1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
package spdx
// File2_1 is a File section of an SPDX Document for version 2.1 of the spec.
type File2_1 struct {
// 4.1: File Name
// Cardinality: mandatory, one
FileName string `json:"fileName"`
// 4.2: File SPDX Identifier: "SPDXRef-[idstring]"
// Cardinality: mandatory, one
FileSPDXIdentifier ElementID `json:"SPDXID"`
// 4.3: File Types
// Cardinality: optional, multiple
FileTypes []string `json:"fileTypes,omitempty"`
// 4.4: File Checksum: may have keys for SHA1, SHA256 and/or MD5
// Cardinality: mandatory, one SHA1, others may be optionally provided
Checksums []Checksum `json:"checksums"`
// 4.5: Concluded License: SPDX License Expression, "NONE" or "NOASSERTION"
// Cardinality: mandatory, one
LicenseConcluded string `json:"licenseConcluded"`
// 4.6: License Information in File: SPDX License Expression, "NONE" or "NOASSERTION"
// Cardinality: mandatory, one or many
LicenseInfoInFiles []string `json:"licenseInfoInFiles"`
// 4.7: Comments on License
// Cardinality: optional, one
LicenseComments string `json:"licenseComments,omitempty"`
// 4.8: Copyright Text: copyright notice(s) text, "NONE" or "NOASSERTION"
// Cardinality: mandatory, one
FileCopyrightText string `json:"copyrightText"`
// DEPRECATED in version 2.1 of spec
// 4.9-4.11: Artifact of Project variables (defined below)
// Cardinality: optional, one or many
ArtifactOfProjects []*ArtifactOfProject2_1 `json:"-"`
// 4.12: File Comment
// Cardinality: optional, one
FileComment string `json:"comment,omitempty"`
// 4.13: File Notice
// Cardinality: optional, one
FileNotice string `json:"noticeText,omitempty"`
// 4.14: File Contributor
// Cardinality: optional, one or many
FileContributors []string `json:"fileContributors,omitempty"`
// DEPRECATED in version 2.0 of spec
// 4.15: File Dependencies
// Cardinality: optional, one or many
FileDependencies []string `json:"-"`
// Snippets contained in this File
// Note that Snippets could be defined in a different Document! However,
// the only ones that _THIS_ document can contain are the ones that are
// defined here -- so this should just be an ElementID.
Snippets map[ElementID]*Snippet2_1 `json:"-"`
Annotations []Annotation2_1 `json:"annotations"`
}
// ArtifactOfProject2_1 is a DEPRECATED collection of data regarding
// a Package, as defined in sections 4.9-4.11 in version 2.1 of the spec.
type ArtifactOfProject2_1 struct {
// DEPRECATED in version 2.1 of spec
// 4.9: Artifact of Project Name
// Cardinality: conditional, required if present, one per AOP
Name string
// DEPRECATED in version 2.1 of spec
// 4.10: Artifact of Project Homepage: URL or "UNKNOWN"
// Cardinality: optional, one per AOP
HomePage string
// DEPRECATED in version 2.1 of spec
// 4.11: Artifact of Project Uniform Resource Identifier
// Cardinality: optional, one per AOP
URI string
}
// File2_2 is a File section of an SPDX Document for version 2.2 of the spec.
type File2_2 struct {
// 4.1: File Name
// Cardinality: mandatory, one
FileName string `json:"fileName"`
// 4.2: File SPDX Identifier: "SPDXRef-[idstring]"
// Cardinality: mandatory, one
FileSPDXIdentifier ElementID `json:"SPDXID"`
// 4.3: File Types
// Cardinality: optional, multiple
FileTypes []string `json:"fileTypes,omitempty"`
// 4.4: File Checksum: may have keys for SHA1, SHA256 and/or MD5
// Cardinality: mandatory, one SHA1, others may be optionally provided
Checksums []Checksum `json:"checksums"`
// 4.5: Concluded License: SPDX License Expression, "NONE" or "NOASSERTION"
// Cardinality: mandatory, one
LicenseConcluded string `json:"licenseConcluded"`
// 4.6: License Information in File: SPDX License Expression, "NONE" or "NOASSERTION"
// Cardinality: mandatory, one or many
LicenseInfoInFiles []string `json:"licenseInfoInFiles"`
// 4.7: Comments on License
// Cardinality: optional, one
LicenseComments string `json:"licenseComments,omitempty"`
// 4.8: Copyright Text: copyright notice(s) text, "NONE" or "NOASSERTION"
// Cardinality: mandatory, one
FileCopyrightText string `json:"copyrightText"`
// DEPRECATED in version 2.1 of spec
// 4.9-4.11: Artifact of Project variables (defined below)
// Cardinality: optional, one or many
ArtifactOfProjects []*ArtifactOfProject2_2 `json:"-"`
// 4.12: File Comment
// Cardinality: optional, one
FileComment string `json:"comment,omitempty"`
// 4.13: File Notice
// Cardinality: optional, one
FileNotice string `json:"noticeText,omitempty"`
// 4.14: File Contributor
// Cardinality: optional, one or many
FileContributors []string `json:"fileContributors,omitempty"`
// 4.15: File Attribution Text
// Cardinality: optional, one or many
FileAttributionTexts []string `json:"attributionTexts,omitempty"`
// DEPRECATED in version 2.0 of spec
// 4.16: File Dependencies
// Cardinality: optional, one or many
FileDependencies []string `json:"-"`
// Snippets contained in this File
// Note that Snippets could be defined in a different Document! However,
// the only ones that _THIS_ document can contain are this ones that are
// defined here -- so this should just be an ElementID.
Snippets map[ElementID]*Snippet2_2 `json:"-"`
Annotations []Annotation2_2 `json:"annotations,omitempty"`
}
// ArtifactOfProject2_2 is a DEPRECATED collection of data regarding
// a Package, as defined in sections 4.9-4.11 in version 2.2 of the spec.
type ArtifactOfProject2_2 struct {
// DEPRECATED in version 2.1 of spec
// 4.9: Artifact of Project Name
// Cardinality: conditional, required if present, one per AOP
Name string
// DEPRECATED in version 2.1 of spec
// 4.10: Artifact of Project Homepage: URL or "UNKNOWN"
// Cardinality: optional, one per AOP
HomePage string
// DEPRECATED in version 2.1 of spec
// 4.11: Artifact of Project Uniform Resource Identifier
// Cardinality: optional, one per AOP
URI string
}
|
