0b68f8123b
Add implementation of standard-agnostic model for SBOM, and simple SPDX v2.3 model. Also add convenience functions for converting DNF4 package set to the standard-agnostic model and for converting it to SPDX model. Cover the functionality with unit tests. Signed-off-by: Tomáš Hozza <thozza@redhat.com>
33 lines
634 B
Python
33 lines
634 B
Python
"""Module for creating SPDX spec v2 Software Bill of Materials (SBOM) files."""
|
|
|
|
from .model import (
|
|
Checksum,
|
|
ChecksumAlgorithm,
|
|
CreationInfo,
|
|
Creator,
|
|
CreatorType,
|
|
Document,
|
|
ExternalPackageRef,
|
|
ExternalPackageRefCategory,
|
|
NoAssertionValue,
|
|
NoneValue,
|
|
Package,
|
|
Relationship,
|
|
RelationshipType,
|
|
)
|
|
|
|
__all__ = [
|
|
"Checksum",
|
|
"ChecksumAlgorithm",
|
|
"CreationInfo",
|
|
"Creator",
|
|
"CreatorType",
|
|
"Document",
|
|
"ExternalPackageRef",
|
|
"ExternalPackageRefCategory",
|
|
"NoAssertionValue",
|
|
"NoneValue",
|
|
"Package",
|
|
"Relationship",
|
|
"RelationshipType"
|
|
]
|