diff --git a/docs/schema-support.rst b/docs/schema-support.rst index bbd7e7a3..f8835bbc 100644 --- a/docs/schema-support.rst +++ b/docs/schema-support.rst @@ -21,6 +21,9 @@ The following sub-sections aim to explain what support this library provides and by calling out support for data as defined in the latest CycloneDX standard specification, regardless of whether it is supported in prior versions of the CycloneDX schema. +Root Level Schema Support +------------------------- + +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ | Data Path | Supported? | Notes | +============================+===============+===================================================================================================+ @@ -28,9 +31,9 @@ supported in prior versions of the CycloneDX schema. +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ | ``bom[@serialNumber]`` | Yes | | +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ -| ``bom.metadata`` | Yes | | +| ``bom.metadata`` | Yes | Not supported: ``lifecycles`` | +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ -| ``bom.components`` | Yes | Not supported: ``modified`` (as it is deprecated), ``signature``. | +| ``bom.components`` | Yes | Not supported: ``modified`` (as it is deprecated), ``modelCard``, ``data``, ``signature``. | +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ | ``bom.services`` | Yes | Not supported: ``signature``. | +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ @@ -40,13 +43,38 @@ supported in prior versions of the CycloneDX schema. +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ | ``bom.compositions`` | No | | +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ -| ``bom.properties`` | No | See `schema specification bug 130`_ | -+----------------------------+---------------+---------------------------------------------------------------------------------------------------+ | ``bom.vulnerabilities`` | Yes | Note: Prior to CycloneDX 1.4, these were present under ``bom.components`` via a schema extension. | -| | | Note: As of ``cyclonedx-python-lib`` ``>3.0.0``, Vulnerability are modelled differently | +| | | Note: As of ``cyclonedx-python-lib`` ``>3.0.0``, Vulnerability are modelled differently | ++----------------------------+---------------+---------------------------------------------------------------------------------------------------+ +| ``bom.annotations`` | No | | ++----------------------------+---------------+---------------------------------------------------------------------------------------------------+ +| ``bom.formulation`` | No | | ++----------------------------+---------------+---------------------------------------------------------------------------------------------------+ +| ``bom.declarations`` | No | | ++----------------------------+---------------+---------------------------------------------------------------------------------------------------+ +| ``bom.definitions`` | No | | ++----------------------------+---------------+---------------------------------------------------------------------------------------------------+ +| ``bom.properties`` | No | See `schema specification bug 130`_ | +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ | ``bom.signature`` | No | | +----------------------------+---------------+---------------------------------------------------------------------------------------------------+ +Internal Model Schema Support +----------------------------- + ++----------------------------+---------------+----------------------------------------------------------------------------------------------+ +| Internal Model | Supported? | Notes | ++============================+===============+==============================================================================================+ +| ``ComponentEvidence`` |Yes | Not currently supported: ``callstack``, ``identity``, ``occurrences``. | ++----------------------------+---------------+----------------------------------------------------------------------------------------------+ +| ``DisjunctiveLicense`` |Yes | Not currently supported: ``@bom-ref``, ``licensing``, ``properties``. | ++----------------------------+---------------+----------------------------------------------------------------------------------------------+ +| ``LicenseExpression`` |Yes | Not currently supported: ``@bom-ref`` | ++----------------------------+---------------+----------------------------------------------------------------------------------------------+ +| ``OrganizationalContact`` |Yes | Not currently supported: ``@bom-ref`` | ++----------------------------+---------------+----------------------------------------------------------------------------------------------+ +| ``OrganizationalEntity`` |Yes | Not currently supported: ``@bom-ref`` | ++----------------------------+---------------+----------------------------------------------------------------------------------------------+ + +.. _schema specification bug 130: https://github.com/CycloneDX/specification/issues/130 -.. _schema specification bug 130: https://github.com/CycloneDX/specification/issues/130 \ No newline at end of file