specification/tools/src/test/resources/1.7/valid-external-reference-1.7.textproto at 094130b341fdcb286e298d9e4b5f6da488dbb735 · ppkarwasz/specification · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
# proto-file: schema/bom-1.7.proto
# proto-message: Bom

spec_version: "1.7"
version: 1
serial_number: "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
components {
  type: CLASSIFICATION_LIBRARY
  publisher: "Acme Inc"
  group: "org.example"
  name: "mylibrary"
  version: "1.0.0"
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_ADVISORIES
    url: "https://example.org/security/feed/csaf"
    comment: "Security advisories from the vendor"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_BOM
    url: "https://example.org/support/sbom/portal-server/1.0.0"
    comment: "An external SBOM that describes what this component includes"
    hashes {
      alg: HASH_ALG_SHA_256
      value: "708f1f53b41f11f02d12a11b1a38d2905d47b099afc71a0f1124ef8582ec7313"
    }
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_DOCUMENTATION
    url: "https://example.org/support/documentation/portal-server/1.0.0"
    comment: "Vendor provided documentation for the product"
  }
}
components {
  type: CLASSIFICATION_APPLICATION
  name: "dummy"
  description: "this component has all external reference types possible"
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_VCS
    url: "http://example.com/extref/vcs"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_ISSUE_TRACKER
    url: "http://example.com/extref/issue-tracker"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_WEBSITE
    url: "http://example.com/extref/website"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_ADVISORIES
    url: "http://example.com/extref/advisories"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_BOM
    url: "http://example.com/extref/bom"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_MAILING_LIST
    url: "http://example.com/extref/mailing-list"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_SOCIAL
    url: "http://example.com/extref/social"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_CHAT
    url: "http://example.com/extref/chat"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_DOCUMENTATION
    url: "http://example.com/extref/documentation"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_SUPPORT
    url: "http://example.com/extref/support"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_SOURCE_DISTRIBUTION
    url: "http://example.com/extref/source-distribution"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_DISTRIBUTION
    url: "http://example.com/extref/distribution"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_DISTRIBUTION_INTAKE
    url: "http://example.com/extref/distribution-intake"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_LICENSE
    url: "http://example.com/extref/license"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_BUILD_META
    url: "http://example.com/extref/build-meta"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_BUILD_SYSTEM
    url: "http://example.com/extref/build-system"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_RELEASE_NOTES
    url: "http://example.com/extref/release-notes"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_SECURITY_CONTACT
    url: "http://example.com/extref/security-contact"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_MODEL_CARD
    url: "http://example.com/extref/model-card"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_LOG
    url: "http://example.com/extref/log"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_CONFIGURATION
    url: "http://example.com/extref/configuration"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_EVIDENCE
    url: "http://example.com/extref/evidence"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_FORMULATION
    url: "http://example.com/extref/formulation"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_ATTESTATION
    url: "http://example.com/extref/attestation"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_THREAT_MODEL
    url: "http://example.com/extref/threat-model"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_ADVERSARY_MODEL
    url: "http://example.com/extref/adversary-model"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_RISK_ASSESSMENT
    url: "http://example.com/extref/risk-assessment"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_VULNERABILITY_ASSERTION
    url: "http://example.com/extref/vulnerability-assertion"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_EXPLOITABILITY_STATEMENT
    url: "http://example.com/extref/exploitability-statement"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_PENTEST_REPORT
    url: "http://example.com/extref/pentest-report"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_STATIC_ANALYSIS_REPORT
    url: "http://example.com/extref/static-analysis-report"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_DYNAMIC_ANALYSIS_REPORT
    url: "http://example.com/extref/dynamic-analysis-report"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_RUNTIME_ANALYSIS_REPORT
    url: "http://example.com/extref/runtime-analysis-report"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_COMPONENT_ANALYSIS_REPORT
    url: "http://example.com/extref/component-analysis-report"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_MATURITY_REPORT
    url: "http://example.com/extref/maturity-report"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_CERTIFICATION_REPORT
    url: "http://example.com/extref/certification-report"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_QUALITY_METRICS
    url: "http://example.com/extref/quality-metrics"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_CODIFIED_INFRASTRUCTURE
    url: "http://example.com/extref/codified-infrastructure"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_POAM
    url: "http://example.com/extref/poam"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_ELECTRONIC_SIGNATURE
    url: "http://example.com/extref/electronic-signature"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_DIGITAL_SIGNATURE
    url: "http://example.com/extref/digital-signature"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_RFC_9116
    url: "http://example.com/extref/rfc-9116"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_TEA_COLLECTION
    url: "https://example.com/tea/v1/release/3f92c28c-13c9-4e32-8d5b-5f8ae77ef265/collection"
  }
  external_references {
    type: EXTERNAL_REFERENCE_TYPE_OTHER
    url: "http://example.com/extref/other"
  }
}