cyclonedx.model.component_evidence
Classes
Enum object that defines the permissible field types for Identity. |
|
Enum object that defines the permissible analysis techniques. |
|
Represents a method used to extract and/or analyze evidence. |
|
Our internal representation of the identityType complex type. |
|
Our internal representation of the occurrenceType complex type. |
|
Represents an individual frame in a call stack. |
|
Our internal representation of the callStackType complex type. |
|
Our internal representation of the componentEvidenceType complex type. |
Module Contents
- class cyclonedx.model.component_evidence.IdentityField
Bases:
str,enum.EnumEnum object that defines the permissible field types for Identity.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/json/#components_items_evidence_identity
- GROUP = 'group'
- NAME = 'name'
- VERSION = 'version'
- PURL = 'purl'
- CPE = 'cpe'
- OMNIBOR_ID = 'omniborId'
- SWHID = 'swhid'
- SWID = 'swid'
- HASH = 'hash'
- class cyclonedx.model.component_evidence.AnalysisTechnique
Bases:
str,enum.EnumEnum object that defines the permissible analysis techniques.
- SOURCE_CODE_ANALYSIS = 'source-code-analysis'
- BINARY_ANALYSIS = 'binary-analysis'
- MANIFEST_ANALYSIS = 'manifest-analysis'
- AST_FINGERPRINT = 'ast-fingerprint'
- HASH_COMPARISON = 'hash-comparison'
- INSTRUMENTATION = 'instrumentation'
- DYNAMIC_ANALYSIS = 'dynamic-analysis'
- FILENAME = 'filename'
- ATTESTATION = 'attestation'
- OTHER = 'other'
- class cyclonedx.model.component_evidence.Method
Represents a method used to extract and/or analyze evidence.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/json/#components_items_evidence_identity_oneOf_i0_items_methods
- technique: AnalysisTechnique
- confidence: decimal.Decimal
- value: str | None
- class cyclonedx.model.component_evidence.Identity
Our internal representation of the identityType complex type.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/json/#components_items_evidence_identity
- field: IdentityField
- confidence: decimal.Decimal | None
- concluded_value: str | None
- class cyclonedx.model.component_evidence.Occurrence
Our internal representation of the occurrenceType complex type.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/json/#components_items_evidence_occurrences
- location: str
- bom_ref: cyclonedx.model.bom_ref.BomRef
- line: int | None
- offset: int | None
- symbol: str | None
- additional_context: str | None
- class cyclonedx.model.component_evidence.CallStackFrame
Represents an individual frame in a call stack.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/json/#components_items_evidence_callstack
- module: str
- package: str | None
- function: str | None
- parameters: SortedSet[str]
- line: int | None
- column: int | None
- full_filename: str | None
- class cyclonedx.model.component_evidence.CallStack
Our internal representation of the callStackType complex type. Contains an array of stack frames describing a call stack from when a component was identified.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/json/#components_items_evidence_callstack
- frames: list[CallStackFrame]
- class cyclonedx.model.component_evidence.ComponentEvidence
Our internal representation of the componentEvidenceType complex type.
Provides the ability to document evidence collected through various forms of extraction or analysis.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/xml/#type_componentEvidenceType
- occurrences: SortedSet[Occurrence]