Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add Lite profile examples #91

Open
wants to merge 41 commits into
base: master
Choose a base branch
from
Open

add Lite profile examples #91

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
94d44aa
Initial example1-with-VEX
no-ta Jul 1, 2024
d14f88e
change user.name
no-ta Jul 1, 2024
396caba
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 2, 2024
ea55dc8
Apply https://github.com/spdx/spdx-examples/pull/91
no-ta Jul 2, 2024
bddcddb
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 10, 2024
07d0403
Apply https://github.com/spdx/spdx-examples/pull/91
no-ta Jul 10, 2024
79aed87
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 10, 2024
c941fa5
Change file suffix from .jsonld to .json
no-ta Jul 10, 2024
c10db29
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 10, 2024
9c95165
Change spdxId in sotware_Sbom and packageVersion in software_Pacakge
no-ta Jul 10, 2024
cf9eb4e
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 10, 2024
1f83d0a
Change spdxId in sotware_Sbom and packageVersion in software_Pacakge
no-ta Jul 10, 2024
03c5ebe
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 10, 2024
ae7eb1e
Change spdxId in sotware_Sbom and packageVersion in software_Pacakge
no-ta Jul 10, 2024
1091965
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 10, 2024
db80bdd
Update png files for https://github.com/spdx/spdx-examples/pull/91
no-ta Jul 10, 2024
62bcac5
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 11, 2024
54fcef8
Update png files for https://github.com/spdx/spdx-examples/pull/91
no-ta Jul 11, 2024
c64a58f
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 11, 2024
552d82e
Add lite profile examples
NorioKobota Jul 2, 2024
b15cde1
modify to follow suggested at https://github.com/spdx/spdx-examples/p…
NorioKobota Jul 20, 2024
8a584c7
rename fname and move into spdx-3.0 dir to follow suggestions at http…
NorioKobota Jul 20, 2024
b04d429
applied the same modifications to sample2
NorioKobota Jul 20, 2024
8612d57
Merge pull request #3 from no-ta/merge-lite-example-1
NorioKobota Jul 20, 2024
d55f3a0
rename sample2.spdx.json
NorioKobota Jul 20, 2024
e92743b
Rename json file name .json to .spdx.json
no-ta Jul 11, 2024
ae3944e
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 21, 2024
595f7a2
Rename json file name .json to .spdx.json in README.md
no-ta Jul 21, 2024
3294f33
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 21, 2024
53e7389
Rename json file name .json to .spdx.json in README.md
no-ta Jul 21, 2024
e8b6ccd
Rename json file name .json to .spdx.json in README.md
no-ta Jul 21, 2024
391ffb4
Added spdx-3.0 directory
no-ta Jul 21, 2024
eac3284
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 21, 2024
0750598
Merge pull request #4 from no-ta/merge-lite-example-1
NorioKobota Jul 21, 2024
9750bfb
Added security_ prefix to types in Security profile
no-ta Jul 21, 2024
47a4c48
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 22, 2024
de67a55
Added security_ prefix to types in Security profile
no-ta Jul 22, 2024
53c888f
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 22, 2024
7d78340
Fix to add missing type and externalIdentifierType in Vulnerability c…
no-ta Jul 22, 2024
7014669
Merge branch 'merge-lite-example-1' of https://github.com/no-ta/spdx-…
no-ta Jul 25, 2024
56e03a9
Merge pull request #5 from no-ta/merge-lite-example-1
NorioKobota Jul 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
191 changes: 191 additions & 0 deletions lite/example1-with-VEX/spdx-3.0/Lite-example-1-1-with-VEX.spdx.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,191 @@
{
"@context": "https://spdx.github.io/spdx-spec/v3.0/model/spdx-context.jsonld",
"@graph": [
{
"type": "SpdxDocument",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Document/1",
"name": "Lite-SpdxDocument",
"comment": "if any",
"creationInfo": "_:creationinfo",
"verifiedUsing": [{
"type": "Hash",
"algorithm": "sha3_512",
"hashValue": "hash value of Sbom object"
}],
"rootElement": [ "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Sbom/1" ],
"element": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Sbom/1",
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Bom/1"
],
"namespaceMap": [{
"type": "NamespaceMap",
"prefix": "lite-example",
"namespace": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Lite/1"
}],
"dataLicense": "CC0-1.0"
},
{
"type": "software_Sbom",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Sbom/1",
"creationInfo": "_:creationinfo",
"rootElement": [ "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1" ],
"element": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1",
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/LicenseExpression/1",
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/1",
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/2",
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/3"
],
"software_sbomType": [ "build" ]
},
{
"type": "CreationInfo",
"@id": "_:creationinfo",
"specVersion": "3.0.0",
"comment": "if any",
"created": "2024-05-06T00:00:00Z",
"createdBy": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"createdBy": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota"
"createdBy": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota"
]

},
{
"type": "Person",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota",
"name": "Norio Kobota",
"creationInfo": "_:creationinfo",
"externalIdentifier": {
"type": "ExternalIdentifier",
"externalIdentifierType": "email",
"identifier": "[email protected]"
}
},
{
"type": "software_Package",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1",
"name": "my-package",
"comment": "if any",
"creationInfo": "_:creationinfo",
"verifiedUsing": [{
"type": "Hash",
"algorithm": "sha3_512",
"hashValue": "hash value of the package file"
}],
"originatedBy": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota"
],
"suppliedBy": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota",
"builtTime": "2024-05-06T00:00:00Z",
"releaseTime": "2024-05-06T00:00:00Z",
"validUntilTime": "2034-05-06T00:00:00Z",
"supportLevel": "limitedSupport",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"supportLevel": "limitedSupport",
"supportLevel": [
"limitedSupport"
],

"software_copyrightText": "copyright text",
"software_attributionText": "other attribution text",
Comment on lines +79 to +80
Copy link
Contributor

@bact bact Sep 3, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"software_copyrightText": "copyright text",
"software_attributionText": "other attribution text",
"software_copyrightText": "copyright text",
"software_attributionText": [
"other attribution text"
],

Comment on lines +78 to +80
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"supportLevel": "limitedSupport",
"software_copyrightText": "copyright text",
"software_attributionText": "other attribution text",
"supportLevel": [
"limitedSupport"
],
"software_copyrightText": "copyright text",
"software_attributionText": [
"other attribution text"
],

"software_packageVersion": "v1.0",
"software_downloadLocation": "http://dl.example.com/my-package_v1.0.tar",
"software_packageUrl": "pkg:github/example/my-package/releases/tag/v1.0",
"software_homepage": "website for the Package/1"
},
{
"type": "simpleLicensing_LicenseExpression",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"type": "simpleLicensing_LicenseExpression",
"type": "simplelicensing_LicenseExpression",

"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/LicenseExpression/1",
"creationInfo": "_:creationinfo",
"simpleLicensing_licenseExpression": "MIT",
"simpleLicensing_licenseListVersion": "3.23.0"
Comment on lines +90 to +91
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"simpleLicensing_licenseExpression": "MIT",
"simpleLicensing_licenseListVersion": "3.23.0"
"simplelicensing_licenseExpression": "MIT",
"simplelicensing_licenseListVersion": "3.23.0"

},
{
"type": "Relationship",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/1",
"creationInfo": "_:creationinfo",
"from": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Sbom/1",
"to": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1"
],
"relationshipType": "contains"
},
{
"type": "Relationship",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/2",
"creationInfo": "_:creationinfo",
"from": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1",
"to": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/LicenseExpression/1"
],
"relationshipType": "hasDeclaredLicense"
},
{
"type": "Relationship",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/3",
"creationInfo": "_:creationinfo",
"from": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1",
"to": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/LicenseExpression/1"
],
"relationshipType": "hasConcludedLicense"
},
{
"type": "Bom",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Bom/1",
"creationInfo": "_:creationinfo_vex1",
"extension": [{
"cdxPropName": "VexDocumentVersion",
"cdxPropValue": "0"
}],
"rootElement": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Vulnerability/1"
],
"element": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Vunlnerability/1",
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/vul1",
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/VexUnderInvestigationVulnAssessmentRelationship/1"
]
},
{
"type": "CreationInfo",
"@id": "_:creationinfo_vex1",
"specVersion": "3.0.0",
"comment": "if any",
"created": "2024-05-06T00:00:00Z",
"createdBy": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota"
},
{
"type": "security_Vulnerability",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Vulnerability/1",
"name": "CVE-1234-1234",
"comment": "if any",
"creationInfo": "_:creationinfo_vex1",
"externalIdetifier": {
"type": "ExternalIdentifier",
"externalIdentifierType": "cve",
"identifier": "CVE-1234-1234",
"comment": "must"
},
"security_publishedTime": "2024-05-06T00:00:00Z",
"security_modifiedTime": "2024-05-06T00:00:00Z"
},
{
"type": "Relationship",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Relationship/vul1",
"creationInfo": "_:creationinfo_vex1",
"from": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1",
"to": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Vulnerability/1"
],
"relationshipType": "hasAssociatedVulnerability"
},
{
"type": "security_VexUnderInvestigationVulnAssessmentRelationship",
"spdxId": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/VexUnderInvestigationVulnAssessmentRelationship/1",
"name": "if any",
"comment": "if any",
"creationInfo": "_:creationinfo_vex1",
"from": "https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Vulnerability/1",
"to": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Package/1"
],
"relationshipType": "underInvestigationFor",
"suppliedBy": [
"https://spdx.org/spdxdocs/08f113e9-a0b0-4482-a0ed-c4e18e5136be/Agent/NorioKobota"
],
"security_vexVersion": "0",
"security_statusNotes": "if any"
}
]
}
Loading
Loading