docs: missing schema support table & update schema support to reflect…

… version 7.0.0 (#584) Signed-off-by: Paul Horton <paul.horton@owasp.org>
CycloneDX · Apr 10, 2024 · d230e67 · d230e67
1 parent a28013b
commit d230e67
Showing 1 changed file with 34 additions and 6 deletions.
diff --git a/docs/schema-support.rst b/docs/schema-support.rst
@@ -21,16 +21,19 @@ The following sub-sections aim to explain what support this library provides and
 by calling out support for data as defined in the latest CycloneDX standard specification, regardless of whether it is
 supported in prior versions of the CycloneDX schema.
 
+Root Level Schema Support
+-------------------------
+
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
 | Data Path                  | Supported?    | Notes                                                                                             |
 +============================+===============+===================================================================================================+
 | ``bom[@version]``          | Yes           |                                                                                                   |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
 | ``bom[@serialNumber]``     | Yes           |                                                                                                   |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
-| ``bom.metadata``           | Yes           |                                                                                                   |
+| ``bom.metadata``           | Yes           | Not supported: ``lifecycles``                                                                     |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
-| ``bom.components``         | Yes           | Not supported: ``modified`` (as it is deprecated), ``signature``.                                 |
+| ``bom.components``         | Yes           | Not supported: ``modified`` (as it is deprecated), ``modelCard``, ``data``, ``signature``.        |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
 | ``bom.services``           | Yes           | Not supported: ``signature``.                                                                     |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
@@ -40,13 +43,38 @@ supported in prior versions of the CycloneDX schema.
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
 | ``bom.compositions``       | No            |                                                                                                   |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
-| ``bom.properties``         | No            | See `schema specification bug 130`_                                                               |
-+----------------------------+---------------+---------------------------------------------------------------------------------------------------+
 | ``bom.vulnerabilities``    | Yes           | Note: Prior to CycloneDX 1.4, these were present under ``bom.components`` via a schema extension. |
-|                            |               | Note: As of ``cyclonedx-python-lib`` ``>3.0.0``, Vulnerability are modelled differently                 |
+|                            |               | Note: As of ``cyclonedx-python-lib`` ``>3.0.0``, Vulnerability are modelled differently           |
++----------------------------+---------------+---------------------------------------------------------------------------------------------------+
+| ``bom.annotations``        | No            |                                                                                                   |
++----------------------------+---------------+---------------------------------------------------------------------------------------------------+
+| ``bom.formulation``        | No            |                                                                                                   |
++----------------------------+---------------+---------------------------------------------------------------------------------------------------+
+| ``bom.declarations``       | No            |                                                                                                   |
++----------------------------+---------------+---------------------------------------------------------------------------------------------------+
+| ``bom.definitions``        | No            |                                                                                                   |
++----------------------------+---------------+---------------------------------------------------------------------------------------------------+
+| ``bom.properties``         | No            | See `schema specification bug 130`_                                                               |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
 | ``bom.signature``          | No            |                                                                                                   |
 +----------------------------+---------------+---------------------------------------------------------------------------------------------------+
 
+Internal Model Schema Support
+-----------------------------
+
++----------------------------+---------------+----------------------------------------------------------------------------------------------+
+| Internal Model             | Supported?    | Notes                                                                                        |
++============================+===============+==============================================================================================+
+| ``ComponentEvidence``      |Yes            | Not currently supported: ``callstack``, ``identity``, ``occurrences``.                       |
++----------------------------+---------------+----------------------------------------------------------------------------------------------+
+| ``DisjunctiveLicense``     |Yes            | Not currently supported: ``@bom-ref``, ``licensing``, ``properties``.                        |
++----------------------------+---------------+----------------------------------------------------------------------------------------------+
+| ``LicenseExpression``      |Yes            | Not currently supported: ``@bom-ref``                                                        |
++----------------------------+---------------+----------------------------------------------------------------------------------------------+
+| ``OrganizationalContact``  |Yes            | Not currently supported: ``@bom-ref``                                                        |
++----------------------------+---------------+----------------------------------------------------------------------------------------------+
+| ``OrganizationalEntity``   |Yes            | Not currently supported: ``@bom-ref``                                                        |
++----------------------------+---------------+----------------------------------------------------------------------------------------------+
+
+.. _schema specification bug 130: https://github.com/CycloneDX/specification/issues/130
 
-.. _schema specification bug 130: https://github.com/CycloneDX/specification/issues/130