetBuiltTime() time.Time { + return o.BuiltTime +} + +func (o *Snippet) SetBuiltTime(v time.Time) { + o.BuiltTime = v +} + +func (o *Snippet) GetReleaseTime() time.Time { + return o.ReleaseTime +} + +func (o *Snippet) SetReleaseTime(v time.Time) { + o.ReleaseTime = v +} + +func (o *Snippet) GetSupportLevels() []SupportType { + return o.SupportLevels +} + +func (o *Snippet) SetSupportLevels(v []SupportType) { + o.SupportLevels = v +} + +func (o *Snippet) GetSuppliedBy() AnyAgent { + return o.SuppliedBy +} + +func (o *Snippet) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v +} + +func (o *Snippet) GetOriginatedBy() AgentList { + return o.OriginatedBy +} + +func (o *Snippet) SetOriginatedBy(v AgentList) { + o.OriginatedBy = v +} + +func (o *Snippet) GetValidUntilTime() time.Time { + return o.ValidUntilTime +} + +func (o *Snippet) SetValidUntilTime(v time.Time) { + o.ValidUntilTime = v +} + +func (o *Snippet) GetContentIdentifiers() ContentIdentifierList { + return o.ContentIdentifiers +} + +func (o *Snippet) SetContentIdentifiers(v ContentIdentifierList) { + o.ContentIdentifiers = v +} + +func (o *Snippet) GetAttributionTexts() []string { + return o.AttributionTexts +} + +func (o *Snippet) SetAttributionTexts(v []string) { + o.AttributionTexts = v +} + +func (o *Snippet) GetAdditionalPurposes() []SoftwarePurpose { + return o.AdditionalPurposes +} + +func (o *Snippet) SetAdditionalPurposes(v []SoftwarePurpose) { + o.AdditionalPurposes = v +} + +func (o *Snippet) GetPrimaryPurpose() SoftwarePurpose { + return o.PrimaryPurpose +} + +func (o *Snippet) SetPrimaryPurpose(v SoftwarePurpose) { + o.PrimaryPurpose = v +} + +func (o *Snippet) GetCopyrightText() string { + return o.CopyrightText +} + +func (o *Snippet) SetCopyrightText(v string) { + o.CopyrightText = v +} + +func (o *Snippet) GetFromFile() AnyFile { + return o.FromFile +} + +func (o *Snippet) SetFromFile(v AnyFile) { + o.FromFile = v +} + +func (o *Snippet) GetLineRange() AnyPositiveIntegerRange { + return o.LineRange +} + +func (o *Snippet) SetLineRange(v AnyPositiveIntegerRange) { + o.LineRange = v +} + +func (o *Snippet) GetByteRange() AnyPositiveIntegerRange { + return o.ByteRange +} + +func (o *Snippet) SetByteRange(v AnyPositiveIntegerRange) { + o.ByteRange = v +} + +type SnippetList []AnySnippet + +func (v SnippetList) Snippets() []AnySnippet { + return ld.SliceOf[AnySnippet](v) +} + +type AnySoftwareAgent interface { + AnyAgent + asSoftwareAgent() +} + +// SoftwareAgent A software agent. +type SoftwareAgent struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` +} + +func (o *SoftwareAgent) asSoftwareAgent() {} +func (o *SoftwareAgent) asAgent() {} +func (o *SoftwareAgent) asElement() {} +func (o *SoftwareAgent) GetDescription() string { + return o.Description +} + +func (o *SoftwareAgent) SetDescription(v string) { + o.Description = v +} + +func (o *SoftwareAgent) GetComment() string { + return o.Comment +} + +func (o *SoftwareAgent) SetComment(v string) { + o.Comment = v +} + +func (o *SoftwareAgent) GetName() string { + return o.Name +} + +func (o *SoftwareAgent) SetName(v string) { + o.Name = v +} + +func (o *SoftwareAgent) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *SoftwareAgent) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *SoftwareAgent) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *SoftwareAgent) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *SoftwareAgent) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *SoftwareAgent) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *SoftwareAgent) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *SoftwareAgent) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *SoftwareAgent) GetSummary() string { + return o.Summary +} + +func (o *SoftwareAgent) SetSummary(v string) { + o.Summary = v +} + +func (o *SoftwareAgent) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *SoftwareAgent) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +type SoftwareAgentList []AnySoftwareAgent + +func (v SoftwareAgentList) SoftwareAgents() []AnySoftwareAgent { + return ld.SliceOf[AnySoftwareAgent](v) +} + +type AnySoftwareArtifact interface { + AnyArtifact + asSoftwareArtifact() + GetContentIdentifiers() ContentIdentifierList + SetContentIdentifiers(ContentIdentifierList) + GetAttributionTexts() []string + SetAttributionTexts([]string) + GetAdditionalPurposes() []SoftwarePurpose + SetAdditionalPurposes([]SoftwarePurpose) + GetPrimaryPurpose() SoftwarePurpose + SetPrimaryPurpose(SoftwarePurpose) + GetCopyrightText() string + SetCopyrightText(string) +} + +// SoftwareArtifact A distinct article or unit related to Software. +type SoftwareArtifactList []AnySoftwareArtifact + +func (v SoftwareArtifactList) AIPackages() []AnyAIPackage { + return ld.SliceOf[AnyAIPackage](v) +} + +func (v SoftwareArtifactList) DatasetPackages() []AnyDatasetPackage { + return ld.SliceOf[AnyDatasetPackage](v) +} + +func (v SoftwareArtifactList) Files() []AnyFile { + return ld.SliceOf[AnyFile](v) +} + +func (v SoftwareArtifactList) Packages() []AnyPackage { + return ld.SliceOf[AnyPackage](v) +} + +func (v SoftwareArtifactList) Snippets() []AnySnippet { + return ld.SliceOf[AnySnippet](v) +} + +func (v SoftwareArtifactList) SoftwareArtifacts() []AnySoftwareArtifact { + return ld.SliceOf[AnySoftwareArtifact](v) +} + +// SoftwarePurpose Provides information about the primary purpose of an Element. +type SoftwarePurpose struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" node-kind:""` + id string `iri:"@id"` +} + +// SoftwarePurpose_Application The Element is a software application. +var SoftwarePurpose_Application = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", +} + +// SoftwarePurpose_Archive The Element is an archived collection of one or more files (.tar, .zip, etc.). +var SoftwarePurpose_Archive = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", +} + +// SoftwarePurpose_Bom The Element is a bill of materials. +var SoftwarePurpose_Bom = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", +} + +// SoftwarePurpose_Configuration The Element is configuration data. +var SoftwarePurpose_Configuration = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", +} + +// SoftwarePurpose_Container The Element is a container image which can be used by a container runtime application. +var SoftwarePurpose_Container = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", +} + +// SoftwarePurpose_Data The Element is data. +var SoftwarePurpose_Data = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", +} + +// SoftwarePurpose_Device The Element refers to a chipset, processor, or electronic board. +var SoftwarePurpose_Device = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", +} + +// SoftwarePurpose_DeviceDriver The Element represents software that controls hardware devices. +var SoftwarePurpose_DeviceDriver = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", +} + +// SoftwarePurpose_DiskImage The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. +var SoftwarePurpose_DiskImage = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", +} + +// SoftwarePurpose_Documentation The Element is documentation. +var SoftwarePurpose_Documentation = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", +} + +// SoftwarePurpose_Evidence The Element is the evidence that a specification or requirement has been fulfilled. +var SoftwarePurpose_Evidence = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", +} + +// SoftwarePurpose_Executable The Element is an Artifact that can be run on a computer. +var SoftwarePurpose_Executable = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", +} + +// SoftwarePurpose_File The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). +var SoftwarePurpose_File = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", +} + +// SoftwarePurpose_FilesystemImage The Element is a file system image that can be written to a disk (or virtual) partition. +var SoftwarePurpose_FilesystemImage = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", +} + +// SoftwarePurpose_Firmware The Element provides low level control over a device's hardware. +var SoftwarePurpose_Firmware = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", +} + +// SoftwarePurpose_Framework The Element is a software framework. +var SoftwarePurpose_Framework = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", +} + +// SoftwarePurpose_Install The Element is used to install software on disk. +var SoftwarePurpose_Install = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", +} + +// SoftwarePurpose_Library The Element is a software library. +var SoftwarePurpose_Library = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", +} + +// SoftwarePurpose_Manifest The Element is a software manifest. +var SoftwarePurpose_Manifest = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", +} + +// SoftwarePurpose_Model The Element is a machine learning or artificial intelligence model. +var SoftwarePurpose_Model = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", +} + +// SoftwarePurpose_Module The Element is a module of a piece of software. +var SoftwarePurpose_Module = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", +} + +// SoftwarePurpose_OperatingSystem The Element is an operating system. +var SoftwarePurpose_OperatingSystem = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", +} + +// SoftwarePurpose_Other The Element doesn't fit into any of the other categories. +var SoftwarePurpose_Other = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", +} + +// SoftwarePurpose_Patch The Element contains a set of changes to update, fix, or improve another Element. +var SoftwarePurpose_Patch = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", +} + +// SoftwarePurpose_Platform The Element represents a runtime environment. +var SoftwarePurpose_Platform = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", +} + +// SoftwarePurpose_Requirement The Element provides a requirement needed as input for another Element. +var SoftwarePurpose_Requirement = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", +} + +// SoftwarePurpose_Source The Element is a single or a collection of source files. +var SoftwarePurpose_Source = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", +} + +// SoftwarePurpose_Specification The Element is a plan, guideline or strategy how to create, perform or analyze an application. +var SoftwarePurpose_Specification = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", +} + +// SoftwarePurpose_Test The Element is a test used to verify functionality on an software element. +var SoftwarePurpose_Test = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", +} + +type AnySpdxDocument interface { + AnyElementCollection + asSpdxDocument() + GetDataLicense() AnyLicenseInfo + SetDataLicense(AnyLicenseInfo) + GetNamespaceMaps() NamespaceMapList + SetNamespaceMaps(NamespaceMapList) + GetImports() ExternalMapList + SetImports(ExternalMapList) +} + +// SpdxDocument A collection of SPDX Elements that could potentially be serialized. +type SpdxDocument struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Elements Refers to one or more Elements that are part of an ElementCollection. + Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // RootElements This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to conform to. + ProfileConformances []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" type:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` + // DataLicense Provides the license under which the SPDX documentation of the Element can be used. + DataLicense AnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` + // NamespaceMaps Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" type:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` + // Imports Provides an ExternalMap of Element identifiers. + Imports ExternalMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/import" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap"` +} + +func (o *SpdxDocument) asSpdxDocument() {} +func (o *SpdxDocument) asElementCollection() {} +func (o *SpdxDocument) asElement() {} +func (o *SpdxDocument) GetDescription() string { + return o.Description +} + +func (o *SpdxDocument) SetDescription(v string) { + o.Description = v +} + +func (o *SpdxDocument) GetComment() string { + return o.Comment +} + +func (o *SpdxDocument) SetComment(v string) { + o.Comment = v +} + +func (o *SpdxDocument) GetName() string { + return o.Name +} + +func (o *SpdxDocument) SetName(v string) { + o.Name = v +} + +func (o *SpdxDocument) GetExtensions() ExtensionList { + return o.Extensions +} + +func (o *SpdxDocument) SetExtensions(v ExtensionList) { + o.Extensions = v +} + +func (o *SpdxDocument) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo +} + +func (o *SpdxDocument) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v +} + +func (o *SpdxDocument) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} + +func (o *SpdxDocument) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *SpdxDocument) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -func (o *Relationship) asRelationship() *Relationship { - return o +func (o *SpdxDocument) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -type RelationshipList []AnyRelationship +func (o *SpdxDocument) GetSummary() string { + return o.Summary +} -func (o *RelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV2VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) +func (o *SpdxDocument) SetSummary(v string) { + o.Summary = v } -func (o *RelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV3VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +func (o *SpdxDocument) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -func (o *RelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV4VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) +func (o *SpdxDocument) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -func (o *RelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *EpssVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +func (o *SpdxDocument) GetElements() ElementList { + return o.Elements } -func (o *RelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *ExploitCatalogVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) +func (o *SpdxDocument) SetElements(v ElementList) { + o.Elements = v } -func (o *RelationshipList) LifecycleScopedRelationships() ld.TypeSeq[AnyRelationship, *LifecycleScopedRelationship] { - return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) +func (o *SpdxDocument) GetRootElements() ElementList { + return o.RootElements } -func (o *RelationshipList) Relationships() ld.TypeSeq[AnyRelationship, *Relationship] { - return ld.NewTypeSeq(*o, castRelationship) +func (o *SpdxDocument) SetRootElements(v ElementList) { + o.RootElements = v } -func (o *RelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *SsvcVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) +func (o *SpdxDocument) GetProfileConformances() []ProfileIdentifierType { + return o.ProfileConformances } -func (o *RelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +func (o *SpdxDocument) SetProfileConformances(v []ProfileIdentifierType) { + o.ProfileConformances = v } -func (o *RelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexFixedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +func (o *SpdxDocument) GetDataLicense() AnyLicenseInfo { + return o.DataLicense } -func (o *RelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexNotAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +func (o *SpdxDocument) SetDataLicense(v AnyLicenseInfo) { + o.DataLicense = v } -func (o *RelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +func (o *SpdxDocument) GetNamespaceMaps() NamespaceMapList { + return o.NamespaceMaps } -func (o *RelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) +func (o *SpdxDocument) SetNamespaceMaps(v NamespaceMapList) { + o.NamespaceMaps = v } -func (o *RelationshipList) VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) +func (o *SpdxDocument) GetImports() ExternalMapList { + return o.Imports } -// RelationshipCompleteness Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. -type RelationshipCompleteness struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" node-kind:""` +func (o *SpdxDocument) SetImports(v ExternalMapList) { + o.Imports = v +} + +type SpdxDocumentList []AnySpdxDocument + +func (v SpdxDocumentList) SpdxDocuments() []AnySpdxDocument { + return ld.SliceOf[AnySpdxDocument](v) +} + +// SsvcDecisionType Specifies the SSVC decision type. +type SsvcDecisionType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" node-kind:""` id string `iri:"@id"` } -// RelationshipCompleteness_Complete The relationship is known to be exhaustive. -var RelationshipCompleteness_Complete = RelationshipCompleteness{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", +// SsvcDecisionType_Act The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. +var SsvcDecisionType_Act = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", } -// RelationshipCompleteness_Incomplete The relationship is known not to be exhaustive. -var RelationshipCompleteness_Incomplete = RelationshipCompleteness{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete", +// SsvcDecisionType_Attend The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. +var SsvcDecisionType_Attend = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend", } -// RelationshipCompleteness_NoAssertion No assertion can be made about the completeness of the relationship. -var RelationshipCompleteness_NoAssertion = RelationshipCompleteness{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion", +// SsvcDecisionType_Track The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. +var SsvcDecisionType_Track = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track", } -// RelationshipType Information about the relationship between two Elements. -type RelationshipType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" node-kind:""` - id string `iri:"@id"` +// SsvcDecisionType_TrackStar (\"Track\\*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\\* vulnerabilities within standard update timelines. +var SsvcDecisionType_TrackStar = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar", } -// RelationshipType_Affects The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_Affects = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", +type AnySsvcVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship + asSsvcVulnAssessmentRelationship() + GetDecisionType() SsvcDecisionType + SetDecisionType(SsvcDecisionType) } -// RelationshipType_AmendedBy The `from` Element is amended by each `to` Element. -var RelationshipType_AmendedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy", +// SsvcVulnAssessmentRelationship Provides an SSVC assessment for a vulnerability. +type SsvcVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // DecisionType Provide the enumeration of possible decisions in the [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). + DecisionType SsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` } -// RelationshipType_AncestorOf The `from` Element is an ancestor of each `to` Element. -var RelationshipType_AncestorOf = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf", +func (o *SsvcVulnAssessmentRelationship) asSsvcVulnAssessmentRelationship() {} +func (o *SsvcVulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *SsvcVulnAssessmentRelationship) asRelationship() {} +func (o *SsvcVulnAssessmentRelationship) asElement() {} +func (o *SsvcVulnAssessmentRelationship) GetDescription() string { + return o.Description } -// RelationshipType_AvailableFrom The `from` Element is available from the additional supplier described by each `to` Element. -var RelationshipType_AvailableFrom = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom", +func (o *SsvcVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v } -// RelationshipType_Configures The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. -var RelationshipType_Configures = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures", +func (o *SsvcVulnAssessmentRelationship) GetComment() string { + return o.Comment } -// RelationshipType_Contains The `from` Element contains each `to` Element. -var RelationshipType_Contains = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains", +func (o *SsvcVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v } -// RelationshipType_CoordinatedBy The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). -var RelationshipType_CoordinatedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy", +func (o *SsvcVulnAssessmentRelationship) GetName() string { + return o.Name } -// RelationshipType_CopiedTo The `from` Element has been copied to each `to` Element. -var RelationshipType_CopiedTo = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo", +func (o *SsvcVulnAssessmentRelationship) SetName(v string) { + o.Name = v } -// RelationshipType_DelegatedTo The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). -var RelationshipType_DelegatedTo = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo", +func (o *SsvcVulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions } -// RelationshipType_DependsOn The `from` Element depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_DependsOn = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn", +func (o *SsvcVulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v } -// RelationshipType_DescendantOf The `from` Element is a descendant of each `to` Element. -var RelationshipType_DescendantOf = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf", +func (o *SsvcVulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// RelationshipType_Describes The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. -var RelationshipType_Describes = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes", +func (o *SsvcVulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -// RelationshipType_DoesNotAffect The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_DoesNotAffect = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect", +func (o *SsvcVulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -// RelationshipType_ExpandsTo The `from` archive expands out as an artifact described by each `to` Element. -var RelationshipType_ExpandsTo = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo", +func (o *SsvcVulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// RelationshipType_ExploitCreatedBy The `from` Vulnerability has had an exploit created against it by each `to` Agent. -var RelationshipType_ExploitCreatedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy", +func (o *SsvcVulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// RelationshipType_FixedBy Designates a `from` Vulnerability has been fixed by the `to` Agent(s). -var RelationshipType_FixedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy", +func (o *SsvcVulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// RelationshipType_FixedIn A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. -var RelationshipType_FixedIn = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn", +func (o *SsvcVulnAssessmentRelationship) GetSummary() string { + return o.Summary } -// RelationshipType_FoundBy Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). -var RelationshipType_FoundBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy", +func (o *SsvcVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v } -// RelationshipType_Generates The `from` Element generates each `to` Element. -var RelationshipType_Generates = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates", +func (o *SsvcVulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// RelationshipType_HasAddedFile Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). -var RelationshipType_HasAddedFile = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile", +func (o *SsvcVulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -// RelationshipType_HasAssessmentFor Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. -var RelationshipType_HasAssessmentFor = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor", +func (o *SsvcVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness } -// RelationshipType_HasAssociatedVulnerability Used to associate a `from` Artifact with each `to` Vulnerability. -var RelationshipType_HasAssociatedVulnerability = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability", +func (o *SsvcVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v } -// RelationshipType_HasConcludedLicense The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. -var RelationshipType_HasConcludedLicense = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense", +func (o *SsvcVulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime } -// RelationshipType_HasDataFile The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. -var RelationshipType_HasDataFile = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile", +func (o *SsvcVulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v } -// RelationshipType_HasDeclaredLicense The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. -var RelationshipType_HasDeclaredLicense = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense", +func (o *SsvcVulnAssessmentRelationship) GetTo() ElementList { + return o.To } -// RelationshipType_HasDeletedFile Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). -var RelationshipType_HasDeletedFile = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile", +func (o *SsvcVulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v } -// RelationshipType_HasDependencyManifest The `from` Element has manifest files that contain dependency information in each `to` Element. -var RelationshipType_HasDependencyManifest = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest", +func (o *SsvcVulnAssessmentRelationship) GetFrom() AnyElement { + return o.From } -// RelationshipType_HasDistributionArtifact The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). -var RelationshipType_HasDistributionArtifact = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact", +func (o *SsvcVulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v } -// RelationshipType_HasDocumentation The `from` Element is documented by each `to` Element. -var RelationshipType_HasDocumentation = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation", +func (o *SsvcVulnAssessmentRelationship) GetType() RelationshipType { + return o.Type } -// RelationshipType_HasDynamicLink The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasDynamicLink = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink", +func (o *SsvcVulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v } -// RelationshipType_HasEvidence Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). -var RelationshipType_HasEvidence = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence", +func (o *SsvcVulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime } -// RelationshipType_HasExample Every `to` Element is an example for the `from` Element (`from` hasExample `to`). -var RelationshipType_HasExample = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample", +func (o *SsvcVulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v } -// RelationshipType_HasHost The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). -var RelationshipType_HasHost = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost", +func (o *SsvcVulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy } -// RelationshipType_HasInput The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. -var RelationshipType_HasInput = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput", +func (o *SsvcVulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v } -// RelationshipType_HasMetadata Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). -var RelationshipType_HasMetadata = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata", +func (o *SsvcVulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime } -// RelationshipType_HasOptionalComponent Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). -var RelationshipType_HasOptionalComponent = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent", +func (o *SsvcVulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v } -// RelationshipType_HasOptionalDependency The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasOptionalDependency = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency", +func (o *SsvcVulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement } -// RelationshipType_HasOutput The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. -var RelationshipType_HasOutput = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput", +func (o *SsvcVulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v } -// RelationshipType_HasPrerequisite The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasPrerequisite = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite", +func (o *SsvcVulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime } -// RelationshipType_HasProvidedDependency The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. -var RelationshipType_HasProvidedDependency = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency", +func (o *SsvcVulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v } -// RelationshipType_HasRequirement The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasRequirement = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement", +func (o *SsvcVulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime } -// RelationshipType_HasSpecification Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. -var RelationshipType_HasSpecification = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification", +func (o *SsvcVulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v } -// RelationshipType_HasStaticLink The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasStaticLink = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink", +func (o *SsvcVulnAssessmentRelationship) GetDecisionType() SsvcDecisionType { + return o.DecisionType } -// RelationshipType_HasTest Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. -var RelationshipType_HasTest = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest", +func (o *SsvcVulnAssessmentRelationship) SetDecisionType(v SsvcDecisionType) { + o.DecisionType = v } -// RelationshipType_HasTestCase Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). -var RelationshipType_HasTestCase = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase", +type SsvcVulnAssessmentRelationshipList []AnySsvcVulnAssessmentRelationship + +func (v SsvcVulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() []AnySsvcVulnAssessmentRelationship { + return ld.SliceOf[AnySsvcVulnAssessmentRelationship](v) } -// RelationshipType_HasVariant Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). -var RelationshipType_HasVariant = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant", +// SupportType Indicates the type of support that is associated with an artifact. +type SupportType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType" node-kind:""` + id string `iri:"@id"` } -// RelationshipType_InvokedBy The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). -var RelationshipType_InvokedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy", +// SupportType_Deployed in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. +var SupportType_Deployed = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", +} + +// SupportType_Development the artifact is in active development and is not considered ready for formal support from the supplier. +var SupportType_Development = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development", +} + +// SupportType_EndOfSupport there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. +var SupportType_EndOfSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport", +} + +// SupportType_LimitedSupport the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_LimitedSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport", +} + +// SupportType_NoAssertion no assertion about the type of support is made. This is considered the default if no other support type is used. +var SupportType_NoAssertion = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion", } -// RelationshipType_ModifiedBy The `from` Element is modified by each `to` Element. -var RelationshipType_ModifiedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy", +// SupportType_NoSupport there is no support for the artifact from the supplier, consumer assumes any support obligations. +var SupportType_NoSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport", } -// RelationshipType_Other Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). -var RelationshipType_Other = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other", +// SupportType_Support the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_Support = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support", } -// RelationshipType_PackagedBy Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). -var RelationshipType_PackagedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy", +type AnyTool interface { + AnyElement + asTool() } -// RelationshipType_PatchedBy Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). -var RelationshipType_PatchedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy", +// Tool An element of hardware and/or software utilized to carry out a particular function. +type Tool struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Tool" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` } -// RelationshipType_PublishedBy Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. -var RelationshipType_PublishedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy", +func (o *Tool) asTool() {} +func (o *Tool) asElement() {} +func (o *Tool) GetDescription() string { + return o.Description } -// RelationshipType_ReportedBy Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. -var RelationshipType_ReportedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy", +func (o *Tool) SetDescription(v string) { + o.Description = v } -// RelationshipType_RepublishedBy Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. -var RelationshipType_RepublishedBy = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy", +func (o *Tool) GetComment() string { + return o.Comment } -// RelationshipType_SerializedInArtifact The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. -var RelationshipType_SerializedInArtifact = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact", +func (o *Tool) SetComment(v string) { + o.Comment = v } -// RelationshipType_TestedOn The `from` Element has been tested on the `to` Element(s). -var RelationshipType_TestedOn = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn", +func (o *Tool) GetName() string { + return o.Name } -// RelationshipType_TrainedOn The `from` Element has been trained on the `to` Element(s). -var RelationshipType_TrainedOn = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn", +func (o *Tool) SetName(v string) { + o.Name = v } -// RelationshipType_UnderInvestigationFor The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. -var RelationshipType_UnderInvestigationFor = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor", +func (o *Tool) GetExtensions() ExtensionList { + return o.Extensions } -// RelationshipType_UsesTool The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. -var RelationshipType_UsesTool = RelationshipType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", +func (o *Tool) SetExtensions(v ExtensionList) { + o.Extensions = v } -type AnySBOM interface { - AnyBOM - asSBOM() *SBOM +func (o *Tool) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// SBOM A collection of SPDX Elements describing a single package. -type SBOM struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Sbom" node-kind:"http://www.w3.org/ns/shacl#IRI"` - BOM - // SbomTypes Provides information about the type of an SBOM. - SbomTypes []SbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" type:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` +func (o *Tool) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *SBOM) asSBOM() *SBOM { - return o +func (o *Tool) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -type SBOMList []AnySBOM - -func (o *SBOMList) SBOMs() ld.TypeSeq[AnySBOM, *SBOM] { - return ld.NewTypeSeq(*o, castSBOM) +func (o *Tool) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// SafetyRiskAssessmentType Specifies the safety risk level. -type SafetyRiskAssessmentType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" node-kind:""` - id string `iri:"@id"` +func (o *Tool) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// SafetyRiskAssessmentType_High The second-highest level of risk posed by an AI system. -var SafetyRiskAssessmentType_High = SafetyRiskAssessmentType{ - id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", +func (o *Tool) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// SafetyRiskAssessmentType_Low Low/no risk is posed by an AI system. -var SafetyRiskAssessmentType_Low = SafetyRiskAssessmentType{ - id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low", +func (o *Tool) GetSummary() string { + return o.Summary } -// SafetyRiskAssessmentType_Medium The third-highest level of risk posed by an AI system. -var SafetyRiskAssessmentType_Medium = SafetyRiskAssessmentType{ - id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium", +func (o *Tool) SetSummary(v string) { + o.Summary = v } -// SafetyRiskAssessmentType_Serious The highest level of risk posed by an AI system. -var SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{ - id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", +func (o *Tool) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -// SbomType Provides a set of values to be used to describe the common types of SBOMs that tools may create. -type SbomType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType" node-kind:""` - id string `iri:"@id"` +func (o *Tool) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -// SbomType_Analyzed SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM. -var SbomType_Analyzed = SbomType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", +type ToolList []AnyTool + +func (v ToolList) Tools() []AnyTool { + return ld.SliceOf[AnyTool](v) } -// SbomType_Build SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. -var SbomType_Build = SbomType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build", +type AnyVexAffectedVulnAssessmentRelationship interface { + AnyVexVulnAssessmentRelationship + asVexAffectedVulnAssessmentRelationship() + GetActionStatement() string + SetActionStatement(string) + GetActionStatementTime() time.Time + SetActionStatementTime(time.Time) } -// SbomType_Deployed SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. -var SbomType_Deployed = SbomType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed", +// VexAffectedVulnAssessmentRelationship Connects a vulnerability and an element designating the element as a product affected by the vulnerability. +type VexAffectedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // StatusNotes Conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` + // VexVersion Specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // ActionStatement Provides advise on how to mitigate or remediate a vulnerability when a VEX product is affected by it. + ActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ActionStatementTime Records the time when a recommended action was communicated in a VEX statement to mitigate a vulnerability. + ActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` } -// SbomType_Design SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. -var SbomType_Design = SbomType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design", +func (o *VexAffectedVulnAssessmentRelationship) asVexAffectedVulnAssessmentRelationship() {} +func (o *VexAffectedVulnAssessmentRelationship) asVexVulnAssessmentRelationship() {} +func (o *VexAffectedVulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *VexAffectedVulnAssessmentRelationship) asRelationship() {} +func (o *VexAffectedVulnAssessmentRelationship) asElement() {} +func (o *VexAffectedVulnAssessmentRelationship) GetDescription() string { + return o.Description } -// SbomType_Runtime SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM. -var SbomType_Runtime = SbomType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime", +func (o *VexAffectedVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v } -// SbomType_Source SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. -var SbomType_Source = SbomType{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source", +func (o *VexAffectedVulnAssessmentRelationship) GetComment() string { + return o.Comment } -type AnySimpleLicensingText interface { - AnyElement - asSimpleLicensingText() *SimpleLicensingText +func (o *VexAffectedVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v } -// SimpleLicensingText A license or addition that is not listed on the SPDX License List. -type SimpleLicensingText struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Element - // LicenseText Identifies the full text of a License or Addition. - LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *VexAffectedVulnAssessmentRelationship) GetName() string { + return o.Name } -func (o *SimpleLicensingText) asSimpleLicensingText() *SimpleLicensingText { - return o +func (o *VexAffectedVulnAssessmentRelationship) SetName(v string) { + o.Name = v } -type SimpleLicensingTextList []AnySimpleLicensingText +func (o *VexAffectedVulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions +} -func (o *SimpleLicensingTextList) SimpleLicensingTexts() ld.TypeSeq[AnySimpleLicensingText, *SimpleLicensingText] { - return ld.NewTypeSeq(*o, castSimpleLicensingText) +func (o *VexAffectedVulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v } -type AnySnippet interface { - AnySoftwareArtifact - asSnippet() *Snippet +func (o *VexAffectedVulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// Snippet Describes a certain part of a file. -type Snippet struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Snippet" node-kind:"http://www.w3.org/ns/shacl#IRI"` - SoftwareArtifact - // FromFile Defines the original host file that the snippet information applies to. - FromFile AnyFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/File"` - // LineRange Defines the line range in the original host file that the snippet information applies to. - LineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` - // ByteRange Defines the byte range in the original host file that the snippet information applies to. - ByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` +func (o *VexAffectedVulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *Snippet) asSnippet() *Snippet { - return o +func (o *VexAffectedVulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -type SnippetList []AnySnippet +func (o *VexAffectedVulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} -func (o *SnippetList) Snippets() ld.TypeSeq[AnySnippet, *Snippet] { - return ld.NewTypeSeq(*o, castSnippet) +func (o *VexAffectedVulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -type AnySoftwareAgent interface { - AnyAgent - asSoftwareAgent() *SoftwareAgent +func (o *VexAffectedVulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// SoftwareAgent A software agent. -type SoftwareAgent struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Agent +func (o *VexAffectedVulnAssessmentRelationship) GetSummary() string { + return o.Summary } -func (o *SoftwareAgent) asSoftwareAgent() *SoftwareAgent { - return o +func (o *VexAffectedVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v } -type SoftwareAgentList []AnySoftwareAgent +func (o *VexAffectedVulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} -func (o *SoftwareAgentList) SoftwareAgents() ld.TypeSeq[AnySoftwareAgent, *SoftwareAgent] { - return ld.NewTypeSeq(*o, castSoftwareAgent) +func (o *VexAffectedVulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -type AnySoftwareArtifact interface { - AnyArtifact - asSoftwareArtifact() *SoftwareArtifact +func (o *VexAffectedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness } -// SoftwareArtifact A distinct article or unit related to Software. -type SoftwareArtifact struct { - Artifact - // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be used for verifying its identity and/or integrity. - ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` - // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for a software Package, File or Snippet. - AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` - // AdditionalPurposes Provides additional purpose information of the software artifact. - AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` - // PrimaryPurpose Provides information about the primary purpose of the software artifact. - PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` - // CopyrightText Identifies the text of one or more copyright notices for a software Package, File or Snippet, if any. - CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *VexAffectedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v } -func (o *SoftwareArtifact) asSoftwareArtifact() *SoftwareArtifact { - return o +func (o *VexAffectedVulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime } -type SoftwareArtifactList []AnySoftwareArtifact +func (o *VexAffectedVulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v +} -func (o *SoftwareArtifactList) AIPackages() ld.TypeSeq[AnySoftwareArtifact, *AIPackage] { - return ld.NewTypeSeq(*o, castAIPackage) +func (o *VexAffectedVulnAssessmentRelationship) GetTo() ElementList { + return o.To } -func (o *SoftwareArtifactList) DatasetPackages() ld.TypeSeq[AnySoftwareArtifact, *DatasetPackage] { - return ld.NewTypeSeq(*o, castDatasetPackage) +func (o *VexAffectedVulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v } -func (o *SoftwareArtifactList) Files() ld.TypeSeq[AnySoftwareArtifact, *File] { - return ld.NewTypeSeq(*o, castFile) +func (o *VexAffectedVulnAssessmentRelationship) GetFrom() AnyElement { + return o.From } -func (o *SoftwareArtifactList) Packages() ld.TypeSeq[AnySoftwareArtifact, *Package] { - return ld.NewTypeSeq(*o, castPackage) +func (o *VexAffectedVulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v } -func (o *SoftwareArtifactList) Snippets() ld.TypeSeq[AnySoftwareArtifact, *Snippet] { - return ld.NewTypeSeq(*o, castSnippet) +func (o *VexAffectedVulnAssessmentRelationship) GetType() RelationshipType { + return o.Type } -func (o *SoftwareArtifactList) SoftwareArtifacts() ld.TypeSeq[AnySoftwareArtifact, *SoftwareArtifact] { - return ld.NewTypeSeq(*o, castSoftwareArtifact) +func (o *VexAffectedVulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v } -// SoftwarePurpose Provides information about the primary purpose of an Element. -type SoftwarePurpose struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" node-kind:""` - id string `iri:"@id"` +func (o *VexAffectedVulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime } -// SoftwarePurpose_Application The Element is a software application. -var SoftwarePurpose_Application = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", +func (o *VexAffectedVulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v } -// SoftwarePurpose_Archive The Element is an archived collection of one or more files (.tar, .zip, etc.). -var SoftwarePurpose_Archive = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", +func (o *VexAffectedVulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy } -// SoftwarePurpose_Bom The Element is a bill of materials. -var SoftwarePurpose_Bom = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", +func (o *VexAffectedVulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v } -// SoftwarePurpose_Configuration The Element is configuration data. -var SoftwarePurpose_Configuration = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", +func (o *VexAffectedVulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime } -// SoftwarePurpose_Container The Element is a container image which can be used by a container runtime application. -var SoftwarePurpose_Container = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", +func (o *VexAffectedVulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v } -// SoftwarePurpose_Data The Element is data. -var SoftwarePurpose_Data = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", +func (o *VexAffectedVulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement } -// SoftwarePurpose_Device The Element refers to a chipset, processor, or electronic board. -var SoftwarePurpose_Device = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", +func (o *VexAffectedVulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v } -// SoftwarePurpose_DeviceDriver The Element represents software that controls hardware devices. -var SoftwarePurpose_DeviceDriver = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", +func (o *VexAffectedVulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime } -// SoftwarePurpose_DiskImage The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. -var SoftwarePurpose_DiskImage = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", +func (o *VexAffectedVulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v } -// SoftwarePurpose_Documentation The Element is documentation. -var SoftwarePurpose_Documentation = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", +func (o *VexAffectedVulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime } -// SoftwarePurpose_Evidence The Element is the evidence that a specification or requirement has been fulfilled. -var SoftwarePurpose_Evidence = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", +func (o *VexAffectedVulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v } -// SoftwarePurpose_Executable The Element is an Artifact that can be run on a computer. -var SoftwarePurpose_Executable = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", +func (o *VexAffectedVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes } -// SoftwarePurpose_File The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). -var SoftwarePurpose_File = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", +func (o *VexAffectedVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v } -// SoftwarePurpose_FilesystemImage The Element is a file system image that can be written to a disk (or virtual) partition. -var SoftwarePurpose_FilesystemImage = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", +func (o *VexAffectedVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion } -// SoftwarePurpose_Firmware The Element provides low level control over a device's hardware. -var SoftwarePurpose_Firmware = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", +func (o *VexAffectedVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v } -// SoftwarePurpose_Framework The Element is a software framework. -var SoftwarePurpose_Framework = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", +func (o *VexAffectedVulnAssessmentRelationship) GetActionStatement() string { + return o.ActionStatement } -// SoftwarePurpose_Install The Element is used to install software on disk. -var SoftwarePurpose_Install = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", +func (o *VexAffectedVulnAssessmentRelationship) SetActionStatement(v string) { + o.ActionStatement = v } -// SoftwarePurpose_Library The Element is a software library. -var SoftwarePurpose_Library = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", +func (o *VexAffectedVulnAssessmentRelationship) GetActionStatementTime() time.Time { + return o.ActionStatementTime } -// SoftwarePurpose_Manifest The Element is a software manifest. -var SoftwarePurpose_Manifest = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", +func (o *VexAffectedVulnAssessmentRelationship) SetActionStatementTime(v time.Time) { + o.ActionStatementTime = v } -// SoftwarePurpose_Model The Element is a machine learning or artificial intelligence model. -var SoftwarePurpose_Model = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", +type VexAffectedVulnAssessmentRelationshipList []AnyVexAffectedVulnAssessmentRelationship + +func (v VexAffectedVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() []AnyVexAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexAffectedVulnAssessmentRelationship](v) } -// SoftwarePurpose_Module The Element is a module of a piece of software. -var SoftwarePurpose_Module = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", +type AnyVexFixedVulnAssessmentRelationship interface { + AnyVexVulnAssessmentRelationship + asVexFixedVulnAssessmentRelationship() } -// SoftwarePurpose_OperatingSystem The Element is an operating system. -var SoftwarePurpose_OperatingSystem = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", +// VexFixedVulnAssessmentRelationship Links a vulnerability and elements representing products (in the VEX sense) where a fix has been applied and are no longer affected. +type VexFixedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // StatusNotes Conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` + // VexVersion Specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" type:"http://www.w3.org/2001/XMLSchema#string"` } -// SoftwarePurpose_Other The Element doesn't fit into any of the other categories. -var SoftwarePurpose_Other = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", +func (o *VexFixedVulnAssessmentRelationship) asVexFixedVulnAssessmentRelationship() {} +func (o *VexFixedVulnAssessmentRelationship) asVexVulnAssessmentRelationship() {} +func (o *VexFixedVulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *VexFixedVulnAssessmentRelationship) asRelationship() {} +func (o *VexFixedVulnAssessmentRelationship) asElement() {} +func (o *VexFixedVulnAssessmentRelationship) GetDescription() string { + return o.Description } -// SoftwarePurpose_Patch The Element contains a set of changes to update, fix, or improve another Element. -var SoftwarePurpose_Patch = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", +func (o *VexFixedVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v } -// SoftwarePurpose_Platform The Element represents a runtime environment. -var SoftwarePurpose_Platform = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", +func (o *VexFixedVulnAssessmentRelationship) GetComment() string { + return o.Comment } -// SoftwarePurpose_Requirement The Element provides a requirement needed as input for another Element. -var SoftwarePurpose_Requirement = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", +func (o *VexFixedVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v } -// SoftwarePurpose_Source The Element is a single or a collection of source files. -var SoftwarePurpose_Source = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", +func (o *VexFixedVulnAssessmentRelationship) GetName() string { + return o.Name } -// SoftwarePurpose_Specification The Element is a plan, guideline or strategy how to create, perform or analyze an application. -var SoftwarePurpose_Specification = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", +func (o *VexFixedVulnAssessmentRelationship) SetName(v string) { + o.Name = v } -// SoftwarePurpose_Test The Element is a test used to verify functionality on an software element. -var SoftwarePurpose_Test = SoftwarePurpose{ - id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", +func (o *VexFixedVulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions } -type AnySpdxDocument interface { - AnyElementCollection - asSpdxDocument() *SpdxDocument +func (o *VexFixedVulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v } -// SpdxDocument A collection of SPDX Elements that could potentially be serialized. -type SpdxDocument struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument" node-kind:"http://www.w3.org/ns/shacl#IRI"` - ElementCollection - // DataLicense Provides the license under which the SPDX documentation of the Element can be used. - DataLicense AnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` - // NamespaceMaps Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" type:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` - // Imports Provides an ExternalMap of Element identifiers. - Imports ExternalMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/import" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap"` +func (o *VexFixedVulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -func (o *SpdxDocument) asSpdxDocument() *SpdxDocument { - return o +func (o *VexFixedVulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -type SpdxDocumentList []AnySpdxDocument +func (o *VexFixedVulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers +} -func (o *SpdxDocumentList) SpdxDocuments() ld.TypeSeq[AnySpdxDocument, *SpdxDocument] { - return ld.NewTypeSeq(*o, castSpdxDocument) +func (o *VexFixedVulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -// SsvcDecisionType Specifies the SSVC decision type. -type SsvcDecisionType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" node-kind:""` - id string `iri:"@id"` +func (o *VexFixedVulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -// SsvcDecisionType_Act The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. -var SsvcDecisionType_Act = SsvcDecisionType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", +func (o *VexFixedVulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -// SsvcDecisionType_Attend The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. -var SsvcDecisionType_Attend = SsvcDecisionType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend", +func (o *VexFixedVulnAssessmentRelationship) GetSummary() string { + return o.Summary } -// SsvcDecisionType_Track The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. -var SsvcDecisionType_Track = SsvcDecisionType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track", +func (o *VexFixedVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v } -// SsvcDecisionType_TrackStar (\"Track\\*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\\* vulnerabilities within standard update timelines. -var SsvcDecisionType_TrackStar = SsvcDecisionType{ - id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar", +func (o *VexFixedVulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -type AnySsvcVulnAssessmentRelationship interface { - AnyVulnAssessmentRelationship - asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship +func (o *VexFixedVulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -// SsvcVulnAssessmentRelationship Provides an SSVC assessment for a vulnerability. -type SsvcVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VulnAssessmentRelationship - // DecisionType Provide the enumeration of possible decisions in the [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). - DecisionType SsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` +func (o *VexFixedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness } -func (o *SsvcVulnAssessmentRelationship) asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship { - return o +func (o *VexFixedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v } -type SsvcVulnAssessmentRelationshipList []AnySsvcVulnAssessmentRelationship +func (o *VexFixedVulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime +} -func (o *SsvcVulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnySsvcVulnAssessmentRelationship, *SsvcVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) +func (o *VexFixedVulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v } -// SupportType Indicates the type of support that is associated with an artifact. -type SupportType struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType" node-kind:""` - id string `iri:"@id"` +func (o *VexFixedVulnAssessmentRelationship) GetTo() ElementList { + return o.To } -// SupportType_Deployed in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. -var SupportType_Deployed = SupportType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", +func (o *VexFixedVulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v } -// SupportType_Development the artifact is in active development and is not considered ready for formal support from the supplier. -var SupportType_Development = SupportType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development", +func (o *VexFixedVulnAssessmentRelationship) GetFrom() AnyElement { + return o.From } -// SupportType_EndOfSupport there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. -var SupportType_EndOfSupport = SupportType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport", +func (o *VexFixedVulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v } -// SupportType_LimitedSupport the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_LimitedSupport = SupportType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport", +func (o *VexFixedVulnAssessmentRelationship) GetType() RelationshipType { + return o.Type } -// SupportType_NoAssertion no assertion about the type of support is made. This is considered the default if no other support type is used. -var SupportType_NoAssertion = SupportType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion", +func (o *VexFixedVulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v } -// SupportType_NoSupport there is no support for the artifact from the supplier, consumer assumes any support obligations. -var SupportType_NoSupport = SupportType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport", +func (o *VexFixedVulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime } -// SupportType_Support the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_Support = SupportType{ - id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support", +func (o *VexFixedVulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v } -type AnyTool interface { - AnyElement - asTool() *Tool +func (o *VexFixedVulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy } -// Tool An element of hardware and/or software utilized to carry out a particular function. -type Tool struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Tool" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Element +func (o *VexFixedVulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v } -func (o *Tool) asTool() *Tool { - return o +func (o *VexFixedVulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime } -type ToolList []AnyTool +func (o *VexFixedVulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v +} -func (o *ToolList) Tools() ld.TypeSeq[AnyTool, *Tool] { - return ld.NewTypeSeq(*o, castTool) +func (o *VexFixedVulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement } -type AnyVexAffectedVulnAssessmentRelationship interface { - AnyVexVulnAssessmentRelationship - asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship +func (o *VexFixedVulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v } -// VexAffectedVulnAssessmentRelationship Connects a vulnerability and an element designating the element as a product affected by the vulnerability. -type VexAffectedVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VexVulnAssessmentRelationship - // ActionStatement Provides advise on how to mitigate or remediate a vulnerability when a VEX product is affected by it. - ActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` - // ActionStatementTime Records the time when a recommended action was communicated in a VEX statement to mitigate a vulnerability. - ActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +func (o *VexFixedVulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime } -func (o *VexAffectedVulnAssessmentRelationship) asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship { - return o +func (o *VexFixedVulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v } -type VexAffectedVulnAssessmentRelationshipList []AnyVexAffectedVulnAssessmentRelationship +func (o *VexFixedVulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime +} -func (o *VexAffectedVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexAffectedVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +func (o *VexFixedVulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v } -type AnyVexFixedVulnAssessmentRelationship interface { - AnyVexVulnAssessmentRelationship - asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship +func (o *VexFixedVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes } -// VexFixedVulnAssessmentRelationship Links a vulnerability and elements representing products (in the VEX sense) where a fix has been applied and are no longer affected. -type VexFixedVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VexVulnAssessmentRelationship +func (o *VexFixedVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v +} + +func (o *VexFixedVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion } -func (o *VexFixedVulnAssessmentRelationship) asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship { - return o +func (o *VexFixedVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v } type VexFixedVulnAssessmentRelationshipList []AnyVexFixedVulnAssessmentRelationship -func (o *VexFixedVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVexFixedVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +func (v VexFixedVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() []AnyVexFixedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexFixedVulnAssessmentRelationship](v) } // VexJustificationType Specifies the VEX justification type. @@ -3478,13 +10110,63 @@ var VexJustificationType_VulnerableCodeNotPresent = VexJustificationType{ type AnyVexNotAffectedVulnAssessmentRelationship interface { AnyVexVulnAssessmentRelationship - asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship + asVexNotAffectedVulnAssessmentRelationship() + GetImpactStatementTime() time.Time + SetImpactStatementTime(time.Time) + GetImpactStatement() string + SetImpactStatement(string) + GetJustificationType() VexJustificationType + SetJustificationType(VexJustificationType) } // VexNotAffectedVulnAssessmentRelationship Links a vulnerability and one or more elements designating the latter as products not affected by the vulnerability. type VexNotAffectedVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VexVulnAssessmentRelationship + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // StatusNotes Conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` + // VexVersion Specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" type:"http://www.w3.org/2001/XMLSchema#string"` // ImpactStatementTime Timestamp of impact statement. ImpactStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` // ImpactStatement Explains why a VEX product is not affected by a vulnerability. It is an alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable justification label. @@ -3493,1239 +10175,923 @@ type VexNotAffectedVulnAssessmentRelationship struct { JustificationType VexJustificationType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/justificationType" type:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType"` } -func (o *VexNotAffectedVulnAssessmentRelationship) asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship { - return o +func (o *VexNotAffectedVulnAssessmentRelationship) asVexNotAffectedVulnAssessmentRelationship() {} +func (o *VexNotAffectedVulnAssessmentRelationship) asVexVulnAssessmentRelationship() {} +func (o *VexNotAffectedVulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *VexNotAffectedVulnAssessmentRelationship) asRelationship() {} +func (o *VexNotAffectedVulnAssessmentRelationship) asElement() {} +func (o *VexNotAffectedVulnAssessmentRelationship) GetDescription() string { + return o.Description } -type VexNotAffectedVulnAssessmentRelationshipList []AnyVexNotAffectedVulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v +} -func (o *VexNotAffectedVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexNotAffectedVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetComment() string { + return o.Comment } -type AnyVexUnderInvestigationVulnAssessmentRelationship interface { - AnyVexVulnAssessmentRelationship - asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v } -// VexUnderInvestigationVulnAssessmentRelationship Designates elements as products where the impact of a vulnerability is being investigated. -type VexUnderInvestigationVulnAssessmentRelationship struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` - VexVulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) GetName() string { + return o.Name } -func (o *VexUnderInvestigationVulnAssessmentRelationship) asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship { - return o +func (o *VexNotAffectedVulnAssessmentRelationship) SetName(v string) { + o.Name = v } -type VexUnderInvestigationVulnAssessmentRelationshipList []AnyVexUnderInvestigationVulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions +} -func (o *VexUnderInvestigationVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVexUnderInvestigationVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v } -type AnyVexVulnAssessmentRelationship interface { - AnyVulnAssessmentRelationship - asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -// VexVulnAssessmentRelationship Abstract ancestor class for all VEX relationships -type VexVulnAssessmentRelationship struct { - VulnAssessmentRelationship - // StatusNotes Conveys information about how VEX status was determined. - StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` - // VexVersion Specifies the version of a VEX statement. - VexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +func (o *VexNotAffectedVulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *VexVulnAssessmentRelationship) asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship { - return o +func (o *VexNotAffectedVulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -type VexVulnAssessmentRelationshipList []AnyVexVulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs +} + +func (o *VexNotAffectedVulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetSummary() string { + return o.Summary +} + +func (o *VexNotAffectedVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing +} + +func (o *VexNotAffectedVulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness +} + +func (o *VexNotAffectedVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v +} + +func (o *VexNotAffectedVulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime +} -func (o *VexVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v } -func (o *VexVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetTo() ElementList { + return o.To } -func (o *VexVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v } -func (o *VexVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetFrom() AnyElement { + return o.From } -func (o *VexVulnAssessmentRelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v } -type AnyVulnAssessmentRelationship interface { - AnyRelationship - asVulnAssessmentRelationship() *VulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) GetType() RelationshipType { + return o.Type } -// VulnAssessmentRelationship Abstract ancestor class for all vulnerability assessments -type VulnAssessmentRelationship struct { - Relationship - // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. - SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` - // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. - WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. - AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` - // PublishedTime Specifies the time when a vulnerability was published. - PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // ModifiedTime Specifies a time when a vulnerability assessment was modified - ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +func (o *VexNotAffectedVulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v } -func (o *VulnAssessmentRelationship) asVulnAssessmentRelationship() *VulnAssessmentRelationship { - return o +func (o *VexNotAffectedVulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime } -type VulnAssessmentRelationshipList []AnyVulnAssessmentRelationship +func (o *VexNotAffectedVulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v +} -func (o *VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV2VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy } -func (o *VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV3VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v } -func (o *VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV4VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime } -func (o *VulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *EpssVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v } -func (o *VulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *ExploitCatalogVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement } -func (o *VulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *SsvcVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v } -func (o *VulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime } -func (o *VulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v } -func (o *VulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime } -func (o *VulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v } -func (o *VulnAssessmentRelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexVulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes } -func (o *VulnAssessmentRelationshipList) VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VulnAssessmentRelationship] { - return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) +func (o *VexNotAffectedVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v } -type AnyVulnerability interface { - AnyArtifact - asVulnerability() *Vulnerability +func (o *VexNotAffectedVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion } -// Vulnerability Specifies a vulnerability and its associated information. -type Vulnerability struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability" node-kind:"http://www.w3.org/ns/shacl#IRI"` - Artifact - // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. - WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // ModifiedTime Specifies a time when a vulnerability assessment was modified - ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` - // PublishedTime Specifies the time when a vulnerability was published. - PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +func (o *VexNotAffectedVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v } -func (o *Vulnerability) asVulnerability() *Vulnerability { - return o +func (o *VexNotAffectedVulnAssessmentRelationship) GetImpactStatementTime() time.Time { + return o.ImpactStatementTime } -type VulnerabilityList []AnyVulnerability +func (o *VexNotAffectedVulnAssessmentRelationship) SetImpactStatementTime(v time.Time) { + o.ImpactStatementTime = v +} -func (o *VulnerabilityList) Vulnerabilities() ld.TypeSeq[AnyVulnerability, *Vulnerability] { - return ld.NewTypeSeq(*o, castVulnerability) +func (o *VexNotAffectedVulnAssessmentRelationship) GetImpactStatement() string { + return o.ImpactStatement } -type AnyWithAdditionOperator interface { - AnyLicenseInfo - asWithAdditionOperator() *WithAdditionOperator +func (o *VexNotAffectedVulnAssessmentRelationship) SetImpactStatement(v string) { + o.ImpactStatement = v } -// WithAdditionOperator Portion of an AnyLicenseInfo representing a License which has additional text applied to it. -type WithAdditionOperator struct { - _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator" node-kind:"http://www.w3.org/ns/shacl#IRI"` - LicenseInfo - // SubjectExtendableLicense A License participating in a 'with addition' model. - SubjectExtendableLicense AnyExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` - // SubjectAddition A LicenseAddition participating in a 'with addition' model. - SubjectAddition AnyLicenseAddition `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition"` +func (o *VexNotAffectedVulnAssessmentRelationship) GetJustificationType() VexJustificationType { + return o.JustificationType } -func (o *WithAdditionOperator) asWithAdditionOperator() *WithAdditionOperator { - return o +func (o *VexNotAffectedVulnAssessmentRelationship) SetJustificationType(v VexJustificationType) { + o.JustificationType = v } -type WithAdditionOperatorList []AnyWithAdditionOperator +type VexNotAffectedVulnAssessmentRelationshipList []AnyVexNotAffectedVulnAssessmentRelationship -func (o *WithAdditionOperatorList) WithAdditionOperators() ld.TypeSeq[AnyWithAdditionOperator, *WithAdditionOperator] { - return ld.NewTypeSeq(*o, castWithAdditionOperator) +func (v VexNotAffectedVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() []AnyVexNotAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexNotAffectedVulnAssessmentRelationship](v) } -type ExternalIRI struct { - id string `iri:"@id"` - value any +type AnyVexUnderInvestigationVulnAssessmentRelationship interface { + AnyVexVulnAssessmentRelationship + asVexUnderInvestigationVulnAssessmentRelationship() } -func NewExternalIRI(id string) *ExternalIRI { - return &ExternalIRI{ - id: id, - } +// VexUnderInvestigationVulnAssessmentRelationship Designates elements as products where the impact of a vulnerability is being investigated. +type VexUnderInvestigationVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // Type Information about the relationship between two Elements. + Type RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was found. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // StatusNotes Conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` + // VexVersion Specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *ExternalIRI) asAIPackage() *AIPackage { - return castAIPackage(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) asVexUnderInvestigationVulnAssessmentRelationship() { } - -func (o *ExternalIRI) asAgent() *Agent { - return castAgent(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) asVexVulnAssessmentRelationship() {} +func (o *VexUnderInvestigationVulnAssessmentRelationship) asVulnAssessmentRelationship() {} +func (o *VexUnderInvestigationVulnAssessmentRelationship) asRelationship() {} +func (o *VexUnderInvestigationVulnAssessmentRelationship) asElement() {} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetDescription() string { + return o.Description } -func (o *ExternalIRI) asAnnotation() *Annotation { - return castAnnotation(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetDescription(v string) { + o.Description = v } -func (o *ExternalIRI) asArtifact() *Artifact { - return castArtifact(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetComment() string { + return o.Comment } -func (o *ExternalIRI) asBOM() *BOM { - return castBOM(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetComment(v string) { + o.Comment = v } -func (o *ExternalIRI) asBuild() *Build { - return castBuild(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetName() string { + return o.Name } -func (o *ExternalIRI) asBundle() *Bundle { - return castBundle(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetName(v string) { + o.Name = v } -func (o *ExternalIRI) asCdxPropertiesExtension() *CdxPropertiesExtension { - return castCdxPropertiesExtension(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExtensions() ExtensionList { + return o.Extensions } -func (o *ExternalIRI) asCdxPropertyEntry() *CdxPropertyEntry { - return castCdxPropertyEntry(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExtensions(v ExtensionList) { + o.Extensions = v } -func (o *ExternalIRI) asConjunctiveLicenseSet() *ConjunctiveLicenseSet { - return castConjunctiveLicenseSet(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -func (o *ExternalIRI) asContentIdentifier() *ContentIdentifier { - return castContentIdentifier(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func (o *ExternalIRI) asCreationInfo() *CreationInfo { - return castCreationInfo(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -func (o *ExternalIRI) asCustomLicense() *CustomLicense { - return castCustomLicense(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -func (o *ExternalIRI) asCustomLicenseAddition() *CustomLicenseAddition { - return castCustomLicenseAddition(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -func (o *ExternalIRI) asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship { - return castCvssV2VulnAssessmentRelationship(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -func (o *ExternalIRI) asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship { - return castCvssV3VulnAssessmentRelationship(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSummary() string { + return o.Summary } -func (o *ExternalIRI) asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship { - return castCvssV4VulnAssessmentRelationship(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSummary(v string) { + o.Summary = v } -func (o *ExternalIRI) asDatasetPackage() *DatasetPackage { - return castDatasetPackage(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -func (o *ExternalIRI) asDictionaryEntry() *DictionaryEntry { - return castDictionaryEntry(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -func (o *ExternalIRI) asDisjunctiveLicenseSet() *DisjunctiveLicenseSet { - return castDisjunctiveLicenseSet(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetCompleteness() RelationshipCompleteness { + return o.Completeness } -func (o *ExternalIRI) asElement() *Element { - return castElement(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetCompleteness(v RelationshipCompleteness) { + o.Completeness = v } -func (o *ExternalIRI) asElementCollection() *ElementCollection { - return castElementCollection(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetEndTime() time.Time { + return o.EndTime } -func (o *ExternalIRI) asEnergyConsumption() *EnergyConsumption { - return castEnergyConsumption(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetEndTime(v time.Time) { + o.EndTime = v } -func (o *ExternalIRI) asEnergyConsumptionDescription() *EnergyConsumptionDescription { - return castEnergyConsumptionDescription(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetTo() ElementList { + return o.To } -func (o *ExternalIRI) asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship { - return castEpssVulnAssessmentRelationship(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetTo(v ElementList) { + o.To = v } -func (o *ExternalIRI) asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship { - return castExploitCatalogVulnAssessmentRelationship(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetFrom() AnyElement { + return o.From } -func (o *ExternalIRI) asExtendableLicense() *ExtendableLicense { - return castExtendableLicense(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetFrom(v AnyElement) { + o.From = v } -func (o *ExternalIRI) asExtension() *Extension { - return castExtension(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetType() RelationshipType { + return o.Type } -func (o *ExternalIRI) asExternalIdentifier() *ExternalIdentifier { - return castExternalIdentifier(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetType(v RelationshipType) { + o.Type = v } -func (o *ExternalIRI) asExternalMap() *ExternalMap { - return castExternalMap(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetStartTime() time.Time { + return o.StartTime } -func (o *ExternalIRI) asExternalRef() *ExternalRef { - return castExternalRef(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetStartTime(v time.Time) { + o.StartTime = v } -func (o *ExternalIRI) asFile() *File { - return castFile(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetSuppliedBy() AnyAgent { + return o.SuppliedBy } -func (o *ExternalIRI) asHash() *Hash { - return castHash(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v } -func (o *ExternalIRI) asIndividualElement() *IndividualElement { - return castIndividualElement(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetWithdrawnTime() time.Time { + return o.WithdrawnTime } -func (o *ExternalIRI) asIndividualLicensingInfo() *IndividualLicensingInfo { - return castIndividualLicensingInfo(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v } -func (o *ExternalIRI) asIntegrityMethod() *IntegrityMethod { - return castIntegrityMethod(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetAssessedElement() AnySoftwareArtifact { + return o.AssessedElement } -func (o *ExternalIRI) asLicense() *License { - return castLicense(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetAssessedElement(v AnySoftwareArtifact) { + o.AssessedElement = v } -func (o *ExternalIRI) asLicenseAddition() *LicenseAddition { - return castLicenseAddition(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetPublishedTime() time.Time { + return o.PublishedTime } -func (o *ExternalIRI) asLicenseExpression() *LicenseExpression { - return castLicenseExpression(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetPublishedTime(v time.Time) { + o.PublishedTime = v } -func (o *ExternalIRI) asLicenseInfo() *LicenseInfo { - return castLicenseInfo(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetModifiedTime() time.Time { + return o.ModifiedTime } -func (o *ExternalIRI) asLifecycleScopedRelationship() *LifecycleScopedRelationship { - return castLifecycleScopedRelationship(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetModifiedTime(v time.Time) { + o.ModifiedTime = v } -func (o *ExternalIRI) asListedLicense() *ListedLicense { - return castListedLicense(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetStatusNotes() string { + return o.StatusNotes } -func (o *ExternalIRI) asListedLicenseException() *ListedLicenseException { - return castListedLicenseException(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetStatusNotes(v string) { + o.StatusNotes = v } -func (o *ExternalIRI) asNamespaceMap() *NamespaceMap { - return castNamespaceMap(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetVexVersion() string { + return o.VexVersion } -func (o *ExternalIRI) asOrLaterOperator() *OrLaterOperator { - return castOrLaterOperator(o.value) +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetVexVersion(v string) { + o.VexVersion = v } -func (o *ExternalIRI) asOrganization() *Organization { - return castOrganization(o.value) -} +type VexUnderInvestigationVulnAssessmentRelationshipList []AnyVexUnderInvestigationVulnAssessmentRelationship -func (o *ExternalIRI) asPackage() *Package { - return castPackage(o.value) +func (v VexUnderInvestigationVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() []AnyVexUnderInvestigationVulnAssessmentRelationship { + return ld.SliceOf[AnyVexUnderInvestigationVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asPackageVerificationCode() *PackageVerificationCode { - return castPackageVerificationCode(o.value) +type AnyVexVulnAssessmentRelationship interface { + AnyVulnAssessmentRelationship + asVexVulnAssessmentRelationship() + GetStatusNotes() string + SetStatusNotes(string) + GetVexVersion() string + SetVexVersion(string) } -func (o *ExternalIRI) asPerson() *Person { - return castPerson(o.value) -} +// VexVulnAssessmentRelationship Abstract ancestor class for all VEX relationships +type VexVulnAssessmentRelationshipList []AnyVexVulnAssessmentRelationship -func (o *ExternalIRI) asPositiveIntegerRange() *PositiveIntegerRange { - return castPositiveIntegerRange(o.value) +func (v VexVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() []AnyVexAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexAffectedVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asRelationship() *Relationship { - return castRelationship(o.value) +func (v VexVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() []AnyVexFixedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexFixedVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asSBOM() *SBOM { - return castSBOM(o.value) +func (v VexVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() []AnyVexNotAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexNotAffectedVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asSimpleLicensingText() *SimpleLicensingText { - return castSimpleLicensingText(o.value) +func (v VexVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() []AnyVexUnderInvestigationVulnAssessmentRelationship { + return ld.SliceOf[AnyVexUnderInvestigationVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asSnippet() *Snippet { - return castSnippet(o.value) +func (v VexVulnAssessmentRelationshipList) VexVulnAssessmentRelationships() []AnyVexVulnAssessmentRelationship { + return ld.SliceOf[AnyVexVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asSoftwareAgent() *SoftwareAgent { - return castSoftwareAgent(o.value) +type AnyVulnAssessmentRelationship interface { + AnyRelationship + asVulnAssessmentRelationship() + GetSuppliedBy() AnyAgent + SetSuppliedBy(AnyAgent) + GetWithdrawnTime() time.Time + SetWithdrawnTime(time.Time) + GetAssessedElement() AnySoftwareArtifact + SetAssessedElement(AnySoftwareArtifact) + GetPublishedTime() time.Time + SetPublishedTime(time.Time) + GetModifiedTime() time.Time + SetModifiedTime(time.Time) } -func (o *ExternalIRI) asSoftwareArtifact() *SoftwareArtifact { - return castSoftwareArtifact(o.value) +// VulnAssessmentRelationship Abstract ancestor class for all vulnerability assessments +type VulnAssessmentRelationshipList []AnyVulnAssessmentRelationship + +func (v VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() []AnyCvssV2VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV2VulnAssessmentRelationship](v) } -func (o *ExternalIRI) asSpdxDocument() *SpdxDocument { - return castSpdxDocument(o.value) +func (v VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() []AnyCvssV3VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV3VulnAssessmentRelationship](v) } -func (o *ExternalIRI) asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship { - return castSsvcVulnAssessmentRelationship(o.value) +func (v VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() []AnyCvssV4VulnAssessmentRelationship { + return ld.SliceOf[AnyCvssV4VulnAssessmentRelationship](v) } -func (o *ExternalIRI) asTool() *Tool { - return castTool(o.value) +func (v VulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() []AnyEpssVulnAssessmentRelationship { + return ld.SliceOf[AnyEpssVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship { - return castVexAffectedVulnAssessmentRelationship(o.value) +func (v VulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() []AnyExploitCatalogVulnAssessmentRelationship { + return ld.SliceOf[AnyExploitCatalogVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship { - return castVexFixedVulnAssessmentRelationship(o.value) +func (v VulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() []AnySsvcVulnAssessmentRelationship { + return ld.SliceOf[AnySsvcVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship { - return castVexNotAffectedVulnAssessmentRelationship(o.value) +func (v VulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() []AnyVexAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexAffectedVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship { - return castVexUnderInvestigationVulnAssessmentRelationship(o.value) +func (v VulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() []AnyVexFixedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexFixedVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship { - return castVexVulnAssessmentRelationship(o.value) +func (v VulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() []AnyVexNotAffectedVulnAssessmentRelationship { + return ld.SliceOf[AnyVexNotAffectedVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asVulnAssessmentRelationship() *VulnAssessmentRelationship { - return castVulnAssessmentRelationship(o.value) +func (v VulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() []AnyVexUnderInvestigationVulnAssessmentRelationship { + return ld.SliceOf[AnyVexUnderInvestigationVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asVulnerability() *Vulnerability { - return castVulnerability(o.value) +func (v VulnAssessmentRelationshipList) VexVulnAssessmentRelationships() []AnyVexVulnAssessmentRelationship { + return ld.SliceOf[AnyVexVulnAssessmentRelationship](v) } -func (o *ExternalIRI) asWithAdditionOperator() *WithAdditionOperator { - return castWithAdditionOperator(o.value) +func (v VulnAssessmentRelationshipList) VulnAssessmentRelationships() []AnyVulnAssessmentRelationship { + return ld.SliceOf[AnyVulnAssessmentRelationship](v) } -func castAIPackage(o any) *AIPackage { - if o, ok := o.(AnyAIPackage); ok { - return o.asAIPackage() - } - return nil +type AnyVulnerability interface { + AnyArtifact + asVulnerability() + GetWithdrawnTime() time.Time + SetWithdrawnTime(time.Time) + GetModifiedTime() time.Time + SetModifiedTime(time.Time) + GetPublishedTime() time.Time + SetPublishedTime(time.Time) } -func castAgent(o any) *Agent { - if o, ok := o.(AnyAgent); ok { - return o.asAgent() - } - return nil +// Vulnerability Specifies a vulnerability and its associated information. +type Vulnerability struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be reassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` } -func castAnnotation(o any) *Annotation { - if o, ok := o.(AnyAnnotation); ok { - return o.asAnnotation() - } - return nil +func (o *Vulnerability) asVulnerability() {} +func (o *Vulnerability) asArtifact() {} +func (o *Vulnerability) asElement() {} +func (o *Vulnerability) GetDescription() string { + return o.Description } -func castArtifact(o any) *Artifact { - if o, ok := o.(AnyArtifact); ok { - return o.asArtifact() - } - return nil +func (o *Vulnerability) SetDescription(v string) { + o.Description = v } -func castBOM(o any) *BOM { - if o, ok := o.(AnyBOM); ok { - return o.asBOM() - } - return nil +func (o *Vulnerability) GetComment() string { + return o.Comment } -func castBuild(o any) *Build { - if o, ok := o.(AnyBuild); ok { - return o.asBuild() - } - return nil +func (o *Vulnerability) SetComment(v string) { + o.Comment = v } -func castBundle(o any) *Bundle { - if o, ok := o.(AnyBundle); ok { - return o.asBundle() - } - return nil +func (o *Vulnerability) GetName() string { + return o.Name } -func castCdxPropertiesExtension(o any) *CdxPropertiesExtension { - if o, ok := o.(AnyCdxPropertiesExtension); ok { - return o.asCdxPropertiesExtension() - } - return nil +func (o *Vulnerability) SetName(v string) { + o.Name = v } -func castCdxPropertyEntry(o any) *CdxPropertyEntry { - if o, ok := o.(AnyCdxPropertyEntry); ok { - return o.asCdxPropertyEntry() - } - return nil +func (o *Vulnerability) GetExtensions() ExtensionList { + return o.Extensions } -func castConjunctiveLicenseSet(o any) *ConjunctiveLicenseSet { - if o, ok := o.(AnyConjunctiveLicenseSet); ok { - return o.asConjunctiveLicenseSet() - } - return nil +func (o *Vulnerability) SetExtensions(v ExtensionList) { + o.Extensions = v } -func castContentIdentifier(o any) *ContentIdentifier { - if o, ok := o.(AnyContentIdentifier); ok { - return o.asContentIdentifier() - } - return nil +func (o *Vulnerability) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -func castCreationInfo(o any) *CreationInfo { - if o, ok := o.(AnyCreationInfo); ok { - return o.asCreationInfo() - } - return nil +func (o *Vulnerability) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func castCustomLicense(o any) *CustomLicense { - if o, ok := o.(AnyCustomLicense); ok { - return o.asCustomLicense() - } - return nil +func (o *Vulnerability) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -func castCustomLicenseAddition(o any) *CustomLicenseAddition { - if o, ok := o.(AnyCustomLicenseAddition); ok { - return o.asCustomLicenseAddition() - } - return nil +func (o *Vulnerability) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -func castCvssV2VulnAssessmentRelationship(o any) *CvssV2VulnAssessmentRelationship { - if o, ok := o.(AnyCvssV2VulnAssessmentRelationship); ok { - return o.asCvssV2VulnAssessmentRelationship() - } - return nil +func (o *Vulnerability) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -func castCvssV3VulnAssessmentRelationship(o any) *CvssV3VulnAssessmentRelationship { - if o, ok := o.(AnyCvssV3VulnAssessmentRelationship); ok { - return o.asCvssV3VulnAssessmentRelationship() - } - return nil +func (o *Vulnerability) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -func castCvssV4VulnAssessmentRelationship(o any) *CvssV4VulnAssessmentRelationship { - if o, ok := o.(AnyCvssV4VulnAssessmentRelationship); ok { - return o.asCvssV4VulnAssessmentRelationship() - } - return nil +func (o *Vulnerability) GetSummary() string { + return o.Summary } -func castDatasetPackage(o any) *DatasetPackage { - if o, ok := o.(AnyDatasetPackage); ok { - return o.asDatasetPackage() - } - return nil +func (o *Vulnerability) SetSummary(v string) { + o.Summary = v } -func castDictionaryEntry(o any) *DictionaryEntry { - if o, ok := o.(AnyDictionaryEntry); ok { - return o.asDictionaryEntry() - } - return nil +func (o *Vulnerability) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -func castDisjunctiveLicenseSet(o any) *DisjunctiveLicenseSet { - if o, ok := o.(AnyDisjunctiveLicenseSet); ok { - return o.asDisjunctiveLicenseSet() - } - return nil +func (o *Vulnerability) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -func castElement(o any) *Element { - if o, ok := o.(AnyElement); ok { - return o.asElement() - } - return nil +func (o *Vulnerability) GetStandardNames() []string { + return o.StandardNames } -func castElementCollection(o any) *ElementCollection { - if o, ok := o.(AnyElementCollection); ok { - return o.asElementCollection() - } - return nil +func (o *Vulnerability) SetStandardNames(v []string) { + o.StandardNames = v } -func castEnergyConsumption(o any) *EnergyConsumption { - if o, ok := o.(AnyEnergyConsumption); ok { - return o.asEnergyConsumption() - } - return nil +func (o *Vulnerability) GetBuiltTime() time.Time { + return o.BuiltTime } -func castEnergyConsumptionDescription(o any) *EnergyConsumptionDescription { - if o, ok := o.(AnyEnergyConsumptionDescription); ok { - return o.asEnergyConsumptionDescription() - } - return nil +func (o *Vulnerability) SetBuiltTime(v time.Time) { + o.BuiltTime = v } -func castEpssVulnAssessmentRelationship(o any) *EpssVulnAssessmentRelationship { - if o, ok := o.(AnyEpssVulnAssessmentRelationship); ok { - return o.asEpssVulnAssessmentRelationship() - } - return nil +func (o *Vulnerability) GetReleaseTime() time.Time { + return o.ReleaseTime } -func castExploitCatalogVulnAssessmentRelationship(o any) *ExploitCatalogVulnAssessmentRelationship { - if o, ok := o.(AnyExploitCatalogVulnAssessmentRelationship); ok { - return o.asExploitCatalogVulnAssessmentRelationship() - } - return nil +func (o *Vulnerability) SetReleaseTime(v time.Time) { + o.ReleaseTime = v } -func castExtendableLicense(o any) *ExtendableLicense { - if o, ok := o.(AnyExtendableLicense); ok { - return o.asExtendableLicense() - } - return nil +func (o *Vulnerability) GetSupportLevels() []SupportType { + return o.SupportLevels } -func castExtension(o any) *Extension { - if o, ok := o.(AnyExtension); ok { - return o.asExtension() - } - return nil +func (o *Vulnerability) SetSupportLevels(v []SupportType) { + o.SupportLevels = v } -func castExternalIdentifier(o any) *ExternalIdentifier { - if o, ok := o.(AnyExternalIdentifier); ok { - return o.asExternalIdentifier() - } - return nil +func (o *Vulnerability) GetSuppliedBy() AnyAgent { + return o.SuppliedBy } -func castExternalMap(o any) *ExternalMap { - if o, ok := o.(AnyExternalMap); ok { - return o.asExternalMap() - } - return nil +func (o *Vulnerability) SetSuppliedBy(v AnyAgent) { + o.SuppliedBy = v } -func castExternalRef(o any) *ExternalRef { - if o, ok := o.(AnyExternalRef); ok { - return o.asExternalRef() - } - return nil +func (o *Vulnerability) GetOriginatedBy() AgentList { + return o.OriginatedBy } -func castFile(o any) *File { - if o, ok := o.(AnyFile); ok { - return o.asFile() - } - return nil +func (o *Vulnerability) SetOriginatedBy(v AgentList) { + o.OriginatedBy = v } -func castHash(o any) *Hash { - if o, ok := o.(AnyHash); ok { - return o.asHash() - } - return nil +func (o *Vulnerability) GetValidUntilTime() time.Time { + return o.ValidUntilTime } -func castIndividualElement(o any) *IndividualElement { - if o, ok := o.(AnyIndividualElement); ok { - return o.asIndividualElement() - } - return nil +func (o *Vulnerability) SetValidUntilTime(v time.Time) { + o.ValidUntilTime = v } -func castIndividualLicensingInfo(o any) *IndividualLicensingInfo { - if o, ok := o.(AnyIndividualLicensingInfo); ok { - return o.asIndividualLicensingInfo() - } - return nil +func (o *Vulnerability) GetWithdrawnTime() time.Time { + return o.WithdrawnTime } -func castIntegrityMethod(o any) *IntegrityMethod { - if o, ok := o.(AnyIntegrityMethod); ok { - return o.asIntegrityMethod() - } - return nil +func (o *Vulnerability) SetWithdrawnTime(v time.Time) { + o.WithdrawnTime = v } -func castLicense(o any) *License { - if o, ok := o.(AnyLicense); ok { - return o.asLicense() - } - return nil +func (o *Vulnerability) GetModifiedTime() time.Time { + return o.ModifiedTime } -func castLicenseAddition(o any) *LicenseAddition { - if o, ok := o.(AnyLicenseAddition); ok { - return o.asLicenseAddition() - } - return nil +func (o *Vulnerability) SetModifiedTime(v time.Time) { + o.ModifiedTime = v } -func castLicenseExpression(o any) *LicenseExpression { - if o, ok := o.(AnyLicenseExpression); ok { - return o.asLicenseExpression() - } - return nil +func (o *Vulnerability) GetPublishedTime() time.Time { + return o.PublishedTime } -func castLicenseInfo(o any) *LicenseInfo { - if o, ok := o.(AnyLicenseInfo); ok { - return o.asLicenseInfo() - } - return nil +func (o *Vulnerability) SetPublishedTime(v time.Time) { + o.PublishedTime = v } -func castLifecycleScopedRelationship(o any) *LifecycleScopedRelationship { - if o, ok := o.(AnyLifecycleScopedRelationship); ok { - return o.asLifecycleScopedRelationship() - } - return nil +type VulnerabilityList []AnyVulnerability + +func (v VulnerabilityList) Vulnerabilities() []AnyVulnerability { + return ld.SliceOf[AnyVulnerability](v) } -func castListedLicense(o any) *ListedLicense { - if o, ok := o.(AnyListedLicense); ok { - return o.asListedLicense() - } - return nil +type AnyWithAdditionOperator interface { + AnyLicenseInfo + asWithAdditionOperator() + GetSubjectExtendableLicense() AnyExtendableLicense + SetSubjectExtendableLicense(AnyExtendableLicense) + GetSubjectAddition() AnyLicenseAddition + SetSubjectAddition(AnyLicenseAddition) } -func castListedLicenseException(o any) *ListedLicenseException { - if o, ok := o.(AnyListedLicenseException); ok { - return o.asListedLicenseException() - } - return nil +// WithAdditionOperator Portion of an AnyLicenseInfo representing a License which has additional text applied to it. +type WithAdditionOperator struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator" node-kind:"http://www.w3.org/ns/shacl#IRI"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the Element. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions ExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content that uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsing Provides an IntegrityMethod with which the integrity of an Element can be asserted. + VerifiedUsing IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // SubjectExtendableLicense A License participating in a 'with addition' model. + SubjectExtendableLicense AnyExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` + // SubjectAddition A LicenseAddition participating in a 'with addition' model. + SubjectAddition AnyLicenseAddition `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition"` } -func castNamespaceMap(o any) *NamespaceMap { - if o, ok := o.(AnyNamespaceMap); ok { - return o.asNamespaceMap() - } - return nil +func (o *WithAdditionOperator) asWithAdditionOperator() {} +func (o *WithAdditionOperator) asLicenseInfo() {} +func (o *WithAdditionOperator) asElement() {} +func (o *WithAdditionOperator) GetDescription() string { + return o.Description } -func castOrLaterOperator(o any) *OrLaterOperator { - if o, ok := o.(AnyOrLaterOperator); ok { - return o.asOrLaterOperator() - } - return nil +func (o *WithAdditionOperator) SetDescription(v string) { + o.Description = v } -func castOrganization(o any) *Organization { - if o, ok := o.(AnyOrganization); ok { - return o.asOrganization() - } - return nil +func (o *WithAdditionOperator) GetComment() string { + return o.Comment } -func castPackage(o any) *Package { - if o, ok := o.(AnyPackage); ok { - return o.asPackage() - } - return nil +func (o *WithAdditionOperator) SetComment(v string) { + o.Comment = v } -func castPackageVerificationCode(o any) *PackageVerificationCode { - if o, ok := o.(AnyPackageVerificationCode); ok { - return o.asPackageVerificationCode() - } - return nil +func (o *WithAdditionOperator) GetName() string { + return o.Name } -func castPerson(o any) *Person { - if o, ok := o.(AnyPerson); ok { - return o.asPerson() - } - return nil +func (o *WithAdditionOperator) SetName(v string) { + o.Name = v } -func castPositiveIntegerRange(o any) *PositiveIntegerRange { - if o, ok := o.(AnyPositiveIntegerRange); ok { - return o.asPositiveIntegerRange() - } - return nil +func (o *WithAdditionOperator) GetExtensions() ExtensionList { + return o.Extensions } -func castRelationship(o any) *Relationship { - if o, ok := o.(AnyRelationship); ok { - return o.asRelationship() - } - return nil +func (o *WithAdditionOperator) SetExtensions(v ExtensionList) { + o.Extensions = v } -func castSBOM(o any) *SBOM { - if o, ok := o.(AnySBOM); ok { - return o.asSBOM() - } - return nil +func (o *WithAdditionOperator) GetCreationInfo() AnyCreationInfo { + return o.CreationInfo } -func castSimpleLicensingText(o any) *SimpleLicensingText { - if o, ok := o.(AnySimpleLicensingText); ok { - return o.asSimpleLicensingText() - } - return nil +func (o *WithAdditionOperator) SetCreationInfo(v AnyCreationInfo) { + o.CreationInfo = v } -func castSnippet(o any) *Snippet { - if o, ok := o.(AnySnippet); ok { - return o.asSnippet() - } - return nil +func (o *WithAdditionOperator) GetExternalIdentifiers() ExternalIdentifierList { + return o.ExternalIdentifiers } -func castSoftwareAgent(o any) *SoftwareAgent { - if o, ok := o.(AnySoftwareAgent); ok { - return o.asSoftwareAgent() - } - return nil +func (o *WithAdditionOperator) SetExternalIdentifiers(v ExternalIdentifierList) { + o.ExternalIdentifiers = v } -func castSoftwareArtifact(o any) *SoftwareArtifact { - if o, ok := o.(AnySoftwareArtifact); ok { - return o.asSoftwareArtifact() - } - return nil +func (o *WithAdditionOperator) GetExternalRefs() ExternalRefList { + return o.ExternalRefs } -func castSpdxDocument(o any) *SpdxDocument { - if o, ok := o.(AnySpdxDocument); ok { - return o.asSpdxDocument() - } - return nil +func (o *WithAdditionOperator) SetExternalRefs(v ExternalRefList) { + o.ExternalRefs = v } -func castSsvcVulnAssessmentRelationship(o any) *SsvcVulnAssessmentRelationship { - if o, ok := o.(AnySsvcVulnAssessmentRelationship); ok { - return o.asSsvcVulnAssessmentRelationship() - } - return nil +func (o *WithAdditionOperator) GetSummary() string { + return o.Summary } -func castTool(o any) *Tool { - if o, ok := o.(AnyTool); ok { - return o.asTool() - } - return nil +func (o *WithAdditionOperator) SetSummary(v string) { + o.Summary = v } -func castVexAffectedVulnAssessmentRelationship(o any) *VexAffectedVulnAssessmentRelationship { - if o, ok := o.(AnyVexAffectedVulnAssessmentRelationship); ok { - return o.asVexAffectedVulnAssessmentRelationship() - } - return nil +func (o *WithAdditionOperator) GetVerifiedUsing() IntegrityMethodList { + return o.VerifiedUsing } -func castVexFixedVulnAssessmentRelationship(o any) *VexFixedVulnAssessmentRelationship { - if o, ok := o.(AnyVexFixedVulnAssessmentRelationship); ok { - return o.asVexFixedVulnAssessmentRelationship() - } - return nil +func (o *WithAdditionOperator) SetVerifiedUsing(v IntegrityMethodList) { + o.VerifiedUsing = v } -func castVexNotAffectedVulnAssessmentRelationship(o any) *VexNotAffectedVulnAssessmentRelationship { - if o, ok := o.(AnyVexNotAffectedVulnAssessmentRelationship); ok { - return o.asVexNotAffectedVulnAssessmentRelationship() - } - return nil +func (o *WithAdditionOperator) GetSubjectExtendableLicense() AnyExtendableLicense { + return o.SubjectExtendableLicense } -func castVexUnderInvestigationVulnAssessmentRelationship(o any) *VexUnderInvestigationVulnAssessmentRelationship { - if o, ok := o.(AnyVexUnderInvestigationVulnAssessmentRelationship); ok { - return o.asVexUnderInvestigationVulnAssessmentRelationship() - } - return nil +func (o *WithAdditionOperator) SetSubjectExtendableLicense(v AnyExtendableLicense) { + o.SubjectExtendableLicense = v } -func castVexVulnAssessmentRelationship(o any) *VexVulnAssessmentRelationship { - if o, ok := o.(AnyVexVulnAssessmentRelationship); ok { - return o.asVexVulnAssessmentRelationship() - } - return nil +func (o *WithAdditionOperator) GetSubjectAddition() AnyLicenseAddition { + return o.SubjectAddition } -func castVulnAssessmentRelationship(o any) *VulnAssessmentRelationship { - if o, ok := o.(AnyVulnAssessmentRelationship); ok { - return o.asVulnAssessmentRelationship() - } - return nil +func (o *WithAdditionOperator) SetSubjectAddition(v AnyLicenseAddition) { + o.SubjectAddition = v } -func castVulnerability(o any) *Vulnerability { - if o, ok := o.(AnyVulnerability); ok { - return o.asVulnerability() - } - return nil +type WithAdditionOperatorList []AnyWithAdditionOperator + +func (v WithAdditionOperatorList) WithAdditionOperators() []AnyWithAdditionOperator { + return ld.SliceOf[AnyWithAdditionOperator](v) } -func castWithAdditionOperator(o any) *WithAdditionOperator { - if o, ok := o.(AnyWithAdditionOperator); ok { - return o.asWithAdditionOperator() - } - return nil -} - -func Cast[T any](value any) *T { - var t T - switch any(t).(type) { - case AIPackage: - if v, ok := any(castAIPackage(value)).(*T); ok { - return v - } - case Agent: - if v, ok := any(castAgent(value)).(*T); ok { - return v - } - case Annotation: - if v, ok := any(castAnnotation(value)).(*T); ok { - return v - } - case Artifact: - if v, ok := any(castArtifact(value)).(*T); ok { - return v - } - case BOM: - if v, ok := any(castBOM(value)).(*T); ok { - return v - } - case Build: - if v, ok := any(castBuild(value)).(*T); ok { - return v - } - case Bundle: - if v, ok := any(castBundle(value)).(*T); ok { - return v - } - case CdxPropertiesExtension: - if v, ok := any(castCdxPropertiesExtension(value)).(*T); ok { - return v - } - case CdxPropertyEntry: - if v, ok := any(castCdxPropertyEntry(value)).(*T); ok { - return v - } - case ConjunctiveLicenseSet: - if v, ok := any(castConjunctiveLicenseSet(value)).(*T); ok { - return v - } - case ContentIdentifier: - if v, ok := any(castContentIdentifier(value)).(*T); ok { - return v - } - case CreationInfo: - if v, ok := any(castCreationInfo(value)).(*T); ok { - return v - } - case CustomLicense: - if v, ok := any(castCustomLicense(value)).(*T); ok { - return v - } - case CustomLicenseAddition: - if v, ok := any(castCustomLicenseAddition(value)).(*T); ok { - return v - } - case CvssV2VulnAssessmentRelationship: - if v, ok := any(castCvssV2VulnAssessmentRelationship(value)).(*T); ok { - return v - } - case CvssV3VulnAssessmentRelationship: - if v, ok := any(castCvssV3VulnAssessmentRelationship(value)).(*T); ok { - return v - } - case CvssV4VulnAssessmentRelationship: - if v, ok := any(castCvssV4VulnAssessmentRelationship(value)).(*T); ok { - return v - } - case DatasetPackage: - if v, ok := any(castDatasetPackage(value)).(*T); ok { - return v - } - case DictionaryEntry: - if v, ok := any(castDictionaryEntry(value)).(*T); ok { - return v - } - case DisjunctiveLicenseSet: - if v, ok := any(castDisjunctiveLicenseSet(value)).(*T); ok { - return v - } - case Element: - if v, ok := any(castElement(value)).(*T); ok { - return v - } - case ElementCollection: - if v, ok := any(castElementCollection(value)).(*T); ok { - return v - } - case EnergyConsumption: - if v, ok := any(castEnergyConsumption(value)).(*T); ok { - return v - } - case EnergyConsumptionDescription: - if v, ok := any(castEnergyConsumptionDescription(value)).(*T); ok { - return v - } - case EpssVulnAssessmentRelationship: - if v, ok := any(castEpssVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case ExploitCatalogVulnAssessmentRelationship: - if v, ok := any(castExploitCatalogVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case ExtendableLicense: - if v, ok := any(castExtendableLicense(value)).(*T); ok { - return v - } - case Extension: - if v, ok := any(castExtension(value)).(*T); ok { - return v - } - case ExternalIdentifier: - if v, ok := any(castExternalIdentifier(value)).(*T); ok { - return v - } - case ExternalMap: - if v, ok := any(castExternalMap(value)).(*T); ok { - return v - } - case ExternalRef: - if v, ok := any(castExternalRef(value)).(*T); ok { - return v - } - case File: - if v, ok := any(castFile(value)).(*T); ok { - return v - } - case Hash: - if v, ok := any(castHash(value)).(*T); ok { - return v - } - case IndividualElement: - if v, ok := any(castIndividualElement(value)).(*T); ok { - return v - } - case IndividualLicensingInfo: - if v, ok := any(castIndividualLicensingInfo(value)).(*T); ok { - return v - } - case IntegrityMethod: - if v, ok := any(castIntegrityMethod(value)).(*T); ok { - return v - } - case License: - if v, ok := any(castLicense(value)).(*T); ok { - return v - } - case LicenseAddition: - if v, ok := any(castLicenseAddition(value)).(*T); ok { - return v - } - case LicenseExpression: - if v, ok := any(castLicenseExpression(value)).(*T); ok { - return v - } - case LicenseInfo: - if v, ok := any(castLicenseInfo(value)).(*T); ok { - return v - } - case LifecycleScopedRelationship: - if v, ok := any(castLifecycleScopedRelationship(value)).(*T); ok { - return v - } - case ListedLicense: - if v, ok := any(castListedLicense(value)).(*T); ok { - return v - } - case ListedLicenseException: - if v, ok := any(castListedLicenseException(value)).(*T); ok { - return v - } - case NamespaceMap: - if v, ok := any(castNamespaceMap(value)).(*T); ok { - return v - } - case OrLaterOperator: - if v, ok := any(castOrLaterOperator(value)).(*T); ok { - return v - } - case Organization: - if v, ok := any(castOrganization(value)).(*T); ok { - return v - } - case Package: - if v, ok := any(castPackage(value)).(*T); ok { - return v - } - case PackageVerificationCode: - if v, ok := any(castPackageVerificationCode(value)).(*T); ok { - return v - } - case Person: - if v, ok := any(castPerson(value)).(*T); ok { - return v - } - case PositiveIntegerRange: - if v, ok := any(castPositiveIntegerRange(value)).(*T); ok { - return v - } - case Relationship: - if v, ok := any(castRelationship(value)).(*T); ok { - return v - } - case SBOM: - if v, ok := any(castSBOM(value)).(*T); ok { - return v - } - case SimpleLicensingText: - if v, ok := any(castSimpleLicensingText(value)).(*T); ok { - return v - } - case Snippet: - if v, ok := any(castSnippet(value)).(*T); ok { - return v - } - case SoftwareAgent: - if v, ok := any(castSoftwareAgent(value)).(*T); ok { - return v - } - case SoftwareArtifact: - if v, ok := any(castSoftwareArtifact(value)).(*T); ok { - return v - } - case SpdxDocument: - if v, ok := any(castSpdxDocument(value)).(*T); ok { - return v - } - case SsvcVulnAssessmentRelationship: - if v, ok := any(castSsvcVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case Tool: - if v, ok := any(castTool(value)).(*T); ok { - return v - } - case VexAffectedVulnAssessmentRelationship: - if v, ok := any(castVexAffectedVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case VexFixedVulnAssessmentRelationship: - if v, ok := any(castVexFixedVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case VexNotAffectedVulnAssessmentRelationship: - if v, ok := any(castVexNotAffectedVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case VexUnderInvestigationVulnAssessmentRelationship: - if v, ok := any(castVexUnderInvestigationVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case VexVulnAssessmentRelationship: - if v, ok := any(castVexVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case VulnAssessmentRelationship: - if v, ok := any(castVulnAssessmentRelationship(value)).(*T); ok { - return v - } - case Vulnerability: - if v, ok := any(castVulnerability(value)).(*T); ok { - return v - } - case WithAdditionOperator: - if v, ok := any(castWithAdditionOperator(value)).(*T); ok { - return v - } - } - panic("invalid type cast, unknown type: " + reflect.TypeOf(t).String()) +type ExternalIRI struct { + id string `iri:"@id"` + value any } -func As[T any, R any](value any, fn func(v *T) R) R { - v := Cast[T](value) - if v != nil { - return fn(v) +func NewExternalIRI(id string) *ExternalIRI { + return &ExternalIRI{ + id: id, } - var r R - return r } type ( - PositiveInt = ld.PositiveInt URI = ld.URI NonNegativeInt = ld.NonNegativeInt + PositiveInt = ld.PositiveInt ) func context() ld.Context { @@ -5498,7 +11864,6 @@ func context() ld.Context { AnnotationType{}, AnnotationType_Other, AnnotationType_Review, - Artifact{}, BOM{}, Build{}, Bundle{}, @@ -5550,8 +11915,6 @@ func context() ld.Context { DatasetType_Video, DictionaryEntry{}, DisjunctiveLicenseSet{}, - Element{}, - ElementCollection{}, EnergyConsumption{}, EnergyConsumptionDescription{}, EnergyUnitType{}, @@ -5563,8 +11926,6 @@ func context() ld.Context { ExploitCatalogType_Kev, ExploitCatalogType_Other, ExploitCatalogVulnAssessmentRelationship{}, - ExtendableLicense{}, - Extension{}, ExternalIdentifier{}, ExternalIdentifierType{}, ExternalIdentifierType_Cpe22, @@ -5661,11 +12022,7 @@ func context() ld.Context { IndividualLicensingInfo{}, IndividualLicensingInfo_NoAssertionLicense, IndividualLicensingInfo_NoneLicense, - IntegrityMethod{}, - License{}, - LicenseAddition{}, LicenseExpression{}, - LicenseInfo{}, LifecycleScopeType{}, LifecycleScopeType_Build, LifecycleScopeType_Design, @@ -5780,7 +12137,6 @@ func context() ld.Context { SimpleLicensingText{}, Snippet{}, SoftwareAgent{}, - SoftwareArtifact{}, SoftwarePurpose{}, SoftwarePurpose_Application, SoftwarePurpose_Archive, @@ -5837,8 +12193,6 @@ func context() ld.Context { VexJustificationType_VulnerableCodeNotPresent, VexNotAffectedVulnAssessmentRelationship{}, VexUnderInvestigationVulnAssessmentRelationship{}, - VexVulnAssessmentRelationship{}, - VulnAssessmentRelationship{}, Vulnerability{}, WithAdditionOperator{}, ) diff --git a/spdx/v3/v3_0_1/model_validations.go b/spdx/v3/v3_0_1/model_validations.go index ece7ee59..068b1df7 100755 --- a/spdx/v3/v3_0_1/model_validations.go +++ b/spdx/v3/v3_0_1/model_validations.go @@ -8,7 +8,81 @@ import "github.com/kzantow/go-ld" func (o *AIPackage) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Package), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + ))), + ld.ValidateProperty(o, &o.AdditionalPurposes, + ld.ValidateAll(ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))), + ld.ValidateProperty(o, &o.PrimaryPurpose, + ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + )), ld.ValidateProperty(o, &o.UseSensitivePersonalInformation, ld.ValidateIRI( PresenceType_Yes, @@ -32,12 +106,12 @@ func (o *AIPackage) Validate() error { func (o *Agent) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element)) + ld.ValidateProperty(o, &o.CreationInfo)) } func (o *Annotation) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.Subject), ld.ValidateProperty(o, &o.ContentType, ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), @@ -52,40 +126,50 @@ func (o *AnnotationType) Validate() error { return ld.JoinErrors() } -func (o *Artifact) Validate() error { +func (o *BOM) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element), - ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.ProfileConformances, ld.ValidateAll(ld.ValidateIRI( - SupportType_Development, - SupportType_Support, - SupportType_Deployed, - SupportType_LimitedSupport, - SupportType_EndOfSupport, - SupportType_NoSupport, - SupportType_NoAssertion, + ProfileIdentifierType_Core, + ProfileIdentifierType_Software, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Security, + ProfileIdentifierType_Build, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, )))) } -func (o *BOM) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Bundle)) -} - func (o *Build) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.Type)) } func (o *Bundle) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.ElementCollection)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.ProfileConformances, + ld.ValidateAll(ld.ValidateIRI( + ProfileIdentifierType_Core, + ProfileIdentifierType_Software, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Security, + ProfileIdentifierType_Build, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, + )))) } func (o *CdxPropertiesExtension) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Extension), ld.ValidateProperty(o, &o.CdxProperties, ld.ValidateMinCount[CdxPropertyEntryList](1))) } @@ -101,14 +185,13 @@ func (o *ConfidentialityLevelType) Validate() error { func (o *ConjunctiveLicenseSet) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.Members, ld.ValidateMinCount[LicenseInfoList](2))) } func (o *ContentIdentifier) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.IntegrityMethod), ld.ValidateProperty(o, &o.Type, ld.ValidateIRI( ContentIdentifierType_Gitoid, @@ -132,12 +215,14 @@ func (o *CreationInfo) Validate() error { func (o *CustomLicense) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.License)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Text)) } func (o *CustomLicenseAddition) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseAddition)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.AdditionText)) } func (o *CvssSeverityType) Validate() error { @@ -146,14 +231,156 @@ func (o *CvssSeverityType) Validate() error { func (o *CvssV2VulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.VectorString), ld.ValidateProperty(o, &o.Score)) } func (o *CvssV3VulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.Score), ld.ValidateProperty(o, &o.Severity, ld.ValidateIRI( @@ -168,7 +395,78 @@ func (o *CvssV3VulnAssessmentRelationship) Validate() error { func (o *CvssV4VulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.Severity, ld.ValidateIRI( CvssSeverityType_Critical, @@ -187,7 +485,81 @@ func (o *DatasetAvailabilityType) Validate() error { func (o *DatasetPackage) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Package), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + ))), + ld.ValidateProperty(o, &o.AdditionalPurposes, + ld.ValidateAll(ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))), + ld.ValidateProperty(o, &o.PrimaryPurpose, + ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + )), ld.ValidateProperty(o, &o.ConfidentialityLevel, ld.ValidateIRI( ConfidentialityLevelType_Red, @@ -240,34 +612,11 @@ func (o *DictionaryEntry) Validate() error { func (o *DisjunctiveLicenseSet) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.Members, ld.ValidateMinCount[LicenseInfoList](2))) } -func (o *Element) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.CreationInfo)) -} - -func (o *ElementCollection) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element), - ld.ValidateProperty(o, &o.ProfileConformances, - ld.ValidateAll(ld.ValidateIRI( - ProfileIdentifierType_Core, - ProfileIdentifierType_Software, - ProfileIdentifierType_SimpleLicensing, - ProfileIdentifierType_ExpandedLicensing, - ProfileIdentifierType_Security, - ProfileIdentifierType_Build, - ProfileIdentifierType_Ai, - ProfileIdentifierType_Dataset, - ProfileIdentifierType_Extension, - ProfileIdentifierType_Lite, - )))) -} - func (o *EnergyConsumption) Validate() error { return ld.JoinErrors() } @@ -289,7 +638,78 @@ func (o *EnergyUnitType) Validate() error { func (o *EpssVulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.Probability), ld.ValidateProperty(o, &o.Percentile)) } @@ -300,29 +720,91 @@ func (o *ExploitCatalogType) Validate() error { func (o *ExploitCatalogVulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VulnAssessmentRelationship), - ld.ValidateProperty(o, &o.Locator), - ld.ValidateProperty(o, &o.Exploited), - ld.ValidateProperty(o, &o.CatalogType, - ld.ValidateIRI( - ExploitCatalogType_Kev, - ExploitCatalogType_Other, - ))) -} - -func (o *ExtendableLicense) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseInfo)) -} - -func (o *Extension) Validate() error { - return ld.JoinErrors() -} - -func (o *ExternalIdentifier) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Identifier), - ld.ValidateProperty(o, &o.Type, + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), + ld.ValidateProperty(o, &o.Locator), + ld.ValidateProperty(o, &o.Exploited), + ld.ValidateProperty(o, &o.CatalogType, + ld.ValidateIRI( + ExploitCatalogType_Kev, + ExploitCatalogType_Other, + ))) +} + +func (o *ExternalIdentifier) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Identifier), + ld.ValidateProperty(o, &o.Type, ld.ValidateIRI( ExternalIdentifierType_Cpe22, ExternalIdentifierType_Cpe23, @@ -408,7 +890,81 @@ func (o *ExternalRefType) Validate() error { func (o *File) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.SoftwareArtifact), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + ))), + ld.ValidateProperty(o, &o.AdditionalPurposes, + ld.ValidateAll(ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))), + ld.ValidateProperty(o, &o.PrimaryPurpose, + ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + )), ld.ValidateProperty(o, &o.ContentType, ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), ld.ValidateProperty(o, &o.Kind, @@ -424,7 +980,6 @@ func (o *FileKindType) Validate() error { func (o *Hash) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.IntegrityMethod), ld.ValidateProperty(o, &o.Value), ld.ValidateProperty(o, &o.Algorithm, ld.ValidateIRI( @@ -459,50 +1014,100 @@ func (o *HashAlgorithm) Validate() error { func (o *IndividualElement) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element)) + ld.ValidateProperty(o, &o.CreationInfo)) } func (o *IndividualLicensingInfo) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseInfo)) -} - -func (o *IntegrityMethod) Validate() error { - return ld.JoinErrors() -} - -func (o *License) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.ExtendableLicense), - ld.ValidateProperty(o, &o.Text)) -} - -func (o *LicenseAddition) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element), - ld.ValidateProperty(o, &o.AdditionText)) + ld.ValidateProperty(o, &o.CreationInfo)) } func (o *LicenseExpression) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.LicenseExpression), ld.ValidateProperty(o, &o.LicenseListVersion, ld.ValidateExpression("^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"))) } -func (o *LicenseInfo) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element)) -} - func (o *LifecycleScopeType) Validate() error { return ld.JoinErrors() } func (o *LifecycleScopedRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Relationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.Scope, ld.ValidateIRI( LifecycleScopeType_Design, @@ -516,12 +1121,14 @@ func (o *LifecycleScopedRelationship) Validate() error { func (o *ListedLicense) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.License)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Text)) } func (o *ListedLicenseException) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseAddition)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.AdditionText)) } func (o *NamespaceMap) Validate() error { @@ -532,28 +1139,101 @@ func (o *NamespaceMap) Validate() error { func (o *OrLaterOperator) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.ExtendableLicense), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.SubjectLicense)) } func (o *Organization) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Agent)) + ld.ValidateProperty(o, &o.CreationInfo)) } func (o *Package) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.SoftwareArtifact)) -} - -func (o *PackageVerificationCode) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.IntegrityMethod), - ld.ValidateProperty(o, &o.Algorithm, - ld.ValidateIRI( - HashAlgorithm_Adler32, - HashAlgorithm_Blake2b256, - HashAlgorithm_Blake2b384, + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + ))), + ld.ValidateProperty(o, &o.AdditionalPurposes, + ld.ValidateAll(ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))), + ld.ValidateProperty(o, &o.PrimaryPurpose, + ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))) +} + +func (o *PackageVerificationCode) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Algorithm, + ld.ValidateIRI( + HashAlgorithm_Adler32, + HashAlgorithm_Blake2b256, + HashAlgorithm_Blake2b384, HashAlgorithm_Blake2b512, HashAlgorithm_Blake3, HashAlgorithm_CrystalsDilithium, @@ -579,7 +1259,7 @@ func (o *PackageVerificationCode) Validate() error { func (o *Person) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Agent)) + ld.ValidateProperty(o, &o.CreationInfo)) } func (o *PositiveIntegerRange) Validate() error { @@ -598,7 +1278,7 @@ func (o *ProfileIdentifierType) Validate() error { func (o *Relationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.Completeness, ld.ValidateIRI( RelationshipCompleteness_Incomplete, @@ -682,7 +1362,20 @@ func (o *RelationshipType) Validate() error { func (o *SBOM) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.BOM), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.ProfileConformances, + ld.ValidateAll(ld.ValidateIRI( + ProfileIdentifierType_Core, + ProfileIdentifierType_Software, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Security, + ProfileIdentifierType_Build, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, + ))), ld.ValidateProperty(o, &o.SbomTypes, ld.ValidateAll(ld.ValidateIRI( SbomType_Design, @@ -704,24 +1397,23 @@ func (o *SbomType) Validate() error { func (o *SimpleLicensingText) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.LicenseText)) } func (o *Snippet) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.SoftwareArtifact), - ld.ValidateProperty(o, &o.FromFile)) -} - -func (o *SoftwareAgent) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Agent)) -} - -func (o *SoftwareArtifact) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Artifact), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + ))), ld.ValidateProperty(o, &o.AdditionalPurposes, ld.ValidateAll(ld.ValidateIRI( SoftwarePurpose_Application, @@ -785,7 +1477,13 @@ func (o *SoftwareArtifact) Validate() error { SoftwarePurpose_Source, SoftwarePurpose_Specification, SoftwarePurpose_Test, - ))) + )), + ld.ValidateProperty(o, &o.FromFile)) +} + +func (o *SoftwareAgent) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.CreationInfo)) } func (o *SoftwarePurpose) Validate() error { @@ -794,7 +1492,20 @@ func (o *SoftwarePurpose) Validate() error { func (o *SpdxDocument) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.ElementCollection)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.ProfileConformances, + ld.ValidateAll(ld.ValidateIRI( + ProfileIdentifierType_Core, + ProfileIdentifierType_Software, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Security, + ProfileIdentifierType_Build, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, + )))) } func (o *SsvcDecisionType) Validate() error { @@ -803,7 +1514,78 @@ func (o *SsvcDecisionType) Validate() error { func (o *SsvcVulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.DecisionType, ld.ValidateIRI( SsvcDecisionType_Act, @@ -819,18 +1601,160 @@ func (o *SupportType) Validate() error { func (o *Tool) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Element)) + ld.ValidateProperty(o, &o.CreationInfo)) } func (o *VexAffectedVulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.ActionStatement)) } func (o *VexFixedVulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + ))) } func (o *VexJustificationType) Validate() error { @@ -839,7 +1763,78 @@ func (o *VexJustificationType) Validate() error { func (o *VexNotAffectedVulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship), + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + )), ld.ValidateProperty(o, &o.JustificationType, ld.ValidateIRI( VexJustificationType_ComponentNotPresent, @@ -852,27 +1847,98 @@ func (o *VexNotAffectedVulnAssessmentRelationship) Validate() error { func (o *VexUnderInvestigationVulnAssessmentRelationship) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship)) -} - -func (o *VexVulnAssessmentRelationship) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.VulnAssessmentRelationship)) -} - -func (o *VulnAssessmentRelationship) Validate() error { - return ld.JoinErrors( - ld.ValidateProperty(o, &o.Relationship)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.Type, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + ))) } func (o *Vulnerability) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.Artifact)) + ld.ValidateProperty(o, &o.CreationInfo), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + )))) } func (o *WithAdditionOperator) Validate() error { return ld.JoinErrors( - ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.CreationInfo), ld.ValidateProperty(o, &o.SubjectExtendableLicense), ld.ValidateProperty(o, &o.SubjectAddition)) } diff --git a/spdx/v3/v3_0_1/spdx.go b/spdx/v3/v3_0_1/spdx.go index 9ae8cbe8..1b61fb96 100644 --- a/spdx/v3/v3_0_1/spdx.go +++ b/spdx/v3/v3_0_1/spdx.go @@ -10,6 +10,7 @@ import ( "github.com/davecgh/go-spew/spew" "github.com/kzantow/go-ld" + "github.com/spdx/tools-golang/spdx/v3/internal" ) @@ -58,13 +59,9 @@ func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAg } return &Document{ SpdxDocument: SpdxDocument{ - ElementCollection: ElementCollection{ - Element: Element{ - Name: name, - CreationInfo: ci, - }, - ProfileConformances: conformanceFrom(conformance), - }, + Name: name, + CreationInfo: ci, + ProfileConformances: conformanceFrom(conformance), }, LDContext: context(), } diff --git a/spdx/v3/v3_0_1/spdx_serialization_test.go b/spdx/v3/v3_0_1/spdx_serialization_test.go index b228d31d..1059d1e6 100644 --- a/spdx/v3/v3_0_1/spdx_serialization_test.go +++ b/spdx/v3/v3_0_1/spdx_serialization_test.go @@ -7,6 +7,7 @@ import ( "time" "github.com/google/go-cmp/cmp" + "github.com/spdx/tools-golang/spdx/v3/internal" ) @@ -18,10 +19,10 @@ func Test_spdxExportImportExport(t *testing.T) { doc.ID = "new-id" - agent := &SoftwareAgent{Agent: Agent{Element: Element{ + agent := &SoftwareAgent{ Name: "some-agent", Summary: "summary", - }}} + } c := &CreationInfo{ Comment: "some-comment", Created: time.Now(), @@ -29,7 +30,7 @@ func Test_spdxExportImportExport(t *testing.T) { agent, }, CreatedUsing: []AnyTool{ - &Tool{Element: Element{ + &Tool{ ExternalIdentifiers: ExternalIdentifierList{ &ExternalIdentifier{ Type: ExternalIdentifierType_Cpe23, @@ -37,7 +38,7 @@ func Test_spdxExportImportExport(t *testing.T) { }, }, Name: "not-tools-golang", - }}, + }, }, SpecVersion: "", } @@ -45,34 +46,31 @@ func Test_spdxExportImportExport(t *testing.T) { // add a package - pkg1 := &Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + pkg1 := &Package{ Name: "some-package-1", CreationInfo: c, - }}}, - Version: "1.2.3", + Version: "1.2.3", } - pkg2 := &Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + pkg2 := &Package{ Name: "some-package-2", CreationInfo: c, - }}}, - Version: "2.4.5", + Version: "2.4.5", } doc.RootElements = append(doc.RootElements, pkg2) - file1 := &File{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + file1 := &File{ Name: "/bin/bash", CreationInfo: c, - }}}} + } doc.RootElements = append(doc.RootElements, file1) // add relationships doc.RootElements = append(doc.RootElements, - &Relationship{Element: Element{ + &Relationship{ CreationInfo: c, - }, - From: file1, - Type: RelationshipType_Contains, + From: file1, + Type: RelationshipType_Contains, To: ElementList{ pkg1, pkg2, @@ -81,11 +79,10 @@ func Test_spdxExportImportExport(t *testing.T) { ) doc.RootElements = append(doc.RootElements, - &Relationship{Element: Element{ + &Relationship{ CreationInfo: c, - }, - From: pkg1, - Type: RelationshipType_DependsOn, + From: pkg1, + Type: RelationshipType_DependsOn, To: ElementList{ pkg2, }, @@ -93,9 +90,8 @@ func Test_spdxExportImportExport(t *testing.T) { ) doc.RootElements = append(doc.RootElements, - &AIPackage{Package: Package{SoftwareArtifact: SoftwareArtifact{Artifact: Artifact{Element: Element{ + &AIPackage{ CreationInfo: c, - }}}}, TypeOfModels: []string{"a model"}, }, ) @@ -106,17 +102,16 @@ func Test_spdxExportImportExport(t *testing.T) { var pkgs PackageList for _, rel := range got.RootElements.Relationships() { - if rel.Type != RelationshipType_Contains { + if rel.GetType() != RelationshipType_Contains { continue } - _ = As(rel.From, func(from *File) any { - if from.Name == "/bin/bash" { - for _, pkg := range rel.To.Packages() { + if from, ok := rel.GetFrom().(AnyFile); ok { + if from.GetName() == "/bin/bash" { + for _, pkg := range rel.GetTo().Packages() { pkgs = append(pkgs, pkg) } } - return nil - }) + } } if len(pkgs) != 2 { t.Error("wrong packages returned") @@ -131,20 +126,21 @@ func Test_stringSlice(t *testing.T) { } func Test_profileConformance(t *testing.T) { - doc := &SpdxDocument{ElementCollection: ElementCollection{ + doc := &SpdxDocument{ ProfileConformances: []ProfileIdentifierType{ ProfileIdentifierType_Software, }, - }} + } encodeDecode(t, doc) } func Test_externalID(t *testing.T) { - doc := &SpdxDocument{ElementCollection: ElementCollection{ + doc := &SpdxDocument{ Elements: ElementList{ - NewExternalIRI("http://someplace.org/ac7b643f0b2d"), + // FIXME update the ExtenralIRI for flat struct generation + //NewExternalIRI("http://someplace.org/ac7b643f0b2d"), }, - }} + } encodeDecode(t, doc) } diff --git a/spdx/v3/v3_0_1/spdx_test.go b/spdx/v3/v3_0_1/spdx_test.go index 19b568ab..01cef865 100644 --- a/spdx/v3/v3_0_1/spdx_test.go +++ b/spdx/v3/v3_0_1/spdx_test.go @@ -6,7 +6,6 @@ import ( "fmt" "os" "path/filepath" - "reflect" "strings" "testing" "time" @@ -22,15 +21,11 @@ import ( func Test_customSerialization(t *testing.T) { d := spdx.NewDocument(spdx.ProfileIdentifierType_Software, "adoc", &spdx.Person{ - Agent: spdx.Agent{ - Element: spdx.Element{ - Name: "Keith", - ExternalIdentifiers: spdx.ExternalIdentifierList{ - &spdx.ExternalIdentifier{ - Type: spdx.ExternalIdentifierType_Email, - Identifier: "keith@example.com", - }, - }, + Name: "Keith", + ExternalIdentifiers: spdx.ExternalIdentifierList{ + &spdx.ExternalIdentifier{ + Type: spdx.ExternalIdentifierType_Email, + Identifier: "keith@example.com", }, }, }, nil) @@ -48,11 +43,7 @@ func Test_customSerialization(t *testing.T) { }) a := &spdx.Person{ - Agent: spdx.Agent{ - Element: spdx.Element{ - Name: "Alice", - }, - }, + Name: "Alice", } sbom.RootElements = append(sbom.RootElements, a) @@ -135,60 +126,49 @@ func Test_validateMinList(t *testing.T) { func Test_writer(t *testing.T) { d := newTestDocument() - pkg1 := &spdx.Package{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + pkg1 := &spdx.Package{ Name: "the pkg 2", - }}}} + } file1 := &spdx.File{ - SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ - Name: "a file", - }}}, + Name: "a file", ContentType: "text", // validation error Kind: spdx.FileKindType{}, } d.RootElements = spdx.ElementList{ - &spdx.SBOM{BOM: spdx.BOM{Bundle: spdx.Bundle{ElementCollection: spdx.ElementCollection{ - Element: spdx.Element{ - Name: "My Bom", - }, + &spdx.SBOM{ + Name: "My Bom", Elements: spdx.ElementList{}, - }}}, }, file1, pkg1, &spdx.Package{ - SoftwareArtifact: spdx.SoftwareArtifact{ - Artifact: spdx.Artifact{ - Element: spdx.Element{ - ID: "some ID!", - Name: "some name", - Description: "descr", - ExternalIdentifiers: spdx.ExternalIdentifierList{ - &spdx.ExternalIdentifier{ - IdentifierLocators: []ld.URI{ - "locator1", - "locator2", - }, - Identifier: "CVE-2024-1234", - Type: spdx.ExternalIdentifierType_Cve, - }, - }, - ExternalRefs: nil, - Summary: "", - VerifiedUsing: nil, - }, - StandardNames: []string{ - "standard-name1", - "standard-name2", + ID: "some ID!", + Name: "some name", + Description: "descr", + ExternalIdentifiers: spdx.ExternalIdentifierList{ + &spdx.ExternalIdentifier{ + IdentifierLocators: []ld.URI{ + "locator1", + "locator2", }, - ReleaseTime: time.Now(), + Identifier: "CVE-2024-1234", + Type: spdx.ExternalIdentifierType_Cve, }, - AdditionalPurposes: []spdx.SoftwarePurpose{ - spdx.SoftwarePurpose_Container, - spdx.SoftwarePurpose_Library, - }, - PrimaryPurpose: spdx.SoftwarePurpose_Application, - CopyrightText: "", }, + ExternalRefs: nil, + Summary: "", + VerifiedUsing: nil, + StandardNames: []string{ + "standard-name1", + "standard-name2", + }, + ReleaseTime: time.Now(), + AdditionalPurposes: []spdx.SoftwarePurpose{ + spdx.SoftwarePurpose_Container, + spdx.SoftwarePurpose_Library, + }, + PrimaryPurpose: spdx.SoftwarePurpose_Application, + CopyrightText: "", }, } @@ -220,24 +200,64 @@ func Test_writer(t *testing.T) { // info.Created = info.Created.Add(time.Hour) // return nil //}) - diff := cmp.Diff(d.SpdxDocument, d2.SpdxDocument, append(testOpts, - cmpopts.IgnoreFields(spdx.Element{}, "ID"), - cmpopts.IgnoreFields(spdx.Element{}, "CreationInfo"), - cmpopts.EquateEmpty(), - )...) + diff := cmp.Diff(d.SpdxDocument, d2.SpdxDocument, diffOpts()...) if diff != "" { t.Fatal(diff) } } -var testOpts = []cmp.Option{ - cmp.Transformer("truncate_time.Time", func(t time.Time) time.Time { - return t.Truncate(time.Second) - }), - // export and compare unexported fields - cmp.Exporter(func(r reflect.Type) bool { - return true - }), +func diffOpts() []cmp.Option { + var out []cmp.Option + for _, t := range []any{ + spdx.Package{}, + spdx.AIPackage{}, + spdx.Relationship{}, + spdx.File{}, + spdx.Snippet{}, + spdx.Annotation{}, + spdx.Tool{}, + spdx.Person{}, + spdx.Organization{}, + spdx.CustomLicense{}, + spdx.ListedLicense{}, + spdx.SpdxDocument{}, + spdx.SBOM{}, + } { + out = append(out, + cmpopts.IgnoreUnexported(t), + cmpopts.IgnoreFields(t, "ID", "CreationInfo"), + ) + } + for _, t := range []any{ + spdx.SpdxDocument{}, + spdx.SBOM{}, + spdx.Bundle{}, + } { + out = append(out, + cmpopts.IgnoreFields(t, "Elements"), + ) + } + out = append(out, + cmp.Transformer("truncate_time.Time", func(t time.Time) time.Time { + return t.Truncate(time.Second) + }), + cmpopts.IgnoreFields(spdx.Document{}, "LDContext"), + cmpopts.IgnoreFields(spdx.CreationInfo{}, "CreatedUsing"), + cmpopts.EquateComparable( + spdx.ExternalIdentifierType{}, + spdx.HashAlgorithm{}, + spdx.FileKindType{}, + spdx.SoftwarePurpose{}, + spdx.PresenceType{}, + spdx.SafetyRiskAssessmentType{}, + spdx.RelationshipCompleteness{}, + spdx.RelationshipType{}, + spdx.AnnotationType{}, + spdx.ProfileIdentifierType{}, + spdx.ExternalIRI{}, + ), + ) + return out } func Test_reader(t *testing.T) { @@ -248,30 +268,22 @@ func Test_reader(t *testing.T) { require.NoError(t, err) t.Logf("sample document:\n%#v", d) - sboms := each(d.RootElements.SBOMs()) + sboms := d.RootElements.SBOMs() require.Len(t, sboms, 1) - packages := each(sboms[0].RootElements.Packages()) + packages := sboms[0].GetRootElements().Packages() require.Len(t, packages, 1) - rels := each(d.Elements.Relationships()) + rels := d.Elements.Relationships() require.Len(t, rels, 1) // this is the only reference to the package I see: - p := spdx.Cast[spdx.Package](rels[0].From) + p := rels[0].GetFrom().(*spdx.Package) require.NotNil(t, p) require.NotEqual(t, time.Time{}, p.BuiltTime) require.Equal(t, "my-package", p.Name) } -func each[Element, View any](s ld.TypeSeq[Element, View]) []View { - var out []View - for _, v := range s { - out = append(out, v) - } - return out -} - func Test_readerExpanded(t *testing.T) { f, err := os.Open("testdata/test.expanded.json") require.NoError(t, err) @@ -280,20 +292,21 @@ func Test_readerExpanded(t *testing.T) { require.NoError(t, err) fmt.Printf("%#v\n", d) for _, fi := range d.Elements.Files() { - println("File ID: " + fi.ID) + //println("File ID: " + fi.ID) + println("File Name: " + fi.GetName()) } - sboms := each(d.RootElements.SBOMs()) + sboms := d.RootElements.SBOMs() require.Len(t, sboms, 1) - packages := each(sboms[0].RootElements.Packages()) + packages := sboms[0].GetRootElements().Packages() require.Len(t, packages, 1) - rels := each(d.Elements.Relationships()) + rels := d.Elements.Relationships() require.Len(t, rels, 1) // this is the only reference to the package I see: - p := spdx.Cast[spdx.Package](rels[0].From) + p := rels[0].GetFrom().(*spdx.Package) require.NotNil(t, p) require.NotEqual(t, time.Time{}, p.BuiltTime) require.Equal(t, "my-package", p.Name) @@ -323,11 +336,11 @@ func Test_exportImportExport(t *testing.T) { doc := spdx.NewDocument( spdx.ProfileIdentifierType_Software, "My Document", - &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{ + &spdx.SoftwareAgent{ Name: "tools-golang", Summary: "a summary", - }}}, - &spdx.Tool{Element: spdx.Element{ + }, + &spdx.Tool{ ExternalIdentifiers: spdx.ExternalIdentifierList{ &spdx.ExternalIdentifier{ Type: spdx.ExternalIdentifierType_Cpe23, @@ -336,7 +349,7 @@ func Test_exportImportExport(t *testing.T) { }, ExternalRefs: nil, Name: "not-tools-golang", - }}) + }) sbom := &spdx.SBOM{} doc.RootElements = append(doc.RootElements, sbom) @@ -344,9 +357,7 @@ func Test_exportImportExport(t *testing.T) { // create a package pkg1 := &spdx.Package{ - SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ - Name: "some-package-1", - }}}, + Name: "some-package-1", Version: "1.2.3", } @@ -362,9 +373,9 @@ func Test_exportImportExport(t *testing.T) { // add a file - file1 := &spdx.File{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + file1 := &spdx.File{ Name: "/bin/bash", - }}}} + } sbom.RootElements = append(sbom.RootElements, file1) // add relationships @@ -431,21 +442,18 @@ func Test_exportImportExport(t *testing.T) { // some basic usage: - var pkgs []*spdx.Package + var pkgs []spdx.AnyPackage for _, sbom := range doc.RootElements.SBOMs() { - for _, rel := range sbom.RootElements.Relationships() { - if rel.Type != spdx.RelationshipType_Contains { + for _, rel := range sbom.GetRootElements().Relationships() { + if rel.GetType() != spdx.RelationshipType_Contains { continue } - _ = spdx.As(rel.From, func(f *spdx.File) any { - if f.Name == "/bin/bash" { - for _, pkg := range rel.To.Packages() { - pkgs = append(pkgs, pkg) - } + f := rel.GetFrom().(*spdx.File) + if f.Name == "/bin/bash" { + for _, pkg := range rel.GetTo().Packages() { + pkgs = append(pkgs, pkg) } - return nil - }) - + } } } if len(pkgs) != 2 { @@ -454,15 +462,13 @@ func Test_exportImportExport(t *testing.T) { } func Test_aiProfile(t *testing.T) { - doc := spdx.NewDocument(spdx.ProfileIdentifierType_Ai, "", &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{ + doc := spdx.NewDocument(spdx.ProfileIdentifierType_Ai, "", &spdx.SoftwareAgent{ Name: "tools-golang", Summary: "a summary", - }}}, nil) + }, nil) aiPkg := &spdx.AIPackage{ - Package: spdx.Package{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ - Name: "some ai package", - }}}}, + Name: "some ai package", EnergyConsumption: &spdx.EnergyConsumption{ FinetuningEnergyConsumptions: spdx.EnergyConsumptionDescriptionList{ &spdx.EnergyConsumptionDescription{ @@ -532,6 +538,6 @@ func Test_aiProfile(t *testing.T) { func newTestDocument() *spdx.Document { //return spdx.NewDocument(spdx.ProfileIdentifierType_Lite, "test document", return spdx.NewDocument(spdx.ProfileIdentifierType_Software, "test document", - &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{Name: "tools-golang-tests-agent", Summary: "a summary"}}}, - &spdx.Tool{Element: spdx.Element{Name: "tools-golang-tests-tool"}}) + &spdx.SoftwareAgent{Name: "tools-golang-tests-agent", Summary: "a summary"}, + &spdx.Tool{Name: "tools-golang-tests-tool"}) } From 20112fc0dd2c15dafc00edb5055005b572cc6291 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 11:15:16 -0400 Subject: [PATCH 16/21] chore: update tests Signed-off-by: Keith Zantow --- spdx/v3/v3_0_1/spdx_test.go | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/spdx/v3/v3_0_1/spdx_test.go b/spdx/v3/v3_0_1/spdx_test.go index 01cef865..91864888 100644 --- a/spdx/v3/v3_0_1/spdx_test.go +++ b/spdx/v3/v3_0_1/spdx_test.go @@ -5,7 +5,6 @@ import ( "encoding/json" "fmt" "os" - "path/filepath" "strings" "testing" "time" @@ -59,16 +58,6 @@ func Test_customSerialization(t *testing.T) { err = json.Unmarshal(contents.Bytes(), &structure) require.NoError(t, err) - contents.Reset() - enc := json.NewEncoder(&contents) - enc.SetEscapeHTML(false) - enc.SetIndent("", " ") - err = enc.Encode(structure) - home, err := os.UserHomeDir() - require.NoError(t, err) - err = os.WriteFile(filepath.Join(home, "Downloads", "spdx3-sample.json"), contents.Bytes(), 0o755) - require.NoError(t, err) - graph := structure["@graph"].([]any) var spdxDoc map[string]any From 084656cfb6a89dc0cae6683abfd0f828344aaa48 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 11:53:33 -0400 Subject: [PATCH 17/21] chore: adjust coverage filtering Signed-off-by: Keith Zantow --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 0dc217df..c05de945 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ format: .PHONY: unit unit: go test -v -covermode=count -coverprofile=profile.cov.tmp ./... - cat profile.cov.tmp | grep -v /model.go > profile.cov # ignore generated model file + cat profile.cov.tmp | grep -v /internal/ | grep -v /model.go | grep -v /model_validations.go > profile.cov # ignore generated model file .PHONY: fuzz fuzz: From 162bb8780daa36d446db7709bf505dab55f61392 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 17:30:38 -0400 Subject: [PATCH 18/21] chore: minor updates Signed-off-by: Keith Zantow --- go.mod | 2 +- go.sum | 4 +- spdx/v3/internal/serialize_json.go | 31 +- spdx/v3/v3_0_1/convert.go | 1 + spdx/v3/v3_0_1/model.go | 560 ++++++++++++++++++++++++++++- 5 files changed, 593 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 8cb6ae80..e5602444 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.7.0 github.com/google/uuid v1.6.0 - github.com/kzantow/go-ld v0.0.0-20251008150111-0c38e7504ec5 + github.com/kzantow/go-ld v0.0.0-20251008203417-8880260cce9c github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb github.com/stretchr/testify v1.11.1 diff --git a/go.sum b/go.sum index 43efb3e7..c896675c 100644 --- a/go.sum +++ b/go.sum @@ -20,8 +20,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kzantow/go-ld v0.0.0-20251008150111-0c38e7504ec5 h1:++nXIbpRtenMC9zYq8amBhLxeWo/nWMCIgJjOExdrVo= -github.com/kzantow/go-ld v0.0.0-20251008150111-0c38e7504ec5/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= +github.com/kzantow/go-ld v0.0.0-20251008203417-8880260cce9c h1:BlDhHaHHdAy9sFYBSjwqgfrT/wYoY/IyFQbCuf3VZOI= +github.com/kzantow/go-ld v0.0.0-20251008203417-8880260cce9c/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326 h1:YP3lfXXYiQV5MKeUqVnxRP5uuMQTLPx+PGYm1UBoU98= github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326/go.mod h1:nfqkuSNlsk1bvti/oa7TThx4KmRMBmSxf3okHI9wp3E= github.com/piprate/json-gold v0.7.0 h1:bEMirgA5y8Z2loTQfxyIFfY+EflxH1CTP6r/KIlcJNw= diff --git a/spdx/v3/internal/serialize_json.go b/spdx/v3/internal/serialize_json.go index cdf09803..ae8073d1 100644 --- a/spdx/v3/internal/serialize_json.go +++ b/spdx/v3/internal/serialize_json.go @@ -240,7 +240,10 @@ func (s *serializer) serializeProps(ptrV reflect.Value, v reflect.Value, idField if iri == ld.JsonIdProp { // some types must use @id and allow blank node IDs if blankNodeAllowed(ptrV) { - if ld.RefCount(ptrV, s.in) == 1 { + //if ld.RefCount(ptrV, s.in) == 1 { + // continue // don't create an ID, output inline + //} + if outputInline(ptrV) { continue // don't create an ID, output inline } k = iri @@ -252,6 +255,12 @@ func (s *serializer) serializeProps(ptrV reflect.Value, v reflect.Value, idField fv = reflect.ValueOf(newID) } else { id := fv.String() + // FIXME -- figure out the right way to deal with SPDX IDs, which are of the form + // SPDXRef- many users will be outputting today, which are not valid URIs + if !isURI(id) { + id = "spdxid:" + id + fv.SetString(id) + } //if !strings.HasPrefix(id, "_:") { // id = "_:" + id //} @@ -279,6 +288,26 @@ func (s *serializer) serializeProps(ptrV reflect.Value, v reflect.Value, idField return errs } +func isURI(id string) bool { + return strings.HasPrefix(id, "http://") || strings.HasPrefix(id, "https://") || strings.HasPrefix(id, "urn:") +} + +func outputInline(v reflect.Value) bool { + for v.Kind() == reflect.Ptr { + v = v.Elem() + } + if v.Kind() != reflect.Struct { + return true + } + // FIXME determine the correct way to output inline vs reference + t := v.Type() + _, isElement := t.MethodByName("asElement") + if t.Name() == "CreationInfo" || isElement { + return false + } + return true +} + func blankNodeAllowed(v reflect.Value) bool { if v.Kind() == reflect.Pointer { t := v.Type().Elem() diff --git a/spdx/v3/v3_0_1/convert.go b/spdx/v3/v3_0_1/convert.go index 2704f47e..dffdc500 100644 --- a/spdx/v3/v3_0_1/convert.go +++ b/spdx/v3/v3_0_1/convert.go @@ -100,6 +100,7 @@ func newDocumentConverter(d *Document) *documentConverter { relationshipMap: map[any][]*Relationship{}, sbom: sbom, idMap: duplicateLower(map[string]any{ + "DOCUMENT": sbom, "SPDXRef-DOCUMENT": sbom, }), lifecycleMap: duplicateLower(map[string]LifecycleScopeType{ diff --git a/spdx/v3/v3_0_1/model.go b/spdx/v3/v3_0_1/model.go index 12a0f5b6..b09bc05b 100755 --- a/spdx/v3/v3_0_1/model.go +++ b/spdx/v3/v3_0_1/model.go @@ -138,6 +138,14 @@ func (o *AIPackage) asPackage() {} func (o *AIPackage) asSoftwareArtifact() {} func (o *AIPackage) asArtifact() {} func (o *AIPackage) asElement() {} +func (o *AIPackage) GetID() string { + return o.ID +} + +func (o *AIPackage) SetID(v string) { + o.ID = v +} + func (o *AIPackage) GetDescription() string { return o.Description } @@ -503,6 +511,14 @@ type Agent struct { func (o *Agent) asAgent() {} func (o *Agent) asElement() {} +func (o *Agent) GetID() string { + return o.ID +} + +func (o *Agent) SetID(v string) { + o.ID = v +} + func (o *Agent) GetDescription() string { return o.Description } @@ -640,6 +656,14 @@ type Annotation struct { func (o *Annotation) asAnnotation() {} func (o *Annotation) asElement() {} +func (o *Annotation) GetID() string { + return o.ID +} + +func (o *Annotation) SetID(v string) { + o.ID = v +} + func (o *Annotation) GetDescription() string { return o.Description } @@ -756,6 +780,10 @@ type AnnotationType struct { id string `iri:"@id"` } +func (o *AnnotationType) GetID() string { + return o.id +} + // AnnotationType_Other Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). var AnnotationType_Other = AnnotationType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", @@ -861,6 +889,14 @@ func (o *BOM) asBOM() {} func (o *BOM) asBundle() {} func (o *BOM) asElementCollection() {} func (o *BOM) asElement() {} +func (o *BOM) GetID() string { + return o.ID +} + +func (o *BOM) SetID(v string) { + o.ID = v +} + func (o *BOM) GetDescription() string { return o.Description } @@ -1042,6 +1078,14 @@ type Build struct { func (o *Build) asBuild() {} func (o *Build) asElement() {} +func (o *Build) GetID() string { + return o.ID +} + +func (o *Build) SetID(v string) { + o.ID = v +} + func (o *Build) GetDescription() string { return o.Description } @@ -1234,6 +1278,14 @@ type Bundle struct { func (o *Bundle) asBundle() {} func (o *Bundle) asElementCollection() {} func (o *Bundle) asElement() {} +func (o *Bundle) GetID() string { + return o.ID +} + +func (o *Bundle) SetID(v string) { + o.ID = v +} + func (o *Bundle) GetDescription() string { return o.Description } @@ -1369,6 +1421,14 @@ type CdxPropertiesExtension struct { func (o *CdxPropertiesExtension) asCdxPropertiesExtension() {} func (o *CdxPropertiesExtension) asExtension() {} +func (o *CdxPropertiesExtension) GetID() string { + return o.ID +} + +func (o *CdxPropertiesExtension) SetID(v string) { + o.ID = v +} + func (o *CdxPropertiesExtension) GetCdxProperties() CdxPropertyEntryList { return o.CdxProperties } @@ -1384,6 +1444,8 @@ func (v CdxPropertiesExtensionList) CdxPropertiesExtensions() []AnyCdxProperties } type AnyCdxPropertyEntry interface { + GetID() string + SetID(string) asCdxPropertyEntry() GetCdxPropValue() string SetCdxPropValue(string) @@ -1402,6 +1464,14 @@ type CdxPropertyEntry struct { } func (o *CdxPropertyEntry) asCdxPropertyEntry() {} +func (o *CdxPropertyEntry) GetID() string { + return o.ID +} + +func (o *CdxPropertyEntry) SetID(v string) { + o.ID = v +} + func (o *CdxPropertyEntry) GetCdxPropValue() string { return o.CdxPropValue } @@ -1430,6 +1500,10 @@ type ConfidentialityLevelType struct { id string `iri:"@id"` } +func (o *ConfidentialityLevelType) GetID() string { + return o.id +} + // ConfidentialityLevelType_Amber Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. var ConfidentialityLevelType_Amber = ConfidentialityLevelType{ id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", @@ -1486,6 +1560,14 @@ type ConjunctiveLicenseSet struct { func (o *ConjunctiveLicenseSet) asConjunctiveLicenseSet() {} func (o *ConjunctiveLicenseSet) asLicenseInfo() {} func (o *ConjunctiveLicenseSet) asElement() {} +func (o *ConjunctiveLicenseSet) GetID() string { + return o.ID +} + +func (o *ConjunctiveLicenseSet) SetID(v string) { + o.ID = v +} + func (o *ConjunctiveLicenseSet) GetDescription() string { return o.Description } @@ -1595,6 +1677,14 @@ type ContentIdentifier struct { func (o *ContentIdentifier) asContentIdentifier() {} func (o *ContentIdentifier) asIntegrityMethod() {} +func (o *ContentIdentifier) GetID() string { + return o.ID +} + +func (o *ContentIdentifier) SetID(v string) { + o.ID = v +} + func (o *ContentIdentifier) GetComment() string { return o.Comment } @@ -1631,6 +1721,10 @@ type ContentIdentifierType struct { id string `iri:"@id"` } +func (o *ContentIdentifierType) GetID() string { + return o.id +} + // ContentIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). var ContentIdentifierType_Gitoid = ContentIdentifierType{ id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", @@ -1642,6 +1736,8 @@ var ContentIdentifierType_Swhid = ContentIdentifierType{ } type AnyCreationInfo interface { + GetID() string + SetID(string) asCreationInfo() GetSpecVersion() string SetSpecVersion(string) @@ -1672,6 +1768,14 @@ type CreationInfo struct { } func (o *CreationInfo) asCreationInfo() {} +func (o *CreationInfo) GetID() string { + return o.ID +} + +func (o *CreationInfo) SetID(v string) { + o.ID = v +} + func (o *CreationInfo) GetSpecVersion() string { return o.SpecVersion } @@ -1770,6 +1874,14 @@ func (o *CustomLicense) asLicense() {} func (o *CustomLicense) asExtendableLicense() {} func (o *CustomLicense) asLicenseInfo() {} func (o *CustomLicense) asElement() {} +func (o *CustomLicense) GetID() string { + return o.ID +} + +func (o *CustomLicense) SetID(v string) { + o.ID = v +} + func (o *CustomLicense) GetDescription() string { return o.Description } @@ -1964,6 +2076,14 @@ type CustomLicenseAddition struct { func (o *CustomLicenseAddition) asCustomLicenseAddition() {} func (o *CustomLicenseAddition) asLicenseAddition() {} func (o *CustomLicenseAddition) asElement() {} +func (o *CustomLicenseAddition) GetID() string { + return o.ID +} + +func (o *CustomLicenseAddition) SetID(v string) { + o.ID = v +} + func (o *CustomLicenseAddition) GetDescription() string { return o.Description } @@ -2096,6 +2216,10 @@ type CvssSeverityType struct { id string `iri:"@id"` } +func (o *CvssSeverityType) GetID() string { + return o.id +} + // CvssSeverityType_Critical When a CVSS score is between 9.0 - 10.0 var CvssSeverityType_Critical = CvssSeverityType{ id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", @@ -2184,6 +2308,14 @@ func (o *CvssV2VulnAssessmentRelationship) asCvssV2VulnAssessmentRelationship() func (o *CvssV2VulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *CvssV2VulnAssessmentRelationship) asRelationship() {} func (o *CvssV2VulnAssessmentRelationship) asElement() {} +func (o *CvssV2VulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *CvssV2VulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *CvssV2VulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -2433,6 +2565,14 @@ func (o *CvssV3VulnAssessmentRelationship) asCvssV3VulnAssessmentRelationship() func (o *CvssV3VulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *CvssV3VulnAssessmentRelationship) asRelationship() {} func (o *CvssV3VulnAssessmentRelationship) asElement() {} +func (o *CvssV3VulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *CvssV3VulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *CvssV3VulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -2690,6 +2830,14 @@ func (o *CvssV4VulnAssessmentRelationship) asCvssV4VulnAssessmentRelationship() func (o *CvssV4VulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *CvssV4VulnAssessmentRelationship) asRelationship() {} func (o *CvssV4VulnAssessmentRelationship) asElement() {} +func (o *CvssV4VulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *CvssV4VulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *CvssV4VulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -2886,6 +3034,10 @@ type DatasetAvailabilityType struct { id string `iri:"@id"` } +func (o *DatasetAvailabilityType) GetID() string { + return o.id +} + // DatasetAvailabilityType_Clickthrough the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. var DatasetAvailabilityType_Clickthrough = DatasetAvailabilityType{ id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", @@ -3031,6 +3183,14 @@ func (o *DatasetPackage) asPackage() {} func (o *DatasetPackage) asSoftwareArtifact() {} func (o *DatasetPackage) asArtifact() {} func (o *DatasetPackage) asElement() {} +func (o *DatasetPackage) GetID() string { + return o.ID +} + +func (o *DatasetPackage) SetID(v string) { + o.ID = v +} + func (o *DatasetPackage) GetDescription() string { return o.Description } @@ -3355,6 +3515,10 @@ type DatasetType struct { id string `iri:"@id"` } +func (o *DatasetType) GetID() string { + return o.id +} + // DatasetType_Audio data is audio based, such as a collection of music from the 80s. var DatasetType_Audio = DatasetType{ id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", @@ -3426,6 +3590,8 @@ var DatasetType_Video = DatasetType{ } type AnyDictionaryEntry interface { + GetID() string + SetID(string) asDictionaryEntry() GetValue() string SetValue(string) @@ -3444,6 +3610,14 @@ type DictionaryEntry struct { } func (o *DictionaryEntry) asDictionaryEntry() {} +func (o *DictionaryEntry) GetID() string { + return o.ID +} + +func (o *DictionaryEntry) SetID(v string) { + o.ID = v +} + func (o *DictionaryEntry) GetValue() string { return o.Value } @@ -3502,6 +3676,14 @@ type DisjunctiveLicenseSet struct { func (o *DisjunctiveLicenseSet) asDisjunctiveLicenseSet() {} func (o *DisjunctiveLicenseSet) asLicenseInfo() {} func (o *DisjunctiveLicenseSet) asElement() {} +func (o *DisjunctiveLicenseSet) GetID() string { + return o.ID +} + +func (o *DisjunctiveLicenseSet) SetID(v string) { + o.ID = v +} + func (o *DisjunctiveLicenseSet) GetDescription() string { return o.Description } @@ -3589,6 +3771,8 @@ func (v DisjunctiveLicenseSetList) DisjunctiveLicenseSets() []AnyDisjunctiveLice } type AnyElement interface { + GetID() string + SetID(string) asElement() GetDescription() string SetDescription(string) @@ -3852,6 +4036,8 @@ func (v ElementCollectionList) SpdxDocuments() []AnySpdxDocument { } type AnyEnergyConsumption interface { + GetID() string + SetID(string) asEnergyConsumption() GetInferenceEnergyConsumptions() EnergyConsumptionDescriptionList SetInferenceEnergyConsumptions(EnergyConsumptionDescriptionList) @@ -3874,6 +4060,14 @@ type EnergyConsumption struct { } func (o *EnergyConsumption) asEnergyConsumption() {} +func (o *EnergyConsumption) GetID() string { + return o.ID +} + +func (o *EnergyConsumption) SetID(v string) { + o.ID = v +} + func (o *EnergyConsumption) GetInferenceEnergyConsumptions() EnergyConsumptionDescriptionList { return o.InferenceEnergyConsumptions } @@ -3905,6 +4099,8 @@ func (v EnergyConsumptionList) EnergyConsumptions() []AnyEnergyConsumption { } type AnyEnergyConsumptionDescription interface { + GetID() string + SetID(string) asEnergyConsumptionDescription() GetEnergyQuantity() float64 SetEnergyQuantity(float64) @@ -3923,6 +4119,14 @@ type EnergyConsumptionDescription struct { } func (o *EnergyConsumptionDescription) asEnergyConsumptionDescription() {} +func (o *EnergyConsumptionDescription) GetID() string { + return o.ID +} + +func (o *EnergyConsumptionDescription) SetID(v string) { + o.ID = v +} + func (o *EnergyConsumptionDescription) GetEnergyQuantity() float64 { return o.EnergyQuantity } @@ -3951,6 +4155,10 @@ type EnergyUnitType struct { id string `iri:"@id"` } +func (o *EnergyUnitType) GetID() string { + return o.id +} + // EnergyUnitType_KilowattHour Kilowatt-hour. var EnergyUnitType_KilowattHour = EnergyUnitType{ id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", @@ -4029,6 +4237,14 @@ func (o *EpssVulnAssessmentRelationship) asEpssVulnAssessmentRelationship() {} func (o *EpssVulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *EpssVulnAssessmentRelationship) asRelationship() {} func (o *EpssVulnAssessmentRelationship) asElement() {} +func (o *EpssVulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *EpssVulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *EpssVulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -4217,6 +4433,10 @@ type ExploitCatalogType struct { id string `iri:"@id"` } +func (o *ExploitCatalogType) GetID() string { + return o.id +} + // ExploitCatalogType_Kev CISA's Known Exploited Vulnerability (KEV) Catalog var ExploitCatalogType_Kev = ExploitCatalogType{ id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", @@ -4294,6 +4514,14 @@ func (o *ExploitCatalogVulnAssessmentRelationship) asExploitCatalogVulnAssessmen func (o *ExploitCatalogVulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *ExploitCatalogVulnAssessmentRelationship) asRelationship() {} func (o *ExploitCatalogVulnAssessmentRelationship) asElement() {} +func (o *ExploitCatalogVulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *ExploitCatalogVulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *ExploitCatalogVulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -4513,6 +4741,8 @@ func (v ExtendableLicenseList) OrLaterOperators() []AnyOrLaterOperator { } type AnyExtension interface { + GetID() string + SetID(string) asExtension() } @@ -4528,6 +4758,8 @@ func (v ExtensionList) Extensions() []AnyExtension { } type AnyExternalIdentifier interface { + GetID() string + SetID(string) asExternalIdentifier() GetIdentifier() string SetIdentifier(string) @@ -4558,6 +4790,14 @@ type ExternalIdentifier struct { } func (o *ExternalIdentifier) asExternalIdentifier() {} +func (o *ExternalIdentifier) GetID() string { + return o.ID +} + +func (o *ExternalIdentifier) SetID(v string) { + o.ID = v +} + func (o *ExternalIdentifier) GetIdentifier() string { return o.Identifier } @@ -4610,6 +4850,10 @@ type ExternalIdentifierType struct { id string `iri:"@id"` } +func (o *ExternalIdentifierType) GetID() string { + return o.id +} + // ExternalIdentifierType_Cpe22 [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) var ExternalIdentifierType_Cpe22 = ExternalIdentifierType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", @@ -4666,6 +4910,8 @@ var ExternalIdentifierType_UrlScheme = ExternalIdentifierType{ } type AnyExternalMap interface { + GetID() string + SetID(string) asExternalMap() GetExternalSpdxID() URI SetExternalSpdxID(URI) @@ -4692,6 +4938,14 @@ type ExternalMap struct { } func (o *ExternalMap) asExternalMap() {} +func (o *ExternalMap) GetID() string { + return o.ID +} + +func (o *ExternalMap) SetID(v string) { + o.ID = v +} + func (o *ExternalMap) GetExternalSpdxID() URI { return o.ExternalSpdxID } @@ -4731,6 +4985,8 @@ func (v ExternalMapList) ExternalMaps() []AnyExternalMap { } type AnyExternalRef interface { + GetID() string + SetID(string) asExternalRef() GetLocators() []string SetLocators([]string) @@ -4757,6 +5013,14 @@ type ExternalRef struct { } func (o *ExternalRef) asExternalRef() {} +func (o *ExternalRef) GetID() string { + return o.ID +} + +func (o *ExternalRef) SetID(v string) { + o.ID = v +} + func (o *ExternalRef) GetLocators() []string { return o.Locators } @@ -4801,6 +5065,10 @@ type ExternalRefType struct { id string `iri:"@id"` } +func (o *ExternalRefType) GetID() string { + return o.id +} + // ExternalRefType_AltDownloadLocation A reference to an alternative download location. var ExternalRefType_AltDownloadLocation = ExternalRefType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", @@ -5096,6 +5364,14 @@ func (o *File) asFile() {} func (o *File) asSoftwareArtifact() {} func (o *File) asArtifact() {} func (o *File) asElement() {} +func (o *File) GetID() string { + return o.ID +} + +func (o *File) SetID(v string) { + o.ID = v +} + func (o *File) GetDescription() string { return o.Description } @@ -5292,6 +5568,10 @@ type FileKindType struct { id string `iri:"@id"` } +func (o *FileKindType) GetID() string { + return o.id +} + // FileKindType_Directory The file represents a directory and all content stored in that directory. var FileKindType_Directory = FileKindType{ id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", @@ -5325,6 +5605,14 @@ type Hash struct { func (o *Hash) asHash() {} func (o *Hash) asIntegrityMethod() {} +func (o *Hash) GetID() string { + return o.ID +} + +func (o *Hash) SetID(v string) { + o.ID = v +} + func (o *Hash) GetComment() string { return o.Comment } @@ -5361,6 +5649,10 @@ type HashAlgorithm struct { id string `iri:"@id"` } +func (o *HashAlgorithm) GetID() string { + return o.id +} + // HashAlgorithm_Adler32 Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. var HashAlgorithm_Adler32 = HashAlgorithm{ id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32", @@ -5502,6 +5794,14 @@ type IndividualElement struct { func (o *IndividualElement) asIndividualElement() {} func (o *IndividualElement) asElement() {} +func (o *IndividualElement) GetID() string { + return o.ID +} + +func (o *IndividualElement) SetID(v string) { + o.ID = v +} + func (o *IndividualElement) GetDescription() string { return o.Description } @@ -5622,6 +5922,14 @@ type IndividualLicensingInfo struct { func (o *IndividualLicensingInfo) asIndividualLicensingInfo() {} func (o *IndividualLicensingInfo) asLicenseInfo() {} func (o *IndividualLicensingInfo) asElement() {} +func (o *IndividualLicensingInfo) GetID() string { + return o.ID +} + +func (o *IndividualLicensingInfo) SetID(v string) { + o.ID = v +} + func (o *IndividualLicensingInfo) GetDescription() string { return o.Description } @@ -5711,6 +6019,8 @@ func (v IndividualLicensingInfoList) IndividualLicensingInfos() []AnyIndividualL } type AnyIntegrityMethod interface { + GetID() string + SetID(string) asIntegrityMethod() GetComment() string SetComment(string) @@ -5849,6 +6159,14 @@ type LicenseExpression struct { func (o *LicenseExpression) asLicenseExpression() {} func (o *LicenseExpression) asLicenseInfo() {} func (o *LicenseExpression) asElement() {} +func (o *LicenseExpression) GetID() string { + return o.ID +} + +func (o *LicenseExpression) SetID(v string) { + o.ID = v +} + func (o *LicenseExpression) GetDescription() string { return o.Description } @@ -6009,6 +6327,10 @@ type LifecycleScopeType struct { id string `iri:"@id"` } +func (o *LifecycleScopeType) GetID() string { + return o.id +} + // LifecycleScopeType_Build A relationship has specific context implications during an element's build phase, during development. var LifecycleScopeType_Build = LifecycleScopeType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", @@ -6087,6 +6409,14 @@ type LifecycleScopedRelationship struct { func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() {} func (o *LifecycleScopedRelationship) asRelationship() {} func (o *LifecycleScopedRelationship) asElement() {} +func (o *LifecycleScopedRelationship) GetID() string { + return o.ID +} + +func (o *LifecycleScopedRelationship) SetID(v string) { + o.ID = v +} + func (o *LifecycleScopedRelationship) GetDescription() string { return o.Description } @@ -6281,6 +6611,14 @@ func (o *ListedLicense) asLicense() {} func (o *ListedLicense) asExtendableLicense() {} func (o *ListedLicense) asLicenseInfo() {} func (o *ListedLicense) asElement() {} +func (o *ListedLicense) GetID() string { + return o.ID +} + +func (o *ListedLicense) SetID(v string) { + o.ID = v +} + func (o *ListedLicense) GetDescription() string { return o.Description } @@ -6499,6 +6837,14 @@ type ListedLicenseException struct { func (o *ListedLicenseException) asListedLicenseException() {} func (o *ListedLicenseException) asLicenseAddition() {} func (o *ListedLicenseException) asElement() {} +func (o *ListedLicenseException) GetID() string { + return o.ID +} + +func (o *ListedLicenseException) SetID(v string) { + o.ID = v +} + func (o *ListedLicenseException) GetDescription() string { return o.Description } @@ -6642,6 +6988,8 @@ func (v ListedLicenseExceptionList) ListedLicenseExceptions() []AnyListedLicense } type AnyNamespaceMap interface { + GetID() string + SetID(string) asNamespaceMap() GetNamespace() URI SetNamespace(URI) @@ -6660,6 +7008,14 @@ type NamespaceMap struct { } func (o *NamespaceMap) asNamespaceMap() {} +func (o *NamespaceMap) GetID() string { + return o.ID +} + +func (o *NamespaceMap) SetID(v string) { + o.ID = v +} + func (o *NamespaceMap) GetNamespace() URI { return o.Namespace } @@ -6719,6 +7075,14 @@ func (o *OrLaterOperator) asOrLaterOperator() {} func (o *OrLaterOperator) asExtendableLicense() {} func (o *OrLaterOperator) asLicenseInfo() {} func (o *OrLaterOperator) asElement() {} +func (o *OrLaterOperator) GetID() string { + return o.ID +} + +func (o *OrLaterOperator) SetID(v string) { + o.ID = v +} + func (o *OrLaterOperator) GetDescription() string { return o.Description } @@ -6837,6 +7201,14 @@ type Organization struct { func (o *Organization) asOrganization() {} func (o *Organization) asAgent() {} func (o *Organization) asElement() {} +func (o *Organization) GetID() string { + return o.ID +} + +func (o *Organization) SetID(v string) { + o.ID = v +} + func (o *Organization) GetDescription() string { return o.Description } @@ -6997,6 +7369,14 @@ func (o *Package) asPackage() {} func (o *Package) asSoftwareArtifact() {} func (o *Package) asArtifact() {} func (o *Package) asElement() {} +func (o *Package) GetID() string { + return o.ID +} + +func (o *Package) SetID(v string) { + o.ID = v +} + func (o *Package) GetDescription() string { return o.Description } @@ -7246,6 +7626,14 @@ type PackageVerificationCode struct { func (o *PackageVerificationCode) asPackageVerificationCode() {} func (o *PackageVerificationCode) asIntegrityMethod() {} +func (o *PackageVerificationCode) GetID() string { + return o.ID +} + +func (o *PackageVerificationCode) SetID(v string) { + o.ID = v +} + func (o *PackageVerificationCode) GetComment() string { return o.Comment } @@ -7316,6 +7704,14 @@ type Person struct { func (o *Person) asPerson() {} func (o *Person) asAgent() {} func (o *Person) asElement() {} +func (o *Person) GetID() string { + return o.ID +} + +func (o *Person) SetID(v string) { + o.ID = v +} + func (o *Person) GetDescription() string { return o.Description } @@ -7395,6 +7791,8 @@ func (v PersonList) People() []AnyPerson { } type AnyPositiveIntegerRange interface { + GetID() string + SetID(string) asPositiveIntegerRange() GetEndIntegerRange() PositiveInt SetEndIntegerRange(PositiveInt) @@ -7413,6 +7811,14 @@ type PositiveIntegerRange struct { } func (o *PositiveIntegerRange) asPositiveIntegerRange() {} +func (o *PositiveIntegerRange) GetID() string { + return o.ID +} + +func (o *PositiveIntegerRange) SetID(v string) { + o.ID = v +} + func (o *PositiveIntegerRange) GetEndIntegerRange() PositiveInt { return o.EndIntegerRange } @@ -7441,6 +7847,10 @@ type PresenceType struct { id string `iri:"@id"` } +func (o *PresenceType) GetID() string { + return o.id +} + // PresenceType_No Indicates absence of the field. var PresenceType_No = PresenceType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", @@ -7462,6 +7872,10 @@ type ProfileIdentifierType struct { id string `iri:"@id"` } +func (o *ProfileIdentifierType) GetID() string { + return o.id +} + // ProfileIdentifierType_Ai the element follows the AI profile specification var ProfileIdentifierType_Ai = ProfileIdentifierType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", @@ -7567,6 +7981,14 @@ type Relationship struct { func (o *Relationship) asRelationship() {} func (o *Relationship) asElement() {} +func (o *Relationship) GetID() string { + return o.ID +} + +func (o *Relationship) SetID(v string) { + o.ID = v +} + func (o *Relationship) GetDescription() string { return o.Description } @@ -7751,6 +8173,10 @@ type RelationshipCompleteness struct { id string `iri:"@id"` } +func (o *RelationshipCompleteness) GetID() string { + return o.id +} + // RelationshipCompleteness_Complete The relationship is known to be exhaustive. var RelationshipCompleteness_Complete = RelationshipCompleteness{ id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", @@ -7772,6 +8198,10 @@ type RelationshipType struct { id string `iri:"@id"` } +func (o *RelationshipType) GetID() string { + return o.id +} + // RelationshipType_Affects The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. var RelationshipType_Affects = RelationshipType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", @@ -8113,6 +8543,14 @@ func (o *SBOM) asBOM() {} func (o *SBOM) asBundle() {} func (o *SBOM) asElementCollection() {} func (o *SBOM) asElement() {} +func (o *SBOM) GetID() string { + return o.ID +} + +func (o *SBOM) SetID(v string) { + o.ID = v +} + func (o *SBOM) GetDescription() string { return o.Description } @@ -8237,6 +8675,10 @@ type SafetyRiskAssessmentType struct { id string `iri:"@id"` } +func (o *SafetyRiskAssessmentType) GetID() string { + return o.id +} + // SafetyRiskAssessmentType_High The second-highest level of risk posed by an AI system. var SafetyRiskAssessmentType_High = SafetyRiskAssessmentType{ id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", @@ -8263,6 +8705,10 @@ type SbomType struct { id string `iri:"@id"` } +func (o *SbomType) GetID() string { + return o.id +} + // SbomType_Analyzed SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM. var SbomType_Analyzed = SbomType{ id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", @@ -8328,6 +8774,14 @@ type SimpleLicensingText struct { func (o *SimpleLicensingText) asSimpleLicensingText() {} func (o *SimpleLicensingText) asElement() {} +func (o *SimpleLicensingText) GetID() string { + return o.ID +} + +func (o *SimpleLicensingText) SetID(v string) { + o.ID = v +} + func (o *SimpleLicensingText) GetDescription() string { return o.Description } @@ -8483,6 +8937,14 @@ func (o *Snippet) asSnippet() {} func (o *Snippet) asSoftwareArtifact() {} func (o *Snippet) asArtifact() {} func (o *Snippet) asElement() {} +func (o *Snippet) GetID() string { + return o.ID +} + +func (o *Snippet) SetID(v string) { + o.ID = v +} + func (o *Snippet) GetDescription() string { return o.Description } @@ -8713,6 +9175,14 @@ type SoftwareAgent struct { func (o *SoftwareAgent) asSoftwareAgent() {} func (o *SoftwareAgent) asAgent() {} func (o *SoftwareAgent) asElement() {} +func (o *SoftwareAgent) GetID() string { + return o.ID +} + +func (o *SoftwareAgent) SetID(v string) { + o.ID = v +} + func (o *SoftwareAgent) GetDescription() string { return o.Description } @@ -8839,6 +9309,10 @@ type SoftwarePurpose struct { id string `iri:"@id"` } +func (o *SoftwarePurpose) GetID() string { + return o.id +} + // SoftwarePurpose_Application The Element is a software application. var SoftwarePurpose_Application = SoftwarePurpose{ id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", @@ -9034,6 +9508,14 @@ type SpdxDocument struct { func (o *SpdxDocument) asSpdxDocument() {} func (o *SpdxDocument) asElementCollection() {} func (o *SpdxDocument) asElement() {} +func (o *SpdxDocument) GetID() string { + return o.ID +} + +func (o *SpdxDocument) SetID(v string) { + o.ID = v +} + func (o *SpdxDocument) GetDescription() string { return o.Description } @@ -9166,6 +9648,10 @@ type SsvcDecisionType struct { id string `iri:"@id"` } +func (o *SsvcDecisionType) GetID() string { + return o.id +} + // SsvcDecisionType_Act The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. var SsvcDecisionType_Act = SsvcDecisionType{ id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", @@ -9245,6 +9731,14 @@ func (o *SsvcVulnAssessmentRelationship) asSsvcVulnAssessmentRelationship() {} func (o *SsvcVulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *SsvcVulnAssessmentRelationship) asRelationship() {} func (o *SsvcVulnAssessmentRelationship) asElement() {} +func (o *SsvcVulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *SsvcVulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *SsvcVulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -9425,6 +9919,10 @@ type SupportType struct { id string `iri:"@id"` } +func (o *SupportType) GetID() string { + return o.id +} + // SupportType_Deployed in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. var SupportType_Deployed = SupportType{ id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", @@ -9491,6 +9989,14 @@ type Tool struct { func (o *Tool) asTool() {} func (o *Tool) asElement() {} +func (o *Tool) GetID() string { + return o.ID +} + +func (o *Tool) SetID(v string) { + o.ID = v +} + func (o *Tool) GetDescription() string { return o.Description } @@ -9637,6 +10143,14 @@ func (o *VexAffectedVulnAssessmentRelationship) asVexVulnAssessmentRelationship( func (o *VexAffectedVulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *VexAffectedVulnAssessmentRelationship) asRelationship() {} func (o *VexAffectedVulnAssessmentRelationship) asElement() {} +func (o *VexAffectedVulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *VexAffectedVulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *VexAffectedVulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -9895,6 +10409,14 @@ func (o *VexFixedVulnAssessmentRelationship) asVexVulnAssessmentRelationship() func (o *VexFixedVulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *VexFixedVulnAssessmentRelationship) asRelationship() {} func (o *VexFixedVulnAssessmentRelationship) asElement() {} +func (o *VexFixedVulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *VexFixedVulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *VexFixedVulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -10083,6 +10605,10 @@ type VexJustificationType struct { id string `iri:"@id"` } +func (o *VexJustificationType) GetID() string { + return o.id +} + // VexJustificationType_ComponentNotPresent The software is not affected because the vulnerable component is not in the product. var VexJustificationType_ComponentNotPresent = VexJustificationType{ id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent", @@ -10180,6 +10706,14 @@ func (o *VexNotAffectedVulnAssessmentRelationship) asVexVulnAssessmentRelationsh func (o *VexNotAffectedVulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *VexNotAffectedVulnAssessmentRelationship) asRelationship() {} func (o *VexNotAffectedVulnAssessmentRelationship) asElement() {} +func (o *VexNotAffectedVulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *VexNotAffectedVulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *VexNotAffectedVulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -10447,6 +10981,14 @@ func (o *VexUnderInvestigationVulnAssessmentRelationship) asVexVulnAssessmentRel func (o *VexUnderInvestigationVulnAssessmentRelationship) asVulnAssessmentRelationship() {} func (o *VexUnderInvestigationVulnAssessmentRelationship) asRelationship() {} func (o *VexUnderInvestigationVulnAssessmentRelationship) asElement() {} +func (o *VexUnderInvestigationVulnAssessmentRelationship) GetID() string { + return o.ID +} + +func (o *VexUnderInvestigationVulnAssessmentRelationship) SetID(v string) { + o.ID = v +} + func (o *VexUnderInvestigationVulnAssessmentRelationship) GetDescription() string { return o.Description } @@ -10785,6 +11327,14 @@ type Vulnerability struct { func (o *Vulnerability) asVulnerability() {} func (o *Vulnerability) asArtifact() {} func (o *Vulnerability) asElement() {} +func (o *Vulnerability) GetID() string { + return o.ID +} + +func (o *Vulnerability) SetID(v string) { + o.ID = v +} + func (o *Vulnerability) GetDescription() string { return o.Description } @@ -10983,6 +11533,14 @@ type WithAdditionOperator struct { func (o *WithAdditionOperator) asWithAdditionOperator() {} func (o *WithAdditionOperator) asLicenseInfo() {} func (o *WithAdditionOperator) asElement() {} +func (o *WithAdditionOperator) GetID() string { + return o.ID +} + +func (o *WithAdditionOperator) SetID(v string) { + o.ID = v +} + func (o *WithAdditionOperator) GetDescription() string { return o.Description } @@ -11089,9 +11647,9 @@ func NewExternalIRI(id string) *ExternalIRI { } type ( - URI = ld.URI NonNegativeInt = ld.NonNegativeInt PositiveInt = ld.PositiveInt + URI = ld.URI ) func context() ld.Context { From 4a11143e0606473d7ae6e5e5f9ccb7fc0d55cf6a Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Wed, 8 Oct 2025 20:13:45 -0400 Subject: [PATCH 19/21] chore: bump go-ld Signed-off-by: Keith Zantow --- go.mod | 2 +- go.sum | 4 ++-- spdx/v3/internal/generate/main.go | 11 +++++------ 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index e5602444..17e2ab86 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.7.0 github.com/google/uuid v1.6.0 - github.com/kzantow/go-ld v0.0.0-20251008203417-8880260cce9c + github.com/kzantow/go-ld v0.0.0-20251008235635-4379583bef45 github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb github.com/stretchr/testify v1.11.1 diff --git a/go.sum b/go.sum index c896675c..105c9e31 100644 --- a/go.sum +++ b/go.sum @@ -20,8 +20,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kzantow/go-ld v0.0.0-20251008203417-8880260cce9c h1:BlDhHaHHdAy9sFYBSjwqgfrT/wYoY/IyFQbCuf3VZOI= -github.com/kzantow/go-ld v0.0.0-20251008203417-8880260cce9c/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= +github.com/kzantow/go-ld v0.0.0-20251008235635-4379583bef45 h1:Mtqmz6O5oY4L2frzQII4G3MeVH0fD8QkypRErrpxJok= +github.com/kzantow/go-ld v0.0.0-20251008235635-4379583bef45/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326 h1:YP3lfXXYiQV5MKeUqVnxRP5uuMQTLPx+PGYm1UBoU98= github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326/go.mod h1:nfqkuSNlsk1bvti/oa7TThx4KmRMBmSxf3okHI9wp3E= github.com/piprate/json-gold v0.7.0 h1:bEMirgA5y8Z2loTQfxyIFfY+EflxH1CTP6r/KIlcJNw= diff --git a/spdx/v3/internal/generate/main.go b/spdx/v3/internal/generate/main.go index 2eca7b0c..e1531557 100644 --- a/spdx/v3/internal/generate/main.go +++ b/spdx/v3/internal/generate/main.go @@ -61,12 +61,11 @@ func renameFunc(typ shaclgen.NameType, name string, c *shaclgen.Class) string { } return replaceSuffixes(name, map[string]string{ - "Bies": "By", - "Tos": "To", - "CreatedUsings": "CreatedUsing", - "VerifiedUsings": "VerifiedUsing", - "Id": "ID", - "Url": "URL", + "Bies": "By", + "Tos": "To", + "Usings": "Using", + "Id": "ID", + "Url": "URL", }) } switch name { From 77304a6aa0f23f23319b18384ad1e4e3925fcb55 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Thu, 9 Oct 2025 18:09:08 -0400 Subject: [PATCH 20/21] chore: cleanup test logging, misc fixes Signed-off-by: Keith Zantow --- convert/chain.go | 20 +- json/reader.go | 40 +- json/reader_test.go | 28 + spdx/v2/v2_2/example/example.go | 737 +++++++++-------- spdx/v2/v2_2/rdf/reader/parse_license_test.go | 1 - spdx/v2/v2_2/rdf/reader/parser_test.go | 2 - spdx/v2/v2_3/example/example.go | 765 +++++++++--------- spdx/v2/v2_3/rdf/reader/parse_license_test.go | 1 - spdx/v2/v2_3/rdf/reader/parser_test.go | 2 - spdx/v3/{v3_0_1 => v3_0}/convert.go | 43 +- spdx/v3/{v3_0_1 => v3_0}/convert_test.go | 2 +- spdx/v3/{v3_0_1 => v3_0}/convert_v23_test.go | 2 +- spdx/v3/{v3_0_1 => v3_0}/convert_v301_test.go | 6 +- spdx/v3/{v3_0_1 => v3_0}/model.go | 2 +- spdx/v3/{v3_0_1 => v3_0}/model_validations.go | 2 +- spdx/v3/{v3_0_1 => v3_0}/spdx.go | 16 +- .../spdx_serialization_test.go | 5 +- spdx/v3/{v3_0_1 => v3_0}/spdx_test.go | 16 +- .../testdata/test.expanded.json | 0 spdx/v3/{v3_0_1 => v3_0}/testdata/test.json | 0 20 files changed, 859 insertions(+), 831 deletions(-) rename spdx/v3/{v3_0_1 => v3_0}/convert.go (95%) rename spdx/v3/{v3_0_1 => v3_0}/convert_test.go (99%) rename spdx/v3/{v3_0_1 => v3_0}/convert_v23_test.go (99%) rename spdx/v3/{v3_0_1 => v3_0}/convert_v301_test.go (99%) rename spdx/v3/{v3_0_1 => v3_0}/model.go (99%) rename spdx/v3/{v3_0_1 => v3_0}/model_validations.go (99%) rename spdx/v3/{v3_0_1 => v3_0}/spdx.go (92%) rename spdx/v3/{v3_0_1 => v3_0}/spdx_serialization_test.go (94%) rename spdx/v3/{v3_0_1 => v3_0}/spdx_test.go (96%) rename spdx/v3/{v3_0_1 => v3_0}/testdata/test.expanded.json (100%) rename spdx/v3/{v3_0_1 => v3_0}/testdata/test.json (100%) diff --git a/convert/chain.go b/convert/chain.go index 7e24b913..ea010f7b 100644 --- a/convert/chain.go +++ b/convert/chain.go @@ -11,17 +11,17 @@ import ( "github.com/spdx/tools-golang/spdx/common" "github.com/spdx/tools-golang/spdx/v2/v2_2" "github.com/spdx/tools-golang/spdx/v2/v2_3" - "github.com/spdx/tools-golang/spdx/v3/v3_0_1" + "github.com/spdx/tools-golang/spdx/v3/v3_0" ) -var DocumentChain = converter.NewFuncChain( - v2_3.To_v2_2, v2_3.From_v2_2, - v2_2.From_v2_1, v2_2.To_v2_1, - v3_0_1.From_v2_3, -) - -//). -// AutoPackageConverter(v3_0.Document{}, v2_3.Document{}) +func DocumentChain() converter.FuncChain { + return converter.NewFuncChain( + v2_2.From_v2_1, v2_2.To_v2_1, + v2_3.From_v2_2, v2_3.To_v2_2, + v3_0.From_v2_3, + // for future v3.x to v3.y conversions, see funcChain.AutoPackageConverter() + ) +} // Document converts from one document to another document // For example, converting a document to the latest version could be done like: @@ -38,5 +38,5 @@ func Document(from common.AnyDocument, to common.AnyDocument) error { reflect.ValueOf(to).Elem().Set(reflect.ValueOf(from)) return nil } - return DocumentChain.Convert(from, to) + return DocumentChain().Convert(from, to) } diff --git a/json/reader.go b/json/reader.go index 6847f42b..5e9ab3c5 100644 --- a/json/reader.go +++ b/json/reader.go @@ -7,6 +7,8 @@ import ( "encoding/json" "fmt" "io" + "reflect" + "regexp" "github.com/spdx/tools-golang/convert" "github.com/spdx/tools-golang/spdx" @@ -14,7 +16,7 @@ import ( "github.com/spdx/tools-golang/spdx/v2/v2_1" "github.com/spdx/tools-golang/spdx/v2/v2_2" "github.com/spdx/tools-golang/spdx/v2/v2_3" - "github.com/spdx/tools-golang/spdx/v3/v3_0_1" + "github.com/spdx/tools-golang/spdx/v3/v3_0" ) // Read takes an io.Reader and returns a fully-parsed current model SPDX Document @@ -49,8 +51,19 @@ func ReadInto(content io.Reader, doc common.AnyDocument) error { return fmt.Errorf("not a valid SPDX JSON document") } - version, ok := val["spdxVersion"] - if !ok { + version, _ := val["spdxVersion"].(string) + if version == "" { + version, _ = val["@context"].(string) + if version != "" { + extract := regexp.MustCompile(`https://spdx.org/rdf/(\d+(?:\.\d+)+)/spdx-context\.jsonld`) + matches := extract.FindStringSubmatch(version) + if len(matches) == 2 { + version = matches[1] + } + } + } + + if version == "" { return fmt.Errorf("JSON document does not contain spdxVersion field") } @@ -76,13 +89,26 @@ func ReadInto(content io.Reader, doc common.AnyDocument) error { return err } data = doc - case v3_0_1.Version: - var doc v3_0_1.Document - err = json.Unmarshal(buf.Bytes(), &doc) + case "3.0.0": + fallthrough + case v3_0.Version: + // support older 3.0.x versions + contents := buf.Bytes() + if version != v3_0.Version { + contents = bytes.Replace(contents, []byte(version), []byte(fmt.Sprintf("https://spdx.org/rdf/%s/spdx-context.jsonld", v3_0.Version)), 1) + } + var in v3_0.Document + err = json.Unmarshal(contents, &in) if err != nil { return err } - data = doc + + fromType := reflect.TypeOf(in) + toType := reflect.TypeOf(doc).Elem() + if fromType != toType { + return fmt.Errorf("unable to convert %v backwards to %v", fromType, toType) + } + data = in default: return fmt.Errorf("unsupported SDPX version: %s", version) } diff --git a/json/reader_test.go b/json/reader_test.go index 31c81f32..e1b383e4 100644 --- a/json/reader_test.go +++ b/json/reader_test.go @@ -3,6 +3,8 @@ package json import ( "os" "testing" + + "github.com/spdx/tools-golang/spdx/v3/v3_0" ) // TestRead tests that the SPDX Reader can still parse json documents correctly @@ -28,3 +30,29 @@ func TestRead(t *testing.T) { }) } } + +// TestRead tests that the SPDX Reader can still parse json documents correctly +// this protects against any of the custom unmarshalling code breaking given a new change set +func TestReadV3(t *testing.T) { + tt := []struct { + filename string + }{ + {"test_fixtures/spdx2_3.json"}, + {"../spdx/v3/v3_0/testdata/test.json"}, + } + + for _, tc := range tt { + t.Run(tc.filename, func(t *testing.T) { + file, err := os.Open(tc.filename) + if err != nil { + t.Errorf("error opening %s: %v", tc.filename, err) + } + defer file.Close() + doc := v3_0.Document{} + err = ReadInto(file, &doc) + if err != nil { + t.Errorf("error reading %s: %v", tc.filename, err) + } + }) + } +} diff --git a/spdx/v2/v2_2/example/example.go b/spdx/v2/v2_2/example/example.go index d7cb9289..dd867074 100644 --- a/spdx/v2/v2_2/example/example.go +++ b/spdx/v2/v2_2/example/example.go @@ -1,427 +1,416 @@ package example import ( - "fmt" - - converter "github.com/anchore/go-struct-converter" - "github.com/spdx/tools-golang/spdx/v2/common" spdx "github.com/spdx/tools-golang/spdx/v2/v2_2" ) // Copy provides a deep copy of the example func Copy() spdx.Document { - out := spdx.Document{} - err := converter.Clone(example, &out) - if err != nil { - panic(fmt.Errorf("unable to convert example doc: %w", err)) - } - return out -} - -// Example is handwritten translation of an official example SPDX document into a Go struct. -// We expect that the result of parsing the official document should be this value. -// We expect that the result of writing this struct should match the official example document. -var example = spdx.Document{ - DataLicense: spdx.DataLicense, - SPDXVersion: spdx.Version, - SPDXIdentifier: "DOCUMENT", - DocumentName: "SPDX-Tools-v2.0", - DocumentNamespace: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", - CreationInfo: &spdx.CreationInfo{ - LicenseListVersion: "3.9", - Creators: []common.Creator{ - {CreatorType: "Tool", Creator: "LicenseFind-1.0"}, - {CreatorType: "Organization", Creator: "ExampleCodeInspect ()"}, - {CreatorType: "Person", Creator: "Jane Doe ()"}, - }, - Created: "2010-01-29T18:30:22Z", - CreatorComment: "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", - }, - DocumentComment: "This document was created using SPDX 2.0 using licenses from the web site.", - ExternalDocumentReferences: []spdx.ExternalDocumentRef{ - { - DocumentRefID: "DocumentRef-spdx-tool-1.2", - URI: "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", - Checksum: common.Checksum{ - Algorithm: common.SHA1, - Value: "d6a770ba38583ed4bb4525bd96e50461655d2759", + // Example is handwritten translation of an official example SPDX document into a Go struct. + // We expect that the result of parsing the official document should be this value. + // We expect that the result of writing this struct should match the official example document. + return spdx.Document{ + DataLicense: spdx.DataLicense, + SPDXVersion: spdx.Version, + SPDXIdentifier: "DOCUMENT", + DocumentName: "SPDX-Tools-v2.0", + DocumentNamespace: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", + CreationInfo: &spdx.CreationInfo{ + LicenseListVersion: "3.9", + Creators: []common.Creator{ + {CreatorType: "Tool", Creator: "LicenseFind-1.0"}, + {CreatorType: "Organization", Creator: "ExampleCodeInspect ()"}, + {CreatorType: "Person", Creator: "Jane Doe ()"}, }, + Created: "2010-01-29T18:30:22Z", + CreatorComment: "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", }, - }, - OtherLicenses: []*spdx.OtherLicense{ - { - LicenseIdentifier: "LicenseRef-1", - ExtractedText: "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - }, - { - LicenseIdentifier: "LicenseRef-2", - ExtractedText: "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - }, - { - LicenseIdentifier: "LicenseRef-4", - ExtractedText: "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - }, - { - LicenseIdentifier: "LicenseRef-Beerware-4.2", - ExtractedText: "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp", - LicenseComment: "The beerware license has a couple of other standard variants.", - LicenseName: "Beer-Ware License (Version 42)", - LicenseCrossReferences: []string{"http://people.freebsd.org/~phk/"}, - }, - { - LicenseIdentifier: "LicenseRef-3", - ExtractedText: "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - LicenseName: "CyberNeko License", - LicenseCrossReferences: []string{ - "http://people.apache.org/~andyc/neko/LICENSE", - "http://justasample.url.com", + DocumentComment: "This document was created using SPDX 2.0 using licenses from the web site.", + ExternalDocumentReferences: []spdx.ExternalDocumentRef{ + { + DocumentRefID: "DocumentRef-spdx-tool-1.2", + URI: "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", + Checksum: common.Checksum{ + Algorithm: common.SHA1, + Value: "d6a770ba38583ed4bb4525bd96e50461655d2759", + }, }, - LicenseComment: "This is tye CyperNeko License", }, - }, - Annotations: []*spdx.Annotation{ - { - Annotator: common.Annotator{ - Annotator: "Jane Doe ()", - AnnotatorType: "Person", + OtherLicenses: []*spdx.OtherLicense{ + { + LicenseIdentifier: "LicenseRef-1", + ExtractedText: "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", }, - AnnotationDate: "2010-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotationComment: "Document level annotation", - }, - { - Annotator: common.Annotator{ - Annotator: "Joe Reviewer", - AnnotatorType: "Person", + { + LicenseIdentifier: "LicenseRef-2", + ExtractedText: "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", }, - AnnotationDate: "2010-02-10T00:00:00Z", - AnnotationType: "REVIEW", - AnnotationComment: "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", - }, - { - Annotator: common.Annotator{ - Annotator: "Suzanne Reviewer", - AnnotatorType: "Person", + { + LicenseIdentifier: "LicenseRef-4", + ExtractedText: "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", + }, + { + LicenseIdentifier: "LicenseRef-Beerware-4.2", + ExtractedText: "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp", + LicenseComment: "The beerware license has a couple of other standard variants.", + LicenseName: "Beer-Ware License (Version 42)", + LicenseCrossReferences: []string{"http://people.freebsd.org/~phk/"}, + }, + { + LicenseIdentifier: "LicenseRef-3", + ExtractedText: "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", + LicenseName: "CyberNeko License", + LicenseCrossReferences: []string{ + "http://people.apache.org/~andyc/neko/LICENSE", + "http://justasample.url.com", + }, + LicenseComment: "This is tye CyperNeko License", }, - AnnotationDate: "2011-03-13T00:00:00Z", - AnnotationType: "REVIEW", - AnnotationComment: "Another example reviewer.", }, - }, - Packages: []*spdx.Package{ - { - PackageName: "glibc", - PackageSPDXIdentifier: "Package", - PackageVersion: "2.11.1", - PackageFileName: "glibc-2.11.1.tar.gz", - PackageSupplier: &common.Supplier{ - Supplier: "Jane Doe (jane.doe@example.com)", - SupplierType: "Person", + Annotations: []*spdx.Annotation{ + { + Annotator: common.Annotator{ + Annotator: "Jane Doe ()", + AnnotatorType: "Person", + }, + AnnotationDate: "2010-01-29T18:30:22Z", + AnnotationType: "OTHER", + AnnotationComment: "Document level annotation", }, - PackageOriginator: &common.Originator{ - Originator: "ExampleCodeInspect (contact@example.com)", - OriginatorType: "Organization", + { + Annotator: common.Annotator{ + Annotator: "Joe Reviewer", + AnnotatorType: "Person", + }, + AnnotationDate: "2010-02-10T00:00:00Z", + AnnotationType: "REVIEW", + AnnotationComment: "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", }, - PackageDownloadLocation: "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", - FilesAnalyzed: true, - IsFilesAnalyzedTagPresent: true, - PackageVerificationCode: common.PackageVerificationCode{ - Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", - ExcludedFiles: []string{"./package.spdx"}, + { + Annotator: common.Annotator{ + Annotator: "Suzanne Reviewer", + AnnotatorType: "Person", + }, + AnnotationDate: "2011-03-13T00:00:00Z", + AnnotationType: "REVIEW", + AnnotationComment: "Another example reviewer.", }, - PackageChecksums: []common.Checksum{ - { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", + }, + Packages: []*spdx.Package{ + { + PackageName: "glibc", + PackageSPDXIdentifier: "Package", + PackageVersion: "2.11.1", + PackageFileName: "glibc-2.11.1.tar.gz", + PackageSupplier: &common.Supplier{ + Supplier: "Jane Doe (jane.doe@example.com)", + SupplierType: "Person", }, - { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + PackageOriginator: &common.Originator{ + Originator: "ExampleCodeInspect (contact@example.com)", + OriginatorType: "Organization", }, - { - Algorithm: "SHA256", - Value: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + PackageDownloadLocation: "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", + FilesAnalyzed: true, + IsFilesAnalyzedTagPresent: true, + PackageVerificationCode: common.PackageVerificationCode{ + Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", + ExcludedFiles: []string{"./package.spdx"}, }, - }, - PackageHomePage: "http://ftp.gnu.org/gnu/glibc", - PackageSourceInfo: "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", - PackageLicenseConcluded: "(LGPL-2.0-only OR LicenseRef-3)", - PackageLicenseInfoFromFiles: []string{ - "GPL-2.0-only", - "LicenseRef-2", - "LicenseRef-1", - }, - PackageLicenseDeclared: "(LGPL-2.0-only AND LicenseRef-3)", - PackageLicenseComments: "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", - PackageCopyrightText: "Copyright 2008-2010 John Smith", - PackageSummary: "GNU C library.", - PackageDescription: "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", - PackageComment: "", - PackageExternalReferences: []*spdx.PackageExternalReference{ - { - Category: "SECURITY", - RefType: "cpe23Type", - Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", + PackageChecksums: []common.Checksum{ + { + Algorithm: "MD5", + Value: "624c1abb3664f4b35547e7c73864ad24", + }, + { + Algorithm: "SHA1", + Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + }, + { + Algorithm: "SHA256", + Value: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + }, }, - { - Category: "OTHER", - RefType: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", - Locator: "acmecorp/acmenator/4.1.3-alpha", - ExternalRefComment: "This is the external ref for Acme", + PackageHomePage: "http://ftp.gnu.org/gnu/glibc", + PackageSourceInfo: "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", + PackageLicenseConcluded: "(LGPL-2.0-only OR LicenseRef-3)", + PackageLicenseInfoFromFiles: []string{ + "GPL-2.0-only", + "LicenseRef-2", + "LicenseRef-1", }, - }, - PackageAttributionTexts: []string{ - "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually.", - }, - Files: nil, - Annotations: []spdx.Annotation{ - { - Annotator: common.Annotator{ - Annotator: "Package Commenter", - AnnotatorType: "Person", + PackageLicenseDeclared: "(LGPL-2.0-only AND LicenseRef-3)", + PackageLicenseComments: "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", + PackageCopyrightText: "Copyright 2008-2010 John Smith", + PackageSummary: "GNU C library.", + PackageDescription: "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", + PackageComment: "", + PackageExternalReferences: []*spdx.PackageExternalReference{ + { + Category: "SECURITY", + RefType: "cpe23Type", + Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", + }, + { + Category: "OTHER", + RefType: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", + Locator: "acmecorp/acmenator/4.1.3-alpha", + ExternalRefComment: "This is the external ref for Acme", }, - AnnotationDate: "2011-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotationComment: "Package level annotation", }, - }, - }, - { - PackageSPDXIdentifier: "fromDoap-1", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "NOASSERTION", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://commons.apache.org/proper/commons-lang/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageName: "Apache Commons Lang", - }, - { - PackageName: "Jena", - PackageSPDXIdentifier: "fromDoap-0", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "https://search.maven.org/remotecontent?filepath=org/apache/jena/apache-jena/3.12.0/apache-jena-3.12.0.tar.gz", - PackageExternalReferences: []*spdx.PackageExternalReference{ - { - Category: "PACKAGE-MANAGER", - RefType: "purl", - Locator: "pkg:maven/org.apache.jena/apache-jena@3.12.0", + PackageAttributionTexts: []string{ + "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually.", }, - }, - FilesAnalyzed: true, - IsFilesAnalyzedTagPresent: false, - PackageHomePage: "http://www.openjena.org/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageVersion: "3.12.0", - }, - { - PackageSPDXIdentifier: "Saxon", - PackageChecksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + Files: nil, + Annotations: []spdx.Annotation{ + { + Annotator: common.Annotator{ + Annotator: "Package Commenter", + AnnotatorType: "Person", + }, + AnnotationDate: "2011-01-29T18:30:22Z", + AnnotationType: "OTHER", + AnnotationComment: "Package level annotation", + }, }, }, - PackageCopyrightText: "Copyright Saxonica Ltd", - PackageDescription: "The Saxon package is a collection of tools for processing XML documents.", - PackageDownloadLocation: "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://saxon.sourceforge.net/", - PackageLicenseComments: "Other versions available for a commercial license", - PackageLicenseConcluded: "MPL-1.0", - PackageLicenseDeclared: "MPL-1.0", - PackageName: "Saxon", - PackageFileName: "saxonB-8.8.zip", - PackageVersion: "8.8", - }, - }, - Files: []*spdx.File{ - { - FileName: "./src/org/spdx/parser/DOAPProject.java", - FileSPDXIdentifier: "DoapSource", - FileTypes: []string{ - "SOURCE", + { + PackageSPDXIdentifier: "fromDoap-1", + PackageCopyrightText: "NOASSERTION", + PackageDownloadLocation: "NOASSERTION", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + PackageHomePage: "http://commons.apache.org/proper/commons-lang/", + PackageLicenseConcluded: "NOASSERTION", + PackageLicenseDeclared: "NOASSERTION", + PackageName: "Apache Commons Lang", }, - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", + { + PackageName: "Jena", + PackageSPDXIdentifier: "fromDoap-0", + PackageCopyrightText: "NOASSERTION", + PackageDownloadLocation: "https://search.maven.org/remotecontent?filepath=org/apache/jena/apache-jena/3.12.0/apache-jena-3.12.0.tar.gz", + PackageExternalReferences: []*spdx.PackageExternalReference{ + { + Category: "PACKAGE-MANAGER", + RefType: "purl", + Locator: "pkg:maven/org.apache.jena/apache-jena@3.12.0", + }, }, + FilesAnalyzed: true, + IsFilesAnalyzedTagPresent: false, + PackageHomePage: "http://www.openjena.org/", + PackageLicenseConcluded: "NOASSERTION", + PackageLicenseDeclared: "NOASSERTION", + PackageVersion: "3.12.0", }, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFiles: []string{ - "Apache-2.0", - }, - FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", - FileContributors: []string{ - "Protecode Inc.", - "SPDX Technical Team Members", - "Open Logic Inc.", - "Source Auditor Inc.", - "Black Duck Software In.c", - }, - }, - { - FileSPDXIdentifier: "CommonsLangSrc", - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", + { + PackageSPDXIdentifier: "Saxon", + PackageChecksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + }, }, + PackageCopyrightText: "Copyright Saxonica Ltd", + PackageDescription: "The Saxon package is a collection of tools for processing XML documents.", + PackageDownloadLocation: "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + PackageHomePage: "http://saxon.sourceforge.net/", + PackageLicenseComments: "Other versions available for a commercial license", + PackageLicenseConcluded: "MPL-1.0", + PackageLicenseDeclared: "MPL-1.0", + PackageName: "Saxon", + PackageFileName: "saxonB-8.8.zip", + PackageVersion: "8.8", }, - FileComment: "This file is used by Jena", - FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", - FileContributors: []string{"Apache Software Foundation"}, - FileName: "./lib-source/commons-lang3-3.1-sources.jar", - FileTypes: []string{"ARCHIVE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFiles: []string{"Apache-2.0"}, - FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", }, - { - FileSPDXIdentifier: "JenaLib", - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", + Files: []*spdx.File{ + { + FileName: "./src/org/spdx/parser/DOAPProject.java", + FileSPDXIdentifier: "DoapSource", + FileTypes: []string{ + "SOURCE", }, - }, - FileComment: "This file belongs to Jena", - FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - FileContributors: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, - FileName: "./lib-source/jena-2.6.3-sources.jar", - FileTypes: []string{"ARCHIVE"}, - LicenseComments: "This license is used by Jena", - LicenseConcluded: "LicenseRef-1", - LicenseInfoInFiles: []string{"LicenseRef-1"}, - }, - { - FileSPDXIdentifier: "File", - Annotations: []spdx.Annotation{ - { - Annotator: common.Annotator{ - Annotator: "File Commenter", - AnnotatorType: "Person", + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", }, - AnnotationDate: "2011-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotationComment: "File level annotation", }, - }, - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFiles: []string{ + "Apache-2.0", }, - { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", + FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", + FileContributors: []string{ + "Protecode Inc.", + "SPDX Technical Team Members", + "Open Logic Inc.", + "Source Auditor Inc.", + "Black Duck Software In.c", }, }, - FileComment: "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", - FileCopyrightText: "Copyright 2008-2010 John Smith", - FileContributors: []string{"The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation"}, - FileName: "./package/foo.c", - FileTypes: []string{"SOURCE"}, - LicenseComments: "The concluded license was taken from the package level that the file was included in.", - LicenseConcluded: "(LGPL-2.0-only OR LicenseRef-2)", - LicenseInfoInFiles: []string{"GPL-2.0-only", "LicenseRef-2"}, - FileNotice: "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.", - }, - }, - Snippets: []spdx.Snippet{ - { - SnippetSPDXIdentifier: "Snippet", - SnippetFromFileSPDXIdentifier: "DoapSource", - Ranges: []common.SnippetRange{ - { - StartPointer: common.SnippetRangePointer{ - Offset: 310, - FileSPDXIdentifier: "DoapSource", + { + FileSPDXIdentifier: "CommonsLangSrc", + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", }, - EndPointer: common.SnippetRangePointer{ - Offset: 420, - FileSPDXIdentifier: "DoapSource", + }, + FileComment: "This file is used by Jena", + FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", + FileContributors: []string{"Apache Software Foundation"}, + FileName: "./lib-source/commons-lang3-3.1-sources.jar", + FileTypes: []string{"ARCHIVE"}, + LicenseConcluded: "Apache-2.0", + LicenseInfoInFiles: []string{"Apache-2.0"}, + FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", + }, + { + FileSPDXIdentifier: "JenaLib", + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", }, }, - { - StartPointer: common.SnippetRangePointer{ - LineNumber: 5, - FileSPDXIdentifier: "DoapSource", + FileComment: "This file belongs to Jena", + FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", + FileContributors: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, + FileName: "./lib-source/jena-2.6.3-sources.jar", + FileTypes: []string{"ARCHIVE"}, + LicenseComments: "This license is used by Jena", + LicenseConcluded: "LicenseRef-1", + LicenseInfoInFiles: []string{"LicenseRef-1"}, + }, + { + FileSPDXIdentifier: "File", + Annotations: []spdx.Annotation{ + { + Annotator: common.Annotator{ + Annotator: "File Commenter", + AnnotatorType: "Person", + }, + AnnotationDate: "2011-01-29T18:30:22Z", + AnnotationType: "OTHER", + AnnotationComment: "File level annotation", }, - EndPointer: common.SnippetRangePointer{ - LineNumber: 23, - FileSPDXIdentifier: "DoapSource", + }, + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", + }, + { + Algorithm: "MD5", + Value: "624c1abb3664f4b35547e7c73864ad24", }, }, + FileComment: "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", + FileCopyrightText: "Copyright 2008-2010 John Smith", + FileContributors: []string{"The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation"}, + FileName: "./package/foo.c", + FileTypes: []string{"SOURCE"}, + LicenseComments: "The concluded license was taken from the package level that the file was included in.", + LicenseConcluded: "(LGPL-2.0-only OR LicenseRef-2)", + LicenseInfoInFiles: []string{"GPL-2.0-only", "LicenseRef-2"}, + FileNotice: "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.", }, - SnippetLicenseConcluded: "GPL-2.0-only", - LicenseInfoInSnippet: []string{"GPL-2.0-only"}, - SnippetLicenseComments: "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", - SnippetCopyrightText: "Copyright 2008-2010 John Smith", - SnippetComment: "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", - SnippetName: "from linux kernel", - }, - }, - Relationships: []*spdx.Relationship{ - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("", "Package"), - Relationship: "CONTAINS", - }, - { - RefA: common.MakeDocElementID("", "Package"), - RefB: common.MakeDocElementID("", "CommonsLangSrc"), - Relationship: "CONTAINS", - }, - { - RefA: common.MakeDocElementID("", "Package"), - RefB: common.MakeDocElementID("", "DoapSource"), - Relationship: "CONTAINS", - }, - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("spdx-tool-1.2", "ToolsElement"), - Relationship: "COPY_OF", - }, - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("", "File"), - Relationship: "DESCRIBES", - }, - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("", "Package"), - Relationship: "DESCRIBES", - }, - { - RefA: common.MakeDocElementID("", "Package"), - RefB: common.MakeDocElementID("", "JenaLib"), - Relationship: "CONTAINS", }, - { - RefA: common.MakeDocElementID("", "Package"), - RefB: common.MakeDocElementID("", "Saxon"), - Relationship: "DYNAMIC_LINK", - }, - { - RefA: common.MakeDocElementID("", "CommonsLangSrc"), - RefB: common.MakeDocElementSpecial("NOASSERTION"), - Relationship: "GENERATED_FROM", - }, - { - RefA: common.MakeDocElementID("", "JenaLib"), - RefB: common.MakeDocElementID("", "Package"), - Relationship: "CONTAINS", + Snippets: []spdx.Snippet{ + { + SnippetSPDXIdentifier: "Snippet", + SnippetFromFileSPDXIdentifier: "DoapSource", + Ranges: []common.SnippetRange{ + { + StartPointer: common.SnippetRangePointer{ + Offset: 310, + FileSPDXIdentifier: "DoapSource", + }, + EndPointer: common.SnippetRangePointer{ + Offset: 420, + FileSPDXIdentifier: "DoapSource", + }, + }, + { + StartPointer: common.SnippetRangePointer{ + LineNumber: 5, + FileSPDXIdentifier: "DoapSource", + }, + EndPointer: common.SnippetRangePointer{ + LineNumber: 23, + FileSPDXIdentifier: "DoapSource", + }, + }, + }, + SnippetLicenseConcluded: "GPL-2.0-only", + LicenseInfoInSnippet: []string{"GPL-2.0-only"}, + SnippetLicenseComments: "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", + SnippetCopyrightText: "Copyright 2008-2010 John Smith", + SnippetComment: "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", + SnippetName: "from linux kernel", + }, }, - { - RefA: common.MakeDocElementID("", "File"), - RefB: common.MakeDocElementID("", "fromDoap-0"), - Relationship: "GENERATED_FROM", + Relationships: []*spdx.Relationship{ + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("", "Package"), + Relationship: "CONTAINS", + }, + { + RefA: common.MakeDocElementID("", "Package"), + RefB: common.MakeDocElementID("", "CommonsLangSrc"), + Relationship: "CONTAINS", + }, + { + RefA: common.MakeDocElementID("", "Package"), + RefB: common.MakeDocElementID("", "DoapSource"), + Relationship: "CONTAINS", + }, + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("spdx-tool-1.2", "ToolsElement"), + Relationship: "COPY_OF", + }, + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("", "File"), + Relationship: "DESCRIBES", + }, + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("", "Package"), + Relationship: "DESCRIBES", + }, + { + RefA: common.MakeDocElementID("", "Package"), + RefB: common.MakeDocElementID("", "JenaLib"), + Relationship: "CONTAINS", + }, + { + RefA: common.MakeDocElementID("", "Package"), + RefB: common.MakeDocElementID("", "Saxon"), + Relationship: "DYNAMIC_LINK", + }, + { + RefA: common.MakeDocElementID("", "CommonsLangSrc"), + RefB: common.MakeDocElementSpecial("NOASSERTION"), + Relationship: "GENERATED_FROM", + }, + { + RefA: common.MakeDocElementID("", "JenaLib"), + RefB: common.MakeDocElementID("", "Package"), + Relationship: "CONTAINS", + }, + { + RefA: common.MakeDocElementID("", "File"), + RefB: common.MakeDocElementID("", "fromDoap-0"), + Relationship: "GENERATED_FROM", + }, }, - }, + } } diff --git a/spdx/v2/v2_2/rdf/reader/parse_license_test.go b/spdx/v2/v2_2/rdf/reader/parse_license_test.go index 969112bf..bef6fc79 100644 --- a/spdx/v2/v2_2/rdf/reader/parse_license_test.go +++ b/spdx/v2/v2_2/rdf/reader/parse_license_test.go @@ -193,7 +193,6 @@ func Test_rdfParser2_2_getAnyLicenseFromNode(t *testing.T) { `) node := parser.gordfParserObj.Triples[0].Subject _, err = parser.getAnyLicenseFromNode(node) - t.Log(err) if err == nil { t.Errorf("should've raised an error for invalid input") } diff --git a/spdx/v2/v2_2/rdf/reader/parser_test.go b/spdx/v2/v2_2/rdf/reader/parser_test.go index d008ed39..d9acc276 100644 --- a/spdx/v2/v2_2/rdf/reader/parser_test.go +++ b/spdx/v2/v2_2/rdf/reader/parser_test.go @@ -127,7 +127,6 @@ func Test_rdfParser2_2_getSpdxDocNode(t *testing.T) { `) _, err = parser.getSpdxDocNode() - t.Log(err) if err == nil { t.Errorf("expected and error due to more than one type triples for the SpdxDocument Node, got %v", err) } @@ -139,7 +138,6 @@ func Test_rdfParser2_2_getSpdxDocNode(t *testing.T) { `) _, err = parser.getSpdxDocNode() - t.Log(err) if err == nil { t.Errorf("rootNode must be associated with exactly one triple of predicate rdf:type, got %v", err) } diff --git a/spdx/v2/v2_3/example/example.go b/spdx/v2/v2_3/example/example.go index 647d5b65..30ba9936 100644 --- a/spdx/v2/v2_3/example/example.go +++ b/spdx/v2/v2_3/example/example.go @@ -1,442 +1,431 @@ package example import ( - "fmt" - - converter "github.com/anchore/go-struct-converter" - "github.com/spdx/tools-golang/spdx/v2/common" spdx "github.com/spdx/tools-golang/spdx/v2/v2_3" ) // Copy provides a deep copy of the example func Copy() spdx.Document { - out := spdx.Document{} - err := converter.Clone(example, &out) - if err != nil { - panic(fmt.Errorf("unable to convert example doc: %w", err)) - } - return out -} - -// Example is handwritten translation of an official example SPDX document into a Go struct. -// We expect that the result of parsing the official document should be this value. -// We expect that the result of writing this struct should match the official example document. -var example = spdx.Document{ - DataLicense: spdx.DataLicense, - SPDXVersion: spdx.Version, - SPDXIdentifier: "DOCUMENT", - DocumentName: "SPDX-Tools-v2.0", - DocumentNamespace: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", - CreationInfo: &spdx.CreationInfo{ - LicenseListVersion: "3.9", - Creators: []common.Creator{ - {CreatorType: "Tool", Creator: "LicenseFind-1.0"}, - {CreatorType: "Organization", Creator: "ExampleCodeInspect ()"}, - {CreatorType: "Person", Creator: "Jane Doe ()"}, - }, - Created: "2010-01-29T18:30:22Z", - CreatorComment: "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", - }, - DocumentComment: "This document was created using SPDX 2.0 using licenses from the web site.", - ExternalDocumentReferences: []spdx.ExternalDocumentRef{ - { - DocumentRefID: "DocumentRef-spdx-tool-1.2", - URI: "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", - Checksum: common.Checksum{ - Algorithm: common.SHA1, - Value: "d6a770ba38583ed4bb4525bd96e50461655d2759", + // Example is handwritten translation of an official example SPDX document into a Go struct. + // We expect that the result of parsing the official document should be this value. + // We expect that the result of writing this struct should match the official example document. + return spdx.Document{ + DataLicense: spdx.DataLicense, + SPDXVersion: spdx.Version, + SPDXIdentifier: "DOCUMENT", + DocumentName: "SPDX-Tools-v2.0", + DocumentNamespace: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", + CreationInfo: &spdx.CreationInfo{ + LicenseListVersion: "3.9", + Creators: []common.Creator{ + {CreatorType: "Tool", Creator: "LicenseFind-1.0"}, + {CreatorType: "Organization", Creator: "ExampleCodeInspect ()"}, + {CreatorType: "Person", Creator: "Jane Doe ()"}, }, + Created: "2010-01-29T18:30:22Z", + CreatorComment: "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", }, - }, - OtherLicenses: []*spdx.OtherLicense{ - { - LicenseIdentifier: "LicenseRef-1", - ExtractedText: "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - }, - { - LicenseIdentifier: "LicenseRef-2", - ExtractedText: "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - }, - { - LicenseIdentifier: "LicenseRef-4", - ExtractedText: "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - }, - { - LicenseIdentifier: "LicenseRef-Beerware-4.2", - ExtractedText: "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp", - LicenseComment: "The beerware license has a couple of other standard variants.", - LicenseName: "Beer-Ware License (Version 42)", - LicenseCrossReferences: []string{"http://people.freebsd.org/~phk/"}, - }, - { - LicenseIdentifier: "LicenseRef-3", - ExtractedText: "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - LicenseName: "CyberNeko License", - LicenseCrossReferences: []string{ - "http://people.apache.org/~andyc/neko/LICENSE", - "http://justasample.url.com", + DocumentComment: "This document was created using SPDX 2.0 using licenses from the web site.", + ExternalDocumentReferences: []spdx.ExternalDocumentRef{ + { + DocumentRefID: "DocumentRef-spdx-tool-1.2", + URI: "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", + Checksum: common.Checksum{ + Algorithm: common.SHA1, + Value: "d6a770ba38583ed4bb4525bd96e50461655d2759", + }, }, - LicenseComment: "This is tye CyperNeko License", }, - }, - Annotations: []*spdx.Annotation{ - { - Annotator: common.Annotator{ - Annotator: "Jane Doe ()", - AnnotatorType: "Person", + OtherLicenses: []*spdx.OtherLicense{ + { + LicenseIdentifier: "LicenseRef-1", + ExtractedText: "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", }, - AnnotationDate: "2010-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotationComment: "Document level annotation", - }, - { - Annotator: common.Annotator{ - Annotator: "Joe Reviewer", - AnnotatorType: "Person", + { + LicenseIdentifier: "LicenseRef-2", + ExtractedText: "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", }, - AnnotationDate: "2010-02-10T00:00:00Z", - AnnotationType: "REVIEW", - AnnotationComment: "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", - }, - { - Annotator: common.Annotator{ - Annotator: "Suzanne Reviewer", - AnnotatorType: "Person", + { + LicenseIdentifier: "LicenseRef-4", + ExtractedText: "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", + }, + { + LicenseIdentifier: "LicenseRef-Beerware-4.2", + ExtractedText: "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp", + LicenseComment: "The beerware license has a couple of other standard variants.", + LicenseName: "Beer-Ware License (Version 42)", + LicenseCrossReferences: []string{"http://people.freebsd.org/~phk/"}, + }, + { + LicenseIdentifier: "LicenseRef-3", + ExtractedText: "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", + LicenseName: "CyberNeko License", + LicenseCrossReferences: []string{ + "http://people.apache.org/~andyc/neko/LICENSE", + "http://justasample.url.com", + }, + LicenseComment: "This is tye CyperNeko License", }, - AnnotationDate: "2011-03-13T00:00:00Z", - AnnotationType: "REVIEW", - AnnotationComment: "Another example reviewer.", }, - }, - Packages: []*spdx.Package{ - { - PackageName: "glibc", - PackageSPDXIdentifier: "Package", - PackageVersion: "2.11.1", - PackageFileName: "glibc-2.11.1.tar.gz", - PackageSupplier: &common.Supplier{ - Supplier: "Jane Doe (jane.doe@example.com)", - SupplierType: "Person", + Annotations: []*spdx.Annotation{ + { + Annotator: common.Annotator{ + Annotator: "Jane Doe ()", + AnnotatorType: "Person", + }, + AnnotationDate: "2010-01-29T18:30:22Z", + AnnotationType: "OTHER", + AnnotationComment: "Document level annotation", }, - PackageOriginator: &common.Originator{ - Originator: "ExampleCodeInspect (contact@example.com)", - OriginatorType: "Organization", + { + Annotator: common.Annotator{ + Annotator: "Joe Reviewer", + AnnotatorType: "Person", + }, + AnnotationDate: "2010-02-10T00:00:00Z", + AnnotationType: "REVIEW", + AnnotationComment: "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", }, - PackageDownloadLocation: "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", - FilesAnalyzed: true, - IsFilesAnalyzedTagPresent: true, - PackageVerificationCode: &common.PackageVerificationCode{ - Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", - ExcludedFiles: []string{"./package.spdx"}, + { + Annotator: common.Annotator{ + Annotator: "Suzanne Reviewer", + AnnotatorType: "Person", + }, + AnnotationDate: "2011-03-13T00:00:00Z", + AnnotationType: "REVIEW", + AnnotationComment: "Another example reviewer.", }, - PackageChecksums: []common.Checksum{ - { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", + }, + Packages: []*spdx.Package{ + { + PackageName: "glibc", + PackageSPDXIdentifier: "Package", + PackageVersion: "2.11.1", + PackageFileName: "glibc-2.11.1.tar.gz", + PackageSupplier: &common.Supplier{ + Supplier: "Jane Doe (jane.doe@example.com)", + SupplierType: "Person", }, - { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + PackageOriginator: &common.Originator{ + Originator: "ExampleCodeInspect (contact@example.com)", + OriginatorType: "Organization", }, - { - Algorithm: "SHA256", - Value: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + PackageDownloadLocation: "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", + FilesAnalyzed: true, + IsFilesAnalyzedTagPresent: true, + PackageVerificationCode: &common.PackageVerificationCode{ + Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", + ExcludedFiles: []string{"./package.spdx"}, }, - }, - PackageHomePage: "http://ftp.gnu.org/gnu/glibc", - PackageSourceInfo: "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", - PackageLicenseConcluded: "(LGPL-2.0-only OR LicenseRef-3)", - PackageLicenseInfoFromFiles: []string{ - "GPL-2.0-only", - "LicenseRef-2", - "LicenseRef-1", - }, - PackageLicenseDeclared: "(LGPL-2.0-only AND LicenseRef-3)", - PackageLicenseComments: "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", - PackageCopyrightText: "Copyright 2008-2010 John Smith", - PackageSummary: "GNU C library.", - PackageDescription: "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", - PackageComment: "", - PackageExternalReferences: []*spdx.PackageExternalReference{ - { - Category: "SECURITY", - RefType: "cpe23Type", - Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", + PackageChecksums: []common.Checksum{ + { + Algorithm: "MD5", + Value: "624c1abb3664f4b35547e7c73864ad24", + }, + { + Algorithm: "SHA1", + Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + }, + { + Algorithm: "SHA256", + Value: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + }, }, - { - Category: "OTHER", - RefType: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", - Locator: "acmecorp/acmenator/4.1.3-alpha", - ExternalRefComment: "This is the external ref for Acme", + PackageHomePage: "http://ftp.gnu.org/gnu/glibc", + PackageSourceInfo: "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", + PackageLicenseConcluded: "(LGPL-2.0-only OR LicenseRef-3)", + PackageLicenseInfoFromFiles: []string{ + "GPL-2.0-only", + "LicenseRef-2", + "LicenseRef-1", }, - }, - PackageAttributionTexts: []string{ - "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually.", - }, - Files: nil, - Annotations: []spdx.Annotation{ - { - Annotator: common.Annotator{ - Annotator: "Package Commenter", - AnnotatorType: "Person", + PackageLicenseDeclared: "(LGPL-2.0-only AND LicenseRef-3)", + PackageLicenseComments: "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", + PackageCopyrightText: "Copyright 2008-2010 John Smith", + PackageSummary: "GNU C library.", + PackageDescription: "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", + PackageComment: "", + PackageExternalReferences: []*spdx.PackageExternalReference{ + { + Category: "SECURITY", + RefType: "cpe23Type", + Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", + }, + { + Category: "OTHER", + RefType: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", + Locator: "acmecorp/acmenator/4.1.3-alpha", + ExternalRefComment: "This is the external ref for Acme", }, - AnnotationDate: "2011-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotationComment: "Package level annotation", }, - }, - }, - { - PackageSPDXIdentifier: "fromDoap-1", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "NOASSERTION", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://commons.apache.org/proper/commons-lang/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageName: "Apache Commons Lang", - }, - { - PackageName: "Jena", - PackageSPDXIdentifier: "fromDoap-0", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "https://search.maven.org/remotecontent?filepath=org/apache/jena/apache-jena/3.12.0/apache-jena-3.12.0.tar.gz", - PackageExternalReferences: []*spdx.PackageExternalReference{ - { - Category: "PACKAGE-MANAGER", - RefType: "purl", - Locator: "pkg:maven/org.apache.jena/apache-jena@3.12.0", + PackageAttributionTexts: []string{ + "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually.", }, - }, - FilesAnalyzed: true, - IsFilesAnalyzedTagPresent: false, - PackageHomePage: "http://www.openjena.org/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageVersion: "3.12.0", - }, - { - PackageSPDXIdentifier: "Saxon", - PackageChecksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + Files: nil, + Annotations: []spdx.Annotation{ + { + Annotator: common.Annotator{ + Annotator: "Package Commenter", + AnnotatorType: "Person", + }, + AnnotationDate: "2011-01-29T18:30:22Z", + AnnotationType: "OTHER", + AnnotationComment: "Package level annotation", + }, }, }, - PackageCopyrightText: "Copyright Saxonica Ltd", - PackageDescription: "The Saxon package is a collection of tools for processing XML documents.", - PackageDownloadLocation: "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://saxon.sourceforge.net/", - PackageLicenseComments: "Other versions available for a commercial license", - PackageLicenseConcluded: "MPL-1.0", - PackageLicenseDeclared: "MPL-1.0", - PackageName: "Saxon", - PackageFileName: "saxonB-8.8.zip", - PackageVersion: "8.8", - }, - { - PrimaryPackagePurpose: "CONTAINER", - PackageSPDXIdentifier: "CentOS-7", - PackageCopyrightText: "NOASSERTION", - PackageDescription: "The CentOS container used to run the application.", - PackageDownloadLocation: "NOASSERTION", - FilesAnalyzed: true, - PackageHomePage: "https://www.centos.org/", - PackageName: "centos", - PackageFileName: "saxonB-8.8.zip", - PackageVersion: "centos7.9.2009", - BuiltDate: "2021-09-15T02:38:00Z", - ValidUntilDate: "2022-10-15T02:38:00Z", - ReleaseDate: "2021-10-15T02:38:00Z", - }, - }, - Files: []*spdx.File{ - { - FileName: "./src/org/spdx/parser/DOAPProject.java", - FileSPDXIdentifier: "DoapSource", - FileTypes: []string{ - "SOURCE", + { + PackageSPDXIdentifier: "fromDoap-1", + PackageCopyrightText: "NOASSERTION", + PackageDownloadLocation: "NOASSERTION", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + PackageHomePage: "http://commons.apache.org/proper/commons-lang/", + PackageLicenseConcluded: "NOASSERTION", + PackageLicenseDeclared: "NOASSERTION", + PackageName: "Apache Commons Lang", }, - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", + { + PackageName: "Jena", + PackageSPDXIdentifier: "fromDoap-0", + PackageCopyrightText: "NOASSERTION", + PackageDownloadLocation: "https://search.maven.org/remotecontent?filepath=org/apache/jena/apache-jena/3.12.0/apache-jena-3.12.0.tar.gz", + PackageExternalReferences: []*spdx.PackageExternalReference{ + { + Category: "PACKAGE-MANAGER", + RefType: "purl", + Locator: "pkg:maven/org.apache.jena/apache-jena@3.12.0", + }, }, + FilesAnalyzed: true, + IsFilesAnalyzedTagPresent: false, + PackageHomePage: "http://www.openjena.org/", + PackageLicenseConcluded: "NOASSERTION", + PackageLicenseDeclared: "NOASSERTION", + PackageVersion: "3.12.0", }, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFiles: []string{ - "Apache-2.0", + { + PackageSPDXIdentifier: "Saxon", + PackageChecksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "85ed0817af83a24ad8da68c2b5094de69833983c", + }, + }, + PackageCopyrightText: "Copyright Saxonica Ltd", + PackageDescription: "The Saxon package is a collection of tools for processing XML documents.", + PackageDownloadLocation: "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + PackageHomePage: "http://saxon.sourceforge.net/", + PackageLicenseComments: "Other versions available for a commercial license", + PackageLicenseConcluded: "MPL-1.0", + PackageLicenseDeclared: "MPL-1.0", + PackageName: "Saxon", + PackageFileName: "saxonB-8.8.zip", + PackageVersion: "8.8", }, - FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", - FileContributors: []string{ - "Protecode Inc.", - "SPDX Technical Team Members", - "Open Logic Inc.", - "Source Auditor Inc.", - "Black Duck Software In.c", + { + PrimaryPackagePurpose: "CONTAINER", + PackageSPDXIdentifier: "CentOS-7", + PackageCopyrightText: "NOASSERTION", + PackageDescription: "The CentOS container used to run the application.", + PackageDownloadLocation: "NOASSERTION", + FilesAnalyzed: true, + PackageHomePage: "https://www.centos.org/", + PackageName: "centos", + PackageFileName: "saxonB-8.8.zip", + PackageVersion: "centos7.9.2009", + BuiltDate: "2021-09-15T02:38:00Z", + ValidUntilDate: "2022-10-15T02:38:00Z", + ReleaseDate: "2021-10-15T02:38:00Z", }, }, - { - FileSPDXIdentifier: "CommonsLangSrc", - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", + Files: []*spdx.File{ + { + FileName: "./src/org/spdx/parser/DOAPProject.java", + FileSPDXIdentifier: "DoapSource", + FileTypes: []string{ + "SOURCE", }, - }, - FileComment: "This file is used by Jena", - FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", - FileContributors: []string{"Apache Software Foundation"}, - FileName: "./lib-source/commons-lang3-3.1-sources.jar", - FileTypes: []string{"ARCHIVE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFiles: []string{"Apache-2.0"}, - FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", - }, - { - FileSPDXIdentifier: "JenaLib", - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", + }, + }, + LicenseConcluded: "Apache-2.0", + LicenseInfoInFiles: []string{ + "Apache-2.0", + }, + FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", + FileContributors: []string{ + "Protecode Inc.", + "SPDX Technical Team Members", + "Open Logic Inc.", + "Source Auditor Inc.", + "Black Duck Software In.c", }, }, - FileComment: "This file belongs to Jena", - FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - FileContributors: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, - FileName: "./lib-source/jena-2.6.3-sources.jar", - FileTypes: []string{"ARCHIVE"}, - LicenseComments: "This license is used by Jena", - LicenseConcluded: "LicenseRef-1", - LicenseInfoInFiles: []string{"LicenseRef-1"}, - }, - { - FileSPDXIdentifier: "File", - Annotations: []spdx.Annotation{ - { - Annotator: common.Annotator{ - Annotator: "File Commenter", - AnnotatorType: "Person", + { + FileSPDXIdentifier: "CommonsLangSrc", + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", }, - AnnotationDate: "2011-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotationComment: "File level annotation", }, + FileComment: "This file is used by Jena", + FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", + FileContributors: []string{"Apache Software Foundation"}, + FileName: "./lib-source/commons-lang3-3.1-sources.jar", + FileTypes: []string{"ARCHIVE"}, + LicenseConcluded: "Apache-2.0", + LicenseInfoInFiles: []string{"Apache-2.0"}, + FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", }, - Checksums: []common.Checksum{ - { - Algorithm: "SHA1", - Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", - }, - { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", + { + FileSPDXIdentifier: "JenaLib", + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", + }, }, + FileComment: "This file belongs to Jena", + FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", + FileContributors: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, + FileName: "./lib-source/jena-2.6.3-sources.jar", + FileTypes: []string{"ARCHIVE"}, + LicenseComments: "This license is used by Jena", + LicenseConcluded: "LicenseRef-1", + LicenseInfoInFiles: []string{"LicenseRef-1"}, }, - FileComment: "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", - FileCopyrightText: "Copyright 2008-2010 John Smith", - FileContributors: []string{"The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation"}, - FileName: "./package/foo.c", - FileTypes: []string{"SOURCE"}, - LicenseComments: "The concluded license was taken from the package level that the file was included in.", - LicenseConcluded: "(LGPL-2.0-only OR LicenseRef-2)", - LicenseInfoInFiles: []string{"GPL-2.0-only", "LicenseRef-2"}, - FileNotice: "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.", - }, - }, - Snippets: []spdx.Snippet{ - { - SnippetSPDXIdentifier: "Snippet", - SnippetFromFileSPDXIdentifier: "DoapSource", - Ranges: []common.SnippetRange{ - { - StartPointer: common.SnippetRangePointer{ - Offset: 310, - FileSPDXIdentifier: "DoapSource", - }, - EndPointer: common.SnippetRangePointer{ - Offset: 420, - FileSPDXIdentifier: "DoapSource", + { + FileSPDXIdentifier: "File", + Annotations: []spdx.Annotation{ + { + Annotator: common.Annotator{ + Annotator: "File Commenter", + AnnotatorType: "Person", + }, + AnnotationDate: "2011-01-29T18:30:22Z", + AnnotationType: "OTHER", + AnnotationComment: "File level annotation", }, }, - { - StartPointer: common.SnippetRangePointer{ - LineNumber: 5, - FileSPDXIdentifier: "DoapSource", + Checksums: []common.Checksum{ + { + Algorithm: "SHA1", + Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", }, - EndPointer: common.SnippetRangePointer{ - LineNumber: 23, - FileSPDXIdentifier: "DoapSource", + { + Algorithm: "MD5", + Value: "624c1abb3664f4b35547e7c73864ad24", }, }, + FileComment: "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", + FileCopyrightText: "Copyright 2008-2010 John Smith", + FileContributors: []string{"The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation"}, + FileName: "./package/foo.c", + FileTypes: []string{"SOURCE"}, + LicenseComments: "The concluded license was taken from the package level that the file was included in.", + LicenseConcluded: "(LGPL-2.0-only OR LicenseRef-2)", + LicenseInfoInFiles: []string{"GPL-2.0-only", "LicenseRef-2"}, + FileNotice: "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.", }, - SnippetLicenseConcluded: "GPL-2.0-only", - LicenseInfoInSnippet: []string{"GPL-2.0-only"}, - SnippetLicenseComments: "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", - SnippetCopyrightText: "Copyright 2008-2010 John Smith", - SnippetComment: "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", - SnippetName: "from linux kernel", - // omitted: SnippetAttributionTexts: []string{"Snippet attribution"}, - }, - }, - Relationships: []*spdx.Relationship{ - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("", "Package"), - Relationship: "CONTAINS", - RelationshipComment: "A relationship comment", - }, - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("spdx-tool-1.2", "ToolsElement"), - Relationship: "COPY_OF", - }, - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("", "File"), - Relationship: "DESCRIBES", - }, - { - RefA: common.MakeDocElementID("", "DOCUMENT"), - RefB: common.MakeDocElementID("", "Package"), - Relationship: "DESCRIBES", }, - { - RefA: common.MakeDocElementID("", "Package"), - RefB: common.MakeDocElementID("", "JenaLib"), - Relationship: "CONTAINS", - }, - { - RefA: common.MakeDocElementID("", "Package"), - RefB: common.MakeDocElementID("", "Saxon"), - Relationship: "DYNAMIC_LINK", - }, - { - RefA: common.MakeDocElementID("", "CommonsLangSrc"), - RefB: common.MakeDocElementSpecial("NOASSERTION"), - Relationship: "GENERATED_FROM", - }, - { - RefA: common.MakeDocElementID("", "JenaLib"), - RefB: common.MakeDocElementID("", "Package"), - Relationship: "CONTAINS", + Snippets: []spdx.Snippet{ + { + SnippetSPDXIdentifier: "Snippet", + SnippetFromFileSPDXIdentifier: "DoapSource", + Ranges: []common.SnippetRange{ + { + StartPointer: common.SnippetRangePointer{ + Offset: 310, + FileSPDXIdentifier: "DoapSource", + }, + EndPointer: common.SnippetRangePointer{ + Offset: 420, + FileSPDXIdentifier: "DoapSource", + }, + }, + { + StartPointer: common.SnippetRangePointer{ + LineNumber: 5, + FileSPDXIdentifier: "DoapSource", + }, + EndPointer: common.SnippetRangePointer{ + LineNumber: 23, + FileSPDXIdentifier: "DoapSource", + }, + }, + }, + SnippetLicenseConcluded: "GPL-2.0-only", + LicenseInfoInSnippet: []string{"GPL-2.0-only"}, + SnippetLicenseComments: "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", + SnippetCopyrightText: "Copyright 2008-2010 John Smith", + SnippetComment: "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", + SnippetName: "from linux kernel", + // omitted: SnippetAttributionTexts: []string{"Snippet attribution"}, + }, }, - { - RefA: common.MakeDocElementID("", "File"), - RefB: common.MakeDocElementID("", "fromDoap-0"), - Relationship: "GENERATED_FROM", + Relationships: []*spdx.Relationship{ + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("", "Package"), + Relationship: "CONTAINS", + RelationshipComment: "A relationship comment", + }, + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("spdx-tool-1.2", "ToolsElement"), + Relationship: "COPY_OF", + }, + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("", "File"), + Relationship: "DESCRIBES", + }, + { + RefA: common.MakeDocElementID("", "DOCUMENT"), + RefB: common.MakeDocElementID("", "Package"), + Relationship: "DESCRIBES", + }, + { + RefA: common.MakeDocElementID("", "Package"), + RefB: common.MakeDocElementID("", "JenaLib"), + Relationship: "CONTAINS", + }, + { + RefA: common.MakeDocElementID("", "Package"), + RefB: common.MakeDocElementID("", "Saxon"), + Relationship: "DYNAMIC_LINK", + }, + { + RefA: common.MakeDocElementID("", "CommonsLangSrc"), + RefB: common.MakeDocElementSpecial("NOASSERTION"), + Relationship: "GENERATED_FROM", + }, + { + RefA: common.MakeDocElementID("", "JenaLib"), + RefB: common.MakeDocElementID("", "Package"), + Relationship: "CONTAINS", + }, + { + RefA: common.MakeDocElementID("", "File"), + RefB: common.MakeDocElementID("", "fromDoap-0"), + Relationship: "GENERATED_FROM", + }, }, - }, - // omitted: Reviews: []*spdx.Review{ - // { - // Reviewer: "joe@example.com", - // ReviewerType: "Person", - // ReviewDate: "2021-11-03T05:43:21Z", - // ReviewComment: "This is a review comment", - // }, - //}, + // omitted: Reviews: []*spdx.Review{ + // { + // Reviewer: "joe@example.com", + // ReviewerType: "Person", + // ReviewDate: "2021-11-03T05:43:21Z", + // ReviewComment: "This is a review comment", + // }, + //}, + } } diff --git a/spdx/v2/v2_3/rdf/reader/parse_license_test.go b/spdx/v2/v2_3/rdf/reader/parse_license_test.go index cd852b6c..78015504 100644 --- a/spdx/v2/v2_3/rdf/reader/parse_license_test.go +++ b/spdx/v2/v2_3/rdf/reader/parse_license_test.go @@ -193,7 +193,6 @@ func Test_rdfParser2_3_getAnyLicenseFromNode(t *testing.T) { `) node := parser.gordfParserObj.Triples[0].Subject _, err = parser.getAnyLicenseFromNode(node) - t.Log(err) if err == nil { t.Errorf("should've raised an error for invalid input") } diff --git a/spdx/v2/v2_3/rdf/reader/parser_test.go b/spdx/v2/v2_3/rdf/reader/parser_test.go index 439eb993..6012b2a6 100644 --- a/spdx/v2/v2_3/rdf/reader/parser_test.go +++ b/spdx/v2/v2_3/rdf/reader/parser_test.go @@ -127,7 +127,6 @@ func Test_rdfParser2_3_getSpdxDocNode(t *testing.T) { `) _, err = parser.getSpdxDocNode() - t.Log(err) if err == nil { t.Errorf("expected and error due to more than one type triples for the SpdxDocument Node, got %v", err) } @@ -139,7 +138,6 @@ func Test_rdfParser2_3_getSpdxDocNode(t *testing.T) { `) _, err = parser.getSpdxDocNode() - t.Log(err) if err == nil { t.Errorf("rootNode must be associated with exactly one triple of predicate rdf:type, got %v", err) } diff --git a/spdx/v3/v3_0_1/convert.go b/spdx/v3/v3_0/convert.go similarity index 95% rename from spdx/v3/v3_0_1/convert.go rename to spdx/v3/v3_0/convert.go index dffdc500..3fb39cdd 100644 --- a/spdx/v3/v3_0_1/convert.go +++ b/spdx/v3/v3_0/convert.go @@ -1,4 +1,4 @@ -package v3_0_1 +package v3_0 import ( "fmt" @@ -86,10 +86,6 @@ func From_v2_3(doc v2_3.Document, d *Document) { } func newDocumentConverter(d *Document) *documentConverter { - // Java tools prefix all these values with: http://spdx.org/rdf/references/ - // I'm assuming this is because they are converted to RDF when imported, which we are not doing - const referencePrefix = "" - if d.LDContext == nil { d.LDContext = context() } @@ -185,23 +181,23 @@ func newDocumentConverter(d *Document) *documentConverter { "REVIEW": AnnotationType_Review, }), contentIdentifierTypeMap: duplicateLower(map[string]ContentIdentifierType{ - referencePrefix + "gitoid": ContentIdentifierType_Gitoid, - referencePrefix + "swh": ContentIdentifierType_Swhid, + "gitoid": ContentIdentifierType_Gitoid, + "swh": ContentIdentifierType_Swhid, }), externalIdentifierTypeMap: duplicateLower(map[string]ExternalIdentifierType{ - referencePrefix + "cpe22Type": ExternalIdentifierType_Cpe22, - referencePrefix + "cpe23Type": ExternalIdentifierType_Cpe23, - referencePrefix + "swid": ExternalIdentifierType_Swid, - referencePrefix + "purl": ExternalIdentifierType_PackageURL, + "cpe22Type": ExternalIdentifierType_Cpe22, + "cpe23Type": ExternalIdentifierType_Cpe23, + "swid": ExternalIdentifierType_Swid, + "purl": ExternalIdentifierType_PackageURL, }), externalRefTypeMap: duplicateLower(map[string]ExternalRefType{ - referencePrefix + "maven-central": ExternalRefType_MavenCentral, - referencePrefix + "npm": ExternalRefType_Npm, - referencePrefix + "nuget": ExternalRefType_Nuget, - referencePrefix + "bower": ExternalRefType_Bower, - referencePrefix + "advisory": ExternalRefType_SecurityAdvisory, - referencePrefix + "fix": ExternalRefType_SecurityFix, - referencePrefix + "url": ExternalRefType_SecurityOther, + "maven-central": ExternalRefType_MavenCentral, + "npm": ExternalRefType_Npm, + "nuget": ExternalRefType_Nuget, + "bower": ExternalRefType_Bower, + "advisory": ExternalRefType_SecurityAdvisory, + "fix": ExternalRefType_SecurityFix, + "url": ExternalRefType_SecurityOther, }), primaryPurposeMap: duplicateLower(map[string]SoftwarePurpose{ "APPLICATION": SoftwarePurpose_Application, @@ -308,8 +304,7 @@ func (c *documentConverter) convert23creationInfo(info *v2_3.CreationInfo) AnyCr Created: c.convert23time(info.Created), CreatedBy: list[AgentList](c.convert23creator, info.Creators...), CreatedUsing: list[ToolList](c.convert23tool, info.Creators...), - // TODO should this be set? - // SpecVersion: info.LicenseListVersion, + SpecVersion: Version, // specVersion is always the current version } // update circular references, which will be set to nil by default @@ -344,10 +339,16 @@ func (c *documentConverter) convert23creator(creator common.Creator) AnyAgent { } func (c *documentConverter) convert23originator(creator *common.Originator) AnyAgent { + if creator == nil { + return nil + } return c.convert23agent(creator.OriginatorType, creator.Originator) } func (c *documentConverter) convert23supplier(creator *common.Supplier) AnyAgent { + if creator == nil { + return nil + } return c.convert23agent(creator.SupplierType, creator.Supplier) } @@ -590,7 +591,7 @@ func (c *documentConverter) logDropped(value any) { func (c *documentConverter) convert23packageUrl(references []*v2_3.PackageExternalReference) ld.URI { for _, ref := range references { - if ref.RefType == common.TypePackageManagerPURL { + if ref != nil && ref.RefType == common.TypePackageManagerPURL { return c.convert23uri(ref.Locator) } } diff --git a/spdx/v3/v3_0_1/convert_test.go b/spdx/v3/v3_0/convert_test.go similarity index 99% rename from spdx/v3/v3_0_1/convert_test.go rename to spdx/v3/v3_0/convert_test.go index 99458931..bf85fc1f 100644 --- a/spdx/v3/v3_0_1/convert_test.go +++ b/spdx/v3/v3_0/convert_test.go @@ -1,4 +1,4 @@ -package v3_0_1 +package v3_0 import ( "testing" diff --git a/spdx/v3/v3_0_1/convert_v23_test.go b/spdx/v3/v3_0/convert_v23_test.go similarity index 99% rename from spdx/v3/v3_0_1/convert_v23_test.go rename to spdx/v3/v3_0/convert_v23_test.go index f941c512..9822d4e1 100644 --- a/spdx/v3/v3_0_1/convert_v23_test.go +++ b/spdx/v3/v3_0/convert_v23_test.go @@ -1,4 +1,4 @@ -package v3_0_1 +package v3_0 import ( "github.com/spdx/tools-golang/spdx/v2/common" diff --git a/spdx/v3/v3_0_1/convert_v301_test.go b/spdx/v3/v3_0/convert_v301_test.go similarity index 99% rename from spdx/v3/v3_0_1/convert_v301_test.go rename to spdx/v3/v3_0/convert_v301_test.go index bac39b07..f8a7fea2 100644 --- a/spdx/v3/v3_0_1/convert_v301_test.go +++ b/spdx/v3/v3_0/convert_v301_test.go @@ -1,4 +1,4 @@ -package v3_0_1 +package v3_0 import ( "time" @@ -96,8 +96,8 @@ func v301doc() *Document { func v301creationInfo() *CreationInfo { return &CreationInfo{ - - Created: parseTime("2023-01-15T10:30:00Z"), + SpecVersion: Version, + Created: parseTime("2023-01-15T10:30:00Z"), CreatedBy: AgentList{ &Person{ Name: "John Doe", diff --git a/spdx/v3/v3_0_1/model.go b/spdx/v3/v3_0/model.go similarity index 99% rename from spdx/v3/v3_0_1/model.go rename to spdx/v3/v3_0/model.go index b09bc05b..cd5dd5c7 100755 --- a/spdx/v3/v3_0_1/model.go +++ b/spdx/v3/v3_0/model.go @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: MIT -package v3_0_1 +package v3_0 import ( "time" diff --git a/spdx/v3/v3_0_1/model_validations.go b/spdx/v3/v3_0/model_validations.go similarity index 99% rename from spdx/v3/v3_0_1/model_validations.go rename to spdx/v3/v3_0/model_validations.go index 068b1df7..21938173 100755 --- a/spdx/v3/v3_0_1/model_validations.go +++ b/spdx/v3/v3_0/model_validations.go @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: MIT -package v3_0_1 +package v3_0 import "github.com/kzantow/go-ld" diff --git a/spdx/v3/v3_0_1/spdx.go b/spdx/v3/v3_0/spdx.go similarity index 92% rename from spdx/v3/v3_0_1/spdx.go rename to spdx/v3/v3_0/spdx.go index 1b61fb96..d305eb12 100644 --- a/spdx/v3/v3_0_1/spdx.go +++ b/spdx/v3/v3_0/spdx.go @@ -1,4 +1,4 @@ -package v3_0_1 +package v3_0 import ( "bytes" @@ -51,6 +51,20 @@ func (d *Document) Write(w io.Writer) error { } func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { + if createdBy == nil { + createdBy = &SoftwareAgent{ + ID: "", + Description: "", + Comment: "", + Name: "tools-golang", + Extensions: nil, + CreationInfo: nil, + ExternalIdentifiers: nil, + ExternalRefs: nil, + Summary: "", + VerifiedUsing: nil, + } + } ci := &CreationInfo{ SpecVersion: Version, Created: time.Now(), diff --git a/spdx/v3/v3_0_1/spdx_serialization_test.go b/spdx/v3/v3_0/spdx_serialization_test.go similarity index 94% rename from spdx/v3/v3_0_1/spdx_serialization_test.go rename to spdx/v3/v3_0/spdx_serialization_test.go index 1059d1e6..ee9e4411 100644 --- a/spdx/v3/v3_0_1/spdx_serialization_test.go +++ b/spdx/v3/v3_0/spdx_serialization_test.go @@ -1,4 +1,4 @@ -package v3_0_1 +package v3_0 import ( "bytes" @@ -144,7 +144,7 @@ func Test_externalID(t *testing.T) { encodeDecode(t, doc) } -// encodeDecode encodes to JSON, decodes from the JSON, and re-encodes in JSON to validate nothing is lost +// encodeDecode encodes to JSON, decodes from the JSON and compares the decoded struct against the input func encodeDecode[T comparable](t *testing.T, obj T) T { // serialization: buf := bytes.Buffer{} @@ -155,7 +155,6 @@ func encodeDecode[T comparable](t *testing.T, obj T) T { } json1 := buf.String() - t.Logf("--------- initial JSON: ----------\n%s\n\n", json1) // deserialization: graph, err := context().FromJSON(strings.NewReader(json1)) diff --git a/spdx/v3/v3_0_1/spdx_test.go b/spdx/v3/v3_0/spdx_test.go similarity index 96% rename from spdx/v3/v3_0_1/spdx_test.go rename to spdx/v3/v3_0/spdx_test.go index 91864888..76390836 100644 --- a/spdx/v3/v3_0_1/spdx_test.go +++ b/spdx/v3/v3_0/spdx_test.go @@ -1,9 +1,8 @@ -package v3_0_1_test +package v3_0_test import ( "bytes" "encoding/json" - "fmt" "os" "strings" "testing" @@ -15,7 +14,7 @@ import ( "github.com/pmezard/go-difflib/difflib" "github.com/stretchr/testify/require" - spdx "github.com/spdx/tools-golang/spdx/v3/v3_0_1" + spdx "github.com/spdx/tools-golang/spdx/v3/v3_0" ) func Test_customSerialization(t *testing.T) { @@ -48,8 +47,6 @@ func Test_customSerialization(t *testing.T) { validationErr := d.Validate(false) require.Error(t, validationErr) // we did not set creationInfo, should be invalid document - t.Log(validationErr.Error()) - contents := bytes.Buffer{} err := d.ToJSON(&contents) require.NoError(t, err) @@ -178,8 +175,6 @@ func Test_writer(t *testing.T) { buf := bytes.Buffer{} err = d.ToJSON(&buf) require.NoError(t, err) - fmt.Printf("%#v\n", buf.String()) - d2 := newTestDocument() err = d2.FromJSON(&buf) require.NoError(t, err) @@ -255,8 +250,6 @@ func Test_reader(t *testing.T) { d := newTestDocument() err = d.FromJSON(f) require.NoError(t, err) - t.Logf("sample document:\n%#v", d) - sboms := d.RootElements.SBOMs() require.Len(t, sboms, 1) @@ -279,7 +272,6 @@ func Test_readerExpanded(t *testing.T) { d := newTestDocument() err = d.FromJSON(f) require.NoError(t, err) - fmt.Printf("%#v\n", d) for _, fi := range d.Elements.Files() { //println("File ID: " + fi.ID) println("File Name: " + fi.GetName()) @@ -395,7 +387,6 @@ func Test_exportImportExport(t *testing.T) { } json1 := buf.String() - fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) // deserialize to a new document @@ -413,7 +404,6 @@ func Test_exportImportExport(t *testing.T) { t.Error(err) } json2 := buf.String() - fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) // compare original to parsed and re-encoded @@ -488,7 +478,6 @@ func Test_aiProfile(t *testing.T) { } json1 := buf.String() - fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) // deserialize to a new document @@ -507,7 +496,6 @@ func Test_aiProfile(t *testing.T) { t.Error(err) } json2 := buf.String() - fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) // compare original to parsed and re-encoded diff --git a/spdx/v3/v3_0_1/testdata/test.expanded.json b/spdx/v3/v3_0/testdata/test.expanded.json similarity index 100% rename from spdx/v3/v3_0_1/testdata/test.expanded.json rename to spdx/v3/v3_0/testdata/test.expanded.json diff --git a/spdx/v3/v3_0_1/testdata/test.json b/spdx/v3/v3_0/testdata/test.json similarity index 100% rename from spdx/v3/v3_0_1/testdata/test.json rename to spdx/v3/v3_0/testdata/test.json From 22d11c1bc7c3d9bcce88ceccec5609f842ff6be8 Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Mon, 13 Oct 2025 16:43:21 -0400 Subject: [PATCH 21/21] chore: move json ld library to internal package Signed-off-by: Keith Zantow --- go.mod | 13 +- go.sum | 2 - json/reader.go | 7 - spdx/v3/internal/generate/main.go | 4 +- spdx/v3/internal/ld/README.md | 6 + spdx/v3/internal/ld/decode_test.go | 53 ++ spdx/v3/internal/ld/document_loader.go | 23 + spdx/v3/internal/ld/graph_builder.go | 360 +++++++++ spdx/v3/internal/ld/graph_builder_test.go | 223 ++++++ spdx/v3/internal/ld/ld_context.go | 290 +++++++ spdx/v3/internal/ld/ld_context_test.go | 100 +++ spdx/v3/internal/ld/model_test.go | 178 +++++ spdx/v3/internal/ld/primitives.go | 149 ++++ spdx/v3/internal/ld/reader.go | 378 +++++++++ spdx/v3/internal/ld/reader_test.go | 317 ++++++++ spdx/v3/internal/ld/ref_count.go | 59 ++ spdx/v3/internal/ld/ref_count_test.go | 122 +++ spdx/v3/internal/ld/shaclgen/gen.go | 819 ++++++++++++++++++++ spdx/v3/internal/ld/shaclgen/reader.go | 229 ++++++ spdx/v3/internal/ld/shaclgen/types.go | 32 + spdx/v3/internal/ld/shaclgen/util.go | 129 +++ spdx/v3/internal/ld/shaclgen/validations.go | 99 +++ spdx/v3/internal/ld/struct_reader.go | 127 +++ spdx/v3/internal/ld/struct_reader_test.go | 157 ++++ spdx/v3/internal/ld/type_iter.go | 39 + spdx/v3/internal/ld/util.go | 175 +++++ spdx/v3/internal/ld/validation_error.go | 81 ++ spdx/v3/internal/ld/validations.go | 155 ++++ spdx/v3/internal/ld/validations_test.go | 178 +++++ spdx/v3/internal/ld/visitor.go | 84 ++ spdx/v3/internal/ld/visitor_test.go | 50 ++ spdx/v3/internal/serialize_json.go | 3 +- spdx/v3/v3_0/convert.go | 3 +- spdx/v3/v3_0/convert_v301_test.go | 3 +- spdx/v3/v3_0/model.go | 4 +- spdx/v3/v3_0/model_validations.go | 4 +- spdx/v3/v3_0/spdx.go | 6 +- spdx/v3/v3_0/spdx_test.go | 2 +- 38 files changed, 4631 insertions(+), 32 deletions(-) create mode 100644 spdx/v3/internal/ld/README.md create mode 100644 spdx/v3/internal/ld/decode_test.go create mode 100644 spdx/v3/internal/ld/document_loader.go create mode 100644 spdx/v3/internal/ld/graph_builder.go create mode 100644 spdx/v3/internal/ld/graph_builder_test.go create mode 100644 spdx/v3/internal/ld/ld_context.go create mode 100644 spdx/v3/internal/ld/ld_context_test.go create mode 100644 spdx/v3/internal/ld/model_test.go create mode 100644 spdx/v3/internal/ld/primitives.go create mode 100644 spdx/v3/internal/ld/reader.go create mode 100644 spdx/v3/internal/ld/reader_test.go create mode 100644 spdx/v3/internal/ld/ref_count.go create mode 100644 spdx/v3/internal/ld/ref_count_test.go create mode 100644 spdx/v3/internal/ld/shaclgen/gen.go create mode 100644 spdx/v3/internal/ld/shaclgen/reader.go create mode 100644 spdx/v3/internal/ld/shaclgen/types.go create mode 100644 spdx/v3/internal/ld/shaclgen/util.go create mode 100644 spdx/v3/internal/ld/shaclgen/validations.go create mode 100644 spdx/v3/internal/ld/struct_reader.go create mode 100644 spdx/v3/internal/ld/struct_reader_test.go create mode 100644 spdx/v3/internal/ld/type_iter.go create mode 100644 spdx/v3/internal/ld/util.go create mode 100644 spdx/v3/internal/ld/validation_error.go create mode 100644 spdx/v3/internal/ld/validations.go create mode 100644 spdx/v3/internal/ld/validations_test.go create mode 100644 spdx/v3/internal/ld/visitor.go create mode 100644 spdx/v3/internal/ld/visitor_test.go diff --git a/go.mod b/go.mod index 17e2ab86..da5a37ce 100644 --- a/go.mod +++ b/go.mod @@ -4,13 +4,16 @@ go 1.23.5 require ( github.com/anchore/go-struct-converter v0.0.0-20251008145103-b79fc8ba4f45 - github.com/davecgh/go-spew v1.1.1 + github.com/dave/jennifer v1.7.1 + github.com/deiu/rdf2go v0.0.0-20241212211204-b661ba0dfd25 + github.com/gertd/go-pluralize v0.2.1 github.com/google/go-cmp v0.7.0 github.com/google/uuid v1.6.0 - github.com/kzantow/go-ld v0.0.0-20251008235635-4379583bef45 + github.com/piprate/json-gold v0.7.0 github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb github.com/stretchr/testify v1.11.1 + mvdan.cc/gofumpt v0.7.0 sigs.k8s.io/yaml v1.6.0 ) @@ -20,15 +23,11 @@ require ( ) require ( - github.com/dave/jennifer v1.7.1 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect github.com/deiu/gon3 v0.0.0-20241212124032-93153c038193 // indirect - github.com/deiu/rdf2go v0.0.0-20241212211204-b661ba0dfd25 // indirect - github.com/gertd/go-pluralize v0.2.1 // indirect github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326 // indirect - github.com/piprate/json-gold v0.7.0 // indirect github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect github.com/rychipman/easylex v0.0.0-20160129204217-49ee7767142f // indirect golang.org/x/mod v0.14.0 // indirect golang.org/x/tools v0.17.0 // indirect - mvdan.cc/gofumpt v0.7.0 // indirect ) diff --git a/go.sum b/go.sum index 105c9e31..57f11ee8 100644 --- a/go.sum +++ b/go.sum @@ -20,8 +20,6 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kzantow/go-ld v0.0.0-20251008235635-4379583bef45 h1:Mtqmz6O5oY4L2frzQII4G3MeVH0fD8QkypRErrpxJok= -github.com/kzantow/go-ld v0.0.0-20251008235635-4379583bef45/go.mod h1:4ic0Ad7R5XxDPD507j3Ux5ZLEJrlRgT8qGgcyrUGubY= github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326 h1:YP3lfXXYiQV5MKeUqVnxRP5uuMQTLPx+PGYm1UBoU98= github.com/linkeddata/gojsonld v0.0.0-20170418210642-4f5db6791326/go.mod h1:nfqkuSNlsk1bvti/oa7TThx4KmRMBmSxf3okHI9wp3E= github.com/piprate/json-gold v0.7.0 h1:bEMirgA5y8Z2loTQfxyIFfY+EflxH1CTP6r/KIlcJNw= diff --git a/json/reader.go b/json/reader.go index 5e9ab3c5..ec161281 100644 --- a/json/reader.go +++ b/json/reader.go @@ -7,7 +7,6 @@ import ( "encoding/json" "fmt" "io" - "reflect" "regexp" "github.com/spdx/tools-golang/convert" @@ -102,12 +101,6 @@ func ReadInto(content io.Reader, doc common.AnyDocument) error { if err != nil { return err } - - fromType := reflect.TypeOf(in) - toType := reflect.TypeOf(doc).Elem() - if fromType != toType { - return fmt.Errorf("unable to convert %v backwards to %v", fromType, toType) - } data = in default: return fmt.Errorf("unsupported SDPX version: %s", version) diff --git a/spdx/v3/internal/generate/main.go b/spdx/v3/internal/generate/main.go index e1531557..5cc01dac 100644 --- a/spdx/v3/internal/generate/main.go +++ b/spdx/v3/internal/generate/main.go @@ -7,17 +7,17 @@ import ( "regexp" "strings" - "github.com/kzantow/go-ld/shaclgen" + "github.com/spdx/tools-golang/spdx/v3/internal/ld/shaclgen" ) func main() { versions := []string{ - //"3.0.0", "3.0.1", } for _, version := range versions { packageName := "v" + strings.ReplaceAll(version, ".", "_") + packageName = strings.Join(strings.Split(packageName, "_")[:2], "_") // only generate the latest patch for each minor version fileName, err := filepath.Abs(fmt.Sprintf("spdx/v3/%s/model.go", packageName)) if err != nil { panic(err) diff --git a/spdx/v3/internal/ld/README.md b/spdx/v3/internal/ld/README.md new file mode 100644 index 00000000..4c87d3ab --- /dev/null +++ b/spdx/v3/internal/ld/README.md @@ -0,0 +1,6 @@ +# JSON-LD utilities + +This package contains JSON-LD utilities shared across the SPDX 3 data models, including a JSON-LD reader & graph writer +using the official JSON-LD go language implementation: `github.com/piprate/go-ld`, which is able to map to and from +go object models. Subpackage `shaclgen` contains a generator for go source code from SHACL, which has only implemented +the functionality to support SPDX 3. diff --git a/spdx/v3/internal/ld/decode_test.go b/spdx/v3/internal/ld/decode_test.go new file mode 100644 index 00000000..769f5e41 --- /dev/null +++ b/spdx/v3/internal/ld/decode_test.go @@ -0,0 +1,53 @@ +package ld_test + +import ( + "testing" + + "github.com/google/go-cmp/cmp" +) + +func Test_decode(t *testing.T) { + tests := []struct { + name string + graph l + want func() a + }{ + { + name: "simple graph", + graph: l{ + o{"@type": "software_Package", "@id": "pkg-1", "name": "pkg 1"}, + o{"@type": "software_File", "@id": "file-1", "contents": "file 1"}, + o{"@type": "Relationship", "from": "file-1", "to": l{"pkg-1"}}, + }, + want: func() a { + p := &Package{Element: Element{ID: "pkg-1", Name: "pkg 1"}} + f := &File{Element: Element{ID: "file-1"}, Contents: "file 1"} + r := &Relationship{From: f, To: l{p}} + return l{p, f, r} + }, + }, + { + name: "top level named individual", + graph: l{ + o{ + "@id": "https://example.org/iri/file/dev/null", + }, + }, + want: func() a { + return l{File_DevNull} + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + graph := testGraph(t, tt.graph) + + want := tt.want() + + if diff := cmp.Diff(want, graph); diff != "" { + t.Fatalf("(-want +got):\n%s", diff) + } + }) + } +} diff --git a/spdx/v3/internal/ld/document_loader.go b/spdx/v3/internal/ld/document_loader.go new file mode 100644 index 00000000..620e508e --- /dev/null +++ b/spdx/v3/internal/ld/document_loader.go @@ -0,0 +1,23 @@ +package ld + +import ( + "fmt" + + "github.com/piprate/json-gold/ld" +) + +type offlineDocumentLoader struct { + ctx *context +} + +func (d offlineDocumentLoader) LoadDocument(u string) (*ld.RemoteDocument, error) { + sc := d.ctx.contextMap[u] + if sc != nil { + return &ld.RemoteDocument{ + DocumentURL: u, + ContextURL: u, + Document: sc.ldContext, + }, nil + } + return nil, fmt.Errorf("context is not known: %v", u) +} diff --git a/spdx/v3/internal/ld/graph_builder.go b/spdx/v3/internal/ld/graph_builder.go new file mode 100644 index 00000000..07217580 --- /dev/null +++ b/spdx/v3/internal/ld/graph_builder.go @@ -0,0 +1,360 @@ +package ld + +import ( + "errors" + "fmt" + "reflect" + "strconv" + + "github.com/piprate/json-gold/ld" +) + +type graphBuilder struct { + ctx *context + input reflect.Value + graph []any // graph stores all the serialized objects in the graph + nextID map[reflect.Type]int + ids map[uintptr]string + pointerRefs map[reflect.Value]map[string]any // pointerRefs stores references to each serialized pointer +} + +func (b *graphBuilder) toCompactMaps(graph ...any) (map[string]any, error) { + expanded, errs := b.toExpandedMaps(graph...) + if errs != nil { + return nil, errors.Join(errs...) + } + + proc := ld.NewJsonLdProcessor() + opts := ld.NewJsonLdOptions("") + // all options: + //opts.Base + opts.CompactArrays = true + //opts.ExpandContext = false + opts.ProcessingMode = ld.JsonLd_1_1 + opts.DocumentLoader = offlineDocumentLoader{ctx: b.ctx} + //opts.Embed + //opts.Explicit + //opts.RequireAll + //opts.FrameDefault = false + //opts.OmitDefault + //opts.OmitGraph + //opts.UseRdfType + //opts.UseNativeTypes = true + //opts.ProduceGeneralizedRdf + //opts.InputFormat + //opts.Format + //opts.Algorithm + //opts.UseNamespaces + //opts.OutputForm + //opts.SafeMode + + var compactionContext map[string]any + switch len(b.ctx.contextMap) { + case 0: + return nil, fmt.Errorf("no contexts defined, unable to serialize") + case 1: + compactionContext = map[string]interface{}{ + "@context": firstKey(b.ctx.contextMap), + } + default: + prefixes := map[string]any{} + for i, url := range sortedKeys(b.ctx.contextMap) { + prefixes["ns"+strconv.Itoa(i)] = url + } + compactionContext = map[string]interface{}{ + "@context": prefixes, + } + } + + compact, err := proc.Compact(expanded, compactionContext, opts) + return compact, err +} + +func (b *graphBuilder) toExpandedMaps(graph ...any) ([]any, []error) { + b.input = reflect.ValueOf(graph) + b.graph = nil + for _, v := range graph { + val := reflect.ValueOf(v) + _, err := b.serialize(val) + if err != nil { + return nil, err + } + } + return b.graph, nil +} + +// serialize outputs the top-level nodes in the graph; these have the behavior that they are always returned in +// serialized form rather than potentially returning an ID reference. pointers with multiple references will also +// ensure the @id field is set in order to be referenced later +func (b *graphBuilder) serialize(v reflect.Value) (any, []error) { + if !v.IsValid() { + return nil, nil + } + ptrV := v + if v.Kind() == reflect.Pointer { + if v.IsNil() { + return nil, nil + } + if debug { + ptr := fmt.Sprintf("%v", v.Pointer()) + fmt.Printf("got pointer: %v\n", ptr) + } + id := b.ids[v.Pointer()] + if id != "" { + return id, nil + } + v = v.Elem() + } + + val, ok := b.serializePrimitiveValue(v) + if ok { + return val, nil + } + + switch v.Kind() { + case reflect.Interface: + return b.serialize(v.Elem()) + case reflect.Slice: + return b.serializeSlice(v) + case reflect.Struct: + return b.serializeStruct(ptrV, v) + default: + panic(fmt.Errorf("unsupported type: %v", v)) + } +} + +func (b *graphBuilder) serializeSlice(slice reflect.Value) ([]any, []error) { + if slice.Kind() != reflect.Slice { + panic("expected slice") + } + var out []any + for i := 0; i < slice.Len(); i++ { + value, err := b.serialize(slice.Index(i)) + if err != nil { + return nil, err + } + out = append(out, value) + } + return out, nil +} + +func (b *graphBuilder) serializeStruct(ptrV, v reflect.Value) (value any, err []error) { + t := v.Type() + if t.Kind() != reflect.Struct { + panic("expected struct, got: " + stringify(v)) + } + + out := map[string]any{} + + tc := b.ctx.typeToContext[t] + if tc != nil { + err = b.serializeProps(tc.ctx, tc, ptrV, v, out) + if err != nil { + return out, err + } + + // always append the type unless the only value we have is an external IRI reference + if len(out) > 0 { + out[JsonTypeProp] = []any{ + tc.iri, + } + } + } + + id := out[JsonIdProp] + if id != "" { + b.graph = append(b.graph, out) + return id, nil + } + + // skip objects with no properties whatsoever + if len(out) == 0 { + return nil, nil + } + return out, nil +} + +func (b *graphBuilder) serializeProps(context *serializationContext, tc *typeContext, ptrV, v reflect.Value, out map[string]any) []error { + t := v.Type() + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if skipField(f) { // ID is set outside of this function + continue + } + + prop := f.Tag.Get(GoIriTagName) + fieldV := v.Field(i) + + if prop == JsonIdProp { + if tc.blankNodeAllowed { + if RefCount(ptrV, b.input) == 1 { + continue // don't create an ID, output inline + } + } + id := "" + if isUnset(fieldV) { + id = b.getID(ptrV) + if debug { + val := ptrV.Interface() + fmt.Printf("%#v\n", val) + } + } else { + id = fieldV.String() + //if !strings.HasPrefix(id, "_:") { + // id = "_:" + id + //} + } + if debug { + ptr := fmt.Sprintf("%v", ptrV.Pointer()) + fmt.Printf("setting id for pointer: %v\n", ptr) + } + if ptrV.Kind() == reflect.Pointer { + b.ids[ptrV.Pointer()] = id + } + out[JsonIdProp] = id + continue + } + + // embedded struct, recursively call this function to get all struct values + if f.Anonymous && f.Type.Kind() == reflect.Struct { + err := b.serializeProps(context, tc, ptrV, v.Field(i), out) + if err != nil { + return err + } + continue + } + + optional := !isRequired(f) + + if optional && isEmpty(fieldV) { + continue + } + + if debug { + val := fieldV.Interface() + str := fmt.Sprintf("serializing prop %v: %#v", f, val) + fmt.Println(str) + } + val, err := b.serialize(fieldV) + if err != nil { + return err + } + + if val == nil && optional { + continue + } + + out[prop] = val + } + + return nil +} + +func (b *graphBuilder) serializePrimitiveValue(v reflect.Value) (map[string]any, bool) { + if !v.IsValid() || !v.CanInterface() { + return nil, false + } + + value := v.Interface() + c := typeToConverter[v.Type()] + if c != nil { + if c.Serialize != nil { + value = c.Serialize(value) + } + return map[string]any{ + JsonTypeProp: c.IRI, + JsonValueProp: value, + }, true + } + + return nil, false +} + +// getID will return an ID for the given struct pointer, creating one if needed +// it does not append structs to the graph +func (b *graphBuilder) getID(ptrV reflect.Value) string { + if ptrV.Type().Kind() != reflect.Pointer { + panic("expected pointer, got: " + stringify(ptrV)) + } + id, _ := b.ids[ptrV.Pointer()] + if id != "" { + return id + } + + v := ptrV.Elem() + t := v.Type() + + // check if the struct has an ID set directly, and use that if so + id, _ = getID(v) + if id != "" { + return id + } + + nextID := b.nextID[t] + 1 + b.nextID[t] = nextID + return fmt.Sprintf("_:%s-%v", t.Name(), nextID) +} + +func (b *graphBuilder) findContext(t reflect.Type) *serializationContext { + t = baseType(t) // map[string]any may be a pointer, but we want the base types + tc := b.ctx.typeToContext[t] + if tc != nil { + return tc.ctx + } + return nil +} + +func stringify(o any) string { + switch o := o.(type) { + case reflect.Value: + if !o.IsValid() { + return "" + } + if o.CanInterface() { + return typeName(o.Type()) + ": " + stringify(o.Interface()) + } + case reflect.Type: + return fmt.Sprintf("%s.%s", o.PkgPath(), o.Name()) + } + return fmt.Sprintf("%#v", o) +} + +func isEmpty(v reflect.Value) bool { + return !v.IsValid() || v.IsZero() +} + +func isRequired(f reflect.StructField) bool { + return f.Tag.Get("required") == "true" +} + +func getValue(v reflect.Value) any { + switch v.Kind() { + case reflect.String: + return v.String() + case reflect.Bool: + return v.Bool() + case reflect.Float32, reflect.Float64: + return v.Float() + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return v.Int() + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + return v.Uint() + default: + if !v.CanInterface() { + return nil + } + return v.Interface() + } +} + +func isUnset(fv reflect.Value) bool { + if !fv.IsValid() { + return true + } + switch fv.Kind() { + case reflect.Pointer, reflect.Interface, reflect.Slice, reflect.Map: + return fv.IsNil() + default: + return fv.IsZero() + } +} diff --git a/spdx/v3/internal/ld/graph_builder_test.go b/spdx/v3/internal/ld/graph_builder_test.go new file mode 100644 index 00000000..570c0212 --- /dev/null +++ b/spdx/v3/internal/ld/graph_builder_test.go @@ -0,0 +1,223 @@ +package ld + +import ( + "testing" + "time" + + "github.com/google/go-cmp/cmp" + "github.com/stretchr/testify/require" +) + +func Test_graphBuilder(t *testing.T) { + type typ struct { + _ Type `iri:"http://t-iri"` + Id string `iri:"@id"` + Str string `iri:"http://str-iri"` + Bool bool `iri:"http://bool-iri"` + Int int `iri:"http://int-iri"` + Float float64 `iri:"http://float-iri"` + Time time.Time `iri:"http://time-iri"` + } + + type typ2 struct { + _ Type `iri:"http://t2-iri"` + Identifier string `iri:"@id"` + T1 *typ `iri:"http://t2-to-t1-iri"` + } + + typContext := o{ + "t": "http://t-iri", + "t2": "http://t2-iri", + "s": o{ + "@id": "http://str-iri", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "b": o{ + "@id": "http://bool-iri", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "i": o{ + "@id": "http://int-iri", + "@type": "http://www.w3.org/2001/XMLSchema#integer", + }, + "f": o{ + "@id": "http://float-iri", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "tm": o{ + "@id": "http://time-iri", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "t2t1": "http://t2-to-t1-iri", + } + + contextWithIdTypeOverride := merge(typContext, o{ + "aliased-type": "@type", + "aliased-id": "@id", + }) + + contextURI := "http://example.org/uri" + + tests := []struct { + name string + context o + graph func() any + expected any + wantErr require.ErrorAssertionFunc + }{ + { + name: "basic no context full iri", + context: o{}, + graph: func() any { + return &typ{ + Str: "str-val", + Bool: true, + Int: 101, + Float: 940.33, + Time: mar25noon, + } + }, + expected: o{ + "@context": contextURI, + "@type": "http://t-iri", + "@id": "_:typ-1", + "http://str-iri": expanded("str-val"), + "http://bool-iri": expanded(true), + "http://int-iri": expanded(101), + "http://float-iri": expanded(940.33), + "http://time-iri": expanded(mar25noon), + }, + }, + { + name: "basic all aliases context", + context: typContext, + graph: func() any { + return &typ{ + Str: "str-val", + Bool: true, + Int: 101, + Float: 940.33, + Time: mar25noon, + } + }, + expected: o{ + "@context": contextURI, + "@type": "t", + "@id": "_:typ-1", + "s": "str-val", + "b": true, + "i": 101, + "f": 940.33, + "tm": mar25noon.Format(time.RFC3339), + }, + }, + { + name: "all aliases overridden id type", + context: contextWithIdTypeOverride, + graph: func() any { + return &typ{} + }, + expected: o{ + "@context": contextURI, + "aliased-id": "_:typ-1", + "aliased-type": "t", + }, + }, + { + name: "multiple refs gets id", + context: contextWithIdTypeOverride, + graph: func() any { + t1 := &typ{ + Str: "a-val", + } + return l{ + &typ2{ + T1: t1, + }, + &typ2{ + T1: t1, + }, + } + }, + expected: o{ + "@context": contextURI, + "@graph": l{ + o{ + "aliased-type": "t", + "aliased-id": "_:typ-1", + "s": "a-val", + }, + o{ + "aliased-type": "t2", + "aliased-id": "_:typ2-1", + "t2t1": "_:typ-1", + }, + o{ + "aliased-type": "t2", + "aliased-id": "_:typ2-2", + "t2t1": "_:typ-1", + }, + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + ctx := NewContext() + ctx.Register(contextURI, o{"@context": tt.context}, typ{}, typ2{}) + expected := tt.expected + + var graphs l + graph := tt.graph() + if g, ok := graph.(l); ok { + graphs = g + } else { + graphs = append(graphs, graph) + } + var got any + got, err := ctx.(*context).toMaps(graphs...) + + wantErr := require.NoError + if tt.wantErr != nil { + wantErr = tt.wantErr + } + wantErr(t, err) + + d := cmp.Diff(expected, got) + if d != "" { + t.Fatal(d) + } + }) + } +} + +func expanded[T any](value T) any { + var v any = value + t := "" + var out any + switch v := v.(type) { + case string: + t = "http://www.w3.org/2001/XMLSchema#string" + out = v + case bool: + t = "http://www.w3.org/2001/XMLSchema#boolean" + out = v + case float32, float64: + t = "http://www.w3.org/2001/XMLSchema#decimal" + out = v + case byte, int, int8, int16, int32, int64: + t = "http://www.w3.org/2001/XMLSchema#integer" + out = v + case time.Time: + t = "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + out = v.Format(time.RFC3339) + default: + panic("unsupported type") + } + + return o{ + JsonTypeProp: t, + JsonValueProp: out, + } +} diff --git a/spdx/v3/internal/ld/ld_context.go b/spdx/v3/internal/ld/ld_context.go new file mode 100644 index 00000000..fb140e45 --- /dev/null +++ b/spdx/v3/internal/ld/ld_context.go @@ -0,0 +1,290 @@ +package ld + +import ( + "encoding/json" + "fmt" + "io" + "reflect" + "strings" + + "github.com/piprate/json-gold/ld" +) + +// Type is a 0-size data holder property type for type-level ld information +type Type struct{} + +// Context is the holder for all known LD contexts and required definitions +type Context interface { + Register(contextURI string, contextDefinition map[string]any, typesAndInstances ...any) Context + Merge(ctx Context) Context + ToJSON(writer io.Writer, graph ...any) error + FromJSON(reader io.Reader) ([]any, error) +} + +const ( + JsonIdProp = "@id" + JsonTypeProp = "@type" + JsonValueProp = "@value" + JsonContextProp = "@context" + JsonGraphProp = "@graph" + JsonVocabProp = "@vocab" + GoTypeField = "_" + GoIdField = "ID" + GoIriTagName = "iri" + GoTypeTagName = "type" + GoNodeKindTagName = "node-kind" + GoRequiredTagName = "required" +) + +type context struct { + contextMap map[string]*serializationContext + // iriToType contains full IRIs and aliases to the appropriate typeContext + iriToType map[string]*typeContext + // typeToContext contains references from the go type(s) to appropriate typeContext + typeToContext map[reflect.Type]*typeContext + // iriToInstance are directly registered instances in code + iriToInstance map[string]reflect.Value + // typeToExternalIriFunc holds registered functions to construct external placeholders IRIs + typeToExternalIriFunc map[reflect.Type]func(string) reflect.Value +} + +func NewContext() Context { + return &context{ + contextMap: map[string]*serializationContext{}, + iriToType: map[string]*typeContext{}, + typeToContext: map[reflect.Type]*typeContext{}, + iriToInstance: map[string]reflect.Value{}, + typeToExternalIriFunc: map[reflect.Type]func(string) reflect.Value{}, + } +} + +// Merge returns a new context, with the values from both contexts merged together +func (c *context) Merge(ctx Context) Context { + c2 := ctx.(*context) + return &context{ + contextMap: merge(c.contextMap, c2.contextMap), + iriToType: merge(c.iriToType, c2.iriToType), + typeToContext: merge(c.typeToContext, c2.typeToContext), + iriToInstance: merge(c.iriToInstance, c2.iriToInstance), + } +} + +// Register registers types and aliases to be used when serializing/deserializing documents +func (c *context) Register(contextURI string, ldContext map[string]any, types ...any) Context { + ctx := c.getContext(contextURI) + ctx.ldContext = merge(ctx.ldContext, ldContext) + ctx.parsedLdContext = ld.NewContext(ldContext, nil) + c.registerContextAliases(ctx, ldContext) + for _, typ := range types { + switch { + case isFunc(typ): + registerFunc(c, typ) + default: + registerType(c, ctx, typ) + } + } + return c +} + +// TypeAliases returns all the registered types and IRIs with corresponding aliases +func (c *context) TypeAliases() ([]reflect.Type, map[string]string) { + iriToAlias := map[string]string{} + for _, cm := range c.contextMap { + for alias, iri := range cm.aliasToIri { + iriToAlias[iri] = alias + } + } + var out []reflect.Type + for t := range c.typeToContext { + out = append(out, t) + } + return out, iriToAlias +} + +// LDContexts returns all the registered JSON-LD contexts +func (c *context) LDContexts() map[string]map[string]any { + out := map[string]map[string]any{} + for uri, cm := range c.contextMap { + out[uri] = cm.ldContext + } + return out +} + +// registerContextAliases registers compact name aliases for the given IRIs in the given context +func (c *context) registerContextAliases(ctx *serializationContext, ldContext map[string]any) { + subContext, _ := ldContext[JsonContextProp].(map[string]any) + if subContext != nil { + c.registerContextAliases(ctx, subContext) + return + } + for alias, v := range ldContext { + if alias == JsonContextProp { + continue + } + switch v := v.(type) { + case string: + c.registerContextAlias(ctx, v, alias) + case map[string]any: + iri, _ := v[JsonIdProp].(string) + if iri != "" { + c.registerContextAlias(ctx, iri, alias) + } + // should this be checked? if v[JsonTypeProp] == JsonVocabProp { + subContext, _ = v[JsonContextProp].(map[string]any) + if subContext != nil { + contextPrefix, _ := subContext[JsonVocabProp].(string) + ctx.aliasContext[alias] = contextPrefix + } + } + } +} + +// registerContextAlias registers compact name aliases for the given IRIs in the given context +func (c *context) registerContextAlias(ctx *serializationContext, iri, alias string) { + if ctx.aliasToIri[alias] != "" { + panic("duplicate alias set globally: " + alias + "; iri: " + iri + "; existing: " + ctx.aliasToIri[alias]) + } + ctx.aliasToIri[alias] = iri +} + +func (c *context) getContext(contextUrl string) *serializationContext { + ctx := c.contextMap[contextUrl] + if ctx == nil { + ctx = &serializationContext{ + contextUrl: contextUrl, + aliasToIri: map[string]string{}, + aliasContext: map[string]string{}, + //iriToAlias: map[string]string{}, + } + c.contextMap[contextUrl] = ctx + } + return ctx +} + +func (c *context) ToJSON(writer io.Writer, graph ...any) error { + out, err := c.toMaps(graph...) + if err != nil { + return err + } + enc := json.NewEncoder(writer) + enc.SetEscapeHTML(false) + enc.SetIndent("", " ") + return enc.Encode(out) +} + +func (c *context) toMaps(graph ...any) (values map[string]any, errors error) { + builder := graphBuilder{ + ctx: c, + nextID: map[reflect.Type]int{}, + ids: map[uintptr]string{}, + pointerRefs: map[reflect.Value]map[string]any{}, + } + return builder.toCompactMaps(graph...) +} + +func (c *context) FromJSON(reader io.Reader) ([]any, error) { + var decoded any + dec := json.NewDecoder(reader) + err := dec.Decode(&decoded) + if err != nil { + return nil, err + } + switch values := decoded.(type) { + case map[string]any: + return c.fromMaps(values) + case []any: + return c.fromSlice(values) + } + return nil, fmt.Errorf("unable to decode, unsupported JSON type: %v", decoded) +} + +func (c *context) fromMaps(values map[string]any) ([]any, error) { + rdr := mapReader{ctx: c} + return rdr.FromMaps(values) +} + +func (c *context) fromSlice(values []any) ([]any, error) { + rdr := mapReader{ctx: c} + return rdr.FromSlice(values) +} + +type typeContext struct { + ctx *serializationContext + typ reflect.Type + iri string + alias string + setters map[string]func(instance reflect.Value, value reflect.Value) + blankNodeAllowed bool +} + +type serializationContext struct { + contextUrl string + // the full JSON LD context provided + ldContext map[string]any + parsedLdContext *ld.Context + // aliasToIri contains field aliases to the respective IRIs + aliasToIri map[string]string + // aliasContext + aliasContext map[string]string + //iriToAlias map[string]string +} + +func registerFunc(c *context, fn any) { + f := reflect.ValueOf(fn) + t := f.Type() + + if t.NumIn() != 1 || t.In(0).Kind() != reflect.String { + panic("external IRI functions must have one parameter, accepting an IRI string") + } + + if t.NumOut() != 1 { + panic("external IRI functions must have one return value") + } + + rVal := t.Out(0) + c.typeToExternalIriFunc[rVal] = func(s string) reflect.Value { + out := f.Call([]reflect.Value{reflect.ValueOf(s)}) + return out[0] + } +} + +func registerType(c *context, ctx *serializationContext, instancePointer any) { + t := reflect.TypeOf(instancePointer) + instance := reflect.ValueOf(instancePointer) + t = baseType(t) // types may be passed as pointers, but we want the base types + + tc := c.typeToContext[t] + if tc == nil { + meta, ok := FieldByType[Type](t) + if ok { + iri := meta.Tag.Get(GoIriTagName) + if iri == "" { + panic("no type IRI specified for: " + stringify(instancePointer)) + } + tc = &typeContext{ + iri: iri, + ctx: ctx, + typ: t, + setters: map[string]func(instance reflect.Value, value reflect.Value){}, + blankNodeAllowed: strings.Contains(meta.Tag.Get(GoNodeKindTagName), "BlankNode"), + } + c.iriToType[tc.iri] = tc + c.typeToContext[t] = tc + } + } + + // capture all the registered types + id, err := getID(instance) + if err != nil { + // we should not have invalid types registered + panic(err) + } + if id != "" { + switch instance.Type().Kind() { + case reflect.Pointer, reflect.Struct: + default: + panic("expected instance registration to be a pointer or a struct, got: " + stringify(instance)) + } + c.iriToInstance[id] = instance + } +} diff --git a/spdx/v3/internal/ld/ld_context_test.go b/spdx/v3/internal/ld/ld_context_test.go new file mode 100644 index 00000000..ebbcbcfe --- /dev/null +++ b/spdx/v3/internal/ld/ld_context_test.go @@ -0,0 +1,100 @@ +package ld + +import ( + "testing" + + "github.com/google/go-cmp/cmp" + "github.com/stretchr/testify/require" +) + +func Test_registeredInstances(t *testing.T) { + type AType struct { + _ Type `iri:"https://example.org/context/thing-a"` + ID string `iri:"@id"` + Name string `iri:"https://example.org/context/name"` + Values []any `iri:"https://example.org/context/values"` + } + + inst := &AType{ + ID: "https://example.org/context/an-instance", + Name: "an-instance", + } + + contextName := "https://example.org/context" + ctx := NewContext().Register(contextName, o{"@context": o{ + "thing-a": "https://example.org/context/thing-a", + "name": o{ + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@id": "https://example.org/context/name", + }, + "values": o{ + "@type": "@vocab", + "@id": "https://example.org/context/values", + }, + }}, inst) + + g, err := ctx.(*context).fromMaps(o{ + "@context": contextName, + //"@graph": l{ + // o{ + "@type": "thing-a", + "name": "some-name", + "values": l{ + "https://example.org/context/an-instance", + }, + // }, + //}, + }) + require.NoError(t, err) + + got := g[0].(*AType) + require.Equal(t, "some-name", got.Name) + require.Len(t, got.Values, 1) + require.Equal(t, inst, got.Values[0]) +} + +func Test_MultiRegistration(t *testing.T) { + type AType struct { + _ Type `iri:"https://example.org/context/thing-a"` + AnID string `iri:"@id"` + Name string `iri:"https://example.org/context/name"` + } + + contextName := "https://example.org/context" + ctx := NewContext().Register(contextName, o{"@context": o{ + "name": o{ + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@id": "https://example.org/context/name", + }, + }}, AType{}) + require.Len(t, ctx.(*context).contextMap, 1) + + type BType struct { + _ Type `iri:"https://example.org/context/thing-b"` + AnotherID string `iri:"@id"` + Name string `iri:"https://example.org/context/name"` + } + + ctx = ctx.Register(contextName, o{"@context": o{}}, BType{}) + require.Len(t, ctx.(*context).contextMap, 1) + + maps, err := ctx.(*context).toMaps(&AType{ + AnID: "id1", + Name: "A", + }, &BType{ + AnotherID: "id2", + Name: "B", + }) + require.NoError(t, err) + + diff := cmp.Diff(o{ + "@context": "https://example.org/context", + "@graph": l{ + o{"@type": "https://example.org/context/thing-a", "name": "A", "@id": "id1"}, + o{"@type": "https://example.org/context/thing-b", "name": "B", "@id": "id2"}, + }, + }, maps) + if diff != "" { + t.Fatal(diff) + } +} diff --git a/spdx/v3/internal/ld/model_test.go b/spdx/v3/internal/ld/model_test.go new file mode 100644 index 00000000..a5cf4fd2 --- /dev/null +++ b/spdx/v3/internal/ld/model_test.go @@ -0,0 +1,178 @@ +package ld_test + +import ( + "bytes" + "encoding/json" + "testing" + + "github.com/stretchr/testify/require" + + "github.com/spdx/tools-golang/spdx/v3/internal/ld" +) + +// convenience for writing json as code: + +type o = map[string]any // object +type l = []any // list +type a = any // any + +var testJsonLdContext = o{"@context": o{ + "type": "@type", + "spdxId": "@id", + "spdx": "https://spdx.org/rdf/3.0.1/terms/", + "software_Package": "https://spdx.org/rdf/3.0.1/terms/Software/Package", + "software_File": "https://spdx.org/rdf/3.0.1/terms/Software/File", + "Relationship": "https://spdx.org/rdf/3.0.1/terms/Core/relationship", + "software_primaryPurpose": o{ + "@context": o{ + "@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/", + }, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose", + "@type": "@vocab", + }, + "software_additionalPurpose": o{ + "@context": o{ + "@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/", + }, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose", + "@type": "@vocab", + }, + "from": o{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/from", + "@type": "@vocab", + }, + "to": o{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/to", + "@type": "@vocab", + }, + "specVersion": o{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "Element": "https://spdx.org/rdf/3.0.1/terms/Core/Element", + "element": o{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/element", + "@type": "@vocab", + }, + "contents": o{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/File/contents", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "name": o{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/name", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, +}} + +type Document struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Document"` + ID string `iri:"@id"` + Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element"` +} + +type AnyElement interface { + asElement() *Element +} + +type ElementList []AnyElement + +type Element struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + ID string `iri:"@id"` + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name"` +} + +func (e *Element) asElement() *Element { + return e +} + +type SoftwarePurpose struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + ID string `iri:"@id"` +} + +type Package struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Package"` + Element + SoftwarePurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose"` + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose"` +} + +type File struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + Element + Contents string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File/contents"` +} + +type Relationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationship"` + ID string `iri:"@id"` + From any `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from"` + To []any `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to"` +} + +type AnyRelationship interface { + asRelationship() *Relationship +} + +func (r *Relationship) asRelationship() *Relationship { + return r +} + +var File_DevNull = &File{Element: Element{ID: "https://example.org/iri/file/dev/null"}} + +// SubRelationship implements inheritance by embedding +type SubRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/sub-relationship"` + Relationship +} + +type ExternalIRI struct { + ExternalID string `iri:"@id"` +} + +func (r *ExternalIRI) asRelationship() *Relationship { + return nil +} + +func testGraph(t *testing.T, graph l) []any { + ctx, contextURL := testContext() + + in := o{ + "@context": contextURL, + "@graph": graph, + } + + buf := bytes.Buffer{} + + enc := json.NewEncoder(&buf) + enc.SetEscapeHTML(false) + err := enc.Encode(in) + require.NoError(t, err) + + graph, err = ctx.FromJSON(&buf) + if err != nil { + t.Fatal(err) + } + return graph +} + +func testContext() (ld.Context, string) { + contextURL := "https://example.org/test-context" + return ld.NewContext().Register(contextURL, testJsonLdContext, + Package{}, + File{}, + File_DevNull, + Relationship{}, + ), contextURL +} + +func toJSON(t *testing.T, o any) string { + buf := bytes.Buffer{} + enc := json.NewEncoder(&buf) + enc.SetEscapeHTML(false) + enc.SetIndent("", " ") + err := enc.Encode(o) + require.NoError(t, err) + return buf.String() +} diff --git a/spdx/v3/internal/ld/primitives.go b/spdx/v3/internal/ld/primitives.go new file mode 100644 index 00000000..aa3dfab3 --- /dev/null +++ b/spdx/v3/internal/ld/primitives.go @@ -0,0 +1,149 @@ +package ld + +import ( + "fmt" + "net/url" + "reflect" + "time" +) + +type URI string + +func (u URI) Validate() error { + if u == "" { // this is handled by required check + return nil + } + _, err := url.Parse(string(u)) + return err +} + +type PositiveInt int + +func (i PositiveInt) Validate() error { + if i < 0 { + return fmt.Errorf("positive integer required, got: %v", i) + } + return nil +} + +type NonNegativeInt int + +func (i NonNegativeInt) Validate() error { + if i < 0 { + return fmt.Errorf("non-negative integer required, got: %v", i) + } + return nil +} + +// DateTime is a specifically typed time.Time, validation inherently not needed +type DateTime time.Time + +var converters = []converter{ + { + IRI: "http://www.w3.org/2001/XMLSchema#string", + Type: typeOf[string](), + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#anyURI", + Type: typeOf[URI](), + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#integer", + Type: typeOf[int](), + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#positiveInteger", + Type: typeOf[PositiveInt](), + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#nonNegativeInteger", + Type: typeOf[NonNegativeInt](), + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#boolean", + Type: typeOf[bool](), + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#decimal", + Type: typeOf[float64](), + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#dateTime", + Type: typeOf[DateTime](), + Serialize: serializeTime[DateTime], + Deserialize: deserializeTime[DateTime], + }, + { + IRI: "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + Type: typeOf[time.Time](), + Serialize: serializeTime[time.Time], + Deserialize: deserializeTime[time.Time], + }, +} + +var iriToConverter = getIriToConverter() + +var typeToConverter = getTypeToConverter() + +func TypeForIRI(iri string) reflect.Type { + c := iriToConverter[iri] + if c != nil { + return c.Type + } + return nil +} + +func typeOf[T any]() reflect.Type { + var t T + return reflect.TypeOf(t) +} + +type converter struct { + Type reflect.Type + IRI string + Serialize func(any) any + Deserialize func(any) any +} + +func getTypeToConverter() map[reflect.Type]*converter { + out := map[reflect.Type]*converter{} + for i := range converters { + c := &converters[i] + if _, ok := out[c.Type]; ok { + continue + } + out[c.Type] = c + } + return out +} + +func getIriToConverter() map[string]*converter { + out := map[string]*converter{} + for i := range converters { + c := &converters[i] + if c.IRI == "" { + panic("no IRI set") + } + if _, ok := out[c.IRI]; ok { + panic("duplicate IRI set: " + c.IRI) + } + out[c.IRI] = c + } + return out +} + +func serializeTime[T time.Time | DateTime](goValue any) any { + if t, ok := goValue.(T); ok { + return time.Time(t).Format(time.RFC3339) + } + return nil +} + +func deserializeTime[T time.Time | DateTime](incoming any) any { + s, _ := incoming.(string) + if s != "" { + parsed, _ := time.Parse(time.RFC3339, s) + return T(parsed) + } + return nil +} diff --git a/spdx/v3/internal/ld/reader.go b/spdx/v3/internal/ld/reader.go new file mode 100644 index 00000000..8ccb685d --- /dev/null +++ b/spdx/v3/internal/ld/reader.go @@ -0,0 +1,378 @@ +package ld + +import ( + "errors" + "fmt" + "io" + "maps" + "reflect" + "runtime" + "strconv" + "strings" + + "github.com/piprate/json-gold/ld" +) + +type mapReader struct { + ctx *context + errs []error + logOut io.Writer // logOut if set will result in lots of log messages about the processing + link bool // link indicates this is a second pass to link previously created instances + instances map[string]reflect.Value // instances holds id -> initialized instances +} + +func (c *mapReader) FromMaps(values map[string]any) ([]any, error) { + proc := ld.NewJsonLdProcessor() + opts := ld.NewJsonLdOptions("") + opts.ProcessingMode = ld.JsonLd_1_1_Frame + opts.DocumentLoader = offlineDocumentLoader{ctx: c.ctx} + //opts.Embed= EmbedLast, + //opts.Explicit= false, + //opts.RequireAll= true, + opts.FrameDefault = true + + //opts.OmitDefault = true + //opts.OmitGraph= false, + + //opts.UseRdfType = false + //opts.UseNativeTypes= false, + //opts.ProduceGeneralizedRdf: false, + //opts.InputFormat= "", + //opts.Format= "", + //opts.Algorithm= AlgorithmURGNA2012, + //opts.UseNamespaces= false, + //opts.OutputForm= "", + //opts.SafeMode = true + expanded, err := proc.Expand(values, opts) + c.log(nil, "expanded graph: %v", expanded) + if err != nil { + return nil, err + } + return c.FromSlice(expanded) +} + +func (c *mapReader) FromSlice(expanded []any) ([]any, error) { + c.instances = map[string]reflect.Value{} + + path := []string{JsonGraphProp} + + // one pass to create all the instances + _ = c.readSlice(path, anyType, expanded) + + // second pass captures all errors, and links all instances which were created previously + c.link = true + + // the ld expansion above reads @graph and returns a fully expanded graph + var out []any + for _, value := range c.readSlice(path, anyType, expanded) { + out = append(out, value.Interface()) + } + + return out, errors.Join(c.errs...) +} + +// readSlice takes a fully expanded list of nodes and returns the go struct representations +func (c *mapReader) readSlice(path []string, targetType reflect.Type, values []any) []reflect.Value { + var out []reflect.Value + for i, node := range values { + got := c.getNode(append(path, strconv.Itoa(i)), targetType, node) + // only valid objects which can be returned via .Interface() are allowed + if got.IsValid() && got.CanInterface() { + out = append(out, got) + } + } + return out +} + +// readNode gets object instances and primitives based on a node value, creating new instances as needed, we only expect +// to get a map[string]any as input here +func (c *mapReader) getNode(path []string, targetType reflect.Type, incoming any) reflect.Value { + values, ok := incoming.(map[string]any) + if !ok { + c.err(path, "expected object, got: %v", incoming) + return emptyValue + } + // not a primitive expected is some sort of struct (pointer, interface, etc.) + id, _ := values[JsonIdProp].(string) + typeIRI := singleValue[string](values[JsonTypeProp]) + value, _ := values[JsonValueProp] + + // type & value is an external IRI + if typeIRI != "" && value != nil { + cnv := iriToConverter[typeIRI] + if cnv != nil { + if cnv.Deserialize != nil { + value = cnv.Deserialize(value) + } + if value != nil { + v := reflect.ValueOf(value) + // can directly assign, value is good + if v.Type().AssignableTo(cnv.Type) { + return v + } + // can convert, still good + if v.CanConvert(cnv.Type) { + return v.Convert(cnv.Type) + } + c.err(path, "invalid value: %v", value) + } + } + + return emptyValue + } + + tc := c.ctx.iriToType[typeIRI] + if tc == nil { + if id != "" { + // first look up any known named individuals, we do not populate these + if v, ok := c.ctx.iriToInstance[id]; ok { + return v + } + + // if there isn't a named individual, and we don't have a type, it may be a reference in the same document, + // but it may not have been created yet, here we just want to return + // we may have created this instance already + instance, ok := c.instances[id] + if ok { + return instance + } + + if c.link { // only need external IRI references on the second pass + // if we have no type and don't have an instance created, return an external IRI + return c.externalIRI(path, targetType, id) + } + } + return emptyValue + } + + // // TODO support setting map values + // if typ.Kind() != reflect.Struct { + // c.err(path, "unable to set struct properties on non-struct type: %s", typeName(instance.Type())) + // return + // } + + return c.readObject(path, targetType, id, tc, values) +} + +func (c *mapReader) readObject(path []string, targetType reflect.Type, id string, tc *typeContext, incoming map[string]any) reflect.Value { + // we created this instance already during the first pass, look up that instance + instance, ok := c.instances[id] + if !ok { + instance, ok = c.ctx.iriToInstance[id] + if ok { + return instance + } + // if not, create it now + instance = reflect.New(baseType(tc.typ)) // New(T) returns *T + if id != "" { + // only set instance references when an ID is provided + c.instances[id] = instance + } + } + c.setStructFields(path, instance, id, tc, incoming) + return instance +} + +func (c *mapReader) setStructFields(path []string, instance reflect.Value, id string, tc *typeContext, incoming map[string]any) { + typ := instance.Type() + if typ.Kind() == reflect.Pointer { + instance = instance.Elem() + typ = instance.Type() + } + + for i := 0; i < typ.NumField(); i++ { + f := typ.Field(i) + if skipField(f) { + continue + } + + fieldVal := instance.Field(i) + c.log(path, "readObject %v field %v", typeName(typ), f.Name) + + // embedded struct is how inheritance is handled, so recursively call this function to set all struct values + if f.Anonymous { + c.setStructFields(append(path, f.Name), fieldVal, id, tc, incoming) + } + + propIRI := f.Tag.Get(GoIriTagName) + if propIRI == "" { + continue + } + + if propIRI == JsonIdProp { + // don't set blank node IDs, these will be regenerated on output + if id != "" && !isBlankNodeID(id) { + fieldVal.SetString(id) + } + continue + } + + incomingVal, ok := incoming[propIRI] + if !ok { + continue + } + + c.setFieldValue(append(path, f.Name), fieldVal, incomingVal) + } +} + +func (c *mapReader) setFieldValue(path []string, targetValue reflect.Value, incoming any) { + incomingValues, ok := incoming.([]any) + if !ok { + c.err(path, "expected []any for property value, got: %v", incomingValues) + return + } + + targetType := targetValue.Type() + if targetType.Kind() == reflect.Slice { + c.setSliceValue(path, targetValue, incomingValues) + return + } + + // values are stored as a slice, even single values + values := c.readSlice(path, targetType, incomingValues) + + // no valid values + if len(values) == 0 { + return + } + + // any values returned from readSlice should be valid + value := values[0] + typ := value.Type() + if typ.AssignableTo(targetType) { + targetValue.Set(value) + } else if typ.ConvertibleTo(targetType) { + targetValue.Set(value.Convert(targetType)) + } else { + c.err(path, "unable to set value expected: %s to: %s, dropping: %v", typeName(targetType), typeName(typ), incoming) + } +} + +func (c *mapReader) setSliceValue(path []string, targetValue reflect.Value, incoming []any) { + sliceType := targetValue.Type() + if sliceType.Kind() != reflect.Slice { + panic("expected slice") + } + sz := len(incoming) + if sz > 0 { + elemType := sliceType.Elem() + newSlice := reflect.MakeSlice(sliceType, 0, sz) + values := c.readSlice(path, elemType, incoming) + for i, value := range values { + if value.Type().AssignableTo(elemType) { + newSlice = reflect.Append(newSlice, value) + } else if value.CanConvert(elemType) { + newSlice = reflect.Append(newSlice, value) + } else { + c.err(append(path, strconv.Itoa(i)), "unable to convert value type: %s to: %s: %v", typeName(value.Type()), typeName(elemType), value) + } + } + targetValue.Set(newSlice) + } +} + +//func (c *mapReader) findExternalReferenceType(expectedType reflect.Type) (reflect.Type, bool) { +// tc := c.ctx.typeToContext[expectedType] +// if tc != nil { +// return tc.typ, true +// } +// bestMatch := anyType +// for t := range c.ctx.typeToContext { +// if t.Kind() != reflect.Struct { +// continue +// } +// // the type with the fewest fields assignable to the target is a good candidate to be an abstract type +// if reflect.PointerTo(t).AssignableTo(expectedType) && (bestMatch == anyType || bestMatch.NumField() > t.NumField()) { +// bestMatch = t +// } +// } +// if bestMatch != anyType { +// c.ctx.typeToContext[expectedType] = &typeContext{ +// typ: bestMatch, +// } +// return bestMatch, true +// } +// return anyType, false +//} + +type contextMap map[string]*serializationContext + +func (c contextMap) getPrefix(ctx *serializationContext) string { + for pfx, sc := range c { + if sc == ctx { + return pfx + } + } + return "" +} + +func (c *mapReader) getContextMap(currentContext contextMap, values map[string]any) (contextMap, error) { + ctx := values[JsonContextProp] + if ctx == nil { + if currentContext == nil { + return nil, fmt.Errorf("unable to find " + JsonContextProp) + } + return currentContext, nil + } + // TODO support named contexts, e.g. + //namedContexts, _ := ctx.(map[string]any) + + context, _ := ctx.(string) + sc := c.ctx.contextMap[context] + if sc == nil { + return nil, fmt.Errorf("unknown %s: '%s' must be in %v", JsonContextProp, context, maps.Keys(c.ctx.contextMap)) + } + return merge(currentContext, contextMap{ + "": sc, + }), nil +} + +func (c *mapReader) externalIRI(path []string, targetType reflect.Type, id string) reflect.Value { + for typ, f := range c.ctx.typeToExternalIriFunc { + if typ.AssignableTo(targetType) { + return f(id) + } + } + c.err(path, "unable to find viable external IRI for: %s for ID: %s", typeName(targetType), id) + return emptyValue +} + +func (c *mapReader) err(path []string, format string, args ...any) { + if c.link { // only capture errors during second pass + c.errs = append(c.errs, fmt.Errorf("[%s] "+format, append([]any{strings.Join(path, "/")}, args...)...)) + } +} + +func (c *mapReader) log(path []string, format string, args ...any) { + if c.logOut != nil { + caller := "" + pc, _, _, ok := runtime.Caller(1) + if ok { + details := runtime.FuncForPC(pc) + file, line := details.FileLine(pc) + caller = details.Name() + " (" + file + ":" + strconv.Itoa(line) + "): " + } + _, _ = fmt.Fprintf(c.logOut, "[%s] "+caller+format+"\n", append([]any{strings.Join(path, "/")}, args...)...) + } +} + +func convertTo(v reflect.Value, typ reflect.Type) reflect.Value { + if v.CanConvert(typ) { + return v.Convert(typ) + } + return emptyValue +} + +func singleValue[T any](v any) T { + switch v := v.(type) { + case []any: + if len(v) > 0 { + return singleValue[T](v[0]) + } + case T: + return v + } + var t T + return t +} diff --git a/spdx/v3/internal/ld/reader_test.go b/spdx/v3/internal/ld/reader_test.go new file mode 100644 index 00000000..12357243 --- /dev/null +++ b/spdx/v3/internal/ld/reader_test.go @@ -0,0 +1,317 @@ +package ld + +import ( + "reflect" + "testing" + "time" + + "github.com/google/go-cmp/cmp" + "github.com/stretchr/testify/require" +) + +func Test_nestedDeserialization(t *testing.T) { + type t1 struct { + _ Type `iri:"https://example.org/test-1"` + Id string `iri:"@id"` + Child any `iri:"https://example.org/test-1/child"` + } + + contextURI := "http://example.org/uri" + + ctx := NewContext().Register(contextURI, o{"@context": o{ + "t": "https://example.org/test-1", + "child": o{ + "@id": "https://example.org/test-1/child", + "@type": "@vocab", + }, + }}, t1{}) + + graph, err := ctx.(*context).fromMaps(o{ + "@context": contextURI, + "@graph": l{ + o{ + "@id": "_:t1", + "@type": "t", + "child": "_:t2", + }, + o{ + "@id": "_:t2", + "@type": "t", + "child": "_:t3", + }, + o{ + "@id": "_:t3", + "@type": "t", + "child": "_:t1", + }, + }, + }) + got := graph[0].(*t1) + require.NoError(t, err) + require.True(t, got.Child.(*t1).Child != nil) +} + +func Test_readerAliasFields(t *testing.T) { + type typ struct { + _ Type `iri:"https://example.org/test-iri"` + Id string `iri:"@id"` + Str string `iri:"https://example.org/test-iri/str-iri"` + Bool bool `iri:"https://example.org/test-iri/bool-iri"` + Int int `iri:"https://example.org/test-iri/int-iri"` + Float float64 `iri:"https://example.org/test-iri/float-iri"` + Time time.Time `iri:"https://example.org/test-iri/time-iri"` + } + + typContext := o{ + "t": "https://example.org/test-iri", + "s": o{ + "@id": "https://example.org/test-iri/str-iri", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "b": o{ + "@id": "https://example.org/test-iri/bool-iri", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "i": o{ + "@id": "https://example.org/test-iri/int-iri", + "@type": "http://www.w3.org/2001/XMLSchema#integer", + }, + "f": o{ + "@id": "https://example.org/test-iri/float-iri", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "tm": o{ + "@id": "https://example.org/test-iri/time-iri", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + } + + idTypeAliasedContext := merge(typContext, o{ + "myId": "@id", + "myType": "@type", + }) + + tests := []struct { + name string + context o + graph any + expected func() any + wantErr require.ErrorAssertionFunc + }{ + { + name: "all aliases, @context prop", + context: typContext, + graph: o{ + "@type": "t", + "s": "joe", + "b": true, + "i": 12, + "f": 39.11, + "tm": mar25noon.Format(time.RFC3339), + }, + expected: func() any { + return &typ{ + Str: "joe", + Bool: true, + Int: 12, + Float: 39.11, + Time: mar25noon, + } + }, + }, + { + name: "all aliases, no @context prop", + context: typContext, + graph: o{ + "@type": "t", + "s": "joe", + "b": true, + "i": 12, + "f": 39.11, + "tm": mar25noon.Format(time.RFC3339), + }, + expected: func() any { + return &typ{ + Str: "joe", + Bool: true, + Int: 12, + Float: 39.11, + Time: mar25noon, + } + }, + }, + { + name: "full IRI, no aliases", + context: o{}, + graph: o{ + "@type": "https://example.org/test-iri", + "https://example.org/test-iri/str-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "joe", + }, + "https://example.org/test-iri/bool-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + "@value": true, + }, + "https://example.org/test-iri/int-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#integer", + "@value": 12, + }, + "https://example.org/test-iri/float-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + "@value": 39.11, + }, + "https://example.org/test-iri/time-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + "@value": mar25noon.Format(time.RFC3339), + }, + }, + expected: func() any { + return &typ{ + Str: "joe", + Bool: true, + Int: 12, + Float: 39.11, + Time: mar25noon, + } + }, + }, + { + name: "full IRI, all aliases", + context: typContext, + graph: o{ + "@type": "https://example.org/test-iri", + "https://example.org/test-iri/str-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "joe", + }, + "https://example.org/test-iri/bool-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + "@value": true, + }, + "https://example.org/test-iri/int-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#integer", + "@value": 12, + }, + "https://example.org/test-iri/float-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + "@value": 39.11, + }, + "https://example.org/test-iri/time-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + "@value": mar25noon.Format(time.RFC3339), + }, + }, + expected: func() any { + return &typ{ + Str: "joe", + Bool: true, + Int: 12, + Float: 39.11, + Time: mar25noon, + } + }, + }, + { + name: "mixed IRI and aliases", + context: typContext, + graph: o{ + "@type": "t", + "https://example.org/test-iri/str-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#string", + "@value": "joe", + }, + "b": true, + "https://example.org/test-iri/int-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#integer", + "@value": 12, + }, + "f": 39.11, + "https://example.org/test-iri/time-iri": o{ + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + "@value": mar25noon.Format(time.RFC3339), + }, + }, + expected: func() any { + return &typ{ + Str: "joe", + Bool: true, + Int: 12, + Float: 39.11, + Time: mar25noon, + } + }, + }, + { + name: "id and type aliases", + context: idTypeAliasedContext, + graph: o{ + "myType": "t", + "s": "joe", + "b": true, + "i": 12, + "f": 39.11, + "tm": mar25noon.Format(time.RFC3339), + }, + expected: func() any { + return &typ{ + Str: "joe", + Bool: true, + Int: 12, + Float: 39.11, + Time: mar25noon, + } + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + expected := tt.expected() + contextURI := "http://example.org/uri" + + ctx := NewContext().Register(contextURI, o{"@context": tt.context}, + // register an empty instance of the returned type: + reflect.New(reflect.TypeOf(expected).Elem()).Interface()) + graph := tt.graph + if _, ok := tt.graph.(l); !ok { + graph = l{graph} + } + var got any + gotList, err := ctx.(*context).fromMaps(o{ + "@context": contextURI, + "@graph": graph, + }) + + wantErr := require.NoError + if tt.wantErr != nil { + wantErr = tt.wantErr + } + wantErr(t, err) + + got = gotList + if _, ok := expected.(l); !ok { + if len(gotList) > 0 { + got = gotList[0] + } + } + + d := cmp.Diff(expected, got) + if d != "" { + t.Fatal(d) + } + }) + } +} + +var mar25noon = get(time.Parse(time.RFC3339, "2025-03-25T12:00:00Z")) + +func get[T any](t T, err error) T { + if err != nil { + panic(err) + } + return t +} + +type o = map[string]any +type l = []any diff --git a/spdx/v3/internal/ld/ref_count.go b/spdx/v3/internal/ld/ref_count.go new file mode 100644 index 00000000..8295a1ac --- /dev/null +++ b/spdx/v3/internal/ld/ref_count.go @@ -0,0 +1,59 @@ +package ld + +import "reflect" + +// RefCount returns the reference count of the value in the container map[string]any +func RefCount(find any, container any) int { + findV, ok := find.(reflect.Value) + if !ok { + findV = reflect.ValueOf(find) + } + if !findV.IsValid() { + return 0 + } + + containerV, ok := container.(reflect.Value) + if !ok { + containerV = reflect.ValueOf(container) + } + + return refCountR(findV, map[reflect.Value]struct{}{}, containerV) +} + +// refCountR recursively searches for the value, find, in the value v +func refCountR(find reflect.Value, visited map[reflect.Value]struct{}, v reflect.Value) int { + if !v.IsValid() { + return 0 + } + if _, ok := visited[v]; ok { + return 0 + } + visited[v] = struct{}{} + switch v.Kind() { + case reflect.Interface: + return refCountR(find, visited, v.Elem()) + case reflect.Pointer: + if v.IsNil() { + return 0 + } + count := refCountR(find, visited, v.Elem()) + if find.Equal(v) { + return count + 1 + } + return count + case reflect.Struct: + count := 0 + for i := 0; i < v.NumField(); i++ { + count += refCountR(find, visited, v.Field(i)) + } + return count + case reflect.Slice: + count := 0 + for i := 0; i < v.Len(); i++ { + count += refCountR(find, visited, v.Index(i)) + } + return count + default: + return 0 + } +} diff --git a/spdx/v3/internal/ld/ref_count_test.go b/spdx/v3/internal/ld/ref_count_test.go new file mode 100644 index 00000000..e69bcc6a --- /dev/null +++ b/spdx/v3/internal/ld/ref_count_test.go @@ -0,0 +1,122 @@ +package ld + +import ( + "testing" +) + +func Test_refCount(t *testing.T) { + type O1 struct { + Name string + } + + type O2 struct { + Name string + O1s []*O1 + } + + o1 := &O1{"o1"} + o2 := &O1{"o2"} + o3 := &O1{"o3"} + o21 := &O2{"o21", []*O1{o1, o1, o2, o3}} + o22 := []*O2{ + {"o22-1", []*O1{o1, o1, o1, o1, o2, o3}}, + {"o22-2", []*O1{o1, o1, o1, o1, o2, o3}}, + {"o22-3", []*O1{o1, o1, o1, o1, o2, o3}}, + } + + type O3 struct { + Name string + Ref []*O3 + } + o31 := &O3{"o31", nil} + o32 := &O3{"o32", []*O3{o31}} + o33 := &O3{"o33", []*O3{o32}} + o31.Ref = []*O3{o33} + o34 := &O3{"o34", []*O3{o31, o32}} + o35 := &O3{"o35", []*O3{o31, o32, o31, o32}} + + type O4 struct { + Name string + Ref any + } + o41 := &O4{"o41", nil} + o42 := &O4{"o42", o41} + + tests := []struct { + name string + checkObj any + checkIn any + expected int + }{ + { + name: "none", + checkObj: o33, + checkIn: o21, + expected: 0, + }, + { + name: "interface", + checkObj: o41, + checkIn: o42, + expected: 1, + }, + { + name: "single", + checkObj: o3, + checkIn: o21, + expected: 1, + }, + { + name: "multiple", + checkObj: o1, + checkIn: o21, + expected: 2, + }, + + { + name: "multiple 2", + checkObj: o1, + checkIn: o22, + expected: 12, + }, + { + name: "circular 1", + checkObj: o31, + checkIn: o31, + expected: 2, // this returns 2 because it needs to find a circular reference to itself + }, + { + name: "circular 2", + checkObj: o32, + checkIn: o31, + expected: 1, + }, + { + name: "circular 3", + checkObj: o33, + checkIn: o31, + expected: 1, + }, + { + name: "circular multiple", + checkObj: o32, + checkIn: o34, + expected: 2, + }, + { + name: "circular multiple 2", + checkObj: o32, + checkIn: o35, + expected: 3, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + cnt := RefCount(tt.checkObj, tt.checkIn) + if cnt != tt.expected { + t.Errorf("wrong reference count: %v != %v", tt.expected, cnt) + } + }) + } +} diff --git a/spdx/v3/internal/ld/shaclgen/gen.go b/spdx/v3/internal/ld/shaclgen/gen.go new file mode 100644 index 00000000..8d828ee7 --- /dev/null +++ b/spdx/v3/internal/ld/shaclgen/gen.go @@ -0,0 +1,819 @@ +package shaclgen + +import ( + "encoding/json" + "fmt" + "os" + "reflect" + "regexp" + "slices" + "strings" + + . "github.com/dave/jennifer/jen" + "github.com/gertd/go-pluralize" + "mvdan.cc/gofumpt/format" + + "github.com/spdx/tools-golang/spdx/v3/internal/ld" +) + +// Generate generates a data model and supporting functions to be able to serialize and deserialize +// JSON LD documents with compaction and including inhertiance. +func Generate(opts ...Option) { + g := &generator{ + pkgName: "model", + license: "UNKNOWN", + outputValidations: true, + useEnums: true, + flatStruct: false, + gettersSetters: false, + classes: map[string]*Class{}, + contexts: map[string]map[string]any{}, + namedIndividuals: map[string][]*Individual{}, + nameToIRI: map[string]string{}, + iriToType: map[string]*Class{}, + customTypes: map[string]string{}, + pluralizer: pluralize.NewClient(), + renameFunc: func(typ NameType, name string, c *Class) string { + return "" + }, + } + for _, opt := range opts { + opt(g) + } + g.idField = g.name(NameTypeField, ld.GoIdField, nil) + g.Generate() +} + +type Option func(*generator) + +func EnableLog() Option { + return func(generator *generator) { + logEnabled = true + } +} + +func RenameFunc(fn func(typ NameType, name string, c *Class) string) Option { + return func(generator *generator) { + generator.renameFunc = fn + } +} + +func OutputFile(path string) Option { + return func(generator *generator) { + generator.outputFile = strings.TrimSuffix(path, ".go") + } +} + +func PackageName(pkg string) Option { + return func(generator *generator) { + generator.pkgName = pkg + } +} + +func LicenseID(spdxLicenseID string) Option { + return func(generator *generator) { + generator.license = spdxLicenseID + } +} + +func UseEnums(useEnums bool) Option { + return func(generator *generator) { + generator.useEnums = useEnums + } +} + +func UseFlatStruct(useFlatStruct bool) Option { + return func(generator *generator) { + generator.flatStruct = useFlatStruct + } +} + +func GenerateGettersSetters(gettersSetters bool) Option { + return func(generator *generator) { + generator.gettersSetters = gettersSetters + } +} + +func JsonLDContext(url string) Option { + return func(generator *generator) { + if generator.contexts[url] != nil { + panic("duplicate contexts registered: " + url) + } + contents := fetch(url) + var ctx map[string]any + must(json.Unmarshal(contents, &ctx)) + generator.contexts[url] = ctx + } +} + +func SHACLTypes(url string) Option { + return func(generator *generator) { + classes, namedIndividuals := ParseSHACLFromUrl(url) + for k, v := range classes { + if generator.classes[k] != nil { + panic("duplicate class iri defined: " + k) + } + generator.classes[k] = v + } + for _, ni := range namedIndividuals { + generator.namedIndividuals[ni.TypeIRI] = append(generator.namedIndividuals[ni.TypeIRI], ni) + } + } +} + +type NameType int + +const ( + NameTypeType NameType = iota + NameTypeField + NameTypeFunc + NameTypeFile + NameTypeComment +) + +type renameFunc func(typ NameType, name string, c *Class) string + +type generator struct { + pkgName string + license string + contexts map[string]map[string]any + classes map[string]*Class // classes by IRI + namedIndividuals map[string][]*Individual // individuals by IRI, sorted + outputFile string + outputValidations bool + nameToIRI map[string]string + iriToType map[string]*Class + pluralizer *pluralize.Client + renameFunc renameFunc + customTypes map[string]string + idField string + useEnums bool + flatStruct bool + gettersSetters bool +} + +func (g *generator) Generate() { + f := g.newCode() + + totalTypes := 0 + totalProps := 0 + + // get all the final type names so we can output things alphabetically + for _, c := range g.classes { + totalTypes++ + renamed := g.className(c.IRI) + c.GoName = renamed + g.nameToIRI[renamed] = c.IRI + g.iriToType[c.IRI] = c + + totalProps += len(c.Properties) + } + + // set all prop go names + for _, c := range g.classes { + totalProps += len(c.Properties) + for _, p := range c.Properties { + p.GoName = g.propName(c, p) + } + } + + for iri := range g.namedIndividuals { + slices.SortFunc(g.namedIndividuals[iri], func(a, b *Individual) int { + return strings.Compare(a.IRI, b.IRI) + }) + } + + log("SUMMARY -- classes:", totalTypes, ", properties:", totalProps, ", individuals:", len(g.namedIndividuals)) + + // sort output alphabetically by type name, the names have already been replaced + for _, name := range keys(g.nameToIRI) { + iri := g.nameToIRI[name] + c := g.iriToType[iri] + + // append the interface for this struct, can be extended + if !g.isEnum(c.IRI) { + f.Type().Id(interfacePrefix + name).Interface(g.appendInterfaceDefinition(c)...) + } + + if c.Comment != "" { + f.Comment(prefixWith(fixWhitespace(c.Comment), name)) + } + + if c.Abstract && g.flatStruct { + log("skipping abstract type:", c.GoName) + } else { + // append the actual struct + f.Type().Id(name).Struct( + g.typeFields(c)..., + ) + + // implement the interface for this struct + if !g.isEnum(c.IRI) { + g.appendStructImplFuncs(f, name, c) + } else if g.gettersSetters || g.flatStruct { + g.appendGetID(f, name, c) + } + + // add all the named individuals defined for this type + g.appendNamedIndividualsForType(f, c.IRI) + } + + // append the list type for this struct + if g.isObject(c.IRI) && !g.isEnum(c.IRI) { + g.appendListType(f, c) + } + } + + // append external IRI type + g.appendExternalIRI(f) + + if !g.flatStruct { + // append cast functions + g.appendCastFuncs(f) + } + + // append custom type names like ld.URI + g.appendCustomTypes(f) + + // append context registration + g.appendContextRegistration(f) + + log() + + commentText := []byte(g.name(NameTypeComment, fmt.Sprintf("// Generated by %s\n//\n// SPDX-License-Identifier: %s\n\n", ldImport, g.license), nil)) + if g.outputFile != "" { + must(os.WriteFile(g.name(NameTypeFile, g.outputFile+".go", nil), append(commentText, formattedSource(f)...), 0777)) + } + + if g.outputValidations && g.outputFile != "" { + f = g.newCode() + } + + g.appendValidations(f) + if g.outputFile != "" { + must(os.WriteFile(g.name(NameTypeFile, g.outputFile+"_validations.go", nil), append(commentText, formattedSource(f)...), 0777)) + } + + if g.outputFile == "" { + _, _ = os.Stdout.Write(append(commentText, f.GoString()...)) + } +} + +func formattedSource(f *File) []byte { + return get(format.Source([]byte(f.GoString()), format.Options{})) +} + +func (g *generator) newCode() *File { + f := NewFile(g.pkgName) + f.ImportNames(map[string]string{ + "time": "time", + ldImport: "ld", + }) + return f +} + +func (g *generator) typeFields(c *Class) []Code { + var out []Code + if c.Abstract { + log("skipping type for abstract:", c.GoName) + } else { + out = []Code{ + Id(ld.GoTypeField).Qual(ldImport, "Type").Tag(map[string]string{ + ld.GoIriTagName: c.IRI, + ld.GoNodeKindTagName: c.Kind, + }), + } + } + out = append(out, g.embedSupertypeOrID(c)...) + out = append(out, g.addDirectProperties(c)...) + return out +} + +func (g *generator) propName(c *Class, p *Property) string { + iri := p.IRI + + iri = cleanIRI(iri) + parts := strings.Split(iri, "/") + slices.Reverse(parts) + name := "" + for i, part := range parts { + name = upperFirst(part) + name + if requireMultipleSegments && i < 1 { + continue + } + break + } + if g.isList(c, p) { + name = g.pluralize(name) + } + + return g.name(NameTypeField, name, c) +} + +func (g *generator) isEnum(typeIRI string) bool { + if !g.useEnums { + return false + } + c := g.iriToType[typeIRI] + if c != nil { + // no parent, no properties, and no children + return c.ParentIRI == "" && len(c.Properties) == 0 && !g.hasSubtypes(typeIRI) + } + return false +} + +func (g *generator) hasSubtypes(iri string) bool { + for _, c := range g.classes { + if c.ParentIRI == iri { + return true + } + } + return false +} + +func (g *generator) isList(_ *Class, p *Property) bool { + return p.MaxCount != 1 +} + +func (g *generator) embedSupertypeOrID(c *Class) []Code { + var out []Code + if !g.flatStruct && c.ParentIRI != "" { + p := g.iriToType[c.ParentIRI] + if p == nil { + panic("Unknown parent: " + c.ParentIRI) + } + out = append(out, Id(p.GoName)) + } else { + idField := g.idField + if g.isEnum(c.IRI) { + idField = unexport(idField) + } + out = append(out, Id(idField).Id("string").Tag(map[string]string{ + ld.GoIriTagName: ld.JsonIdProp, + })) + } + return out +} + +func (g *generator) addDirectProperties(c *Class) []Code { + var out []Code + if parent := g.iriToType[c.ParentIRI]; g.flatStruct && parent != nil { + out = g.addDirectProperties(parent) + } + for _, p := range c.Properties { + name := g.fieldName(c, p) + if p.Comment != "" { + out = append(out, Comment(prefixWith(fixWhitespace(p.Comment), name))) + } + tags := map[string]string{ + ld.GoIriTagName: p.IRI, + ld.GoTypeTagName: p.TypeIRI, + } + if p.MinCount > 0 { + tags[ld.GoRequiredTagName] = "true" + } + out = append(out, Id(name).Add(g.fieldType(c, p)).Tag(tags)) + } + return out +} + +func (g *generator) appendInterfaceDefinition(c *Class) []Code { + var params []Code + if c.ParentIRI != "" { + // extend parent types for proper type safety e.g. assign AnyExtension to AnyElement + parent := g.iriToType[c.ParentIRI] + params = append(params, Id(interfacePrefix+parent.GoName)) + } else { + params = append(params, + Id(getterPrefix+g.idField).Params().Id("string"), + Id(setterPrefix+g.idField).Params(Id("string")), + ) + } + if g.flatStruct { + // append the asThing() method to the interface + params = append(params, Id(viewPrefix+c.GoName).Params()) + + // append getters and setters for properties + for _, p := range c.Properties { + typ := g.fieldType(c, p) + params = append(params, + Id(getterPrefix+p.GoName).Params().Add(typ), + Id(setterPrefix+p.GoName).Params(typ), + ) + } + } else { + // append the asThing() method to the interface + params = append(params, Id(viewPrefix+c.GoName).Params().Op("*").Id(c.GoName)) + } + return params +} + +func (g *generator) appendStructImplFuncs(f *File, name string, c *Class) { + if g.flatStruct { + f.Func().Params(Id("o").Op("*").Id(name)).Id(viewPrefix + c.GoName).Params().Block() + if parent := g.iriToType[c.ParentIRI]; parent != nil { + g.appendStructImplFuncs(f, name, parent) + } else { + // append id getter and setter once, for the top-most type + g.appendGetID(f, name, c) + f.Func().Params(Id("o").Op("*").Id(name)).Id(setterPrefix + g.idField).Params(Id("v").Id("string")).Block( + Id("o").Dot(g.idField).Op("=").Id("v"), + ) + } + } else { + f.Func().Params(Id("o").Op("*").Id(name)).Id(viewPrefix + c.GoName).Params().Op("*").Id(c.GoName).Block( + Return(Id("o")), + ) + } + + if g.gettersSetters || g.flatStruct { + // append getters and setters for properties + for _, p := range c.Properties { + typ := g.fieldType(c, p) + f.Func().Params(Id("o").Op("*").Id(name)).Id(getterPrefix + p.GoName).Params().Add(typ).Block( + Return(Id("o").Dot(p.GoName)), + ) + f.Func().Params(Id("o").Op("*").Id(name)).Id(setterPrefix + p.GoName).Params(Id("v").Add(typ)).Block( + Id("o").Dot(p.GoName).Op("=").Id("v"), + ) + } + } +} + +func (g *generator) fieldType(c *Class, p *Property) Code { + isObj := g.isObject(p.TypeIRI) + isList := g.isList(c, p) + isEnum := isObj && g.isEnum(p.TypeIRI) + + pkg, typ := g.baseType(c, p) + if isObj && !isEnum { + if isList { + typ += listSuffix + } else { + typ = interfacePrefix + typ + } + } + t := Id(typ) + if pkg != "" { + if pkg == reflect.TypeOf(ld.URI("")).PkgPath() { + if g.customTypes[typ] == "" { + g.customTypes[typ] = g.name(NameTypeType, typ, nil) + } + t = Id(g.customTypes[typ]) + } else { + t = Qual(pkg, typ) + } + } + switch { + case !isObj && isList, isObj && isEnum && isList: + t = Index().Add(t) + } + return t +} + +func (g *generator) isObject(iri string) bool { + return g.iriToType[iri] != nil +} + +// baseType returns the golang base type to output, with "primitive" values based on the type mappings defined in ld.TypeIRI2Go +func (g *generator) baseType(c *Class, p *Property) (pkg string, typ string) { + iri := cleanIRI(p.TypeIRI) + goTyp := ld.TypeForIRI(iri) + if goTyp != nil { + return goTyp.PkgPath(), goTyp.Name() + } + + c = g.iriToType[iri] + if c == nil { + panic("Unknown type for IRI: " + iri) + } + name := g.name(NameTypeType, c.GoName, c) + parts := strings.Split(name, ".") + if len(parts) > 1 { + return strings.Join(parts[0:len(parts)-1], "."), parts[len(parts)-1] + } + return "", name +} + +func (g *generator) fieldName(c *Class, p *Property) string { + return g.name(NameTypeField, p.GoName, c) +} + +func (g *generator) className(iri string) string { + iri = strings.Trim(iri, "<>") + parts := strings.Split(iri, "/") + slices.Reverse(parts) + name := "" + for i, part := range parts { + name = upperFirst(part) + name + if requireMultipleSegments && i < 1 { + continue + } + if in(g.iriToType, name) { + continue + } + break + } + return g.name(NameTypeType, name, nil) +} + +func (g *generator) appendListType(f *File, c *Class) { + listType := g.className(c.IRI) + listSuffix + + // append the list type + f.Type().Id(listType).Id("[]" + g.interfaceName(c.IRI)) + + // append all the typed getters + g.appendListTypeGetters(f, listType, c) +} + +func (g *generator) appendListTypeGetters(f *File, listTypeName string, listTyp *Class) { + for _, name := range keys(g.nameToIRI) { + iri := g.nameToIRI[name] + if g.isEnum(iri) { + continue + } + c := g.iriToType[iri] + if c == listTyp || g.isSubtypeOf(listTyp, c) { + getterName := g.name(NameTypeFunc, g.pluralize(g.className(c.IRI)), c) + if g.flatStruct { + // func (o ThingList) SubType() []AnySubType { + // var out []AnySubType + // for _, v := range o { + // if v2, ok := v.(AnySubType); ok { + // out = append(out, v) + // } + // return out + // } + g.className(c.IRI) + f.Func().Params(Id("v").Id(listTypeName)).Id(getterName).Params().Index().Id(g.interfaceName(c.IRI)).Block( + Return(Qual(ldImport, "SliceOf").Index(Id(g.interfaceName(c.IRI))).Params(Id("v"))), + ) + } else { + castName := g.name(NameTypeFunc, castPrefix+g.className(c.IRI), c) + f.Func().Params(Id("o").Op("*").Id(listTypeName)).Id(getterName).Params().Qual(ldImport, "TypeSeq").Index(Id(g.interfaceName(listTyp.IRI)).Op(",").Op("*").Id(g.className(c.IRI))).Block( + Return().Qual(ldImport, "NewTypeSeq").Params(Op("*").Id("o"), Id(castName)), + ) + } + } + } +} + +func (g *generator) pluralize(name string) string { + return g.pluralizer.Plural(name) +} + +func (g *generator) appendExternalIRI(f *File) { + structName := g.name(NameTypeType, externalIriName, nil) + + // append type without type info, these will only output as an id + f.Type().Id(structName).Struct( + Id(unexport(g.idField)).Id("string").Tag(map[string]string{ + ld.GoIriTagName: ld.JsonIdProp, + }), + Id("value").Any(), + ) + + // append creation function + f.Func().Id(g.externalIRIName()).Params(Id("id").Id("string")).Op("*").Id(structName).Block( + Return().Op("&").Id(structName).Block( + Id(unexport(g.idField)).Op(":").Id("id").Op(","), + ), + ) + + if !g.flatStruct { + for _, name := range keys(g.nameToIRI) { + iri := g.nameToIRI[name] + if g.isEnum(iri) { + continue + } + castName := g.name(NameTypeFunc, castPrefix+name, nil) + f.Func().Params(Id("o").Op("*").Id(structName)).Id(viewPrefix + name).Params().Op("*").Id(name).Block( + Return().Id(castName).Params(Id("o").Dot("value")), + ) + } + } +} + +func (g *generator) appendCastFuncs(f *File) { + // append individual cast functions for each non-enum type + for _, name := range keys(g.nameToIRI) { + iri := g.nameToIRI[name] + if g.isEnum(iri) { + continue + } + castName := g.name(NameTypeFunc, castPrefix+name, nil) + f.Func().Id(castName).Params(Id("o").Any()).Op("*").Id(name).Block( + If(Id("o").Op(",").Id("ok").Op(":=").Id("o").Op(".").Params(Id(interfacePrefix+name)).Op(";").Id("ok").Block( + Return().Id("o").Op(".").Id(viewPrefix+name).Params(), + )), + Return().Nil(), + ) + } + + castFuncName := g.name(NameTypeFunc, upperFirst(castPrefix), nil) + // append a singular cast function + f.Func().Id(castFuncName).Index(Id("T").Id("any")).Params(Id("value").Id("any")).Op("*").Id("T").BlockFunc(func(f *Group) { + f.Var().Id("t").Id("T") + f.Switch(Any().Params(Id("t")).Op(".").Params(Type())).BlockFunc(func(f *Group) { + for _, name := range keys(g.nameToIRI) { + iri := g.nameToIRI[name] + if g.isEnum(iri) { + continue + } + castName := g.name(NameTypeFunc, castPrefix+name, nil) + f.Case(Id(name)).Block( + If(Id("v").Op(",").Id("ok").Op(":=").Any().Params(Id(castName).Params(Id("value"))).Op(".").Params(Op("*").Id("T")).Op(";").Id("ok")).Block( + Return(Id("v")), + ), + ) + } + }) + f.Panic(Lit("invalid type cast, unknown type: ").Op("+").Qual("reflect", "TypeOf").Params(Id("t")).Op(".").Id("String").Params()) + }) + + // append "As" function + f.Func().Id("As").Index(Id("T").Any().Op(",").Id("R").Any()).Params(Id("value").Any(), Id("fn").Func().Params(Id("v").Op("*").Id("T")).Id("R")).Id("R").Block( + Id("v").Op(":=").Id(castFuncName).Index(Id("T")).Params(Id("value")), + If(Id("v").Op("!=").Nil().Block( + Return(Id("fn").Params(Id("v"))), + )), + Var().Id("r").Id("R"), + Return(Id("r")), + ) +} + +func (g *generator) interfaceName(iri string) string { + return interfacePrefix + g.className(iri) +} + +func (g *generator) isSubtypeOf(parent *Class, typ *Class) bool { + if typ.ParentIRI != "" { + if typ.ParentIRI == parent.IRI { + return true + } + next := g.iriToType[typ.ParentIRI] + return g.isSubtypeOf(parent, next) + } + return false +} + +func (g *generator) appendNamedIndividualsForType(f *File, typeIRI string) { + for _, ni := range g.namedIndividuals[typeIRI] { + varName := g.namedIndividualName(ni) + if ni.Comment != "" { + f.Comment(prefixWith(ni.Comment, varName)) + } + if g.useEnums && g.isEnum(typeIRI) { + c := g.iriToType[typeIRI] + typeName := g.className(typeIRI) + f.Var().Id(varName).Op("=").Id(typeName).Block( + g.setId(c, ni.IRI), + ) + } else if g.flatStruct { + c := g.iriToType[typeIRI] + f.Var().Id(varName).Id(g.interfaceName(typeIRI)).Op("=").Op("&").Id(c.GoName).Block( + Id(g.idField).Op(":").Lit(ni.IRI).Op(","), + ) + } else { + f.Var().Id(varName).Id(g.interfaceName(typeIRI)).Op("=").Op("&").Id(externalIriName).Block( + Id(unexport(g.idField)).Op(":").Lit(ni.IRI).Op(","), + ) + } + } +} + +func (g *generator) setId(c *Class, iri string) Code { + if c.ParentIRI != "" { + parent := g.iriToType[c.ParentIRI] + typeName := g.className(parent.IRI) + return Id(typeName).Op(":").Id(typeName).Block( + g.setId(parent, iri), + ).Op(",") + } + if g.isEnum(c.IRI) { + return Id(unexport(g.idField)).Op(":").Lit(iri).Op(",") + } + return Id(g.idField).Op(":").Lit(iri).Op(",") +} + +func (g *generator) appendCustomTypes(f *File) { + for _, typ := range keys(g.customTypes) { + pkg := reflect.TypeOf(ld.URI("")).PkgPath() + f.Type().Id(g.customTypes[typ]).Op("=").Qual(pkg, typ) + } +} + +func (g *generator) appendContextRegistration(f *File) { + contextCreateName := g.name(NameTypeFunc, "context", nil) + f.Func().Id(contextCreateName).Params().Qual(ldImport, "Context").BlockFunc(func(f *Group) { + val := Return().Qual(ldImport, "NewContext").Params() + for contextURI, contextJSON := range g.contexts { + params := []Code{ + Lit(contextURI), + getMap(contextJSON), + Line().Id(g.externalIRIName()), + } + for _, name := range keys(g.nameToIRI) { + iri := g.nameToIRI[name] + c := g.iriToType[iri] + if g.flatStruct && c.Abstract { + continue + } + params = append(params, Line().Id(c.GoName).Block()) + for _, ni := range g.namedIndividuals[iri] { + params = append(params, Line().Id(g.namedIndividualName(ni))) + } + } + params = append(params, Line()) + val.Dot("Register").Params(params...) + } + f.Add(val) + }) +} + +func (g *generator) name(typ NameType, name string, c *Class) string { + renamed := g.renameFunc(typ, name, c) + if renamed != "" { + return renamed + } + return name +} + +func (g *generator) namedIndividualName(ni *Individual) string { + label := cleanText(ni.Label) + if label == "" { + parts := strings.Split(ni.IRI, "/") + label = parts[len(parts)-1] + } + label = g.name(NameTypeField, label, g.iriToType[ni.TypeIRI]) + typeName := g.className(ni.TypeIRI) + return typeName + "_" + upperFirst(label) +} + +func (g *generator) externalIRIName() string { + structName := g.name(NameTypeType, externalIriName, nil) + funcName := g.name(NameTypeFunc, "New"+structName, nil) + funcName = upperFirst(funcName) + return funcName +} + +func (g *generator) appendGetID(f *File, name string, c *Class) { + idField := g.idField + if g.isEnum(c.IRI) { + idField = unexport(idField) + } + f.Func().Params(Id("o").Op("*").Id(name)).Id(getterPrefix + g.idField).Params().Id("string").Block( + Return(Id("o").Dot(idField)), + ) +} + +func getMap(contextJSON map[string]any) Code { + values := Dict{} + for k, v := range contextJSON { + switch v := v.(type) { + case map[string]any: + values[Lit(k)] = getMap(v) + case []any: + panic("unsupported list in context") + default: + values[Lit(k)] = Lit(v) + } + } + return Map(String()).Any().Values(values) +} + +func upperFirst(part string) string { + return strings.ToUpper(part[:1]) + part[1:] +} + +func unexport(part string) string { + return strings.ToLower(part) +} + +func fixWhitespace(s string) string { + s = strings.ReplaceAll(s, "\\n", "\n") + s = whitespace.ReplaceAllString(s, " ") + return strings.TrimSpace(s) +} + +func prefixWith(text string, prefix string) string { + prefix = strings.TrimSpace(prefix) + " " + if !strings.HasPrefix(text, prefix) { + text = prefix + text + } + return text +} + +var ( + whitespace = regexp.MustCompile(`\s+`) + requireMultipleSegments = os.Getenv("REQUIRE_MULTIPLE_SEGMENTS") == "true" + interfacePrefix = "Any" + listSuffix = "List" + viewPrefix = "as" + castPrefix = "cast" + ldImport = reflect.TypeOf(ld.Type{}).PkgPath() + externalIriName = "ExternalIRI" + getterPrefix = "Get" + setterPrefix = "Set" +) diff --git a/spdx/v3/internal/ld/shaclgen/reader.go b/spdx/v3/internal/ld/shaclgen/reader.go new file mode 100644 index 00000000..53ee0454 --- /dev/null +++ b/spdx/v3/internal/ld/shaclgen/reader.go @@ -0,0 +1,229 @@ +package shaclgen + +import ( + "bytes" + "slices" + "strconv" + "strings" + + "github.com/deiu/rdf2go" +) + +func ParseSHACLFromUrl(url string) (map[string]*Class, []*Individual) { + ttl := fetch(url) + return ParseSHACL(url, ttl) +} + +func ParseSHACL(url string, ttl []byte) (map[string]*Class, []*Individual) { + g := rdf2go.NewGraph(url) + must(g.Parse(bytes.NewReader(ttl), "text/turtle")) + + iriToClass := map[string]*Class{} + individuals := []*Individual{} + + var allUsedProps []*rdf2go.Triple + used := func(triples ...*rdf2go.Triple) []*rdf2go.Triple { + allUsedProps = append(allUsedProps, triples...) + return triples + } + + classes := used(g.All(nil, rdfType, owlClass)...) + for _, class := range sorted(classes, bySubject) { + log("Class", class) + + out := &Class{ + IRI: cleanIRI(class.Subject.String()), + Comment: getComment(used, g, class.Subject), + Kind: getNodeKind(used, g, class.Subject), + } + if _, ok := iriToClass[out.IRI]; ok { + panic("duplicate type definition: " + out.IRI) + } + iriToClass[out.IRI] = out + + superclass := oneOptional(used, g.All(class.Subject, rdfSubclassOf, nil)) + if superclass != nil { + out.ParentIRI = cleanIRI(superclass.Object.String()) + log(" extends: ", out.ParentIRI) + } + + properties := used(g.All(class.Subject, shaclProperty, nil)...) + + for _, property := range sorted(properties, byObject) { + path := oneRequired(used, g.All(property.Object, shaclPath, nil)) + used(path) + log(" property:", class.Subject.String(), "path", path.Object.String()) + + if path.Object.Equal(rdfType) { + log("marking class %v as abstract due to path requirement:", out.GoName, path) + out.Abstract = true + continue + } + + prop := &Property{ + IRI: cleanIRI(path.Object.String()), + Comment: getComment(used, g, path.Object), + } + out.Properties = append(out.Properties, prop) + + // get the data type + typeIRI := oneOptional(used, g.All(property.Object, shaclClass, nil)) + if typeIRI == nil { + typeIRI = oneOptional(used, g.All(property.Object, shaclDatatype, nil)) + } + if typeIRI != nil { + prop.TypeIRI = cleanIRI(typeIRI.Object.String()) + } else { + panic("No type IRI for: " + property.Object.String()) + } + + minCount := oneOptional(used, g.All(property.Object, shaclMinCount, nil)) + used(minCount) + if minCount != nil { + prop.MinCount = parseIntegerValue(minCount) + } + + maxCount := oneOptional(used, g.All(property.Object, shaclMaxCount, nil)) + if maxCount != nil { + prop.MaxCount = parseIntegerValue(maxCount) + } else { + prop.MaxCount = -1 // how is * represented? + } + + allowedValues := oneOptional(used, g.All(property.Object, shaclIn, nil)) + var usedPropertyNodes []*rdf2go.Triple + for allowedValues != nil { + usedPropertyNodes = append(usedPropertyNodes, allowedValues) + validation := oneOptional(used, g.All(allowedValues.Object, rdfFirst, nil)) + if validation != nil { + used(validation) + log(" validation:", nodeDisplay(validation)) + prop.Validations = append(prop.Validations, AllowedIRIValidation(validation.Object.String())) + } + allowedValues = oneOptional(used, g.All(allowedValues.Object, rdfRest, nil)) + } + + pattern := oneOptional(used, g.All(property.Object, shaclPattern, nil)) + if pattern != nil { + prop.Validations = append(prop.Validations, MatchPatternValidation(cleanText(pattern.Object.String()))) + } + + //allProps := g.All(property.Object, nil, nil) + //for _, p := range sorted(allProps, byObject) { + // if slices.Contains(append(usedPropertyNodes, path, property), p) { + // continue + // } + // log(" ... extra prop prop:", p) + //} + } + + //allprops := g.All(class.Subject, nil, nil) + //for _, p := range sorted(allprops, byObject) { + // if slices.Contains(allUsedProps, p) { + // continue + // } + // log(" ... unused class prop:", p) + //} + + } + + // read all the named individuals + namedIndividuals := used(g.All(nil, rdfType, owlNamedIndividual)...) + for _, namedIndividual := range sorted(namedIndividuals, bySubject) { + entries := used(g.All(namedIndividual.Subject, rdfType, nil)...) + for _, entry := range entries { + if entry == namedIndividual { + continue + } + typeIRI := cleanIRI(entry.Object.String()) + if c := iriToClass[typeIRI]; c != nil { + label := "" + if l := oneOptional(used, g.All(namedIndividual.Subject, rdfLabel, nil)); l != nil { + label = cleanText(l.Object.String()) + } + ni := Individual{ + IRI: cleanIRI(namedIndividual.Subject.String()), + Label: label, + Comment: getComment(used, g, namedIndividual.Subject), + TypeIRI: typeIRI, + } + individuals = append(individuals, &ni) + } + } + } + + log("------------------- UNUSED PROPS -------------------") + for p := range g.IterTriples() { + if slices.Contains(allUsedProps, p) { + continue + } + log(" ... unused triple:", p) + } + + return iriToClass, individuals +} + +func getNodeKind(used usedFunc, g *rdf2go.Graph, subject rdf2go.Term) string { + propNodeKind := oneOptional(used, g.All(subject, shaclNodeKind, nil)) + if propNodeKind != nil { + return cleanIRI(propNodeKind.Object.RawValue()) + } + return "" +} + +func getComment(used usedFunc, g *rdf2go.Graph, subject rdf2go.Term) string { + allComments := g.All(subject, rdfComment, nil) + var comment *rdf2go.Triple + for _, c := range allComments { + value := c.Object.String() + comment = c + if strings.HasSuffix(value, "@en") { + // use English comment + break + } + } + if comment != nil { + used(comment) + value := comment.Object.String() + parts := strings.Split(value, "@") + value = strings.Join(parts[:len(parts)-1], "@") + return strings.TrimSpace(strings.Trim(value, "\"")) + } + return "" +} + +func parseIntegerValue(count *rdf2go.Triple) int { + if count == nil { + return 0 + } + val := count.Object.String() + val = strings.Split(val, "^")[0] + val = strings.Trim(val, "\"") + return get(strconv.Atoi(val)) +} + +var ( + rdfType = rdf2go.NewResource("http://www.w3.org/1999/02/22-rdf-syntax-ns#type") + rdfFirst = rdf2go.NewResource("http://www.w3.org/1999/02/22-rdf-syntax-ns#first") + rdfRest = rdf2go.NewResource("http://www.w3.org/1999/02/22-rdf-syntax-ns#rest") + rdfSubclassOf = rdf2go.NewResource("http://www.w3.org/2000/01/rdf-schema#subClassOf") + rdfComment = rdf2go.NewResource("http://www.w3.org/2000/01/rdf-schema#comment") + rdfLabel = rdf2go.NewResource("http://www.w3.org/2000/01/rdf-schema#label") + //rdfSchemaRange = rdf2go.NewResource("http://www.w3.org/2000/01/rdf-schema#range") + owlClass = rdf2go.NewResource("http://www.w3.org/2002/07/owl#Class") + owlNamedIndividual = rdf2go.NewResource("http://www.w3.org/2002/07/owl#NamedIndividual") + //owlObjectProperty = rdf2go.NewResource("http://www.w3.org/2002/07/owl#ObjectProperty") + //owlDatatypeProperty = rdf2go.NewResource("http://www.w3.org/2002/07/owl#DatatypeProperty") + //shaclNodeShape = rdf2go.NewResource("http://www.w3.org/ns/shacl#NodeShape") + //shaclIRI = rdf2go.NewResource("http://www.w3.org/ns/shacl#IRI") + //shaclBlankNodeOrIRI = rdf2go.NewResource("http://www.w3.org/ns/shacl#BlankNodeOrIRI") + shaclNodeKind = rdf2go.NewResource("http://www.w3.org/ns/shacl#nodeKind") + shaclProperty = rdf2go.NewResource("http://www.w3.org/ns/shacl#property") + shaclClass = rdf2go.NewResource("http://www.w3.org/ns/shacl#class") + shaclPath = rdf2go.NewResource("http://www.w3.org/ns/shacl#path") + shaclDatatype = rdf2go.NewResource("http://www.w3.org/ns/shacl#datatype") + shaclIn = rdf2go.NewResource("http://www.w3.org/ns/shacl#in") + shaclMinCount = rdf2go.NewResource("http://www.w3.org/ns/shacl#minCount") + shaclMaxCount = rdf2go.NewResource("http://www.w3.org/ns/shacl#maxCount") + shaclPattern = rdf2go.NewResource("http://www.w3.org/ns/shacl#pattern") +) diff --git a/spdx/v3/internal/ld/shaclgen/types.go b/spdx/v3/internal/ld/shaclgen/types.go new file mode 100644 index 00000000..508a8d96 --- /dev/null +++ b/spdx/v3/internal/ld/shaclgen/types.go @@ -0,0 +1,32 @@ +package shaclgen + +type Individual struct { + IRI string + TypeIRI string + Label string + Comment string +} + +type Class struct { + IRI string + Abstract bool + GoName string + Kind string + Comment string + ParentIRI string + Properties []*Property +} + +type Property struct { + IRI string + GoName string + Comment string + TypeIRI string + MinCount int + MaxCount int + Validations []any +} + +type AllowedIRIValidation string + +type MatchPatternValidation string diff --git a/spdx/v3/internal/ld/shaclgen/util.go b/spdx/v3/internal/ld/shaclgen/util.go new file mode 100644 index 00000000..15dea86a --- /dev/null +++ b/spdx/v3/internal/ld/shaclgen/util.go @@ -0,0 +1,129 @@ +package shaclgen + +import ( + "cmp" + "fmt" + "io" + "maps" + "net/http" + "os" + "slices" + "strings" + + "github.com/deiu/rdf2go" +) + +type usedFunc func(...*rdf2go.Triple) []*rdf2go.Triple + +func oneOptional(used usedFunc, all []*rdf2go.Triple) *rdf2go.Triple { + if len(all) > 1 { + panic(fmt.Errorf("too many results for: %#v", all)) + } + if len(all) > 0 { + used(all[0]) + return all[0] + } + return nil +} + +func oneRequired(used usedFunc, all []*rdf2go.Triple) *rdf2go.Triple { + if len(all) != 1 { + panic(fmt.Errorf("required exactly 1 result for: %#v", all)) + } + used(all[0]) + return all[0] +} + +func cleanIRI(iri string) string { + return strings.Trim(iri, "<>") +} + +func cleanText(iri string) string { + return strings.Trim(iri, "\"") +} + +var logEnabled = false + +func log(msg ...any) { + if !logEnabled { + return + } + for _, m := range msg { + switch m := m.(type) { + case *rdf2go.Triple: + _, _ = fmt.Fprint(os.Stderr, nodeDisplay(m)) + default: + _, _ = fmt.Fprint(os.Stderr, m) + } + _, _ = fmt.Fprint(os.Stderr, " ") + } + _, _ = fmt.Fprintln(os.Stderr) +} + +func nodeDisplay(triple *rdf2go.Triple) string { + return join("Subject: ", triple.Subject.String(), ", Predicate: ", triple.Predicate.String(), ", Object: ", triple.Object.String()) +} + +func join(parts ...string) string { + return strings.Join(parts, "") +} + +func bySubject(t *rdf2go.Triple) string { + return t.Subject.String() +} + +func byObject(t *rdf2go.Triple) string { + return t.Object.String() +} + +func sorted(values []*rdf2go.Triple, by func(triple *rdf2go.Triple) string) []*rdf2go.Triple { + slices.SortFunc(values, func(a, b *rdf2go.Triple) int { + if a == nil && b == nil { + return 0 + } + if a == nil { + return 1 + } + if b == nil { + return -1 + } + return strings.Compare(by(a), by(b)) + }) + return values +} + +func fetch(definitions string) []byte { + spdxTTLRes := get(http.Get(definitions)) + defer func(Body io.ReadCloser) { + err := Body.Close() + if err != nil { + _, _ = os.Stderr.Write([]byte(fmt.Sprint(err))) + } + }(spdxTTLRes.Body) + return get(io.ReadAll(spdxTTLRes.Body)) +} + +func get[T any](t T, err error) T { + must(err) + return t +} + +func must(err error) { + if err != nil { + panic(err) + } +} + +func in[K comparable, V any](values map[K]V, value K) bool { + _, ok := values[value] + return ok +} + +func keys[K cmp.Ordered, V any](values map[K]V) []K { + out := make([]K, 0, len(values)) + for v := range maps.Keys(values) { + out = append(out, v) + } + slices.Sort(out) + return out +} diff --git a/spdx/v3/internal/ld/shaclgen/validations.go b/spdx/v3/internal/ld/shaclgen/validations.go new file mode 100644 index 00000000..b21b570a --- /dev/null +++ b/spdx/v3/internal/ld/shaclgen/validations.go @@ -0,0 +1,99 @@ +package shaclgen + +import ( + "reflect" + "slices" + "strings" + "time" + + . "github.com/dave/jennifer/jen" + + "github.com/spdx/tools-golang/spdx/v3/internal/ld" +) + +func (g *generator) appendValidations(f *File) { + for _, name := range keys(g.nameToIRI) { + iri := g.nameToIRI[name] + c := g.iriToType[iri] + + if g.flatStruct && c.Abstract { + continue + } + + validationFunc := Func().Params(Id("o").Op("*").Id(g.className(iri))).Id("Validate").Params().Id("error").Block( + Return(Qual(ldImport, "JoinErrors").ParamsFunc(func(f *Group) { + g.appendValidationFuncs(f, c) + })), + ) + f.Add(validationFunc) + } +} + +func (g *generator) appendValidationFuncs(f *Group, c *Class) { + if c.ParentIRI != "" { + if g.flatStruct { + g.appendValidationFuncs(f, g.iriToType[c.ParentIRI]) + } else { + f.Line().Qual(ldImport, "ValidateProperty").Params(Id("o"), Op("&").Id("o").Dot(g.className(c.ParentIRI))) + } + } + for _, p := range c.Properties { + fieldType := g.fieldType(c, p) + + validatePropParams := []Code{Id("o"), Op("&").Id("o").Dot(g.propName(c, p))} + + // some validations are unnecessary such as time.Time, since we store a time representation instead of arbitrary string + skipTypeValidations := slices.Contains(validatingTypes, ld.TypeForIRI(p.TypeIRI)) + if g.isList(c, p) && p.MinCount > 0 { + validatePropParams = append(validatePropParams, Line().Qual(ldImport, "ValidateMinCount").Index(fieldType).Params(Lit(p.MinCount))) + } + + if g.isList(c, p) && p.MaxCount > 1 { + validatePropParams = append(validatePropParams, Line().Qual(ldImport, "ValidateMaxCount").Index(fieldType).Params(Lit(p.MaxCount))) + } + + var allowedIRIs []string + for _, validation := range p.Validations { + switch v := validation.(type) { + case AllowedIRIValidation: + allowedIRIs = append(allowedIRIs, string(v)) + case MatchPatternValidation: + if skipTypeValidations { + continue + } + expr := strings.ReplaceAll(string(v), "\\\\", "\\") + validatePropParams = append(validatePropParams, Line().Qual(ldImport, "ValidateExpression").Params(Lit(expr))) + } + } + + if len(allowedIRIs) > 0 { + var validateValuesParams []Code + for _, allowedIRI := range allowedIRIs { + validateValuesParams = append(validateValuesParams, Line().Id(g.namedIndividualName(&Individual{ + IRI: cleanIRI(allowedIRI), + TypeIRI: p.TypeIRI, + }))) + } + idCheck := Qual(ldImport, "ValidateIRI").Params(append(validateValuesParams, Line())...) + if g.isList(c, p) { + idCheck = Qual(ldImport, "ValidateAll").Params(idCheck) + } + validatePropParams = append(validatePropParams, Line().Add(idCheck)) + } + + // first 2 params are initialized as object, property -- + // only append a property validation if we added any validations or if the property is required + if len(validatePropParams) > 2 || p.MinCount > 0 { + f.Line().Qual(ldImport, "ValidateProperty").Params(validatePropParams...) + } + } +} + +// these types do not need further pattern validation or otherwise implement their own Validate function +var validatingTypes = []reflect.Type{ + reflect.TypeOf(ld.URI("")), + reflect.TypeOf(time.Time{}), + reflect.TypeOf(ld.DateTime{}), + reflect.TypeOf(ld.PositiveInt(0)), + reflect.TypeOf(ld.NonNegativeInt(0)), +} diff --git a/spdx/v3/internal/ld/struct_reader.go b/spdx/v3/internal/ld/struct_reader.go new file mode 100644 index 00000000..10de45ea --- /dev/null +++ b/spdx/v3/internal/ld/struct_reader.go @@ -0,0 +1,127 @@ +package ld + +import ( + "fmt" + "reflect" + "sync" +) + +type reader[T any] func(reflect.Value) (T, error) + +var idReaders = map[reflect.Type]reader[string]{} +var idReaderLock = sync.RWMutex{} + +func idReader(t reflect.Type) (reader[string], error) { + var err error + idReaderLock.RLock() + r := idReaders[t] + idReaderLock.RUnlock() + if r != nil { + return r, nil + } + idReaderLock.Lock() + r = idReaders[t] + if r != nil { + idReaderLock.Unlock() + return r, nil + } + switch t.Kind() { + case reflect.String: + r = func(value reflect.Value) (string, error) { + return value.String(), nil + } + case reflect.Struct: + r, err = structIdFunc(t) + case reflect.Map: + // only map[string] supported + if t.Key().Kind() != reflect.String { + return nil, fmt.Errorf("unsupported map key type: %v", stringify(t.Key())) + } + r = func(value reflect.Value) (string, error) { + v := value.MapIndex(reflect.ValueOf(JsonIdProp)) + if v.IsValid() && v.Type().Kind() == reflect.String { + return v.String(), nil + } + return "", fmt.Errorf("unable to find @id") + } + default: + err = fmt.Errorf("unable to create ID reader, unsupported type: %v", stringify(t)) + } + idReaders[t] = r + idReaderLock.Unlock() + return r, err +} + +func structIdFunc(t reflect.Type) (reader[string], error) { + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if f.Anonymous && hasIDField(f.Type) { + getter, err := structIdFunc(f.Type) + if err != nil { + return nil, fmt.Errorf("field: %v :%w", f.Name, err) + } + return func(value reflect.Value) (string, error) { + v := value.Field(i) + return getter(v) + }, nil + } + if f.Tag.Get(GoIriTagName) == JsonIdProp { + if f.Type.Kind() != reflect.String { + return nil, fmt.Errorf("invalid @id type for field: %v in %v", f.Name, stringify(t)) + } + return func(value reflect.Value) (string, error) { + return value.Field(i).String(), nil + }, nil + } + } + // this struct type does not have an id + return nil, fmt.Errorf("unable to find ID field in %v", stringify(t)) +} + +func hasIDField(t reflect.Type) bool { + if t.Kind() != reflect.Struct { + return false + } + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if f.Tag.Get(GoIriTagName) == JsonIdProp { + return true + } + if f.Anonymous { + if hasIDField(f.Type) { + return true + } + } + } + return false +} + +func getID(v reflect.Value) (string, error) { + if !v.IsValid() { + return "", fmt.Errorf("invalid value") + } + switch v.Type().Kind() { + case reflect.String: + return v.String(), nil + case reflect.Pointer: + return getID(v.Elem()) + case reflect.Struct, reflect.Map: + r, err := idReader(v.Type()) + if err != nil { + return "", err + } + return r(v) + default: + return "", fmt.Errorf("unsupported type: %v", stringify(v.Type())) + } +} + +func GetID(v any) (string, error) { + if v == nil { + return "", fmt.Errorf("value is nil") + } + if v, ok := v.(reflect.Value); ok { + return getID(v) + } + return getID(reflect.ValueOf(v)) +} diff --git a/spdx/v3/internal/ld/struct_reader_test.go b/spdx/v3/internal/ld/struct_reader_test.go new file mode 100644 index 00000000..41094aeb --- /dev/null +++ b/spdx/v3/internal/ld/struct_reader_test.go @@ -0,0 +1,157 @@ +package ld + +import ( + "testing" + + "github.com/stretchr/testify/require" +) + +func Test_getId(t *testing.T) { + tests := []struct { + name string + instance func() any + expected string + wantErr require.ErrorAssertionFunc + }{ + { + name: "no id string", + instance: func() any { + return "" + }, + expected: "", + }, + { + name: "an id string", + instance: func() any { + return "an-id" + }, + expected: "an-id", + }, + { + name: "no id struct", + instance: func() any { + type ty struct { + id string `iri:"not_id"` + } + return ty{ + id: "a-val", + } + }, + expected: "", + wantErr: require.Error, + }, + { + name: "direct id struct", + instance: func() any { + type ty struct { + id string `iri:"@id"` + } + return ty{ + id: "a-val", + } + }, + expected: "a-val", + }, + { + name: "exported single embedded id struct", + instance: func() any { + type Ty struct { + Id string `iri:"@id"` + } + type ta struct { + Ty + } + return ta{ + Ty: Ty{ + Id: "ta-val", + }, + } + }, + expected: "ta-val", + }, + { + name: "unexported embedded id struct", + instance: func() any { + type ty struct { + id string `iri:"@id"` + } + type tb struct { + ty + } + return tb{ + ty: ty{ + id: "tb-val", + }, + } + }, + expected: "tb-val", + }, + { + name: "multiple embedded id struct", + instance: func() any { + type Ta struct { + Name string `iri:"not_id"` + } + type Tb struct { + ID string `iri:"@id"` + } + type Ty struct { + Ta + Tb + } + return Ty{ + Ta: Ta{ + Name: "no-id", + }, + Tb: Tb{ + ID: "tb-val", + }, + } + }, + expected: "tb-val", + }, + { + name: "recursive embedded id struct", + instance: func() any { + type Ty struct { + ID string `iri:"@id"` + } + type Tb struct { + Ty + } + type Tc struct { + Tb + } + return Tc{ + Tb: Tb{ + Ty: Ty{ + ID: "tc-val", + }, + }, + } + }, + expected: "tc-val", + }, + { + name: "invalid data type returns error", + instance: func() any { + return 1 + }, + expected: "", + wantErr: require.Error, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + t.Parallel() // this function must be safe to call in parallel + v := test.instance() + got, err := GetID(v) + wantErr := test.wantErr + if wantErr == nil { + wantErr = require.NoError + } + wantErr(t, err) + require.Equal(t, test.expected, got) + }) + } +} diff --git a/spdx/v3/internal/ld/type_iter.go b/spdx/v3/internal/ld/type_iter.go new file mode 100644 index 00000000..1e73e165 --- /dev/null +++ b/spdx/v3/internal/ld/type_iter.go @@ -0,0 +1,39 @@ +package ld + +import "iter" + +func SliceOf[To, From any, List ~[]From](values List) []To { + var out []To + for _, v := range values { + if cast, ok := any(v).(To); ok { + out = append(out, cast) + } + } + return out +} + +type TypeSeq[Element, View any] iter.Seq2[Element, View] + +func (s TypeSeq[Element, View]) Len() int { + cnt := 0 + for range s { + cnt++ + } + return cnt +} + +func NewTypeSeq[T any, E any](values []E, cast func(any) *T) TypeSeq[E, *T] { + if values == nil { + return func(yield func(E, *T) bool) {} + } + return func(yield func(E, *T) bool) { + for _, value := range values { + v := cast(value) + if v != nil { + if !yield(value, v) { + return + } + } + } + } +} diff --git a/spdx/v3/internal/ld/util.go b/spdx/v3/internal/ld/util.go new file mode 100644 index 00000000..3bae1488 --- /dev/null +++ b/spdx/v3/internal/ld/util.go @@ -0,0 +1,175 @@ +package ld + +import ( + "cmp" + "os" + "path" + "reflect" + "slices" + "strings" +) + +var ( + debug = os.Getenv("GO_LD_DEBUG") == "true" + emptyValue reflect.Value + anyType = reflect.TypeOf((*any)(nil)).Elem() +) + +// baseType returns the base type if this is a pointer or interface +func baseType(t reflect.Type) reflect.Type { + switch t.Kind() { + case reflect.Pointer: + return baseType(t.Elem()) + default: + return t + } +} + +func isFunc(o any) bool { + return reflect.TypeOf(o).Kind() == reflect.Func +} + +// isBlankNodeID indicates this is a blank node ID, e.g. _:CreationInfo-1 +func isBlankNodeID(id string) bool { + return strings.HasPrefix(id, "_:") +} + +func typeName(t reflect.Type) string { + switch { + case isPointer(t): + return "*" + typeName(t.Elem()) + case isSlice(t): + return "[]" + typeName(t.Elem()) + case isMap(t): + return "map[" + typeName(t.Key()) + "]" + typeName(t.Elem()) + case isPrimitive(t): + return t.Name() + } + return path.Base(t.PkgPath()) + "." + t.Name() +} + +func isSlice(t reflect.Type) bool { + return t.Kind() == reflect.Slice +} + +func isMap(t reflect.Type) bool { + return t.Kind() == reflect.Map +} + +func isPointer(t reflect.Type) bool { + return t.Kind() == reflect.Pointer +} + +func isPrimitive(t reflect.Type) bool { + switch t.Kind() { + case reflect.String, + reflect.Int, + reflect.Int8, + reflect.Int16, + reflect.Int32, + reflect.Int64, + reflect.Uint, + reflect.Uint8, + reflect.Uint16, + reflect.Uint32, + reflect.Uint64, + reflect.Float32, + reflect.Float64, + reflect.Bool: + return true + default: + return false + } +} + +// FieldByType returns a field defined on type StructType matching the provided type, t +func FieldByType[StructType any](t reflect.Type) (reflect.StructField, bool) { + var v StructType + typ := reflect.TypeOf(v) + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if f.Type == typ { + return f, true + } + } + return reflect.StructField{}, false +} + +// skipField indicates whether the field should be skipped +func skipField(field reflect.StructField) bool { + return field.Type.Size() == 0 +} + +// merge returns a new map with all map values merged together +func merge[K comparable, V any](maps ...map[K]V) map[K]V { + out := map[K]V{} + for _, m := range maps { + if m == nil { + continue + } + for k, v := range m { + if in1, ok := out[k]; ok { + // existing value, recursively merge nested maps + map1, ok1 := any(in1).(map[K]V) + map2, ok2 := any(v).(map[K]V) + if ok1 && ok2 { + out[k] = any(merge[K, V](map1, map2)).(V) + continue + } + panic("Context key already defined: " + stringify(k)) + } + out[k] = v + } + } + return out +} + +func firstKey[K cmp.Ordered, V any](m map[K]V) K { + return sortedKeys(m)[0] +} + +func sortedKeys[K cmp.Ordered, V any](m map[K]V) []K { + out := make([]K, 0, len(m)) + for k := range m { + out = append(out, k) + } + slices.Sort(out) + return out +} + +func elemImplements[T any](v reflect.Value) bool { + switch v.Type().Kind() { + case reflect.Pointer, reflect.Interface: + e := v.Elem() + if !e.IsValid() { + return false + } + if !e.CanInterface() { + return false + } + _, ok := e.Interface().(T) + return ok + default: + return false + } +} + +func trimCommonPrefixes(values []string) (prefix string, trimmed []string) { + out := values[:] + slices.Sort(out) + last := len(out) - 1 + common := 0 + for ; common < len(out[0]); common++ { + if out[0][common] != out[last][common] { + break + } + } + if common < 0 { + return "", values + } + prefix = values[0][:common] + for i := range out { + out[i] = out[i][common:] + } + return prefix, out +} diff --git a/spdx/v3/internal/ld/validation_error.go b/spdx/v3/internal/ld/validation_error.go new file mode 100644 index 00000000..54e165a5 --- /dev/null +++ b/spdx/v3/internal/ld/validation_error.go @@ -0,0 +1,81 @@ +package ld + +import ( + "errors" + "fmt" + "reflect" + "strconv" +) + +// JoinErrors returns errors.Join'd errors, taking into account nested joined errors, flattening these to a single joined set +func JoinErrors(errs ...error) error { + var out []error + for _, err := range errs { + out = append(out, flattenErrors(err)...) + } + switch len(out) { + case 0: + return nil + case 1: + return out[0] + default: + return errors.Join(out...) + } +} + +func flattenErrors(err error) []error { + var out []error + if joined, ok := err.(interface{ Unwrap() []error }); ok { + for _, e := range joined.Unwrap() { + out = append(out, flattenErrors(e)...) + } + } else { + if err != nil { + return []error{err} + } + } + return out +} + +var validatorInterface = reflect.TypeOf((*Validator)(nil)).Elem() + +type validationError struct { + Path []any + Err error +} + +func (v *validationError) String() string { + path := "" + for i := 0; i < len(v.Path); i++ { + part := v.Path[i] + switch p := part.(type) { + case int: + path += "[" + strconv.Itoa(p) + "]" + case reflect.StructField: + if !p.Anonymous { + path += "." + p.Name + } + case reflect.Type: + path += "<" + p.Name() + ">" + default: + path += "/" + fmt.Sprint(p) + } + } + return path + ": " + v.Err.Error() +} + +func (v *validationError) Error() string { + return v.String() +} + +func newValidationError(err error, path ...any) *validationError { + // if the error is a validation error, prepend the path + if vErr, ok := err.(*validationError); ok { + vErr.Path = append(path, vErr.Path...) + return vErr + } + return &validationError{ + Path: path, + Err: err, + } +} diff --git a/spdx/v3/internal/ld/validations.go b/spdx/v3/internal/ld/validations.go new file mode 100644 index 00000000..c600eb82 --- /dev/null +++ b/spdx/v3/internal/ld/validations.go @@ -0,0 +1,155 @@ +package ld + +import ( + "fmt" + "reflect" + "regexp" + "strings" +) + +// Validator interface should be implemented by +type Validator interface { + Validate() error +} + +// ValidateGraph recursively calls all Validator(s) on all values in the graph and returns a joined error +// of all the errors found +func ValidateGraph(graph any) error { + var errs []error + err := VisitObjectGraph(graph, func(path []any, value reflect.Value) error { + // avoid double-validation, this will be called with both pointer and struct references + if elemImplements[Validator](value) { + return nil + } + if value.Type().Implements(validatorInterface) { + if validator, ok := value.Interface().(Validator); ok { + for _, err := range flattenErrors(validator.Validate()) { + errs = append(errs, newValidationError(err, append(path[:], baseType(value.Type()))...)) + } + } + } + return nil + }) + if err != nil { + return err + } + return JoinErrors(errs...) +} + +// Validation functions are provided to ValidateProperty calls and will be executed if a property is set +type Validation[T any] func(value T) error + +// ValidateProperty is used by generated code, typically, to validate a specific property against all defined validations +// it might have such as whether it is required, matches a pattern, has enough elements, or is in a specific defined set. +// This function needs to be called with a struct reference and a pointer to the property, e.g. ValidateProperty(obj, &obj.Prop, ...) +// due to looking up field tags and names based on the property reference. This will panic if called any other way. +func ValidateProperty[T any](object any, property *T, validations ...Validation[T]) error { + value := reflect.ValueOf(property) + + // object is always a pointer to the base struct + o := reflect.ValueOf(object).Elem() + var f reflect.StructField + for i := 0; i < o.NumField(); i++ { + if o.Field(i).Addr() == value { + f = o.Type().Field(i) + break + } + } + if f.Name == "" { + panic(fmt.Sprintf("property: %v not found in object: %v", property, object)) + } + + var errs []error + if f.Anonymous { // inherited type validation + if validator, ok := any(property).(Validator); ok { + errs = flattenErrors(validator.Validate()) + } + } else { + // value is pointer to field, which always points to a valid elem + if value.Elem().IsZero() { + if f.Tag.Get("required") == "true" { + return newValidationError(fmt.Errorf("required"), f) + } + return nil // don't process other validators, this is simply not set and not required + } + } + + for _, validation := range validations { + err := validation(*property) + if err != nil { + errs = append(errs, newValidationError(err, f)) + } + } + return JoinErrors(errs...) +} + +// ValidateIRI validates the value is in the set of provided values by comparing IDs +func ValidateIRI[T any](values ...T) Validation[T] { + ids := map[string]struct{}{} + for _, v := range values { + id, err := GetID(v) + if err != nil { + panic(err) + } + ids[id] = struct{}{} + } + return func(value T) error { + id, err := GetID(value) + if err != nil { + return err + } + if _, ok := ids[id]; ok { + return nil + } + prefix, parts := trimCommonPrefixes(sortedKeys(ids)) + return fmt.Errorf("value is not allowed: '%v', expected: %s{%s}", id, prefix, strings.Join(parts, " | ")) + } +} + +// ValidateAll applies the provided validation to all elements in a slice +func ValidateAll[T any](validation Validation[T]) Validation[[]T] { + return func(values []T) error { + var errs []error + for i, value := range values { + err := validation(value) + if err != nil { + errs = append(errs, newValidationError(err, i)) + } + } + return JoinErrors(errs...) + } +} + +// ValidateMinCount validates there are a minimum number of elements present in a slice +func ValidateMinCount[S ~[]T, T any](minCount int) Validation[S] { + return func(values S) error { + if minCount > len(values) { + return fmt.Errorf("must have at least: %v item(s), got: %v", minCount, len(values)) + } + return nil + } +} + +// ValidateMaxCount validates that the maximum number of elements has not been exceeded +func ValidateMaxCount[T any](maxCount int) Validation[[]T] { + return func(values []T) error { + if maxCount < len(values) { + return fmt.Errorf("must have fewer than: %v item(s), got: %v", maxCount, len(values)) + } + return nil + } +} + +// ValidateExpression validates that the value matches the provided expression +func ValidateExpression(expression string) Validation[string] { + return func(value string) error { + r, err := regexp.Compile(expression) + if err != nil { + return fmt.Errorf("invalid expression: %s", expression) + } + if !r.MatchString(value) { + return fmt.Errorf("must match expression: %s: value: %v", expression, value) + } + return nil + } +} diff --git a/spdx/v3/internal/ld/validations_test.go b/spdx/v3/internal/ld/validations_test.go new file mode 100644 index 00000000..3caa57ac --- /dev/null +++ b/spdx/v3/internal/ld/validations_test.go @@ -0,0 +1,178 @@ +package ld + +import ( + "fmt" + "testing" + "time" + + "github.com/stretchr/testify/require" +) + +func Test_Validate(t *testing.T) { + tests := []struct { + name string + graph any + errs int + }{ + { + name: "no validators", + graph: 1, + errs: 0, + }, + { + name: "no validators slice struct", + graph: []any{ + time.Time{}, + }, + errs: 0, + }, + { + name: "one invalid", + graph: []any{ + PositiveInt(1), + notValid("invalid"), + }, + errs: 1, + }, + { + name: "multiple invalid", + graph: []any{ + notValid("invalid1"), + notValid("invalid2"), + }, + errs: 2, + }, + { + name: "positive int valid", + graph: []any{ + ptr(PositiveInt(1)), + }, + errs: 0, + }, + { + name: "positive int invalid", + graph: []any{ + ptr(PositiveInt(-1)), + }, + errs: 1, + }, + { + name: "non negative int valid", + graph: []any{ + ptr(NonNegativeInt(1)), + }, + errs: 0, + }, + { + name: "non negative int invalid", + graph: []any{ + ptr(NonNegativeInt(-1)), + }, + errs: 1, + }, + { + name: "single invalid ptr", + graph: []any{ + ptr(notValidP("invalid")), + }, + errs: 1, + }, + { + name: "nested valid", + graph: []any{ + ptr(notValidP("invalid")), + }, + errs: 1, + }, + { + name: "nested single invalid", + graph: []any{ + ptr(nested{ // valid + PositiveVal: -1, // invalid + NonNegativeVal: 8, // valid + }), + }, + errs: 1, + }, + { + name: "nested multiple invalid", + graph: []any{ + ptr(nested{ // invalid + PositiveVal: 11, // valid + NonNegativeVal: -1, // invalid + }), + }, + errs: 2, + }, + { + name: "time valid", + graph: time.Now(), + errs: 0, + }, + { + name: "DateTime valid", + graph: DateTime(time.Now()), + errs: 0, + }, + { + name: "Pattern valid", + graph: validateExpression{ + value: "text/plain", + pattern: "^[^\\/]+\\/[^\\/]+$", + }, + errs: 0, + }, + { + name: "Pattern invalid", + graph: validateExpression{ + value: "text-plain", + pattern: "^[^\\/]+\\/[^\\/]+$", + }, + errs: 1, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + err := ValidateGraph(tt.graph) + require.Len(t, flattenErrors(err), tt.errs) + }) + } +} + +type notValid string + +func (n notValid) Validate() error { + return fmt.Errorf(string(n)) +} + +type notValidP string + +func (n *notValidP) Validate() error { + return fmt.Errorf(string(*n)) +} + +func ptr[T any](v T) *T { + return &v +} + +type nested struct { + PositiveVal PositiveInt + NonNegativeVal NonNegativeInt +} + +func (v *nested) Validate() error { + if v.PositiveVal >= 10 || v.NonNegativeVal >= 10 { + return fmt.Errorf("values should be < 10") + } + return nil +} + +type validateExpression struct { + value string + pattern string +} + +func (v validateExpression) Validate() error { + return ValidateExpression(v.pattern)(v.value) +} diff --git a/spdx/v3/internal/ld/visitor.go b/spdx/v3/internal/ld/visitor.go new file mode 100644 index 00000000..615350e7 --- /dev/null +++ b/spdx/v3/internal/ld/visitor.go @@ -0,0 +1,84 @@ +package ld + +import ( + "fmt" + "reflect" +) + +var StopTraversing = fmt.Errorf("stop-traversing-graph") + +// VisitObjectGraph traverses the object graph, taking into account cycles, calling the visitor function for each +// step along the traversal, including field properties, pointer and subsequent struct values, elements in +// slices and both keys and values of maps, as well as some context such as the path within the graph and any +// containing struct field. The value is always able to have Interface() and Set() called. +func VisitObjectGraph(graph any, visitor func(path []any, value reflect.Value) error) error { + t := reflect.TypeOf(graph) + return visitObjectGraph(map[reflect.Value]struct{}{}, []any{baseType(t)}, reflect.ValueOf(graph), visitor) +} + +func visitObjectGraph(visited map[reflect.Value]struct{}, path []any, v reflect.Value, visitor func([]any, reflect.Value) error) error { + if !v.IsValid() { + return nil + } + if _, ok := visited[v]; ok { + return nil + } + visited[v] = struct{}{} + + var err error + if v.CanInterface() { + err = visitor(path, v) + if err == StopTraversing { + return nil + } else if err != nil { + return err + } + } + + t := v.Type() + + switch t.Kind() { + case reflect.Interface: + return visitObjectGraph(visited, path, v.Elem(), visitor) + case reflect.Pointer: + return visitObjectGraph(visited, path, v.Elem(), visitor) + case reflect.Struct: + for i := 0; i < v.NumField(); i++ { + f := t.Field(i) + subPath := path[:] + if !f.Anonymous { + subPath = append(subPath, f) + } + fv := v.Field(i) + err = visitObjectGraph(visited, subPath, fv, visitor) + if err != nil { + return err + } + } + case reflect.Map: + iter := v.MapRange() + if iter == nil { + return nil + } + for iter.Next() { + path := append(path[:], fmt.Sprintf("%v", iter.Key().Interface())) + err = visitObjectGraph(visited, path, iter.Key(), visitor) + if err != nil { + return err + } + err = visitObjectGraph(visited, path, iter.Value(), visitor) + if err != nil { + return err + } + } + case reflect.Slice: + for i := 0; i < v.Len(); i++ { + err = visitObjectGraph(visited, append(path[:], i), v.Index(i), visitor) + if err != nil { + return err + } + } + default: + } + return nil +} diff --git a/spdx/v3/internal/ld/visitor_test.go b/spdx/v3/internal/ld/visitor_test.go new file mode 100644 index 00000000..41310b91 --- /dev/null +++ b/spdx/v3/internal/ld/visitor_test.go @@ -0,0 +1,50 @@ +package ld + +import ( + "fmt" + "reflect" + "testing" + + "github.com/stretchr/testify/require" +) + +func Test_visitor(t *testing.T) { + type typ struct { + Name string + Slice []int + Map map[string]int + } + + v := &typ{ + Name: "a name", + Slice: []int{2, 4, 6}, + Map: map[string]int{ + "key1": 10, + "key2": 20, + }, + } + + err := VisitObjectGraph(v, func(path []any, value reflect.Value) error { + f := path[len(path)-1] + if f, ok := f.(reflect.StructField); ok { + if f.Name == "Name" { + require.Equal(t, value.String(), "a name") + value.SetString("a new name") + } + } + //fmt.Println(path) + //if intSlice, ok := value.Interface().([]int); ok { + // fmt.Println(intSlice) + // //intSlice = append(intSlice, 12) + // newValue := reflect.Append(value, reflect.ValueOf(12)) + // value.Set(newValue) + //} + if mapVal, ok := value.Interface().(map[string]int); ok { + fmt.Println(mapVal) + mapVal["new"] = 100 + } + return nil + }) + fmt.Println(v) + require.NoError(t, err) +} diff --git a/spdx/v3/internal/serialize_json.go b/spdx/v3/internal/serialize_json.go index ae8073d1..5c0ab819 100644 --- a/spdx/v3/internal/serialize_json.go +++ b/spdx/v3/internal/serialize_json.go @@ -11,7 +11,8 @@ import ( "time" "github.com/google/uuid" - "github.com/kzantow/go-ld" + + "github.com/spdx/tools-golang/spdx/v3/internal/ld" ) var Debug = os.Getenv("SPDX_DEBUG") == "true" diff --git a/spdx/v3/v3_0/convert.go b/spdx/v3/v3_0/convert.go index 3fb39cdd..8bdad15f 100644 --- a/spdx/v3/v3_0/convert.go +++ b/spdx/v3/v3_0/convert.go @@ -9,11 +9,10 @@ import ( "strings" "time" - "github.com/kzantow/go-ld" - "github.com/spdx/tools-golang/spdx/v2/common" "github.com/spdx/tools-golang/spdx/v2/v2_3" "github.com/spdx/tools-golang/spdx/v3/internal" + "github.com/spdx/tools-golang/spdx/v3/internal/ld" ) func From_v2_3(doc v2_3.Document, d *Document) { diff --git a/spdx/v3/v3_0/convert_v301_test.go b/spdx/v3/v3_0/convert_v301_test.go index f8a7fea2..14faa178 100644 --- a/spdx/v3/v3_0/convert_v301_test.go +++ b/spdx/v3/v3_0/convert_v301_test.go @@ -3,9 +3,8 @@ package v3_0 import ( "time" - "github.com/kzantow/go-ld" - "github.com/spdx/tools-golang/spdx/v2/v2_3" + "github.com/spdx/tools-golang/spdx/v3/internal/ld" ) func v301doc() *Document { diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go index cd5dd5c7..56a24b4d 100755 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -1,4 +1,4 @@ -// Generated by github.com/kzantow/go-ld +// Generated by github.com/spdx/tools-golang/spdx/v3/internal/ld // // SPDX-License-Identifier: MIT @@ -7,7 +7,7 @@ package v3_0 import ( "time" - "github.com/kzantow/go-ld" + "github.com/spdx/tools-golang/spdx/v3/internal/ld" ) type AnyAIPackage interface { diff --git a/spdx/v3/v3_0/model_validations.go b/spdx/v3/v3_0/model_validations.go index 21938173..ed86ffd9 100755 --- a/spdx/v3/v3_0/model_validations.go +++ b/spdx/v3/v3_0/model_validations.go @@ -1,10 +1,10 @@ -// Generated by github.com/kzantow/go-ld +// Generated by github.com/spdx/tools-golang/spdx/v3/internal/ld // // SPDX-License-Identifier: MIT package v3_0 -import "github.com/kzantow/go-ld" +import "github.com/spdx/tools-golang/spdx/v3/internal/ld" func (o *AIPackage) Validate() error { return ld.JoinErrors( diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0/spdx.go index d305eb12..7de22042 100644 --- a/spdx/v3/v3_0/spdx.go +++ b/spdx/v3/v3_0/spdx.go @@ -8,10 +8,8 @@ import ( "reflect" "time" - "github.com/davecgh/go-spew/spew" - "github.com/kzantow/go-ld" - "github.com/spdx/tools-golang/spdx/v3/internal" + "github.com/spdx/tools-golang/spdx/v3/internal/ld" ) /* @@ -162,7 +160,7 @@ func (d *Document) ensureAllDocumentElements() { for _, e := range d.Elements { v := reflect.ValueOf(e) if v.Kind() != reflect.Pointer { - panic("non-pointer type in elements: %v" + spew.Sdump(v)) + panic(fmt.Sprintf("non-pointer type in elements: %#v", v)) } all[v] = struct{}{} } diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0/spdx_test.go index 76390836..068184ce 100644 --- a/spdx/v3/v3_0/spdx_test.go +++ b/spdx/v3/v3_0/spdx_test.go @@ -10,10 +10,10 @@ import ( "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" - "github.com/kzantow/go-ld" "github.com/pmezard/go-difflib/difflib" "github.com/stretchr/testify/require" + "github.com/spdx/tools-golang/spdx/v3/internal/ld" spdx "github.com/spdx/tools-golang/spdx/v3/v3_0" )