diff --git a/go.mod b/go.mod index 117238d..07576e5 100644 --- a/go.mod +++ b/go.mod @@ -4,14 +4,17 @@ go 1.23.0 require ( github.com/anchore/go-struct-converter v0.0.0-20240925125616-a0883641c664 + github.com/davecgh/go-spew v1.1.1 github.com/google/go-cmp v0.6.0 + github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625 + github.com/pmezard/go-difflib v1.0.0 github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb github.com/stretchr/testify v1.10.0 sigs.k8s.io/yaml v1.4.0 ) require ( - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b // indirect + github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index ee46007..235de75 100644 --- a/go.sum +++ b/go.sum @@ -5,8 +5,14 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625 h1:xFbgOwCtZx5bu7Ggnn1eHhPyjIG2vtQgpio5zH6onUU= +github.com/kzantow/go-ld v0.0.0-20250305231540-23fb13522625/go.mod h1:P7HdHSjYOcim2o9GWUj011qCd9bEOc+Bg8SeW6JKV8M= +github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b h1:xyh6boGzDR4EpdEDe9ix1KhHNgOSiBjBocahA6FalEQ= +github.com/piprate/json-gold v0.5.1-0.20241210232033-19254b3ec65b/go.mod h1:RVhE35veDX19r5gfUAR+IYHkAUuPwJO8Ie/qVeFaIzw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 h1:J9b7z+QKAmPf4YLrFg6oQUotqHQeUNWwkvo7jZp1GLU= +github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb h1:7G2Czq97VORM5xNRrD8tSQdhoXPRs8s+Otlc7st9TS0= github.com/spdx/gordf v0.0.0-20250128162952-000978ccd6fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= diff --git a/spdx/v3/v3_0/model.go b/spdx/v3/v3_0/model.go old mode 100644 new mode 100755 index 9a9c479..a306446 --- a/spdx/v3/v3_0/model.go +++ b/spdx/v3/v3_0/model.go @@ -1,3982 +1,5763 @@ -// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT +// Generated by github.com/kzantow/go-ld // -// SPDX-License-Identifier: 0BSD +// SPDX-License-Identifier: MIT package v3_0 import ( - "iter" "reflect" "time" + + "github.com/kzantow/go-ld" ) -// A class for describing the energy consumption incurred by an AI model in -// different stages of its lifecycle. -type AiEnergyConsumption struct { - ID string `iri:"@id"` +type AnyAIPackage interface { + asAIPackage() *AIPackage +} + +// AIPackage Specifies an AI package and its associated information. +type AIPackage struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/AIPackage"` + Package + // Domains Captures the domain in which the AI package can be used. + Domains []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/domain" type:"http://www.w3.org/2001/XMLSchema#string"` + // EnergyConsumption Indicates the amount of energy consumption incurred by an AI model. + EnergyConsumption AnyEnergyConsumption `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption"` + // ModelDataPreprocessings Describes all the preprocessing steps applied to the training data before the\nmodel training. + ModelDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" type:"http://www.w3.org/2001/XMLSchema#string"` + // UseSensitivePersonalInformation Records if sensitive personal information is used during model training or\ncould be used during the inference. + UseSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + // AutonomyType Indicates whether the system can perform a decision or action without human\ninvolvement or guidance. + AutonomyType PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + // SafetyRiskAssessment Records the results of general safety risk assessment of the AI system. + SafetyRiskAssessment SafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" type:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType"` + // Hyperparameters Records a hyperparameter used to build the AI model contained in the AI\npackage. + Hyperparameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // Limitation Captures a limitation of the AI software. + Limitation string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/limitation" type:"http://www.w3.org/2001/XMLSchema#string"` + // ModelExplainabilities Describes methods that can be used to explain the results from the AI model. + ModelExplainabilities []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardCompliances Captures a standard that is being complied with. + StandardCompliances []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" type:"http://www.w3.org/2001/XMLSchema#string"` + // MetricDecisionThresholds Captures the threshold that was used for computation of a metric described in\nthe metric field. + MetricDecisionThresholds DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // TypeOfModels Records the type of the model used in the AI software. + TypeOfModels []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" type:"http://www.w3.org/2001/XMLSchema#string"` + // InformationAboutApplication Provides relevant information about the AI software, not including the model\ndescription. + InformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" type:"http://www.w3.org/2001/XMLSchema#string"` + // InformationAboutTraining Describes relevant information about different steps of the training process. + InformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" type:"http://www.w3.org/2001/XMLSchema#string"` + // Metrics Records the measurement of prediction quality of the AI model. + Metrics DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metric" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` +} + +func (o *AIPackage) asAIPackage() *AIPackage { + return o +} - // Specifies the amount of energy consumed when finetuning the AI model that is - // being used in the AI system. - AiFinetuningEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" iri-compact:"ai_finetuningEnergyConsumption"` +type AIPackageList []AnyAIPackage - // Specifies the amount of energy consumed during inference time by an AI model - // that is being used in the AI system. - AiInferenceEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" iri-compact:"ai_inferenceEnergyConsumption"` +func (o *AIPackageList) AIPackages() ld.TypeSeq[AnyAIPackage, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) +} - // Specifies the amount of energy consumed when training the AI model that is - // being used in the AI system. - AiTrainingEnergyConsumptions AiEnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" iri-compact:"ai_trainingEnergyConsumption"` +type AnyAgent interface { + asAgent() *Agent } -func castAiEnergyConsumption(o any) *AiEnergyConsumption { - if o, ok := o.(AnyAiEnergyConsumption); ok { - return o.asAiEnergyConsumption() - } - return nil +// Agent represents anything with the potential to act on a system. +type Agent struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + Element } -func (o *AiEnergyConsumption) asAiEnergyConsumption() *AiEnergyConsumption { +func (o *Agent) asAgent() *Agent { return o } -type AnyAiEnergyConsumption interface { - asAiEnergyConsumption() *AiEnergyConsumption -} +type AgentList []AnyAgent -type AiEnergyConsumptionList []AnyAiEnergyConsumption +func (o *AgentList) Agents() ld.TypeSeq[AnyAgent, *Agent] { + return ld.NewTypeSeq(*o, castAgent) +} -func (o *AiEnergyConsumptionList) AiEnergyConsumptionIter() iter.Seq2[AnyAiEnergyConsumption, *AiEnergyConsumption] { - return typeIter(*o, castAiEnergyConsumption) +func (o *AgentList) Organizations() ld.TypeSeq[AnyAgent, *Organization] { + return ld.NewTypeSeq(*o, castOrganization) } -// The class that helps note down the quantity of energy consumption and the unit -// used for measurement. -type AiEnergyConsumptionDescription struct { - ID string `iri:"@id"` +func (o *AgentList) People() ld.TypeSeq[AnyAgent, *Person] { + return ld.NewTypeSeq(*o, castPerson) +} - // Represents the energy quantity. - AiEnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" iri-compact:"ai_energyQuantity"` - // Specifies the unit in which energy is measured. - AiEnergyUnit aiEnergyUnitType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" iri-compact:"ai_energyUnit"` +func (o *AgentList) SoftwareAgents() ld.TypeSeq[AnyAgent, *SoftwareAgent] { + return ld.NewTypeSeq(*o, castSoftwareAgent) } -func castAiEnergyConsumptionDescription(o any) *AiEnergyConsumptionDescription { - if o, ok := o.(AnyAiEnergyConsumptionDescription); ok { - return o.asAiEnergyConsumptionDescription() - } - return nil +type AnyAnnotation interface { + asAnnotation() *Annotation } -func (o *AiEnergyConsumptionDescription) asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription { - return o +// Annotation An assertion made in relation to one or more elements. +type Annotation struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Annotation"` + Element + // Subject An Element an annotator has made an assertion about. + Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // Statement Commentary on an assertion that an annotator has made. + Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" type:"http://www.w3.org/2001/XMLSchema#string"` + // AnnotationType Describes the type of annotation. + AnnotationType AnnotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` } -type AnyAiEnergyConsumptionDescription interface { - asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription +func (o *Annotation) asAnnotation() *Annotation { + return o } -type AiEnergyConsumptionDescriptionList []AnyAiEnergyConsumptionDescription +type AnnotationList []AnyAnnotation -func (o *AiEnergyConsumptionDescriptionList) AiEnergyConsumptionDescriptionIter() iter.Seq2[AnyAiEnergyConsumptionDescription, *AiEnergyConsumptionDescription] { - return typeIter(*o, castAiEnergyConsumptionDescription) +func (o *AnnotationList) Annotations() ld.TypeSeq[AnyAnnotation, *Annotation] { + return ld.NewTypeSeq(*o, castAnnotation) } -// Specifies the unit of energy consumption. -type aiEnergyUnitType struct { - ID string `iri:"@id"` +// AnnotationType Specifies the type of an annotation. +type AnnotationType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType"` + id string `iri:"@id"` } -// Kilowatt-hour. -var AiEnergyUnitType_KilowattHour = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour"} - -// Megajoule. -var AiEnergyUnitType_Megajoule = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule"} +// AnnotationType_Other Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). +var AnnotationType_Other = AnnotationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", +} -// Any other units of energy measurement. -var AiEnergyUnitType_Other = aiEnergyUnitType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other"} +// AnnotationType_Review Used when someone reviews the Element. +var AnnotationType_Review = AnnotationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review", +} -// Specifies the safety risk level. -type aiSafetyRiskAssessmentType struct { - ID string `iri:"@id"` +type AnyArtifact interface { + asArtifact() *Artifact } -// The second-highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_High = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high"} +// Artifact A distinct article or unit within the digital domain. +type Artifact struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` + Element + // StandardNames The name of a relevant standard that may apply to an artifact. + StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuiltTime Specifies the time an artifact was built. + BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ReleaseTime Specifies the time an artifact was released. + ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // SupportLevels Specifies the level of support associated with an artifact. + SupportLevels []SupportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" type:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // OriginatedBy Identifies from where or whom the Element originally came. + OriginatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // ValidUntilTime Specifies until when the artifact can be used before its usage needs to be\nreassessed. + ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} -// Low/no risk is posed by an AI system. -var AiSafetyRiskAssessmentType_Low = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low"} +func (o *Artifact) asArtifact() *Artifact { + return o +} -// The third-highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_Medium = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium"} +type ArtifactList []AnyArtifact -// The highest level of risk posed by an AI system. -var AiSafetyRiskAssessmentType_Serious = aiSafetyRiskAssessmentType{ID: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious"} +func (o *ArtifactList) AIPackages() ld.TypeSeq[AnyArtifact, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) +} -// Specifies the type of an annotation. -type annotationType struct { - ID string `iri:"@id"` +func (o *ArtifactList) Artifacts() ld.TypeSeq[AnyArtifact, *Artifact] { + return ld.NewTypeSeq(*o, castArtifact) } -// Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element). -var AnnotationType_Other = annotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other"} +func (o *ArtifactList) DatasetPackages() ld.TypeSeq[AnyArtifact, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -// Used when someone reviews the Element. -var AnnotationType_Review = annotationType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review"} +func (o *ArtifactList) Files() ld.TypeSeq[AnyArtifact, *File] { + return ld.NewTypeSeq(*o, castFile) +} -// Provides information about the creation of the Element. -type CreationInfo struct { - ID string `iri:"@id"` +func (o *ArtifactList) Packages() ld.TypeSeq[AnyArtifact, *Package] { + return ld.NewTypeSeq(*o, castPackage) +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Identifies when the Element was originally created. - Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" iri-compact:"created"` - // Identifies who or what created the Element. - CreatedBys AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" iri-compact:"createdBy"` +func (o *ArtifactList) Snippets() ld.TypeSeq[AnyArtifact, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) +} - // Identifies the tooling that was used during the creation of the Element. - CreatedUsings ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" iri-compact:"createdUsing"` +func (o *ArtifactList) SoftwareArtifacts() ld.TypeSeq[AnyArtifact, *SoftwareArtifact] { + return ld.NewTypeSeq(*o, castSoftwareArtifact) +} - // Provides a reference number that can be used to understand how to parse and - // interpret an Element. - SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" iri-compact:"specVersion"` +func (o *ArtifactList) Vulnerabilities() ld.TypeSeq[AnyArtifact, *Vulnerability] { + return ld.NewTypeSeq(*o, castVulnerability) } -func castCreationInfo(o any) *CreationInfo { - if o, ok := o.(AnyCreationInfo); ok { - return o.asCreationInfo() - } - return nil +type AnyBom interface { + asBom() *Bom } -func (o *CreationInfo) asCreationInfo() *CreationInfo { - return o +// Bom A container for a grouping of SPDX-3.0 content characterizing details\n(provenence, composition, licensing, etc.) about a product. +type Bom struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bom"` + Bundle } -type AnyCreationInfo interface { - asCreationInfo() *CreationInfo +func (o *Bom) asBom() *Bom { + return o } -type CreationInfoList []AnyCreationInfo +type BomList []AnyBom -func (o *CreationInfoList) CreationInfoIter() iter.Seq2[AnyCreationInfo, *CreationInfo] { - return typeIter(*o, castCreationInfo) +func (o *BomList) Boms() ld.TypeSeq[AnyBom, *Bom] { + return ld.NewTypeSeq(*o, castBom) } -// A key with an associated value. -type DictionaryEntry struct { - ID string `iri:"@id"` - - // A key used in a generic key-value pair. - Key string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/key" iri-compact:"key"` - // A value used in a generic key-value pair. - Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" iri-compact:"value"` +func (o *BomList) Sboms() ld.TypeSeq[AnyBom, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) } -func castDictionaryEntry(o any) *DictionaryEntry { - if o, ok := o.(AnyDictionaryEntry); ok { - return o.asDictionaryEntry() - } - return nil +type AnyBuild interface { + asBuild() *Build } -func (o *DictionaryEntry) asDictionaryEntry() *DictionaryEntry { +// Build Class that describes a build instance of software/artifacts. +type Build struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Build/Build"` + Element + // BuildId A buildId is a locally unique identifier used by a builder to identify a unique\ninstance of a build produced by it. + BuildId string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" type:"http://www.w3.org/2001/XMLSchema#string"` + // ConfigSourceUris Property that describes the URI of the build configuration source file. + ConfigSourceUris []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // BuildStartTime Property describing the start time of a build. + BuildStartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ConfigSourceDigests Property that describes the digest of the build configuration file used to\ninvoke a build. + ConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" type:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` + // Parameters Property describing a parameter used in an instance of a build. + Parameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // BuildType A buildType is a hint that is used to indicate the toolchain, platform, or\ninfrastructure that the build was invoked on. + BuildType ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // ConfigSourceEntrypoints Property describes the invocation entrypoint of a build. + ConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" type:"http://www.w3.org/2001/XMLSchema#string"` + // BuildEndTime Property that describes the time at which a build stops. + BuildEndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // Environments Property describing the session in which a build is invoked. + Environments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` +} + +func (o *Build) asBuild() *Build { return o } -type AnyDictionaryEntry interface { - asDictionaryEntry() *DictionaryEntry -} +type BuildList []AnyBuild -type DictionaryEntryList []AnyDictionaryEntry +func (o *BuildList) Builds() ld.TypeSeq[AnyBuild, *Build] { + return ld.NewTypeSeq(*o, castBuild) +} -func (o *DictionaryEntryList) DictionaryEntryIter() iter.Seq2[AnyDictionaryEntry, *DictionaryEntry] { - return typeIter(*o, castDictionaryEntry) +type AnyBundle interface { + asBundle() *Bundle } -// Base domain class from which all other SPDX-3.0 domain classes derive. -type Element struct { - ID string `iri:"@id" iri-compact:"spdxId"` +// Bundle A collection of Elements that have a shared context. +type Bundle struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Bundle"` + ElementCollection + // Context Gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under. + Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" type:"http://www.w3.org/2001/XMLSchema#string"` +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Provides information about the creation of the Element. - CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" iri-compact:"creationInfo"` +func (o *Bundle) asBundle() *Bundle { + return o +} - // Provides a detailed description of the Element. - Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" iri-compact:"description"` - // Specifies an Extension characterization of some aspect of an Element. - Extensions ExtensionExtensionList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" iri-compact:"extension"` +type BundleList []AnyBundle - // Provides a reference to a resource outside the scope of SPDX-3.0 content - // that uniquely identifies an Element. - ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" iri-compact:"externalIdentifier"` +func (o *BundleList) Boms() ld.TypeSeq[AnyBundle, *Bom] { + return ld.NewTypeSeq(*o, castBom) +} - // Points to a resource outside the scope of the SPDX-3.0 content - // that provides additional characteristics of an Element. - ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" iri-compact:"externalRef"` +func (o *BundleList) Bundles() ld.TypeSeq[AnyBundle, *Bundle] { + return ld.NewTypeSeq(*o, castBundle) +} - // Identifies the name of an Element as designated by the creator. - Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" iri-compact:"name"` - // A short description of an Element. - Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" iri-compact:"summary"` - // Provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +func (o *BundleList) Sboms() ld.TypeSeq[AnyBundle, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) } -func castElement(o any) *Element { - if o, ok := o.(AnyElement); ok { - return o.asElement() - } - return nil +type AnyCdxPropertiesExtension interface { + asCdxPropertiesExtension() *CdxPropertiesExtension } -func (o *Element) asElement() *Element { - return o +// CdxPropertiesExtension A type of extension consisting of a list of name value pairs. +type CdxPropertiesExtension struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension"` + Extension + // CdxProperties Provides a map of a property names to a values. + CdxProperties CdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` } -type AnyElement interface { - asElement() *Element +func (o *CdxPropertiesExtension) asCdxPropertiesExtension() *CdxPropertiesExtension { + return o } -type ElementList []AnyElement +type CdxPropertiesExtensionList []AnyCdxPropertiesExtension -func (o *ElementList) ElementIter() iter.Seq2[AnyElement, *Element] { return typeIter(*o, castElement) } -func (o *ElementList) ElementCollectionIter() iter.Seq2[AnyElement, *ElementCollection] { - return typeIter(*o, castElementCollection) -} -func (o *ElementList) IndividualElementIter() iter.Seq2[AnyElement, *IndividualElement] { - return typeIter(*o, castIndividualElement) -} -func (o *ElementList) RelationshipIter() iter.Seq2[AnyElement, *Relationship] { - return typeIter(*o, castRelationship) -} -func (o *ElementList) SpdxDocumentIter() iter.Seq2[AnyElement, *SpdxDocument] { - return typeIter(*o, castSpdxDocument) -} -func (o *ElementList) ToolIter() iter.Seq2[AnyElement, *Tool] { return typeIter(*o, castTool) } -func (o *ElementList) ExpandedlicensingLicenseAdditionIter() iter.Seq2[AnyElement, *ExpandedlicensingLicenseAddition] { - return typeIter(*o, castExpandedlicensingLicenseAddition) -} -func (o *ElementList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyElement, *ExpandedlicensingListedLicenseException] { - return typeIter(*o, castExpandedlicensingListedLicenseException) -} -func (o *ElementList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVulnAssessmentRelationship) -} -func (o *ElementList) SimplelicensingAnyLicenseInfoIter() iter.Seq2[AnyElement, *SimplelicensingAnyLicenseInfo] { - return typeIter(*o, castSimplelicensingAnyLicenseInfo) +func (o *CdxPropertiesExtensionList) CdxPropertiesExtensions() ld.TypeSeq[AnyCdxPropertiesExtension, *CdxPropertiesExtension] { + return ld.NewTypeSeq(*o, castCdxPropertiesExtension) } -func (o *ElementList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnyElement, *SimplelicensingLicenseExpression] { - return typeIter(*o, castSimplelicensingLicenseExpression) -} -func (o *ElementList) SimplelicensingSimpleLicensingTextIter() iter.Seq2[AnyElement, *SimplelicensingSimpleLicensingText] { - return typeIter(*o, castSimplelicensingSimpleLicensingText) -} -func (o *ElementList) BuildBuildIter() iter.Seq2[AnyElement, *BuildBuild] { - return typeIter(*o, castBuildBuild) -} -func (o *ElementList) AgentIter() iter.Seq2[AnyElement, *Agent] { return typeIter(*o, castAgent) } -func (o *ElementList) AnnotationIter() iter.Seq2[AnyElement, *Annotation] { - return typeIter(*o, castAnnotation) -} -func (o *ElementList) ArtifactIter() iter.Seq2[AnyElement, *Artifact] { - return typeIter(*o, castArtifact) -} -func (o *ElementList) BundleIter() iter.Seq2[AnyElement, *Bundle] { return typeIter(*o, castBundle) } -func (o *ElementList) LifecycleScopedRelationshipIter() iter.Seq2[AnyElement, *LifecycleScopedRelationship] { - return typeIter(*o, castLifecycleScopedRelationship) -} -func (o *ElementList) OrganizationIter() iter.Seq2[AnyElement, *Organization] { - return typeIter(*o, castOrganization) -} -func (o *ElementList) PersonIter() iter.Seq2[AnyElement, *Person] { return typeIter(*o, castPerson) } -func (o *ElementList) SoftwareAgentIter() iter.Seq2[AnyElement, *SoftwareAgent] { - return typeIter(*o, castSoftwareAgent) -} -func (o *ElementList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnyElement, *ExpandedlicensingConjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) -} -func (o *ElementList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyElement, *ExpandedlicensingCustomLicenseAddition] { - return typeIter(*o, castExpandedlicensingCustomLicenseAddition) -} -func (o *ElementList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnyElement, *ExpandedlicensingDisjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) + +type AnyCdxPropertyEntry interface { + asCdxPropertyEntry() *CdxPropertyEntry } -func (o *ElementList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingExtendableLicense] { - return typeIter(*o, castExpandedlicensingExtendableLicense) + +// CdxPropertyEntry A property name with an associated value. +type CdxPropertyEntry struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry"` + ID string `iri:"@id"` + // CdxPropValue A value used in a CdxPropertyEntry name-value pair. + CdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" type:"http://www.w3.org/2001/XMLSchema#string"` + // CdxPropName A name used in a CdxPropertyEntry name-value pair. + CdxPropName string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *ElementList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnyElement, *ExpandedlicensingIndividualLicensingInfo] { - return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) + +func (o *CdxPropertyEntry) asCdxPropertyEntry() *CdxPropertyEntry { + return o } -func (o *ElementList) ExpandedlicensingLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) + +type CdxPropertyEntryList []AnyCdxPropertyEntry + +func (o *CdxPropertyEntryList) CdxPropertyEntries() ld.TypeSeq[AnyCdxPropertyEntry, *CdxPropertyEntry] { + return ld.NewTypeSeq(*o, castCdxPropertyEntry) } -func (o *ElementList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +// ConfidentialityLevelType Categories of confidentiality level. +type ConfidentialityLevelType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` + id string `iri:"@id"` } -func (o *ElementList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyElement, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) + +// ConfidentialityLevelType_Amber Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. +var ConfidentialityLevelType_Amber = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", } -func (o *ElementList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnyElement, *ExpandedlicensingWithAdditionOperator] { - return typeIter(*o, castExpandedlicensingWithAdditionOperator) + +// ConfidentialityLevelType_Clear Dataset may be distributed freely, without restriction. +var ConfidentialityLevelType_Clear = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear", } -func (o *ElementList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) + +// ConfidentialityLevelType_Green Dataset can be shared within a community of peers and partners. +var ConfidentialityLevelType_Green = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green", } -func (o *ElementList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) + +// ConfidentialityLevelType_Red Data points in the dataset are highly confidential and can only be shared with named recipients. +var ConfidentialityLevelType_Red = ConfidentialityLevelType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red", } -func (o *ElementList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) + +type AnyConjunctiveLicenseSet interface { + asConjunctiveLicenseSet() *ConjunctiveLicenseSet } -func (o *ElementList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) + +// ConjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information\nwhere all elements apply. +type ConjunctiveLicenseSet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet"` + LicenseInfo + // Members A license expression participating in a license set. + Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` } -func (o *ElementList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) + +func (o *ConjunctiveLicenseSet) asConjunctiveLicenseSet() *ConjunctiveLicenseSet { + return o } -func (o *ElementList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) + +type ConjunctiveLicenseSetList []AnyConjunctiveLicenseSet + +func (o *ConjunctiveLicenseSetList) ConjunctiveLicenseSets() ld.TypeSeq[AnyConjunctiveLicenseSet, *ConjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) } -func (o *ElementList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) + +type AnyContentIdentifier interface { + asContentIdentifier() *ContentIdentifier } -func (o *ElementList) SecurityVulnerabilityIter() iter.Seq2[AnyElement, *SecurityVulnerability] { - return typeIter(*o, castSecurityVulnerability) + +// ContentIdentifier A canonical, unique, immutable identifier +type ContentIdentifier struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + IntegrityMethod + // ContentIdentifierType Specifies the type of the content identifier. + ContentIdentifierType ContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` + // ContentIdentifierValue Specifies the value of the content identifier. + ContentIdentifierValue ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` } -func (o *ElementList) SoftwareSoftwareArtifactIter() iter.Seq2[AnyElement, *SoftwareSoftwareArtifact] { - return typeIter(*o, castSoftwareSoftwareArtifact) + +func (o *ContentIdentifier) asContentIdentifier() *ContentIdentifier { + return o } -func (o *ElementList) BomIter() iter.Seq2[AnyElement, *Bom] { return typeIter(*o, castBom) } -func (o *ElementList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyElement, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +type ContentIdentifierList []AnyContentIdentifier + +func (o *ContentIdentifierList) ContentIdentifiers() ld.TypeSeq[AnyContentIdentifier, *ContentIdentifier] { + return ld.NewTypeSeq(*o, castContentIdentifier) } -func (o *ElementList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +// ContentIdentifierType Specifies the type of a content identifier. +type ContentIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType"` + id string `iri:"@id"` } -func (o *ElementList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +// ContentIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var ContentIdentifierType_Gitoid = ContentIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", } -func (o *ElementList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +// ContentIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var ContentIdentifierType_Swhid = ContentIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid", } -func (o *ElementList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnyElement, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +type AnyCreationInfo interface { + asCreationInfo() *CreationInfo } -func (o *ElementList) SoftwareFileIter() iter.Seq2[AnyElement, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) + +// CreationInfo Provides information about the creation of the Element. +type CreationInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + ID string `iri:"@id"` + // SpecVersion Provides a reference number that can be used to understand how to parse and\ninterpret an Element. + SpecVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/specVersion" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Created Identifies when the Element was originally created. + Created time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/created" required:"true" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // CreatedUsing Identifies the tooling that was used during the creation of the Element. + CreatedUsing ToolList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // CreatedBy Identifies who or what created the Element. + CreatedBy AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/createdBy" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` } -func (o *ElementList) SoftwarePackageIter() iter.Seq2[AnyElement, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) + +func (o *CreationInfo) asCreationInfo() *CreationInfo { + return o } -func (o *ElementList) SoftwareSbomIter() iter.Seq2[AnyElement, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) + +type CreationInfoList []AnyCreationInfo + +func (o *CreationInfoList) CreationInfos() ld.TypeSeq[AnyCreationInfo, *CreationInfo] { + return ld.NewTypeSeq(*o, castCreationInfo) } -func (o *ElementList) SoftwareSnippetIter() iter.Seq2[AnyElement, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) + +type AnyCustomLicense interface { + asCustomLicense() *CustomLicense } -func (o *ElementList) AiAIPackageIter() iter.Seq2[AnyElement, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +// CustomLicense A license that is not listed on the SPDX License List. +type CustomLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense"` + License } -func (o *ElementList) DatasetDatasetPackageIter() iter.Seq2[AnyElement, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func (o *CustomLicense) asCustomLicense() *CustomLicense { + return o } -// A collection of Elements, not necessarily with unifying context. -type ElementCollection struct { - Element +type CustomLicenseList []AnyCustomLicense - // Refers to one or more Elements that are part of an ElementCollection. - Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" iri-compact:"element"` +func (o *CustomLicenseList) CustomLicenses() ld.TypeSeq[AnyCustomLicense, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) +} - // Describes one a profile which the creator of this ElementCollection intends to - // conform to. - ProfileConformances []profileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" iri-compact:"profileConformance"` - // This property is used to denote the root Element(s) of a tree of elements contained in a BOM. - RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" iri-compact:"rootElement"` +type AnyCustomLicenseAddition interface { + asCustomLicenseAddition() *CustomLicenseAddition } -func castElementCollection(o any) *ElementCollection { - if o, ok := o.(AnyElementCollection); ok { - return o.asElementCollection() - } - return nil +// CustomLicenseAddition A license addition that is not listed on the SPDX Exceptions List. +type CustomLicenseAddition struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition"` + LicenseAddition } -func (o *ElementCollection) asElementCollection() *ElementCollection { +func (o *CustomLicenseAddition) asCustomLicenseAddition() *CustomLicenseAddition { return o } -type AnyElementCollection interface { - AnyElement - asElementCollection() *ElementCollection -} +type CustomLicenseAdditionList []AnyCustomLicenseAddition -type ElementCollectionList []AnyElementCollection +func (o *CustomLicenseAdditionList) CustomLicenseAdditions() ld.TypeSeq[AnyCustomLicenseAddition, *CustomLicenseAddition] { + return ld.NewTypeSeq(*o, castCustomLicenseAddition) +} -func (o *ElementCollectionList) ElementCollectionIter() iter.Seq2[AnyElementCollection, *ElementCollection] { - return typeIter(*o, castElementCollection) +// CvssSeverityType Specifies the CVSS base, temporal, threat, or environmental severity type. +type CvssSeverityType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + id string `iri:"@id"` } -func (o *ElementCollectionList) SpdxDocumentIter() iter.Seq2[AnyElementCollection, *SpdxDocument] { - return typeIter(*o, castSpdxDocument) + +// CvssSeverityType_Critical When a CVSS score is between 9.0 - 10.0 +var CvssSeverityType_Critical = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", } -func (o *ElementCollectionList) BundleIter() iter.Seq2[AnyElementCollection, *Bundle] { - return typeIter(*o, castBundle) + +// CvssSeverityType_High When a CVSS score is between 7.0 - 8.9 +var CvssSeverityType_High = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", } -func (o *ElementCollectionList) BomIter() iter.Seq2[AnyElementCollection, *Bom] { - return typeIter(*o, castBom) + +// CvssSeverityType_Low When a CVSS score is between 0.1 - 3.9 +var CvssSeverityType_Low = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", } -func (o *ElementCollectionList) SoftwareSbomIter() iter.Seq2[AnyElementCollection, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) + +// CvssSeverityType_Medium When a CVSS score is between 4.0 - 6.9 +var CvssSeverityType_Medium = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", } -// A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. -type ExternalIdentifier struct { - ID string `iri:"@id"` +// CvssSeverityType_None When a CVSS score is 0.0 +var CvssSeverityType_None = CvssSeverityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Specifies the type of the external identifier. - ExternalIdentifierType externalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" iri-compact:"externalIdentifierType"` - // Uniquely identifies an external element. - Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" iri-compact:"identifier"` - // Provides the location for more information regarding an external identifier. - IdentifierLocators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" iri-compact:"identifierLocator"` - // An entity that is authorized to issue identification credentials. - IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" iri-compact:"issuingAuthority"` +type AnyCvssV2VulnAssessmentRelationship interface { + asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship } -func castExternalIdentifier(o any) *ExternalIdentifier { - if o, ok := o.(AnyExternalIdentifier); ok { - return o.asExternalIdentifier() - } - return nil +// CvssV2VulnAssessmentRelationship Provides a CVSS version 2.0 assessment for a vulnerability. +type CvssV2VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship"` + VulnAssessmentRelationship + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` } -func (o *ExternalIdentifier) asExternalIdentifier() *ExternalIdentifier { +func (o *CvssV2VulnAssessmentRelationship) asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship { return o } -type AnyExternalIdentifier interface { - asExternalIdentifier() *ExternalIdentifier +type CvssV2VulnAssessmentRelationshipList []AnyCvssV2VulnAssessmentRelationship + +func (o *CvssV2VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV2VulnAssessmentRelationship, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) } -type ExternalIdentifierList []AnyExternalIdentifier +type AnyCvssV3VulnAssessmentRelationship interface { + asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship +} -func (o *ExternalIdentifierList) ExternalIdentifierIter() iter.Seq2[AnyExternalIdentifier, *ExternalIdentifier] { - return typeIter(*o, castExternalIdentifier) +// CvssV3VulnAssessmentRelationship Provides a CVSS version 3 assessment for a vulnerability. +type CvssV3VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship"` + VulnAssessmentRelationship + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -// Specifies the type of an external identifier. -type externalIdentifierType struct { - ID string `iri:"@id"` +func (o *CvssV3VulnAssessmentRelationship) asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship { + return o } -// [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) -var ExternalIdentifierType_Cpe22 = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22"} +type CvssV3VulnAssessmentRelationshipList []AnyCvssV3VulnAssessmentRelationship -// [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) -var ExternalIdentifierType_Cpe23 = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23"} +func (o *CvssV3VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV3VulnAssessmentRelationship, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +} -// Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). -var ExternalIdentifierType_Cve = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve"} +type AnyCvssV4VulnAssessmentRelationship interface { + asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship +} -// Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. -var ExternalIdentifierType_Email = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email"} +// CvssV4VulnAssessmentRelationship Provides a CVSS version 4 assessment for a vulnerability. +type CvssV4VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship"` + VulnAssessmentRelationship + // Severity Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + Severity CvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType"` + // VectorString Specifies the CVSS vector string for a vulnerability. + VectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Score Provides a numerical (0-10) representation of the severity of a vulnerability. + Score float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` +} -// [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var ExternalIdentifierType_Gitoid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid"} +func (o *CvssV4VulnAssessmentRelationship) asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship { + return o +} -// Used when the type does not match any of the other options. -var ExternalIdentifierType_Other = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other"} +type CvssV4VulnAssessmentRelationshipList []AnyCvssV4VulnAssessmentRelationship -// Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. -var ExternalIdentifierType_PackageUrl = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl"} +func (o *CvssV4VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyCvssV4VulnAssessmentRelationship, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) +} -// Used when there is a security related identifier of unspecified type. -var ExternalIdentifierType_SecurityOther = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther"} +// DatasetAvailabilityType Availability of dataset. +type DatasetAvailabilityType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType"` + id string `iri:"@id"` +} -// SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var ExternalIdentifierType_Swhid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid"} +// DatasetAvailabilityType_Clickthrough the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. +var DatasetAvailabilityType_Clickthrough = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", +} -// Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. -var ExternalIdentifierType_Swid = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid"} +// DatasetAvailabilityType_DirectDownload the dataset is publicly available and can be downloaded directly. +var DatasetAvailabilityType_DirectDownload = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload", +} -// [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. -var ExternalIdentifierType_UrlScheme = externalIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme"} +// DatasetAvailabilityType_Query the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. +var DatasetAvailabilityType_Query = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query", +} -// A map of Element identifiers that are used within an SpdxDocument but defined -// external to that SpdxDocument. -type ExternalMap struct { - ID string `iri:"@id"` +// DatasetAvailabilityType_Registration the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. +var DatasetAvailabilityType_Registration = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration", +} - // Artifact representing a serialization instance of SPDX data containing the - // definition of a particular Element. - DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" iri-compact:"definingArtifact"` +// DatasetAvailabilityType_ScrapingScript the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. +var DatasetAvailabilityType_ScrapingScript = DatasetAvailabilityType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript", +} - // Identifies an external Element used within an SpdxDocument but defined - // external to that SpdxDocument. - ExternalSpdxId string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" iri-compact:"externalSpdxId"` - // Provides an indication of where to retrieve an external Element. - LocationHint string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" iri-compact:"locationHint"` - // Provides an IntegrityMethod with which the integrity of an Element can be - // asserted. - VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" iri-compact:"verifiedUsing"` +type AnyDatasetPackage interface { + asDatasetPackage() *DatasetPackage } -func castExternalMap(o any) *ExternalMap { - if o, ok := o.(AnyExternalMap); ok { - return o.asExternalMap() - } - return nil +// DatasetPackage Specifies a data package and its associated information. +type DatasetPackage struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage"` + Package + // ConfidentialityLevel Describes the confidentiality level of the data points contained in the dataset. + ConfidentialityLevel ConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType"` + // AnonymizationMethodUseds Describes the anonymization methods used. + AnonymizationMethodUseds []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetUpdateMechanism Describes a mechanism to update the dataset. + DatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetNoise Describes potentially noisy elements of the dataset. + DatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetSize Captures the size of the dataset. + DatasetSize ld.NonNegativeInt `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" type:"http://www.w3.org/2001/XMLSchema#nonNegativeInteger"` + // Sensors Describes a sensor used for collecting the data. + Sensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // IntendedUse Describes what the given dataset should be used for. + IntendedUse string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" type:"http://www.w3.org/2001/XMLSchema#string"` + // DataPreprocessings Describes the preprocessing steps that were applied to the raw data to create the given dataset. + DataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" type:"http://www.w3.org/2001/XMLSchema#string"` + // KnownBias Records the biases that the dataset is known to encompass. + KnownBias []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetAvailability The field describes the availability of a dataset. + DatasetAvailability DatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType"` + // HasSensitivePersonalInformation Describes if any sensitive personal information is present in the dataset. + HasSensitivePersonalInformation PresenceType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" type:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + // DataCollectionProcess Describes how the dataset was collected. + DataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" type:"http://www.w3.org/2001/XMLSchema#string"` + // DatasetTypes Describes the type of the given dataset. + DatasetTypes []DatasetType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType"` } -func (o *ExternalMap) asExternalMap() *ExternalMap { +func (o *DatasetPackage) asDatasetPackage() *DatasetPackage { return o } -type AnyExternalMap interface { - asExternalMap() *ExternalMap -} +type DatasetPackageList []AnyDatasetPackage -type ExternalMapList []AnyExternalMap +func (o *DatasetPackageList) DatasetPackages() ld.TypeSeq[AnyDatasetPackage, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -func (o *ExternalMapList) ExternalMapIter() iter.Seq2[AnyExternalMap, *ExternalMap] { - return typeIter(*o, castExternalMap) +// DatasetType Enumeration of dataset types. +type DatasetType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType"` + id string `iri:"@id"` } -// A reference to a resource outside the scope of SPDX-3.0 content related to an Element. -type ExternalRef struct { - ID string `iri:"@id"` +// DatasetType_Audio data is audio based, such as a collection of music from the 80s. +var DatasetType_Audio = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` - // Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` - // Specifies the type of the external reference. - ExternalRefType externalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" iri-compact:"externalRefType"` - // Provides the location of an external reference. - Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" iri-compact:"locator"` +// DatasetType_Categorical data that is classified into a discrete number of categories, such as the eye color of a population of people. +var DatasetType_Categorical = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical", } -func castExternalRef(o any) *ExternalRef { - if o, ok := o.(AnyExternalRef); ok { - return o.asExternalRef() - } - return nil +// DatasetType_Graph data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. +var DatasetType_Graph = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph", } -func (o *ExternalRef) asExternalRef() *ExternalRef { - return o +// DatasetType_Image data is a collection of images such as pictures of animals. +var DatasetType_Image = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image", } -type AnyExternalRef interface { - asExternalRef() *ExternalRef +// DatasetType_NoAssertion data type is not known. +var DatasetType_NoAssertion = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion", } -type ExternalRefList []AnyExternalRef +// DatasetType_Numeric data consists only of numeric entries. +var DatasetType_Numeric = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric", +} -func (o *ExternalRefList) ExternalRefIter() iter.Seq2[AnyExternalRef, *ExternalRef] { - return typeIter(*o, castExternalRef) +// DatasetType_Other data is of a type not included in this list. +var DatasetType_Other = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other", } -// Specifies the type of an external reference. -type externalRefType struct { - ID string `iri:"@id"` +// DatasetType_Sensor data is recorded from a physical sensor, such as a thermometer reading or biometric device. +var DatasetType_Sensor = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor", } -// A reference to an alternative download location. -var ExternalRefType_AltDownloadLocation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation"} +// DatasetType_Structured data is stored in tabular format or retrieved from a relational database. +var DatasetType_Structured = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured", +} -// A reference to an alternative web page. -var ExternalRefType_AltWebPage = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage"} +// DatasetType_Syntactic data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. +var DatasetType_Syntactic = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic", +} -// A reference to binary artifacts related to a package. -var ExternalRefType_BinaryArtifact = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact"} +// DatasetType_Text data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. +var DatasetType_Text = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text", +} -// A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). -var ExternalRefType_Bower = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower"} +// DatasetType_Timeseries data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. +var DatasetType_Timeseries = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries", +} -// A reference build metadata related to a published package. -var ExternalRefType_BuildMeta = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta"} +// DatasetType_Timestamp data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. +var DatasetType_Timestamp = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp", +} -// A reference build system used to create or publish the package. -var ExternalRefType_BuildSystem = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem"} +// DatasetType_Video data is video based, such as a collection of movie clips featuring Tom Hanks. +var DatasetType_Video = DatasetType{ + id: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video", +} -// A reference to a certification report for a package from an accredited/independent body. -var ExternalRefType_CertificationReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport"} +type AnyDictionaryEntry interface { + asDictionaryEntry() *DictionaryEntry +} -// A reference to the instant messaging system used by the maintainer for a package. -var ExternalRefType_Chat = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat"} +// DictionaryEntry A key with an associated value. +type DictionaryEntry struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + ID string `iri:"@id"` + // Value A value used in a generic key-value pair. + Value string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/value" type:"http://www.w3.org/2001/XMLSchema#string"` + // Key A key used in a generic key-value pair. + Key string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/key" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// A reference to a Software Composition Analysis (SCA) report. -var ExternalRefType_ComponentAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport"} +func (o *DictionaryEntry) asDictionaryEntry() *DictionaryEntry { + return o +} -// [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). -var ExternalRefType_Cwe = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe"} +type DictionaryEntryList []AnyDictionaryEntry -// A reference to the documentation for a package. -var ExternalRefType_Documentation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation"} +func (o *DictionaryEntryList) DictionaryEntries() ld.TypeSeq[AnyDictionaryEntry, *DictionaryEntry] { + return ld.NewTypeSeq(*o, castDictionaryEntry) +} -// A reference to a dynamic analysis report for a package. -var ExternalRefType_DynamicAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport"} +type AnyDisjunctiveLicenseSet interface { + asDisjunctiveLicenseSet() *DisjunctiveLicenseSet +} -// A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. -var ExternalRefType_EolNotice = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice"} +// DisjunctiveLicenseSet Portion of an AnyLicenseInfo representing a set of licensing information where\nonly one of the elements applies. +type DisjunctiveLicenseSet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet"` + LicenseInfo + // Members A license expression participating in a license set. + Members LicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` +} -// A reference to a export control assessment for a package. -var ExternalRefType_ExportControlAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment"} +func (o *DisjunctiveLicenseSet) asDisjunctiveLicenseSet() *DisjunctiveLicenseSet { + return o +} -// A reference to funding information related to a package. -var ExternalRefType_Funding = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding"} +type DisjunctiveLicenseSetList []AnyDisjunctiveLicenseSet -// A reference to the issue tracker for a package. -var ExternalRefType_IssueTracker = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker"} +func (o *DisjunctiveLicenseSetList) DisjunctiveLicenseSets() ld.TypeSeq[AnyDisjunctiveLicenseSet, *DisjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) +} -// A reference to additional license information related to an artifact. -var ExternalRefType_License = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license"} +type AnyElement interface { + asElement() *Element +} -// A reference to the mailing list used by the maintainer for a package. -var ExternalRefType_MailingList = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList"} +// Element Base domain class from which all other SPDX-3.0 domain classes derive. +type Element struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + ID string `iri:"@id"` + // Description Provides a detailed description of the Element. + Description string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/description" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // Name Identifies the name of an Element as designated by the creator. + Name string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/name" type:"http://www.w3.org/2001/XMLSchema#string"` + // Extensions Specifies an Extension characterization of some aspect of an Element. + Extensions []Extension `iri:"https://spdx.org/rdf/3.0.1/terms/Core/extension" type:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + // CreationInfo Provides information about the creation of the Element. + CreationInfo AnyCreationInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo"` + // ExternalIdentifiers Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element. + ExternalIdentifiers ExternalIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + // ExternalRefs Points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element. + ExternalRefs ExternalRefList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRef" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + // Summary A short description of an Element. + Summary string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/summary" type:"http://www.w3.org/2001/XMLSchema#string"` + // VerifiedUsings Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` +} -// A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. -var ExternalRefType_MavenCentral = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral"} +func (o *Element) asElement() *Element { + return o +} -// A reference to metrics related to package such as OpenSSF scorecards. -var ExternalRefType_Metrics = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics"} +type ElementList []AnyElement -// A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. -var ExternalRefType_Npm = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm"} +func (o *ElementList) AIPackages() ld.TypeSeq[AnyElement, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) +} -// A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. -var ExternalRefType_Nuget = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget"} +func (o *ElementList) Agents() ld.TypeSeq[AnyElement, *Agent] { + return ld.NewTypeSeq(*o, castAgent) +} -// Used when the type does not match any of the other options. -var ExternalRefType_Other = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other"} +func (o *ElementList) Annotations() ld.TypeSeq[AnyElement, *Annotation] { + return ld.NewTypeSeq(*o, castAnnotation) +} -// A reference to a privacy assessment for a package. -var ExternalRefType_PrivacyAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment"} +func (o *ElementList) Artifacts() ld.TypeSeq[AnyElement, *Artifact] { + return ld.NewTypeSeq(*o, castArtifact) +} -// A reference to additional product metadata such as reference within organization's product catalog. -var ExternalRefType_ProductMetadata = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata"} +func (o *ElementList) Boms() ld.TypeSeq[AnyElement, *Bom] { + return ld.NewTypeSeq(*o, castBom) +} -// A reference to a purchase order for a package. -var ExternalRefType_PurchaseOrder = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder"} +func (o *ElementList) Builds() ld.TypeSeq[AnyElement, *Build] { + return ld.NewTypeSeq(*o, castBuild) +} -// A reference to a quality assessment for a package. -var ExternalRefType_QualityAssessmentReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport"} +func (o *ElementList) Bundles() ld.TypeSeq[AnyElement, *Bundle] { + return ld.NewTypeSeq(*o, castBundle) +} -// A reference to a published list of releases for a package. -var ExternalRefType_ReleaseHistory = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory"} +func (o *ElementList) ConjunctiveLicenseSets() ld.TypeSeq[AnyElement, *ConjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) +} -// A reference to the release notes for a package. -var ExternalRefType_ReleaseNotes = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes"} +func (o *ElementList) CustomLicenses() ld.TypeSeq[AnyElement, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) +} -// A reference to a risk assessment for a package. -var ExternalRefType_RiskAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment"} +func (o *ElementList) CustomLicenseAdditions() ld.TypeSeq[AnyElement, *CustomLicenseAddition] { + return ld.NewTypeSeq(*o, castCustomLicenseAddition) +} -// A reference to a runtime analysis report for a package. -var ExternalRefType_RuntimeAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport"} +func (o *ElementList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) +} -// A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). -var ExternalRefType_SecureSoftwareAttestation = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation"} +func (o *ElementList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +} -// A reference to the security adversary model for a package. -var ExternalRefType_SecurityAdversaryModel = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel"} +func (o *ElementList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) +} -// A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. -var ExternalRefType_SecurityAdvisory = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory"} +func (o *ElementList) DatasetPackages() ld.TypeSeq[AnyElement, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -// A reference to the patch or source code that fixes a vulnerability. -var ExternalRefType_SecurityFix = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix"} +func (o *ElementList) DisjunctiveLicenseSets() ld.TypeSeq[AnyElement, *DisjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) +} -// A reference to related security information of unspecified type. -var ExternalRefType_SecurityOther = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther"} +func (o *ElementList) Elements() ld.TypeSeq[AnyElement, *Element] { + return ld.NewTypeSeq(*o, castElement) +} -// A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. -var ExternalRefType_SecurityPenTestReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport"} +func (o *ElementList) ElementCollections() ld.TypeSeq[AnyElement, *ElementCollection] { + return ld.NewTypeSeq(*o, castElementCollection) +} -// A reference to instructions for reporting newly discovered security vulnerabilities for a package. -var ExternalRefType_SecurityPolicy = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy"} +func (o *ElementList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +} -// A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. -var ExternalRefType_SecurityThreatModel = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel"} +func (o *ElementList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) +} -// A reference to a social media channel for a package. -var ExternalRefType_SocialMedia = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia"} +func (o *ElementList) ExtendableLicenses() ld.TypeSeq[AnyElement, *ExtendableLicense] { + return ld.NewTypeSeq(*o, castExtendableLicense) +} -// A reference to an artifact containing the sources for a package. -var ExternalRefType_SourceArtifact = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact"} +func (o *ElementList) Files() ld.TypeSeq[AnyElement, *File] { + return ld.NewTypeSeq(*o, castFile) +} -// A reference to a static analysis report for a package. -var ExternalRefType_StaticAnalysisReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport"} +func (o *ElementList) IndividualElements() ld.TypeSeq[AnyElement, *IndividualElement] { + return ld.NewTypeSeq(*o, castIndividualElement) +} -// A reference to the software support channel or other support information for a package. -var ExternalRefType_Support = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support"} +func (o *ElementList) IndividualLicensingInfos() ld.TypeSeq[AnyElement, *IndividualLicensingInfo] { + return ld.NewTypeSeq(*o, castIndividualLicensingInfo) +} -// A reference to a version control system related to a software artifact. -var ExternalRefType_Vcs = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs"} +func (o *ElementList) Licenses() ld.TypeSeq[AnyElement, *License] { + return ld.NewTypeSeq(*o, castLicense) +} -// A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). -var ExternalRefType_VulnerabilityDisclosureReport = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"} +func (o *ElementList) LicenseAdditions() ld.TypeSeq[AnyElement, *LicenseAddition] { + return ld.NewTypeSeq(*o, castLicenseAddition) +} -// A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). -var ExternalRefType_VulnerabilityExploitabilityAssessment = externalRefType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"} +func (o *ElementList) LicenseExpressions() ld.TypeSeq[AnyElement, *LicenseExpression] { + return ld.NewTypeSeq(*o, castLicenseExpression) +} -// A mathematical algorithm that maps data of arbitrary size to a bit string. -type hashAlgorithm struct { - ID string `iri:"@id"` +func (o *ElementList) LicenseInfos() ld.TypeSeq[AnyElement, *LicenseInfo] { + return ld.NewTypeSeq(*o, castLicenseInfo) } -// Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. -var HashAlgorithm_Adler32 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32"} +func (o *ElementList) LifecycleScopedRelationships() ld.TypeSeq[AnyElement, *LifecycleScopedRelationship] { + return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) +} -// BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256"} +func (o *ElementList) ListedLicenses() ld.TypeSeq[AnyElement, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) +} -// BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384"} +func (o *ElementList) ListedLicenseExceptions() ld.TypeSeq[AnyElement, *ListedLicenseException] { + return ld.NewTypeSeq(*o, castListedLicenseException) +} -// BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. -var HashAlgorithm_Blake2b512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512"} +func (o *ElementList) OrLaterOperators() ld.TypeSeq[AnyElement, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) +} -// [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) -var HashAlgorithm_Blake3 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3"} +func (o *ElementList) Organizations() ld.TypeSeq[AnyElement, *Organization] { + return ld.NewTypeSeq(*o, castOrganization) +} -// [Dilithium](https://pq-crystals.org/dilithium/) -var HashAlgorithm_CrystalsDilithium = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium"} +func (o *ElementList) Packages() ld.TypeSeq[AnyElement, *Package] { + return ld.NewTypeSeq(*o, castPackage) +} -// [Kyber](https://pq-crystals.org/kyber/) -var HashAlgorithm_CrystalsKyber = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber"} +func (o *ElementList) People() ld.TypeSeq[AnyElement, *Person] { + return ld.NewTypeSeq(*o, castPerson) +} -// [FALCON](https://falcon-sign.info/falcon.pdf) -var HashAlgorithm_Falcon = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon"} +func (o *ElementList) Relationships() ld.TypeSeq[AnyElement, *Relationship] { + return ld.NewTypeSeq(*o, castRelationship) +} -// MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). -var HashAlgorithm_Md2 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2"} +func (o *ElementList) Sboms() ld.TypeSeq[AnyElement, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) +} -// MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). -var HashAlgorithm_Md4 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4"} +func (o *ElementList) SimpleLicensingTexts() ld.TypeSeq[AnyElement, *SimpleLicensingText] { + return ld.NewTypeSeq(*o, castSimpleLicensingText) +} -// MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). -var HashAlgorithm_Md5 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5"} +func (o *ElementList) Snippets() ld.TypeSeq[AnyElement, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) +} -// [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) -var HashAlgorithm_Md6 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6"} +func (o *ElementList) SoftwareAgents() ld.TypeSeq[AnyElement, *SoftwareAgent] { + return ld.NewTypeSeq(*o, castSoftwareAgent) +} -// any hashing algorithm that does not exist in this list of entries -var HashAlgorithm_Other = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other"} +func (o *ElementList) SoftwareArtifacts() ld.TypeSeq[AnyElement, *SoftwareArtifact] { + return ld.NewTypeSeq(*o, castSoftwareArtifact) +} -// SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). -var HashAlgorithm_Sha1 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1"} +func (o *ElementList) SpdxDocuments() ld.TypeSeq[AnyElement, *SpdxDocument] { + return ld.NewTypeSeq(*o, castSpdxDocument) +} -// SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). -var HashAlgorithm_Sha224 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224"} +func (o *ElementList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) +} -// SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256"} +func (o *ElementList) Tools() ld.TypeSeq[AnyElement, *Tool] { + return ld.NewTypeSeq(*o, castTool) +} -// SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384"} +func (o *ElementList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3224 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224"} +func (o *ElementList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3256 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256"} +func (o *ElementList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3384 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384"} +func (o *ElementList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +} -// SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). -var HashAlgorithm_Sha3512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512"} +func (o *ElementList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) +} -// SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). -var HashAlgorithm_Sha512 = hashAlgorithm{ID: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512"} +func (o *ElementList) VulnAssessmentRelationships() ld.TypeSeq[AnyElement, *VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) +} -// A concrete subclass of Element used by Individuals in the -// Core profile. -type IndividualElement struct { - Element +func (o *ElementList) Vulnerabilities() ld.TypeSeq[AnyElement, *Vulnerability] { + return ld.NewTypeSeq(*o, castVulnerability) } -// An Individual Value for Element representing a set of Elements of unknown -// identify or cardinality (number). -var IndividualElement_NoAssertionElement = IndividualElement{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement"}} +func (o *ElementList) WithAdditionOperators() ld.TypeSeq[AnyElement, *WithAdditionOperator] { + return ld.NewTypeSeq(*o, castWithAdditionOperator) +} -// An Individual Value for Element representing a set of Elements with -// cardinality (number/count) of zero. -var IndividualElement_NoneElement = IndividualElement{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement"}} +type AnyElementCollection interface { + asElementCollection() *ElementCollection +} -func castIndividualElement(o any) *IndividualElement { - if o, ok := o.(AnyIndividualElement); ok { - return o.asIndividualElement() - } - return nil +// ElementCollection A collection of Elements, not necessarily with unifying context. +type ElementCollection struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection"` + Element + // Elements Refers to one or more Elements that are part of an ElementCollection. + Elements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/element" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // RootElements This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + RootElements ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/rootElement" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // ProfileConformances Describes one a profile which the creator of this ElementCollection intends to\nconform to. + ProfileConformances []ProfileIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" type:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` } -func (o *IndividualElement) asIndividualElement() *IndividualElement { +func (o *ElementCollection) asElementCollection() *ElementCollection { return o } -type AnyIndividualElement interface { - AnyElement - asIndividualElement() *IndividualElement +type ElementCollectionList []AnyElementCollection + +func (o *ElementCollectionList) Boms() ld.TypeSeq[AnyElementCollection, *Bom] { + return ld.NewTypeSeq(*o, castBom) } -type IndividualElementList []AnyIndividualElement +func (o *ElementCollectionList) Bundles() ld.TypeSeq[AnyElementCollection, *Bundle] { + return ld.NewTypeSeq(*o, castBundle) +} -func (o *IndividualElementList) IndividualElementIter() iter.Seq2[AnyIndividualElement, *IndividualElement] { - return typeIter(*o, castIndividualElement) +func (o *ElementCollectionList) ElementCollections() ld.TypeSeq[AnyElementCollection, *ElementCollection] { + return ld.NewTypeSeq(*o, castElementCollection) } -// Provides an independently reproducible mechanism that permits verification of a specific Element. -type IntegrityMethod struct { - ID string `iri:"@id"` +func (o *ElementCollectionList) Sboms() ld.TypeSeq[AnyElementCollection, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) +} - // Provide consumers with comments by the creator of the Element about the - // Element. - Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" iri-compact:"comment"` +func (o *ElementCollectionList) SpdxDocuments() ld.TypeSeq[AnyElementCollection, *SpdxDocument] { + return ld.NewTypeSeq(*o, castSpdxDocument) } -func castIntegrityMethod(o any) *IntegrityMethod { - if o, ok := o.(AnyIntegrityMethod); ok { - return o.asIntegrityMethod() - } - return nil +type AnyEnergyConsumption interface { + asEnergyConsumption() *EnergyConsumption } -func (o *IntegrityMethod) asIntegrityMethod() *IntegrityMethod { - return o +// EnergyConsumption A class for describing the energy consumption incurred by an AI model in\ndifferent stages of its lifecycle. +type EnergyConsumption struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption"` + ID string `iri:"@id"` + // InferenceEnergyConsumptions Specifies the amount of energy consumed during inference time by an AI model\nthat is being used in the AI system. + InferenceEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + // TrainingEnergyConsumptions Specifies the amount of energy consumed when training the AI model that is\nbeing used in the AI system. + TrainingEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + // FinetuningEnergyConsumptions Specifies the amount of energy consumed when finetuning the AI model that is\nbeing used in the AI system. + FinetuningEnergyConsumptions EnergyConsumptionDescriptionList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` } -type AnyIntegrityMethod interface { - asIntegrityMethod() *IntegrityMethod +func (o *EnergyConsumption) asEnergyConsumption() *EnergyConsumption { + return o } -type IntegrityMethodList []AnyIntegrityMethod +type EnergyConsumptionList []AnyEnergyConsumption -func (o *IntegrityMethodList) IntegrityMethodIter() iter.Seq2[AnyIntegrityMethod, *IntegrityMethod] { - return typeIter(*o, castIntegrityMethod) +func (o *EnergyConsumptionList) EnergyConsumptions() ld.TypeSeq[AnyEnergyConsumption, *EnergyConsumption] { + return ld.NewTypeSeq(*o, castEnergyConsumption) } -func (o *IntegrityMethodList) PackageVerificationCodeIter() iter.Seq2[AnyIntegrityMethod, *PackageVerificationCode] { - return typeIter(*o, castPackageVerificationCode) -} -func (o *IntegrityMethodList) SoftwareContentIdentifierIter() iter.Seq2[AnyIntegrityMethod, *SoftwareContentIdentifier] { - return typeIter(*o, castSoftwareContentIdentifier) -} -func (o *IntegrityMethodList) HashIter() iter.Seq2[AnyIntegrityMethod, *Hash] { - return typeIter(*o, castHash) + +type AnyEnergyConsumptionDescription interface { + asEnergyConsumptionDescription() *EnergyConsumptionDescription } -// Provide an enumerated set of lifecycle phases that can provide context to relationships. -type lifecycleScopeType struct { - ID string `iri:"@id"` +// EnergyConsumptionDescription The class that helps note down the quantity of energy consumption and the unit\nused for measurement. +type EnergyConsumptionDescription struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription"` + ID string `iri:"@id"` + // EnergyQuantity Represents the energy quantity. + EnergyQuantity float64 `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // EnergyUnit Specifies the unit in which energy is measured. + EnergyUnit EnergyUnitType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType"` } -// A relationship has specific context implications during an element's build phase, during development. -var LifecycleScopeType_Build = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build"} +func (o *EnergyConsumptionDescription) asEnergyConsumptionDescription() *EnergyConsumptionDescription { + return o +} -// A relationship has specific context implications during an element's design. -var LifecycleScopeType_Design = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design"} +type EnergyConsumptionDescriptionList []AnyEnergyConsumptionDescription -// A relationship has specific context implications during development phase of an element. -var LifecycleScopeType_Development = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development"} +func (o *EnergyConsumptionDescriptionList) EnergyConsumptionDescriptions() ld.TypeSeq[AnyEnergyConsumptionDescription, *EnergyConsumptionDescription] { + return ld.NewTypeSeq(*o, castEnergyConsumptionDescription) +} -// A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. -var LifecycleScopeType_Other = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other"} +// EnergyUnitType Specifies the unit of energy consumption. +type EnergyUnitType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType"` + id string `iri:"@id"` +} -// A relationship has specific context implications during the execution phase of an element. -var LifecycleScopeType_Runtime = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime"} +// EnergyUnitType_KilowattHour Kilowatt-hour. +var EnergyUnitType_KilowattHour = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", +} -// A relationship has specific context implications during an element's testing phase, during development. -var LifecycleScopeType_Test = lifecycleScopeType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test"} +// EnergyUnitType_Megajoule Megajoule. +var EnergyUnitType_Megajoule = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule", +} -// A mapping between prefixes and namespace partial URIs. -type NamespaceMap struct { - ID string `iri:"@id"` +// EnergyUnitType_Other Any other units of energy measurement. +var EnergyUnitType_Other = EnergyUnitType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other", +} - // Provides an unambiguous mechanism for conveying a URI fragment portion of an - // Element ID. - Namespace string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" iri-compact:"namespace"` - // A substitute for a URI. - Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" iri-compact:"prefix"` +type AnyEpssVulnAssessmentRelationship interface { + asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship } -func castNamespaceMap(o any) *NamespaceMap { - if o, ok := o.(AnyNamespaceMap); ok { - return o.asNamespaceMap() - } - return nil +// EpssVulnAssessmentRelationship Provides an EPSS assessment for a vulnerability. +type EpssVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship"` + VulnAssessmentRelationship + // Probability A probability score between 0 and 1 of a vulnerability being exploited. + Probability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` + // Percentile The percentile of the current probability score. + Percentile float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/percentile" required:"true" type:"http://www.w3.org/2001/XMLSchema#decimal"` } -func (o *NamespaceMap) asNamespaceMap() *NamespaceMap { +func (o *EpssVulnAssessmentRelationship) asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship { return o } -type AnyNamespaceMap interface { - asNamespaceMap() *NamespaceMap -} +type EpssVulnAssessmentRelationshipList []AnyEpssVulnAssessmentRelationship -type NamespaceMapList []AnyNamespaceMap +func (o *EpssVulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyEpssVulnAssessmentRelationship, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) +} -func (o *NamespaceMapList) NamespaceMapIter() iter.Seq2[AnyNamespaceMap, *NamespaceMap] { - return typeIter(*o, castNamespaceMap) +// ExploitCatalogType Specifies the exploit catalog type. +type ExploitCatalogType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType"` + id string `iri:"@id"` } -// An SPDX version 2.X compatible verification method for software packages. -type PackageVerificationCode struct { - IntegrityMethod +// ExploitCatalogType_Kev CISA's Known Exploited Vulnerability (KEV) Catalog +var ExploitCatalogType_Kev = ExploitCatalogType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", +} - // Specifies the algorithm used for calculating the hash value. - Algorithm hashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" iri-compact:"algorithm"` - // The result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" iri-compact:"hashValue"` - // The relative file name of a file to be excluded from the - // `PackageVerificationCode`. - PackageVerificationCodeExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" iri-compact:"packageVerificationCodeExcludedFile"` +// ExploitCatalogType_Other Other exploit catalogs +var ExploitCatalogType_Other = ExploitCatalogType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other", } -func castPackageVerificationCode(o any) *PackageVerificationCode { - if o, ok := o.(AnyPackageVerificationCode); ok { - return o.asPackageVerificationCode() - } - return nil +type AnyExploitCatalogVulnAssessmentRelationship interface { + asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship } -func (o *PackageVerificationCode) asPackageVerificationCode() *PackageVerificationCode { - return o +// ExploitCatalogVulnAssessmentRelationship Provides an exploit assessment of a vulnerability. +type ExploitCatalogVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship"` + VulnAssessmentRelationship + // Locator Provides the location of an exploit catalog. + Locator ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Exploited Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + Exploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" required:"true" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // CatalogType Specifies the exploit catalog type. + CatalogType ExploitCatalogType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/catalogType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType"` } -type AnyPackageVerificationCode interface { - AnyIntegrityMethod - asPackageVerificationCode() *PackageVerificationCode +func (o *ExploitCatalogVulnAssessmentRelationship) asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship { + return o } -type PackageVerificationCodeList []AnyPackageVerificationCode +type ExploitCatalogVulnAssessmentRelationshipList []AnyExploitCatalogVulnAssessmentRelationship -func (o *PackageVerificationCodeList) PackageVerificationCodeIter() iter.Seq2[AnyPackageVerificationCode, *PackageVerificationCode] { - return typeIter(*o, castPackageVerificationCode) +func (o *ExploitCatalogVulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyExploitCatalogVulnAssessmentRelationship, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) } -// A tuple of two positive integers that define a range. -type PositiveIntegerRange struct { - ID string `iri:"@id"` - - // Defines the beginning of a range. - BeginIntegerRange int `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" iri-compact:"beginIntegerRange"` - // Defines the end of a range. - EndIntegerRange int `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" iri-compact:"endIntegerRange"` +type AnyExtendableLicense interface { + asExtendableLicense() *ExtendableLicense } -func castPositiveIntegerRange(o any) *PositiveIntegerRange { - if o, ok := o.(AnyPositiveIntegerRange); ok { - return o.asPositiveIntegerRange() - } - return nil +// ExtendableLicense Abstract class representing a License or an OrLaterOperator. +type ExtendableLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` + LicenseInfo } -func (o *PositiveIntegerRange) asPositiveIntegerRange() *PositiveIntegerRange { +func (o *ExtendableLicense) asExtendableLicense() *ExtendableLicense { return o } -type AnyPositiveIntegerRange interface { - asPositiveIntegerRange() *PositiveIntegerRange +type ExtendableLicenseList []AnyExtendableLicense + +func (o *ExtendableLicenseList) CustomLicenses() ld.TypeSeq[AnyExtendableLicense, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) } -type PositiveIntegerRangeList []AnyPositiveIntegerRange +func (o *ExtendableLicenseList) ExtendableLicenses() ld.TypeSeq[AnyExtendableLicense, *ExtendableLicense] { + return ld.NewTypeSeq(*o, castExtendableLicense) +} -func (o *PositiveIntegerRangeList) PositiveIntegerRangeIter() iter.Seq2[AnyPositiveIntegerRange, *PositiveIntegerRange] { - return typeIter(*o, castPositiveIntegerRange) +func (o *ExtendableLicenseList) Licenses() ld.TypeSeq[AnyExtendableLicense, *License] { + return ld.NewTypeSeq(*o, castLicense) } -// Categories of presence or absence. -type presenceType struct { - ID string `iri:"@id"` +func (o *ExtendableLicenseList) ListedLicenses() ld.TypeSeq[AnyExtendableLicense, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) } -// Indicates absence of the field. -var PresenceType_No = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no"} +func (o *ExtendableLicenseList) OrLaterOperators() ld.TypeSeq[AnyExtendableLicense, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) +} -// Makes no assertion about the field. -var PresenceType_NoAssertion = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion"} +// Extension A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. +type Extension struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/Extension"` + id string `iri:"@id"` +} +type AnyExternalIdentifier interface { + asExternalIdentifier() *ExternalIdentifier +} -// Indicates presence of the field. -var PresenceType_Yes = presenceType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes"} +// ExternalIdentifier A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. +type ExternalIdentifier struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier"` + ID string `iri:"@id"` + // Identifier Uniquely identifies an external element. + Identifier string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifier" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // IssuingAuthority An entity that is authorized to issue identification credentials. + IssuingAuthority string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" type:"http://www.w3.org/2001/XMLSchema#string"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` + // IdentifierLocators Provides the location for more information regarding an external identifier. + IdentifierLocators []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // ExternalIdentifierType Specifies the type of the external identifier. + ExternalIdentifierType ExternalIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` +} -// Enumeration of the valid profiles. -type profileIdentifierType struct { - ID string `iri:"@id"` +func (o *ExternalIdentifier) asExternalIdentifier() *ExternalIdentifier { + return o } -// the element follows the AI profile specification -var ProfileIdentifierType_Ai = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai"} +type ExternalIdentifierList []AnyExternalIdentifier + +func (o *ExternalIdentifierList) ExternalIdentifiers() ld.TypeSeq[AnyExternalIdentifier, *ExternalIdentifier] { + return ld.NewTypeSeq(*o, castExternalIdentifier) +} -// the element follows the Build profile specification -var ProfileIdentifierType_Build = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build"} +// ExternalIdentifierType Specifies the type of an external identifier. +type ExternalIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType"` + id string `iri:"@id"` +} -// the element follows the Core profile specification -var ProfileIdentifierType_Core = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core"} +// ExternalIdentifierType_Cpe22 [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) +var ExternalIdentifierType_Cpe22 = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", +} -// the element follows the Dataset profile specification -var ProfileIdentifierType_Dataset = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset"} +// ExternalIdentifierType_Cpe23 [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) +var ExternalIdentifierType_Cpe23 = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23", +} -// the element follows the ExpandedLicensing profile specification -var ProfileIdentifierType_ExpandedLicensing = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing"} +// ExternalIdentifierType_Cve Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). +var ExternalIdentifierType_Cve = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve", +} -// the element follows the Extension profile specification -var ProfileIdentifierType_Extension = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension"} +// ExternalIdentifierType_Email Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3. +var ExternalIdentifierType_Email = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email", +} -// the element follows the Lite profile specification -var ProfileIdentifierType_Lite = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite"} +// ExternalIdentifierType_Gitoid [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). +var ExternalIdentifierType_Gitoid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid", +} -// the element follows the Security profile specification -var ProfileIdentifierType_Security = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security"} +// ExternalIdentifierType_Other Used when the type does not match any of the other options. +var ExternalIdentifierType_Other = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", +} -// the element follows the SimpleLicensing profile specification -var ProfileIdentifierType_SimpleLicensing = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing"} +// ExternalIdentifierType_PackageUrl Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification. +var ExternalIdentifierType_PackageUrl = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", +} -// the element follows the Software profile specification -var ProfileIdentifierType_Software = profileIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software"} +// ExternalIdentifierType_SecurityOther Used when there is a security related identifier of unspecified type. +var ExternalIdentifierType_SecurityOther = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther", +} -// Describes a relationship between one or more elements. -type Relationship struct { - Element +// ExternalIdentifierType_Swhid SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. +var ExternalIdentifierType_Swhid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid", +} - // Provides information about the completeness of relationships. - Completeness relationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" iri-compact:"completeness"` - // Specifies the time from which an element is no longer applicable / valid. - EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" iri-compact:"endTime"` - // References the Element on the left-hand side of a relationship. - From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" iri-compact:"from"` +// ExternalIdentifierType_Swid Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3. +var ExternalIdentifierType_Swid = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid", +} - // Information about the relationship between two Elements. - RelationshipType relationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" iri-compact:"relationshipType"` - // Specifies the time from which an element is applicable / valid. - StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" iri-compact:"startTime"` - // References an Element on the right-hand side of a relationship. - Tos ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" iri-compact:"to"` +// ExternalIdentifierType_UrlScheme [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. +var ExternalIdentifierType_UrlScheme = ExternalIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme", } -func castRelationship(o any) *Relationship { - if o, ok := o.(AnyRelationship); ok { - return o.asRelationship() - } - return nil +type AnyExternalMap interface { + asExternalMap() *ExternalMap } -func (o *Relationship) asRelationship() *Relationship { - return o +// ExternalMap A map of Element identifiers that are used within an SpdxDocument but defined\nexternal to that SpdxDocument. +type ExternalMap struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap"` + ID string `iri:"@id"` + // ExternalSpdxId Identifies an external Element used within an SpdxDocument but defined\nexternal to that SpdxDocument. + ExternalSpdxId ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // LocationHint Provides an indication of where to retrieve an external Element. + LocationHint ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locationHint" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // VerifiedUsings Provides an IntegrityMethod with which the integrity of an Element can be\nasserted. + VerifiedUsings IntegrityMethodList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" type:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + // DefiningArtifact Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element. + DefiningArtifact AnyArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" type:"https://spdx.org/rdf/3.0.1/terms/Core/Artifact"` } -type AnyRelationship interface { - AnyElement - asRelationship() *Relationship +func (o *ExternalMap) asExternalMap() *ExternalMap { + return o } -type RelationshipList []AnyRelationship +type ExternalMapList []AnyExternalMap -func (o *RelationshipList) RelationshipIter() iter.Seq2[AnyRelationship, *Relationship] { - return typeIter(*o, castRelationship) +func (o *ExternalMapList) ExternalMaps() ld.TypeSeq[AnyExternalMap, *ExternalMap] { + return ld.NewTypeSeq(*o, castExternalMap) } -func (o *RelationshipList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVulnAssessmentRelationship) + +type AnyExternalRef interface { + asExternalRef() *ExternalRef } -func (o *RelationshipList) LifecycleScopedRelationshipIter() iter.Seq2[AnyRelationship, *LifecycleScopedRelationship] { - return typeIter(*o, castLifecycleScopedRelationship) + +// ExternalRef A reference to a resource outside the scope of SPDX-3.0 content related to an Element. +type ExternalRef struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef"` + ID string `iri:"@id"` + // Locators Provides the location of an external reference. + Locators []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/locator" type:"http://www.w3.org/2001/XMLSchema#string"` + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // ExternalRefType Specifies the type of the external reference. + ExternalRefType ExternalRefType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *RelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) + +func (o *ExternalRef) asExternalRef() *ExternalRef { + return o } -func (o *RelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) + +type ExternalRefList []AnyExternalRef + +func (o *ExternalRefList) ExternalRefs() ld.TypeSeq[AnyExternalRef, *ExternalRef] { + return ld.NewTypeSeq(*o, castExternalRef) } -func (o *RelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) + +// ExternalRefType Specifies the type of an external reference. +type ExternalRefType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType"` + id string `iri:"@id"` } -func (o *RelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) + +// ExternalRefType_AltDownloadLocation A reference to an alternative download location. +var ExternalRefType_AltDownloadLocation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", } -func (o *RelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) + +// ExternalRefType_AltWebPage A reference to an alternative web page. +var ExternalRefType_AltWebPage = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage", } -func (o *RelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) + +// ExternalRefType_BinaryArtifact A reference to binary artifacts related to a package. +var ExternalRefType_BinaryArtifact = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact", } -func (o *RelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) + +// ExternalRefType_Bower A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install). +var ExternalRefType_Bower = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower", } -func (o *RelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +// ExternalRefType_BuildMeta A reference build metadata related to a published package. +var ExternalRefType_BuildMeta = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta", } -func (o *RelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +// ExternalRefType_BuildSystem A reference build system used to create or publish the package. +var ExternalRefType_BuildSystem = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem", } -func (o *RelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +// ExternalRefType_CertificationReport A reference to a certification report for a package from an accredited/independent body. +var ExternalRefType_CertificationReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport", } -func (o *RelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnyRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +// ExternalRefType_Chat A reference to the instant messaging system used by the maintainer for a package. +var ExternalRefType_Chat = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat", } -// Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. -type relationshipCompleteness struct { - ID string `iri:"@id"` +// ExternalRefType_ComponentAnalysisReport A reference to a Software Composition Analysis (SCA) report. +var ExternalRefType_ComponentAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport", } -// The relationship is known to be exhaustive. -var RelationshipCompleteness_Complete = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete"} +// ExternalRefType_Cwe [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). +var ExternalRefType_Cwe = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe", +} -// The relationship is known not to be exhaustive. -var RelationshipCompleteness_Incomplete = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete"} +// ExternalRefType_Documentation A reference to the documentation for a package. +var ExternalRefType_Documentation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation", +} -// No assertion can be made about the completeness of the relationship. -var RelationshipCompleteness_NoAssertion = relationshipCompleteness{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion"} +// ExternalRefType_DynamicAnalysisReport A reference to a dynamic analysis report for a package. +var ExternalRefType_DynamicAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport", +} -// Information about the relationship between two Elements. -type relationshipType struct { - ID string `iri:"@id"` +// ExternalRefType_EolNotice A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. +var ExternalRefType_EolNotice = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice", } -// The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_Affects = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects"} +// ExternalRefType_ExportControlAssessment A reference to a export control assessment for a package. +var ExternalRefType_ExportControlAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment", +} -// The `from` Element is amended by each `to` Element. -var RelationshipType_AmendedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy"} +// ExternalRefType_Funding A reference to funding information related to a package. +var ExternalRefType_Funding = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding", +} -// The `from` Element is an ancestor of each `to` Element. -var RelationshipType_AncestorOf = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf"} +// ExternalRefType_IssueTracker A reference to the issue tracker for a package. +var ExternalRefType_IssueTracker = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker", +} -// The `from` Element is available from the additional supplier described by each `to` Element. -var RelationshipType_AvailableFrom = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom"} +// ExternalRefType_License A reference to additional license information related to an artifact. +var ExternalRefType_License = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license", +} -// The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. -var RelationshipType_Configures = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures"} +// ExternalRefType_MailingList A reference to the mailing list used by the maintainer for a package. +var ExternalRefType_MailingList = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList", +} -// The `from` Element contains each `to` Element. -var RelationshipType_Contains = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains"} +// ExternalRefType_MavenCentral A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`. +var ExternalRefType_MavenCentral = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral", +} -// The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). -var RelationshipType_CoordinatedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy"} +// ExternalRefType_Metrics A reference to metrics related to package such as OpenSSF scorecards. +var ExternalRefType_Metrics = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics", +} -// The `from` Element has been copied to each `to` Element. -var RelationshipType_CopiedTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo"} +// ExternalRefType_Npm A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`. +var ExternalRefType_Npm = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm", +} -// The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). -var RelationshipType_DelegatedTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo"} +// ExternalRefType_Nuget A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`. +var ExternalRefType_Nuget = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget", +} -// The `from` Element depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_DependsOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn"} +// ExternalRefType_Other Used when the type does not match any of the other options. +var ExternalRefType_Other = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other", +} -// The `from` Element is a descendant of each `to` Element. -var RelationshipType_DescendantOf = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf"} +// ExternalRefType_PrivacyAssessment A reference to a privacy assessment for a package. +var ExternalRefType_PrivacyAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment", +} -// The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. -var RelationshipType_Describes = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes"} +// ExternalRefType_ProductMetadata A reference to additional product metadata such as reference within organization's product catalog. +var ExternalRefType_ProductMetadata = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata", +} -// The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. -var RelationshipType_DoesNotAffect = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect"} +// ExternalRefType_PurchaseOrder A reference to a purchase order for a package. +var ExternalRefType_PurchaseOrder = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder", +} -// The `from` archive expands out as an artifact described by each `to` Element. -var RelationshipType_ExpandsTo = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo"} +// ExternalRefType_QualityAssessmentReport A reference to a quality assessment for a package. +var ExternalRefType_QualityAssessmentReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport", +} -// The `from` Vulnerability has had an exploit created against it by each `to` Agent. -var RelationshipType_ExploitCreatedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy"} +// ExternalRefType_ReleaseHistory A reference to a published list of releases for a package. +var ExternalRefType_ReleaseHistory = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory", +} -// Designates a `from` Vulnerability has been fixed by the `to` Agent(s). -var RelationshipType_FixedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy"} +// ExternalRefType_ReleaseNotes A reference to the release notes for a package. +var ExternalRefType_ReleaseNotes = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes", +} -// A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. -var RelationshipType_FixedIn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn"} +// ExternalRefType_RiskAssessment A reference to a risk assessment for a package. +var ExternalRefType_RiskAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment", +} -// Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). -var RelationshipType_FoundBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy"} +// ExternalRefType_RuntimeAnalysisReport A reference to a runtime analysis report for a package. +var ExternalRefType_RuntimeAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport", +} -// The `from` Element generates each `to` Element. -var RelationshipType_Generates = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates"} +// ExternalRefType_SecureSoftwareAttestation A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). +var ExternalRefType_SecureSoftwareAttestation = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation", +} -// Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). -var RelationshipType_HasAddedFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile"} +// ExternalRefType_SecurityAdversaryModel A reference to the security adversary model for a package. +var ExternalRefType_SecurityAdversaryModel = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel", +} -// Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. -var RelationshipType_HasAssessmentFor = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor"} +// ExternalRefType_SecurityAdvisory A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. +var ExternalRefType_SecurityAdvisory = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory", +} -// Used to associate a `from` Artifact with each `to` Vulnerability. -var RelationshipType_HasAssociatedVulnerability = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability"} +// ExternalRefType_SecurityFix A reference to the patch or source code that fixes a vulnerability. +var ExternalRefType_SecurityFix = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix", +} -// The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. -var RelationshipType_HasConcludedLicense = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense"} +// ExternalRefType_SecurityOther A reference to related security information of unspecified type. +var ExternalRefType_SecurityOther = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther", +} -// The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. -var RelationshipType_HasDataFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile"} +// ExternalRefType_SecurityPenTestReport A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. +var ExternalRefType_SecurityPenTestReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport", +} -// The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. -var RelationshipType_HasDeclaredLicense = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense"} +// ExternalRefType_SecurityPolicy A reference to instructions for reporting newly discovered security vulnerabilities for a package. +var ExternalRefType_SecurityPolicy = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy", +} -// Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). -var RelationshipType_HasDeletedFile = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile"} +// ExternalRefType_SecurityThreatModel A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. +var ExternalRefType_SecurityThreatModel = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel", +} -// The `from` Element has manifest files that contain dependency information in each `to` Element. -var RelationshipType_HasDependencyManifest = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest"} +// ExternalRefType_SocialMedia A reference to a social media channel for a package. +var ExternalRefType_SocialMedia = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia", +} -// The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). -var RelationshipType_HasDistributionArtifact = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact"} +// ExternalRefType_SourceArtifact A reference to an artifact containing the sources for a package. +var ExternalRefType_SourceArtifact = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact", +} -// The `from` Element is documented by each `to` Element. -var RelationshipType_HasDocumentation = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation"} +// ExternalRefType_StaticAnalysisReport A reference to a static analysis report for a package. +var ExternalRefType_StaticAnalysisReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport", +} -// The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasDynamicLink = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink"} +// ExternalRefType_Support A reference to the software support channel or other support information for a package. +var ExternalRefType_Support = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support", +} -// Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). -var RelationshipType_HasEvidence = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence"} +// ExternalRefType_Vcs A reference to a version control system related to a software artifact. +var ExternalRefType_Vcs = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs", +} -// Every `to` Element is an example for the `from` Element (`from` hasExample `to`). -var RelationshipType_HasExample = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample"} +// ExternalRefType_VulnerabilityDisclosureReport A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). +var ExternalRefType_VulnerabilityDisclosureReport = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport", +} -// The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). -var RelationshipType_HasHost = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost"} +// ExternalRefType_VulnerabilityExploitabilityAssessment A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). +var ExternalRefType_VulnerabilityExploitabilityAssessment = ExternalRefType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment", +} -// The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. -var RelationshipType_HasInput = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput"} +type AnyFile interface { + asFile() *File +} -// Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). -var RelationshipType_HasMetadata = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata"} +// File Refers to any object that stores content on a computer. +type File struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + SoftwareArtifact + // ContentType Provides information about the content type of an Element or a Property. + ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" type:"http://www.w3.org/2001/XMLSchema#string"` + // FileKind Describes if a given file is a directory or non-directory kind of file. + FileKind FileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" type:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` +} -// Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). -var RelationshipType_HasOptionalComponent = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent"} +func (o *File) asFile() *File { + return o +} -// The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasOptionalDependency = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency"} +type FileList []AnyFile -// The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. -var RelationshipType_HasOutput = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput"} +func (o *FileList) Files() ld.TypeSeq[AnyFile, *File] { + return ld.NewTypeSeq(*o, castFile) +} -// The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasPrerequisite = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite"} +// FileKindType Enumeration of the different kinds of SPDX file. +type FileKindType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/FileKindType"` + id string `iri:"@id"` +} -// The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. -var RelationshipType_HasProvidedDependency = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency"} +// FileKindType_Directory The file represents a directory and all content stored in that directory. +var FileKindType_Directory = FileKindType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", +} -// The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasRequirement = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement"} +// FileKindType_File The file represents a single file (default). +var FileKindType_File = FileKindType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file", +} -// Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. -var RelationshipType_HasSpecification = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification"} +type AnyHash interface { + asHash() *Hash +} -// The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. -var RelationshipType_HasStaticLink = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink"} +// Hash A mathematically calculated representation of a grouping of data. +type Hash struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Hash"` + IntegrityMethod + // HashValue The result of applying a hash algorithm to an Element. + HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // Algorithm Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` +} -// Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. -var RelationshipType_HasTest = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest"} +func (o *Hash) asHash() *Hash { + return o +} -// Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). -var RelationshipType_HasTestCase = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase"} +type HashList []AnyHash -// Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). -var RelationshipType_HasVariant = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant"} +func (o *HashList) Hashes() ld.TypeSeq[AnyHash, *Hash] { + return ld.NewTypeSeq(*o, castHash) +} -// The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). -var RelationshipType_InvokedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy"} +// HashAlgorithm A mathematical algorithm that maps data of arbitrary size to a bit string. +type HashAlgorithm struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` + id string `iri:"@id"` +} -// The `from` Element is modified by each `to` Element. -var RelationshipType_ModifiedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy"} +// HashAlgorithm_Adler32 Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3. +var HashAlgorithm_Adler32 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32", +} -// Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). -var RelationshipType_Other = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other"} +// HashAlgorithm_Blake2b256 BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", +} -// Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). -var RelationshipType_PackagedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy"} +// HashAlgorithm_Blake2b384 BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", +} -// Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). -var RelationshipType_PatchedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy"} +// HashAlgorithm_Blake2b512 BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4. +var HashAlgorithm_Blake2b512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", +} -// Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. -var RelationshipType_PublishedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy"} +// HashAlgorithm_Blake3 [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) +var HashAlgorithm_Blake3 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", +} -// Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. -var RelationshipType_ReportedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy"} +// HashAlgorithm_CrystalsDilithium [Dilithium](https://pq-crystals.org/dilithium/) +var HashAlgorithm_CrystalsDilithium = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", +} -// Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. -var RelationshipType_RepublishedBy = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy"} +// HashAlgorithm_CrystalsKyber [Kyber](https://pq-crystals.org/kyber/) +var HashAlgorithm_CrystalsKyber = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", +} -// The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. -var RelationshipType_SerializedInArtifact = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact"} +// HashAlgorithm_Falcon [FALCON](https://falcon-sign.info/falcon.pdf) +var HashAlgorithm_Falcon = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", +} -// The `from` Element has been tested on the `to` Element(s). -var RelationshipType_TestedOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn"} +// HashAlgorithm_Md2 MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/). +var HashAlgorithm_Md2 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", +} -// The `from` Element has been trained on the `to` Element(s). -var RelationshipType_TrainedOn = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn"} +// HashAlgorithm_Md4 MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/). +var HashAlgorithm_Md4 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", +} -// The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. -var RelationshipType_UnderInvestigationFor = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor"} +// HashAlgorithm_Md5 MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/). +var HashAlgorithm_Md5 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", +} -// The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. -var RelationshipType_UsesTool = relationshipType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool"} +// HashAlgorithm_Md6 [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) +var HashAlgorithm_Md6 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", +} -// A collection of SPDX Elements that could potentially be serialized. -type SpdxDocument struct { - ElementCollection +// HashAlgorithm_Other any hashing algorithm that does not exist in this list of entries +var HashAlgorithm_Other = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", +} - // Provides the license under which the SPDX documentation of the Element can be - // used. - DataLicense AnySimplelicensingAnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" iri-compact:"dataLicense"` +// HashAlgorithm_Sha1 SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/). +var HashAlgorithm_Sha1 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", +} - // Provides an ExternalMap of Element identifiers. - Imports ExternalMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/import" iri-compact:"import"` +// HashAlgorithm_Sha224 SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/). +var HashAlgorithm_Sha224 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", +} - // Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" iri-compact:"namespaceMap"` +// HashAlgorithm_Sha256 SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", } -func castSpdxDocument(o any) *SpdxDocument { - if o, ok := o.(AnySpdxDocument); ok { - return o.asSpdxDocument() - } - return nil +// HashAlgorithm_Sha384 SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", } -func (o *SpdxDocument) asSpdxDocument() *SpdxDocument { - return o +// HashAlgorithm_Sha3_224 SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_224 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", } -type AnySpdxDocument interface { - AnyElementCollection - asSpdxDocument() *SpdxDocument +// HashAlgorithm_Sha3_256 SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_256 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", } -type SpdxDocumentList []AnySpdxDocument +// HashAlgorithm_Sha3_384 SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_384 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", +} -func (o *SpdxDocumentList) SpdxDocumentIter() iter.Seq2[AnySpdxDocument, *SpdxDocument] { - return typeIter(*o, castSpdxDocument) +// HashAlgorithm_Sha3_512 SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). +var HashAlgorithm_Sha3_512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", } -// Indicates the type of support that is associated with an artifact. -type supportType struct { - ID string `iri:"@id"` +// HashAlgorithm_Sha512 SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/). +var HashAlgorithm_Sha512 = HashAlgorithm{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", } -// in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. -var SupportType_Deployed = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed"} +type AnyIndividualElement interface { + asIndividualElement() *IndividualElement +} -// the artifact is in active development and is not considered ready for formal support from the supplier. -var SupportType_Development = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development"} +// IndividualElement A concrete subclass of Element used by Individuals in the\nCore profile. +type IndividualElement struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement"` + Element +} -// there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. -var SupportType_EndOfSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport"} +func (o *IndividualElement) asIndividualElement() *IndividualElement { + return o +} -// the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_LimitedSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport"} +// IndividualElement_NoAssertionElement An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number). +var IndividualElement_NoAssertionElement AnyIndividualElement = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", +} -// no assertion about the type of support is made. This is considered the default if no other support type is used. -var SupportType_NoAssertion = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion"} +// IndividualElement_NoneElement An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero. +var IndividualElement_NoneElement AnyIndividualElement = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", +} -// there is no support for the artifact from the supplier, consumer assumes any support obligations. -var SupportType_NoSupport = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport"} +type IndividualElementList []AnyIndividualElement -// the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. -var SupportType_Support = supportType{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support"} +func (o *IndividualElementList) IndividualElements() ld.TypeSeq[AnyIndividualElement, *IndividualElement] { + return ld.NewTypeSeq(*o, castIndividualElement) +} -// An element of hardware and/or software utilized to carry out a particular function. -type Tool struct { - Element +type AnyIndividualLicensingInfo interface { + asIndividualLicensingInfo() *IndividualLicensingInfo } -func castTool(o any) *Tool { - if o, ok := o.(AnyTool); ok { - return o.asTool() - } - return nil +// IndividualLicensingInfo A concrete subclass of AnyLicenseInfo used by Individuals in the\nExpandedLicensing profile. +type IndividualLicensingInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo"` + LicenseInfo } -func (o *Tool) asTool() *Tool { +func (o *IndividualLicensingInfo) asIndividualLicensingInfo() *IndividualLicensingInfo { return o } -type AnyTool interface { - AnyElement - asTool() *Tool +// IndividualLicensingInfo_NoAssertionLicense An Individual Value for License when no assertion can be made about its actual\nvalue. +var IndividualLicensingInfo_NoAssertionLicense AnyIndividualLicensingInfo = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", } -type ToolList []AnyTool +// IndividualLicensingInfo_NoneLicense An Individual Value for License where the SPDX data creator determines that no\nlicense is present. +var IndividualLicensingInfo_NoneLicense AnyIndividualLicensingInfo = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", +} -func (o *ToolList) ToolIter() iter.Seq2[AnyTool, *Tool] { return typeIter(*o, castTool) } +type IndividualLicensingInfoList []AnyIndividualLicensingInfo -// Categories of confidentiality level. -type datasetConfidentialityLevelType struct { - ID string `iri:"@id"` +func (o *IndividualLicensingInfoList) IndividualLicensingInfos() ld.TypeSeq[AnyIndividualLicensingInfo, *IndividualLicensingInfo] { + return ld.NewTypeSeq(*o, castIndividualLicensingInfo) } -// Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. -var DatasetConfidentialityLevelType_Amber = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber"} +type AnyIntegrityMethod interface { + asIntegrityMethod() *IntegrityMethod +} -// Dataset may be distributed freely, without restriction. -var DatasetConfidentialityLevelType_Clear = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear"} +// IntegrityMethod Provides an independently reproducible mechanism that permits verification of a specific Element. +type IntegrityMethod struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod"` + ID string `iri:"@id"` + // Comment Provide consumers with comments by the creator of the Element about the\nElement. + Comment string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/comment" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// Dataset can be shared within a community of peers and partners. -var DatasetConfidentialityLevelType_Green = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green"} +func (o *IntegrityMethod) asIntegrityMethod() *IntegrityMethod { + return o +} -// Data points in the dataset are highly confidential and can only be shared with named recipients. -var DatasetConfidentialityLevelType_Red = datasetConfidentialityLevelType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red"} +type IntegrityMethodList []AnyIntegrityMethod -// Availability of dataset. -type datasetDatasetAvailabilityType struct { - ID string `iri:"@id"` +func (o *IntegrityMethodList) ContentIdentifiers() ld.TypeSeq[AnyIntegrityMethod, *ContentIdentifier] { + return ld.NewTypeSeq(*o, castContentIdentifier) } -// the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. -var DatasetDatasetAvailabilityType_Clickthrough = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough"} - -// the dataset is publicly available and can be downloaded directly. -var DatasetDatasetAvailabilityType_DirectDownload = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload"} +func (o *IntegrityMethodList) Hashes() ld.TypeSeq[AnyIntegrityMethod, *Hash] { + return ld.NewTypeSeq(*o, castHash) +} -// the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. -var DatasetDatasetAvailabilityType_Query = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query"} +func (o *IntegrityMethodList) IntegrityMethods() ld.TypeSeq[AnyIntegrityMethod, *IntegrityMethod] { + return ld.NewTypeSeq(*o, castIntegrityMethod) +} -// the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. -var DatasetDatasetAvailabilityType_Registration = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration"} +func (o *IntegrityMethodList) PackageVerificationCodes() ld.TypeSeq[AnyIntegrityMethod, *PackageVerificationCode] { + return ld.NewTypeSeq(*o, castPackageVerificationCode) +} -// the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. -var DatasetDatasetAvailabilityType_ScrapingScript = datasetDatasetAvailabilityType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript"} +type AnyLicense interface { + asLicense() *License +} -// Enumeration of dataset types. -type datasetDatasetType struct { - ID string `iri:"@id"` +// License Abstract class for the portion of an AnyLicenseInfo representing a license. +type License struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` + ExtendableLicense + // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. + SeeAlsos []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedLicenseId Specifies whether a license or additional text identifier has been marked as\ndeprecated. + IsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardLicenseHeader Provides a License author's preferred text to indicate that a file is covered\nby the License. + StandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" type:"http://www.w3.org/2001/XMLSchema#string"` + // LicenseText Identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsOsiApproved Specifies whether the License is listed as approved by the\nOpen Source Initiative (OSI). + IsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // LicenseXml Identifies all the text and metadata associated with a license in the license\nXML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // IsFsfLibre Specifies whether the License is listed as free by the\nFree Software Foundation (FSF). + IsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" type:"http://www.w3.org/2001/XMLSchema#boolean"` + // StandardLicenseTemplate Identifies the full text of a License, in SPDX templating format. + StandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` } -// data is audio based, such as a collection of music from the 80s. -var DatasetDatasetType_Audio = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio"} +func (o *License) asLicense() *License { + return o +} -// data that is classified into a discrete number of categories, such as the eye color of a population of people. -var DatasetDatasetType_Categorical = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical"} +type LicenseList []AnyLicense -// data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. -var DatasetDatasetType_Graph = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph"} +func (o *LicenseList) CustomLicenses() ld.TypeSeq[AnyLicense, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) +} -// data is a collection of images such as pictures of animals. -var DatasetDatasetType_Image = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image"} +func (o *LicenseList) Licenses() ld.TypeSeq[AnyLicense, *License] { + return ld.NewTypeSeq(*o, castLicense) +} -// data type is not known. -var DatasetDatasetType_NoAssertion = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion"} +func (o *LicenseList) ListedLicenses() ld.TypeSeq[AnyLicense, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) +} -// data consists only of numeric entries. -var DatasetDatasetType_Numeric = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric"} +type AnyLicenseAddition interface { + asLicenseAddition() *LicenseAddition +} -// data is of a type not included in this list. -var DatasetDatasetType_Other = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other"} +// LicenseAddition Abstract class for additional text intended to be added to a License, but\nwhich is not itself a standalone License. +type LicenseAddition struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition"` + Element + // AdditionText Identifies the full text of a LicenseAddition. + AdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ObsoletedBy Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition. + ObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" type:"http://www.w3.org/2001/XMLSchema#string"` + // LicenseXml Identifies all the text and metadata associated with a license in the license\nXML format. + LicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" type:"http://www.w3.org/2001/XMLSchema#string"` + // StandardAdditionTemplate Identifies the full text of a LicenseAddition, in SPDX templating format. + StandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" type:"http://www.w3.org/2001/XMLSchema#string"` + // SeeAlsos Contains a URL where the License or LicenseAddition can be found in use. + SeeAlsos []ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // IsDeprecatedAdditionId Specifies whether an additional text identifier has been marked as deprecated. + IsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" type:"http://www.w3.org/2001/XMLSchema#boolean"` +} + +func (o *LicenseAddition) asLicenseAddition() *LicenseAddition { + return o +} -// data is recorded from a physical sensor, such as a thermometer reading or biometric device. -var DatasetDatasetType_Sensor = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor"} +type LicenseAdditionList []AnyLicenseAddition -// data is stored in tabular format or retrieved from a relational database. -var DatasetDatasetType_Structured = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured"} +func (o *LicenseAdditionList) CustomLicenseAdditions() ld.TypeSeq[AnyLicenseAddition, *CustomLicenseAddition] { + return ld.NewTypeSeq(*o, castCustomLicenseAddition) +} -// data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. -var DatasetDatasetType_Syntactic = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic"} +func (o *LicenseAdditionList) LicenseAdditions() ld.TypeSeq[AnyLicenseAddition, *LicenseAddition] { + return ld.NewTypeSeq(*o, castLicenseAddition) +} -// data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. -var DatasetDatasetType_Text = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text"} +func (o *LicenseAdditionList) ListedLicenseExceptions() ld.TypeSeq[AnyLicenseAddition, *ListedLicenseException] { + return ld.NewTypeSeq(*o, castListedLicenseException) +} -// data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. -var DatasetDatasetType_Timeseries = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries"} +type AnyLicenseExpression interface { + asLicenseExpression() *LicenseExpression +} -// data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. -var DatasetDatasetType_Timestamp = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp"} +// LicenseExpression An SPDX Element containing an SPDX license expression string. +type LicenseExpression struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression"` + LicenseInfo + // LicenseExpression A string in the license expression format. + LicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // CustomIdToUris Maps a LicenseRef or AdditionRef string for a Custom License or a Custom\nLicense Addition to its URI ID. + CustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" type:"https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry"` + // LicenseListVersion The version of the SPDX License List used in the license expression. + LicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// data is video based, such as a collection of movie clips featuring Tom Hanks. -var DatasetDatasetType_Video = datasetDatasetType{ID: "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video"} +func (o *LicenseExpression) asLicenseExpression() *LicenseExpression { + return o +} -// Abstract class for additional text intended to be added to a License, but -// which is not itself a standalone License. -type ExpandedlicensingLicenseAddition struct { - Element +type LicenseExpressionList []AnyLicenseExpression - // Identifies the full text of a LicenseAddition. - ExpandedlicensingAdditionText string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" iri-compact:"expandedlicensing_additionText"` - // Specifies whether an additional text identifier has been marked as deprecated. - ExpandedlicensingIsDeprecatedAdditionId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" iri-compact:"expandedlicensing_isDeprecatedAdditionId"` - // Identifies all the text and metadata associated with a license in the license - // XML format. - ExpandedlicensingLicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // Specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ExpandedlicensingObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // Contains a URL where the License or LicenseAddition can be found in use. - ExpandedlicensingSeeAlsos []string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // Identifies the full text of a LicenseAddition, in SPDX templating format. - ExpandedlicensingStandardAdditionTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" iri-compact:"expandedlicensing_standardAdditionTemplate"` +func (o *LicenseExpressionList) LicenseExpressions() ld.TypeSeq[AnyLicenseExpression, *LicenseExpression] { + return ld.NewTypeSeq(*o, castLicenseExpression) } -func castExpandedlicensingLicenseAddition(o any) *ExpandedlicensingLicenseAddition { - if o, ok := o.(AnyExpandedlicensingLicenseAddition); ok { - return o.asExpandedlicensingLicenseAddition() - } - return nil +type AnyLicenseInfo interface { + asLicenseInfo() *LicenseInfo } -func (o *ExpandedlicensingLicenseAddition) asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition { - return o +// LicenseInfo Abstract class representing a license combination consisting of one or more licenses. +type LicenseInfo struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` + Element } -type AnyExpandedlicensingLicenseAddition interface { - AnyElement - asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition +func (o *LicenseInfo) asLicenseInfo() *LicenseInfo { + return o } -type ExpandedlicensingLicenseAdditionList []AnyExpandedlicensingLicenseAddition +type LicenseInfoList []AnyLicenseInfo -func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingLicenseAddition] { - return typeIter(*o, castExpandedlicensingLicenseAddition) +func (o *LicenseInfoList) ConjunctiveLicenseSets() ld.TypeSeq[AnyLicenseInfo, *ConjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castConjunctiveLicenseSet) } -func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingListedLicenseException] { - return typeIter(*o, castExpandedlicensingListedLicenseException) + +func (o *LicenseInfoList) CustomLicenses() ld.TypeSeq[AnyLicenseInfo, *CustomLicense] { + return ld.NewTypeSeq(*o, castCustomLicense) } -func (o *ExpandedlicensingLicenseAdditionList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingLicenseAddition, *ExpandedlicensingCustomLicenseAddition] { - return typeIter(*o, castExpandedlicensingCustomLicenseAddition) + +func (o *LicenseInfoList) DisjunctiveLicenseSets() ld.TypeSeq[AnyLicenseInfo, *DisjunctiveLicenseSet] { + return ld.NewTypeSeq(*o, castDisjunctiveLicenseSet) } -// A license exception that is listed on the SPDX Exceptions list. -type ExpandedlicensingListedLicenseException struct { - ExpandedlicensingLicenseAddition +func (o *LicenseInfoList) ExtendableLicenses() ld.TypeSeq[AnyLicenseInfo, *ExtendableLicense] { + return ld.NewTypeSeq(*o, castExtendableLicense) +} - // Specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - ExpandedlicensingDeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` - // Specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - ExpandedlicensingListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` +func (o *LicenseInfoList) IndividualLicensingInfos() ld.TypeSeq[AnyLicenseInfo, *IndividualLicensingInfo] { + return ld.NewTypeSeq(*o, castIndividualLicensingInfo) } -func castExpandedlicensingListedLicenseException(o any) *ExpandedlicensingListedLicenseException { - if o, ok := o.(AnyExpandedlicensingListedLicenseException); ok { - return o.asExpandedlicensingListedLicenseException() - } - return nil +func (o *LicenseInfoList) Licenses() ld.TypeSeq[AnyLicenseInfo, *License] { + return ld.NewTypeSeq(*o, castLicense) } -func (o *ExpandedlicensingListedLicenseException) asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException { - return o +func (o *LicenseInfoList) LicenseExpressions() ld.TypeSeq[AnyLicenseInfo, *LicenseExpression] { + return ld.NewTypeSeq(*o, castLicenseExpression) } -type AnyExpandedlicensingListedLicenseException interface { - AnyExpandedlicensingLicenseAddition - asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException +func (o *LicenseInfoList) LicenseInfos() ld.TypeSeq[AnyLicenseInfo, *LicenseInfo] { + return ld.NewTypeSeq(*o, castLicenseInfo) } -type ExpandedlicensingListedLicenseExceptionList []AnyExpandedlicensingListedLicenseException +func (o *LicenseInfoList) ListedLicenses() ld.TypeSeq[AnyLicenseInfo, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) +} -func (o *ExpandedlicensingListedLicenseExceptionList) ExpandedlicensingListedLicenseExceptionIter() iter.Seq2[AnyExpandedlicensingListedLicenseException, *ExpandedlicensingListedLicenseException] { - return typeIter(*o, castExpandedlicensingListedLicenseException) +func (o *LicenseInfoList) OrLaterOperators() ld.TypeSeq[AnyLicenseInfo, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) } -// A property name with an associated value. -type ExtensionCdxPropertyEntry struct { - ID string `iri:"@id"` +func (o *LicenseInfoList) WithAdditionOperators() ld.TypeSeq[AnyLicenseInfo, *WithAdditionOperator] { + return ld.NewTypeSeq(*o, castWithAdditionOperator) +} - // A name used in a CdxPropertyEntry name-value pair. - ExtensionCdxPropName string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" iri-compact:"extension_cdxPropName"` - // A value used in a CdxPropertyEntry name-value pair. - ExtensionCdxPropValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" iri-compact:"extension_cdxPropValue"` +// LifecycleScopeType Provide an enumerated set of lifecycle phases that can provide context to relationships. +type LifecycleScopeType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` + id string `iri:"@id"` } -func castExtensionCdxPropertyEntry(o any) *ExtensionCdxPropertyEntry { - if o, ok := o.(AnyExtensionCdxPropertyEntry); ok { - return o.asExtensionCdxPropertyEntry() - } - return nil +// LifecycleScopeType_Build A relationship has specific context implications during an element's build phase, during development. +var LifecycleScopeType_Build = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", } -func (o *ExtensionCdxPropertyEntry) asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry { - return o +// LifecycleScopeType_Design A relationship has specific context implications during an element's design. +var LifecycleScopeType_Design = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design", } -type AnyExtensionCdxPropertyEntry interface { - asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry +// LifecycleScopeType_Development A relationship has specific context implications during development phase of an element. +var LifecycleScopeType_Development = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development", } -type ExtensionCdxPropertyEntryList []AnyExtensionCdxPropertyEntry +// LifecycleScopeType_Other A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. +var LifecycleScopeType_Other = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other", +} -func (o *ExtensionCdxPropertyEntryList) ExtensionCdxPropertyEntryIter() iter.Seq2[AnyExtensionCdxPropertyEntry, *ExtensionCdxPropertyEntry] { - return typeIter(*o, castExtensionCdxPropertyEntry) +// LifecycleScopeType_Runtime A relationship has specific context implications during the execution phase of an element. +var LifecycleScopeType_Runtime = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime", } -// A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. -type ExtensionExtension struct { - ID string `iri:"@id"` +// LifecycleScopeType_Test A relationship has specific context implications during an element's testing phase, during development. +var LifecycleScopeType_Test = LifecycleScopeType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test", } -func castExtensionExtension(o any) *ExtensionExtension { - if o, ok := o.(AnyExtensionExtension); ok { - return o.asExtensionExtension() - } - return nil +type AnyLifecycleScopedRelationship interface { + asLifecycleScopedRelationship() *LifecycleScopedRelationship } -func (o *ExtensionExtension) asExtensionExtension() *ExtensionExtension { - return o +// LifecycleScopedRelationship Provide context for a relationship that occurs in the lifecycle. +type LifecycleScopedRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship"` + Relationship + // Scope Capture the scope of information about a specific relationship between elements. + Scope LifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" type:"https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType"` } -type AnyExtensionExtension interface { - asExtensionExtension() *ExtensionExtension +func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() *LifecycleScopedRelationship { + return o } -type ExtensionExtensionList []AnyExtensionExtension +type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship -func (o *ExtensionExtensionList) ExtensionExtensionIter() iter.Seq2[AnyExtensionExtension, *ExtensionExtension] { - return typeIter(*o, castExtensionExtension) -} -func (o *ExtensionExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2[AnyExtensionExtension, *ExtensionCdxPropertiesExtension] { - return typeIter(*o, castExtensionCdxPropertiesExtension) +func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationships() ld.TypeSeq[AnyLifecycleScopedRelationship, *LifecycleScopedRelationship] { + return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) } -// Specifies the CVSS base, temporal, threat, or environmental severity type. -type securityCvssSeverityType struct { - ID string `iri:"@id"` +type AnyListedLicense interface { + asListedLicense() *ListedLicense } -// When a CVSS score is between 9.0 - 10.0 -var SecurityCvssSeverityType_Critical = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical"} - -// When a CVSS score is between 7.0 - 8.9 -var SecurityCvssSeverityType_High = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high"} - -// When a CVSS score is between 0.1 - 3.9 -var SecurityCvssSeverityType_Low = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low"} +// ListedLicense A license that is listed on the SPDX License List. +type ListedLicense struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense"` + License + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` +} -// When a CVSS score is between 4.0 - 6.9 -var SecurityCvssSeverityType_Medium = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium"} +func (o *ListedLicense) asListedLicense() *ListedLicense { + return o +} -// When a CVSS score is 0.0 -var SecurityCvssSeverityType_None = securityCvssSeverityType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none"} +type ListedLicenseList []AnyListedLicense -// Specifies the exploit catalog type. -type securityExploitCatalogType struct { - ID string `iri:"@id"` +func (o *ListedLicenseList) ListedLicenses() ld.TypeSeq[AnyListedLicense, *ListedLicense] { + return ld.NewTypeSeq(*o, castListedLicense) } -// CISA's Known Exploited Vulnerability (KEV) Catalog -var SecurityExploitCatalogType_Kev = securityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev"} - -// Other exploit catalogs -var SecurityExploitCatalogType_Other = securityExploitCatalogType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other"} +type AnyListedLicenseException interface { + asListedLicenseException() *ListedLicenseException +} -// Specifies the SSVC decision type. -type securitySsvcDecisionType struct { - ID string `iri:"@id"` +// ListedLicenseException A license exception that is listed on the SPDX Exceptions list. +type ListedLicenseException struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException"` + LicenseAddition + // DeprecatedVersion Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated. + DeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // ListVersionAdded Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added. + ListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" type:"http://www.w3.org/2001/XMLSchema#string"` } -// The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. -var SecuritySsvcDecisionType_Act = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act"} +func (o *ListedLicenseException) asListedLicenseException() *ListedLicenseException { + return o +} -// The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. -var SecuritySsvcDecisionType_Attend = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend"} +type ListedLicenseExceptionList []AnyListedLicenseException -// The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. -var SecuritySsvcDecisionType_Track = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track"} +func (o *ListedLicenseExceptionList) ListedLicenseExceptions() ld.TypeSeq[AnyListedLicenseException, *ListedLicenseException] { + return ld.NewTypeSeq(*o, castListedLicenseException) +} -// ("Track\*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\* vulnerabilities within standard update timelines. -var SecuritySsvcDecisionType_TrackStar = securitySsvcDecisionType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar"} +type AnyNamespaceMap interface { + asNamespaceMap() *NamespaceMap +} -// Specifies the VEX justification type. -type securityVexJustificationType struct { - ID string `iri:"@id"` +// NamespaceMap A mapping between prefixes and namespace partial URIs. +type NamespaceMap struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` + ID string `iri:"@id"` + // Namespace Provides an unambiguous mechanism for conveying a URI fragment portion of an\nElement ID. + Namespace ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespace" required:"true" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // Prefix A substitute for a URI. + Prefix string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/prefix" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -// The software is not affected because the vulnerable component is not in the product. -var SecurityVexJustificationType_ComponentNotPresent = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent"} +func (o *NamespaceMap) asNamespaceMap() *NamespaceMap { + return o +} -// Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. -var SecurityVexJustificationType_InlineMitigationsAlreadyExist = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"} +type NamespaceMapList []AnyNamespaceMap -// The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. -var SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"} +func (o *NamespaceMapList) NamespaceMaps() ld.TypeSeq[AnyNamespaceMap, *NamespaceMap] { + return ld.NewTypeSeq(*o, castNamespaceMap) +} -// The affected code is not reachable through the execution of the code, including non-anticipated states of the product. -var SecurityVexJustificationType_VulnerableCodeNotInExecutePath = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"} +type AnyOrLaterOperator interface { + asOrLaterOperator() *OrLaterOperator +} -// The product is not affected because the code underlying the vulnerability is not present in the product. -var SecurityVexJustificationType_VulnerableCodeNotPresent = securityVexJustificationType{ID: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent"} +// OrLaterOperator Portion of an AnyLicenseInfo representing this version, or any later version,\nof the indicated License. +type OrLaterOperator struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator"` + ExtendableLicense + // SubjectLicense A License participating in an 'or later' model. + SubjectLicense AnyLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License"` +} -// Abstract ancestor class for all vulnerability assessments -type SecurityVulnAssessmentRelationship struct { - Relationship +func (o *OrLaterOperator) asOrLaterOperator() *OrLaterOperator { + return o +} - // Identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" iri-compact:"suppliedBy"` +type OrLaterOperatorList []AnyOrLaterOperator - // Specifies an Element contained in a piece of software where a vulnerability was - // found. - SecurityAssessedElement AnySoftwareSoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" iri-compact:"security_assessedElement"` +func (o *OrLaterOperatorList) OrLaterOperators() ld.TypeSeq[AnyOrLaterOperator, *OrLaterOperator] { + return ld.NewTypeSeq(*o, castOrLaterOperator) +} - // Specifies a time when a vulnerability assessment was modified - SecurityModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // Specifies the time when a vulnerability was published. - SecurityPublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // Specified the time and date when a vulnerability was withdrawn. - SecurityWithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` +type AnyOrganization interface { + asOrganization() *Organization } -func castSecurityVulnAssessmentRelationship(o any) *SecurityVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVulnAssessmentRelationship); ok { - return o.asSecurityVulnAssessmentRelationship() - } - return nil +// Organization A group of people who work together in an organized way for a shared purpose. +type Organization struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Organization"` + Agent } -func (o *SecurityVulnAssessmentRelationship) asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship { +func (o *Organization) asOrganization() *Organization { return o } -type AnySecurityVulnAssessmentRelationship interface { - AnyRelationship - asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship +// Organization_SpdxOrganization An Organization representing the SPDX Project. +var Organization_SpdxOrganization AnyOrganization = &ExternalIRI{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", } -type SecurityVulnAssessmentRelationshipList []AnySecurityVulnAssessmentRelationship +type OrganizationList []AnyOrganization -func (o *SecurityVulnAssessmentRelationshipList) SecurityVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) +func (o *OrganizationList) Organizations() ld.TypeSeq[AnyOrganization, *Organization] { + return ld.NewTypeSeq(*o, castOrganization) } -func (o *SecurityVulnAssessmentRelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) -} -func (o *SecurityVulnAssessmentRelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) + +type AnyPackage interface { + asPackage() *Package } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) + +// Package Refers to any unit of content that can be associated with a distribution of\nsoftware. +type Package struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Package"` + SoftwareArtifact + // SourceInfo Records any relevant background information or additional comments\nabout the origin of the package. + SourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" type:"http://www.w3.org/2001/XMLSchema#string"` + // HomePage A place for the SPDX document creator to record a website that serves as the\npackage's home page. + HomePage ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // PackageVersion Identify the version of a package. + PackageVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageUrl Provides a place for the SPDX data creator to record the package URL string\n(in accordance with the Package URL specification) for a software Package. + PackageUrl ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" type:"http://www.w3.org/2001/XMLSchema#anyURI"` + // DownloadLocation Identifies the download Uniform Resource Identifier for the package at the time\nthat the document was created. + DownloadLocation ld.URI `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" type:"http://www.w3.org/2001/XMLSchema#anyURI"` } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +func (o *Package) asPackage() *Package { + return o } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +type PackageList []AnyPackage + +func (o *PackageList) AIPackages() ld.TypeSeq[AnyPackage, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +func (o *PackageList) DatasetPackages() ld.TypeSeq[AnyPackage, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) } -func (o *SecurityVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +func (o *PackageList) Packages() ld.TypeSeq[AnyPackage, *Package] { + return ld.NewTypeSeq(*o, castPackage) } -// Abstract class representing a license combination consisting of one or more licenses. -type SimplelicensingAnyLicenseInfo struct { - Element +type AnyPackageVerificationCode interface { + asPackageVerificationCode() *PackageVerificationCode } -func castSimplelicensingAnyLicenseInfo(o any) *SimplelicensingAnyLicenseInfo { - if o, ok := o.(AnySimplelicensingAnyLicenseInfo); ok { - return o.asSimplelicensingAnyLicenseInfo() - } - return nil +// PackageVerificationCode An SPDX version 2.X compatible verification method for software packages. +type PackageVerificationCode struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode"` + IntegrityMethod + // Algorithm Specifies the algorithm used for calculating the hash value. + Algorithm HashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm"` + // HashValue The result of applying a hash algorithm to an Element. + HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // PackageVerificationCodeExcludedFiles The relative file name of a file to be excluded from the\n`PackageVerificationCode`. + PackageVerificationCodeExcludedFiles []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *SimplelicensingAnyLicenseInfo) asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo { +func (o *PackageVerificationCode) asPackageVerificationCode() *PackageVerificationCode { return o } -type AnySimplelicensingAnyLicenseInfo interface { - AnyElement - asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo -} +type PackageVerificationCodeList []AnyPackageVerificationCode -type SimplelicensingAnyLicenseInfoList []AnySimplelicensingAnyLicenseInfo +func (o *PackageVerificationCodeList) PackageVerificationCodes() ld.TypeSeq[AnyPackageVerificationCode, *PackageVerificationCode] { + return ld.NewTypeSeq(*o, castPackageVerificationCode) +} -func (o *SimplelicensingAnyLicenseInfoList) SimplelicensingAnyLicenseInfoIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *SimplelicensingAnyLicenseInfo] { - return typeIter(*o, castSimplelicensingAnyLicenseInfo) +type AnyPerson interface { + asPerson() *Person } -func (o *SimplelicensingAnyLicenseInfoList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *SimplelicensingLicenseExpression] { - return typeIter(*o, castSimplelicensingLicenseExpression) + +// Person An individual human being. +type Person struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Person"` + Agent } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingConjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) + +func (o *Person) asPerson() *Person { + return o } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingDisjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) + +type PersonList []AnyPerson + +func (o *PersonList) People() ld.TypeSeq[AnyPerson, *Person] { + return ld.NewTypeSeq(*o, castPerson) } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingExtendableLicense] { - return typeIter(*o, castExpandedlicensingExtendableLicense) + +type AnyPositiveIntegerRange interface { + asPositiveIntegerRange() *PositiveIntegerRange } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingIndividualLicensingInfo] { - return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) + +// PositiveIntegerRange A tuple of two positive integers that define a range. +type PositiveIntegerRange struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` + ID string `iri:"@id"` + // EndIntegerRange Defines the end of a range. + EndIntegerRange ld.PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` + // BeginIntegerRange Defines the beginning of a range. + BeginIntegerRange ld.PositiveInt `iri:"https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" required:"true" type:"http://www.w3.org/2001/XMLSchema#positiveInteger"` } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) + +func (o *PositiveIntegerRange) asPositiveIntegerRange() *PositiveIntegerRange { + return o } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +type PositiveIntegerRangeList []AnyPositiveIntegerRange + +func (o *PositiveIntegerRangeList) PositiveIntegerRanges() ld.TypeSeq[AnyPositiveIntegerRange, *PositiveIntegerRange] { + return ld.NewTypeSeq(*o, castPositiveIntegerRange) } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) + +// PresenceType Categories of presence or absence. +type PresenceType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/PresenceType"` + id string `iri:"@id"` } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingWithAdditionOperator] { - return typeIter(*o, castExpandedlicensingWithAdditionOperator) + +// PresenceType_No Indicates absence of the field. +var PresenceType_No = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", } -func (o *SimplelicensingAnyLicenseInfoList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnySimplelicensingAnyLicenseInfo, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +// PresenceType_NoAssertion Makes no assertion about the field. +var PresenceType_NoAssertion = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", } -// An SPDX Element containing an SPDX license expression string. -type SimplelicensingLicenseExpression struct { - SimplelicensingAnyLicenseInfo +// PresenceType_Yes Indicates presence of the field. +var PresenceType_Yes = PresenceType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", +} - // Maps a LicenseRef or AdditionRef string for a Custom License or a Custom - // License Addition to its URI ID. - SimplelicensingCustomIdToUris DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" iri-compact:"simplelicensing_customIdToUri"` +// ProfileIdentifierType Enumeration of the valid profiles. +type ProfileIdentifierType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType"` + id string `iri:"@id"` +} - // A string in the license expression format. - SimplelicensingLicenseExpression string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" iri-compact:"simplelicensing_licenseExpression"` - // The version of the SPDX License List used in the license expression. - SimplelicensingLicenseListVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" iri-compact:"simplelicensing_licenseListVersion"` +// ProfileIdentifierType_Ai the element follows the AI profile specification +var ProfileIdentifierType_Ai = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", } -func castSimplelicensingLicenseExpression(o any) *SimplelicensingLicenseExpression { - if o, ok := o.(AnySimplelicensingLicenseExpression); ok { - return o.asSimplelicensingLicenseExpression() - } - return nil +// ProfileIdentifierType_Build the element follows the Build profile specification +var ProfileIdentifierType_Build = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build", } -func (o *SimplelicensingLicenseExpression) asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression { - return o +// ProfileIdentifierType_Core the element follows the Core profile specification +var ProfileIdentifierType_Core = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core", } -type AnySimplelicensingLicenseExpression interface { - AnySimplelicensingAnyLicenseInfo - asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression +// ProfileIdentifierType_Dataset the element follows the Dataset profile specification +var ProfileIdentifierType_Dataset = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset", } -type SimplelicensingLicenseExpressionList []AnySimplelicensingLicenseExpression +// ProfileIdentifierType_ExpandedLicensing the element follows the ExpandedLicensing profile specification +var ProfileIdentifierType_ExpandedLicensing = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing", +} -func (o *SimplelicensingLicenseExpressionList) SimplelicensingLicenseExpressionIter() iter.Seq2[AnySimplelicensingLicenseExpression, *SimplelicensingLicenseExpression] { - return typeIter(*o, castSimplelicensingLicenseExpression) +// ProfileIdentifierType_Extension the element follows the Extension profile specification +var ProfileIdentifierType_Extension = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension", } -// A license or addition that is not listed on the SPDX License List. -type SimplelicensingSimpleLicensingText struct { - Element +// ProfileIdentifierType_Lite the element follows the Lite profile specification +var ProfileIdentifierType_Lite = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite", +} - // Identifies the full text of a License or Addition. - SimplelicensingLicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +// ProfileIdentifierType_Security the element follows the Security profile specification +var ProfileIdentifierType_Security = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security", } -func castSimplelicensingSimpleLicensingText(o any) *SimplelicensingSimpleLicensingText { - if o, ok := o.(AnySimplelicensingSimpleLicensingText); ok { - return o.asSimplelicensingSimpleLicensingText() - } - return nil +// ProfileIdentifierType_SimpleLicensing the element follows the SimpleLicensing profile specification +var ProfileIdentifierType_SimpleLicensing = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing", } -func (o *SimplelicensingSimpleLicensingText) asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText { - return o +// ProfileIdentifierType_Software the element follows the Software profile specification +var ProfileIdentifierType_Software = ProfileIdentifierType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software", } -type AnySimplelicensingSimpleLicensingText interface { - AnyElement - asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText +type AnyRelationship interface { + asRelationship() *Relationship } -type SimplelicensingSimpleLicensingTextList []AnySimplelicensingSimpleLicensingText +// Relationship Describes a relationship between one or more elements. +type Relationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Relationship"` + Element + // Completeness Provides information about the completeness of relationships. + Completeness RelationshipCompleteness `iri:"https://spdx.org/rdf/3.0.1/terms/Core/completeness" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + // EndTime Specifies the time from which an element is no longer applicable / valid. + EndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/endTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // To References an Element on the right-hand side of a relationship. + To ElementList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/to" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // From References the Element on the left-hand side of a relationship. + From AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/from" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/Element"` + // RelationshipType Information about the relationship between two Elements. + RelationshipType RelationshipType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + // StartTime Specifies the time from which an element is applicable / valid. + StartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/startTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} -func (o *SimplelicensingSimpleLicensingTextList) SimplelicensingSimpleLicensingTextIter() iter.Seq2[AnySimplelicensingSimpleLicensingText, *SimplelicensingSimpleLicensingText] { - return typeIter(*o, castSimplelicensingSimpleLicensingText) +func (o *Relationship) asRelationship() *Relationship { + return o } -// A canonical, unique, immutable identifier -type SoftwareContentIdentifier struct { - IntegrityMethod +type RelationshipList []AnyRelationship - // Specifies the type of the content identifier. - SoftwareContentIdentifierType softwareContentIdentifierType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" iri-compact:"software_contentIdentifierType"` - // Specifies the value of the content identifier. - SoftwareContentIdentifierValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" iri-compact:"software_contentIdentifierValue"` +func (o *RelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) } -func castSoftwareContentIdentifier(o any) *SoftwareContentIdentifier { - if o, ok := o.(AnySoftwareContentIdentifier); ok { - return o.asSoftwareContentIdentifier() - } - return nil +func (o *RelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) } -func (o *SoftwareContentIdentifier) asSoftwareContentIdentifier() *SoftwareContentIdentifier { - return o +func (o *RelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) } -type AnySoftwareContentIdentifier interface { - AnyIntegrityMethod - asSoftwareContentIdentifier() *SoftwareContentIdentifier +func (o *RelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) } -type SoftwareContentIdentifierList []AnySoftwareContentIdentifier - -func (o *SoftwareContentIdentifierList) SoftwareContentIdentifierIter() iter.Seq2[AnySoftwareContentIdentifier, *SoftwareContentIdentifier] { - return typeIter(*o, castSoftwareContentIdentifier) +func (o *RelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) } -// Specifies the type of a content identifier. -type softwareContentIdentifierType struct { - ID string `iri:"@id"` +func (o *RelationshipList) LifecycleScopedRelationships() ld.TypeSeq[AnyRelationship, *LifecycleScopedRelationship] { + return ld.NewTypeSeq(*o, castLifecycleScopedRelationship) } -// [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg). -var SoftwareContentIdentifierType_Gitoid = softwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid"} - -// SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. -var SoftwareContentIdentifierType_Swhid = softwareContentIdentifierType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid"} +func (o *RelationshipList) Relationships() ld.TypeSeq[AnyRelationship, *Relationship] { + return ld.NewTypeSeq(*o, castRelationship) +} -// Enumeration of the different kinds of SPDX file. -type softwareFileKindType struct { - ID string `iri:"@id"` +func (o *RelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) } -// The file represents a directory and all content stored in that directory. -var SoftwareFileKindType_Directory = softwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory"} +func (o *RelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -// The file represents a single file (default). -var SoftwareFileKindType_File = softwareFileKindType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file"} +func (o *RelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +} -// Provides a set of values to be used to describe the common types of SBOMs that -// tools may create. -type softwareSbomType struct { - ID string `iri:"@id"` +func (o *RelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) } -// SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM. -var SoftwareSbomType_Analyzed = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed"} +func (o *RelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) +} -// SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. -var SoftwareSbomType_Build = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build"} +func (o *RelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) +} -// SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. -var SoftwareSbomType_Deployed = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed"} +func (o *RelationshipList) VulnAssessmentRelationships() ld.TypeSeq[AnyRelationship, *VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) +} -// SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. -var SoftwareSbomType_Design = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design"} +// RelationshipCompleteness Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. +type RelationshipCompleteness struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness"` + id string `iri:"@id"` +} -// SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. -var SoftwareSbomType_Runtime = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime"} +// RelationshipCompleteness_Complete The relationship is known to be exhaustive. +var RelationshipCompleteness_Complete = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", +} -// SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. -var SoftwareSbomType_Source = softwareSbomType{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source"} +// RelationshipCompleteness_Incomplete The relationship is known not to be exhaustive. +var RelationshipCompleteness_Incomplete = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete", +} -// Provides information about the primary purpose of an Element. -type softwareSoftwarePurpose struct { - ID string `iri:"@id"` +// RelationshipCompleteness_NoAssertion No assertion can be made about the completeness of the relationship. +var RelationshipCompleteness_NoAssertion = RelationshipCompleteness{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion", } -// The Element is a software application. -var SoftwareSoftwarePurpose_Application = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application"} +// RelationshipType Information about the relationship between two Elements. +type RelationshipType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType"` + id string `iri:"@id"` +} -// The Element is an archived collection of one or more files (.tar, .zip, etc.). -var SoftwareSoftwarePurpose_Archive = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive"} +// RelationshipType_Affects The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_Affects = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", +} -// The Element is a bill of materials. -var SoftwareSoftwarePurpose_Bom = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom"} +// RelationshipType_AmendedBy The `from` Element is amended by each `to` Element. +var RelationshipType_AmendedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy", +} -// The Element is configuration data. -var SoftwareSoftwarePurpose_Configuration = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration"} +// RelationshipType_AncestorOf The `from` Element is an ancestor of each `to` Element. +var RelationshipType_AncestorOf = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf", +} -// The Element is a container image which can be used by a container runtime application. -var SoftwareSoftwarePurpose_Container = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container"} +// RelationshipType_AvailableFrom The `from` Element is available from the additional supplier described by each `to` Element. +var RelationshipType_AvailableFrom = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom", +} -// The Element is data. -var SoftwareSoftwarePurpose_Data = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data"} +// RelationshipType_Configures The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. +var RelationshipType_Configures = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures", +} -// The Element refers to a chipset, processor, or electronic board. -var SoftwareSoftwarePurpose_Device = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device"} +// RelationshipType_Contains The `from` Element contains each `to` Element. +var RelationshipType_Contains = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains", +} -// The Element represents software that controls hardware devices. -var SoftwareSoftwarePurpose_DeviceDriver = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver"} +// RelationshipType_CoordinatedBy The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). +var RelationshipType_CoordinatedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy", +} -// The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. -var SoftwareSoftwarePurpose_DiskImage = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage"} +// RelationshipType_CopiedTo The `from` Element has been copied to each `to` Element. +var RelationshipType_CopiedTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo", +} -// The Element is documentation. -var SoftwareSoftwarePurpose_Documentation = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation"} +// RelationshipType_DelegatedTo The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). +var RelationshipType_DelegatedTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo", +} -// The Element is the evidence that a specification or requirement has been fulfilled. -var SoftwareSoftwarePurpose_Evidence = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence"} +// RelationshipType_DependsOn The `from` Element depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_DependsOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn", +} -// The Element is an Artifact that can be run on a computer. -var SoftwareSoftwarePurpose_Executable = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable"} +// RelationshipType_DescendantOf The `from` Element is a descendant of each `to` Element. +var RelationshipType_DescendantOf = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf", +} -// The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). -var SoftwareSoftwarePurpose_File = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file"} +// RelationshipType_Describes The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. +var RelationshipType_Describes = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes", +} -// The Element is a file system image that can be written to a disk (or virtual) partition. -var SoftwareSoftwarePurpose_FilesystemImage = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage"} +// RelationshipType_DoesNotAffect The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. +var RelationshipType_DoesNotAffect = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect", +} -// The Element provides low level control over a device's hardware. -var SoftwareSoftwarePurpose_Firmware = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware"} +// RelationshipType_ExpandsTo The `from` archive expands out as an artifact described by each `to` Element. +var RelationshipType_ExpandsTo = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo", +} -// The Element is a software framework. -var SoftwareSoftwarePurpose_Framework = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework"} +// RelationshipType_ExploitCreatedBy The `from` Vulnerability has had an exploit created against it by each `to` Agent. +var RelationshipType_ExploitCreatedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy", +} -// The Element is used to install software on disk. -var SoftwareSoftwarePurpose_Install = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install"} +// RelationshipType_FixedBy Designates a `from` Vulnerability has been fixed by the `to` Agent(s). +var RelationshipType_FixedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy", +} -// The Element is a software library. -var SoftwareSoftwarePurpose_Library = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library"} +// RelationshipType_FixedIn A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. +var RelationshipType_FixedIn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn", +} -// The Element is a software manifest. -var SoftwareSoftwarePurpose_Manifest = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest"} +// RelationshipType_FoundBy Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). +var RelationshipType_FoundBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy", +} -// The Element is a machine learning or artificial intelligence model. -var SoftwareSoftwarePurpose_Model = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model"} +// RelationshipType_Generates The `from` Element generates each `to` Element. +var RelationshipType_Generates = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates", +} -// The Element is a module of a piece of software. -var SoftwareSoftwarePurpose_Module = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module"} +// RelationshipType_HasAddedFile Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). +var RelationshipType_HasAddedFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile", +} -// The Element is an operating system. -var SoftwareSoftwarePurpose_OperatingSystem = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem"} +// RelationshipType_HasAssessmentFor Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types. +var RelationshipType_HasAssessmentFor = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor", +} -// The Element doesn't fit into any of the other categories. -var SoftwareSoftwarePurpose_Other = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other"} +// RelationshipType_HasAssociatedVulnerability Used to associate a `from` Artifact with each `to` Vulnerability. +var RelationshipType_HasAssociatedVulnerability = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability", +} -// The Element contains a set of changes to update, fix, or improve another Element. -var SoftwareSoftwarePurpose_Patch = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch"} +// RelationshipType_HasConcludedLicense The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license. +var RelationshipType_HasConcludedLicense = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense", +} -// The Element represents a runtime environment. -var SoftwareSoftwarePurpose_Platform = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform"} +// RelationshipType_HasDataFile The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency. +var RelationshipType_HasDataFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile", +} -// The Element provides a requirement needed as input for another Element. -var SoftwareSoftwarePurpose_Requirement = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement"} +// RelationshipType_HasDeclaredLicense The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. +var RelationshipType_HasDeclaredLicense = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense", +} -// The Element is a single or a collection of source files. -var SoftwareSoftwarePurpose_Source = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source"} +// RelationshipType_HasDeletedFile Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). +var RelationshipType_HasDeletedFile = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile", +} -// The Element is a plan, guideline or strategy how to create, perform or analyze an application. -var SoftwareSoftwarePurpose_Specification = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification"} +// RelationshipType_HasDependencyManifest The `from` Element has manifest files that contain dependency information in each `to` Element. +var RelationshipType_HasDependencyManifest = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest", +} -// The Element is a test used to verify functionality on an software element. -var SoftwareSoftwarePurpose_Test = softwareSoftwarePurpose{ID: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test"} +// RelationshipType_HasDistributionArtifact The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file). +var RelationshipType_HasDistributionArtifact = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact", +} -// Class that describes a build instance of software/artifacts. -type BuildBuild struct { - Element +// RelationshipType_HasDocumentation The `from` Element is documented by each `to` Element. +var RelationshipType_HasDocumentation = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation", +} - // Property that describes the time at which a build stops. - BuildBuildEndTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" iri-compact:"build_buildEndTime"` - // A buildId is a locally unique identifier used by a builder to identify a unique - // instance of a build produced by it. - BuildBuildId string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildId" iri-compact:"build_buildId"` - // Property describing the start time of a build. - BuildBuildStartTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" iri-compact:"build_buildStartTime"` - // A buildType is a hint that is used to indicate the toolchain, platform, or - // infrastructure that the build was invoked on. - BuildBuildType string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/buildType" iri-compact:"build_buildType"` - // Property that describes the digest of the build configuration file used to - // invoke a build. - BuildConfigSourceDigests HashList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" iri-compact:"build_configSourceDigest"` +// RelationshipType_HasDynamicLink The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasDynamicLink = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink", +} - // Property describes the invocation entrypoint of a build. - BuildConfigSourceEntrypoints []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" iri-compact:"build_configSourceEntrypoint"` - // Property that describes the URI of the build configuration source file. - BuildConfigSourceUris []string `iri:"https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" iri-compact:"build_configSourceUri"` - // Property describing the session in which a build is invoked. - BuildEnvironments DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/environment" iri-compact:"build_environment"` +// RelationshipType_HasEvidence Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). +var RelationshipType_HasEvidence = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence", +} - // Property describing a parameter used in an instance of a build. - BuildParameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Build/parameter" iri-compact:"build_parameter"` +// RelationshipType_HasExample Every `to` Element is an example for the `from` Element (`from` hasExample `to`). +var RelationshipType_HasExample = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample", } -func castBuildBuild(o any) *BuildBuild { - if o, ok := o.(AnyBuildBuild); ok { - return o.asBuildBuild() - } - return nil +// RelationshipType_HasHost The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). +var RelationshipType_HasHost = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost", } -func (o *BuildBuild) asBuildBuild() *BuildBuild { - return o +// RelationshipType_HasInput The `from` Build has each `to` Element as an input, during a LifecycleScopeType period. +var RelationshipType_HasInput = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput", } -type AnyBuildBuild interface { - AnyElement - asBuildBuild() *BuildBuild +// RelationshipType_HasMetadata Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). +var RelationshipType_HasMetadata = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata", } -type BuildBuildList []AnyBuildBuild +// RelationshipType_HasOptionalComponent Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). +var RelationshipType_HasOptionalComponent = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent", +} -func (o *BuildBuildList) BuildBuildIter() iter.Seq2[AnyBuildBuild, *BuildBuild] { - return typeIter(*o, castBuildBuild) +// RelationshipType_HasOptionalDependency The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasOptionalDependency = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency", } -// Agent represents anything with the potential to act on a system. -type Agent struct { - Element +// RelationshipType_HasOutput The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. +var RelationshipType_HasOutput = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput", } -func castAgent(o any) *Agent { - if o, ok := o.(AnyAgent); ok { - return o.asAgent() - } - return nil +// RelationshipType_HasPrerequisite The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasPrerequisite = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite", } -func (o *Agent) asAgent() *Agent { - return o +// RelationshipType_HasProvidedDependency The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. +var RelationshipType_HasProvidedDependency = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency", } -type AnyAgent interface { - AnyElement - asAgent() *Agent +// RelationshipType_HasRequirement The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasRequirement = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement", } -type AgentList []AnyAgent +// RelationshipType_HasSpecification Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. +var RelationshipType_HasSpecification = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification", +} -func (o *AgentList) AgentIter() iter.Seq2[AnyAgent, *Agent] { return typeIter(*o, castAgent) } -func (o *AgentList) OrganizationIter() iter.Seq2[AnyAgent, *Organization] { - return typeIter(*o, castOrganization) +// RelationshipType_HasStaticLink The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. +var RelationshipType_HasStaticLink = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink", } -func (o *AgentList) PersonIter() iter.Seq2[AnyAgent, *Person] { return typeIter(*o, castPerson) } -func (o *AgentList) SoftwareAgentIter() iter.Seq2[AnyAgent, *SoftwareAgent] { - return typeIter(*o, castSoftwareAgent) + +// RelationshipType_HasTest Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. +var RelationshipType_HasTest = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest", } -// An assertion made in relation to one or more elements. -type Annotation struct { - Element +// RelationshipType_HasTestCase Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). +var RelationshipType_HasTestCase = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase", +} - // Describes the type of annotation. - AnnotationType annotationType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/annotationType" iri-compact:"annotationType"` - // Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` - // Commentary on an assertion that an annotator has made. - Statement string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/statement" iri-compact:"statement"` - // An Element an annotator has made an assertion about. - Subject AnyElement `iri:"https://spdx.org/rdf/3.0.1/terms/Core/subject" iri-compact:"subject"` +// RelationshipType_HasVariant Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). +var RelationshipType_HasVariant = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant", } -func castAnnotation(o any) *Annotation { - if o, ok := o.(AnyAnnotation); ok { - return o.asAnnotation() - } - return nil +// RelationshipType_InvokedBy The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). +var RelationshipType_InvokedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy", } -func (o *Annotation) asAnnotation() *Annotation { - return o +// RelationshipType_ModifiedBy The `from` Element is modified by each `to` Element. +var RelationshipType_ModifiedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy", } -type AnyAnnotation interface { - AnyElement - asAnnotation() *Annotation +// RelationshipType_Other Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless). +var RelationshipType_Other = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other", } -type AnnotationList []AnyAnnotation +// RelationshipType_PackagedBy Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). +var RelationshipType_PackagedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy", +} -func (o *AnnotationList) AnnotationIter() iter.Seq2[AnyAnnotation, *Annotation] { - return typeIter(*o, castAnnotation) +// RelationshipType_PatchedBy Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). +var RelationshipType_PatchedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy", } -// A distinct article or unit within the digital domain. -type Artifact struct { - Element +// RelationshipType_PublishedBy Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. +var RelationshipType_PublishedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy", +} - // Specifies the time an artifact was built. - BuiltTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/builtTime" iri-compact:"builtTime"` - // Identifies from where or whom the Element originally came. - OriginatedBys AgentList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" iri-compact:"originatedBy"` +// RelationshipType_ReportedBy Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. +var RelationshipType_ReportedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy", +} - // Specifies the time an artifact was released. - ReleaseTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" iri-compact:"releaseTime"` - // The name of a relevant standard that may apply to an artifact. - StandardNames []string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/standardName" iri-compact:"standardName"` - // Identifies who or what supplied the artifact or VulnAssessmentRelationship - // referenced by the Element. - SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" iri-compact:"suppliedBy"` +// RelationshipType_RepublishedBy Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. +var RelationshipType_RepublishedBy = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy", +} - // Specifies the level of support associated with an artifact. - SupportLevels []supportType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" iri-compact:"supportLevel"` - // Specifies until when the artifact can be used before its usage needs to be - // reassessed. - ValidUntilTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" iri-compact:"validUntilTime"` +// RelationshipType_SerializedInArtifact The `from` SpdxDocument can be found in a serialized form in each `to` Artifact. +var RelationshipType_SerializedInArtifact = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact", } -func castArtifact(o any) *Artifact { - if o, ok := o.(AnyArtifact); ok { - return o.asArtifact() - } - return nil +// RelationshipType_TestedOn The `from` Element has been tested on the `to` Element(s). +var RelationshipType_TestedOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn", } -func (o *Artifact) asArtifact() *Artifact { - return o +// RelationshipType_TrainedOn The `from` Element has been trained on the `to` Element(s). +var RelationshipType_TrainedOn = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn", } -type AnyArtifact interface { - AnyElement - asArtifact() *Artifact +// RelationshipType_UnderInvestigationFor The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. +var RelationshipType_UnderInvestigationFor = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor", } -type ArtifactList []AnyArtifact +// RelationshipType_UsesTool The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. +var RelationshipType_UsesTool = RelationshipType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", +} -func (o *ArtifactList) ArtifactIter() iter.Seq2[AnyArtifact, *Artifact] { - return typeIter(*o, castArtifact) +// SafetyRiskAssessmentType Specifies the safety risk level. +type SafetyRiskAssessmentType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType"` + id string `iri:"@id"` } -func (o *ArtifactList) SecurityVulnerabilityIter() iter.Seq2[AnyArtifact, *SecurityVulnerability] { - return typeIter(*o, castSecurityVulnerability) + +// SafetyRiskAssessmentType_High The second-highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_High = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", } -func (o *ArtifactList) SoftwareSoftwareArtifactIter() iter.Seq2[AnyArtifact, *SoftwareSoftwareArtifact] { - return typeIter(*o, castSoftwareSoftwareArtifact) + +// SafetyRiskAssessmentType_Low Low/no risk is posed by an AI system. +var SafetyRiskAssessmentType_Low = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low", } -func (o *ArtifactList) SoftwareFileIter() iter.Seq2[AnyArtifact, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) + +// SafetyRiskAssessmentType_Medium The third-highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_Medium = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium", } -func (o *ArtifactList) SoftwarePackageIter() iter.Seq2[AnyArtifact, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) + +// SafetyRiskAssessmentType_Serious The highest level of risk posed by an AI system. +var SafetyRiskAssessmentType_Serious = SafetyRiskAssessmentType{ + id: "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", } -func (o *ArtifactList) SoftwareSnippetIter() iter.Seq2[AnyArtifact, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) + +type AnySbom interface { + asSbom() *Sbom } -func (o *ArtifactList) AiAIPackageIter() iter.Seq2[AnyArtifact, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +// Sbom A collection of SPDX Elements describing a single package. +type Sbom struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Sbom"` + Bom + // SbomTypes Provides information about the type of an SBOM. + SbomTypes []SbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" type:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` } -func (o *ArtifactList) DatasetDatasetPackageIter() iter.Seq2[AnyArtifact, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func (o *Sbom) asSbom() *Sbom { + return o } -// A collection of Elements that have a shared context. -type Bundle struct { - ElementCollection +type SbomList []AnySbom - // Gives information about the circumstances or unifying properties - // that Elements of the bundle have been assembled under. - Context string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/context" iri-compact:"context"` +func (o *SbomList) Sboms() ld.TypeSeq[AnySbom, *Sbom] { + return ld.NewTypeSeq(*o, castSbom) } -func castBundle(o any) *Bundle { - if o, ok := o.(AnyBundle); ok { - return o.asBundle() - } - return nil +// SbomType Provides a set of values to be used to describe the common types of SBOMs that\ntools may create. +type SbomType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SbomType"` + id string `iri:"@id"` } -func (o *Bundle) asBundle() *Bundle { - return o +// SbomType_Analyzed SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM. +var SbomType_Analyzed = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", } -type AnyBundle interface { - AnyElementCollection - asBundle() *Bundle +// SbomType_Build SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. +var SbomType_Build = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build", } -type BundleList []AnyBundle - -func (o *BundleList) BundleIter() iter.Seq2[AnyBundle, *Bundle] { return typeIter(*o, castBundle) } -func (o *BundleList) BomIter() iter.Seq2[AnyBundle, *Bom] { return typeIter(*o, castBom) } -func (o *BundleList) SoftwareSbomIter() iter.Seq2[AnyBundle, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) +// SbomType_Deployed SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. +var SbomType_Deployed = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed", } -// A mathematically calculated representation of a grouping of data. -type Hash struct { - IntegrityMethod +// SbomType_Design SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. +var SbomType_Design = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design", +} - // Specifies the algorithm used for calculating the hash value. - Algorithm hashAlgorithm `iri:"https://spdx.org/rdf/3.0.1/terms/Core/algorithm" iri-compact:"algorithm"` - // The result of applying a hash algorithm to an Element. - HashValue string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/hashValue" iri-compact:"hashValue"` +// SbomType_Runtime SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM. +var SbomType_Runtime = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime", } -func castHash(o any) *Hash { - if o, ok := o.(AnyHash); ok { - return o.asHash() - } - return nil +// SbomType_Source SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. +var SbomType_Source = SbomType{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source", } -func (o *Hash) asHash() *Hash { - return o +type AnySimpleLicensingText interface { + asSimpleLicensingText() *SimpleLicensingText } -type AnyHash interface { - AnyIntegrityMethod - asHash() *Hash +// SimpleLicensingText A license or addition that is not listed on the SPDX License List. +type SimpleLicensingText struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText"` + Element + // LicenseText Identifies the full text of a License or Addition. + LicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` } -type HashList []AnyHash +func (o *SimpleLicensingText) asSimpleLicensingText() *SimpleLicensingText { + return o +} -func (o *HashList) HashIter() iter.Seq2[AnyHash, *Hash] { return typeIter(*o, castHash) } +type SimpleLicensingTextList []AnySimpleLicensingText -// Provide context for a relationship that occurs in the lifecycle. -type LifecycleScopedRelationship struct { - Relationship +func (o *SimpleLicensingTextList) SimpleLicensingTexts() ld.TypeSeq[AnySimpleLicensingText, *SimpleLicensingText] { + return ld.NewTypeSeq(*o, castSimpleLicensingText) +} - // Capture the scope of information about a specific relationship between elements. - Scope lifecycleScopeType `iri:"https://spdx.org/rdf/3.0.1/terms/Core/scope" iri-compact:"scope"` +type AnySnippet interface { + asSnippet() *Snippet } -func castLifecycleScopedRelationship(o any) *LifecycleScopedRelationship { - if o, ok := o.(AnyLifecycleScopedRelationship); ok { - return o.asLifecycleScopedRelationship() - } - return nil +// Snippet Describes a certain part of a file. +type Snippet struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/Snippet"` + SoftwareArtifact + // SnippetFromFile Defines the original host file that the snippet information applies to. + SnippetFromFile AnyFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Software/File"` + // LineRange Defines the line range in the original host file that the snippet information\napplies to. + LineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` + // ByteRange Defines the byte range in the original host file that the snippet information\napplies to. + ByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" type:"https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange"` } -func (o *LifecycleScopedRelationship) asLifecycleScopedRelationship() *LifecycleScopedRelationship { +func (o *Snippet) asSnippet() *Snippet { return o } -type AnyLifecycleScopedRelationship interface { - AnyRelationship - asLifecycleScopedRelationship() *LifecycleScopedRelationship -} +type SnippetList []AnySnippet -type LifecycleScopedRelationshipList []AnyLifecycleScopedRelationship +func (o *SnippetList) Snippets() ld.TypeSeq[AnySnippet, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) +} -func (o *LifecycleScopedRelationshipList) LifecycleScopedRelationshipIter() iter.Seq2[AnyLifecycleScopedRelationship, *LifecycleScopedRelationship] { - return typeIter(*o, castLifecycleScopedRelationship) +type AnySoftwareAgent interface { + asSoftwareAgent() *SoftwareAgent } -// A group of people who work together in an organized way for a shared purpose. -type Organization struct { +// SoftwareAgent A software agent. +type SoftwareAgent struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent"` Agent } -// An Organization representing the SPDX Project. -var Organization_SpdxOrganization = Organization{Agent: Agent{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization"}}} +func (o *SoftwareAgent) asSoftwareAgent() *SoftwareAgent { + return o +} -func castOrganization(o any) *Organization { - if o, ok := o.(AnyOrganization); ok { - return o.asOrganization() - } - return nil +type SoftwareAgentList []AnySoftwareAgent + +func (o *SoftwareAgentList) SoftwareAgents() ld.TypeSeq[AnySoftwareAgent, *SoftwareAgent] { + return ld.NewTypeSeq(*o, castSoftwareAgent) } -func (o *Organization) asOrganization() *Organization { +type AnySoftwareArtifact interface { + asSoftwareArtifact() *SoftwareArtifact +} + +// SoftwareArtifact A distinct article or unit related to Software. +type SoftwareArtifact struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + Artifact + // ContentIdentifiers A canonical, unique, immutable identifier of the artifact content, that may be\nused for verifying its identity and/or integrity. + ContentIdentifiers ContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" type:"https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier"` + // AttributionTexts Provides a place for the SPDX data creator to record acknowledgement text for\na software Package, File or Snippet. + AttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" type:"http://www.w3.org/2001/XMLSchema#string"` + // AdditionalPurposes Provides additional purpose information of the software artifact. + AdditionalPurposes []SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // PrimaryPurpose Provides information about the primary purpose of the software artifact. + PrimaryPurpose SoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + // CopyrightText Identifies the text of one or more copyright notices for a software Package,\nFile or Snippet, if any. + CopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" type:"http://www.w3.org/2001/XMLSchema#string"` +} + +func (o *SoftwareArtifact) asSoftwareArtifact() *SoftwareArtifact { return o } -type AnyOrganization interface { - AnyAgent - asOrganization() *Organization +type SoftwareArtifactList []AnySoftwareArtifact + +func (o *SoftwareArtifactList) AIPackages() ld.TypeSeq[AnySoftwareArtifact, *AIPackage] { + return ld.NewTypeSeq(*o, castAIPackage) } -type OrganizationList []AnyOrganization +func (o *SoftwareArtifactList) DatasetPackages() ld.TypeSeq[AnySoftwareArtifact, *DatasetPackage] { + return ld.NewTypeSeq(*o, castDatasetPackage) +} -func (o *OrganizationList) OrganizationIter() iter.Seq2[AnyOrganization, *Organization] { - return typeIter(*o, castOrganization) +func (o *SoftwareArtifactList) Files() ld.TypeSeq[AnySoftwareArtifact, *File] { + return ld.NewTypeSeq(*o, castFile) } -// An individual human being. -type Person struct { - Agent +func (o *SoftwareArtifactList) Packages() ld.TypeSeq[AnySoftwareArtifact, *Package] { + return ld.NewTypeSeq(*o, castPackage) } -func castPerson(o any) *Person { - if o, ok := o.(AnyPerson); ok { - return o.asPerson() - } - return nil +func (o *SoftwareArtifactList) Snippets() ld.TypeSeq[AnySoftwareArtifact, *Snippet] { + return ld.NewTypeSeq(*o, castSnippet) } -func (o *Person) asPerson() *Person { - return o +func (o *SoftwareArtifactList) SoftwareArtifacts() ld.TypeSeq[AnySoftwareArtifact, *SoftwareArtifact] { + return ld.NewTypeSeq(*o, castSoftwareArtifact) } -type AnyPerson interface { - AnyAgent - asPerson() *Person +// SoftwarePurpose Provides information about the primary purpose of an Element. +type SoftwarePurpose struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose"` + id string `iri:"@id"` } -type PersonList []AnyPerson +// SoftwarePurpose_Application The Element is a software application. +var SoftwarePurpose_Application = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", +} -func (o *PersonList) PersonIter() iter.Seq2[AnyPerson, *Person] { return typeIter(*o, castPerson) } +// SoftwarePurpose_Archive The Element is an archived collection of one or more files (.tar, .zip, etc.). +var SoftwarePurpose_Archive = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", +} -// A software agent. -type SoftwareAgent struct { - Agent +// SoftwarePurpose_Bom The Element is a bill of materials. +var SoftwarePurpose_Bom = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", } -func castSoftwareAgent(o any) *SoftwareAgent { - if o, ok := o.(AnySoftwareAgent); ok { - return o.asSoftwareAgent() - } - return nil +// SoftwarePurpose_Configuration The Element is configuration data. +var SoftwarePurpose_Configuration = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", } -func (o *SoftwareAgent) asSoftwareAgent() *SoftwareAgent { - return o +// SoftwarePurpose_Container The Element is a container image which can be used by a container runtime application. +var SoftwarePurpose_Container = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", } -type AnySoftwareAgent interface { - AnyAgent - asSoftwareAgent() *SoftwareAgent +// SoftwarePurpose_Data The Element is data. +var SoftwarePurpose_Data = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", } -type SoftwareAgentList []AnySoftwareAgent +// SoftwarePurpose_Device The Element refers to a chipset, processor, or electronic board. +var SoftwarePurpose_Device = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", +} -func (o *SoftwareAgentList) SoftwareAgentIter() iter.Seq2[AnySoftwareAgent, *SoftwareAgent] { - return typeIter(*o, castSoftwareAgent) +// SoftwarePurpose_DeviceDriver The Element represents software that controls hardware devices. +var SoftwarePurpose_DeviceDriver = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", } -// Portion of an AnyLicenseInfo representing a set of licensing information -// where all elements apply. -type ExpandedlicensingConjunctiveLicenseSet struct { - SimplelicensingAnyLicenseInfo +// SoftwarePurpose_DiskImage The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. +var SoftwarePurpose_DiskImage = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", +} - // A license expression participating in a license set. - ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` +// SoftwarePurpose_Documentation The Element is documentation. +var SoftwarePurpose_Documentation = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", } -func castExpandedlicensingConjunctiveLicenseSet(o any) *ExpandedlicensingConjunctiveLicenseSet { - if o, ok := o.(AnyExpandedlicensingConjunctiveLicenseSet); ok { - return o.asExpandedlicensingConjunctiveLicenseSet() - } - return nil +// SoftwarePurpose_Evidence The Element is the evidence that a specification or requirement has been fulfilled. +var SoftwarePurpose_Evidence = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", } -func (o *ExpandedlicensingConjunctiveLicenseSet) asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet { - return o +// SoftwarePurpose_Executable The Element is an Artifact that can be run on a computer. +var SoftwarePurpose_Executable = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", } -type AnyExpandedlicensingConjunctiveLicenseSet interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet +// SoftwarePurpose_File The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.). +var SoftwarePurpose_File = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", } -type ExpandedlicensingConjunctiveLicenseSetList []AnyExpandedlicensingConjunctiveLicenseSet +// SoftwarePurpose_FilesystemImage The Element is a file system image that can be written to a disk (or virtual) partition. +var SoftwarePurpose_FilesystemImage = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", +} -func (o *ExpandedlicensingConjunctiveLicenseSetList) ExpandedlicensingConjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingConjunctiveLicenseSet, *ExpandedlicensingConjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingConjunctiveLicenseSet) +// SoftwarePurpose_Firmware The Element provides low level control over a device's hardware. +var SoftwarePurpose_Firmware = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", } -// A license addition that is not listed on the SPDX Exceptions List. -type ExpandedlicensingCustomLicenseAddition struct { - ExpandedlicensingLicenseAddition +// SoftwarePurpose_Framework The Element is a software framework. +var SoftwarePurpose_Framework = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", } -func castExpandedlicensingCustomLicenseAddition(o any) *ExpandedlicensingCustomLicenseAddition { - if o, ok := o.(AnyExpandedlicensingCustomLicenseAddition); ok { - return o.asExpandedlicensingCustomLicenseAddition() - } - return nil +// SoftwarePurpose_Install The Element is used to install software on disk. +var SoftwarePurpose_Install = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", } -func (o *ExpandedlicensingCustomLicenseAddition) asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition { - return o +// SoftwarePurpose_Library The Element is a software library. +var SoftwarePurpose_Library = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", } -type AnyExpandedlicensingCustomLicenseAddition interface { - AnyExpandedlicensingLicenseAddition - asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition +// SoftwarePurpose_Manifest The Element is a software manifest. +var SoftwarePurpose_Manifest = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", } -type ExpandedlicensingCustomLicenseAdditionList []AnyExpandedlicensingCustomLicenseAddition +// SoftwarePurpose_Model The Element is a machine learning or artificial intelligence model. +var SoftwarePurpose_Model = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", +} -func (o *ExpandedlicensingCustomLicenseAdditionList) ExpandedlicensingCustomLicenseAdditionIter() iter.Seq2[AnyExpandedlicensingCustomLicenseAddition, *ExpandedlicensingCustomLicenseAddition] { - return typeIter(*o, castExpandedlicensingCustomLicenseAddition) +// SoftwarePurpose_Module The Element is a module of a piece of software. +var SoftwarePurpose_Module = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", } -// Portion of an AnyLicenseInfo representing a set of licensing information where -// only one of the elements applies. -type ExpandedlicensingDisjunctiveLicenseSet struct { - SimplelicensingAnyLicenseInfo +// SoftwarePurpose_OperatingSystem The Element is an operating system. +var SoftwarePurpose_OperatingSystem = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", +} - // A license expression participating in a license set. - ExpandedlicensingMembers SimplelicensingAnyLicenseInfoList `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" iri-compact:"expandedlicensing_member"` +// SoftwarePurpose_Other The Element doesn't fit into any of the other categories. +var SoftwarePurpose_Other = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", } -func castExpandedlicensingDisjunctiveLicenseSet(o any) *ExpandedlicensingDisjunctiveLicenseSet { - if o, ok := o.(AnyExpandedlicensingDisjunctiveLicenseSet); ok { - return o.asExpandedlicensingDisjunctiveLicenseSet() - } - return nil +// SoftwarePurpose_Patch The Element contains a set of changes to update, fix, or improve another Element. +var SoftwarePurpose_Patch = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", } -func (o *ExpandedlicensingDisjunctiveLicenseSet) asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet { - return o +// SoftwarePurpose_Platform The Element represents a runtime environment. +var SoftwarePurpose_Platform = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", } -type AnyExpandedlicensingDisjunctiveLicenseSet interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet +// SoftwarePurpose_Requirement The Element provides a requirement needed as input for another Element. +var SoftwarePurpose_Requirement = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", } -type ExpandedlicensingDisjunctiveLicenseSetList []AnyExpandedlicensingDisjunctiveLicenseSet +// SoftwarePurpose_Source The Element is a single or a collection of source files. +var SoftwarePurpose_Source = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", +} -func (o *ExpandedlicensingDisjunctiveLicenseSetList) ExpandedlicensingDisjunctiveLicenseSetIter() iter.Seq2[AnyExpandedlicensingDisjunctiveLicenseSet, *ExpandedlicensingDisjunctiveLicenseSet] { - return typeIter(*o, castExpandedlicensingDisjunctiveLicenseSet) +// SoftwarePurpose_Specification The Element is a plan, guideline or strategy how to create, perform or analyze an application. +var SoftwarePurpose_Specification = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", } -// Abstract class representing a License or an OrLaterOperator. -type ExpandedlicensingExtendableLicense struct { - SimplelicensingAnyLicenseInfo +// SoftwarePurpose_Test The Element is a test used to verify functionality on an software element. +var SoftwarePurpose_Test = SoftwarePurpose{ + id: "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", } -func castExpandedlicensingExtendableLicense(o any) *ExpandedlicensingExtendableLicense { - if o, ok := o.(AnyExpandedlicensingExtendableLicense); ok { - return o.asExpandedlicensingExtendableLicense() - } - return nil +type AnySpdxDocument interface { + asSpdxDocument() *SpdxDocument } -func (o *ExpandedlicensingExtendableLicense) asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense { - return o +// SpdxDocument A collection of SPDX Elements that could potentially be serialized. +type SpdxDocument struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument"` + ElementCollection + // DataLicense Provides the license under which the SPDX documentation of the Element can be\nused. + DataLicense AnyLicenseInfo `iri:"https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" type:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo"` + // NamespaceMaps Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + NamespaceMaps NamespaceMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" type:"https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap"` + // Imports Provides an ExternalMap of Element identifiers. + Imports ExternalMapList `iri:"https://spdx.org/rdf/3.0.1/terms/Core/import" type:"https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap"` } -type AnyExpandedlicensingExtendableLicense interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense +func (o *SpdxDocument) asSpdxDocument() *SpdxDocument { + return o } -type ExpandedlicensingExtendableLicenseList []AnyExpandedlicensingExtendableLicense +type SpdxDocumentList []AnySpdxDocument -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingExtendableLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingExtendableLicense] { - return typeIter(*o, castExpandedlicensingExtendableLicense) +func (o *SpdxDocumentList) SpdxDocuments() ld.TypeSeq[AnySpdxDocument, *SpdxDocument] { + return ld.NewTypeSeq(*o, castSpdxDocument) } -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) -} -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +// SsvcDecisionType Specifies the SSVC decision type. +type SsvcDecisionType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` + id string `iri:"@id"` } -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) + +// SsvcDecisionType_Act The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. +var SsvcDecisionType_Act = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", } -func (o *ExpandedlicensingExtendableLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingExtendableLicense, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +// SsvcDecisionType_Attend The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. +var SsvcDecisionType_Attend = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend", } -// A concrete subclass of AnyLicenseInfo used by Individuals in the -// ExpandedLicensing profile. -type ExpandedlicensingIndividualLicensingInfo struct { - SimplelicensingAnyLicenseInfo +// SsvcDecisionType_Track The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. +var SsvcDecisionType_Track = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track", } -// An Individual Value for License when no assertion can be made about its actual -// value. -var ExpandedlicensingIndividualLicensingInfo_NoAssertionLicense = ExpandedlicensingIndividualLicensingInfo{SimplelicensingAnyLicenseInfo: SimplelicensingAnyLicenseInfo{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense"}}} +// SsvcDecisionType_TrackStar (\"Track\\*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\\* vulnerabilities within standard update timelines. +var SsvcDecisionType_TrackStar = SsvcDecisionType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar", +} -// An Individual Value for License where the SPDX data creator determines that no -// license is present. -var ExpandedlicensingIndividualLicensingInfo_NoneLicense = ExpandedlicensingIndividualLicensingInfo{SimplelicensingAnyLicenseInfo: SimplelicensingAnyLicenseInfo{Element: Element{ID: "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense"}}} +type AnySsvcVulnAssessmentRelationship interface { + asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship +} -func castExpandedlicensingIndividualLicensingInfo(o any) *ExpandedlicensingIndividualLicensingInfo { - if o, ok := o.(AnyExpandedlicensingIndividualLicensingInfo); ok { - return o.asExpandedlicensingIndividualLicensingInfo() - } - return nil +// SsvcVulnAssessmentRelationship Provides an SSVC assessment for a vulnerability. +type SsvcVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship"` + VulnAssessmentRelationship + // DecisionType Provide the enumeration of possible decisions in the\n[Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). + DecisionType SsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType"` } -func (o *ExpandedlicensingIndividualLicensingInfo) asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo { +func (o *SsvcVulnAssessmentRelationship) asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship { return o } -type AnyExpandedlicensingIndividualLicensingInfo interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo +type SsvcVulnAssessmentRelationshipList []AnySsvcVulnAssessmentRelationship + +func (o *SsvcVulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnySsvcVulnAssessmentRelationship, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) } -type ExpandedlicensingIndividualLicensingInfoList []AnyExpandedlicensingIndividualLicensingInfo +// SupportType Indicates the type of support that is associated with an artifact. +type SupportType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/SupportType"` + id string `iri:"@id"` +} -func (o *ExpandedlicensingIndividualLicensingInfoList) ExpandedlicensingIndividualLicensingInfoIter() iter.Seq2[AnyExpandedlicensingIndividualLicensingInfo, *ExpandedlicensingIndividualLicensingInfo] { - return typeIter(*o, castExpandedlicensingIndividualLicensingInfo) +// SupportType_Deployed in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. +var SupportType_Deployed = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", } -// Abstract class for the portion of an AnyLicenseInfo representing a license. -type ExpandedlicensingLicense struct { - ExpandedlicensingExtendableLicense +// SupportType_Development the artifact is in active development and is not considered ready for formal support from the supplier. +var SupportType_Development = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development", +} - // Specifies whether a license or additional text identifier has been marked as - // deprecated. - ExpandedlicensingIsDeprecatedLicenseId bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" iri-compact:"expandedlicensing_isDeprecatedLicenseId"` - // Specifies whether the License is listed as free by the - // Free Software Foundation (FSF). - ExpandedlicensingIsFsfLibre bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" iri-compact:"expandedlicensing_isFsfLibre"` - // Specifies whether the License is listed as approved by the - // Open Source Initiative (OSI). - ExpandedlicensingIsOsiApproved bool `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" iri-compact:"expandedlicensing_isOsiApproved"` - // Identifies all the text and metadata associated with a license in the license - // XML format. - ExpandedlicensingLicenseXml string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" iri-compact:"expandedlicensing_licenseXml"` - // Specifies the licenseId that is preferred to be used in place of a deprecated - // License or LicenseAddition. - ExpandedlicensingObsoletedBy string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" iri-compact:"expandedlicensing_obsoletedBy"` - // Contains a URL where the License or LicenseAddition can be found in use. - ExpandedlicensingSeeAlsos []string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" iri-compact:"expandedlicensing_seeAlso"` - // Provides a License author's preferred text to indicate that a file is covered - // by the License. - ExpandedlicensingStandardLicenseHeader string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" iri-compact:"expandedlicensing_standardLicenseHeader"` - // Identifies the full text of a License, in SPDX templating format. - ExpandedlicensingStandardLicenseTemplate string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" iri-compact:"expandedlicensing_standardLicenseTemplate"` - // Identifies the full text of a License or Addition. - SimplelicensingLicenseText string `iri:"https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" iri-compact:"simplelicensing_licenseText"` +// SupportType_EndOfSupport there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. +var SupportType_EndOfSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport", } -func castExpandedlicensingLicense(o any) *ExpandedlicensingLicense { - if o, ok := o.(AnyExpandedlicensingLicense); ok { - return o.asExpandedlicensingLicense() - } - return nil +// SupportType_LimitedSupport the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_LimitedSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport", } -func (o *ExpandedlicensingLicense) asExpandedlicensingLicense() *ExpandedlicensingLicense { - return o +// SupportType_NoAssertion no assertion about the type of support is made. This is considered the default if no other support type is used. +var SupportType_NoAssertion = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion", } -type AnyExpandedlicensingLicense interface { - AnyExpandedlicensingExtendableLicense - asExpandedlicensingLicense() *ExpandedlicensingLicense +// SupportType_NoSupport there is no support for the artifact from the supplier, consumer assumes any support obligations. +var SupportType_NoSupport = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport", } -type ExpandedlicensingLicenseList []AnyExpandedlicensingLicense +// SupportType_Support the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. +var SupportType_Support = SupportType{ + id: "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support", +} -func (o *ExpandedlicensingLicenseList) ExpandedlicensingLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingLicense] { - return typeIter(*o, castExpandedlicensingLicense) +type AnyTool interface { + asTool() *Tool } -func (o *ExpandedlicensingLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) + +// Tool An element of hardware and/or software utilized to carry out a particular function. +type Tool struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Core/Tool"` + Element } -func (o *ExpandedlicensingLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingLicense, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) + +func (o *Tool) asTool() *Tool { + return o } -// A license that is listed on the SPDX License List. -type ExpandedlicensingListedLicense struct { - ExpandedlicensingLicense +type ToolList []AnyTool - // Specifies the SPDX License List version in which this license or exception - // identifier was deprecated. - ExpandedlicensingDeprecatedVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" iri-compact:"expandedlicensing_deprecatedVersion"` - // Specifies the SPDX License List version in which this ListedLicense or - // ListedLicenseException identifier was first added. - ExpandedlicensingListVersionAdded string `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" iri-compact:"expandedlicensing_listVersionAdded"` +func (o *ToolList) Tools() ld.TypeSeq[AnyTool, *Tool] { + return ld.NewTypeSeq(*o, castTool) } -func castExpandedlicensingListedLicense(o any) *ExpandedlicensingListedLicense { - if o, ok := o.(AnyExpandedlicensingListedLicense); ok { - return o.asExpandedlicensingListedLicense() - } - return nil +type AnyVexAffectedVulnAssessmentRelationship interface { + asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship } -func (o *ExpandedlicensingListedLicense) asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense { - return o +// VexAffectedVulnAssessmentRelationship Connects a vulnerability and an element designating the element as a product\naffected by the vulnerability. +type VexAffectedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship"` + VexVulnAssessmentRelationship + // ActionStatement Provides advise on how to mitigate or remediate a vulnerability when a VEX product\nis affected by it. + ActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" required:"true" type:"http://www.w3.org/2001/XMLSchema#string"` + // ActionStatementTime Records the time when a recommended action was communicated in a VEX statement\nto mitigate a vulnerability. + ActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` } -type AnyExpandedlicensingListedLicense interface { - AnyExpandedlicensingLicense - asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense +func (o *VexAffectedVulnAssessmentRelationship) asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship { + return o } -type ExpandedlicensingListedLicenseList []AnyExpandedlicensingListedLicense +type VexAffectedVulnAssessmentRelationshipList []AnyVexAffectedVulnAssessmentRelationship -func (o *ExpandedlicensingListedLicenseList) ExpandedlicensingListedLicenseIter() iter.Seq2[AnyExpandedlicensingListedLicense, *ExpandedlicensingListedLicense] { - return typeIter(*o, castExpandedlicensingListedLicense) +func (o *VexAffectedVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexAffectedVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) } -// Portion of an AnyLicenseInfo representing this version, or any later version, -// of the indicated License. -type ExpandedlicensingOrLaterOperator struct { - ExpandedlicensingExtendableLicense - - // A License participating in an 'or later' model. - ExpandedlicensingSubjectLicense AnyExpandedlicensingLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" iri-compact:"expandedlicensing_subjectLicense"` +type AnyVexFixedVulnAssessmentRelationship interface { + asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship } -func castExpandedlicensingOrLaterOperator(o any) *ExpandedlicensingOrLaterOperator { - if o, ok := o.(AnyExpandedlicensingOrLaterOperator); ok { - return o.asExpandedlicensingOrLaterOperator() - } - return nil +// VexFixedVulnAssessmentRelationship Links a vulnerability and elements representing products (in the VEX sense) where\na fix has been applied and are no longer affected. +type VexFixedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship"` + VexVulnAssessmentRelationship } -func (o *ExpandedlicensingOrLaterOperator) asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator { +func (o *VexFixedVulnAssessmentRelationship) asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship { return o } -type AnyExpandedlicensingOrLaterOperator interface { - AnyExpandedlicensingExtendableLicense - asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator -} +type VexFixedVulnAssessmentRelationshipList []AnyVexFixedVulnAssessmentRelationship -type ExpandedlicensingOrLaterOperatorList []AnyExpandedlicensingOrLaterOperator +func (o *VexFixedVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVexFixedVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) +} -func (o *ExpandedlicensingOrLaterOperatorList) ExpandedlicensingOrLaterOperatorIter() iter.Seq2[AnyExpandedlicensingOrLaterOperator, *ExpandedlicensingOrLaterOperator] { - return typeIter(*o, castExpandedlicensingOrLaterOperator) +// VexJustificationType Specifies the VEX justification type. +type VexJustificationType struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType"` + id string `iri:"@id"` } -// Portion of an AnyLicenseInfo representing a License which has additional -// text applied to it. -type ExpandedlicensingWithAdditionOperator struct { - SimplelicensingAnyLicenseInfo +// VexJustificationType_ComponentNotPresent The software is not affected because the vulnerable component is not in the product. +var VexJustificationType_ComponentNotPresent = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent", +} - // A LicenseAddition participating in a 'with addition' model. - ExpandedlicensingSubjectAddition AnyExpandedlicensingLicenseAddition `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" iri-compact:"expandedlicensing_subjectAddition"` +// VexJustificationType_InlineMitigationsAlreadyExist Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. +var VexJustificationType_InlineMitigationsAlreadyExist = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist", +} - // A License participating in a 'with addition' model. - ExpandedlicensingSubjectExtendableLicense AnyExpandedlicensingExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" iri-compact:"expandedlicensing_subjectExtendableLicense"` +// VexJustificationType_VulnerableCodeCannotBeControlledByAdversary The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. +var VexJustificationType_VulnerableCodeCannotBeControlledByAdversary = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary", } -func castExpandedlicensingWithAdditionOperator(o any) *ExpandedlicensingWithAdditionOperator { - if o, ok := o.(AnyExpandedlicensingWithAdditionOperator); ok { - return o.asExpandedlicensingWithAdditionOperator() - } - return nil +// VexJustificationType_VulnerableCodeNotInExecutePath The affected code is not reachable through the execution of the code, including non-anticipated states of the product. +var VexJustificationType_VulnerableCodeNotInExecutePath = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath", } -func (o *ExpandedlicensingWithAdditionOperator) asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator { - return o +// VexJustificationType_VulnerableCodeNotPresent The product is not affected because the code underlying the vulnerability is not present in the product. +var VexJustificationType_VulnerableCodeNotPresent = VexJustificationType{ + id: "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent", } -type AnyExpandedlicensingWithAdditionOperator interface { - AnySimplelicensingAnyLicenseInfo - asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator +type AnyVexNotAffectedVulnAssessmentRelationship interface { + asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship } -type ExpandedlicensingWithAdditionOperatorList []AnyExpandedlicensingWithAdditionOperator +// VexNotAffectedVulnAssessmentRelationship Links a vulnerability and one or more elements designating the latter as products\nnot affected by the vulnerability. +type VexNotAffectedVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship"` + VexVulnAssessmentRelationship + // ImpactStatementTime Timestamp of impact statement. + ImpactStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ImpactStatement Explains why a VEX product is not affected by a vulnerability. It is an\nalternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable\njustification label. + ImpactStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" type:"http://www.w3.org/2001/XMLSchema#string"` + // JustificationType Impact justification label to be used when linking a vulnerability to an element\nrepresenting a VEX product with a VexNotAffectedVulnAssessmentRelationship\nrelationship. + JustificationType VexJustificationType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/justificationType" type:"https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType"` +} -func (o *ExpandedlicensingWithAdditionOperatorList) ExpandedlicensingWithAdditionOperatorIter() iter.Seq2[AnyExpandedlicensingWithAdditionOperator, *ExpandedlicensingWithAdditionOperator] { - return typeIter(*o, castExpandedlicensingWithAdditionOperator) +func (o *VexNotAffectedVulnAssessmentRelationship) asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship { + return o } -// A type of extension consisting of a list of name value pairs. -type ExtensionCdxPropertiesExtension struct { - ExtensionExtension +type VexNotAffectedVulnAssessmentRelationshipList []AnyVexNotAffectedVulnAssessmentRelationship - // Provides a map of a property names to a values. - ExtensionCdxPropertys ExtensionCdxPropertyEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" iri-compact:"extension_cdxProperty"` +func (o *VexNotAffectedVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexNotAffectedVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) } -func castExtensionCdxPropertiesExtension(o any) *ExtensionCdxPropertiesExtension { - if o, ok := o.(AnyExtensionCdxPropertiesExtension); ok { - return o.asExtensionCdxPropertiesExtension() - } - return nil +type AnyVexUnderInvestigationVulnAssessmentRelationship interface { + asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship } -func (o *ExtensionCdxPropertiesExtension) asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension { - return o +// VexUnderInvestigationVulnAssessmentRelationship Designates elements as products where the impact of a vulnerability is being\ninvestigated. +type VexUnderInvestigationVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship"` + VexVulnAssessmentRelationship } -type AnyExtensionCdxPropertiesExtension interface { - AnyExtensionExtension - asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension +func (o *VexUnderInvestigationVulnAssessmentRelationship) asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship { + return o } -type ExtensionCdxPropertiesExtensionList []AnyExtensionCdxPropertiesExtension +type VexUnderInvestigationVulnAssessmentRelationshipList []AnyVexUnderInvestigationVulnAssessmentRelationship -func (o *ExtensionCdxPropertiesExtensionList) ExtensionCdxPropertiesExtensionIter() iter.Seq2[AnyExtensionCdxPropertiesExtension, *ExtensionCdxPropertiesExtension] { - return typeIter(*o, castExtensionCdxPropertiesExtension) +func (o *VexUnderInvestigationVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVexUnderInvestigationVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) } -// Provides a CVSS version 2.0 assessment for a vulnerability. -type SecurityCvssV2VulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship - - // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` - // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` +type AnyVexVulnAssessmentRelationship interface { + asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship } -func castSecurityCvssV2VulnAssessmentRelationship(o any) *SecurityCvssV2VulnAssessmentRelationship { - if o, ok := o.(AnySecurityCvssV2VulnAssessmentRelationship); ok { - return o.asSecurityCvssV2VulnAssessmentRelationship() - } - return nil +// VexVulnAssessmentRelationship Abstract ancestor class for all VEX relationships +type VexVulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship"` + VulnAssessmentRelationship + // StatusNotes Conveys information about how VEX status was determined. + StatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" type:"http://www.w3.org/2001/XMLSchema#string"` + // VexVersion Specifies the version of a VEX statement. + VexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" type:"http://www.w3.org/2001/XMLSchema#string"` } -func (o *SecurityCvssV2VulnAssessmentRelationship) asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship { +func (o *VexVulnAssessmentRelationship) asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship { return o } -type AnySecurityCvssV2VulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship -} +type VexVulnAssessmentRelationshipList []AnyVexVulnAssessmentRelationship -type SecurityCvssV2VulnAssessmentRelationshipList []AnySecurityCvssV2VulnAssessmentRelationship +func (o *VexVulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -func (o *SecurityCvssV2VulnAssessmentRelationshipList) SecurityCvssV2VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV2VulnAssessmentRelationship, *SecurityCvssV2VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV2VulnAssessmentRelationship) +func (o *VexVulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) } -// Provides a CVSS version 3 assessment for a vulnerability. -type SecurityCvssV3VulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +func (o *VexVulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +} - // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` - // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - SecuritySeverity securityCvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" iri-compact:"security_severity"` - // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` +func (o *VexVulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) } -func castSecurityCvssV3VulnAssessmentRelationship(o any) *SecurityCvssV3VulnAssessmentRelationship { - if o, ok := o.(AnySecurityCvssV3VulnAssessmentRelationship); ok { - return o.asSecurityCvssV3VulnAssessmentRelationship() - } - return nil +func (o *VexVulnAssessmentRelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyVexVulnAssessmentRelationship, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) } -func (o *SecurityCvssV3VulnAssessmentRelationship) asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship { - return o +type AnyVulnAssessmentRelationship interface { + asVulnAssessmentRelationship() *VulnAssessmentRelationship } -type AnySecurityCvssV3VulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship +// VulnAssessmentRelationship Abstract ancestor class for all vulnerability assessments +type VulnAssessmentRelationship struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship"` + Relationship + // SuppliedBy Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element. + SuppliedBy AnyAgent `iri:"https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" type:"https://spdx.org/rdf/3.0.1/terms/Core/Agent"` + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // AssessedElement Specifies an Element contained in a piece of software where a vulnerability was\nfound. + AssessedElement AnySoftwareArtifact `iri:"https://spdx.org/rdf/3.0.1/terms/Security/assessedElement" type:"https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} + +func (o *VulnAssessmentRelationship) asVulnAssessmentRelationship() *VulnAssessmentRelationship { + return o } -type SecurityCvssV3VulnAssessmentRelationshipList []AnySecurityCvssV3VulnAssessmentRelationship +type VulnAssessmentRelationshipList []AnyVulnAssessmentRelationship -func (o *SecurityCvssV3VulnAssessmentRelationshipList) SecurityCvssV3VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV3VulnAssessmentRelationship, *SecurityCvssV3VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV3VulnAssessmentRelationship) +func (o *VulnAssessmentRelationshipList) CvssV2VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV2VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV2VulnAssessmentRelationship) } -// Provides a CVSS version 4 assessment for a vulnerability. -type SecurityCvssV4VulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) CvssV3VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV3VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV3VulnAssessmentRelationship) +} - // Provides a numerical (0-10) representation of the severity of a vulnerability. - SecurityScore float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/score" iri-compact:"security_score"` - // Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - SecuritySeverity securityCvssSeverityType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/severity" iri-compact:"security_severity"` - // Specifies the CVSS vector string for a vulnerability. - SecurityVectorString string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vectorString" iri-compact:"security_vectorString"` +func (o *VulnAssessmentRelationshipList) CvssV4VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *CvssV4VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castCvssV4VulnAssessmentRelationship) } -func castSecurityCvssV4VulnAssessmentRelationship(o any) *SecurityCvssV4VulnAssessmentRelationship { - if o, ok := o.(AnySecurityCvssV4VulnAssessmentRelationship); ok { - return o.asSecurityCvssV4VulnAssessmentRelationship() - } - return nil +func (o *VulnAssessmentRelationshipList) EpssVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *EpssVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castEpssVulnAssessmentRelationship) } -func (o *SecurityCvssV4VulnAssessmentRelationship) asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship { - return o +func (o *VulnAssessmentRelationshipList) ExploitCatalogVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *ExploitCatalogVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castExploitCatalogVulnAssessmentRelationship) } -type AnySecurityCvssV4VulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) SsvcVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *SsvcVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castSsvcVulnAssessmentRelationship) } -type SecurityCvssV4VulnAssessmentRelationshipList []AnySecurityCvssV4VulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) VexAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexAffectedVulnAssessmentRelationship) +} -func (o *SecurityCvssV4VulnAssessmentRelationshipList) SecurityCvssV4VulnAssessmentRelationshipIter() iter.Seq2[AnySecurityCvssV4VulnAssessmentRelationship, *SecurityCvssV4VulnAssessmentRelationship] { - return typeIter(*o, castSecurityCvssV4VulnAssessmentRelationship) +func (o *VulnAssessmentRelationshipList) VexFixedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexFixedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexFixedVulnAssessmentRelationship) } -// Provides an EPSS assessment for a vulnerability. -type SecurityEpssVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +func (o *VulnAssessmentRelationshipList) VexNotAffectedVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexNotAffectedVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexNotAffectedVulnAssessmentRelationship) +} - // The percentile of the current probability score. - SecurityPercentile float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/percentile" iri-compact:"security_percentile"` - // A probability score between 0 and 1 of a vulnerability being exploited. - SecurityProbability float64 `iri:"https://spdx.org/rdf/3.0.1/terms/Security/probability" iri-compact:"security_probability"` +func (o *VulnAssessmentRelationshipList) VexUnderInvestigationVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexUnderInvestigationVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexUnderInvestigationVulnAssessmentRelationship) } -func castSecurityEpssVulnAssessmentRelationship(o any) *SecurityEpssVulnAssessmentRelationship { - if o, ok := o.(AnySecurityEpssVulnAssessmentRelationship); ok { - return o.asSecurityEpssVulnAssessmentRelationship() - } - return nil +func (o *VulnAssessmentRelationshipList) VexVulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VexVulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVexVulnAssessmentRelationship) } -func (o *SecurityEpssVulnAssessmentRelationship) asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship { - return o +func (o *VulnAssessmentRelationshipList) VulnAssessmentRelationships() ld.TypeSeq[AnyVulnAssessmentRelationship, *VulnAssessmentRelationship] { + return ld.NewTypeSeq(*o, castVulnAssessmentRelationship) } -type AnySecurityEpssVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship +type AnyVulnerability interface { + asVulnerability() *Vulnerability } -type SecurityEpssVulnAssessmentRelationshipList []AnySecurityEpssVulnAssessmentRelationship +// Vulnerability Specifies a vulnerability and its associated information. +type Vulnerability struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability"` + Artifact + // WithdrawnTime Specified the time and date when a vulnerability was withdrawn. + WithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // ModifiedTime Specifies a time when a vulnerability assessment was modified + ModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` + // PublishedTime Specifies the time when a vulnerability was published. + PublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" type:"http://www.w3.org/2001/XMLSchema#dateTimeStamp"` +} -func (o *SecurityEpssVulnAssessmentRelationshipList) SecurityEpssVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityEpssVulnAssessmentRelationship, *SecurityEpssVulnAssessmentRelationship] { - return typeIter(*o, castSecurityEpssVulnAssessmentRelationship) +func (o *Vulnerability) asVulnerability() *Vulnerability { + return o } -// Provides an exploit assessment of a vulnerability. -type SecurityExploitCatalogVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship +type VulnerabilityList []AnyVulnerability - // Specifies the exploit catalog type. - SecurityCatalogType securityExploitCatalogType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/catalogType" iri-compact:"security_catalogType"` - // Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - SecurityExploited bool `iri:"https://spdx.org/rdf/3.0.1/terms/Security/exploited" iri-compact:"security_exploited"` - // Provides the location of an exploit catalog. - SecurityLocator string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/locator" iri-compact:"security_locator"` +func (o *VulnerabilityList) Vulnerabilities() ld.TypeSeq[AnyVulnerability, *Vulnerability] { + return ld.NewTypeSeq(*o, castVulnerability) } -func castSecurityExploitCatalogVulnAssessmentRelationship(o any) *SecurityExploitCatalogVulnAssessmentRelationship { - if o, ok := o.(AnySecurityExploitCatalogVulnAssessmentRelationship); ok { - return o.asSecurityExploitCatalogVulnAssessmentRelationship() - } - return nil +type AnyWithAdditionOperator interface { + asWithAdditionOperator() *WithAdditionOperator } -func (o *SecurityExploitCatalogVulnAssessmentRelationship) asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship { - return o +// WithAdditionOperator Portion of an AnyLicenseInfo representing a License which has additional\ntext applied to it. +type WithAdditionOperator struct { + _ ld.Type `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator"` + LicenseInfo + // SubjectExtendableLicense A License participating in a 'with addition' model. + SubjectExtendableLicense AnyExtendableLicense `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense"` + // SubjectAddition A LicenseAddition participating in a 'with addition' model. + SubjectAddition AnyLicenseAddition `iri:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" required:"true" type:"https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition"` } -type AnySecurityExploitCatalogVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship +func (o *WithAdditionOperator) asWithAdditionOperator() *WithAdditionOperator { + return o } -type SecurityExploitCatalogVulnAssessmentRelationshipList []AnySecurityExploitCatalogVulnAssessmentRelationship +type WithAdditionOperatorList []AnyWithAdditionOperator -func (o *SecurityExploitCatalogVulnAssessmentRelationshipList) SecurityExploitCatalogVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityExploitCatalogVulnAssessmentRelationship, *SecurityExploitCatalogVulnAssessmentRelationship] { - return typeIter(*o, castSecurityExploitCatalogVulnAssessmentRelationship) +func (o *WithAdditionOperatorList) WithAdditionOperators() ld.TypeSeq[AnyWithAdditionOperator, *WithAdditionOperator] { + return ld.NewTypeSeq(*o, castWithAdditionOperator) } -// Provides an SSVC assessment for a vulnerability. -type SecuritySsvcVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship - - // Provide the enumeration of possible decisions in the - // [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc). - SecurityDecisionType securitySsvcDecisionType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/decisionType" iri-compact:"security_decisionType"` +type ExternalIRI struct { + id string `iri:"@id"` + value any } -func castSecuritySsvcVulnAssessmentRelationship(o any) *SecuritySsvcVulnAssessmentRelationship { - if o, ok := o.(AnySecuritySsvcVulnAssessmentRelationship); ok { - return o.asSecuritySsvcVulnAssessmentRelationship() +func NewExternalIRI(id string) *ExternalIRI { + return &ExternalIRI{ + id: id, } - return nil } -func (o *SecuritySsvcVulnAssessmentRelationship) asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asAIPackage() *AIPackage { + return castAIPackage(o.value) } -type AnySecuritySsvcVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship +func (o *ExternalIRI) asAgent() *Agent { + return castAgent(o.value) } -type SecuritySsvcVulnAssessmentRelationshipList []AnySecuritySsvcVulnAssessmentRelationship - -func (o *SecuritySsvcVulnAssessmentRelationshipList) SecuritySsvcVulnAssessmentRelationshipIter() iter.Seq2[AnySecuritySsvcVulnAssessmentRelationship, *SecuritySsvcVulnAssessmentRelationship] { - return typeIter(*o, castSecuritySsvcVulnAssessmentRelationship) +func (o *ExternalIRI) asAnnotation() *Annotation { + return castAnnotation(o.value) } -// Abstract ancestor class for all VEX relationships -type SecurityVexVulnAssessmentRelationship struct { - SecurityVulnAssessmentRelationship - - // Conveys information about how VEX status was determined. - SecurityStatusNotes string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" iri-compact:"security_statusNotes"` - // Specifies the version of a VEX statement. - SecurityVexVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" iri-compact:"security_vexVersion"` +func (o *ExternalIRI) asArtifact() *Artifact { + return castArtifact(o.value) } -func castSecurityVexVulnAssessmentRelationship(o any) *SecurityVexVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexVulnAssessmentRelationship); ok { - return o.asSecurityVexVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asBom() *Bom { + return castBom(o.value) } -func (o *SecurityVexVulnAssessmentRelationship) asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asBuild() *Build { + return castBuild(o.value) } -type AnySecurityVexVulnAssessmentRelationship interface { - AnySecurityVulnAssessmentRelationship - asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asBundle() *Bundle { + return castBundle(o.value) } -type SecurityVexVulnAssessmentRelationshipList []AnySecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asCdxPropertiesExtension() *CdxPropertiesExtension { + return castCdxPropertiesExtension(o.value) +} -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexVulnAssessmentRelationship) +func (o *ExternalIRI) asCdxPropertyEntry() *CdxPropertyEntry { + return castCdxPropertyEntry(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) + +func (o *ExternalIRI) asConjunctiveLicenseSet() *ConjunctiveLicenseSet { + return castConjunctiveLicenseSet(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) + +func (o *ExternalIRI) asContentIdentifier() *ContentIdentifier { + return castContentIdentifier(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) + +func (o *ExternalIRI) asCreationInfo() *CreationInfo { + return castCreationInfo(o.value) } -func (o *SecurityVexVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) + +func (o *ExternalIRI) asCustomLicense() *CustomLicense { + return castCustomLicense(o.value) } -// Specifies a vulnerability and its associated information. -type SecurityVulnerability struct { - Artifact +func (o *ExternalIRI) asCustomLicenseAddition() *CustomLicenseAddition { + return castCustomLicenseAddition(o.value) +} - // Specifies a time when a vulnerability assessment was modified - SecurityModifiedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" iri-compact:"security_modifiedTime"` - // Specifies the time when a vulnerability was published. - SecurityPublishedTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" iri-compact:"security_publishedTime"` - // Specified the time and date when a vulnerability was withdrawn. - SecurityWithdrawnTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" iri-compact:"security_withdrawnTime"` +func (o *ExternalIRI) asCvssV2VulnAssessmentRelationship() *CvssV2VulnAssessmentRelationship { + return castCvssV2VulnAssessmentRelationship(o.value) } -func castSecurityVulnerability(o any) *SecurityVulnerability { - if o, ok := o.(AnySecurityVulnerability); ok { - return o.asSecurityVulnerability() - } - return nil +func (o *ExternalIRI) asCvssV3VulnAssessmentRelationship() *CvssV3VulnAssessmentRelationship { + return castCvssV3VulnAssessmentRelationship(o.value) } -func (o *SecurityVulnerability) asSecurityVulnerability() *SecurityVulnerability { - return o +func (o *ExternalIRI) asCvssV4VulnAssessmentRelationship() *CvssV4VulnAssessmentRelationship { + return castCvssV4VulnAssessmentRelationship(o.value) } -type AnySecurityVulnerability interface { - AnyArtifact - asSecurityVulnerability() *SecurityVulnerability +func (o *ExternalIRI) asDatasetPackage() *DatasetPackage { + return castDatasetPackage(o.value) } -type SecurityVulnerabilityList []AnySecurityVulnerability +func (o *ExternalIRI) asDictionaryEntry() *DictionaryEntry { + return castDictionaryEntry(o.value) +} -func (o *SecurityVulnerabilityList) SecurityVulnerabilityIter() iter.Seq2[AnySecurityVulnerability, *SecurityVulnerability] { - return typeIter(*o, castSecurityVulnerability) +func (o *ExternalIRI) asDisjunctiveLicenseSet() *DisjunctiveLicenseSet { + return castDisjunctiveLicenseSet(o.value) } -// A distinct article or unit related to Software. -type SoftwareSoftwareArtifact struct { - Artifact +func (o *ExternalIRI) asElement() *Element { + return castElement(o.value) +} - // Provides additional purpose information of the software artifact. - SoftwareAdditionalPurposes []softwareSoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" iri-compact:"software_additionalPurpose"` - // Provides a place for the SPDX data creator to record acknowledgement text for - // a software Package, File or Snippet. - SoftwareAttributionTexts []string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/attributionText" iri-compact:"software_attributionText"` - // A canonical, unique, immutable identifier of the artifact content, that may be - // used for verifying its identity and/or integrity. - SoftwareContentIdentifiers SoftwareContentIdentifierList `iri:"https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" iri-compact:"software_contentIdentifier"` +func (o *ExternalIRI) asElementCollection() *ElementCollection { + return castElementCollection(o.value) +} - // Identifies the text of one or more copyright notices for a software Package, - // File or Snippet, if any. - SoftwareCopyrightText string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" iri-compact:"software_copyrightText"` - // Provides information about the primary purpose of the software artifact. - SoftwarePrimaryPurpose softwareSoftwarePurpose `iri:"https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" iri-compact:"software_primaryPurpose"` +func (o *ExternalIRI) asEnergyConsumption() *EnergyConsumption { + return castEnergyConsumption(o.value) } -func castSoftwareSoftwareArtifact(o any) *SoftwareSoftwareArtifact { - if o, ok := o.(AnySoftwareSoftwareArtifact); ok { - return o.asSoftwareSoftwareArtifact() - } - return nil +func (o *ExternalIRI) asEnergyConsumptionDescription() *EnergyConsumptionDescription { + return castEnergyConsumptionDescription(o.value) } -func (o *SoftwareSoftwareArtifact) asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact { - return o +func (o *ExternalIRI) asEpssVulnAssessmentRelationship() *EpssVulnAssessmentRelationship { + return castEpssVulnAssessmentRelationship(o.value) } -type AnySoftwareSoftwareArtifact interface { - AnyArtifact - asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact +func (o *ExternalIRI) asExploitCatalogVulnAssessmentRelationship() *ExploitCatalogVulnAssessmentRelationship { + return castExploitCatalogVulnAssessmentRelationship(o.value) } -type SoftwareSoftwareArtifactList []AnySoftwareSoftwareArtifact +func (o *ExternalIRI) asExtendableLicense() *ExtendableLicense { + return castExtendableLicense(o.value) +} -func (o *SoftwareSoftwareArtifactList) SoftwareSoftwareArtifactIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareSoftwareArtifact] { - return typeIter(*o, castSoftwareSoftwareArtifact) +func (o *ExternalIRI) asExternalIdentifier() *ExternalIdentifier { + return castExternalIdentifier(o.value) } -func (o *SoftwareSoftwareArtifactList) SoftwareFileIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) + +func (o *ExternalIRI) asExternalMap() *ExternalMap { + return castExternalMap(o.value) } -func (o *SoftwareSoftwareArtifactList) SoftwarePackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) + +func (o *ExternalIRI) asExternalRef() *ExternalRef { + return castExternalRef(o.value) } -func (o *SoftwareSoftwareArtifactList) SoftwareSnippetIter() iter.Seq2[AnySoftwareSoftwareArtifact, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) + +func (o *ExternalIRI) asFile() *File { + return castFile(o.value) } -func (o *SoftwareSoftwareArtifactList) AiAIPackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +func (o *ExternalIRI) asHash() *Hash { + return castHash(o.value) } -func (o *SoftwareSoftwareArtifactList) DatasetDatasetPackageIter() iter.Seq2[AnySoftwareSoftwareArtifact, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func (o *ExternalIRI) asIndividualElement() *IndividualElement { + return castIndividualElement(o.value) } -// A container for a grouping of SPDX-3.0 content characterizing details -// (provenence, composition, licensing, etc.) about a product. -type Bom struct { - Bundle +func (o *ExternalIRI) asIndividualLicensingInfo() *IndividualLicensingInfo { + return castIndividualLicensingInfo(o.value) } -func castBom(o any) *Bom { - if o, ok := o.(AnyBom); ok { - return o.asBom() - } - return nil +func (o *ExternalIRI) asIntegrityMethod() *IntegrityMethod { + return castIntegrityMethod(o.value) } -func (o *Bom) asBom() *Bom { - return o +func (o *ExternalIRI) asLicense() *License { + return castLicense(o.value) } -type AnyBom interface { - AnyBundle - asBom() *Bom +func (o *ExternalIRI) asLicenseAddition() *LicenseAddition { + return castLicenseAddition(o.value) } -type BomList []AnyBom +func (o *ExternalIRI) asLicenseExpression() *LicenseExpression { + return castLicenseExpression(o.value) +} -func (o *BomList) BomIter() iter.Seq2[AnyBom, *Bom] { return typeIter(*o, castBom) } -func (o *BomList) SoftwareSbomIter() iter.Seq2[AnyBom, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) +func (o *ExternalIRI) asLicenseInfo() *LicenseInfo { + return castLicenseInfo(o.value) } -// A license that is not listed on the SPDX License List. -type ExpandedlicensingCustomLicense struct { - ExpandedlicensingLicense +func (o *ExternalIRI) asLifecycleScopedRelationship() *LifecycleScopedRelationship { + return castLifecycleScopedRelationship(o.value) } -func castExpandedlicensingCustomLicense(o any) *ExpandedlicensingCustomLicense { - if o, ok := o.(AnyExpandedlicensingCustomLicense); ok { - return o.asExpandedlicensingCustomLicense() - } - return nil +func (o *ExternalIRI) asListedLicense() *ListedLicense { + return castListedLicense(o.value) } -func (o *ExpandedlicensingCustomLicense) asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense { - return o +func (o *ExternalIRI) asListedLicenseException() *ListedLicenseException { + return castListedLicenseException(o.value) } -type AnyExpandedlicensingCustomLicense interface { - AnyExpandedlicensingLicense - asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense +func (o *ExternalIRI) asNamespaceMap() *NamespaceMap { + return castNamespaceMap(o.value) } -type ExpandedlicensingCustomLicenseList []AnyExpandedlicensingCustomLicense +func (o *ExternalIRI) asOrLaterOperator() *OrLaterOperator { + return castOrLaterOperator(o.value) +} -func (o *ExpandedlicensingCustomLicenseList) ExpandedlicensingCustomLicenseIter() iter.Seq2[AnyExpandedlicensingCustomLicense, *ExpandedlicensingCustomLicense] { - return typeIter(*o, castExpandedlicensingCustomLicense) +func (o *ExternalIRI) asOrganization() *Organization { + return castOrganization(o.value) } -// Connects a vulnerability and an element designating the element as a product -// affected by the vulnerability. -type SecurityVexAffectedVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asPackage() *Package { + return castPackage(o.value) +} - // Provides advise on how to mitigate or remediate a vulnerability when a VEX product - // is affected by it. - SecurityActionStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" iri-compact:"security_actionStatement"` - // Records the time when a recommended action was communicated in a VEX statement - // to mitigate a vulnerability. - SecurityActionStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" iri-compact:"security_actionStatementTime"` +func (o *ExternalIRI) asPackageVerificationCode() *PackageVerificationCode { + return castPackageVerificationCode(o.value) } -func castSecurityVexAffectedVulnAssessmentRelationship(o any) *SecurityVexAffectedVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexAffectedVulnAssessmentRelationship); ok { - return o.asSecurityVexAffectedVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asPerson() *Person { + return castPerson(o.value) } -func (o *SecurityVexAffectedVulnAssessmentRelationship) asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asPositiveIntegerRange() *PositiveIntegerRange { + return castPositiveIntegerRange(o.value) } -type AnySecurityVexAffectedVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asRelationship() *Relationship { + return castRelationship(o.value) } -type SecurityVexAffectedVulnAssessmentRelationshipList []AnySecurityVexAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asSbom() *Sbom { + return castSbom(o.value) +} -func (o *SecurityVexAffectedVulnAssessmentRelationshipList) SecurityVexAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexAffectedVulnAssessmentRelationship, *SecurityVexAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexAffectedVulnAssessmentRelationship) +func (o *ExternalIRI) asSimpleLicensingText() *SimpleLicensingText { + return castSimpleLicensingText(o.value) } -// Links a vulnerability and elements representing products (in the VEX sense) where -// a fix has been applied and are no longer affected. -type SecurityVexFixedVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asSnippet() *Snippet { + return castSnippet(o.value) } -func castSecurityVexFixedVulnAssessmentRelationship(o any) *SecurityVexFixedVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexFixedVulnAssessmentRelationship); ok { - return o.asSecurityVexFixedVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asSoftwareAgent() *SoftwareAgent { + return castSoftwareAgent(o.value) } -func (o *SecurityVexFixedVulnAssessmentRelationship) asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asSoftwareArtifact() *SoftwareArtifact { + return castSoftwareArtifact(o.value) } -type AnySecurityVexFixedVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship +func (o *ExternalIRI) asSpdxDocument() *SpdxDocument { + return castSpdxDocument(o.value) } -type SecurityVexFixedVulnAssessmentRelationshipList []AnySecurityVexFixedVulnAssessmentRelationship +func (o *ExternalIRI) asSsvcVulnAssessmentRelationship() *SsvcVulnAssessmentRelationship { + return castSsvcVulnAssessmentRelationship(o.value) +} -func (o *SecurityVexFixedVulnAssessmentRelationshipList) SecurityVexFixedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexFixedVulnAssessmentRelationship, *SecurityVexFixedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexFixedVulnAssessmentRelationship) +func (o *ExternalIRI) asTool() *Tool { + return castTool(o.value) } -// Links a vulnerability and one or more elements designating the latter as products -// not affected by the vulnerability. -type SecurityVexNotAffectedVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asVexAffectedVulnAssessmentRelationship() *VexAffectedVulnAssessmentRelationship { + return castVexAffectedVulnAssessmentRelationship(o.value) +} - // Explains why a VEX product is not affected by a vulnerability. It is an - // alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable - // justification label. - SecurityImpactStatement string `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" iri-compact:"security_impactStatement"` - // Timestamp of impact statement. - SecurityImpactStatementTime time.Time `iri:"https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" iri-compact:"security_impactStatementTime"` - // Impact justification label to be used when linking a vulnerability to an element - // representing a VEX product with a VexNotAffectedVulnAssessmentRelationship - // relationship. - SecurityJustificationType securityVexJustificationType `iri:"https://spdx.org/rdf/3.0.1/terms/Security/justificationType" iri-compact:"security_justificationType"` +func (o *ExternalIRI) asVexFixedVulnAssessmentRelationship() *VexFixedVulnAssessmentRelationship { + return castVexFixedVulnAssessmentRelationship(o.value) } -func castSecurityVexNotAffectedVulnAssessmentRelationship(o any) *SecurityVexNotAffectedVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexNotAffectedVulnAssessmentRelationship); ok { - return o.asSecurityVexNotAffectedVulnAssessmentRelationship() - } - return nil +func (o *ExternalIRI) asVexNotAffectedVulnAssessmentRelationship() *VexNotAffectedVulnAssessmentRelationship { + return castVexNotAffectedVulnAssessmentRelationship(o.value) } -func (o *SecurityVexNotAffectedVulnAssessmentRelationship) asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship { - return o +func (o *ExternalIRI) asVexUnderInvestigationVulnAssessmentRelationship() *VexUnderInvestigationVulnAssessmentRelationship { + return castVexUnderInvestigationVulnAssessmentRelationship(o.value) } -type AnySecurityVexNotAffectedVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asVexVulnAssessmentRelationship() *VexVulnAssessmentRelationship { + return castVexVulnAssessmentRelationship(o.value) } -type SecurityVexNotAffectedVulnAssessmentRelationshipList []AnySecurityVexNotAffectedVulnAssessmentRelationship +func (o *ExternalIRI) asVulnAssessmentRelationship() *VulnAssessmentRelationship { + return castVulnAssessmentRelationship(o.value) +} -func (o *SecurityVexNotAffectedVulnAssessmentRelationshipList) SecurityVexNotAffectedVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexNotAffectedVulnAssessmentRelationship, *SecurityVexNotAffectedVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexNotAffectedVulnAssessmentRelationship) +func (o *ExternalIRI) asVulnerability() *Vulnerability { + return castVulnerability(o.value) } -// Designates elements as products where the impact of a vulnerability is being -// investigated. -type SecurityVexUnderInvestigationVulnAssessmentRelationship struct { - SecurityVexVulnAssessmentRelationship +func (o *ExternalIRI) asWithAdditionOperator() *WithAdditionOperator { + return castWithAdditionOperator(o.value) } -func castSecurityVexUnderInvestigationVulnAssessmentRelationship(o any) *SecurityVexUnderInvestigationVulnAssessmentRelationship { - if o, ok := o.(AnySecurityVexUnderInvestigationVulnAssessmentRelationship); ok { - return o.asSecurityVexUnderInvestigationVulnAssessmentRelationship() +func castAIPackage(o any) *AIPackage { + if o, ok := o.(AnyAIPackage); ok { + return o.asAIPackage() } return nil } -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationship) asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship { - return o +func castAgent(o any) *Agent { + if o, ok := o.(AnyAgent); ok { + return o.asAgent() + } + return nil } -type AnySecurityVexUnderInvestigationVulnAssessmentRelationship interface { - AnySecurityVexVulnAssessmentRelationship - asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship +func castAnnotation(o any) *Annotation { + if o, ok := o.(AnyAnnotation); ok { + return o.asAnnotation() + } + return nil } -type SecurityVexUnderInvestigationVulnAssessmentRelationshipList []AnySecurityVexUnderInvestigationVulnAssessmentRelationship - -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationshipList) SecurityVexUnderInvestigationVulnAssessmentRelationshipIter() iter.Seq2[AnySecurityVexUnderInvestigationVulnAssessmentRelationship, *SecurityVexUnderInvestigationVulnAssessmentRelationship] { - return typeIter(*o, castSecurityVexUnderInvestigationVulnAssessmentRelationship) +func castArtifact(o any) *Artifact { + if o, ok := o.(AnyArtifact); ok { + return o.asArtifact() + } + return nil } -// Refers to any object that stores content on a computer. -type SoftwareFile struct { - SoftwareSoftwareArtifact - - // Provides information about the content type of an Element or a Property. - ContentType string `iri:"https://spdx.org/rdf/3.0.1/terms/Core/contentType" iri-compact:"contentType"` - // Describes if a given file is a directory or non-directory kind of file. - SoftwareFileKind softwareFileKindType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/fileKind" iri-compact:"software_fileKind"` +func castBom(o any) *Bom { + if o, ok := o.(AnyBom); ok { + return o.asBom() + } + return nil } -func castSoftwareFile(o any) *SoftwareFile { - if o, ok := o.(AnySoftwareFile); ok { - return o.asSoftwareFile() +func castBuild(o any) *Build { + if o, ok := o.(AnyBuild); ok { + return o.asBuild() } return nil } -func (o *SoftwareFile) asSoftwareFile() *SoftwareFile { - return o +func castBundle(o any) *Bundle { + if o, ok := o.(AnyBundle); ok { + return o.asBundle() + } + return nil } -type AnySoftwareFile interface { - AnySoftwareSoftwareArtifact - asSoftwareFile() *SoftwareFile +func castCdxPropertiesExtension(o any) *CdxPropertiesExtension { + if o, ok := o.(AnyCdxPropertiesExtension); ok { + return o.asCdxPropertiesExtension() + } + return nil } -type SoftwareFileList []AnySoftwareFile - -func (o *SoftwareFileList) SoftwareFileIter() iter.Seq2[AnySoftwareFile, *SoftwareFile] { - return typeIter(*o, castSoftwareFile) +func castCdxPropertyEntry(o any) *CdxPropertyEntry { + if o, ok := o.(AnyCdxPropertyEntry); ok { + return o.asCdxPropertyEntry() + } + return nil } -// Refers to any unit of content that can be associated with a distribution of -// software. -type SoftwarePackage struct { - SoftwareSoftwareArtifact +func castConjunctiveLicenseSet(o any) *ConjunctiveLicenseSet { + if o, ok := o.(AnyConjunctiveLicenseSet); ok { + return o.asConjunctiveLicenseSet() + } + return nil +} - // Identifies the download Uniform Resource Identifier for the package at the time - // that the document was created. - SoftwareDownloadLocation string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" iri-compact:"software_downloadLocation"` - // A place for the SPDX document creator to record a website that serves as the - // package's home page. - SoftwareHomePage string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/homePage" iri-compact:"software_homePage"` - // Provides a place for the SPDX data creator to record the package URL string - // (in accordance with the Package URL specification) for a software Package. - SoftwarePackageUrl string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" iri-compact:"software_packageUrl"` - // Identify the version of a package. - SoftwarePackageVersion string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" iri-compact:"software_packageVersion"` - // Records any relevant background information or additional comments - // about the origin of the package. - SoftwareSourceInfo string `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" iri-compact:"software_sourceInfo"` +func castContentIdentifier(o any) *ContentIdentifier { + if o, ok := o.(AnyContentIdentifier); ok { + return o.asContentIdentifier() + } + return nil } -func castSoftwarePackage(o any) *SoftwarePackage { - if o, ok := o.(AnySoftwarePackage); ok { - return o.asSoftwarePackage() +func castCreationInfo(o any) *CreationInfo { + if o, ok := o.(AnyCreationInfo); ok { + return o.asCreationInfo() } return nil } -func (o *SoftwarePackage) asSoftwarePackage() *SoftwarePackage { - return o +func castCustomLicense(o any) *CustomLicense { + if o, ok := o.(AnyCustomLicense); ok { + return o.asCustomLicense() + } + return nil } -type AnySoftwarePackage interface { - AnySoftwareSoftwareArtifact - asSoftwarePackage() *SoftwarePackage +func castCustomLicenseAddition(o any) *CustomLicenseAddition { + if o, ok := o.(AnyCustomLicenseAddition); ok { + return o.asCustomLicenseAddition() + } + return nil } -type SoftwarePackageList []AnySoftwarePackage +func castCvssV2VulnAssessmentRelationship(o any) *CvssV2VulnAssessmentRelationship { + if o, ok := o.(AnyCvssV2VulnAssessmentRelationship); ok { + return o.asCvssV2VulnAssessmentRelationship() + } + return nil +} -func (o *SoftwarePackageList) SoftwarePackageIter() iter.Seq2[AnySoftwarePackage, *SoftwarePackage] { - return typeIter(*o, castSoftwarePackage) +func castCvssV3VulnAssessmentRelationship(o any) *CvssV3VulnAssessmentRelationship { + if o, ok := o.(AnyCvssV3VulnAssessmentRelationship); ok { + return o.asCvssV3VulnAssessmentRelationship() + } + return nil } -func (o *SoftwarePackageList) AiAIPackageIter() iter.Seq2[AnySoftwarePackage, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) + +func castCvssV4VulnAssessmentRelationship(o any) *CvssV4VulnAssessmentRelationship { + if o, ok := o.(AnyCvssV4VulnAssessmentRelationship); ok { + return o.asCvssV4VulnAssessmentRelationship() + } + return nil } -func (o *SoftwarePackageList) DatasetDatasetPackageIter() iter.Seq2[AnySoftwarePackage, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) + +func castDatasetPackage(o any) *DatasetPackage { + if o, ok := o.(AnyDatasetPackage); ok { + return o.asDatasetPackage() + } + return nil } -// A collection of SPDX Elements describing a single package. -type SoftwareSbom struct { - Bom +func castDictionaryEntry(o any) *DictionaryEntry { + if o, ok := o.(AnyDictionaryEntry); ok { + return o.asDictionaryEntry() + } + return nil +} - // Provides information about the type of an SBOM. - SoftwareSbomTypes []softwareSbomType `iri:"https://spdx.org/rdf/3.0.1/terms/Software/sbomType" iri-compact:"software_sbomType"` +func castDisjunctiveLicenseSet(o any) *DisjunctiveLicenseSet { + if o, ok := o.(AnyDisjunctiveLicenseSet); ok { + return o.asDisjunctiveLicenseSet() + } + return nil } -func castSoftwareSbom(o any) *SoftwareSbom { - if o, ok := o.(AnySoftwareSbom); ok { - return o.asSoftwareSbom() +func castElement(o any) *Element { + if o, ok := o.(AnyElement); ok { + return o.asElement() } return nil } -func (o *SoftwareSbom) asSoftwareSbom() *SoftwareSbom { - return o +func castElementCollection(o any) *ElementCollection { + if o, ok := o.(AnyElementCollection); ok { + return o.asElementCollection() + } + return nil } -type AnySoftwareSbom interface { - AnyBom - asSoftwareSbom() *SoftwareSbom +func castEnergyConsumption(o any) *EnergyConsumption { + if o, ok := o.(AnyEnergyConsumption); ok { + return o.asEnergyConsumption() + } + return nil } -type SoftwareSbomList []AnySoftwareSbom - -func (o *SoftwareSbomList) SoftwareSbomIter() iter.Seq2[AnySoftwareSbom, *SoftwareSbom] { - return typeIter(*o, castSoftwareSbom) +func castEnergyConsumptionDescription(o any) *EnergyConsumptionDescription { + if o, ok := o.(AnyEnergyConsumptionDescription); ok { + return o.asEnergyConsumptionDescription() + } + return nil } -// Describes a certain part of a file. -type SoftwareSnippet struct { - SoftwareSoftwareArtifact - - // Defines the byte range in the original host file that the snippet information - // applies to. - SoftwareByteRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/byteRange" iri-compact:"software_byteRange"` - - // Defines the line range in the original host file that the snippet information - // applies to. - SoftwareLineRange AnyPositiveIntegerRange `iri:"https://spdx.org/rdf/3.0.1/terms/Software/lineRange" iri-compact:"software_lineRange"` - - // Defines the original host file that the snippet information applies to. - SoftwareSnippetFromFile AnySoftwareFile `iri:"https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" iri-compact:"software_snippetFromFile"` +func castEpssVulnAssessmentRelationship(o any) *EpssVulnAssessmentRelationship { + if o, ok := o.(AnyEpssVulnAssessmentRelationship); ok { + return o.asEpssVulnAssessmentRelationship() + } + return nil } -func castSoftwareSnippet(o any) *SoftwareSnippet { - if o, ok := o.(AnySoftwareSnippet); ok { - return o.asSoftwareSnippet() +func castExploitCatalogVulnAssessmentRelationship(o any) *ExploitCatalogVulnAssessmentRelationship { + if o, ok := o.(AnyExploitCatalogVulnAssessmentRelationship); ok { + return o.asExploitCatalogVulnAssessmentRelationship() } return nil } -func (o *SoftwareSnippet) asSoftwareSnippet() *SoftwareSnippet { - return o +func castExtendableLicense(o any) *ExtendableLicense { + if o, ok := o.(AnyExtendableLicense); ok { + return o.asExtendableLicense() + } + return nil } -type AnySoftwareSnippet interface { - AnySoftwareSoftwareArtifact - asSoftwareSnippet() *SoftwareSnippet +func castExternalIdentifier(o any) *ExternalIdentifier { + if o, ok := o.(AnyExternalIdentifier); ok { + return o.asExternalIdentifier() + } + return nil } -type SoftwareSnippetList []AnySoftwareSnippet - -func (o *SoftwareSnippetList) SoftwareSnippetIter() iter.Seq2[AnySoftwareSnippet, *SoftwareSnippet] { - return typeIter(*o, castSoftwareSnippet) +func castExternalMap(o any) *ExternalMap { + if o, ok := o.(AnyExternalMap); ok { + return o.asExternalMap() + } + return nil } -// Specifies an AI package and its associated information. -type AiAIPackage struct { - SoftwarePackage - - // Indicates whether the system can perform a decision or action without human - // involvement or guidance. - AiAutonomyType presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" iri-compact:"ai_autonomyType"` - // Captures the domain in which the AI package can be used. - AiDomains []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/domain" iri-compact:"ai_domain"` - // Indicates the amount of energy consumption incurred by an AI model. - AiEnergyConsumption AnyAiEnergyConsumption `iri:"https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" iri-compact:"ai_energyConsumption"` - - // Records a hyperparameter used to build the AI model contained in the AI - // package. - AiHyperparameters DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" iri-compact:"ai_hyperparameter"` - - // Provides relevant information about the AI software, not including the model - // description. - AiInformationAboutApplication string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" iri-compact:"ai_informationAboutApplication"` - // Describes relevant information about different steps of the training process. - AiInformationAboutTraining string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" iri-compact:"ai_informationAboutTraining"` - // Captures a limitation of the AI software. - AiLimitation string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/limitation" iri-compact:"ai_limitation"` - // Records the measurement of prediction quality of the AI model. - AiMetrics DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metric" iri-compact:"ai_metric"` - - // Captures the threshold that was used for computation of a metric described in - // the metric field. - AiMetricDecisionThresholds DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" iri-compact:"ai_metricDecisionThreshold"` - - // Describes all the preprocessing steps applied to the training data before the - // model training. - AiModelDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" iri-compact:"ai_modelDataPreprocessing"` - // Describes methods that can be used to explain the results from the AI model. - AiModelExplainabilitys []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" iri-compact:"ai_modelExplainability"` - // Records the results of general safety risk assessment of the AI system. - AiSafetyRiskAssessment aiSafetyRiskAssessmentType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" iri-compact:"ai_safetyRiskAssessment"` - // Captures a standard that is being complied with. - AiStandardCompliances []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" iri-compact:"ai_standardCompliance"` - // Records the type of the model used in the AI software. - AiTypeOfModels []string `iri:"https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" iri-compact:"ai_typeOfModel"` - // Records if sensitive personal information is used during model training or - // could be used during the inference. - AiUseSensitivePersonalInformation presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" iri-compact:"ai_useSensitivePersonalInformation"` +func castExternalRef(o any) *ExternalRef { + if o, ok := o.(AnyExternalRef); ok { + return o.asExternalRef() + } + return nil } -func castAiAIPackage(o any) *AiAIPackage { - if o, ok := o.(AnyAiAIPackage); ok { - return o.asAiAIPackage() +func castFile(o any) *File { + if o, ok := o.(AnyFile); ok { + return o.asFile() } return nil } -func (o *AiAIPackage) asAiAIPackage() *AiAIPackage { - return o +func castHash(o any) *Hash { + if o, ok := o.(AnyHash); ok { + return o.asHash() + } + return nil } -type AnyAiAIPackage interface { - AnySoftwarePackage - asAiAIPackage() *AiAIPackage +func castIndividualElement(o any) *IndividualElement { + if o, ok := o.(AnyIndividualElement); ok { + return o.asIndividualElement() + } + return nil } -type AiAIPackageList []AnyAiAIPackage - -func (o *AiAIPackageList) AiAIPackageIter() iter.Seq2[AnyAiAIPackage, *AiAIPackage] { - return typeIter(*o, castAiAIPackage) +func castIndividualLicensingInfo(o any) *IndividualLicensingInfo { + if o, ok := o.(AnyIndividualLicensingInfo); ok { + return o.asIndividualLicensingInfo() + } + return nil } -// Specifies a data package and its associated information. -type DatasetDatasetPackage struct { - SoftwarePackage - - // Describes the anonymization methods used. - DatasetAnonymizationMethodUseds []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" iri-compact:"dataset_anonymizationMethodUsed"` - // Describes the confidentiality level of the data points contained in the dataset. - DatasetConfidentialityLevel datasetConfidentialityLevelType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" iri-compact:"dataset_confidentialityLevel"` - // Describes how the dataset was collected. - DatasetDataCollectionProcess string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" iri-compact:"dataset_dataCollectionProcess"` - // Describes the preprocessing steps that were applied to the raw data to create the given dataset. - DatasetDataPreprocessings []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" iri-compact:"dataset_dataPreprocessing"` - // The field describes the availability of a dataset. - DatasetDatasetAvailability datasetDatasetAvailabilityType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" iri-compact:"dataset_datasetAvailability"` - // Describes potentially noisy elements of the dataset. - DatasetDatasetNoise string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" iri-compact:"dataset_datasetNoise"` - // Captures the size of the dataset. - DatasetDatasetSize int `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" iri-compact:"dataset_datasetSize"` - // Describes the type of the given dataset. - DatasetDatasetTypes []datasetDatasetType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" iri-compact:"dataset_datasetType"` - // Describes a mechanism to update the dataset. - DatasetDatasetUpdateMechanism string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" iri-compact:"dataset_datasetUpdateMechanism"` - // Describes if any sensitive personal information is present in the dataset. - DatasetHasSensitivePersonalInformation presenceType `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" iri-compact:"dataset_hasSensitivePersonalInformation"` - // Describes what the given dataset should be used for. - DatasetIntendedUse string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" iri-compact:"dataset_intendedUse"` - // Records the biases that the dataset is known to encompass. - DatasetKnownBias []string `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" iri-compact:"dataset_knownBias"` - // Describes a sensor used for collecting the data. - DatasetSensors DictionaryEntryList `iri:"https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" iri-compact:"dataset_sensor"` +func castIntegrityMethod(o any) *IntegrityMethod { + if o, ok := o.(AnyIntegrityMethod); ok { + return o.asIntegrityMethod() + } + return nil } -func castDatasetDatasetPackage(o any) *DatasetDatasetPackage { - if o, ok := o.(AnyDatasetDatasetPackage); ok { - return o.asDatasetDatasetPackage() +func castLicense(o any) *License { + if o, ok := o.(AnyLicense); ok { + return o.asLicense() } return nil } -func (o *DatasetDatasetPackage) asDatasetDatasetPackage() *DatasetDatasetPackage { - return o +func castLicenseAddition(o any) *LicenseAddition { + if o, ok := o.(AnyLicenseAddition); ok { + return o.asLicenseAddition() + } + return nil } -type AnyDatasetDatasetPackage interface { - AnySoftwarePackage - asDatasetDatasetPackage() *DatasetDatasetPackage +func castLicenseExpression(o any) *LicenseExpression { + if o, ok := o.(AnyLicenseExpression); ok { + return o.asLicenseExpression() + } + return nil } -type DatasetDatasetPackageList []AnyDatasetDatasetPackage +func castLicenseInfo(o any) *LicenseInfo { + if o, ok := o.(AnyLicenseInfo); ok { + return o.asLicenseInfo() + } + return nil +} -func (o *DatasetDatasetPackageList) DatasetDatasetPackageIter() iter.Seq2[AnyDatasetDatasetPackage, *DatasetDatasetPackage] { - return typeIter(*o, castDatasetDatasetPackage) +func castLifecycleScopedRelationship(o any) *LifecycleScopedRelationship { + if o, ok := o.(AnyLifecycleScopedRelationship); ok { + return o.asLifecycleScopedRelationship() + } + return nil } -type ExternalIRI struct { - iri string +func castListedLicense(o any) *ListedLicense { + if o, ok := o.(AnyListedLicense); ok { + return o.asListedLicense() + } + return nil } -func NewExternalIRI(iri string) *ExternalIRI { - return &ExternalIRI{iri: iri} +func castListedLicenseException(o any) *ListedLicenseException { + if o, ok := o.(AnyListedLicenseException); ok { + return o.asListedLicenseException() + } + return nil } -func (o *ExternalIRI) asAiEnergyConsumption() *AiEnergyConsumption { return nil } -func (o *ExternalIRI) asAiEnergyConsumptionDescription() *AiEnergyConsumptionDescription { return nil } -func (o *ExternalIRI) asCreationInfo() *CreationInfo { return nil } -func (o *ExternalIRI) asDictionaryEntry() *DictionaryEntry { return nil } -func (o *ExternalIRI) asElement() *Element { return nil } -func (o *ExternalIRI) asElementCollection() *ElementCollection { return nil } -func (o *ExternalIRI) asExternalIdentifier() *ExternalIdentifier { return nil } -func (o *ExternalIRI) asExternalMap() *ExternalMap { return nil } -func (o *ExternalIRI) asExternalRef() *ExternalRef { return nil } -func (o *ExternalIRI) asIndividualElement() *IndividualElement { return nil } -func (o *ExternalIRI) asIntegrityMethod() *IntegrityMethod { return nil } -func (o *ExternalIRI) asNamespaceMap() *NamespaceMap { return nil } -func (o *ExternalIRI) asPackageVerificationCode() *PackageVerificationCode { return nil } -func (o *ExternalIRI) asPositiveIntegerRange() *PositiveIntegerRange { return nil } -func (o *ExternalIRI) asRelationship() *Relationship { return nil } -func (o *ExternalIRI) asSpdxDocument() *SpdxDocument { return nil } -func (o *ExternalIRI) asTool() *Tool { return nil } -func (o *ExternalIRI) asExpandedlicensingLicenseAddition() *ExpandedlicensingLicenseAddition { +func castNamespaceMap(o any) *NamespaceMap { + if o, ok := o.(AnyNamespaceMap); ok { + return o.asNamespaceMap() + } return nil } -func (o *ExternalIRI) asExpandedlicensingListedLicenseException() *ExpandedlicensingListedLicenseException { + +func castOrLaterOperator(o any) *OrLaterOperator { + if o, ok := o.(AnyOrLaterOperator); ok { + return o.asOrLaterOperator() + } return nil } -func (o *ExternalIRI) asExtensionCdxPropertyEntry() *ExtensionCdxPropertyEntry { return nil } -func (o *ExternalIRI) asExtensionExtension() *ExtensionExtension { return nil } -func (o *ExternalIRI) asSecurityVulnAssessmentRelationship() *SecurityVulnAssessmentRelationship { + +func castOrganization(o any) *Organization { + if o, ok := o.(AnyOrganization); ok { + return o.asOrganization() + } return nil } -func (o *ExternalIRI) asSimplelicensingAnyLicenseInfo() *SimplelicensingAnyLicenseInfo { return nil } -func (o *ExternalIRI) asSimplelicensingLicenseExpression() *SimplelicensingLicenseExpression { + +func castPackage(o any) *Package { + if o, ok := o.(AnyPackage); ok { + return o.asPackage() + } return nil } -func (o *ExternalIRI) asSimplelicensingSimpleLicensingText() *SimplelicensingSimpleLicensingText { + +func castPackageVerificationCode(o any) *PackageVerificationCode { + if o, ok := o.(AnyPackageVerificationCode); ok { + return o.asPackageVerificationCode() + } return nil } -func (o *ExternalIRI) asSoftwareContentIdentifier() *SoftwareContentIdentifier { return nil } -func (o *ExternalIRI) asBuildBuild() *BuildBuild { return nil } -func (o *ExternalIRI) asAgent() *Agent { return nil } -func (o *ExternalIRI) asAnnotation() *Annotation { return nil } -func (o *ExternalIRI) asArtifact() *Artifact { return nil } -func (o *ExternalIRI) asBundle() *Bundle { return nil } -func (o *ExternalIRI) asHash() *Hash { return nil } -func (o *ExternalIRI) asLifecycleScopedRelationship() *LifecycleScopedRelationship { return nil } -func (o *ExternalIRI) asOrganization() *Organization { return nil } -func (o *ExternalIRI) asPerson() *Person { return nil } -func (o *ExternalIRI) asSoftwareAgent() *SoftwareAgent { return nil } -func (o *ExternalIRI) asExpandedlicensingConjunctiveLicenseSet() *ExpandedlicensingConjunctiveLicenseSet { + +func castPerson(o any) *Person { + if o, ok := o.(AnyPerson); ok { + return o.asPerson() + } return nil } -func (o *ExternalIRI) asExpandedlicensingCustomLicenseAddition() *ExpandedlicensingCustomLicenseAddition { + +func castPositiveIntegerRange(o any) *PositiveIntegerRange { + if o, ok := o.(AnyPositiveIntegerRange); ok { + return o.asPositiveIntegerRange() + } return nil } -func (o *ExternalIRI) asExpandedlicensingDisjunctiveLicenseSet() *ExpandedlicensingDisjunctiveLicenseSet { + +func castRelationship(o any) *Relationship { + if o, ok := o.(AnyRelationship); ok { + return o.asRelationship() + } return nil } -func (o *ExternalIRI) asExpandedlicensingExtendableLicense() *ExpandedlicensingExtendableLicense { + +func castSbom(o any) *Sbom { + if o, ok := o.(AnySbom); ok { + return o.asSbom() + } return nil } -func (o *ExternalIRI) asExpandedlicensingIndividualLicensingInfo() *ExpandedlicensingIndividualLicensingInfo { + +func castSimpleLicensingText(o any) *SimpleLicensingText { + if o, ok := o.(AnySimpleLicensingText); ok { + return o.asSimpleLicensingText() + } return nil } -func (o *ExternalIRI) asExpandedlicensingLicense() *ExpandedlicensingLicense { return nil } -func (o *ExternalIRI) asExpandedlicensingListedLicense() *ExpandedlicensingListedLicense { return nil } -func (o *ExternalIRI) asExpandedlicensingOrLaterOperator() *ExpandedlicensingOrLaterOperator { + +func castSnippet(o any) *Snippet { + if o, ok := o.(AnySnippet); ok { + return o.asSnippet() + } return nil } -func (o *ExternalIRI) asExpandedlicensingWithAdditionOperator() *ExpandedlicensingWithAdditionOperator { + +func castSoftwareAgent(o any) *SoftwareAgent { + if o, ok := o.(AnySoftwareAgent); ok { + return o.asSoftwareAgent() + } return nil } -func (o *ExternalIRI) asExtensionCdxPropertiesExtension() *ExtensionCdxPropertiesExtension { + +func castSoftwareArtifact(o any) *SoftwareArtifact { + if o, ok := o.(AnySoftwareArtifact); ok { + return o.asSoftwareArtifact() + } return nil } -func (o *ExternalIRI) asSecurityCvssV2VulnAssessmentRelationship() *SecurityCvssV2VulnAssessmentRelationship { + +func castSpdxDocument(o any) *SpdxDocument { + if o, ok := o.(AnySpdxDocument); ok { + return o.asSpdxDocument() + } return nil } -func (o *ExternalIRI) asSecurityCvssV3VulnAssessmentRelationship() *SecurityCvssV3VulnAssessmentRelationship { + +func castSsvcVulnAssessmentRelationship(o any) *SsvcVulnAssessmentRelationship { + if o, ok := o.(AnySsvcVulnAssessmentRelationship); ok { + return o.asSsvcVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityCvssV4VulnAssessmentRelationship() *SecurityCvssV4VulnAssessmentRelationship { + +func castTool(o any) *Tool { + if o, ok := o.(AnyTool); ok { + return o.asTool() + } return nil } -func (o *ExternalIRI) asSecurityEpssVulnAssessmentRelationship() *SecurityEpssVulnAssessmentRelationship { + +func castVexAffectedVulnAssessmentRelationship(o any) *VexAffectedVulnAssessmentRelationship { + if o, ok := o.(AnyVexAffectedVulnAssessmentRelationship); ok { + return o.asVexAffectedVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityExploitCatalogVulnAssessmentRelationship() *SecurityExploitCatalogVulnAssessmentRelationship { + +func castVexFixedVulnAssessmentRelationship(o any) *VexFixedVulnAssessmentRelationship { + if o, ok := o.(AnyVexFixedVulnAssessmentRelationship); ok { + return o.asVexFixedVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecuritySsvcVulnAssessmentRelationship() *SecuritySsvcVulnAssessmentRelationship { + +func castVexNotAffectedVulnAssessmentRelationship(o any) *VexNotAffectedVulnAssessmentRelationship { + if o, ok := o.(AnyVexNotAffectedVulnAssessmentRelationship); ok { + return o.asVexNotAffectedVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVexVulnAssessmentRelationship() *SecurityVexVulnAssessmentRelationship { + +func castVexUnderInvestigationVulnAssessmentRelationship(o any) *VexUnderInvestigationVulnAssessmentRelationship { + if o, ok := o.(AnyVexUnderInvestigationVulnAssessmentRelationship); ok { + return o.asVexUnderInvestigationVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVulnerability() *SecurityVulnerability { return nil } -func (o *ExternalIRI) asSoftwareSoftwareArtifact() *SoftwareSoftwareArtifact { return nil } -func (o *ExternalIRI) asBom() *Bom { return nil } -func (o *ExternalIRI) asExpandedlicensingCustomLicense() *ExpandedlicensingCustomLicense { return nil } -func (o *ExternalIRI) asSecurityVexAffectedVulnAssessmentRelationship() *SecurityVexAffectedVulnAssessmentRelationship { + +func castVexVulnAssessmentRelationship(o any) *VexVulnAssessmentRelationship { + if o, ok := o.(AnyVexVulnAssessmentRelationship); ok { + return o.asVexVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVexFixedVulnAssessmentRelationship() *SecurityVexFixedVulnAssessmentRelationship { + +func castVulnAssessmentRelationship(o any) *VulnAssessmentRelationship { + if o, ok := o.(AnyVulnAssessmentRelationship); ok { + return o.asVulnAssessmentRelationship() + } return nil } -func (o *ExternalIRI) asSecurityVexNotAffectedVulnAssessmentRelationship() *SecurityVexNotAffectedVulnAssessmentRelationship { + +func castVulnerability(o any) *Vulnerability { + if o, ok := o.(AnyVulnerability); ok { + return o.asVulnerability() + } return nil } -func (o *ExternalIRI) asSecurityVexUnderInvestigationVulnAssessmentRelationship() *SecurityVexUnderInvestigationVulnAssessmentRelationship { + +func castWithAdditionOperator(o any) *WithAdditionOperator { + if o, ok := o.(AnyWithAdditionOperator); ok { + return o.asWithAdditionOperator() + } return nil } -func (o *ExternalIRI) asSoftwareFile() *SoftwareFile { return nil } -func (o *ExternalIRI) asSoftwarePackage() *SoftwarePackage { return nil } -func (o *ExternalIRI) asSoftwareSbom() *SoftwareSbom { return nil } -func (o *ExternalIRI) asSoftwareSnippet() *SoftwareSnippet { return nil } -func (o *ExternalIRI) asAiAIPackage() *AiAIPackage { return nil } -func (o *ExternalIRI) asDatasetDatasetPackage() *DatasetDatasetPackage { return nil } func cast[T any](value any) *T { var t T switch any(t).(type) { - case AiEnergyConsumption: - if v, ok := any(castAiEnergyConsumption(value)).(*T); ok { + case AIPackage: + if v, ok := any(castAIPackage(value)).(*T); ok { return v } - case AiEnergyConsumptionDescription: - if v, ok := any(castAiEnergyConsumptionDescription(value)).(*T); ok { + case Agent: + if v, ok := any(castAgent(value)).(*T); ok { return v } - case CreationInfo: - if v, ok := any(castCreationInfo(value)).(*T); ok { + case Annotation: + if v, ok := any(castAnnotation(value)).(*T); ok { return v } - case DictionaryEntry: - if v, ok := any(castDictionaryEntry(value)).(*T); ok { + case Artifact: + if v, ok := any(castArtifact(value)).(*T); ok { return v } - case Element: - if v, ok := any(castElement(value)).(*T); ok { + case Bom: + if v, ok := any(castBom(value)).(*T); ok { return v } - case ElementCollection: - if v, ok := any(castElementCollection(value)).(*T); ok { + case Build: + if v, ok := any(castBuild(value)).(*T); ok { return v } - case ExternalIdentifier: - if v, ok := any(castExternalIdentifier(value)).(*T); ok { + case Bundle: + if v, ok := any(castBundle(value)).(*T); ok { return v } - case ExternalMap: - if v, ok := any(castExternalMap(value)).(*T); ok { + case CdxPropertiesExtension: + if v, ok := any(castCdxPropertiesExtension(value)).(*T); ok { return v } - case ExternalRef: - if v, ok := any(castExternalRef(value)).(*T); ok { + case CdxPropertyEntry: + if v, ok := any(castCdxPropertyEntry(value)).(*T); ok { return v } - case IndividualElement: - if v, ok := any(castIndividualElement(value)).(*T); ok { + case ConjunctiveLicenseSet: + if v, ok := any(castConjunctiveLicenseSet(value)).(*T); ok { return v } - case IntegrityMethod: - if v, ok := any(castIntegrityMethod(value)).(*T); ok { + case ContentIdentifier: + if v, ok := any(castContentIdentifier(value)).(*T); ok { return v } - case NamespaceMap: - if v, ok := any(castNamespaceMap(value)).(*T); ok { + case CreationInfo: + if v, ok := any(castCreationInfo(value)).(*T); ok { return v } - case PackageVerificationCode: - if v, ok := any(castPackageVerificationCode(value)).(*T); ok { + case CustomLicense: + if v, ok := any(castCustomLicense(value)).(*T); ok { return v } - case PositiveIntegerRange: - if v, ok := any(castPositiveIntegerRange(value)).(*T); ok { + case CustomLicenseAddition: + if v, ok := any(castCustomLicenseAddition(value)).(*T); ok { return v } - case Relationship: - if v, ok := any(castRelationship(value)).(*T); ok { + case CvssV2VulnAssessmentRelationship: + if v, ok := any(castCvssV2VulnAssessmentRelationship(value)).(*T); ok { return v } - case SpdxDocument: - if v, ok := any(castSpdxDocument(value)).(*T); ok { + case CvssV3VulnAssessmentRelationship: + if v, ok := any(castCvssV3VulnAssessmentRelationship(value)).(*T); ok { return v } - case Tool: - if v, ok := any(castTool(value)).(*T); ok { + case CvssV4VulnAssessmentRelationship: + if v, ok := any(castCvssV4VulnAssessmentRelationship(value)).(*T); ok { return v } - case ExpandedlicensingLicenseAddition: - if v, ok := any(castExpandedlicensingLicenseAddition(value)).(*T); ok { + case DatasetPackage: + if v, ok := any(castDatasetPackage(value)).(*T); ok { return v } - case ExpandedlicensingListedLicenseException: - if v, ok := any(castExpandedlicensingListedLicenseException(value)).(*T); ok { + case DictionaryEntry: + if v, ok := any(castDictionaryEntry(value)).(*T); ok { return v } - case ExtensionCdxPropertyEntry: - if v, ok := any(castExtensionCdxPropertyEntry(value)).(*T); ok { + case DisjunctiveLicenseSet: + if v, ok := any(castDisjunctiveLicenseSet(value)).(*T); ok { return v } - case ExtensionExtension: - if v, ok := any(castExtensionExtension(value)).(*T); ok { + case Element: + if v, ok := any(castElement(value)).(*T); ok { return v } - case SecurityVulnAssessmentRelationship: - if v, ok := any(castSecurityVulnAssessmentRelationship(value)).(*T); ok { + case ElementCollection: + if v, ok := any(castElementCollection(value)).(*T); ok { return v } - case SimplelicensingAnyLicenseInfo: - if v, ok := any(castSimplelicensingAnyLicenseInfo(value)).(*T); ok { + case EnergyConsumption: + if v, ok := any(castEnergyConsumption(value)).(*T); ok { return v } - case SimplelicensingLicenseExpression: - if v, ok := any(castSimplelicensingLicenseExpression(value)).(*T); ok { + case EnergyConsumptionDescription: + if v, ok := any(castEnergyConsumptionDescription(value)).(*T); ok { return v } - case SimplelicensingSimpleLicensingText: - if v, ok := any(castSimplelicensingSimpleLicensingText(value)).(*T); ok { + case EpssVulnAssessmentRelationship: + if v, ok := any(castEpssVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareContentIdentifier: - if v, ok := any(castSoftwareContentIdentifier(value)).(*T); ok { + case ExploitCatalogVulnAssessmentRelationship: + if v, ok := any(castExploitCatalogVulnAssessmentRelationship(value)).(*T); ok { return v } - case BuildBuild: - if v, ok := any(castBuildBuild(value)).(*T); ok { + case ExtendableLicense: + if v, ok := any(castExtendableLicense(value)).(*T); ok { return v } - case Agent: - if v, ok := any(castAgent(value)).(*T); ok { + case ExternalIdentifier: + if v, ok := any(castExternalIdentifier(value)).(*T); ok { return v } - case Annotation: - if v, ok := any(castAnnotation(value)).(*T); ok { + case ExternalMap: + if v, ok := any(castExternalMap(value)).(*T); ok { return v } - case Artifact: - if v, ok := any(castArtifact(value)).(*T); ok { + case ExternalRef: + if v, ok := any(castExternalRef(value)).(*T); ok { return v } - case Bundle: - if v, ok := any(castBundle(value)).(*T); ok { + case File: + if v, ok := any(castFile(value)).(*T); ok { return v } case Hash: if v, ok := any(castHash(value)).(*T); ok { return v } - case LifecycleScopedRelationship: - if v, ok := any(castLifecycleScopedRelationship(value)).(*T); ok { - return v - } - case Organization: - if v, ok := any(castOrganization(value)).(*T); ok { + case IndividualElement: + if v, ok := any(castIndividualElement(value)).(*T); ok { return v } - case Person: - if v, ok := any(castPerson(value)).(*T); ok { + case IndividualLicensingInfo: + if v, ok := any(castIndividualLicensingInfo(value)).(*T); ok { return v } - case SoftwareAgent: - if v, ok := any(castSoftwareAgent(value)).(*T); ok { + case IntegrityMethod: + if v, ok := any(castIntegrityMethod(value)).(*T); ok { return v } - case ExpandedlicensingConjunctiveLicenseSet: - if v, ok := any(castExpandedlicensingConjunctiveLicenseSet(value)).(*T); ok { + case License: + if v, ok := any(castLicense(value)).(*T); ok { return v } - case ExpandedlicensingCustomLicenseAddition: - if v, ok := any(castExpandedlicensingCustomLicenseAddition(value)).(*T); ok { + case LicenseAddition: + if v, ok := any(castLicenseAddition(value)).(*T); ok { return v } - case ExpandedlicensingDisjunctiveLicenseSet: - if v, ok := any(castExpandedlicensingDisjunctiveLicenseSet(value)).(*T); ok { + case LicenseExpression: + if v, ok := any(castLicenseExpression(value)).(*T); ok { return v } - case ExpandedlicensingExtendableLicense: - if v, ok := any(castExpandedlicensingExtendableLicense(value)).(*T); ok { + case LicenseInfo: + if v, ok := any(castLicenseInfo(value)).(*T); ok { return v } - case ExpandedlicensingIndividualLicensingInfo: - if v, ok := any(castExpandedlicensingIndividualLicensingInfo(value)).(*T); ok { + case LifecycleScopedRelationship: + if v, ok := any(castLifecycleScopedRelationship(value)).(*T); ok { return v } - case ExpandedlicensingLicense: - if v, ok := any(castExpandedlicensingLicense(value)).(*T); ok { + case ListedLicense: + if v, ok := any(castListedLicense(value)).(*T); ok { return v } - case ExpandedlicensingListedLicense: - if v, ok := any(castExpandedlicensingListedLicense(value)).(*T); ok { + case ListedLicenseException: + if v, ok := any(castListedLicenseException(value)).(*T); ok { return v } - case ExpandedlicensingOrLaterOperator: - if v, ok := any(castExpandedlicensingOrLaterOperator(value)).(*T); ok { + case NamespaceMap: + if v, ok := any(castNamespaceMap(value)).(*T); ok { return v } - case ExpandedlicensingWithAdditionOperator: - if v, ok := any(castExpandedlicensingWithAdditionOperator(value)).(*T); ok { + case OrLaterOperator: + if v, ok := any(castOrLaterOperator(value)).(*T); ok { return v } - case ExtensionCdxPropertiesExtension: - if v, ok := any(castExtensionCdxPropertiesExtension(value)).(*T); ok { + case Organization: + if v, ok := any(castOrganization(value)).(*T); ok { return v } - case SecurityCvssV2VulnAssessmentRelationship: - if v, ok := any(castSecurityCvssV2VulnAssessmentRelationship(value)).(*T); ok { + case Package: + if v, ok := any(castPackage(value)).(*T); ok { return v } - case SecurityCvssV3VulnAssessmentRelationship: - if v, ok := any(castSecurityCvssV3VulnAssessmentRelationship(value)).(*T); ok { + case PackageVerificationCode: + if v, ok := any(castPackageVerificationCode(value)).(*T); ok { return v } - case SecurityCvssV4VulnAssessmentRelationship: - if v, ok := any(castSecurityCvssV4VulnAssessmentRelationship(value)).(*T); ok { + case Person: + if v, ok := any(castPerson(value)).(*T); ok { return v } - case SecurityEpssVulnAssessmentRelationship: - if v, ok := any(castSecurityEpssVulnAssessmentRelationship(value)).(*T); ok { + case PositiveIntegerRange: + if v, ok := any(castPositiveIntegerRange(value)).(*T); ok { return v } - case SecurityExploitCatalogVulnAssessmentRelationship: - if v, ok := any(castSecurityExploitCatalogVulnAssessmentRelationship(value)).(*T); ok { + case Relationship: + if v, ok := any(castRelationship(value)).(*T); ok { return v } - case SecuritySsvcVulnAssessmentRelationship: - if v, ok := any(castSecuritySsvcVulnAssessmentRelationship(value)).(*T); ok { + case Sbom: + if v, ok := any(castSbom(value)).(*T); ok { return v } - case SecurityVexVulnAssessmentRelationship: - if v, ok := any(castSecurityVexVulnAssessmentRelationship(value)).(*T); ok { + case SimpleLicensingText: + if v, ok := any(castSimpleLicensingText(value)).(*T); ok { return v } - case SecurityVulnerability: - if v, ok := any(castSecurityVulnerability(value)).(*T); ok { + case Snippet: + if v, ok := any(castSnippet(value)).(*T); ok { return v } - case SoftwareSoftwareArtifact: - if v, ok := any(castSoftwareSoftwareArtifact(value)).(*T); ok { + case SoftwareAgent: + if v, ok := any(castSoftwareAgent(value)).(*T); ok { return v } - case Bom: - if v, ok := any(castBom(value)).(*T); ok { + case SoftwareArtifact: + if v, ok := any(castSoftwareArtifact(value)).(*T); ok { return v } - case ExpandedlicensingCustomLicense: - if v, ok := any(castExpandedlicensingCustomLicense(value)).(*T); ok { + case SpdxDocument: + if v, ok := any(castSpdxDocument(value)).(*T); ok { return v } - case SecurityVexAffectedVulnAssessmentRelationship: - if v, ok := any(castSecurityVexAffectedVulnAssessmentRelationship(value)).(*T); ok { + case SsvcVulnAssessmentRelationship: + if v, ok := any(castSsvcVulnAssessmentRelationship(value)).(*T); ok { return v } - case SecurityVexFixedVulnAssessmentRelationship: - if v, ok := any(castSecurityVexFixedVulnAssessmentRelationship(value)).(*T); ok { + case Tool: + if v, ok := any(castTool(value)).(*T); ok { return v } - case SecurityVexNotAffectedVulnAssessmentRelationship: - if v, ok := any(castSecurityVexNotAffectedVulnAssessmentRelationship(value)).(*T); ok { + case VexAffectedVulnAssessmentRelationship: + if v, ok := any(castVexAffectedVulnAssessmentRelationship(value)).(*T); ok { return v } - case SecurityVexUnderInvestigationVulnAssessmentRelationship: - if v, ok := any(castSecurityVexUnderInvestigationVulnAssessmentRelationship(value)).(*T); ok { + case VexFixedVulnAssessmentRelationship: + if v, ok := any(castVexFixedVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareFile: - if v, ok := any(castSoftwareFile(value)).(*T); ok { + case VexNotAffectedVulnAssessmentRelationship: + if v, ok := any(castVexNotAffectedVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwarePackage: - if v, ok := any(castSoftwarePackage(value)).(*T); ok { + case VexUnderInvestigationVulnAssessmentRelationship: + if v, ok := any(castVexUnderInvestigationVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareSbom: - if v, ok := any(castSoftwareSbom(value)).(*T); ok { + case VexVulnAssessmentRelationship: + if v, ok := any(castVexVulnAssessmentRelationship(value)).(*T); ok { return v } - case SoftwareSnippet: - if v, ok := any(castSoftwareSnippet(value)).(*T); ok { + case VulnAssessmentRelationship: + if v, ok := any(castVulnAssessmentRelationship(value)).(*T); ok { return v } - case AiAIPackage: - if v, ok := any(castAiAIPackage(value)).(*T); ok { + case Vulnerability: + if v, ok := any(castVulnerability(value)).(*T); ok { return v } - case DatasetDatasetPackage: - if v, ok := any(castDatasetDatasetPackage(value)).(*T); ok { + case WithAdditionOperator: + if v, ok := any(castWithAdditionOperator(value)).(*T); ok { return v } } panic("invalid type cast, unknown type: " + reflect.TypeOf(t).String()) } -func As[T any, R any](value any, f func(v *T) R) R { +func As[T any, R any](value any, fn func(v *T) R) R { v := cast[T](value) if v != nil { - return f(v) + return fn(v) } var r R return r } + +func context() ld.Context { + return ld.NewContext().Register("https://spdx.org/rdf/3.0.1/spdx-context.jsonld", map[string]any{"@context": map[string]any{ + "Agent": "https://spdx.org/rdf/3.0.1/terms/Core/Agent", + "Annotation": "https://spdx.org/rdf/3.0.1/terms/Core/Annotation", + "AnnotationType": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType", + "Artifact": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact", + "Bom": "https://spdx.org/rdf/3.0.1/terms/Core/Bom", + "Bundle": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle", + "CreationInfo": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo", + "DictionaryEntry": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry", + "Element": "https://spdx.org/rdf/3.0.1/terms/Core/Element", + "ElementCollection": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection", + "ExternalIdentifier": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier", + "ExternalIdentifierType": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType", + "ExternalMap": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap", + "ExternalRef": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef", + "ExternalRefType": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType", + "Hash": "https://spdx.org/rdf/3.0.1/terms/Core/Hash", + "HashAlgorithm": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm", + "IndividualElement": "https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement", + "IntegrityMethod": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod", + "LifecycleScopeType": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType", + "LifecycleScopedRelationship": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship", + "NamespaceMap": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap", + "NoAssertionElement": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", + "NoneElement": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", + "Organization": "https://spdx.org/rdf/3.0.1/terms/Core/Organization", + "PackageVerificationCode": "https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode", + "Person": "https://spdx.org/rdf/3.0.1/terms/Core/Person", + "PositiveIntegerRange": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + "PresenceType": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType", + "ProfileIdentifierType": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType", + "Relationship": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship", + "RelationshipCompleteness": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness", + "RelationshipType": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType", + "SoftwareAgent": "https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent", + "SpdxDocument": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument", + "SpdxOrganization": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", + "SupportType": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType", + "Tool": "https://spdx.org/rdf/3.0.1/terms/Core/Tool", + "ai_AIPackage": "https://spdx.org/rdf/3.0.1/terms/AI/AIPackage", + "ai_EnergyConsumption": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption", + "ai_EnergyConsumptionDescription": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription", + "ai_EnergyUnitType": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType", + "ai_SafetyRiskAssessmentType": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType", + "ai_autonomyType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType", + "@type": "@vocab", + }, + "ai_domain": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/domain", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_energyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption", + "@type": "@vocab", + }, + "ai_energyQuantity": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "ai_energyUnit": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit", + "@type": "@vocab", + }, + "ai_finetuningEnergyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption", + "@type": "@vocab", + }, + "ai_hyperparameter": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter", + "@type": "@vocab", + }, + "ai_inferenceEnergyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption", + "@type": "@vocab", + }, + "ai_informationAboutApplication": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_informationAboutTraining": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_limitation": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/limitation", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_metric": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metric", + "@type": "@vocab", + }, + "ai_metricDecisionThreshold": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold", + "@type": "@vocab", + }, + "ai_modelDataPreprocessing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_modelExplainability": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_safetyRiskAssessment": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment", + "@type": "@vocab", + }, + "ai_standardCompliance": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_trainingEnergyConsumption": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption", + "@type": "@vocab", + }, + "ai_typeOfModel": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "ai_useSensitivePersonalInformation": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation", + "@type": "@vocab", + }, + "algorithm": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm", + "@type": "@vocab", + }, + "annotationType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType", + "@type": "@vocab", + }, + "beginIntegerRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange", + "@type": "http://www.w3.org/2001/XMLSchema#positiveInteger", + }, + "build_Build": "https://spdx.org/rdf/3.0.1/terms/Build/Build", + "build_buildEndTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "build_buildId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildId", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "build_buildStartTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "build_buildType": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildType", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "build_configSourceDigest": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest", + "@type": "@vocab", + }, + "build_configSourceEntrypoint": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "build_configSourceUri": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "build_environment": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/environment", + "@type": "@vocab", + }, + "build_parameter": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/parameter", + "@type": "@vocab", + }, + "builtTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "comment": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "completeness": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/completeness", + "@type": "@vocab", + }, + "contentType": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "context": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/context", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "created": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/created", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "createdBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy", + "@type": "@vocab", + }, + "createdUsing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing", + "@type": "@vocab", + }, + "creationInfo": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo", + "@type": "@vocab", + }, + "dataLicense": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense", + "@type": "@vocab", + }, + "dataset_ConfidentialityLevelType": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType", + "dataset_DatasetAvailabilityType": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType", + "dataset_DatasetPackage": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage", + "dataset_DatasetType": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType", + "dataset_anonymizationMethodUsed": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_confidentialityLevel": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel", + "@type": "@vocab", + }, + "dataset_dataCollectionProcess": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_dataPreprocessing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_datasetAvailability": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability", + "@type": "@vocab", + }, + "dataset_datasetNoise": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_datasetSize": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize", + "@type": "http://www.w3.org/2001/XMLSchema#nonNegativeInteger", + }, + "dataset_datasetType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType", + "@type": "@vocab", + }, + "dataset_datasetUpdateMechanism": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_hasSensitivePersonalInformation": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation", + "@type": "@vocab", + }, + "dataset_intendedUse": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_knownBias": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "dataset_sensor": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/sensor", + "@type": "@vocab", + }, + "definingArtifact": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact", + "@type": "@vocab", + }, + "description": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/description", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "element": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/element", + "@type": "@vocab", + }, + "endIntegerRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange", + "@type": "http://www.w3.org/2001/XMLSchema#positiveInteger", + }, + "endTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "expandedlicensing_ConjunctiveLicenseSet": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet", + "expandedlicensing_CustomLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense", + "expandedlicensing_CustomLicenseAddition": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition", + "expandedlicensing_DisjunctiveLicenseSet": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet", + "expandedlicensing_ExtendableLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense", + "expandedlicensing_IndividualLicensingInfo": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo", + "expandedlicensing_License": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License", + "expandedlicensing_LicenseAddition": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition", + "expandedlicensing_ListedLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense", + "expandedlicensing_ListedLicenseException": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException", + "expandedlicensing_NoAssertionLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", + "expandedlicensing_NoneLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", + "expandedlicensing_OrLaterOperator": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator", + "expandedlicensing_WithAdditionOperator": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator", + "expandedlicensing_additionText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_deprecatedVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_isDeprecatedAdditionId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_isDeprecatedLicenseId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_isFsfLibre": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_isOsiApproved": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "expandedlicensing_licenseXml": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_listVersionAdded": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_member": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member", + "@type": "@vocab", + }, + "expandedlicensing_obsoletedBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_seeAlso": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "expandedlicensing_standardAdditionTemplate": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_standardLicenseHeader": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_standardLicenseTemplate": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "expandedlicensing_subjectAddition": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition", + "@type": "@vocab", + }, + "expandedlicensing_subjectExtendableLicense": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense", + "@type": "@vocab", + }, + "expandedlicensing_subjectLicense": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense", + "@type": "@vocab", + }, + "extension": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/extension", + "@type": "@vocab", + }, + "extension_CdxPropertiesExtension": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension", + "extension_CdxPropertyEntry": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry", + "extension_Extension": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension", + "extension_cdxPropName": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "extension_cdxPropValue": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "extension_cdxProperty": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty", + "@type": "@vocab", + }, + "externalIdentifier": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier", + "@type": "@vocab", + }, + "externalIdentifierType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType", + "@type": "@vocab", + }, + "externalRef": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef", + "@type": "@vocab", + }, + "externalRefType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType", + "@type": "@vocab", + }, + "externalSpdxId": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "from": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/from", + "@type": "@vocab", + }, + "hashValue": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "identifier": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifier", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "identifierLocator": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "import": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/import", + "@type": "@vocab", + }, + "issuingAuthority": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "key": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/key", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "locationHint": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "locator": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locator", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "name": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/name", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "namespace": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespace", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "namespaceMap": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap", + "@type": "@vocab", + }, + "originatedBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy", + "@type": "@vocab", + }, + "packageVerificationCodeExcludedFile": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "prefix": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/prefix", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "profileConformance": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance", + "@type": "@vocab", + }, + "relationshipType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType", + "@type": "@vocab", + }, + "releaseTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "rootElement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement", + "@type": "@vocab", + }, + "scope": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/scope", + "@type": "@vocab", + }, + "security_CvssSeverityType": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType", + "security_CvssV2VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship", + "security_CvssV3VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship", + "security_CvssV4VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship", + "security_EpssVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship", + "security_ExploitCatalogType": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType", + "security_ExploitCatalogVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship", + "security_SsvcDecisionType": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType", + "security_SsvcVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship", + "security_VexAffectedVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship", + "security_VexFixedVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship", + "security_VexJustificationType": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType", + "security_VexNotAffectedVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship", + "security_VexUnderInvestigationVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship", + "security_VexVulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship", + "security_VulnAssessmentRelationship": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship", + "security_Vulnerability": "https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability", + "security_actionStatement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_actionStatementTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_assessedElement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/assessedElement", + "@type": "@vocab", + }, + "security_catalogType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType", + "@type": "@vocab", + }, + "security_decisionType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType", + "@type": "@vocab", + }, + "security_exploited": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/exploited", + "@type": "http://www.w3.org/2001/XMLSchema#boolean", + }, + "security_impactStatement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_impactStatementTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_justificationType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/justificationType", + "@type": "@vocab", + }, + "security_locator": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/locator", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "security_modifiedTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_percentile": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/percentile", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "security_probability": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/probability", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "security_publishedTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/publishedTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "security_score": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score", + "@type": "http://www.w3.org/2001/XMLSchema#decimal", + }, + "security_severity": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity", + "@type": "@vocab", + }, + "security_statusNotes": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_vectorString": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_vexVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vexVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "security_withdrawnTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "simplelicensing_AnyLicenseInfo": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo", + "simplelicensing_LicenseExpression": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression", + "simplelicensing_SimpleLicensingText": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText", + "simplelicensing_customIdToUri": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri", + "@type": "@vocab", + }, + "simplelicensing_licenseExpression": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "simplelicensing_licenseListVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "simplelicensing_licenseText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_ContentIdentifier": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", + "software_ContentIdentifierType": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType", + "software_File": "https://spdx.org/rdf/3.0.1/terms/Software/File", + "software_FileKindType": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType", + "software_Package": "https://spdx.org/rdf/3.0.1/terms/Software/Package", + "software_Sbom": "https://spdx.org/rdf/3.0.1/terms/Software/Sbom", + "software_SbomType": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType", + "software_Snippet": "https://spdx.org/rdf/3.0.1/terms/Software/Snippet", + "software_SoftwareArtifact": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact", + "software_SoftwarePurpose": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose", + "software_additionalPurpose": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose", + "@type": "@vocab", + }, + "software_attributionText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_byteRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange", + "@type": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + }, + "software_contentIdentifier": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier", + "@type": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", + }, + "software_contentIdentifierType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType", + "@type": "@vocab", + }, + "software_contentIdentifierValue": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_copyrightText": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_downloadLocation": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_fileKind": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind", + "@type": "@vocab", + }, + "software_homePage": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/homePage", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_lineRange": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange", + "@type": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + }, + "software_packageUrl": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl", + "@type": "http://www.w3.org/2001/XMLSchema#anyURI", + }, + "software_packageVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "software_primaryPurpose": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose", + "@type": "@vocab", + }, + "software_sbomType": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType", + "@type": "@vocab", + }, + "software_snippetFromFile": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile", + "@type": "@vocab", + }, + "software_sourceInfo": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "spdx": "https://spdx.org/rdf/3.0.1/terms/", + "spdxId": "@id", + "specVersion": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "standardName": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/standardName", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "startTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/startTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "statement": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/statement", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "subject": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/subject", + "@type": "@vocab", + }, + "summary": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/summary", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "suppliedBy": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy", + "@type": "@vocab", + }, + "supportLevel": map[string]any{ + "@context": map[string]any{"@vocab": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/"}, + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel", + "@type": "@vocab", + }, + "to": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/to", + "@type": "@vocab", + }, + "type": "@type", + "validUntilTime": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime", + "@type": "http://www.w3.org/2001/XMLSchema#dateTimeStamp", + }, + "value": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/value", + "@type": "http://www.w3.org/2001/XMLSchema#string", + }, + "verifiedUsing": map[string]any{ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing", + "@type": "@vocab", + }, + }}, + NewExternalIRI, + AIPackage{}, + Agent{}, + Annotation{}, + AnnotationType{}, + AnnotationType_Other, + AnnotationType_Review, + Artifact{}, + Bom{}, + Build{}, + Bundle{}, + CdxPropertiesExtension{}, + CdxPropertyEntry{}, + ConfidentialityLevelType{}, + ConfidentialityLevelType_Amber, + ConfidentialityLevelType_Clear, + ConfidentialityLevelType_Green, + ConfidentialityLevelType_Red, + ConjunctiveLicenseSet{}, + ContentIdentifier{}, + ContentIdentifierType{}, + ContentIdentifierType_Gitoid, + ContentIdentifierType_Swhid, + CreationInfo{}, + CustomLicense{}, + CustomLicenseAddition{}, + CvssSeverityType{}, + CvssSeverityType_Critical, + CvssSeverityType_High, + CvssSeverityType_Low, + CvssSeverityType_Medium, + CvssSeverityType_None, + CvssV2VulnAssessmentRelationship{}, + CvssV3VulnAssessmentRelationship{}, + CvssV4VulnAssessmentRelationship{}, + DatasetAvailabilityType{}, + DatasetAvailabilityType_Clickthrough, + DatasetAvailabilityType_DirectDownload, + DatasetAvailabilityType_Query, + DatasetAvailabilityType_Registration, + DatasetAvailabilityType_ScrapingScript, + DatasetPackage{}, + DatasetType{}, + DatasetType_Audio, + DatasetType_Categorical, + DatasetType_Graph, + DatasetType_Image, + DatasetType_NoAssertion, + DatasetType_Numeric, + DatasetType_Other, + DatasetType_Sensor, + DatasetType_Structured, + DatasetType_Syntactic, + DatasetType_Text, + DatasetType_Timeseries, + DatasetType_Timestamp, + DatasetType_Video, + DictionaryEntry{}, + DisjunctiveLicenseSet{}, + Element{}, + ElementCollection{}, + EnergyConsumption{}, + EnergyConsumptionDescription{}, + EnergyUnitType{}, + EnergyUnitType_KilowattHour, + EnergyUnitType_Megajoule, + EnergyUnitType_Other, + EpssVulnAssessmentRelationship{}, + ExploitCatalogType{}, + ExploitCatalogType_Kev, + ExploitCatalogType_Other, + ExploitCatalogVulnAssessmentRelationship{}, + ExtendableLicense{}, + Extension{}, + ExternalIdentifier{}, + ExternalIdentifierType{}, + ExternalIdentifierType_Cpe22, + ExternalIdentifierType_Cpe23, + ExternalIdentifierType_Cve, + ExternalIdentifierType_Email, + ExternalIdentifierType_Gitoid, + ExternalIdentifierType_Other, + ExternalIdentifierType_PackageUrl, + ExternalIdentifierType_SecurityOther, + ExternalIdentifierType_Swhid, + ExternalIdentifierType_Swid, + ExternalIdentifierType_UrlScheme, + ExternalMap{}, + ExternalRef{}, + ExternalRefType{}, + ExternalRefType_AltDownloadLocation, + ExternalRefType_AltWebPage, + ExternalRefType_BinaryArtifact, + ExternalRefType_Bower, + ExternalRefType_BuildMeta, + ExternalRefType_BuildSystem, + ExternalRefType_CertificationReport, + ExternalRefType_Chat, + ExternalRefType_ComponentAnalysisReport, + ExternalRefType_Cwe, + ExternalRefType_Documentation, + ExternalRefType_DynamicAnalysisReport, + ExternalRefType_EolNotice, + ExternalRefType_ExportControlAssessment, + ExternalRefType_Funding, + ExternalRefType_IssueTracker, + ExternalRefType_License, + ExternalRefType_MailingList, + ExternalRefType_MavenCentral, + ExternalRefType_Metrics, + ExternalRefType_Npm, + ExternalRefType_Nuget, + ExternalRefType_Other, + ExternalRefType_PrivacyAssessment, + ExternalRefType_ProductMetadata, + ExternalRefType_PurchaseOrder, + ExternalRefType_QualityAssessmentReport, + ExternalRefType_ReleaseHistory, + ExternalRefType_ReleaseNotes, + ExternalRefType_RiskAssessment, + ExternalRefType_RuntimeAnalysisReport, + ExternalRefType_SecureSoftwareAttestation, + ExternalRefType_SecurityAdversaryModel, + ExternalRefType_SecurityAdvisory, + ExternalRefType_SecurityFix, + ExternalRefType_SecurityOther, + ExternalRefType_SecurityPenTestReport, + ExternalRefType_SecurityPolicy, + ExternalRefType_SecurityThreatModel, + ExternalRefType_SocialMedia, + ExternalRefType_SourceArtifact, + ExternalRefType_StaticAnalysisReport, + ExternalRefType_Support, + ExternalRefType_Vcs, + ExternalRefType_VulnerabilityDisclosureReport, + ExternalRefType_VulnerabilityExploitabilityAssessment, + File{}, + FileKindType{}, + FileKindType_Directory, + FileKindType_File, + Hash{}, + HashAlgorithm{}, + HashAlgorithm_Adler32, + HashAlgorithm_Blake2b256, + HashAlgorithm_Blake2b384, + HashAlgorithm_Blake2b512, + HashAlgorithm_Blake3, + HashAlgorithm_CrystalsDilithium, + HashAlgorithm_CrystalsKyber, + HashAlgorithm_Falcon, + HashAlgorithm_Md2, + HashAlgorithm_Md4, + HashAlgorithm_Md5, + HashAlgorithm_Md6, + HashAlgorithm_Other, + HashAlgorithm_Sha1, + HashAlgorithm_Sha224, + HashAlgorithm_Sha256, + HashAlgorithm_Sha384, + HashAlgorithm_Sha3_224, + HashAlgorithm_Sha3_256, + HashAlgorithm_Sha3_384, + HashAlgorithm_Sha3_512, + HashAlgorithm_Sha512, + IndividualElement{}, + IndividualElement_NoAssertionElement, + IndividualElement_NoneElement, + IndividualLicensingInfo{}, + IndividualLicensingInfo_NoAssertionLicense, + IndividualLicensingInfo_NoneLicense, + IntegrityMethod{}, + License{}, + LicenseAddition{}, + LicenseExpression{}, + LicenseInfo{}, + LifecycleScopeType{}, + LifecycleScopeType_Build, + LifecycleScopeType_Design, + LifecycleScopeType_Development, + LifecycleScopeType_Other, + LifecycleScopeType_Runtime, + LifecycleScopeType_Test, + LifecycleScopedRelationship{}, + ListedLicense{}, + ListedLicenseException{}, + NamespaceMap{}, + OrLaterOperator{}, + Organization{}, + Organization_SpdxOrganization, + Package{}, + PackageVerificationCode{}, + Person{}, + PositiveIntegerRange{}, + PresenceType{}, + PresenceType_No, + PresenceType_NoAssertion, + PresenceType_Yes, + ProfileIdentifierType{}, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Build, + ProfileIdentifierType_Core, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, + ProfileIdentifierType_Security, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_Software, + Relationship{}, + RelationshipCompleteness{}, + RelationshipCompleteness_Complete, + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_NoAssertion, + RelationshipType{}, + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + SafetyRiskAssessmentType{}, + SafetyRiskAssessmentType_High, + SafetyRiskAssessmentType_Low, + SafetyRiskAssessmentType_Medium, + SafetyRiskAssessmentType_Serious, + Sbom{}, + SbomType{}, + SbomType_Analyzed, + SbomType_Build, + SbomType_Deployed, + SbomType_Design, + SbomType_Runtime, + SbomType_Source, + SimpleLicensingText{}, + Snippet{}, + SoftwareAgent{}, + SoftwareArtifact{}, + SoftwarePurpose{}, + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_DiskImage, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + SpdxDocument{}, + SsvcDecisionType{}, + SsvcDecisionType_Act, + SsvcDecisionType_Attend, + SsvcDecisionType_Track, + SsvcDecisionType_TrackStar, + SsvcVulnAssessmentRelationship{}, + SupportType{}, + SupportType_Deployed, + SupportType_Development, + SupportType_EndOfSupport, + SupportType_LimitedSupport, + SupportType_NoAssertion, + SupportType_NoSupport, + SupportType_Support, + Tool{}, + VexAffectedVulnAssessmentRelationship{}, + VexFixedVulnAssessmentRelationship{}, + VexJustificationType{}, + VexJustificationType_ComponentNotPresent, + VexJustificationType_InlineMitigationsAlreadyExist, + VexJustificationType_VulnerableCodeCannotBeControlledByAdversary, + VexJustificationType_VulnerableCodeNotInExecutePath, + VexJustificationType_VulnerableCodeNotPresent, + VexNotAffectedVulnAssessmentRelationship{}, + VexUnderInvestigationVulnAssessmentRelationship{}, + VexVulnAssessmentRelationship{}, + VulnAssessmentRelationship{}, + Vulnerability{}, + WithAdditionOperator{}, + ) +} diff --git a/spdx/v3/v3_0/model_validations.go b/spdx/v3/v3_0/model_validations.go new file mode 100755 index 0000000..abd2da7 --- /dev/null +++ b/spdx/v3/v3_0/model_validations.go @@ -0,0 +1,878 @@ +// Generated by github.com/kzantow/go-ld +// +// SPDX-License-Identifier: MIT + +package v3_0 + +import "github.com/kzantow/go-ld" + +func (o *AIPackage) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Package), + ld.ValidateProperty(o, &o.UseSensitivePersonalInformation, + ld.ValidateIRI( + PresenceType_Yes, + PresenceType_No, + PresenceType_NoAssertion, + )), + ld.ValidateProperty(o, &o.AutonomyType, + ld.ValidateIRI( + PresenceType_Yes, + PresenceType_No, + PresenceType_NoAssertion, + )), + ld.ValidateProperty(o, &o.SafetyRiskAssessment, + ld.ValidateIRI( + SafetyRiskAssessmentType_Serious, + SafetyRiskAssessmentType_High, + SafetyRiskAssessmentType_Medium, + SafetyRiskAssessmentType_Low, + ))) +} + +func (o *Agent) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *Annotation) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.Subject), + ld.ValidateProperty(o, &o.ContentType, + ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), + ld.ValidateProperty(o, &o.AnnotationType, + ld.ValidateIRI( + AnnotationType_Other, + AnnotationType_Review, + ))) +} + +func (o *AnnotationType) Validate() error { + return ld.JoinErrors() +} + +func (o *Artifact) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.SupportLevels, + ld.ValidateAll(ld.ValidateIRI( + SupportType_Development, + SupportType_Support, + SupportType_Deployed, + SupportType_LimitedSupport, + SupportType_EndOfSupport, + SupportType_NoSupport, + SupportType_NoAssertion, + )))) +} + +func (o *Bom) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Bundle)) +} + +func (o *Build) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.BuildType)) +} + +func (o *Bundle) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ElementCollection)) +} + +func (o *CdxPropertiesExtension) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Extension), + ld.ValidateProperty(o, &o.CdxProperties, + ld.ValidateMinCount[CdxPropertyEntryList](1))) +} + +func (o *CdxPropertyEntry) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.CdxPropName)) +} + +func (o *ConfidentialityLevelType) Validate() error { + return ld.JoinErrors() +} + +func (o *ConjunctiveLicenseSet) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.Members, + ld.ValidateMinCount[LicenseInfoList](2))) +} + +func (o *ContentIdentifier) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.IntegrityMethod), + ld.ValidateProperty(o, &o.ContentIdentifierType, + ld.ValidateIRI( + ContentIdentifierType_Gitoid, + ContentIdentifierType_Swhid, + )), + ld.ValidateProperty(o, &o.ContentIdentifierValue)) +} + +func (o *ContentIdentifierType) Validate() error { + return ld.JoinErrors() +} + +func (o *CreationInfo) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SpecVersion, + ld.ValidateExpression("^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$")), + ld.ValidateProperty(o, &o.Created), + ld.ValidateProperty(o, &o.CreatedBy, + ld.ValidateMinCount[AgentList](1))) +} + +func (o *CustomLicense) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.License)) +} + +func (o *CustomLicenseAddition) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseAddition)) +} + +func (o *CvssSeverityType) Validate() error { + return ld.JoinErrors() +} + +func (o *CvssV2VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.VectorString), + ld.ValidateProperty(o, &o.Score)) +} + +func (o *CvssV3VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Score), + ld.ValidateProperty(o, &o.Severity, + ld.ValidateIRI( + CvssSeverityType_Critical, + CvssSeverityType_High, + CvssSeverityType_Medium, + CvssSeverityType_Low, + CvssSeverityType_None, + )), + ld.ValidateProperty(o, &o.VectorString)) +} + +func (o *CvssV4VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Severity, + ld.ValidateIRI( + CvssSeverityType_Critical, + CvssSeverityType_High, + CvssSeverityType_Medium, + CvssSeverityType_Low, + CvssSeverityType_None, + )), + ld.ValidateProperty(o, &o.VectorString), + ld.ValidateProperty(o, &o.Score)) +} + +func (o *DatasetAvailabilityType) Validate() error { + return ld.JoinErrors() +} + +func (o *DatasetPackage) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Package), + ld.ValidateProperty(o, &o.ConfidentialityLevel, + ld.ValidateIRI( + ConfidentialityLevelType_Red, + ConfidentialityLevelType_Amber, + ConfidentialityLevelType_Green, + ConfidentialityLevelType_Clear, + )), + ld.ValidateProperty(o, &o.DatasetAvailability, + ld.ValidateIRI( + DatasetAvailabilityType_Clickthrough, + DatasetAvailabilityType_DirectDownload, + DatasetAvailabilityType_Query, + DatasetAvailabilityType_Registration, + DatasetAvailabilityType_ScrapingScript, + )), + ld.ValidateProperty(o, &o.HasSensitivePersonalInformation, + ld.ValidateIRI( + PresenceType_Yes, + PresenceType_No, + PresenceType_NoAssertion, + )), + ld.ValidateProperty(o, &o.DatasetTypes, + ld.ValidateMinCount[[]DatasetType](1), + ld.ValidateAll(ld.ValidateIRI( + DatasetType_Audio, + DatasetType_Categorical, + DatasetType_Graph, + DatasetType_Image, + DatasetType_NoAssertion, + DatasetType_Numeric, + DatasetType_Other, + DatasetType_Sensor, + DatasetType_Structured, + DatasetType_Syntactic, + DatasetType_Text, + DatasetType_Timeseries, + DatasetType_Timestamp, + DatasetType_Video, + )))) +} + +func (o *DatasetType) Validate() error { + return ld.JoinErrors() +} + +func (o *DictionaryEntry) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Key)) +} + +func (o *DisjunctiveLicenseSet) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.Members, + ld.ValidateMinCount[LicenseInfoList](2))) +} + +func (o *Element) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.CreationInfo)) +} + +func (o *ElementCollection) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.ProfileConformances, + ld.ValidateAll(ld.ValidateIRI( + ProfileIdentifierType_Core, + ProfileIdentifierType_Software, + ProfileIdentifierType_SimpleLicensing, + ProfileIdentifierType_ExpandedLicensing, + ProfileIdentifierType_Security, + ProfileIdentifierType_Build, + ProfileIdentifierType_Ai, + ProfileIdentifierType_Dataset, + ProfileIdentifierType_Extension, + ProfileIdentifierType_Lite, + )))) +} + +func (o *EnergyConsumption) Validate() error { + return ld.JoinErrors() +} + +func (o *EnergyConsumptionDescription) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.EnergyQuantity), + ld.ValidateProperty(o, &o.EnergyUnit, + ld.ValidateIRI( + EnergyUnitType_KilowattHour, + EnergyUnitType_Megajoule, + EnergyUnitType_Other, + ))) +} + +func (o *EnergyUnitType) Validate() error { + return ld.JoinErrors() +} + +func (o *EpssVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Probability), + ld.ValidateProperty(o, &o.Percentile)) +} + +func (o *ExploitCatalogType) Validate() error { + return ld.JoinErrors() +} + +func (o *ExploitCatalogVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.Locator), + ld.ValidateProperty(o, &o.Exploited), + ld.ValidateProperty(o, &o.CatalogType, + ld.ValidateIRI( + ExploitCatalogType_Kev, + ExploitCatalogType_Other, + ))) +} + +func (o *ExtendableLicense) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo)) +} + +func (o *Extension) Validate() error { + return ld.JoinErrors() +} + +func (o *ExternalIdentifier) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Identifier), + ld.ValidateProperty(o, &o.ExternalIdentifierType, + ld.ValidateIRI( + ExternalIdentifierType_Cpe22, + ExternalIdentifierType_Cpe23, + ExternalIdentifierType_Cve, + ExternalIdentifierType_Email, + ExternalIdentifierType_Gitoid, + ExternalIdentifierType_Other, + ExternalIdentifierType_PackageUrl, + ExternalIdentifierType_SecurityOther, + ExternalIdentifierType_Swhid, + ExternalIdentifierType_Swid, + ExternalIdentifierType_UrlScheme, + ))) +} + +func (o *ExternalIdentifierType) Validate() error { + return ld.JoinErrors() +} + +func (o *ExternalMap) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ExternalSpdxId)) +} + +func (o *ExternalRef) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ContentType, + ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), + ld.ValidateProperty(o, &o.ExternalRefType, + ld.ValidateIRI( + ExternalRefType_AltDownloadLocation, + ExternalRefType_AltWebPage, + ExternalRefType_BinaryArtifact, + ExternalRefType_Bower, + ExternalRefType_BuildMeta, + ExternalRefType_BuildSystem, + ExternalRefType_Chat, + ExternalRefType_CertificationReport, + ExternalRefType_ComponentAnalysisReport, + ExternalRefType_Cwe, + ExternalRefType_Documentation, + ExternalRefType_DynamicAnalysisReport, + ExternalRefType_EolNotice, + ExternalRefType_ExportControlAssessment, + ExternalRefType_Funding, + ExternalRefType_IssueTracker, + ExternalRefType_MailingList, + ExternalRefType_MavenCentral, + ExternalRefType_Metrics, + ExternalRefType_Npm, + ExternalRefType_Nuget, + ExternalRefType_License, + ExternalRefType_Other, + ExternalRefType_PrivacyAssessment, + ExternalRefType_ProductMetadata, + ExternalRefType_PurchaseOrder, + ExternalRefType_QualityAssessmentReport, + ExternalRefType_ReleaseNotes, + ExternalRefType_ReleaseHistory, + ExternalRefType_RiskAssessment, + ExternalRefType_RuntimeAnalysisReport, + ExternalRefType_SecureSoftwareAttestation, + ExternalRefType_SecurityAdvisory, + ExternalRefType_SecurityAdversaryModel, + ExternalRefType_SecurityFix, + ExternalRefType_SecurityOther, + ExternalRefType_SecurityPenTestReport, + ExternalRefType_SecurityPolicy, + ExternalRefType_SecurityThreatModel, + ExternalRefType_SocialMedia, + ExternalRefType_SourceArtifact, + ExternalRefType_StaticAnalysisReport, + ExternalRefType_Support, + ExternalRefType_Vcs, + ExternalRefType_VulnerabilityDisclosureReport, + ExternalRefType_VulnerabilityExploitabilityAssessment, + ))) +} + +func (o *ExternalRefType) Validate() error { + return ld.JoinErrors() +} + +func (o *File) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SoftwareArtifact), + ld.ValidateProperty(o, &o.ContentType, + ld.ValidateExpression("^[^\\/]+\\/[^\\/]+$")), + ld.ValidateProperty(o, &o.FileKind, + ld.ValidateIRI( + FileKindType_File, + FileKindType_Directory, + ))) +} + +func (o *FileKindType) Validate() error { + return ld.JoinErrors() +} + +func (o *Hash) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.IntegrityMethod), + ld.ValidateProperty(o, &o.HashValue), + ld.ValidateProperty(o, &o.Algorithm, + ld.ValidateIRI( + HashAlgorithm_Adler32, + HashAlgorithm_Blake2b256, + HashAlgorithm_Blake2b384, + HashAlgorithm_Blake2b512, + HashAlgorithm_Blake3, + HashAlgorithm_CrystalsDilithium, + HashAlgorithm_CrystalsKyber, + HashAlgorithm_Falcon, + HashAlgorithm_Md2, + HashAlgorithm_Md4, + HashAlgorithm_Md5, + HashAlgorithm_Md6, + HashAlgorithm_Other, + HashAlgorithm_Sha1, + HashAlgorithm_Sha224, + HashAlgorithm_Sha256, + HashAlgorithm_Sha384, + HashAlgorithm_Sha512, + HashAlgorithm_Sha3_224, + HashAlgorithm_Sha3_256, + HashAlgorithm_Sha3_384, + HashAlgorithm_Sha3_512, + ))) +} + +func (o *HashAlgorithm) Validate() error { + return ld.JoinErrors() +} + +func (o *IndividualElement) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *IndividualLicensingInfo) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo)) +} + +func (o *IntegrityMethod) Validate() error { + return ld.JoinErrors() +} + +func (o *License) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ExtendableLicense), + ld.ValidateProperty(o, &o.LicenseText)) +} + +func (o *LicenseAddition) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.AdditionText)) +} + +func (o *LicenseExpression) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.LicenseExpression), + ld.ValidateProperty(o, &o.LicenseListVersion, + ld.ValidateExpression("^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"))) +} + +func (o *LicenseInfo) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *LifecycleScopeType) Validate() error { + return ld.JoinErrors() +} + +func (o *LifecycleScopedRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Relationship), + ld.ValidateProperty(o, &o.Scope, + ld.ValidateIRI( + LifecycleScopeType_Design, + LifecycleScopeType_Development, + LifecycleScopeType_Build, + LifecycleScopeType_Test, + LifecycleScopeType_Runtime, + LifecycleScopeType_Other, + ))) +} + +func (o *ListedLicense) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.License)) +} + +func (o *ListedLicenseException) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseAddition)) +} + +func (o *NamespaceMap) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Namespace), + ld.ValidateProperty(o, &o.Prefix)) +} + +func (o *OrLaterOperator) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ExtendableLicense), + ld.ValidateProperty(o, &o.SubjectLicense)) +} + +func (o *Organization) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Agent)) +} + +func (o *Package) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SoftwareArtifact)) +} + +func (o *PackageVerificationCode) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.IntegrityMethod), + ld.ValidateProperty(o, &o.Algorithm, + ld.ValidateIRI( + HashAlgorithm_Adler32, + HashAlgorithm_Blake2b256, + HashAlgorithm_Blake2b384, + HashAlgorithm_Blake2b512, + HashAlgorithm_Blake3, + HashAlgorithm_CrystalsDilithium, + HashAlgorithm_CrystalsKyber, + HashAlgorithm_Falcon, + HashAlgorithm_Md2, + HashAlgorithm_Md4, + HashAlgorithm_Md5, + HashAlgorithm_Md6, + HashAlgorithm_Other, + HashAlgorithm_Sha1, + HashAlgorithm_Sha224, + HashAlgorithm_Sha256, + HashAlgorithm_Sha384, + HashAlgorithm_Sha512, + HashAlgorithm_Sha3_224, + HashAlgorithm_Sha3_256, + HashAlgorithm_Sha3_384, + HashAlgorithm_Sha3_512, + )), + ld.ValidateProperty(o, &o.HashValue)) +} + +func (o *Person) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Agent)) +} + +func (o *PositiveIntegerRange) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.EndIntegerRange), + ld.ValidateProperty(o, &o.BeginIntegerRange)) +} + +func (o *PresenceType) Validate() error { + return ld.JoinErrors() +} + +func (o *ProfileIdentifierType) Validate() error { + return ld.JoinErrors() +} + +func (o *Relationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.Completeness, + ld.ValidateIRI( + RelationshipCompleteness_Incomplete, + RelationshipCompleteness_Complete, + RelationshipCompleteness_NoAssertion, + )), + ld.ValidateProperty(o, &o.To, + ld.ValidateMinCount[ElementList](1)), + ld.ValidateProperty(o, &o.From), + ld.ValidateProperty(o, &o.RelationshipType, + ld.ValidateIRI( + RelationshipType_Affects, + RelationshipType_AmendedBy, + RelationshipType_AncestorOf, + RelationshipType_AvailableFrom, + RelationshipType_Configures, + RelationshipType_Contains, + RelationshipType_CoordinatedBy, + RelationshipType_CopiedTo, + RelationshipType_DelegatedTo, + RelationshipType_DependsOn, + RelationshipType_DescendantOf, + RelationshipType_Describes, + RelationshipType_DoesNotAffect, + RelationshipType_ExpandsTo, + RelationshipType_ExploitCreatedBy, + RelationshipType_FixedBy, + RelationshipType_FixedIn, + RelationshipType_FoundBy, + RelationshipType_Generates, + RelationshipType_HasAddedFile, + RelationshipType_HasAssessmentFor, + RelationshipType_HasAssociatedVulnerability, + RelationshipType_HasConcludedLicense, + RelationshipType_HasDataFile, + RelationshipType_HasDeclaredLicense, + RelationshipType_HasDeletedFile, + RelationshipType_HasDependencyManifest, + RelationshipType_HasDistributionArtifact, + RelationshipType_HasDocumentation, + RelationshipType_HasDynamicLink, + RelationshipType_HasEvidence, + RelationshipType_HasExample, + RelationshipType_HasHost, + RelationshipType_HasInput, + RelationshipType_HasMetadata, + RelationshipType_HasOptionalComponent, + RelationshipType_HasOptionalDependency, + RelationshipType_HasOutput, + RelationshipType_HasPrerequisite, + RelationshipType_HasProvidedDependency, + RelationshipType_HasRequirement, + RelationshipType_HasSpecification, + RelationshipType_HasStaticLink, + RelationshipType_HasTest, + RelationshipType_HasTestCase, + RelationshipType_HasVariant, + RelationshipType_InvokedBy, + RelationshipType_ModifiedBy, + RelationshipType_Other, + RelationshipType_PackagedBy, + RelationshipType_PatchedBy, + RelationshipType_PublishedBy, + RelationshipType_ReportedBy, + RelationshipType_RepublishedBy, + RelationshipType_SerializedInArtifact, + RelationshipType_TestedOn, + RelationshipType_TrainedOn, + RelationshipType_UnderInvestigationFor, + RelationshipType_UsesTool, + ))) +} + +func (o *RelationshipCompleteness) Validate() error { + return ld.JoinErrors() +} + +func (o *RelationshipType) Validate() error { + return ld.JoinErrors() +} + +func (o *SafetyRiskAssessmentType) Validate() error { + return ld.JoinErrors() +} + +func (o *Sbom) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Bom), + ld.ValidateProperty(o, &o.SbomTypes, + ld.ValidateAll(ld.ValidateIRI( + SbomType_Design, + SbomType_Source, + SbomType_Build, + SbomType_Deployed, + SbomType_Runtime, + SbomType_Analyzed, + )))) +} + +func (o *SbomType) Validate() error { + return ld.JoinErrors() +} + +func (o *SimpleLicensingText) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element), + ld.ValidateProperty(o, &o.LicenseText)) +} + +func (o *Snippet) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.SoftwareArtifact), + ld.ValidateProperty(o, &o.SnippetFromFile)) +} + +func (o *SoftwareAgent) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Agent)) +} + +func (o *SoftwareArtifact) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Artifact), + ld.ValidateProperty(o, &o.AdditionalPurposes, + ld.ValidateAll(ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))), + ld.ValidateProperty(o, &o.PrimaryPurpose, + ld.ValidateIRI( + SoftwarePurpose_Application, + SoftwarePurpose_Archive, + SoftwarePurpose_Bom, + SoftwarePurpose_Configuration, + SoftwarePurpose_Container, + SoftwarePurpose_Data, + SoftwarePurpose_Device, + SoftwarePurpose_DiskImage, + SoftwarePurpose_DeviceDriver, + SoftwarePurpose_Documentation, + SoftwarePurpose_Evidence, + SoftwarePurpose_Executable, + SoftwarePurpose_File, + SoftwarePurpose_FilesystemImage, + SoftwarePurpose_Firmware, + SoftwarePurpose_Framework, + SoftwarePurpose_Install, + SoftwarePurpose_Library, + SoftwarePurpose_Manifest, + SoftwarePurpose_Model, + SoftwarePurpose_Module, + SoftwarePurpose_OperatingSystem, + SoftwarePurpose_Other, + SoftwarePurpose_Patch, + SoftwarePurpose_Platform, + SoftwarePurpose_Requirement, + SoftwarePurpose_Source, + SoftwarePurpose_Specification, + SoftwarePurpose_Test, + ))) +} + +func (o *SoftwarePurpose) Validate() error { + return ld.JoinErrors() +} + +func (o *SpdxDocument) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.ElementCollection)) +} + +func (o *SsvcDecisionType) Validate() error { + return ld.JoinErrors() +} + +func (o *SsvcVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship), + ld.ValidateProperty(o, &o.DecisionType, + ld.ValidateIRI( + SsvcDecisionType_Act, + SsvcDecisionType_Attend, + SsvcDecisionType_Track, + SsvcDecisionType_TrackStar, + ))) +} + +func (o *SupportType) Validate() error { + return ld.JoinErrors() +} + +func (o *Tool) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Element)) +} + +func (o *VexAffectedVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship), + ld.ValidateProperty(o, &o.ActionStatement)) +} + +func (o *VexFixedVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship)) +} + +func (o *VexJustificationType) Validate() error { + return ld.JoinErrors() +} + +func (o *VexNotAffectedVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship), + ld.ValidateProperty(o, &o.JustificationType, + ld.ValidateIRI( + VexJustificationType_ComponentNotPresent, + VexJustificationType_VulnerableCodeNotPresent, + VexJustificationType_VulnerableCodeCannotBeControlledByAdversary, + VexJustificationType_VulnerableCodeNotInExecutePath, + VexJustificationType_InlineMitigationsAlreadyExist, + ))) +} + +func (o *VexUnderInvestigationVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VexVulnAssessmentRelationship)) +} + +func (o *VexVulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.VulnAssessmentRelationship)) +} + +func (o *VulnAssessmentRelationship) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Relationship)) +} + +func (o *Vulnerability) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.Artifact)) +} + +func (o *WithAdditionOperator) Validate() error { + return ld.JoinErrors( + ld.ValidateProperty(o, &o.LicenseInfo), + ld.ValidateProperty(o, &o.SubjectExtendableLicense), + ld.ValidateProperty(o, &o.SubjectAddition)) +} diff --git a/spdx/v3/v3_0/spdx.go b/spdx/v3/v3_0/spdx.go index 93fb674..bd00b7f 100644 --- a/spdx/v3/v3_0/spdx.go +++ b/spdx/v3/v3_0/spdx.go @@ -1,8 +1,13 @@ package v3_0 import ( + "fmt" + "io" "reflect" "time" + + "github.com/davecgh/go-spew/spew" + "github.com/kzantow/go-ld" ) /* @@ -17,13 +22,19 @@ To regenerate, use something like this command: type Document struct { *SpdxDocument + LDContext ld.Context +} + +func LDContext() ld.Context { + return context() } -func NewDocument(conformance profileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { +func NewDocument(conformance ProfileIdentifierType, name string, createdBy AnyAgent, createdUsing AnyTool) *Document { ci := &CreationInfo{ - Created: time.Now(), - CreatedBys: AgentList{createdBy}, - CreatedUsings: ToolList{createdUsing}, + SpecVersion: "3.0.1", // TODO is there a way to ascertain this version from generated code programmatically? + Created: time.Now(), + CreatedBy: AgentList{createdBy}, + CreatedUsing: ToolList{createdUsing}, } return &Document{ SpdxDocument: &SpdxDocument{ @@ -32,95 +43,91 @@ func NewDocument(conformance profileIdentifierType, name string, createdBy AnyAg Name: name, CreationInfo: ci, }, - ProfileConformances: []profileIdentifierType{conformance}, + ProfileConformances: []ProfileIdentifierType{conformance}, }, }, - //LDContext: LDContext(), + LDContext: context(), + } +} + +func (d *Document) Validate(setCreationInfo bool) error { + if setCreationInfo { + // all Elements need to have creationInfo set... + d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) } + return ld.ValidateGraph(d.SpdxDocument) } func (d *Document) Append(e ...AnyElement) { d.SpdxDocument.RootElements = append(d.SpdxDocument.RootElements, e...) - d.SpdxDocument.Elements = append(d.SpdxDocument.Elements, e...) } -func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { - iCreationInfoType := reflect.TypeOf((*AnyCreationInfo)(nil)).Elem() - ci := reflect.ValueOf(creationInfo) - _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { - if v.IsZero() { - return nil - } - t := v.Type() - if t.Kind() == reflect.Interface && v.IsNil() && t.Implements(iCreationInfoType) { - v.Set(ci) - } - return nil - }) +// ToJSON first processes the document by: +// - setting each Element's CreationInfo property to the SpdxDocument's CreationInfo if nil +// - collecting all element references to the top-level Elements slice +// +// ... and after this initial processing, outputs the document as compact JSON LD, +// including accounting for empty IDs by outputting blank node spdxId values +func (d *Document) ToJSON(writer io.Writer) error { + if d.SpdxDocument == nil { + return fmt.Errorf("no document object created") + } + + // all Elements need to have creationInfo set... + d.setCreationInfo(d.SpdxDocument.CreationInfo, d.SpdxDocument) + + // ensure the Elements + d.ensureAllDocumentElements() + + return d.LDContext.ToJSON(writer, d.SpdxDocument) } -func (d *Document) ensureSpdxIDs(doc *SpdxDocument, idGen idGenerator) { - iElementType := reflect.TypeOf((*AnyElement)(nil)).Elem() - _ = visitObjectGraph(map[reflect.Value]struct{}{}, reflect.ValueOf(doc), func(v reflect.Value) error { - if v.Type().Implements(iElementType) { - el, ok := v.Interface().(AnyElement) - if ok { - e := el.asElement() - if e != nil && e.ID == "" { - e.ID = idGen(el) - } - } +func (d *Document) setCreationInfo(creationInfo AnyCreationInfo, doc *SpdxDocument) { + creationInfoInterfaceType := reflect.TypeOf((*AnyCreationInfo)(nil)).Elem() + ci := reflect.ValueOf(creationInfo) + _ = ld.VisitObjectGraph(doc, func(path []any, value reflect.Value) error { + t := value.Type() + if t == creationInfoInterfaceType && value.IsNil() { + value.Set(ci) } return nil }) } -type idGenerator func(e any) string - -func baseType(t reflect.Type) reflect.Type { - for t.Kind() == reflect.Ptr { - t = t.Elem() - } - return t -} - -func visitObjectGraph(visited map[reflect.Value]struct{}, v reflect.Value, visitor func(reflect.Value) error) error { - if _, ok := visited[v]; ok { - return nil - } - visited[v] = struct{}{} - if !v.IsValid() { - return nil - } - err := visitor(v) +func (d *Document) FromJSON(reader io.Reader) error { + graph, err := d.LDContext.FromJSON(reader) if err != nil { return err } - switch v.Kind() { - case reflect.Interface: - if !v.IsNil() { - return visitObjectGraph(visited, v.Elem(), visitor) - } - case reflect.Pointer: - if v.IsNil() { + for _, e := range graph { + if doc, ok := e.(*SpdxDocument); ok { + d.SpdxDocument = doc return nil } - return visitObjectGraph(visited, v.Elem(), visitor) - case reflect.Struct: - for i := 0; i < v.NumField(); i++ { - err = visitObjectGraph(visited, v.Field(i), visitor) - if err != nil { - return err - } + } + return fmt.Errorf("no SPDX document found") +} + +func (d *Document) ensureAllDocumentElements() { + all := map[reflect.Value]struct{}{} + for _, e := range d.Elements { + v := reflect.ValueOf(e) + if v.Kind() != reflect.Pointer { + panic("non-pointer type in elements: %v" + spew.Sdump(v)) } - case reflect.Slice: - for i := 0; i < v.Len(); i++ { - err = visitObjectGraph(visited, v.Index(i), visitor) - if err != nil { - return err + all[v] = struct{}{} + } + all[reflect.ValueOf(d.SpdxDocument)] = struct{}{} + _ = ld.VisitObjectGraph(d.SpdxDocument, func(path []any, value reflect.Value) error { + if value.Kind() == reflect.Pointer { + if _, ok := all[value]; ok { + return nil + } + if e, ok := value.Interface().(AnyElement); ok { + all[value] = struct{}{} + d.Elements = append(d.Elements, e) } } - default: - } - return nil + return nil + }) } diff --git a/spdx/v3/v3_0/spdx_test.go b/spdx/v3/v3_0/spdx_test.go index 0f9e70c..9be0eeb 100644 --- a/spdx/v3/v3_0/spdx_test.go +++ b/spdx/v3/v3_0/spdx_test.go @@ -1,11 +1,217 @@ package v3_0_test import ( + "bytes" + "fmt" + "os" + "reflect" + "strings" "testing" + "time" + + "github.com/google/go-cmp/cmp" + "github.com/kzantow/go-ld" + "github.com/pmezard/go-difflib/difflib" + "github.com/stretchr/testify/require" spdx "github.com/spdx/tools-golang/spdx/v3/v3_0" ) +func Test_validateMinList(t *testing.T) { + a := &spdx.Person{} + a.Name = "me" + e := &spdx.CreationInfo{ + SpecVersion: "3.0.1", + Created: time.Now(), + CreatedUsing: nil, + Comment: "", + CreatedBy: spdx.AgentList{}, + } + err := e.Validate() + require.Error(t, err) + require.Contains(t, err.Error(), "must have") +} + +func Test_writer(t *testing.T) { + d := newTestDocument() + pkg1 := &spdx.Package{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "the pkg 2", + }}}} + file1 := &spdx.File{ + SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "a file", + }}}, + ContentType: "text", // validation error + FileKind: spdx.FileKindType{}, + } + d.Append( + &spdx.Sbom{Bom: spdx.Bom{Bundle: spdx.Bundle{ElementCollection: spdx.ElementCollection{ + Element: spdx.Element{ + Name: "My Bom", + }, + Elements: spdx.ElementList{}, + }}}, + SbomTypes: nil, + }, + file1, + pkg1, + &spdx.Package{ + SoftwareArtifact: spdx.SoftwareArtifact{ + Artifact: spdx.Artifact{ + Element: spdx.Element{ + ID: "some ID!", + Name: "some name", + Description: "descr", + ExternalIdentifiers: spdx.ExternalIdentifierList{ + &spdx.ExternalIdentifier{ + IdentifierLocators: []ld.URI{ + "locator1", + "locator2", + }, + Identifier: "CVE-2024-1234", + ExternalIdentifierType: spdx.ExternalIdentifierType_Cve, + }, + }, + ExternalRefs: nil, + Summary: "", + VerifiedUsings: nil, + }, + StandardNames: []string{ + "standard-name1", + "standard-name2", + }, + ReleaseTime: time.Now(), + }, + AdditionalPurposes: []spdx.SoftwarePurpose{ + spdx.SoftwarePurpose_Container, + spdx.SoftwarePurpose_Library, + }, + PrimaryPurpose: spdx.SoftwarePurpose_Application, + CopyrightText: "", + }, + }, + ) + + // many validation issues + err := d.Validate(false) + require.Error(t, err) + require.Contains(t, err.Error(), "CreationInfo") + + err = d.Validate(true) + require.Error(t, err) + require.NotContains(t, err.Error(), "CreationInfo") + + // fix validation issue + file1.ContentType = "text/plain" + err = d.Validate(false) // already use creationInfo + require.NoError(t, err) + + buf := bytes.Buffer{} + err = d.ToJSON(&buf) + require.NoError(t, err) + fmt.Printf("%#v\n", buf.String()) + + d2 := newTestDocument() + err = d2.FromJSON(&buf) + require.NoError(t, err) + // these would (correctly) cause a failure, to validate unexported and time fields are being properly checked: + //d2.RootElements.Packages().Views()[1].PrimaryPurpose = spdx.SoftwarePurpose_Archive + //_ = spdx.As(d2.CreationInfo, func(info *spdx.CreationInfo) error { + // info.Created = info.Created.Add(time.Hour) + // return nil + //}) + diff := cmp.Diff(d.SpdxDocument, d2.SpdxDocument, testOpts...) + if diff != "" { + t.Fatal(diff) + } +} + +var testOpts = []cmp.Option{ + cmp.Transformer("truncate_time.Time", func(t time.Time) time.Time { + return t.Truncate(time.Second) + }), + // export and compare unexported fields + cmp.Exporter(func(r reflect.Type) bool { + return true + }), +} + +func Test_reader(t *testing.T) { + f, err := os.Open("test.json") + require.NoError(t, err) + d := newTestDocument() + err = d.FromJSON(f) + require.NoError(t, err) + fmt.Printf("%#v\n", d) + + require.Equal(t, d.Elements.Files().Len(), 1) + for _, fi := range d.Elements.Files() { + if fi.PrimaryPurpose == spdx.SoftwarePurpose_Executable { + println("Got Executable File ID: " + fi.ID) + } + } + + // the example is incorrect, it doesn't include the package in the element root + pkgs := d.Elements.Packages().Views() + //require.Len(t, pkgs, 1) + //require.NotEqual(t, time.Time{}, pkgs[0].BuiltTime) + require.Empty(t, pkgs) // FIXME this shouldn't be true, but the example is wrong + + rels := d.Elements.Relationships().Views() + require.Len(t, rels, 1) + + if p, ok := rels[0].From.(*spdx.Package); ok { + require.NotEqual(t, time.Time{}, p.BuiltTime) + } + // this is the only reference to the package I see: + _ = spdx.As(rels[0].From, func(p *spdx.Package) error { + require.NotEqual(t, time.Time{}, p.BuiltTime) + return nil + }) +} + +func Test_readerExpanded(t *testing.T) { + f, err := os.Open("test.expanded.json") + require.NoError(t, err) + d := newTestDocument() + err = d.FromJSON(f) + require.NoError(t, err) + fmt.Printf("%#v\n", d) + for _, fi := range d.Elements.Files() { + println("File ID: " + fi.ID) + } + + pkgs := d.Elements.Packages().Views() + require.Len(t, pkgs, 1) + require.NotEqual(t, time.Time{}, pkgs[0].BuiltTime) +} + +func Test_reader2(t *testing.T) { + contents := ` + { + "@context": "https://spdx.org/rdf/3.0.1/spdx-context.jsonld", + "@graph": [ + { "spdxId": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization" }, + { "spdxId": "SpdxOrganization" }, +{ + "type": "CreationInfo", + "@id": "_:creationinfo", + "createdBy": [ + "http://spdx.example.com/Agent/JoshuaWatt" + ], + "specVersion": "3.0.1", + "created": "2024-03-06T00:00:00Z" + } + ] +} + ` + graph, err := spdx.LDContext().FromJSON(strings.NewReader(contents)) + require.NoError(t, err) + for _, fi := range graph { + println("Elem" + fmt.Sprintf("%#v", fi)) + } +} + func Test_exportImportExport(t *testing.T) { // create a document doc := spdx.NewDocument( @@ -26,23 +232,23 @@ func Test_exportImportExport(t *testing.T) { Name: "not-tools-golang", }}) - sbom := &spdx.SoftwareSbom{} + sbom := &spdx.Sbom{} doc.RootElements = append(doc.RootElements, sbom) // create a package - pkg1 := &spdx.SoftwarePackage{ - SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + pkg1 := &spdx.Package{ + SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ Name: "some-package-1", }}}, - SoftwarePackageVersion: "1.2.3", + PackageVersion: "1.2.3", } // create another package - pkg2 := &spdx.AiAIPackage{} + pkg2 := &spdx.AIPackage{} pkg2.Name = "some-package-2" - pkg2.SoftwarePackageVersion = "2.4.5" + pkg2.PackageVersion = "2.4.5" // add the packages to the sbom @@ -50,7 +256,7 @@ func Test_exportImportExport(t *testing.T) { // add a file - file1 := &spdx.SoftwareFile{SoftwareSoftwareArtifact: spdx.SoftwareSoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + file1 := &spdx.File{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ Name: "/bin/bash", }}}} sbom.RootElements = append(sbom.RootElements, file1) @@ -60,7 +266,7 @@ func Test_exportImportExport(t *testing.T) { sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ From: file1, RelationshipType: spdx.RelationshipType_Contains, - Tos: spdx.ElementList{ + To: spdx.ElementList{ pkg1, pkg2, }, @@ -69,22 +275,65 @@ func Test_exportImportExport(t *testing.T) { sbom.RootElements = append(sbom.RootElements, &spdx.Relationship{ From: pkg1, RelationshipType: spdx.RelationshipType_DependsOn, - Tos: spdx.ElementList{ + To: spdx.ElementList{ pkg2, }, }) + // serialize + + buf := bytes.Buffer{} + err := doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + + json1 := buf.String() + fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + + // deserialize to a new document + + newDoc := newTestDocument() + err = newDoc.FromJSON(strings.NewReader(json1)) + if err != nil { + t.Error(err) + } + + // re-serialize + + buf.Reset() + err = newDoc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + json2 := buf.String() + fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + + // compare original to parsed and re-encoded + + diff := difflib.UnifiedDiff{ + A: difflib.SplitLines(json1), + B: difflib.SplitLines(json2), + FromFile: "Original", + ToFile: "Current", + Context: 3, + } + text, _ := difflib.GetUnifiedDiffString(diff) + if text != "" { + t.Errorf(text) + } + // some basic usage: - var pkgs []*spdx.SoftwarePackage - for _, sbom := range doc.RootElements.SoftwareSbomIter() { - for _, rel := range sbom.RootElements.RelationshipIter() { + var pkgs []*spdx.Package + for _, sbom := range doc.RootElements.Sboms() { + for _, rel := range sbom.RootElements.Relationships() { if rel.RelationshipType != spdx.RelationshipType_Contains { continue } - _ = spdx.As(rel.From, func(f *spdx.SoftwareFile) any { + _ = spdx.As(rel.From, func(f *spdx.File) any { if f.Name == "/bin/bash" { - for _, pkg := range rel.Tos.SoftwarePackageIter() { + for _, pkg := range rel.To.Packages() { pkgs = append(pkgs, pkg) } } @@ -98,8 +347,85 @@ func Test_exportImportExport(t *testing.T) { } } +func Test_aiProfile(t *testing.T) { + doc := spdx.NewDocument(spdx.ProfileIdentifierType_Ai, "", &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{ + Name: "tools-golang", + Summary: "a summary", + }}}, nil) + + aiPkg := &spdx.AIPackage{ + Package: spdx.Package{SoftwareArtifact: spdx.SoftwareArtifact{Artifact: spdx.Artifact{Element: spdx.Element{ + Name: "some ai package", + }}}}, + EnergyConsumption: &spdx.EnergyConsumption{ + FinetuningEnergyConsumptions: spdx.EnergyConsumptionDescriptionList{ + &spdx.EnergyConsumptionDescription{ + EnergyQuantity: 1.2, + EnergyUnit: spdx.EnergyUnitType_KilowattHour, + }, + }, + TrainingEnergyConsumptions: spdx.EnergyConsumptionDescriptionList{ + &spdx.EnergyConsumptionDescription{ + EnergyQuantity: 5032402, + EnergyUnit: spdx.EnergyUnitType_KilowattHour, + }, + }, + }, + TypeOfModels: []string{ + "Llama 3 8B", + }, + } + + doc.RootElements = append(doc.RootElements, aiPkg) + + // serialize + + buf := bytes.Buffer{} + err := doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + + json1 := buf.String() + fmt.Printf("--------- initial JSON: ----------\n%s\n\n", json1) + + // deserialize to a new document + + doc = newTestDocument() + //doc.RootElements.Append(&spdx.Agent{}) + err = doc.FromJSON(strings.NewReader(json1)) + if err != nil { + t.Error(err) + } + + // re-serialize + + buf.Reset() + err = doc.ToJSON(&buf) + if err != nil { + t.Error(err) + } + json2 := buf.String() + fmt.Printf("--------- reserialized JSON: ----------\n%s\n", json2) + + // compare original to parsed and re-encoded + + diff := difflib.UnifiedDiff{ + A: difflib.SplitLines(json1), + B: difflib.SplitLines(json2), + FromFile: "Original", + ToFile: "Current", + Context: 3, + } + text, _ := difflib.GetUnifiedDiffString(diff) + if text != "" { + t.Errorf(text) + } +} + func newTestDocument() *spdx.Document { - return spdx.NewDocument(spdx.ProfileIdentifierType_Lite, "test document", + //return spdx.NewDocument(spdx.ProfileIdentifierType_Lite, "test document", + return spdx.NewDocument(spdx.ProfileIdentifierType_Software, "test document", &spdx.SoftwareAgent{Agent: spdx.Agent{Element: spdx.Element{Name: "tools-golang-tests-agent", Summary: "a summary"}}}, &spdx.Tool{Element: spdx.Element{Name: "tools-golang-tests-tool"}}) } diff --git a/spdx/v3/v3_0/util.go b/spdx/v3/v3_0/util.go deleted file mode 100644 index 2b75336..0000000 --- a/spdx/v3/v3_0/util.go +++ /dev/null @@ -1,38 +0,0 @@ -// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT -// -// SPDX-License-Identifier: 0BSD - -package v3_0 - -import ( - "iter" -) - -func typeIter[T any, E any](values []E, cast func(any) *T) iter.Seq2[E, *T] { - if values == nil { - return func(yield func(E, *T) bool) {} - } - return func(yield func(E, *T) bool) { - for _, value := range values { - v := cast(value) - if v != nil { - if !yield(value, v) { - return - } - } - } - } -} - -func remove[T comparable, E ~[]T](slice *E, value T) { - if slice == nil { - return - } - s := *slice - for i := 0; i < len(*slice); i++ { - if s[i] == value { - *slice = append(s[0:i], s[:i+1]...) - i-- - } - } -} diff --git a/spdx/v3/v3_0/validator.go b/spdx/v3/v3_0/validator.go deleted file mode 100644 index 05ea49e..0000000 --- a/spdx/v3/v3_0/validator.go +++ /dev/null @@ -1,1846 +0,0 @@ -// This file was automatically generated by __main__.py. DO NOT MANUALLY MODIFY IT -// -// SPDX-License-Identifier: 0BSD - -package v3_0 - -import ( - "fmt" - "slices" - "strconv" - "strings" -) - -type ValidationError struct { - Path []string - Err error -} - -func (v ValidationError) String() string { - return strings.Join(v.Path, ".") + ": " + v.Err.Error() -} - -func (v ValidationError) Error() string { - return v.String() -} - -func newValidationError(path []string, err error) ValidationError { - return ValidationError{ - Path: path, - Err: err, - } -} - -type validator interface { - Validate(visited map[any]struct{}, path ...string) []ValidationError -} - -func validateInValues(path []string, value string, valid ...string) []ValidationError { - if slices.Contains(valid, value) { - return nil - } - return []ValidationError{newValidationError(path, fmt.Errorf("invalid value: '%v', expected: %v", value, valid))} -} - -func (o *AiEnergyConsumption) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - for i, v := range o.AiFinetuningEnergyConsumptions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiFinetuningEnergyConsumptions", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.AiInferenceEnergyConsumptions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiInferenceEnergyConsumptions", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.AiTrainingEnergyConsumptions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiTrainingEnergyConsumptions", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *AiEnergyConsumptionDescription) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - if o.AiEnergyUnit.ID == "" { - errs = append(errs, newValidationError(append(path, "AiEnergyUnit"), fmt.Errorf("required"))) - } - errs = append(errs, o.AiEnergyUnit.Validate(visited, append(path, "AiEnergyUnit")...)...) - - return errs -} - -func (o *AiEnergyUnitType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, AiEnergyUnitType_KilowattHour.ID, AiEnergyUnitType_Megajoule.ID, AiEnergyUnitType_Other.ID)...) - - return errs -} - -func (o *AiSafetyRiskAssessmentType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, AiSafetyRiskAssessmentType_High.ID, AiSafetyRiskAssessmentType_Low.ID, AiSafetyRiskAssessmentType_Medium.ID, AiSafetyRiskAssessmentType_Serious.ID)...) - - return errs -} - -func (o *AnnotationType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, AnnotationType_Other.ID, AnnotationType_Review.ID)...) - - return errs -} - -func (o *CreationInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.CreatedBys { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "CreatedBys", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.CreatedUsings { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "CreatedUsings", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - return errs -} - -func (o *DictionaryEntry) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *Element) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - if v, ok := o.CreationInfo.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "CreationInfo")...)...) - } - - // TODO: check for required - - for i, v := range o.Extensions { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Extensions", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.ExternalIdentifiers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExternalIdentifiers", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.ExternalRefs { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExternalRefs", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.VerifiedUsings { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "VerifiedUsings", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ElementCollection) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - for i, v := range o.Elements { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Elements", strconv.Itoa(i))...)...) - } - } - - for _, v := range o.ProfileConformances { - errs = append(errs, v.Validate(visited, append(path, "ProfileConformances")...)...) - } - - for i, v := range o.RootElements { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "RootElements", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExternalIdentifier) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - if o.ExternalIdentifierType.ID == "" { - errs = append(errs, newValidationError(append(path, "ExternalIdentifierType"), fmt.Errorf("required"))) - } - errs = append(errs, o.ExternalIdentifierType.Validate(visited, append(path, "ExternalIdentifierType")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - // TODO: check for required - return errs -} - -func (o *ExternalIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, ExternalIdentifierType_Cpe22.ID, ExternalIdentifierType_Cpe23.ID, ExternalIdentifierType_Cve.ID, ExternalIdentifierType_Email.ID, ExternalIdentifierType_Gitoid.ID, ExternalIdentifierType_Other.ID, ExternalIdentifierType_PackageUrl.ID, ExternalIdentifierType_SecurityOther.ID, ExternalIdentifierType_Swhid.ID, ExternalIdentifierType_Swid.ID, ExternalIdentifierType_UrlScheme.ID)...) - - return errs -} - -func (o *ExternalMap) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - if v, ok := o.DefiningArtifact.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "DefiningArtifact")...)...) - } - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.VerifiedUsings { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "VerifiedUsings", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExternalRef) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - - errs = append(errs, o.ExternalRefType.Validate(visited, append(path, "ExternalRefType")...)...) - - // TODO: check for required/min/max/etc. - - return errs -} - -func (o *ExternalRefType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, ExternalRefType_AltDownloadLocation.ID, ExternalRefType_AltWebPage.ID, ExternalRefType_BinaryArtifact.ID, ExternalRefType_Bower.ID, ExternalRefType_BuildMeta.ID, ExternalRefType_BuildSystem.ID, ExternalRefType_CertificationReport.ID, ExternalRefType_Chat.ID, ExternalRefType_ComponentAnalysisReport.ID, ExternalRefType_Cwe.ID, ExternalRefType_Documentation.ID, ExternalRefType_DynamicAnalysisReport.ID, ExternalRefType_EolNotice.ID, ExternalRefType_ExportControlAssessment.ID, ExternalRefType_Funding.ID, ExternalRefType_IssueTracker.ID, ExternalRefType_License.ID, ExternalRefType_MailingList.ID, ExternalRefType_MavenCentral.ID, ExternalRefType_Metrics.ID, ExternalRefType_Npm.ID, ExternalRefType_Nuget.ID, ExternalRefType_Other.ID, ExternalRefType_PrivacyAssessment.ID, ExternalRefType_ProductMetadata.ID, ExternalRefType_PurchaseOrder.ID, ExternalRefType_QualityAssessmentReport.ID, ExternalRefType_ReleaseHistory.ID, ExternalRefType_ReleaseNotes.ID, ExternalRefType_RiskAssessment.ID, ExternalRefType_RuntimeAnalysisReport.ID, ExternalRefType_SecureSoftwareAttestation.ID, ExternalRefType_SecurityAdversaryModel.ID, ExternalRefType_SecurityAdvisory.ID, ExternalRefType_SecurityFix.ID, ExternalRefType_SecurityOther.ID, ExternalRefType_SecurityPenTestReport.ID, ExternalRefType_SecurityPolicy.ID, ExternalRefType_SecurityThreatModel.ID, ExternalRefType_SocialMedia.ID, ExternalRefType_SourceArtifact.ID, ExternalRefType_StaticAnalysisReport.ID, ExternalRefType_Support.ID, ExternalRefType_Vcs.ID, ExternalRefType_VulnerabilityDisclosureReport.ID, ExternalRefType_VulnerabilityExploitabilityAssessment.ID)...) - - return errs -} - -func (o *HashAlgorithm) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, HashAlgorithm_Adler32.ID, HashAlgorithm_Blake2b256.ID, HashAlgorithm_Blake2b384.ID, HashAlgorithm_Blake2b512.ID, HashAlgorithm_Blake3.ID, HashAlgorithm_CrystalsDilithium.ID, HashAlgorithm_CrystalsKyber.ID, HashAlgorithm_Falcon.ID, HashAlgorithm_Md2.ID, HashAlgorithm_Md4.ID, HashAlgorithm_Md5.ID, HashAlgorithm_Md6.ID, HashAlgorithm_Other.ID, HashAlgorithm_Sha1.ID, HashAlgorithm_Sha224.ID, HashAlgorithm_Sha256.ID, HashAlgorithm_Sha384.ID, HashAlgorithm_Sha3224.ID, HashAlgorithm_Sha3256.ID, HashAlgorithm_Sha3384.ID, HashAlgorithm_Sha3512.ID, HashAlgorithm_Sha512.ID)...) - - return errs -} - -func (o *IndividualElement) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - errs = append(errs, validateInValues(path, o.ID, IndividualElement_NoAssertionElement.ID, IndividualElement_NoneElement.ID)...) - - return errs -} - -func (o *IntegrityMethod) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - return errs -} - -func (o *LifecycleScopeType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, LifecycleScopeType_Build.ID, LifecycleScopeType_Design.ID, LifecycleScopeType_Development.ID, LifecycleScopeType_Other.ID, LifecycleScopeType_Runtime.ID, LifecycleScopeType_Test.ID)...) - - return errs -} - -func (o *NamespaceMap) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *PackageVerificationCode) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) - - if o.Algorithm.ID == "" { - errs = append(errs, newValidationError(append(path, "Algorithm"), fmt.Errorf("required"))) - } - errs = append(errs, o.Algorithm.Validate(visited, append(path, "Algorithm")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - return errs -} - -func (o *PositiveIntegerRange) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *PresenceType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, PresenceType_No.ID, PresenceType_NoAssertion.ID, PresenceType_Yes.ID)...) - - return errs -} - -func (o *ProfileIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, ProfileIdentifierType_Ai.ID, ProfileIdentifierType_Build.ID, ProfileIdentifierType_Core.ID, ProfileIdentifierType_Dataset.ID, ProfileIdentifierType_ExpandedLicensing.ID, ProfileIdentifierType_Extension.ID, ProfileIdentifierType_Lite.ID, ProfileIdentifierType_Security.ID, ProfileIdentifierType_SimpleLicensing.ID, ProfileIdentifierType_Software.ID)...) - - return errs -} - -func (o *Relationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - errs = append(errs, o.Completeness.Validate(visited, append(path, "Completeness")...)...) - - // TODO: check for required - - if v, ok := o.From.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "From")...)...) - } - - if o.RelationshipType.ID == "" { - errs = append(errs, newValidationError(append(path, "RelationshipType"), fmt.Errorf("required"))) - } - errs = append(errs, o.RelationshipType.Validate(visited, append(path, "RelationshipType")...)...) - - // TODO: check for required - - for i, v := range o.Tos { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Tos", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *RelationshipCompleteness) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, RelationshipCompleteness_Complete.ID, RelationshipCompleteness_Incomplete.ID, RelationshipCompleteness_NoAssertion.ID)...) - - return errs -} - -func (o *RelationshipType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, RelationshipType_Affects.ID, RelationshipType_AmendedBy.ID, RelationshipType_AncestorOf.ID, RelationshipType_AvailableFrom.ID, RelationshipType_Configures.ID, RelationshipType_Contains.ID, RelationshipType_CoordinatedBy.ID, RelationshipType_CopiedTo.ID, RelationshipType_DelegatedTo.ID, RelationshipType_DependsOn.ID, RelationshipType_DescendantOf.ID, RelationshipType_Describes.ID, RelationshipType_DoesNotAffect.ID, RelationshipType_ExpandsTo.ID, RelationshipType_ExploitCreatedBy.ID, RelationshipType_FixedBy.ID, RelationshipType_FixedIn.ID, RelationshipType_FoundBy.ID, RelationshipType_Generates.ID, RelationshipType_HasAddedFile.ID, RelationshipType_HasAssessmentFor.ID, RelationshipType_HasAssociatedVulnerability.ID, RelationshipType_HasConcludedLicense.ID, RelationshipType_HasDataFile.ID, RelationshipType_HasDeclaredLicense.ID, RelationshipType_HasDeletedFile.ID, RelationshipType_HasDependencyManifest.ID, RelationshipType_HasDistributionArtifact.ID, RelationshipType_HasDocumentation.ID, RelationshipType_HasDynamicLink.ID, RelationshipType_HasEvidence.ID, RelationshipType_HasExample.ID, RelationshipType_HasHost.ID, RelationshipType_HasInput.ID, RelationshipType_HasMetadata.ID, RelationshipType_HasOptionalComponent.ID, RelationshipType_HasOptionalDependency.ID, RelationshipType_HasOutput.ID, RelationshipType_HasPrerequisite.ID, RelationshipType_HasProvidedDependency.ID, RelationshipType_HasRequirement.ID, RelationshipType_HasSpecification.ID, RelationshipType_HasStaticLink.ID, RelationshipType_HasTest.ID, RelationshipType_HasTestCase.ID, RelationshipType_HasVariant.ID, RelationshipType_InvokedBy.ID, RelationshipType_ModifiedBy.ID, RelationshipType_Other.ID, RelationshipType_PackagedBy.ID, RelationshipType_PatchedBy.ID, RelationshipType_PublishedBy.ID, RelationshipType_ReportedBy.ID, RelationshipType_RepublishedBy.ID, RelationshipType_SerializedInArtifact.ID, RelationshipType_TestedOn.ID, RelationshipType_TrainedOn.ID, RelationshipType_UnderInvestigationFor.ID, RelationshipType_UsesTool.ID)...) - - return errs -} - -func (o *SpdxDocument) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ElementCollection.Validate(visited, path...)...) - - if v, ok := o.DataLicense.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "DataLicense")...)...) - } - - for i, v := range o.Imports { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Imports", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.NamespaceMaps { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "NamespaceMaps", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *SupportType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SupportType_Deployed.ID, SupportType_Development.ID, SupportType_EndOfSupport.ID, SupportType_LimitedSupport.ID, SupportType_NoAssertion.ID, SupportType_NoSupport.ID, SupportType_Support.ID)...) - - return errs -} - -func (o *Tool) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - return errs -} - -func (o *DatasetConfidentialityLevelType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, DatasetConfidentialityLevelType_Amber.ID, DatasetConfidentialityLevelType_Clear.ID, DatasetConfidentialityLevelType_Green.ID, DatasetConfidentialityLevelType_Red.ID)...) - - return errs -} - -func (o *DatasetDatasetAvailabilityType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, DatasetDatasetAvailabilityType_Clickthrough.ID, DatasetDatasetAvailabilityType_DirectDownload.ID, DatasetDatasetAvailabilityType_Query.ID, DatasetDatasetAvailabilityType_Registration.ID, DatasetDatasetAvailabilityType_ScrapingScript.ID)...) - - return errs -} - -func (o *DatasetDatasetType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, DatasetDatasetType_Audio.ID, DatasetDatasetType_Categorical.ID, DatasetDatasetType_Graph.ID, DatasetDatasetType_Image.ID, DatasetDatasetType_NoAssertion.ID, DatasetDatasetType_Numeric.ID, DatasetDatasetType_Other.ID, DatasetDatasetType_Sensor.ID, DatasetDatasetType_Structured.ID, DatasetDatasetType_Syntactic.ID, DatasetDatasetType_Text.ID, DatasetDatasetType_Timeseries.ID, DatasetDatasetType_Timestamp.ID, DatasetDatasetType_Video.ID)...) - - return errs -} - -func (o *ExpandedlicensingLicenseAddition) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - // TODO: check for required - return errs -} - -func (o *ExpandedlicensingListedLicenseException) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicenseAddition.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExtensionCdxPropertyEntry) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExtensionExtension) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - return errs -} - -func (o *SecurityCvssSeverityType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecurityCvssSeverityType_Critical.ID, SecurityCvssSeverityType_High.ID, SecurityCvssSeverityType_Low.ID, SecurityCvssSeverityType_Medium.ID, SecurityCvssSeverityType_None.ID)...) - - return errs -} - -func (o *SecurityExploitCatalogType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecurityExploitCatalogType_Kev.ID, SecurityExploitCatalogType_Other.ID)...) - - return errs -} - -func (o *SecuritySsvcDecisionType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecuritySsvcDecisionType_Act.ID, SecuritySsvcDecisionType_Attend.ID, SecuritySsvcDecisionType_Track.ID, SecuritySsvcDecisionType_TrackStar.ID)...) - - return errs -} - -func (o *SecurityVexJustificationType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SecurityVexJustificationType_ComponentNotPresent.ID, SecurityVexJustificationType_InlineMitigationsAlreadyExist.ID, SecurityVexJustificationType_VulnerableCodeCannotBeControlledByAdversary.ID, SecurityVexJustificationType_VulnerableCodeNotInExecutePath.ID, SecurityVexJustificationType_VulnerableCodeNotPresent.ID)...) - - return errs -} - -func (o *SecurityVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Relationship.Validate(visited, path...)...) - - if v, ok := o.SuppliedBy.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SuppliedBy")...)...) - } - - if v, ok := o.SecurityAssessedElement.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SecurityAssessedElement")...)...) - } - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SimplelicensingAnyLicenseInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - return errs -} - -func (o *SimplelicensingLicenseExpression) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - for i, v := range o.SimplelicensingCustomIdToUris { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SimplelicensingCustomIdToUris", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SimplelicensingSimpleLicensingText) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - return errs -} - -func (o *SoftwareContentIdentifier) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) - - if o.SoftwareContentIdentifierType.ID == "" { - errs = append(errs, newValidationError(append(path, "SoftwareContentIdentifierType"), fmt.Errorf("required"))) - } - errs = append(errs, o.SoftwareContentIdentifierType.Validate(visited, append(path, "SoftwareContentIdentifierType")...)...) - - // TODO: check for required - return errs -} - -func (o *SoftwareContentIdentifierType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareContentIdentifierType_Gitoid.ID, SoftwareContentIdentifierType_Swhid.ID)...) - - return errs -} - -func (o *SoftwareFileKindType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareFileKindType_Directory.ID, SoftwareFileKindType_File.ID)...) - - return errs -} - -func (o *SoftwareSbomType) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareSbomType_Analyzed.ID, SoftwareSbomType_Build.ID, SoftwareSbomType_Deployed.ID, SoftwareSbomType_Design.ID, SoftwareSbomType_Runtime.ID, SoftwareSbomType_Source.ID)...) - - return errs -} - -func (o *SoftwareSoftwarePurpose) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - - errs = append(errs, validateInValues(path, o.ID, SoftwareSoftwarePurpose_Application.ID, SoftwareSoftwarePurpose_Archive.ID, SoftwareSoftwarePurpose_Bom.ID, SoftwareSoftwarePurpose_Configuration.ID, SoftwareSoftwarePurpose_Container.ID, SoftwareSoftwarePurpose_Data.ID, SoftwareSoftwarePurpose_Device.ID, SoftwareSoftwarePurpose_DeviceDriver.ID, SoftwareSoftwarePurpose_DiskImage.ID, SoftwareSoftwarePurpose_Documentation.ID, SoftwareSoftwarePurpose_Evidence.ID, SoftwareSoftwarePurpose_Executable.ID, SoftwareSoftwarePurpose_File.ID, SoftwareSoftwarePurpose_FilesystemImage.ID, SoftwareSoftwarePurpose_Firmware.ID, SoftwareSoftwarePurpose_Framework.ID, SoftwareSoftwarePurpose_Install.ID, SoftwareSoftwarePurpose_Library.ID, SoftwareSoftwarePurpose_Manifest.ID, SoftwareSoftwarePurpose_Model.ID, SoftwareSoftwarePurpose_Module.ID, SoftwareSoftwarePurpose_OperatingSystem.ID, SoftwareSoftwarePurpose_Other.ID, SoftwareSoftwarePurpose_Patch.ID, SoftwareSoftwarePurpose_Platform.ID, SoftwareSoftwarePurpose_Requirement.ID, SoftwareSoftwarePurpose_Source.ID, SoftwareSoftwarePurpose_Specification.ID, SoftwareSoftwarePurpose_Test.ID)...) - - return errs -} - -func (o *BuildBuild) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.BuildConfigSourceDigests { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "BuildConfigSourceDigests", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required/min/max/etc. - - // TODO: check for required/min/max/etc. - - for i, v := range o.BuildEnvironments { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "BuildEnvironments", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.BuildParameters { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "BuildParameters", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *Agent) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - return errs -} - -func (o *Annotation) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - if o.AnnotationType.ID == "" { - errs = append(errs, newValidationError(append(path, "AnnotationType"), fmt.Errorf("required"))) - } - errs = append(errs, o.AnnotationType.Validate(visited, append(path, "AnnotationType")...)...) - - // TODO: check for required - - // TODO: check for required - - if v, ok := o.Subject.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "Subject")...)...) - } - - return errs -} - -func (o *Artifact) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Element.Validate(visited, path...)...) - - // TODO: check for required - - for i, v := range o.OriginatedBys { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "OriginatedBys", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - if v, ok := o.SuppliedBy.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SuppliedBy")...)...) - } - - for _, v := range o.SupportLevels { - errs = append(errs, v.Validate(visited, append(path, "SupportLevels")...)...) - } - - // TODO: check for required - return errs -} - -func (o *Bundle) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ElementCollection.Validate(visited, path...)...) - - // TODO: check for required - return errs -} - -func (o *Hash) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.IntegrityMethod.Validate(visited, path...)...) - - if o.Algorithm.ID == "" { - errs = append(errs, newValidationError(append(path, "Algorithm"), fmt.Errorf("required"))) - } - errs = append(errs, o.Algorithm.Validate(visited, append(path, "Algorithm")...)...) - - // TODO: check for required - return errs -} - -func (o *LifecycleScopedRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Relationship.Validate(visited, path...)...) - - errs = append(errs, o.Scope.Validate(visited, append(path, "Scope")...)...) - - return errs -} - -func (o *Organization) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Agent.Validate(visited, path...)...) - - return errs -} - -func (o *Person) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Agent.Validate(visited, path...)...) - - return errs -} - -func (o *SoftwareAgent) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Agent.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingConjunctiveLicenseSet) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - for i, v := range o.ExpandedlicensingMembers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingMembers", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExpandedlicensingCustomLicenseAddition) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicenseAddition.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingDisjunctiveLicenseSet) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - for i, v := range o.ExpandedlicensingMembers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingMembers", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *ExpandedlicensingExtendableLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingIndividualLicensingInfo) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - errs = append(errs, validateInValues(path, o.ID, ExpandedlicensingIndividualLicensingInfo_NoAssertionLicense.ID, ExpandedlicensingIndividualLicensingInfo_NoneLicense.ID)...) - - return errs -} - -func (o *ExpandedlicensingLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingExtendableLicense.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExpandedlicensingListedLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicense.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *ExpandedlicensingOrLaterOperator) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingExtendableLicense.Validate(visited, path...)...) - - if v, ok := o.ExpandedlicensingSubjectLicense.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectLicense")...)...) - } - - return errs -} - -func (o *ExpandedlicensingWithAdditionOperator) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SimplelicensingAnyLicenseInfo.Validate(visited, path...)...) - - if v, ok := o.ExpandedlicensingSubjectAddition.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectAddition")...)...) - } - - if v, ok := o.ExpandedlicensingSubjectExtendableLicense.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExpandedlicensingSubjectExtendableLicense")...)...) - } - - return errs -} - -func (o *ExtensionCdxPropertiesExtension) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExtensionExtension.Validate(visited, path...)...) - - for i, v := range o.ExtensionCdxPropertys { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "ExtensionCdxPropertys", strconv.Itoa(i))...)...) - } - } - - return errs -} - -func (o *SecurityCvssV2VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityCvssV3VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - if o.SecuritySeverity.ID == "" { - errs = append(errs, newValidationError(append(path, "SecuritySeverity"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecuritySeverity.Validate(visited, append(path, "SecuritySeverity")...)...) - - // TODO: check for required - return errs -} - -func (o *SecurityCvssV4VulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - if o.SecuritySeverity.ID == "" { - errs = append(errs, newValidationError(append(path, "SecuritySeverity"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecuritySeverity.Validate(visited, append(path, "SecuritySeverity")...)...) - - // TODO: check for required - return errs -} - -func (o *SecurityEpssVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityExploitCatalogVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - if o.SecurityCatalogType.ID == "" { - errs = append(errs, newValidationError(append(path, "SecurityCatalogType"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecurityCatalogType.Validate(visited, append(path, "SecurityCatalogType")...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecuritySsvcVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - if o.SecurityDecisionType.ID == "" { - errs = append(errs, newValidationError(append(path, "SecurityDecisionType"), fmt.Errorf("required"))) - } - errs = append(errs, o.SecurityDecisionType.Validate(visited, append(path, "SecurityDecisionType")...)...) - - return errs -} - -func (o *SecurityVexVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityVulnerability) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Artifact.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SoftwareSoftwareArtifact) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Artifact.Validate(visited, path...)...) - - for _, v := range o.SoftwareAdditionalPurposes { - errs = append(errs, v.Validate(visited, append(path, "SoftwareAdditionalPurposes")...)...) - } - - // TODO: check for required/min/max/etc. - - for i, v := range o.SoftwareContentIdentifiers { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareContentIdentifiers", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - errs = append(errs, o.SoftwarePrimaryPurpose.Validate(visited, append(path, "SoftwarePrimaryPurpose")...)...) - - return errs -} - -func (o *Bom) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Bundle.Validate(visited, path...)...) - - return errs -} - -func (o *ExpandedlicensingCustomLicense) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.ExpandedlicensingLicense.Validate(visited, path...)...) - - return errs -} - -func (o *SecurityVexAffectedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SecurityVexFixedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - return errs -} - -func (o *SecurityVexNotAffectedVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - errs = append(errs, o.SecurityJustificationType.Validate(visited, append(path, "SecurityJustificationType")...)...) - - return errs -} - -func (o *SecurityVexUnderInvestigationVulnAssessmentRelationship) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SecurityVexVulnAssessmentRelationship.Validate(visited, path...)...) - - return errs -} - -func (o *SoftwareFile) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) - - // TODO: check for required - - errs = append(errs, o.SoftwareFileKind.Validate(visited, append(path, "SoftwareFileKind")...)...) - - return errs -} - -func (o *SoftwarePackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - return errs -} - -func (o *SoftwareSbom) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.Bom.Validate(visited, path...)...) - - for _, v := range o.SoftwareSbomTypes { - errs = append(errs, v.Validate(visited, append(path, "SoftwareSbomTypes")...)...) - } - - return errs -} - -func (o *SoftwareSnippet) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwareSoftwareArtifact.Validate(visited, path...)...) - - if v, ok := o.SoftwareByteRange.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareByteRange")...)...) - } - - if v, ok := o.SoftwareLineRange.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareLineRange")...)...) - } - - if v, ok := o.SoftwareSnippetFromFile.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "SoftwareSnippetFromFile")...)...) - } - - return errs -} - -func (o *AiAIPackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwarePackage.Validate(visited, path...)...) - - errs = append(errs, o.AiAutonomyType.Validate(visited, append(path, "AiAutonomyType")...)...) - - // TODO: check for required/min/max/etc. - - if v, ok := o.AiEnergyConsumption.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiEnergyConsumption")...)...) - } - - for i, v := range o.AiHyperparameters { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiHyperparameters", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required - - // TODO: check for required - - // TODO: check for required - - for i, v := range o.AiMetrics { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiMetrics", strconv.Itoa(i))...)...) - } - } - - for i, v := range o.AiMetricDecisionThresholds { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "AiMetricDecisionThresholds", strconv.Itoa(i))...)...) - } - } - - // TODO: check for required/min/max/etc. - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.AiSafetyRiskAssessment.Validate(visited, append(path, "AiSafetyRiskAssessment")...)...) - - // TODO: check for required/min/max/etc. - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.AiUseSensitivePersonalInformation.Validate(visited, append(path, "AiUseSensitivePersonalInformation")...)...) - - return errs -} - -func (o *DatasetDatasetPackage) Validate(visited map[any]struct{}, path ...string) []ValidationError { - if visited == nil { - visited = map[any]struct{}{} - } - if _, ok := visited[o]; ok { - return nil - } - visited[o] = struct{}{} - var errs []ValidationError - errs = append(errs, o.SoftwarePackage.Validate(visited, path...)...) - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.DatasetConfidentialityLevel.Validate(visited, append(path, "DatasetConfidentialityLevel")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - errs = append(errs, o.DatasetDatasetAvailability.Validate(visited, append(path, "DatasetDatasetAvailability")...)...) - - // TODO: check for required - - // TODO: check for required - - if len(o.DatasetDatasetTypes) < 1 { - errs = append(errs, newValidationError(append(path, "DatasetDatasetTypes"), fmt.Errorf("required min count: %v", 1))) - } - for _, v := range o.DatasetDatasetTypes { - errs = append(errs, v.Validate(visited, append(path, "DatasetDatasetTypes")...)...) - } - - // TODO: check for required - - errs = append(errs, o.DatasetHasSensitivePersonalInformation.Validate(visited, append(path, "DatasetHasSensitivePersonalInformation")...)...) - - // TODO: check for required - - // TODO: check for required/min/max/etc. - - for i, v := range o.DatasetSensors { - if v, ok := v.(validator); ok { - errs = append(errs, v.Validate(visited, append(path, "DatasetSensors", strconv.Itoa(i))...)...) - } - } - - return errs -}