class CVEDetail(jsl.Document): class Options(object): definition_id = "cvecheck_details" description = "Detail of one CVE" with removed_in(ROLE_v3_0_0) as removed_in_v3_0_0: # access/impact are now part of vector string in cvss dict removed_in_v3_0_0.access = jsl.DocumentField(CVEAccess, as_ref=True, required=True) removed_in_v3_0_0.impact = jsl.DocumentField(CVEImpact, as_ref=True, required=True) removed_in_v3_0_0.cvss = jsl.NumberField( required=True) # cvss is now dict removed_in_v3_0_0.summary = jsl.StringField( required=True) # renamed to description with added_in(ROLE_v3_0_0) as added_in_v3_0_0: added_in_v3_0_0.cvss = jsl.DocumentField(CVSS, as_ref=True, required=True) added_in_v3_0_0.description = jsl.StringField(required=True) added_in_v3_0_0.severity = jsl.StringField(required=True) with added_in(ROLE_v3_0_1) as added_in_v3_0_1: added_in_v3_0_1.attribution = jsl.StringField(required=False) id = jsl.StringField(required=True) references = jsl.ArrayField(jsl.UriField(), required=True) # Present if defined for the particular CVE cwe = jsl.StringField(required=False)
class GithubDetail(jsl.Document): """JSL schema for Github worker results details.""" class Options(object): """JSL schema for Github worker results details.""" definition_id = "github_extracted_details" description = "Details of Github inspection" # we don't mandate any of these fields, because they may not be present forks_count = jsl.IntField() last_year_commits = jsl.DocumentField(GithubLastYearCommits, as_ref=True) open_issues_count = jsl.IntField() stargazers_count = jsl.IntField() subscribers_count = jsl.IntField() with removed_in(ROLE_v2_0_0) as until_v2_0_0: until_v2_0_0.updated_issues = jsl.DocumentField(GithubUpdatedIssues, as_ref=True) until_v2_0_0.updated_pull_requests = jsl.DocumentField( GithubUpdatedPullRequests, as_ref=True) with added_in(ROLE_v1_0_2) as since_v1_0_2: since_v1_0_2.contributors_count = jsl.IntField() with jsl.Scope(ROLE_v1_0_3) as v1_0_3: v1_0_3.topics = jsl.ArrayField(jsl.StringField(), required=True) with added_in(ROLE_v1_0_4) as since_v1_0_4: since_v1_0_4.topics = jsl.ArrayField(jsl.StringField()) with added_in(ROLE_v2_0_1) as since_v2_0_1: since_v2_0_1.license = jsl.DictField() with added_in(ROLE_v2_0_2) as since_v2_0_2: since_v2_0_2.updated_on = jsl.StringField(required=True)
class LicenseScanDetails(jsl.Document): class Options(object): definition_id = "license_scan_details" additional_properties = True with removed_in(ROLE_v3_0_0) as removed_in_v3_0_0: removed_in_v3_0_0.files = jsl.ArrayField( jsl.DocumentField(FileDetails, as_ref=True)) removed_in_v3_0_0.license_stats = jsl.ArrayField( jsl.DocumentField(LicenseDetailsPre30, as_ref=True)) removed_in_v3_0_0.oslc_stats = jsl.DocumentField(OSLCStats, as_ref=True) with added_in(ROLE_v3_0_0) as added_in_v3_0_0: added_in_v3_0_0.files_count = jsl.IntField(required=True) added_in_v3_0_0.licenses = jsl.DictField(pattern_properties=jsl.Var({ 'role': { '*': jsl.DocumentField(LicenseDetails, as_ref=True, required=True), } }), required=True) added_in_v3_0_0.scancode_notice = jsl.StringField(required=True) added_in_v3_0_0.scancode_version = jsl.StringField(required=True)
class ToolchainResponses(jsl.Document): class Options(object): definition_id = "toolchain_responses" # These fields are optional, as this spec currently covers error responses # in addition to successful toolchain queries. # They can change to being required once a "standard error schema" # is implemented redhat_anitya = jsl.DocumentField( AnityaResponse, description="Results from Red Hat's internal Anitya instance", required=False, as_ref=True) brew = jsl.ArrayField( jsl.DocumentField( DownstreamPatchset, description="Results from Brew, Red Hat's internal Koji instance", required=False, as_ref=True)) # The Pulp CDN details field became an array in v2-1-0 _pulp_document_ref = jsl.DocumentField( PulpCDNResponse, description="Results from the Pulp CDN backing RPM delivery", required=False, as_ref=True) with removed_in(ROLE_v2_1_0) as before_v2_1: before_v2_1.pulp_cdn = _pulp_document_ref with added_in(ROLE_v2_1_0) as since_v2_1: since_v2_1.pulp_cdn = jsl.ArrayField(_pulp_document_ref) del _pulp_document_ref
class BlackduckLicenseDetails(jsl.Document): class Options: description = "Blackduck information about one license for a single component" definition_id = "component_blackduck_license_info" with removed_in(ROLE_v2_2_0) as removed_in_v2_2_0: removed_in_v2_2_0.codeSharing = jsl.StringField(required=True) with added_in(ROLE_v2_2_0) as added_in_v2_2_0: added_in_v2_2_0.code_sharing = jsl.StringField(required=True) name = jsl.StringField(required=True)
class AnalysesGraphDB(JSLSchemaBase): class Options(object): definition_id = "analyses_graphdb" description = "Component Analysis from GraphDB" with removed_in(ROLE_v1_1_0) as removed_in_v1_1_0: removed_in_v1_1_0.requestId = jsl.StringField(required=True) with added_in(ROLE_v1_1_0) as added_in_v1_1_0: added_in_v1_1_0.request_id = jsl.StringField(required=True) result = jsl.DocumentField(ResultInner, as_ref=True, required=True) status = jsl.DocumentField(Status, as_ref=True, required=True)
class BlackduckLicenseDetails(jsl.Document): """Class with the schema definition based on JSL domain specific language.""" class Options: """A container for options.""" description = "Blackduck information about one license for a single component" definition_id = "component_blackduck_license_info" with removed_in(ROLE_v2_2_0) as removed_in_v2_2_0: removed_in_v2_2_0.codeSharing = jsl.StringField(required=True) with added_in(ROLE_v2_2_0) as added_in_v2_2_0: added_in_v2_2_0.code_sharing = jsl.StringField(required=True) name = jsl.StringField(required=True)
class BlackduckSecurityDetails(jsl.Document): class Options: description = "Blackduck information about one vulnerability for a single component" definition_id = "component_blackduck_security_info" with removed_in(ROLE_v2_2_0) as removed_in_v2_2_0: removed_in_v2_2_0.baseScore = jsl.NumberField(required=True) removed_in_v2_2_0.exploitabilitySubscore = jsl.NumberField(required=True) with added_in(ROLE_v2_2_0) as added_in_v2_2_0: added_in_v2_2_0.base_score = jsl.NumberField(required=True) added_in_v2_2_0.exploitability_subscore = jsl.NumberField(required=True) id = jsl.StringField(required=True) severity = jsl.StringField(required=True) source = jsl.StringField(required=True)
class AnalysesGraphDB(JSLSchemaBase): """Class with the schema definition based on JSL domain specific language.""" class Options(object): """A container for options.""" definition_id = "analyses_graphdb" description = "Component Analysis from GraphDB" with removed_in(ROLE_v1_1_0) as removed_in_v1_1_0: removed_in_v1_1_0.requestId = jsl.StringField(required=True) with added_in(ROLE_v1_1_0) as added_in_v1_1_0: added_in_v1_1_0.request_id = jsl.StringField(required=True) result = jsl.DocumentField(ResultInner, as_ref=True, required=True) status = jsl.DocumentField(Status, as_ref=True, required=True)
class ResultInner(JSLSchemaBase): class Options(object): definition_id = "result_inner" description = "Set of Result inner" with removed_in(ROLE_v1_2_0) as removed_in_v1_2_0: removed_in_v1_2_0.data = jsl.ArrayField(jsl.DocumentField(ResultData, as_ref=True), required=True) with added_in(ROLE_v1_2_0) as added_in_v1_2_0: added_in_v1_2_0.data = jsl.DocumentField(ResultData, as_ref=True, required=True) with added_in(ROLE_v1_2_0) as added_in_v1_2_0: added_in_v1_2_0.recommendation = jsl.DictField( additional_properties=True) meta = jsl.DictField(additional_properties=True)
class LicenseScanSummary(jsl.Document): class Options(object): definition_id = "license_scan_summary" with removed_in(ROLE_v3_0_0) as removed_in_v3_0_0: removed_in_v3_0_0.all_files = jsl.NumberField( description="Total number of files analysed") removed_in_v3_0_0.license_files = jsl.NumberField() removed_in_v3_0_0.source_files = jsl.NumberField() removed_in_v3_0_0.distinct_licenses = jsl.ArrayField(jsl.DocumentField( LicenseCount, as_ref=True), required=True) removed_in_v3_0_0.licensed_files = jsl.NumberField() sure_licenses = jsl.ArrayField( jsl.StringField(), description="Licenses detected with high match confidence", required=True)
class BlackduckSecurityDetails(jsl.Document): """Class with the schema definition based on JSL domain specific language.""" class Options: """A container for options.""" description = "Blackduck information about one vulnerability for a single component" definition_id = "component_blackduck_security_info" with removed_in(ROLE_v2_2_0) as removed_in_v2_2_0: removed_in_v2_2_0.baseScore = jsl.NumberField(required=True) removed_in_v2_2_0.exploitabilitySubscore = jsl.NumberField( required=True) with added_in(ROLE_v2_2_0) as added_in_v2_2_0: added_in_v2_2_0.base_score = jsl.NumberField(required=True) added_in_v2_2_0.exploitability_subscore = jsl.NumberField( required=True) id = jsl.StringField(required=True) severity = jsl.StringField(required=True) source = jsl.StringField(required=True)
class ResultInner(JSLSchemaBase): """Class with the schema definition based on JSL domain specific language.""" class Options(object): """A container for options.""" definition_id = "result_inner" description = "Set of Result inner" with removed_in(ROLE_v1_2_0) as removed_in_v1_2_0: removed_in_v1_2_0.data = jsl.ArrayField(jsl.DocumentField(ResultData, as_ref=True), required=True) with added_in(ROLE_v1_2_0) as added_in_v1_2_0: added_in_v1_2_0.data = jsl.DocumentField(ResultData, as_ref=True, required=True) with added_in(ROLE_v1_2_0) as added_in_v1_2_0: added_in_v1_2_0.recommendation = jsl.DictField( additional_properties=True) meta = jsl.DictField(additional_properties=True)
class MetadataDict(jsl.Document): """JSL schema for generic metadata dict in details list.""" class Options(object): """JSL schema for generic metadata dict in details list.""" definition_id = "details_metadata" description = "generic metadata dict in details list" # some of these may be missing in some ecosystem, so no required=True author = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) bug_reporting = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) code_repository = jsl.OneOfField( [jsl.DocumentField(CodeRepository, as_ref=True), jsl.NullField()] ) with removed_in(ROLE_v3_2_0) as removed_in_v3_2_0: removed_in_v3_2_0.declared_license = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) with added_in(ROLE_v3_2_0) as added_in_v3_2_0: added_in_v3_2_0.declared_licenses = jsl.OneOfField([jsl.ArrayField(jsl.StringField()), jsl.NullField()]) dependencies = jsl.OneOfField( [jsl.ArrayField(jsl.StringField()), jsl.NullField()] ) description = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) devel_dependencies = jsl.OneOfField( [jsl.ArrayField(jsl.StringField()), jsl.NullField()] ) # engines are NPM thingie and can contain lots of various keys # so we just allow pretty much anything in that dict engines = jsl.OneOfField( [jsl.DictField(additional_properties=True), jsl.NullField()] ) files = jsl.OneOfField( [jsl.ArrayField(jsl.StringField()), jsl.NullField()] ) git_head = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) homepage = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) keywords = jsl.OneOfField( [jsl.ArrayField(jsl.StringField()), jsl.NullField()] ) # metadata is a rubygems thing and can contain arbitrary key/value pairs metadata = jsl.OneOfField( [jsl.DictField(additional_properties=True), jsl.NullField()] ) name = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) platform = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) readme = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) scripts = jsl.OneOfField( [jsl.DictField(additional_properties=True), jsl.NullField()] ) version = jsl.OneOfField([jsl.StringField(), jsl.NullField()]) with jsl.Scope(lambda v: v in (ROLE_v1_0_1, ROLE_v1_1_0)) as v1_0_1_v1_1_0: v1_0_1_v1_1_0.npm_shrinkwrap = jsl.OneOfField( [jsl.DocumentField(NpmShrinkwrap, as_ref=True), jsl.NullField()]) with jsl.Scope(lambda v: v < ROLE_v1_1_0) as before_v1_1_0: before_v1_1_0.maintainers = jsl.OneOfField( [jsl.ArrayField(jsl.DocumentField(Maintainer, as_ref=True)), jsl.NullField()]) with added_in(ROLE_v1_1_0) as since_v1_1_0: since_v1_1_0.contributors = jsl.OneOfField( [jsl.ArrayField(jsl.StringField()), jsl.NullField()]) since_v1_1_0.maintainers = jsl.OneOfField( [jsl.ArrayField(jsl.StringField()), jsl.NullField()]) with jsl.Scope(ROLE_v2_0_0) as v2_0_0: v2_0_0._system = jsl.StringField() with jsl.Scope(lambda v: ROLE_v2_1_0 <= v < ROLE_v3_0_0) as since_v2_1_0: since_v2_1_0._bayesian_dependency_tree_lock = jsl.OneOfField([ jsl.DocumentField(LockFile, as_ref=True), jsl.NullField() ]) with added_in(ROLE_v2_1_1) as since_v2_1_1: since_v2_1_1._tests_implemented = jsl.BooleanField() with added_in(ROLE_v3_0_0) as since_v3_0_0: since_v3_0_0.ecosystem = jsl.StringField() since_v3_0_0._dependency_tree_lock = jsl.OneOfField([ jsl.DocumentField(LockFile, as_ref=True), jsl.NullField() ]) with added_in(ROLE_v3_1_1) as since_v3_1_1: since_v3_1_1.path = jsl.OneOfField( [jsl.StringField(), jsl.NullField()], required=False )