diff --git a/schema/bom-1.7.schema.json b/schema/bom-1.7.schema.json
index 8158f5a5..83f69b76 100644
--- a/schema/bom-1.7.schema.json
+++ b/schema/bom-1.7.schema.json
@@ -1159,6 +1159,20 @@
"$ref": "#/definitions/signature",
"title": "Signature",
"description": "Enveloped signature in [JSON Signature Format (JSF)](https://cyberphone.github.io/doc/security/jsf.html)."
+ },
+ "classifier": {
+ "type": "string",
+ "enum": [
+ "binary",
+ "sources"
+ ],
+ "title": "Classifier",
+ "meta:enum": {
+ "binary": "The component can be classified as 'binary'. This is the case for most components. If a component includes both source and binary parts it is still considered 'binary'.",
+ "sources": "The component can be classified as 'sources'. Examples are Debian Source packages (as opposed to Debian Binary packages), or a source JAR in Java."
+ },
+ "description": "Specifies the classifier of the component. If the classifier is not specified, 'binary' SHOULD be assumed by the consumer of the BOM.",
+ "default": "binary"
}
},
"allOf": [
diff --git a/schema/bom-1.7.xsd b/schema/bom-1.7.xsd
index 0b26628d..bd3f44af 100644
--- a/schema/bom-1.7.xsd
+++ b/schema/bom-1.7.xsd
@@ -812,6 +812,14 @@ limitations under the License.
+
+
+
+ Specifies the classifier of the component. If the classifier is not specified, 'binary' SHOULD
+ be assumed by the consumer of the BOM.
+
+
+
@@ -1262,6 +1270,24 @@ limitations under the License.
+
+
+
+
+ The component can be classified as 'binary'. This is the case for most
+ components. If a component includes both source and binary parts it is still considered
+ 'binary'.
+
+
+
+
+ The component can be classified as 'sources'. Examples are Debian Source
+ packages (as opposed to Debian Binary packages), or a source JAR in Java.
+
+
+
+
+
diff --git a/tools/src/test/resources/1.7/valid-classifier-1.7.json b/tools/src/test/resources/1.7/valid-classifier-1.7.json
new file mode 100644
index 00000000..bc0d18b4
--- /dev/null
+++ b/tools/src/test/resources/1.7/valid-classifier-1.7.json
@@ -0,0 +1,17 @@
+{
+ "$schema": "http://cyclonedx.org/schema/bom-1.7.schema.json",
+ "bomFormat": "CycloneDX",
+ "specVersion": "1.7",
+ "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",
+ "version": 1,
+ "components": [
+ {
+ "bom-ref": "pkg:deb/debian/curl@7.50.3-1?arch=source&distro=jessie",
+ "type": "application",
+ "classifier": "sources",
+ "name": "curl",
+ "version": "7.50.3-1",
+ "purl": "pkg:deb/debian/curl@7.50.3-1?arch=source&distro=jessie"
+ }
+ ]
+}
diff --git a/tools/src/test/resources/1.7/valid-classifier-1.7.textproto b/tools/src/test/resources/1.7/valid-classifier-1.7.textproto
new file mode 100644
index 00000000..695d98e5
--- /dev/null
+++ b/tools/src/test/resources/1.7/valid-classifier-1.7.textproto
@@ -0,0 +1,13 @@
+# proto-file: schema/bom-1.7.proto
+# proto-message: Bom
+
+spec_version: "1.7"
+version: 1
+serial_number: "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
+components {
+ type: CLASSIFICATION_APPLICATION
+ name: "curl"
+ classifier: "sources"
+ version: "7.50.3-1"
+ purl: "pkg:deb/debian/curl@7.50.3-1?arch=source&distro=jessie"
+}