diff options
author | Steve Winslow <steve@swinslow.net> | 2020-06-07 12:45:40 -0400 |
---|---|---|
committer | Steve Winslow <steve@swinslow.net> | 2020-06-07 12:45:40 -0400 |
commit | b6365e345b8f84f32452886440321121dc0ff3fa (patch) | |
tree | cb26c359f20b3bef29709541e8c1349b16eb8736 /spdx | |
parent | d6c20c13d2bb539a5ae57ceef0f0de812fe94220 (diff) | |
parent | feb87345dfd6d6f76a9b1fc2ef413a2e8a756be8 (diff) | |
download | spdx-tools-b6365e345b8f84f32452886440321121dc0ff3fa.tar.gz |
Merge branch 'master' into issue-25
Diffstat (limited to 'spdx')
-rw-r--r-- | spdx/annotation.go | 2 | ||||
-rw-r--r-- | spdx/creation_info.go | 2 | ||||
-rw-r--r-- | spdx/document.go | 11 | ||||
-rw-r--r-- | spdx/file.go | 7 | ||||
-rw-r--r-- | spdx/identifier.go | 54 | ||||
-rw-r--r-- | spdx/package.go | 9 | ||||
-rw-r--r-- | spdx/relationship.go | 4 | ||||
-rw-r--r-- | spdx/snippet.go | 4 |
8 files changed, 73 insertions, 20 deletions
diff --git a/spdx/annotation.go b/spdx/annotation.go index 0846d62..9687a28 100644 --- a/spdx/annotation.go +++ b/spdx/annotation.go @@ -21,7 +21,7 @@ type Annotation2_1 struct { // 8.4: SPDX Identifier Reference // Cardinality: conditional (mandatory, one) if there is an Annotation - AnnotationSPDXIdentifier string + AnnotationSPDXIdentifier DocElementID // 8.5: Annotation Comment // Cardinality: conditional (mandatory, one) if there is an Annotation diff --git a/spdx/creation_info.go b/spdx/creation_info.go index 27db3fc..af03dad 100644 --- a/spdx/creation_info.go +++ b/spdx/creation_info.go @@ -16,7 +16,7 @@ type CreationInfo2_1 struct { // 2.3: SPDX Identifier; should be "SPDXRef-DOCUMENT" // Cardinality: mandatory, one - SPDXIdentifier string + SPDXIdentifier ElementID // 2.4: Document Name // Cardinality: mandatory, one diff --git a/spdx/document.go b/spdx/document.go index 6b116a8..1e054ba 100644 --- a/spdx/document.go +++ b/spdx/document.go @@ -6,11 +6,12 @@ package spdx // Document2_1 is an SPDX Document for version 2.1 of the spec. // See https://spdx.org/sites/cpstandard/files/pages/files/spdxversion2.1.pdf type Document2_1 struct { - CreationInfo *CreationInfo2_1 - Packages []*Package2_1 - OtherLicenses []*OtherLicense2_1 - Relationships []*Relationship2_1 - Annotations []*Annotation2_1 + CreationInfo *CreationInfo2_1 + Packages map[ElementID]*Package2_1 + UnpackagedFiles map[ElementID]*File2_1 + OtherLicenses []*OtherLicense2_1 + Relationships []*Relationship2_1 + Annotations []*Annotation2_1 // DEPRECATED in version 2.0 of spec Reviews []*Review2_1 diff --git a/spdx/file.go b/spdx/file.go index 3732107..f7c1b42 100644 --- a/spdx/file.go +++ b/spdx/file.go @@ -11,7 +11,7 @@ type File2_1 struct { // 4.2: File SPDX Identifier: "SPDXRef-[idstring]" // Cardinality: mandatory, one - FileSPDXIdentifier string + FileSPDXIdentifier ElementID // 4.3: File Type // Cardinality: optional, multiple @@ -62,7 +62,10 @@ type File2_1 struct { FileDependencies []string // Snippets contained in this File - Snippets []*Snippet2_1 + // Note that Snippets could be defined in a different Document! However, + // the only ones that _THIS_ document can contain are this ones that are + // defined here -- so this should just be an ElementID. + Snippets map[ElementID]*Snippet2_1 } // ArtifactOfProject2_1 is a DEPRECATED collection of data regarding diff --git a/spdx/identifier.go b/spdx/identifier.go new file mode 100644 index 0000000..496aeb3 --- /dev/null +++ b/spdx/identifier.go @@ -0,0 +1,54 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package spdx + +// ElementID represents the identifier string portion of an SPDX element +// identifier. DocElementID should be used for any attributes which can +// contain identifiers defined in a different SPDX document. +// ElementIDs should NOT contain the mandatory 'SPDXRef-' portion. +type ElementID string + +// DocElementID represents an SPDX element identifier that could be defined +// in a different SPDX document, and therefore could have a "DocumentRef-" +// portion, such as Relationships and Annotations. +// ElementID is used for attributes in which a "DocumentRef-" portion cannot +// appear, such as a Package or File definition (since it is necessarily +// being defined in the present document). +// DocumentRefID will be the empty string for elements defined in the +// present document. +// DocElementIDs should NOT contain the mandatory 'DocumentRef-' or +// 'SPDXRef-' portions. +type DocElementID struct { + DocumentRefID string + ElementRefID ElementID +} + +// TODO: add equivalents for LicenseRef- identifiers + +// MakeDocElementID takes strings (without prefixes) for the DocumentRef- +// and SPDXRef- identifiers, and returns a DocElementID. An empty string +// should be used for the DocumentRef- portion if it is referring to the +// present document. +func MakeDocElementID(docRef string, eltRef string) DocElementID { + return DocElementID{ + DocumentRefID: docRef, + ElementRefID: ElementID(eltRef), + } +} + +// RenderElementID takes an ElementID and returns the string equivalent, +// with the SPDXRef- prefix reinserted. +func RenderElementID(eID ElementID) string { + return "SPDXRef-" + string(eID) +} + +// RenderDocElementID takes a DocElementID and returns the string equivalent, +// with the SPDXRef- prefix (and, if applicable, the DocumentRef- prefix) +// reinserted. +func RenderDocElementID(deID DocElementID) string { + prefix := "" + if deID.DocumentRefID != "" { + prefix = "DocumentRef-" + deID.DocumentRefID + ":" + } + return prefix + "SPDXRef-" + string(deID.ElementRefID) +} diff --git a/spdx/package.go b/spdx/package.go index 901fb48..dd793ab 100644 --- a/spdx/package.go +++ b/spdx/package.go @@ -5,18 +5,13 @@ package spdx // Package2_1 is a Package section of an SPDX Document for version 2.1 of the spec. type Package2_1 struct { - // NOT PART OF SPEC - // flag: does this "package" contain files that were in fact "unpackaged", - // e.g. included directly in the Document without being in a Package? - IsUnpackaged bool - // 3.1: Package Name // Cardinality: mandatory, one PackageName string // 3.2: Package SPDX Identifier: "SPDXRef-[idstring]" // Cardinality: mandatory, one - PackageSPDXIdentifier string + PackageSPDXIdentifier ElementID // 3.3: Package Version // Cardinality: optional, one @@ -115,7 +110,7 @@ type Package2_1 struct { // contained within PackageExternalReference2_1 struct, if present // Files contained in this Package - Files []*File2_1 + Files map[ElementID]*File2_1 } // PackageExternalReference2_1 is an External Reference to additional info diff --git a/spdx/relationship.go b/spdx/relationship.go index bc87967..ef524a3 100644 --- a/spdx/relationship.go +++ b/spdx/relationship.go @@ -11,8 +11,8 @@ type Relationship2_1 struct { // one mandatory for SPDX Document with multiple packages // RefA and RefB are first and second item // Relationship is type from 7.1.1 - RefA string - RefB string + RefA DocElementID + RefB DocElementID Relationship string // 7.2: Relationship Comment diff --git a/spdx/snippet.go b/spdx/snippet.go index 14b3b25..89680c5 100644 --- a/spdx/snippet.go +++ b/spdx/snippet.go @@ -7,11 +7,11 @@ type Snippet2_1 struct { // 5.1: Snippet SPDX Identifier: "SPDXRef-[idstring]" // Cardinality: mandatory, one - SnippetSPDXIdentifier string + SnippetSPDXIdentifier ElementID // 5.2: Snippet from File SPDX Identifier // Cardinality: mandatory, one - SnippetFromFileSPDXIdentifier string + SnippetFromFileSPDXIdentifier DocElementID // 5.3: Snippet Byte Range: [start byte]:[end byte] // Cardinality: mandatory, one |