diff --git a/v3.0.1-draft/index.html b/v3.0.1-draft/index.html index d4e9a9efa4..519f246ce5 100644 --- a/v3.0.1-draft/index.html +++ b/v3.0.1-draft/index.html @@ -978,5 +978,5 @@

The Syst diff --git a/v3.0.1-draft/model/AI/AI/index.html b/v3.0.1-draft/model/AI/AI/index.html index 4f080b39a9..9ba5f2f766 100644 --- a/v3.0.1-draft/model/AI/AI/index.html +++ b/v3.0.1-draft/model/AI/AI/index.html @@ -821,7 +821,7 @@
- +

AI

diff --git a/v3.0.1-draft/model/AI/Classes/AIPackage/index.html b/v3.0.1-draft/model/AI/Classes/AIPackage/index.html index c01323849d..fd334991e4 100644 --- a/v3.0.1-draft/model/AI/Classes/AIPackage/index.html +++ b/v3.0.1-draft/model/AI/Classes/AIPackage/index.html @@ -828,7 +828,7 @@
- +

AIPackage

diff --git a/v3.0.1-draft/model/AI/Classes/EnergyConsumption/index.html b/v3.0.1-draft/model/AI/Classes/EnergyConsumption/index.html index 9cf7033b2f..919e73bad8 100644 --- a/v3.0.1-draft/model/AI/Classes/EnergyConsumption/index.html +++ b/v3.0.1-draft/model/AI/Classes/EnergyConsumption/index.html @@ -824,7 +824,7 @@
- +

EnergyConsumption

diff --git a/v3.0.1-draft/model/AI/Classes/EnergyConsumptionDescription/index.html b/v3.0.1-draft/model/AI/Classes/EnergyConsumptionDescription/index.html index 9541b7c158..ba06491af7 100644 --- a/v3.0.1-draft/model/AI/Classes/EnergyConsumptionDescription/index.html +++ b/v3.0.1-draft/model/AI/Classes/EnergyConsumptionDescription/index.html @@ -824,7 +824,7 @@
- +

EnergyConsumptionDescription

diff --git a/v3.0.1-draft/model/AI/Properties/autonomyType/index.html b/v3.0.1-draft/model/AI/Properties/autonomyType/index.html index 93337f66f6..9cc16d3e5a 100644 --- a/v3.0.1-draft/model/AI/Properties/autonomyType/index.html +++ b/v3.0.1-draft/model/AI/Properties/autonomyType/index.html @@ -822,7 +822,7 @@
- +

autonomyType

diff --git a/v3.0.1-draft/model/AI/Properties/domain/index.html b/v3.0.1-draft/model/AI/Properties/domain/index.html index e37e5155c4..cf080117d9 100644 --- a/v3.0.1-draft/model/AI/Properties/domain/index.html +++ b/v3.0.1-draft/model/AI/Properties/domain/index.html @@ -822,7 +822,7 @@
- +

domain

diff --git a/v3.0.1-draft/model/AI/Properties/energyConsumption/index.html b/v3.0.1-draft/model/AI/Properties/energyConsumption/index.html index 52ff1f7827..08411a81f7 100644 --- a/v3.0.1-draft/model/AI/Properties/energyConsumption/index.html +++ b/v3.0.1-draft/model/AI/Properties/energyConsumption/index.html @@ -822,7 +822,7 @@
- +

energyConsumption

diff --git a/v3.0.1-draft/model/AI/Properties/energyQuantity/index.html b/v3.0.1-draft/model/AI/Properties/energyQuantity/index.html index ddd403f3e4..bfc3c07a43 100644 --- a/v3.0.1-draft/model/AI/Properties/energyQuantity/index.html +++ b/v3.0.1-draft/model/AI/Properties/energyQuantity/index.html @@ -822,7 +822,7 @@
- +

energyQuantity

diff --git a/v3.0.1-draft/model/AI/Properties/energyUnit/index.html b/v3.0.1-draft/model/AI/Properties/energyUnit/index.html index 19b4e5d58b..cf8ae10229 100644 --- a/v3.0.1-draft/model/AI/Properties/energyUnit/index.html +++ b/v3.0.1-draft/model/AI/Properties/energyUnit/index.html @@ -822,7 +822,7 @@
- +

energyUnit

diff --git a/v3.0.1-draft/model/AI/Properties/finetuningEnergyConsumption/index.html b/v3.0.1-draft/model/AI/Properties/finetuningEnergyConsumption/index.html index b95cf607e6..3b6f0ca9e6 100644 --- a/v3.0.1-draft/model/AI/Properties/finetuningEnergyConsumption/index.html +++ b/v3.0.1-draft/model/AI/Properties/finetuningEnergyConsumption/index.html @@ -822,7 +822,7 @@
- +

finetuningEnergyConsumption

diff --git a/v3.0.1-draft/model/AI/Properties/hyperparameter/index.html b/v3.0.1-draft/model/AI/Properties/hyperparameter/index.html index c3035581e2..1daf46deb7 100644 --- a/v3.0.1-draft/model/AI/Properties/hyperparameter/index.html +++ b/v3.0.1-draft/model/AI/Properties/hyperparameter/index.html @@ -822,7 +822,7 @@
- +

hyperparameter

diff --git a/v3.0.1-draft/model/AI/Properties/inferenceEnergyConsumption/index.html b/v3.0.1-draft/model/AI/Properties/inferenceEnergyConsumption/index.html index 3f97179f26..446d8b4f03 100644 --- a/v3.0.1-draft/model/AI/Properties/inferenceEnergyConsumption/index.html +++ b/v3.0.1-draft/model/AI/Properties/inferenceEnergyConsumption/index.html @@ -822,7 +822,7 @@
- +

inferenceEnergyConsumption

diff --git a/v3.0.1-draft/model/AI/Properties/informationAboutApplication/index.html b/v3.0.1-draft/model/AI/Properties/informationAboutApplication/index.html index cd47a75795..26e52d2120 100644 --- a/v3.0.1-draft/model/AI/Properties/informationAboutApplication/index.html +++ b/v3.0.1-draft/model/AI/Properties/informationAboutApplication/index.html @@ -822,7 +822,7 @@
- +

informationAboutApplication

diff --git a/v3.0.1-draft/model/AI/Properties/informationAboutTraining/index.html b/v3.0.1-draft/model/AI/Properties/informationAboutTraining/index.html index c369567567..8ecccfa97e 100644 --- a/v3.0.1-draft/model/AI/Properties/informationAboutTraining/index.html +++ b/v3.0.1-draft/model/AI/Properties/informationAboutTraining/index.html @@ -822,7 +822,7 @@
- +

informationAboutTraining

diff --git a/v3.0.1-draft/model/AI/Properties/limitation/index.html b/v3.0.1-draft/model/AI/Properties/limitation/index.html index 0974dc9a48..3154397b81 100644 --- a/v3.0.1-draft/model/AI/Properties/limitation/index.html +++ b/v3.0.1-draft/model/AI/Properties/limitation/index.html @@ -822,7 +822,7 @@
- +

limitation

diff --git a/v3.0.1-draft/model/AI/Properties/metric/index.html b/v3.0.1-draft/model/AI/Properties/metric/index.html index ead1b53719..a2cecce11b 100644 --- a/v3.0.1-draft/model/AI/Properties/metric/index.html +++ b/v3.0.1-draft/model/AI/Properties/metric/index.html @@ -822,7 +822,7 @@
- +

metric

diff --git a/v3.0.1-draft/model/AI/Properties/metricDecisionThreshold/index.html b/v3.0.1-draft/model/AI/Properties/metricDecisionThreshold/index.html index 225080f4c7..8489146ab5 100644 --- a/v3.0.1-draft/model/AI/Properties/metricDecisionThreshold/index.html +++ b/v3.0.1-draft/model/AI/Properties/metricDecisionThreshold/index.html @@ -822,7 +822,7 @@
- +

metricDecisionThreshold

diff --git a/v3.0.1-draft/model/AI/Properties/modelDataPreprocessing/index.html b/v3.0.1-draft/model/AI/Properties/modelDataPreprocessing/index.html index c128b6be67..1d9324e048 100644 --- a/v3.0.1-draft/model/AI/Properties/modelDataPreprocessing/index.html +++ b/v3.0.1-draft/model/AI/Properties/modelDataPreprocessing/index.html @@ -822,7 +822,7 @@
- +

modelDataPreprocessing

diff --git a/v3.0.1-draft/model/AI/Properties/modelExplainability/index.html b/v3.0.1-draft/model/AI/Properties/modelExplainability/index.html index 0a535dcbf3..066bc3c8fb 100644 --- a/v3.0.1-draft/model/AI/Properties/modelExplainability/index.html +++ b/v3.0.1-draft/model/AI/Properties/modelExplainability/index.html @@ -822,7 +822,7 @@
- +

modelExplainability

diff --git a/v3.0.1-draft/model/AI/Properties/safetyRiskAssessment/index.html b/v3.0.1-draft/model/AI/Properties/safetyRiskAssessment/index.html index b8c8bf3321..5a6d04ed24 100644 --- a/v3.0.1-draft/model/AI/Properties/safetyRiskAssessment/index.html +++ b/v3.0.1-draft/model/AI/Properties/safetyRiskAssessment/index.html @@ -822,7 +822,7 @@
- +

safetyRiskAssessment

diff --git a/v3.0.1-draft/model/AI/Properties/standardCompliance/index.html b/v3.0.1-draft/model/AI/Properties/standardCompliance/index.html index 37d6b2fb6a..2ddbbf4051 100644 --- a/v3.0.1-draft/model/AI/Properties/standardCompliance/index.html +++ b/v3.0.1-draft/model/AI/Properties/standardCompliance/index.html @@ -822,7 +822,7 @@
- +

standardCompliance

diff --git a/v3.0.1-draft/model/AI/Properties/trainingEnergyConsumption/index.html b/v3.0.1-draft/model/AI/Properties/trainingEnergyConsumption/index.html index faca2f5554..3454c0681e 100644 --- a/v3.0.1-draft/model/AI/Properties/trainingEnergyConsumption/index.html +++ b/v3.0.1-draft/model/AI/Properties/trainingEnergyConsumption/index.html @@ -822,7 +822,7 @@
- +

trainingEnergyConsumption

diff --git a/v3.0.1-draft/model/AI/Properties/typeOfModel/index.html b/v3.0.1-draft/model/AI/Properties/typeOfModel/index.html index f83a8c6808..09969b56de 100644 --- a/v3.0.1-draft/model/AI/Properties/typeOfModel/index.html +++ b/v3.0.1-draft/model/AI/Properties/typeOfModel/index.html @@ -822,7 +822,7 @@
- +

typeOfModel

diff --git a/v3.0.1-draft/model/AI/Properties/useSensitivePersonalInformation/index.html b/v3.0.1-draft/model/AI/Properties/useSensitivePersonalInformation/index.html index cb14e29220..5ddf27f183 100644 --- a/v3.0.1-draft/model/AI/Properties/useSensitivePersonalInformation/index.html +++ b/v3.0.1-draft/model/AI/Properties/useSensitivePersonalInformation/index.html @@ -822,7 +822,7 @@
- +

useSensitivePersonalInformation

diff --git a/v3.0.1-draft/model/AI/Vocabularies/EnergyUnitType/index.html b/v3.0.1-draft/model/AI/Vocabularies/EnergyUnitType/index.html index d6d76d17af..299b439b72 100644 --- a/v3.0.1-draft/model/AI/Vocabularies/EnergyUnitType/index.html +++ b/v3.0.1-draft/model/AI/Vocabularies/EnergyUnitType/index.html @@ -822,7 +822,7 @@
- +

EnergyUnitType

diff --git a/v3.0.1-draft/model/AI/Vocabularies/SafetyRiskAssessmentType/index.html b/v3.0.1-draft/model/AI/Vocabularies/SafetyRiskAssessmentType/index.html index 9d19475888..702c8205a6 100644 --- a/v3.0.1-draft/model/AI/Vocabularies/SafetyRiskAssessmentType/index.html +++ b/v3.0.1-draft/model/AI/Vocabularies/SafetyRiskAssessmentType/index.html @@ -822,7 +822,7 @@
- +

SafetyRiskAssessmentType

diff --git a/v3.0.1-draft/model/Build/Build/index.html b/v3.0.1-draft/model/Build/Build/index.html index f3822246a7..f899f8e8f6 100644 --- a/v3.0.1-draft/model/Build/Build/index.html +++ b/v3.0.1-draft/model/Build/Build/index.html @@ -819,7 +819,7 @@
- +

Build

diff --git a/v3.0.1-draft/model/Build/Classes/Build/index.html b/v3.0.1-draft/model/Build/Classes/Build/index.html index e2c6eb460f..048ca63f79 100644 --- a/v3.0.1-draft/model/Build/Classes/Build/index.html +++ b/v3.0.1-draft/model/Build/Classes/Build/index.html @@ -826,7 +826,7 @@
- +

Build

diff --git a/v3.0.1-draft/model/Build/Properties/buildEndTime/index.html b/v3.0.1-draft/model/Build/Properties/buildEndTime/index.html index bf1632d8ba..357d1238fc 100644 --- a/v3.0.1-draft/model/Build/Properties/buildEndTime/index.html +++ b/v3.0.1-draft/model/Build/Properties/buildEndTime/index.html @@ -822,7 +822,7 @@
- +

buildEndTime

diff --git a/v3.0.1-draft/model/Build/Properties/buildId/index.html b/v3.0.1-draft/model/Build/Properties/buildId/index.html index ea1a230720..741d72ef41 100644 --- a/v3.0.1-draft/model/Build/Properties/buildId/index.html +++ b/v3.0.1-draft/model/Build/Properties/buildId/index.html @@ -822,7 +822,7 @@
- +

buildId

diff --git a/v3.0.1-draft/model/Build/Properties/buildStartTime/index.html b/v3.0.1-draft/model/Build/Properties/buildStartTime/index.html index 5e83cfc3ec..6d5194a228 100644 --- a/v3.0.1-draft/model/Build/Properties/buildStartTime/index.html +++ b/v3.0.1-draft/model/Build/Properties/buildStartTime/index.html @@ -822,7 +822,7 @@
- +

buildStartTime

diff --git a/v3.0.1-draft/model/Build/Properties/buildType/index.html b/v3.0.1-draft/model/Build/Properties/buildType/index.html index 27cdedafde..4b721b1c3b 100644 --- a/v3.0.1-draft/model/Build/Properties/buildType/index.html +++ b/v3.0.1-draft/model/Build/Properties/buildType/index.html @@ -822,7 +822,7 @@
- +

buildType

diff --git a/v3.0.1-draft/model/Build/Properties/configSourceDigest/index.html b/v3.0.1-draft/model/Build/Properties/configSourceDigest/index.html index 0e97568055..a640af31f1 100644 --- a/v3.0.1-draft/model/Build/Properties/configSourceDigest/index.html +++ b/v3.0.1-draft/model/Build/Properties/configSourceDigest/index.html @@ -822,7 +822,7 @@
- +

configSourceDigest

diff --git a/v3.0.1-draft/model/Build/Properties/configSourceEntrypoint/index.html b/v3.0.1-draft/model/Build/Properties/configSourceEntrypoint/index.html index ed4499fb7f..8d804fe507 100644 --- a/v3.0.1-draft/model/Build/Properties/configSourceEntrypoint/index.html +++ b/v3.0.1-draft/model/Build/Properties/configSourceEntrypoint/index.html @@ -822,7 +822,7 @@
- +

configSourceEntrypoint

diff --git a/v3.0.1-draft/model/Build/Properties/configSourceUri/index.html b/v3.0.1-draft/model/Build/Properties/configSourceUri/index.html index e4cc6993e4..b01bc94763 100644 --- a/v3.0.1-draft/model/Build/Properties/configSourceUri/index.html +++ b/v3.0.1-draft/model/Build/Properties/configSourceUri/index.html @@ -822,7 +822,7 @@
- +

configSourceUri

diff --git a/v3.0.1-draft/model/Build/Properties/environment/index.html b/v3.0.1-draft/model/Build/Properties/environment/index.html index 04dd75bc5a..2cfb44bb7c 100644 --- a/v3.0.1-draft/model/Build/Properties/environment/index.html +++ b/v3.0.1-draft/model/Build/Properties/environment/index.html @@ -822,7 +822,7 @@
- +

environment

diff --git a/v3.0.1-draft/model/Build/Properties/parameters/index.html b/v3.0.1-draft/model/Build/Properties/parameters/index.html index 5b7d4c3b5a..672a3755a3 100644 --- a/v3.0.1-draft/model/Build/Properties/parameters/index.html +++ b/v3.0.1-draft/model/Build/Properties/parameters/index.html @@ -822,7 +822,7 @@
- +

parameters

diff --git a/v3.0.1-draft/model/Core/Classes/Agent/index.html b/v3.0.1-draft/model/Core/Classes/Agent/index.html index 32afb79568..1ced7a1917 100644 --- a/v3.0.1-draft/model/Core/Classes/Agent/index.html +++ b/v3.0.1-draft/model/Core/Classes/Agent/index.html @@ -824,7 +824,7 @@
- +

Agent

diff --git a/v3.0.1-draft/model/Core/Classes/Annotation/index.html b/v3.0.1-draft/model/Core/Classes/Annotation/index.html index cddea616cd..02eada79be 100644 --- a/v3.0.1-draft/model/Core/Classes/Annotation/index.html +++ b/v3.0.1-draft/model/Core/Classes/Annotation/index.html @@ -826,7 +826,7 @@
- +

Annotation

diff --git a/v3.0.1-draft/model/Core/Classes/Artifact/index.html b/v3.0.1-draft/model/Core/Classes/Artifact/index.html index f94619e9d9..0d1b15ac6e 100644 --- a/v3.0.1-draft/model/Core/Classes/Artifact/index.html +++ b/v3.0.1-draft/model/Core/Classes/Artifact/index.html @@ -826,7 +826,7 @@
- +

Artifact

diff --git a/v3.0.1-draft/model/Core/Classes/Bom/index.html b/v3.0.1-draft/model/Core/Classes/Bom/index.html index 8e0b8e226e..6ddb2a49a8 100644 --- a/v3.0.1-draft/model/Core/Classes/Bom/index.html +++ b/v3.0.1-draft/model/Core/Classes/Bom/index.html @@ -824,7 +824,7 @@
- +

Bom

diff --git a/v3.0.1-draft/model/Core/Classes/Bundle/index.html b/v3.0.1-draft/model/Core/Classes/Bundle/index.html index b042554d45..5e75e54b98 100644 --- a/v3.0.1-draft/model/Core/Classes/Bundle/index.html +++ b/v3.0.1-draft/model/Core/Classes/Bundle/index.html @@ -826,7 +826,7 @@
- +

Bundle

diff --git a/v3.0.1-draft/model/Core/Classes/CreationInfo/index.html b/v3.0.1-draft/model/Core/Classes/CreationInfo/index.html index a45a125e5f..6d5679c5d7 100644 --- a/v3.0.1-draft/model/Core/Classes/CreationInfo/index.html +++ b/v3.0.1-draft/model/Core/Classes/CreationInfo/index.html @@ -824,7 +824,7 @@
- +

CreationInfo

diff --git a/v3.0.1-draft/model/Core/Classes/DictionaryEntry/index.html b/v3.0.1-draft/model/Core/Classes/DictionaryEntry/index.html index 64a712bee3..b3181835e4 100644 --- a/v3.0.1-draft/model/Core/Classes/DictionaryEntry/index.html +++ b/v3.0.1-draft/model/Core/Classes/DictionaryEntry/index.html @@ -824,7 +824,7 @@
- +

DictionaryEntry

diff --git a/v3.0.1-draft/model/Core/Classes/Element/index.html b/v3.0.1-draft/model/Core/Classes/Element/index.html index f71c9855a0..54662b5799 100644 --- a/v3.0.1-draft/model/Core/Classes/Element/index.html +++ b/v3.0.1-draft/model/Core/Classes/Element/index.html @@ -824,7 +824,7 @@
- +

Element

diff --git a/v3.0.1-draft/model/Core/Classes/ElementCollection/index.html b/v3.0.1-draft/model/Core/Classes/ElementCollection/index.html index 084d956f82..7bcf3e211f 100644 --- a/v3.0.1-draft/model/Core/Classes/ElementCollection/index.html +++ b/v3.0.1-draft/model/Core/Classes/ElementCollection/index.html @@ -826,7 +826,7 @@
- +

ElementCollection

diff --git a/v3.0.1-draft/model/Core/Classes/ExternalIdentifier/index.html b/v3.0.1-draft/model/Core/Classes/ExternalIdentifier/index.html index cbf2bc9897..531df2d8b2 100644 --- a/v3.0.1-draft/model/Core/Classes/ExternalIdentifier/index.html +++ b/v3.0.1-draft/model/Core/Classes/ExternalIdentifier/index.html @@ -824,7 +824,7 @@
- +

ExternalIdentifier

diff --git a/v3.0.1-draft/model/Core/Classes/ExternalMap/index.html b/v3.0.1-draft/model/Core/Classes/ExternalMap/index.html index 45eb1a59da..67665031f4 100644 --- a/v3.0.1-draft/model/Core/Classes/ExternalMap/index.html +++ b/v3.0.1-draft/model/Core/Classes/ExternalMap/index.html @@ -824,7 +824,7 @@
- +

ExternalMap

diff --git a/v3.0.1-draft/model/Core/Classes/ExternalRef/index.html b/v3.0.1-draft/model/Core/Classes/ExternalRef/index.html index d493ea1c5a..75b1472561 100644 --- a/v3.0.1-draft/model/Core/Classes/ExternalRef/index.html +++ b/v3.0.1-draft/model/Core/Classes/ExternalRef/index.html @@ -824,7 +824,7 @@
- +

ExternalRef

diff --git a/v3.0.1-draft/model/Core/Classes/Hash/index.html b/v3.0.1-draft/model/Core/Classes/Hash/index.html index 53e147fc16..f8badc1229 100644 --- a/v3.0.1-draft/model/Core/Classes/Hash/index.html +++ b/v3.0.1-draft/model/Core/Classes/Hash/index.html @@ -826,7 +826,7 @@
- +

Hash

diff --git a/v3.0.1-draft/model/Core/Classes/IntegrityMethod/index.html b/v3.0.1-draft/model/Core/Classes/IntegrityMethod/index.html index fe384305b3..470378c38e 100644 --- a/v3.0.1-draft/model/Core/Classes/IntegrityMethod/index.html +++ b/v3.0.1-draft/model/Core/Classes/IntegrityMethod/index.html @@ -824,7 +824,7 @@
- +

IntegrityMethod

diff --git a/v3.0.1-draft/model/Core/Classes/LifecycleScopedRelationship/index.html b/v3.0.1-draft/model/Core/Classes/LifecycleScopedRelationship/index.html index 031158dc8e..ee4a305d4a 100644 --- a/v3.0.1-draft/model/Core/Classes/LifecycleScopedRelationship/index.html +++ b/v3.0.1-draft/model/Core/Classes/LifecycleScopedRelationship/index.html @@ -826,7 +826,7 @@
- +

LifecycleScopedRelationship

diff --git a/v3.0.1-draft/model/Core/Classes/NamespaceMap/index.html b/v3.0.1-draft/model/Core/Classes/NamespaceMap/index.html index b294112499..f95b7d2f1d 100644 --- a/v3.0.1-draft/model/Core/Classes/NamespaceMap/index.html +++ b/v3.0.1-draft/model/Core/Classes/NamespaceMap/index.html @@ -824,7 +824,7 @@
- +

NamespaceMap

diff --git a/v3.0.1-draft/model/Core/Classes/Organization/index.html b/v3.0.1-draft/model/Core/Classes/Organization/index.html index 4cb05971f4..1dc9e2e1b4 100644 --- a/v3.0.1-draft/model/Core/Classes/Organization/index.html +++ b/v3.0.1-draft/model/Core/Classes/Organization/index.html @@ -824,7 +824,7 @@
- +

Organization

diff --git a/v3.0.1-draft/model/Core/Classes/PackageVerificationCode/index.html b/v3.0.1-draft/model/Core/Classes/PackageVerificationCode/index.html index d314d519c4..5320025abc 100644 --- a/v3.0.1-draft/model/Core/Classes/PackageVerificationCode/index.html +++ b/v3.0.1-draft/model/Core/Classes/PackageVerificationCode/index.html @@ -826,7 +826,7 @@
- +

PackageVerificationCode

diff --git a/v3.0.1-draft/model/Core/Classes/Person/index.html b/v3.0.1-draft/model/Core/Classes/Person/index.html index 494878d87b..f4a758ddb8 100644 --- a/v3.0.1-draft/model/Core/Classes/Person/index.html +++ b/v3.0.1-draft/model/Core/Classes/Person/index.html @@ -824,7 +824,7 @@
- +

Person

diff --git a/v3.0.1-draft/model/Core/Classes/PositiveIntegerRange/index.html b/v3.0.1-draft/model/Core/Classes/PositiveIntegerRange/index.html index 0303810695..60595d4bf4 100644 --- a/v3.0.1-draft/model/Core/Classes/PositiveIntegerRange/index.html +++ b/v3.0.1-draft/model/Core/Classes/PositiveIntegerRange/index.html @@ -824,7 +824,7 @@
- +

PositiveIntegerRange

diff --git a/v3.0.1-draft/model/Core/Classes/Relationship/index.html b/v3.0.1-draft/model/Core/Classes/Relationship/index.html index 29e7be3e55..c9587ecb47 100644 --- a/v3.0.1-draft/model/Core/Classes/Relationship/index.html +++ b/v3.0.1-draft/model/Core/Classes/Relationship/index.html @@ -826,7 +826,7 @@
- +

Relationship

diff --git a/v3.0.1-draft/model/Core/Classes/SoftwareAgent/index.html b/v3.0.1-draft/model/Core/Classes/SoftwareAgent/index.html index 1b6c56cb09..7cbc988d1a 100644 --- a/v3.0.1-draft/model/Core/Classes/SoftwareAgent/index.html +++ b/v3.0.1-draft/model/Core/Classes/SoftwareAgent/index.html @@ -824,7 +824,7 @@
- +

SoftwareAgent

diff --git a/v3.0.1-draft/model/Core/Classes/SpdxDocument/index.html b/v3.0.1-draft/model/Core/Classes/SpdxDocument/index.html index 19b2837227..3f4ce3e237 100644 --- a/v3.0.1-draft/model/Core/Classes/SpdxDocument/index.html +++ b/v3.0.1-draft/model/Core/Classes/SpdxDocument/index.html @@ -826,7 +826,7 @@
- +

SpdxDocument

diff --git a/v3.0.1-draft/model/Core/Classes/Tool/index.html b/v3.0.1-draft/model/Core/Classes/Tool/index.html index 2191c4e31c..a1fc68bf95 100644 --- a/v3.0.1-draft/model/Core/Classes/Tool/index.html +++ b/v3.0.1-draft/model/Core/Classes/Tool/index.html @@ -824,7 +824,7 @@
- +

Tool

diff --git a/v3.0.1-draft/model/Core/Core/index.html b/v3.0.1-draft/model/Core/Core/index.html index 7cc9d0a5bf..5c04fee688 100644 --- a/v3.0.1-draft/model/Core/Core/index.html +++ b/v3.0.1-draft/model/Core/Core/index.html @@ -819,7 +819,7 @@
- +

Core

diff --git a/v3.0.1-draft/model/Core/Datatypes/DateTime/index.html b/v3.0.1-draft/model/Core/Datatypes/DateTime/index.html index f07bad1555..5eca813a51 100644 --- a/v3.0.1-draft/model/Core/Datatypes/DateTime/index.html +++ b/v3.0.1-draft/model/Core/Datatypes/DateTime/index.html @@ -822,7 +822,7 @@
- +

DateTime

diff --git a/v3.0.1-draft/model/Core/Datatypes/MediaType/index.html b/v3.0.1-draft/model/Core/Datatypes/MediaType/index.html index 274854d5ba..3540b49471 100644 --- a/v3.0.1-draft/model/Core/Datatypes/MediaType/index.html +++ b/v3.0.1-draft/model/Core/Datatypes/MediaType/index.html @@ -822,7 +822,7 @@
- +

MediaType

diff --git a/v3.0.1-draft/model/Core/Datatypes/SemVer/index.html b/v3.0.1-draft/model/Core/Datatypes/SemVer/index.html index 98d2a432fa..29d7267567 100644 --- a/v3.0.1-draft/model/Core/Datatypes/SemVer/index.html +++ b/v3.0.1-draft/model/Core/Datatypes/SemVer/index.html @@ -822,7 +822,7 @@
- +

SemVer

diff --git a/v3.0.1-draft/model/Core/Individuals/NoAssertionElement/index.html b/v3.0.1-draft/model/Core/Individuals/NoAssertionElement/index.html index efe7afaa20..738e833e5e 100644 --- a/v3.0.1-draft/model/Core/Individuals/NoAssertionElement/index.html +++ b/v3.0.1-draft/model/Core/Individuals/NoAssertionElement/index.html @@ -820,7 +820,7 @@
- +

NoAssertionElement

diff --git a/v3.0.1-draft/model/Core/Individuals/NoneElement/index.html b/v3.0.1-draft/model/Core/Individuals/NoneElement/index.html index cba67b2c84..c84dceb8df 100644 --- a/v3.0.1-draft/model/Core/Individuals/NoneElement/index.html +++ b/v3.0.1-draft/model/Core/Individuals/NoneElement/index.html @@ -820,7 +820,7 @@
- +

NoneElement

diff --git a/v3.0.1-draft/model/Core/Properties/algorithm/index.html b/v3.0.1-draft/model/Core/Properties/algorithm/index.html index c6fc9ebe6f..9ebb8cf90d 100644 --- a/v3.0.1-draft/model/Core/Properties/algorithm/index.html +++ b/v3.0.1-draft/model/Core/Properties/algorithm/index.html @@ -822,7 +822,7 @@
- +

algorithm

diff --git a/v3.0.1-draft/model/Core/Properties/annotationType/index.html b/v3.0.1-draft/model/Core/Properties/annotationType/index.html index a810197f55..9d852e92fb 100644 --- a/v3.0.1-draft/model/Core/Properties/annotationType/index.html +++ b/v3.0.1-draft/model/Core/Properties/annotationType/index.html @@ -822,7 +822,7 @@
- +

annotationType

diff --git a/v3.0.1-draft/model/Core/Properties/beginIntegerRange/index.html b/v3.0.1-draft/model/Core/Properties/beginIntegerRange/index.html index 30ffb095fd..a97a0f6f99 100644 --- a/v3.0.1-draft/model/Core/Properties/beginIntegerRange/index.html +++ b/v3.0.1-draft/model/Core/Properties/beginIntegerRange/index.html @@ -822,7 +822,7 @@
- +

beginIntegerRange

diff --git a/v3.0.1-draft/model/Core/Properties/builtTime/index.html b/v3.0.1-draft/model/Core/Properties/builtTime/index.html index 00794174d7..9c1c2fe168 100644 --- a/v3.0.1-draft/model/Core/Properties/builtTime/index.html +++ b/v3.0.1-draft/model/Core/Properties/builtTime/index.html @@ -822,7 +822,7 @@
- +

builtTime

diff --git a/v3.0.1-draft/model/Core/Properties/comment/index.html b/v3.0.1-draft/model/Core/Properties/comment/index.html index 6baba9a534..738c94b201 100644 --- a/v3.0.1-draft/model/Core/Properties/comment/index.html +++ b/v3.0.1-draft/model/Core/Properties/comment/index.html @@ -822,7 +822,7 @@
- +

comment

diff --git a/v3.0.1-draft/model/Core/Properties/completeness/index.html b/v3.0.1-draft/model/Core/Properties/completeness/index.html index f70fe6b33d..93ef485293 100644 --- a/v3.0.1-draft/model/Core/Properties/completeness/index.html +++ b/v3.0.1-draft/model/Core/Properties/completeness/index.html @@ -822,7 +822,7 @@
- +

completeness

diff --git a/v3.0.1-draft/model/Core/Properties/contentType/index.html b/v3.0.1-draft/model/Core/Properties/contentType/index.html index f74bf67b73..b5bc35025c 100644 --- a/v3.0.1-draft/model/Core/Properties/contentType/index.html +++ b/v3.0.1-draft/model/Core/Properties/contentType/index.html @@ -822,7 +822,7 @@
- +

contentType

diff --git a/v3.0.1-draft/model/Core/Properties/context/index.html b/v3.0.1-draft/model/Core/Properties/context/index.html index cfb5ed7cf5..4773567e16 100644 --- a/v3.0.1-draft/model/Core/Properties/context/index.html +++ b/v3.0.1-draft/model/Core/Properties/context/index.html @@ -822,7 +822,7 @@
- +

context

diff --git a/v3.0.1-draft/model/Core/Properties/created/index.html b/v3.0.1-draft/model/Core/Properties/created/index.html index c6d05c3cc7..7a222ff261 100644 --- a/v3.0.1-draft/model/Core/Properties/created/index.html +++ b/v3.0.1-draft/model/Core/Properties/created/index.html @@ -822,7 +822,7 @@
- +

created

diff --git a/v3.0.1-draft/model/Core/Properties/createdBy/index.html b/v3.0.1-draft/model/Core/Properties/createdBy/index.html index 41e9a3be8b..8d4d3ad871 100644 --- a/v3.0.1-draft/model/Core/Properties/createdBy/index.html +++ b/v3.0.1-draft/model/Core/Properties/createdBy/index.html @@ -822,7 +822,7 @@
- +

createdBy

diff --git a/v3.0.1-draft/model/Core/Properties/createdUsing/index.html b/v3.0.1-draft/model/Core/Properties/createdUsing/index.html index 232b5b0304..8fb8a71091 100644 --- a/v3.0.1-draft/model/Core/Properties/createdUsing/index.html +++ b/v3.0.1-draft/model/Core/Properties/createdUsing/index.html @@ -822,7 +822,7 @@
- +

createdUsing

diff --git a/v3.0.1-draft/model/Core/Properties/creationInfo/index.html b/v3.0.1-draft/model/Core/Properties/creationInfo/index.html index d7ea7dcf42..48314a3bd1 100644 --- a/v3.0.1-draft/model/Core/Properties/creationInfo/index.html +++ b/v3.0.1-draft/model/Core/Properties/creationInfo/index.html @@ -822,7 +822,7 @@
- +

creationInfo

diff --git a/v3.0.1-draft/model/Core/Properties/dataLicense/index.html b/v3.0.1-draft/model/Core/Properties/dataLicense/index.html index 32c0242738..b072dd4a0b 100644 --- a/v3.0.1-draft/model/Core/Properties/dataLicense/index.html +++ b/v3.0.1-draft/model/Core/Properties/dataLicense/index.html @@ -822,7 +822,7 @@
- +

dataLicense

diff --git a/v3.0.1-draft/model/Core/Properties/definingArtifact/index.html b/v3.0.1-draft/model/Core/Properties/definingArtifact/index.html index 8c45b46ae3..dbffa65d73 100644 --- a/v3.0.1-draft/model/Core/Properties/definingArtifact/index.html +++ b/v3.0.1-draft/model/Core/Properties/definingArtifact/index.html @@ -822,7 +822,7 @@
- +

definingArtifact

diff --git a/v3.0.1-draft/model/Core/Properties/description/index.html b/v3.0.1-draft/model/Core/Properties/description/index.html index 25c1daffc5..00b1f23a54 100644 --- a/v3.0.1-draft/model/Core/Properties/description/index.html +++ b/v3.0.1-draft/model/Core/Properties/description/index.html @@ -822,7 +822,7 @@
- +

description

diff --git a/v3.0.1-draft/model/Core/Properties/element/index.html b/v3.0.1-draft/model/Core/Properties/element/index.html index 8d13abe3db..74af5ecf24 100644 --- a/v3.0.1-draft/model/Core/Properties/element/index.html +++ b/v3.0.1-draft/model/Core/Properties/element/index.html @@ -822,7 +822,7 @@
- +

element

diff --git a/v3.0.1-draft/model/Core/Properties/endIntegerRange/index.html b/v3.0.1-draft/model/Core/Properties/endIntegerRange/index.html index be1a8e03af..0061f9ec6c 100644 --- a/v3.0.1-draft/model/Core/Properties/endIntegerRange/index.html +++ b/v3.0.1-draft/model/Core/Properties/endIntegerRange/index.html @@ -822,7 +822,7 @@
- +

endIntegerRange

diff --git a/v3.0.1-draft/model/Core/Properties/endTime/index.html b/v3.0.1-draft/model/Core/Properties/endTime/index.html index d66e76dfec..d21bab3978 100644 --- a/v3.0.1-draft/model/Core/Properties/endTime/index.html +++ b/v3.0.1-draft/model/Core/Properties/endTime/index.html @@ -822,7 +822,7 @@
- +

endTime

diff --git a/v3.0.1-draft/model/Core/Properties/extension/index.html b/v3.0.1-draft/model/Core/Properties/extension/index.html index 3d3e6c6641..fe0154eed1 100644 --- a/v3.0.1-draft/model/Core/Properties/extension/index.html +++ b/v3.0.1-draft/model/Core/Properties/extension/index.html @@ -822,7 +822,7 @@
- +

extension

diff --git a/v3.0.1-draft/model/Core/Properties/externalIdentifier/index.html b/v3.0.1-draft/model/Core/Properties/externalIdentifier/index.html index 81c6023f24..709b63f0c9 100644 --- a/v3.0.1-draft/model/Core/Properties/externalIdentifier/index.html +++ b/v3.0.1-draft/model/Core/Properties/externalIdentifier/index.html @@ -822,7 +822,7 @@
- +

externalIdentifier

diff --git a/v3.0.1-draft/model/Core/Properties/externalIdentifierType/index.html b/v3.0.1-draft/model/Core/Properties/externalIdentifierType/index.html index f1e86f4d8f..f0fe235df4 100644 --- a/v3.0.1-draft/model/Core/Properties/externalIdentifierType/index.html +++ b/v3.0.1-draft/model/Core/Properties/externalIdentifierType/index.html @@ -822,7 +822,7 @@
- +

externalIdentifierType

diff --git a/v3.0.1-draft/model/Core/Properties/externalRef/index.html b/v3.0.1-draft/model/Core/Properties/externalRef/index.html index bab440b0c9..1b1f85ebf8 100644 --- a/v3.0.1-draft/model/Core/Properties/externalRef/index.html +++ b/v3.0.1-draft/model/Core/Properties/externalRef/index.html @@ -822,7 +822,7 @@
- +

externalRef

diff --git a/v3.0.1-draft/model/Core/Properties/externalRefType/index.html b/v3.0.1-draft/model/Core/Properties/externalRefType/index.html index 0419604612..22608b659d 100644 --- a/v3.0.1-draft/model/Core/Properties/externalRefType/index.html +++ b/v3.0.1-draft/model/Core/Properties/externalRefType/index.html @@ -822,7 +822,7 @@
- +

externalRefType

diff --git a/v3.0.1-draft/model/Core/Properties/externalSpdxId/index.html b/v3.0.1-draft/model/Core/Properties/externalSpdxId/index.html index 3c519cbf09..d1cd5dc108 100644 --- a/v3.0.1-draft/model/Core/Properties/externalSpdxId/index.html +++ b/v3.0.1-draft/model/Core/Properties/externalSpdxId/index.html @@ -822,7 +822,7 @@
- +

externalSpdxId

diff --git a/v3.0.1-draft/model/Core/Properties/from/index.html b/v3.0.1-draft/model/Core/Properties/from/index.html index 83c2380b19..66ce9fee22 100644 --- a/v3.0.1-draft/model/Core/Properties/from/index.html +++ b/v3.0.1-draft/model/Core/Properties/from/index.html @@ -822,7 +822,7 @@
- +

from

diff --git a/v3.0.1-draft/model/Core/Properties/hashValue/index.html b/v3.0.1-draft/model/Core/Properties/hashValue/index.html index a2878bc414..26837c8fbc 100644 --- a/v3.0.1-draft/model/Core/Properties/hashValue/index.html +++ b/v3.0.1-draft/model/Core/Properties/hashValue/index.html @@ -822,7 +822,7 @@
- +

hashValue

diff --git a/v3.0.1-draft/model/Core/Properties/identifier/index.html b/v3.0.1-draft/model/Core/Properties/identifier/index.html index 9f8b362e58..43b6d4e9a6 100644 --- a/v3.0.1-draft/model/Core/Properties/identifier/index.html +++ b/v3.0.1-draft/model/Core/Properties/identifier/index.html @@ -822,7 +822,7 @@
- +

identifier

diff --git a/v3.0.1-draft/model/Core/Properties/identifierLocator/index.html b/v3.0.1-draft/model/Core/Properties/identifierLocator/index.html index 6e18ebd966..56c5f7227e 100644 --- a/v3.0.1-draft/model/Core/Properties/identifierLocator/index.html +++ b/v3.0.1-draft/model/Core/Properties/identifierLocator/index.html @@ -822,7 +822,7 @@
- +

identifierLocator

diff --git a/v3.0.1-draft/model/Core/Properties/imports/index.html b/v3.0.1-draft/model/Core/Properties/imports/index.html index 79a61918a9..c88d30e9d1 100644 --- a/v3.0.1-draft/model/Core/Properties/imports/index.html +++ b/v3.0.1-draft/model/Core/Properties/imports/index.html @@ -822,7 +822,7 @@
- +

imports

diff --git a/v3.0.1-draft/model/Core/Properties/issuingAuthority/index.html b/v3.0.1-draft/model/Core/Properties/issuingAuthority/index.html index 261670b232..417064622f 100644 --- a/v3.0.1-draft/model/Core/Properties/issuingAuthority/index.html +++ b/v3.0.1-draft/model/Core/Properties/issuingAuthority/index.html @@ -822,7 +822,7 @@
- +

issuingAuthority

diff --git a/v3.0.1-draft/model/Core/Properties/key/index.html b/v3.0.1-draft/model/Core/Properties/key/index.html index 201f852187..cd5cced8d8 100644 --- a/v3.0.1-draft/model/Core/Properties/key/index.html +++ b/v3.0.1-draft/model/Core/Properties/key/index.html @@ -822,7 +822,7 @@
- +

key

diff --git a/v3.0.1-draft/model/Core/Properties/locationHint/index.html b/v3.0.1-draft/model/Core/Properties/locationHint/index.html index 2cdab905a0..2d1ab22500 100644 --- a/v3.0.1-draft/model/Core/Properties/locationHint/index.html +++ b/v3.0.1-draft/model/Core/Properties/locationHint/index.html @@ -822,7 +822,7 @@
- +

locationHint

diff --git a/v3.0.1-draft/model/Core/Properties/locator/index.html b/v3.0.1-draft/model/Core/Properties/locator/index.html index 3c9f6d0ba5..71d243dc97 100644 --- a/v3.0.1-draft/model/Core/Properties/locator/index.html +++ b/v3.0.1-draft/model/Core/Properties/locator/index.html @@ -822,7 +822,7 @@
- +

locator

diff --git a/v3.0.1-draft/model/Core/Properties/name/index.html b/v3.0.1-draft/model/Core/Properties/name/index.html index 1ca4aa26d1..26b627d0bf 100644 --- a/v3.0.1-draft/model/Core/Properties/name/index.html +++ b/v3.0.1-draft/model/Core/Properties/name/index.html @@ -822,7 +822,7 @@
- +

name

diff --git a/v3.0.1-draft/model/Core/Properties/namespace/index.html b/v3.0.1-draft/model/Core/Properties/namespace/index.html index 282d7970bb..9895115460 100644 --- a/v3.0.1-draft/model/Core/Properties/namespace/index.html +++ b/v3.0.1-draft/model/Core/Properties/namespace/index.html @@ -822,7 +822,7 @@
- +

namespace

diff --git a/v3.0.1-draft/model/Core/Properties/namespaceMap/index.html b/v3.0.1-draft/model/Core/Properties/namespaceMap/index.html index d425b227c3..64a96a9bec 100644 --- a/v3.0.1-draft/model/Core/Properties/namespaceMap/index.html +++ b/v3.0.1-draft/model/Core/Properties/namespaceMap/index.html @@ -822,7 +822,7 @@
- +

namespaceMap

diff --git a/v3.0.1-draft/model/Core/Properties/originatedBy/index.html b/v3.0.1-draft/model/Core/Properties/originatedBy/index.html index 2eb04152f7..fdf35998bd 100644 --- a/v3.0.1-draft/model/Core/Properties/originatedBy/index.html +++ b/v3.0.1-draft/model/Core/Properties/originatedBy/index.html @@ -822,7 +822,7 @@
- +

originatedBy

diff --git a/v3.0.1-draft/model/Core/Properties/packageVerificationCodeExcludedFile/index.html b/v3.0.1-draft/model/Core/Properties/packageVerificationCodeExcludedFile/index.html index 384e0052ea..0a9cc0d201 100644 --- a/v3.0.1-draft/model/Core/Properties/packageVerificationCodeExcludedFile/index.html +++ b/v3.0.1-draft/model/Core/Properties/packageVerificationCodeExcludedFile/index.html @@ -822,7 +822,7 @@
- +

packageVerificationCodeExcludedFile

diff --git a/v3.0.1-draft/model/Core/Properties/prefix/index.html b/v3.0.1-draft/model/Core/Properties/prefix/index.html index 7be83a7500..28f9095df4 100644 --- a/v3.0.1-draft/model/Core/Properties/prefix/index.html +++ b/v3.0.1-draft/model/Core/Properties/prefix/index.html @@ -822,7 +822,7 @@
- +

prefix

diff --git a/v3.0.1-draft/model/Core/Properties/profileConformance/index.html b/v3.0.1-draft/model/Core/Properties/profileConformance/index.html index daccd6378a..9b73e15d3a 100644 --- a/v3.0.1-draft/model/Core/Properties/profileConformance/index.html +++ b/v3.0.1-draft/model/Core/Properties/profileConformance/index.html @@ -822,7 +822,7 @@
- +

profileConformance

diff --git a/v3.0.1-draft/model/Core/Properties/relationshipType/index.html b/v3.0.1-draft/model/Core/Properties/relationshipType/index.html index 45cf751ee6..3b248234ab 100644 --- a/v3.0.1-draft/model/Core/Properties/relationshipType/index.html +++ b/v3.0.1-draft/model/Core/Properties/relationshipType/index.html @@ -822,7 +822,7 @@
- +

relationshipType

diff --git a/v3.0.1-draft/model/Core/Properties/releaseTime/index.html b/v3.0.1-draft/model/Core/Properties/releaseTime/index.html index 7c4de9a887..2463b1d3eb 100644 --- a/v3.0.1-draft/model/Core/Properties/releaseTime/index.html +++ b/v3.0.1-draft/model/Core/Properties/releaseTime/index.html @@ -822,7 +822,7 @@
- +

releaseTime

diff --git a/v3.0.1-draft/model/Core/Properties/rootElement/index.html b/v3.0.1-draft/model/Core/Properties/rootElement/index.html index 5f2f608341..168e21473c 100644 --- a/v3.0.1-draft/model/Core/Properties/rootElement/index.html +++ b/v3.0.1-draft/model/Core/Properties/rootElement/index.html @@ -822,7 +822,7 @@
- +

rootElement

diff --git a/v3.0.1-draft/model/Core/Properties/scope/index.html b/v3.0.1-draft/model/Core/Properties/scope/index.html index 881e42dbe9..016635e474 100644 --- a/v3.0.1-draft/model/Core/Properties/scope/index.html +++ b/v3.0.1-draft/model/Core/Properties/scope/index.html @@ -822,7 +822,7 @@
- +

scope

diff --git a/v3.0.1-draft/model/Core/Properties/spdxId/index.html b/v3.0.1-draft/model/Core/Properties/spdxId/index.html index 57922dc762..55b1d41543 100644 --- a/v3.0.1-draft/model/Core/Properties/spdxId/index.html +++ b/v3.0.1-draft/model/Core/Properties/spdxId/index.html @@ -822,7 +822,7 @@
- +

spdxId

diff --git a/v3.0.1-draft/model/Core/Properties/specVersion/index.html b/v3.0.1-draft/model/Core/Properties/specVersion/index.html index 10c51fd1a9..2b092ea4c2 100644 --- a/v3.0.1-draft/model/Core/Properties/specVersion/index.html +++ b/v3.0.1-draft/model/Core/Properties/specVersion/index.html @@ -822,7 +822,7 @@
- +

specVersion

diff --git a/v3.0.1-draft/model/Core/Properties/standardName/index.html b/v3.0.1-draft/model/Core/Properties/standardName/index.html index 054891c110..e65ffcdaac 100644 --- a/v3.0.1-draft/model/Core/Properties/standardName/index.html +++ b/v3.0.1-draft/model/Core/Properties/standardName/index.html @@ -822,7 +822,7 @@
- +

standardName

diff --git a/v3.0.1-draft/model/Core/Properties/startTime/index.html b/v3.0.1-draft/model/Core/Properties/startTime/index.html index 8938f15a5f..8778170bc8 100644 --- a/v3.0.1-draft/model/Core/Properties/startTime/index.html +++ b/v3.0.1-draft/model/Core/Properties/startTime/index.html @@ -822,7 +822,7 @@
- +

startTime

diff --git a/v3.0.1-draft/model/Core/Properties/statement/index.html b/v3.0.1-draft/model/Core/Properties/statement/index.html index c504114cb6..66d3e7661b 100644 --- a/v3.0.1-draft/model/Core/Properties/statement/index.html +++ b/v3.0.1-draft/model/Core/Properties/statement/index.html @@ -822,7 +822,7 @@
- +

statement

diff --git a/v3.0.1-draft/model/Core/Properties/subject/index.html b/v3.0.1-draft/model/Core/Properties/subject/index.html index c5352454b9..03fea69652 100644 --- a/v3.0.1-draft/model/Core/Properties/subject/index.html +++ b/v3.0.1-draft/model/Core/Properties/subject/index.html @@ -822,7 +822,7 @@
- +

subject

diff --git a/v3.0.1-draft/model/Core/Properties/summary/index.html b/v3.0.1-draft/model/Core/Properties/summary/index.html index 35a1e9b377..174f6c0327 100644 --- a/v3.0.1-draft/model/Core/Properties/summary/index.html +++ b/v3.0.1-draft/model/Core/Properties/summary/index.html @@ -822,7 +822,7 @@
- +

summary

diff --git a/v3.0.1-draft/model/Core/Properties/suppliedBy/index.html b/v3.0.1-draft/model/Core/Properties/suppliedBy/index.html index 2a93fb47d9..484d4755d9 100644 --- a/v3.0.1-draft/model/Core/Properties/suppliedBy/index.html +++ b/v3.0.1-draft/model/Core/Properties/suppliedBy/index.html @@ -822,7 +822,7 @@
- +

suppliedBy

diff --git a/v3.0.1-draft/model/Core/Properties/supportLevel/index.html b/v3.0.1-draft/model/Core/Properties/supportLevel/index.html index b56a4b86df..a98d4ae07b 100644 --- a/v3.0.1-draft/model/Core/Properties/supportLevel/index.html +++ b/v3.0.1-draft/model/Core/Properties/supportLevel/index.html @@ -822,7 +822,7 @@
- +

supportLevel

diff --git a/v3.0.1-draft/model/Core/Properties/to/index.html b/v3.0.1-draft/model/Core/Properties/to/index.html index c8b32f2504..c92810d004 100644 --- a/v3.0.1-draft/model/Core/Properties/to/index.html +++ b/v3.0.1-draft/model/Core/Properties/to/index.html @@ -822,7 +822,7 @@
- +

to

diff --git a/v3.0.1-draft/model/Core/Properties/validUntilTime/index.html b/v3.0.1-draft/model/Core/Properties/validUntilTime/index.html index cedc6e942e..daecf71e86 100644 --- a/v3.0.1-draft/model/Core/Properties/validUntilTime/index.html +++ b/v3.0.1-draft/model/Core/Properties/validUntilTime/index.html @@ -822,7 +822,7 @@
- +

validUntilTime

diff --git a/v3.0.1-draft/model/Core/Properties/value/index.html b/v3.0.1-draft/model/Core/Properties/value/index.html index 9d11b859da..c707416732 100644 --- a/v3.0.1-draft/model/Core/Properties/value/index.html +++ b/v3.0.1-draft/model/Core/Properties/value/index.html @@ -822,7 +822,7 @@
- +

value

diff --git a/v3.0.1-draft/model/Core/Properties/verifiedUsing/index.html b/v3.0.1-draft/model/Core/Properties/verifiedUsing/index.html index 58dd0a7e60..a2a9b9ac79 100644 --- a/v3.0.1-draft/model/Core/Properties/verifiedUsing/index.html +++ b/v3.0.1-draft/model/Core/Properties/verifiedUsing/index.html @@ -822,7 +822,7 @@
- +

verifiedUsing

diff --git a/v3.0.1-draft/model/Core/Vocabularies/AnnotationType/index.html b/v3.0.1-draft/model/Core/Vocabularies/AnnotationType/index.html index a34d6f8722..f4d78266a6 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/AnnotationType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/AnnotationType/index.html @@ -822,7 +822,7 @@
- +

AnnotationType

diff --git a/v3.0.1-draft/model/Core/Vocabularies/ExternalIdentifierType/index.html b/v3.0.1-draft/model/Core/Vocabularies/ExternalIdentifierType/index.html index d85db72d5b..763f97fe53 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/ExternalIdentifierType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/ExternalIdentifierType/index.html @@ -822,7 +822,7 @@
- +

ExternalIdentifierType

diff --git a/v3.0.1-draft/model/Core/Vocabularies/ExternalRefType/index.html b/v3.0.1-draft/model/Core/Vocabularies/ExternalRefType/index.html index 633b00f316..d0b001d930 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/ExternalRefType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/ExternalRefType/index.html @@ -822,7 +822,7 @@
- +

ExternalRefType

diff --git a/v3.0.1-draft/model/Core/Vocabularies/HashAlgorithm/index.html b/v3.0.1-draft/model/Core/Vocabularies/HashAlgorithm/index.html index 9fc974f16f..13daa5a16b 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/HashAlgorithm/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/HashAlgorithm/index.html @@ -822,7 +822,7 @@
- +

HashAlgorithm

diff --git a/v3.0.1-draft/model/Core/Vocabularies/LifecycleScopeType/index.html b/v3.0.1-draft/model/Core/Vocabularies/LifecycleScopeType/index.html index 43141eebd1..b0d707241d 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/LifecycleScopeType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/LifecycleScopeType/index.html @@ -822,7 +822,7 @@
- +

LifecycleScopeType

diff --git a/v3.0.1-draft/model/Core/Vocabularies/PresenceType/index.html b/v3.0.1-draft/model/Core/Vocabularies/PresenceType/index.html index 578e039e89..b3d5f17b50 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/PresenceType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/PresenceType/index.html @@ -822,7 +822,7 @@
- +

PresenceType

diff --git a/v3.0.1-draft/model/Core/Vocabularies/ProfileIdentifierType/index.html b/v3.0.1-draft/model/Core/Vocabularies/ProfileIdentifierType/index.html index a558e1d7a4..ca2c18f17c 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/ProfileIdentifierType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/ProfileIdentifierType/index.html @@ -822,7 +822,7 @@
- +

ProfileIdentifierType

diff --git a/v3.0.1-draft/model/Core/Vocabularies/RelationshipCompleteness/index.html b/v3.0.1-draft/model/Core/Vocabularies/RelationshipCompleteness/index.html index 010e607fc4..db1fe21061 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/RelationshipCompleteness/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/RelationshipCompleteness/index.html @@ -822,7 +822,7 @@
- +

RelationshipCompleteness

diff --git a/v3.0.1-draft/model/Core/Vocabularies/RelationshipType/index.html b/v3.0.1-draft/model/Core/Vocabularies/RelationshipType/index.html index ec941bc117..4012c09c4a 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/RelationshipType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/RelationshipType/index.html @@ -822,7 +822,7 @@
- +

RelationshipType

diff --git a/v3.0.1-draft/model/Core/Vocabularies/SupportType/index.html b/v3.0.1-draft/model/Core/Vocabularies/SupportType/index.html index 3328b1807b..1db810582c 100644 --- a/v3.0.1-draft/model/Core/Vocabularies/SupportType/index.html +++ b/v3.0.1-draft/model/Core/Vocabularies/SupportType/index.html @@ -822,7 +822,7 @@
- +

SupportType

diff --git a/v3.0.1-draft/model/Dataset/Classes/DatasetPackage/index.html b/v3.0.1-draft/model/Dataset/Classes/DatasetPackage/index.html index 78a5af6988..fa2a515d38 100644 --- a/v3.0.1-draft/model/Dataset/Classes/DatasetPackage/index.html +++ b/v3.0.1-draft/model/Dataset/Classes/DatasetPackage/index.html @@ -828,7 +828,7 @@
- +

DatasetPackage

diff --git a/v3.0.1-draft/model/Dataset/Dataset/index.html b/v3.0.1-draft/model/Dataset/Dataset/index.html index 403aa393c2..8ca3905845 100644 --- a/v3.0.1-draft/model/Dataset/Dataset/index.html +++ b/v3.0.1-draft/model/Dataset/Dataset/index.html @@ -821,7 +821,7 @@
- +

Dataset

diff --git a/v3.0.1-draft/model/Dataset/Properties/anonymizationMethodUsed/index.html b/v3.0.1-draft/model/Dataset/Properties/anonymizationMethodUsed/index.html index 2deac05867..e98b50a900 100644 --- a/v3.0.1-draft/model/Dataset/Properties/anonymizationMethodUsed/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/anonymizationMethodUsed/index.html @@ -822,7 +822,7 @@
- +

anonymizationMethodUsed

diff --git a/v3.0.1-draft/model/Dataset/Properties/confidentialityLevel/index.html b/v3.0.1-draft/model/Dataset/Properties/confidentialityLevel/index.html index 4be0f95f69..83e67253d6 100644 --- a/v3.0.1-draft/model/Dataset/Properties/confidentialityLevel/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/confidentialityLevel/index.html @@ -822,7 +822,7 @@
- +

confidentialityLevel

diff --git a/v3.0.1-draft/model/Dataset/Properties/dataCollectionProcess/index.html b/v3.0.1-draft/model/Dataset/Properties/dataCollectionProcess/index.html index 51209ad948..ebe06f04ff 100644 --- a/v3.0.1-draft/model/Dataset/Properties/dataCollectionProcess/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/dataCollectionProcess/index.html @@ -822,7 +822,7 @@
- +

dataCollectionProcess

diff --git a/v3.0.1-draft/model/Dataset/Properties/dataPreprocessing/index.html b/v3.0.1-draft/model/Dataset/Properties/dataPreprocessing/index.html index 8e68ae7368..617886ba20 100644 --- a/v3.0.1-draft/model/Dataset/Properties/dataPreprocessing/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/dataPreprocessing/index.html @@ -822,7 +822,7 @@
- +

dataPreprocessing

diff --git a/v3.0.1-draft/model/Dataset/Properties/datasetAvailability/index.html b/v3.0.1-draft/model/Dataset/Properties/datasetAvailability/index.html index 0a607a762b..f5058ff545 100644 --- a/v3.0.1-draft/model/Dataset/Properties/datasetAvailability/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/datasetAvailability/index.html @@ -822,7 +822,7 @@
- +

datasetAvailability

diff --git a/v3.0.1-draft/model/Dataset/Properties/datasetNoise/index.html b/v3.0.1-draft/model/Dataset/Properties/datasetNoise/index.html index b6dc774f30..1c95a82a1f 100644 --- a/v3.0.1-draft/model/Dataset/Properties/datasetNoise/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/datasetNoise/index.html @@ -822,7 +822,7 @@
- +

datasetNoise

diff --git a/v3.0.1-draft/model/Dataset/Properties/datasetSize/index.html b/v3.0.1-draft/model/Dataset/Properties/datasetSize/index.html index ac412f53b7..6b22ccc2a0 100644 --- a/v3.0.1-draft/model/Dataset/Properties/datasetSize/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/datasetSize/index.html @@ -822,7 +822,7 @@
- +

datasetSize

diff --git a/v3.0.1-draft/model/Dataset/Properties/datasetType/index.html b/v3.0.1-draft/model/Dataset/Properties/datasetType/index.html index 14e49dc9f0..3bb754ba26 100644 --- a/v3.0.1-draft/model/Dataset/Properties/datasetType/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/datasetType/index.html @@ -822,7 +822,7 @@
- +

datasetType

diff --git a/v3.0.1-draft/model/Dataset/Properties/datasetUpdateMechanism/index.html b/v3.0.1-draft/model/Dataset/Properties/datasetUpdateMechanism/index.html index d04bdc3e0e..29fae709e7 100644 --- a/v3.0.1-draft/model/Dataset/Properties/datasetUpdateMechanism/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/datasetUpdateMechanism/index.html @@ -822,7 +822,7 @@
- +

datasetUpdateMechanism

diff --git a/v3.0.1-draft/model/Dataset/Properties/hasSensitivePersonalInformation/index.html b/v3.0.1-draft/model/Dataset/Properties/hasSensitivePersonalInformation/index.html index d2bce6e0d8..11191beb4a 100644 --- a/v3.0.1-draft/model/Dataset/Properties/hasSensitivePersonalInformation/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/hasSensitivePersonalInformation/index.html @@ -822,7 +822,7 @@
- +

hasSensitivePersonalInformation

diff --git a/v3.0.1-draft/model/Dataset/Properties/intendedUse/index.html b/v3.0.1-draft/model/Dataset/Properties/intendedUse/index.html index 1dd6edbdc9..25389d4f7a 100644 --- a/v3.0.1-draft/model/Dataset/Properties/intendedUse/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/intendedUse/index.html @@ -822,7 +822,7 @@
- +

intendedUse

diff --git a/v3.0.1-draft/model/Dataset/Properties/knownBias/index.html b/v3.0.1-draft/model/Dataset/Properties/knownBias/index.html index 37ca3c38de..9262716bf0 100644 --- a/v3.0.1-draft/model/Dataset/Properties/knownBias/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/knownBias/index.html @@ -822,7 +822,7 @@
- +

knownBias

diff --git a/v3.0.1-draft/model/Dataset/Properties/sensor/index.html b/v3.0.1-draft/model/Dataset/Properties/sensor/index.html index ae65578cab..ea659e73f7 100644 --- a/v3.0.1-draft/model/Dataset/Properties/sensor/index.html +++ b/v3.0.1-draft/model/Dataset/Properties/sensor/index.html @@ -822,7 +822,7 @@
- +

sensor

diff --git a/v3.0.1-draft/model/Dataset/Vocabularies/ConfidentialityLevelType/index.html b/v3.0.1-draft/model/Dataset/Vocabularies/ConfidentialityLevelType/index.html index ef0ae2f494..261669c26b 100644 --- a/v3.0.1-draft/model/Dataset/Vocabularies/ConfidentialityLevelType/index.html +++ b/v3.0.1-draft/model/Dataset/Vocabularies/ConfidentialityLevelType/index.html @@ -822,7 +822,7 @@
- +

ConfidentialityLevelType

diff --git a/v3.0.1-draft/model/Dataset/Vocabularies/DatasetAvailabilityType/index.html b/v3.0.1-draft/model/Dataset/Vocabularies/DatasetAvailabilityType/index.html index 6044291618..06ddca54c4 100644 --- a/v3.0.1-draft/model/Dataset/Vocabularies/DatasetAvailabilityType/index.html +++ b/v3.0.1-draft/model/Dataset/Vocabularies/DatasetAvailabilityType/index.html @@ -822,7 +822,7 @@
- +

DatasetAvailabilityType

diff --git a/v3.0.1-draft/model/Dataset/Vocabularies/DatasetType/index.html b/v3.0.1-draft/model/Dataset/Vocabularies/DatasetType/index.html index 87244b79b0..387e8877ea 100644 --- a/v3.0.1-draft/model/Dataset/Vocabularies/DatasetType/index.html +++ b/v3.0.1-draft/model/Dataset/Vocabularies/DatasetType/index.html @@ -822,7 +822,7 @@
- +

DatasetType

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/ConjunctiveLicenseSet/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/ConjunctiveLicenseSet/index.html index dd0c7f9ebb..356f9288ec 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/ConjunctiveLicenseSet/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/ConjunctiveLicenseSet/index.html @@ -826,7 +826,7 @@
- +

ConjunctiveLicenseSet

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicense/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicense/index.html index ec2b96328b..35a2c8cb74 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicense/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicense/index.html @@ -824,7 +824,7 @@
- +

CustomLicense

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicenseAddition/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicenseAddition/index.html index a0f7e1a717..2152a78308 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicenseAddition/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/CustomLicenseAddition/index.html @@ -824,7 +824,7 @@
- +

CustomLicenseAddition

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/DisjunctiveLicenseSet/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/DisjunctiveLicenseSet/index.html index d89d695395..8c2820786d 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/DisjunctiveLicenseSet/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/DisjunctiveLicenseSet/index.html @@ -826,7 +826,7 @@
- +

DisjunctiveLicenseSet

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/ExtendableLicense/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/ExtendableLicense/index.html index d7d61890ab..17ef6b85c9 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/ExtendableLicense/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/ExtendableLicense/index.html @@ -824,7 +824,7 @@
- +

ExtendableLicense

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/IndividualLicensingInfo/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/IndividualLicensingInfo/index.html index c1cdd1aee8..2d7fc1af10 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/IndividualLicensingInfo/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/IndividualLicensingInfo/index.html @@ -824,7 +824,7 @@
- +

IndividualLicensingInfo

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/License/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/License/index.html index 3014af34d8..3a7e0dbe86 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/License/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/License/index.html @@ -826,7 +826,7 @@
- +

License

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/LicenseAddition/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/LicenseAddition/index.html index d10be27416..0613822031 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/LicenseAddition/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/LicenseAddition/index.html @@ -826,7 +826,7 @@
- +

LicenseAddition

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicense/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicense/index.html index 81f0431947..6664450bee 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicense/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicense/index.html @@ -826,7 +826,7 @@
- +

ListedLicense

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicenseException/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicenseException/index.html index d93fbe5582..72aad9202e 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicenseException/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/ListedLicenseException/index.html @@ -826,7 +826,7 @@
- +

ListedLicenseException

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/OrLaterOperator/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/OrLaterOperator/index.html index 196bd1bddf..c9fd551cb8 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/OrLaterOperator/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/OrLaterOperator/index.html @@ -826,7 +826,7 @@
- +

OrLaterOperator

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Classes/WithAdditionOperator/index.html b/v3.0.1-draft/model/ExpandedLicensing/Classes/WithAdditionOperator/index.html index 352e328ce9..9fbb212d38 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Classes/WithAdditionOperator/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Classes/WithAdditionOperator/index.html @@ -826,7 +826,7 @@
- +

WithAdditionOperator

diff --git a/v3.0.1-draft/model/ExpandedLicensing/ExpandedLicensing/index.html b/v3.0.1-draft/model/ExpandedLicensing/ExpandedLicensing/index.html index 8e78fb51e9..10d4663874 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/ExpandedLicensing/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/ExpandedLicensing/index.html @@ -819,7 +819,7 @@
- +

ExpandedLicensing

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoAssertionLicense/index.html b/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoAssertionLicense/index.html index deaa715593..27011d5fe2 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoAssertionLicense/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoAssertionLicense/index.html @@ -820,7 +820,7 @@
- +

NoAssertionLicense

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoneLicense/index.html b/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoneLicense/index.html index 62f02019a4..1a8171099f 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoneLicense/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Individuals/NoneLicense/index.html @@ -820,7 +820,7 @@
- +

NoneLicense

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/additionText/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/additionText/index.html index 05d6a433e7..2694c31567 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/additionText/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/additionText/index.html @@ -822,7 +822,7 @@
- +

additionText

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/deprecatedVersion/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/deprecatedVersion/index.html index 173b11b46e..02a60082f7 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/deprecatedVersion/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/deprecatedVersion/index.html @@ -822,7 +822,7 @@
- +

deprecatedVersion

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedAdditionId/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedAdditionId/index.html index a6a668b9e2..c610e853d3 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedAdditionId/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedAdditionId/index.html @@ -822,7 +822,7 @@
- +

isDeprecatedAdditionId

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedLicenseId/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedLicenseId/index.html index bd2478b8ba..8bc02c7ff1 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedLicenseId/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/isDeprecatedLicenseId/index.html @@ -822,7 +822,7 @@
- +

isDeprecatedLicenseId

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/isFsfLibre/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/isFsfLibre/index.html index 5c2379adca..f8c600ec10 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/isFsfLibre/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/isFsfLibre/index.html @@ -822,7 +822,7 @@
- +

isFsfLibre

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/isOsiApproved/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/isOsiApproved/index.html index 288695e573..164752009a 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/isOsiApproved/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/isOsiApproved/index.html @@ -822,7 +822,7 @@
- +

isOsiApproved

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/licenseXml/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/licenseXml/index.html index f1299a3867..3bb299bf8c 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/licenseXml/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/licenseXml/index.html @@ -822,7 +822,7 @@
- +

licenseXml

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/listVersionAdded/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/listVersionAdded/index.html index 887642950e..f97038811c 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/listVersionAdded/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/listVersionAdded/index.html @@ -822,7 +822,7 @@
- +

listVersionAdded

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/member/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/member/index.html index 96b3513e9a..591a18a982 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/member/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/member/index.html @@ -822,7 +822,7 @@
- +

member

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/obsoletedBy/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/obsoletedBy/index.html index 13cdf3b778..03ec8f5dde 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/obsoletedBy/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/obsoletedBy/index.html @@ -822,7 +822,7 @@
- +

obsoletedBy

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/seeAlso/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/seeAlso/index.html index 11f9c49e0a..efc04af992 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/seeAlso/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/seeAlso/index.html @@ -822,7 +822,7 @@
- +

seeAlso

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/standardAdditionTemplate/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/standardAdditionTemplate/index.html index 0d8494c016..bca7261dfc 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/standardAdditionTemplate/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/standardAdditionTemplate/index.html @@ -822,7 +822,7 @@
- +

standardAdditionTemplate

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseHeader/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseHeader/index.html index 9c34e46b85..530ac64974 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseHeader/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseHeader/index.html @@ -822,7 +822,7 @@
- +

standardLicenseHeader

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseTemplate/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseTemplate/index.html index f80f639cce..efe2ef2342 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseTemplate/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/standardLicenseTemplate/index.html @@ -822,7 +822,7 @@
- +

standardLicenseTemplate

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectAddition/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectAddition/index.html index bbc707ff06..610511f15a 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectAddition/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectAddition/index.html @@ -822,7 +822,7 @@
- +

subjectAddition

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectExtendableLicense/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectExtendableLicense/index.html index 57c25f2b6a..4f9f5ecbcb 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectExtendableLicense/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectExtendableLicense/index.html @@ -822,7 +822,7 @@
- +

subjectExtendableLicense

diff --git a/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectLicense/index.html b/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectLicense/index.html index 1e9f90b162..74769f0512 100644 --- a/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectLicense/index.html +++ b/v3.0.1-draft/model/ExpandedLicensing/Properties/subjectLicense/index.html @@ -822,7 +822,7 @@
- +

subjectLicense

diff --git a/v3.0.1-draft/model/Extension/Classes/CdxPropertiesExtension/index.html b/v3.0.1-draft/model/Extension/Classes/CdxPropertiesExtension/index.html index fc89f36b0e..13ee4604cd 100644 --- a/v3.0.1-draft/model/Extension/Classes/CdxPropertiesExtension/index.html +++ b/v3.0.1-draft/model/Extension/Classes/CdxPropertiesExtension/index.html @@ -826,7 +826,7 @@
- +

CdxPropertiesExtension

diff --git a/v3.0.1-draft/model/Extension/Classes/CdxPropertyEntry/index.html b/v3.0.1-draft/model/Extension/Classes/CdxPropertyEntry/index.html index f1fcb7547e..32c3e0db96 100644 --- a/v3.0.1-draft/model/Extension/Classes/CdxPropertyEntry/index.html +++ b/v3.0.1-draft/model/Extension/Classes/CdxPropertyEntry/index.html @@ -824,7 +824,7 @@
- +

CdxPropertyEntry

diff --git a/v3.0.1-draft/model/Extension/Classes/Extension/index.html b/v3.0.1-draft/model/Extension/Classes/Extension/index.html index 5fb540b488..4808e1ccc5 100644 --- a/v3.0.1-draft/model/Extension/Classes/Extension/index.html +++ b/v3.0.1-draft/model/Extension/Classes/Extension/index.html @@ -820,7 +820,7 @@
- +

Extension

diff --git a/v3.0.1-draft/model/Extension/Extension/index.html b/v3.0.1-draft/model/Extension/Extension/index.html index 6d3376f4c7..e95053545a 100644 --- a/v3.0.1-draft/model/Extension/Extension/index.html +++ b/v3.0.1-draft/model/Extension/Extension/index.html @@ -819,7 +819,7 @@
- +

Extension

diff --git a/v3.0.1-draft/model/Extension/Properties/cdxPropName/index.html b/v3.0.1-draft/model/Extension/Properties/cdxPropName/index.html index 1ae6abac61..33c0e6d25b 100644 --- a/v3.0.1-draft/model/Extension/Properties/cdxPropName/index.html +++ b/v3.0.1-draft/model/Extension/Properties/cdxPropName/index.html @@ -822,7 +822,7 @@
- +

cdxPropName

diff --git a/v3.0.1-draft/model/Extension/Properties/cdxPropValue/index.html b/v3.0.1-draft/model/Extension/Properties/cdxPropValue/index.html index 9f0dc3750e..21151e13b1 100644 --- a/v3.0.1-draft/model/Extension/Properties/cdxPropValue/index.html +++ b/v3.0.1-draft/model/Extension/Properties/cdxPropValue/index.html @@ -822,7 +822,7 @@
- +

cdxPropValue

diff --git a/v3.0.1-draft/model/Extension/Properties/cdxProperty/index.html b/v3.0.1-draft/model/Extension/Properties/cdxProperty/index.html index b9d053f52e..d6804781ea 100644 --- a/v3.0.1-draft/model/Extension/Properties/cdxProperty/index.html +++ b/v3.0.1-draft/model/Extension/Properties/cdxProperty/index.html @@ -822,7 +822,7 @@
- +

cdxProperty

diff --git a/v3.0.1-draft/model/Licensing/Licensing/index.html b/v3.0.1-draft/model/Licensing/Licensing/index.html index f400515c6d..a763ac6431 100644 --- a/v3.0.1-draft/model/Licensing/Licensing/index.html +++ b/v3.0.1-draft/model/Licensing/Licensing/index.html @@ -821,7 +821,7 @@
- +

Licensing

diff --git a/v3.0.1-draft/model/Lite/Lite/index.html b/v3.0.1-draft/model/Lite/Lite/index.html index 647b18d8cd..38a4770564 100644 --- a/v3.0.1-draft/model/Lite/Lite/index.html +++ b/v3.0.1-draft/model/Lite/Lite/index.html @@ -821,7 +821,7 @@
- +

Lite

diff --git a/v3.0.1-draft/model/Security/Classes/CvssV2VulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/CvssV2VulnAssessmentRelationship/index.html index aa2d0d3dbd..82d0c168d9 100644 --- a/v3.0.1-draft/model/Security/Classes/CvssV2VulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/CvssV2VulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

CvssV2VulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/CvssV3VulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/CvssV3VulnAssessmentRelationship/index.html index ae2646ed40..5d0fc40024 100644 --- a/v3.0.1-draft/model/Security/Classes/CvssV3VulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/CvssV3VulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

CvssV3VulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/CvssV4VulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/CvssV4VulnAssessmentRelationship/index.html index d1f652780b..570362690b 100644 --- a/v3.0.1-draft/model/Security/Classes/CvssV4VulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/CvssV4VulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

CvssV4VulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/EpssVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/EpssVulnAssessmentRelationship/index.html index df2c96c302..991501f5e9 100644 --- a/v3.0.1-draft/model/Security/Classes/EpssVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/EpssVulnAssessmentRelationship/index.html @@ -828,7 +828,7 @@
- +

EpssVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/ExploitCatalogVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/ExploitCatalogVulnAssessmentRelationship/index.html index d06fbdeca4..83fcc716d0 100644 --- a/v3.0.1-draft/model/Security/Classes/ExploitCatalogVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/ExploitCatalogVulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

ExploitCatalogVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/SsvcVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/SsvcVulnAssessmentRelationship/index.html index b245c9cdf2..7079ae0556 100644 --- a/v3.0.1-draft/model/Security/Classes/SsvcVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/SsvcVulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

SsvcVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/VexAffectedVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/VexAffectedVulnAssessmentRelationship/index.html index f96f4ca382..3788d86c18 100644 --- a/v3.0.1-draft/model/Security/Classes/VexAffectedVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/VexAffectedVulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

VexAffectedVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/VexFixedVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/VexFixedVulnAssessmentRelationship/index.html index 677ab0c91b..fbc0ba9fa7 100644 --- a/v3.0.1-draft/model/Security/Classes/VexFixedVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/VexFixedVulnAssessmentRelationship/index.html @@ -824,7 +824,7 @@
- +

VexFixedVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/VexNotAffectedVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/VexNotAffectedVulnAssessmentRelationship/index.html index f5e8aa5b38..638b94f626 100644 --- a/v3.0.1-draft/model/Security/Classes/VexNotAffectedVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/VexNotAffectedVulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

VexNotAffectedVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/VexUnderInvestigationVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/VexUnderInvestigationVulnAssessmentRelationship/index.html index df1325ad61..8d89f4ba79 100644 --- a/v3.0.1-draft/model/Security/Classes/VexUnderInvestigationVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/VexUnderInvestigationVulnAssessmentRelationship/index.html @@ -824,7 +824,7 @@
- +

VexUnderInvestigationVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/VexVulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/VexVulnAssessmentRelationship/index.html index 2143535497..7038b52f9e 100644 --- a/v3.0.1-draft/model/Security/Classes/VexVulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/VexVulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

VexVulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/VulnAssessmentRelationship/index.html b/v3.0.1-draft/model/Security/Classes/VulnAssessmentRelationship/index.html index 69543e932b..2b6676c0b0 100644 --- a/v3.0.1-draft/model/Security/Classes/VulnAssessmentRelationship/index.html +++ b/v3.0.1-draft/model/Security/Classes/VulnAssessmentRelationship/index.html @@ -826,7 +826,7 @@
- +

VulnAssessmentRelationship

diff --git a/v3.0.1-draft/model/Security/Classes/Vulnerability/index.html b/v3.0.1-draft/model/Security/Classes/Vulnerability/index.html index c81eaea9e7..c61d429097 100644 --- a/v3.0.1-draft/model/Security/Classes/Vulnerability/index.html +++ b/v3.0.1-draft/model/Security/Classes/Vulnerability/index.html @@ -826,7 +826,7 @@
- +

Vulnerability

diff --git a/v3.0.1-draft/model/Security/Properties/actionStatement/index.html b/v3.0.1-draft/model/Security/Properties/actionStatement/index.html index d01528cefc..21cdf9b87a 100644 --- a/v3.0.1-draft/model/Security/Properties/actionStatement/index.html +++ b/v3.0.1-draft/model/Security/Properties/actionStatement/index.html @@ -822,7 +822,7 @@
- +

actionStatement

diff --git a/v3.0.1-draft/model/Security/Properties/actionStatementTime/index.html b/v3.0.1-draft/model/Security/Properties/actionStatementTime/index.html index 5d97b62a2f..12442b0885 100644 --- a/v3.0.1-draft/model/Security/Properties/actionStatementTime/index.html +++ b/v3.0.1-draft/model/Security/Properties/actionStatementTime/index.html @@ -822,7 +822,7 @@
- +

actionStatementTime

diff --git a/v3.0.1-draft/model/Security/Properties/assessedElement/index.html b/v3.0.1-draft/model/Security/Properties/assessedElement/index.html index 3d33e71b3c..bbb8fce7ec 100644 --- a/v3.0.1-draft/model/Security/Properties/assessedElement/index.html +++ b/v3.0.1-draft/model/Security/Properties/assessedElement/index.html @@ -822,7 +822,7 @@
- +

assessedElement

diff --git a/v3.0.1-draft/model/Security/Properties/catalogType/index.html b/v3.0.1-draft/model/Security/Properties/catalogType/index.html index 826c383bbd..2b435ce604 100644 --- a/v3.0.1-draft/model/Security/Properties/catalogType/index.html +++ b/v3.0.1-draft/model/Security/Properties/catalogType/index.html @@ -822,7 +822,7 @@
- +

catalogType

diff --git a/v3.0.1-draft/model/Security/Properties/decisionType/index.html b/v3.0.1-draft/model/Security/Properties/decisionType/index.html index dd761b82b5..b0b8778c9f 100644 --- a/v3.0.1-draft/model/Security/Properties/decisionType/index.html +++ b/v3.0.1-draft/model/Security/Properties/decisionType/index.html @@ -822,7 +822,7 @@
- +

decisionType

diff --git a/v3.0.1-draft/model/Security/Properties/exploited/index.html b/v3.0.1-draft/model/Security/Properties/exploited/index.html index f3cfe3f073..fcf3254afa 100644 --- a/v3.0.1-draft/model/Security/Properties/exploited/index.html +++ b/v3.0.1-draft/model/Security/Properties/exploited/index.html @@ -822,7 +822,7 @@
- +

exploited

diff --git a/v3.0.1-draft/model/Security/Properties/impactStatement/index.html b/v3.0.1-draft/model/Security/Properties/impactStatement/index.html index d121a335dd..ee7b0ab50d 100644 --- a/v3.0.1-draft/model/Security/Properties/impactStatement/index.html +++ b/v3.0.1-draft/model/Security/Properties/impactStatement/index.html @@ -822,7 +822,7 @@
- +

impactStatement

diff --git a/v3.0.1-draft/model/Security/Properties/impactStatementTime/index.html b/v3.0.1-draft/model/Security/Properties/impactStatementTime/index.html index e6d534b313..e4ca2e4b8c 100644 --- a/v3.0.1-draft/model/Security/Properties/impactStatementTime/index.html +++ b/v3.0.1-draft/model/Security/Properties/impactStatementTime/index.html @@ -822,7 +822,7 @@
- +

impactStatementTime

diff --git a/v3.0.1-draft/model/Security/Properties/justificationType/index.html b/v3.0.1-draft/model/Security/Properties/justificationType/index.html index bf8451831d..32889e8ef4 100644 --- a/v3.0.1-draft/model/Security/Properties/justificationType/index.html +++ b/v3.0.1-draft/model/Security/Properties/justificationType/index.html @@ -822,7 +822,7 @@
- +

justificationType

diff --git a/v3.0.1-draft/model/Security/Properties/locator/index.html b/v3.0.1-draft/model/Security/Properties/locator/index.html index c255c2b108..43a46c9b6a 100644 --- a/v3.0.1-draft/model/Security/Properties/locator/index.html +++ b/v3.0.1-draft/model/Security/Properties/locator/index.html @@ -822,7 +822,7 @@
- +

locator

diff --git a/v3.0.1-draft/model/Security/Properties/modifiedTime/index.html b/v3.0.1-draft/model/Security/Properties/modifiedTime/index.html index b735f913cc..c27a6c649a 100644 --- a/v3.0.1-draft/model/Security/Properties/modifiedTime/index.html +++ b/v3.0.1-draft/model/Security/Properties/modifiedTime/index.html @@ -822,7 +822,7 @@
- +

modifiedTime

diff --git a/v3.0.1-draft/model/Security/Properties/percentile/index.html b/v3.0.1-draft/model/Security/Properties/percentile/index.html index 48f6c32169..db6c861a90 100644 --- a/v3.0.1-draft/model/Security/Properties/percentile/index.html +++ b/v3.0.1-draft/model/Security/Properties/percentile/index.html @@ -822,7 +822,7 @@
- +

percentile

diff --git a/v3.0.1-draft/model/Security/Properties/probability/index.html b/v3.0.1-draft/model/Security/Properties/probability/index.html index 0f4dddc8aa..125d0b945b 100644 --- a/v3.0.1-draft/model/Security/Properties/probability/index.html +++ b/v3.0.1-draft/model/Security/Properties/probability/index.html @@ -822,7 +822,7 @@
- +

probability

diff --git a/v3.0.1-draft/model/Security/Properties/publishedTime/index.html b/v3.0.1-draft/model/Security/Properties/publishedTime/index.html index 0751b918c6..3fd5ee8850 100644 --- a/v3.0.1-draft/model/Security/Properties/publishedTime/index.html +++ b/v3.0.1-draft/model/Security/Properties/publishedTime/index.html @@ -822,7 +822,7 @@
- +

publishedTime

diff --git a/v3.0.1-draft/model/Security/Properties/score/index.html b/v3.0.1-draft/model/Security/Properties/score/index.html index df3e2f71f1..00d44a9d1a 100644 --- a/v3.0.1-draft/model/Security/Properties/score/index.html +++ b/v3.0.1-draft/model/Security/Properties/score/index.html @@ -822,7 +822,7 @@
- +

score

diff --git a/v3.0.1-draft/model/Security/Properties/severity/index.html b/v3.0.1-draft/model/Security/Properties/severity/index.html index 5fbc7b1f7b..e93192b1c7 100644 --- a/v3.0.1-draft/model/Security/Properties/severity/index.html +++ b/v3.0.1-draft/model/Security/Properties/severity/index.html @@ -822,7 +822,7 @@
- +

severity

diff --git a/v3.0.1-draft/model/Security/Properties/statusNotes/index.html b/v3.0.1-draft/model/Security/Properties/statusNotes/index.html index 640c67bd03..554c49b529 100644 --- a/v3.0.1-draft/model/Security/Properties/statusNotes/index.html +++ b/v3.0.1-draft/model/Security/Properties/statusNotes/index.html @@ -822,7 +822,7 @@
- +

statusNotes

diff --git a/v3.0.1-draft/model/Security/Properties/vectorString/index.html b/v3.0.1-draft/model/Security/Properties/vectorString/index.html index 4b906b3b3c..a9f563b59c 100644 --- a/v3.0.1-draft/model/Security/Properties/vectorString/index.html +++ b/v3.0.1-draft/model/Security/Properties/vectorString/index.html @@ -822,7 +822,7 @@
- +

vectorString

diff --git a/v3.0.1-draft/model/Security/Properties/vexVersion/index.html b/v3.0.1-draft/model/Security/Properties/vexVersion/index.html index 622a31578a..af92eb49f2 100644 --- a/v3.0.1-draft/model/Security/Properties/vexVersion/index.html +++ b/v3.0.1-draft/model/Security/Properties/vexVersion/index.html @@ -822,7 +822,7 @@
- +

vexVersion

diff --git a/v3.0.1-draft/model/Security/Properties/withdrawnTime/index.html b/v3.0.1-draft/model/Security/Properties/withdrawnTime/index.html index 46d18556d3..dfa36a7be3 100644 --- a/v3.0.1-draft/model/Security/Properties/withdrawnTime/index.html +++ b/v3.0.1-draft/model/Security/Properties/withdrawnTime/index.html @@ -822,7 +822,7 @@
- +

withdrawnTime

diff --git a/v3.0.1-draft/model/Security/Security/index.html b/v3.0.1-draft/model/Security/Security/index.html index 56bd7289d5..2b3abc9949 100644 --- a/v3.0.1-draft/model/Security/Security/index.html +++ b/v3.0.1-draft/model/Security/Security/index.html @@ -819,7 +819,7 @@
- +

Security

diff --git a/v3.0.1-draft/model/Security/Vocabularies/CvssSeverityType/index.html b/v3.0.1-draft/model/Security/Vocabularies/CvssSeverityType/index.html index 7607616ebb..947b4b360c 100644 --- a/v3.0.1-draft/model/Security/Vocabularies/CvssSeverityType/index.html +++ b/v3.0.1-draft/model/Security/Vocabularies/CvssSeverityType/index.html @@ -822,7 +822,7 @@
- +

CvssSeverityType

diff --git a/v3.0.1-draft/model/Security/Vocabularies/ExploitCatalogType/index.html b/v3.0.1-draft/model/Security/Vocabularies/ExploitCatalogType/index.html index 0ff6bfaca3..0f6bac638b 100644 --- a/v3.0.1-draft/model/Security/Vocabularies/ExploitCatalogType/index.html +++ b/v3.0.1-draft/model/Security/Vocabularies/ExploitCatalogType/index.html @@ -822,7 +822,7 @@
- +

ExploitCatalogType

diff --git a/v3.0.1-draft/model/Security/Vocabularies/SsvcDecisionType/index.html b/v3.0.1-draft/model/Security/Vocabularies/SsvcDecisionType/index.html index c7530c58cf..6e1d8843f9 100644 --- a/v3.0.1-draft/model/Security/Vocabularies/SsvcDecisionType/index.html +++ b/v3.0.1-draft/model/Security/Vocabularies/SsvcDecisionType/index.html @@ -822,7 +822,7 @@
- +

SsvcDecisionType

diff --git a/v3.0.1-draft/model/Security/Vocabularies/VexJustificationType/index.html b/v3.0.1-draft/model/Security/Vocabularies/VexJustificationType/index.html index 599f39b526..d022cef216 100644 --- a/v3.0.1-draft/model/Security/Vocabularies/VexJustificationType/index.html +++ b/v3.0.1-draft/model/Security/Vocabularies/VexJustificationType/index.html @@ -822,7 +822,7 @@
- +

VexJustificationType

diff --git a/v3.0.1-draft/model/SimpleLicensing/Classes/AnyLicenseInfo/index.html b/v3.0.1-draft/model/SimpleLicensing/Classes/AnyLicenseInfo/index.html index e273ff95b3..7ade9d5fb2 100644 --- a/v3.0.1-draft/model/SimpleLicensing/Classes/AnyLicenseInfo/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/Classes/AnyLicenseInfo/index.html @@ -824,7 +824,7 @@
- +

AnyLicenseInfo

diff --git a/v3.0.1-draft/model/SimpleLicensing/Classes/LicenseExpression/index.html b/v3.0.1-draft/model/SimpleLicensing/Classes/LicenseExpression/index.html index 5e1c31522a..a6703d7a8b 100644 --- a/v3.0.1-draft/model/SimpleLicensing/Classes/LicenseExpression/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/Classes/LicenseExpression/index.html @@ -826,7 +826,7 @@
- +

LicenseExpression

diff --git a/v3.0.1-draft/model/SimpleLicensing/Classes/SimpleLicensingText/index.html b/v3.0.1-draft/model/SimpleLicensing/Classes/SimpleLicensingText/index.html index 54d20b37d2..bea9bb975e 100644 --- a/v3.0.1-draft/model/SimpleLicensing/Classes/SimpleLicensingText/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/Classes/SimpleLicensingText/index.html @@ -826,7 +826,7 @@
- +

SimpleLicensingText

diff --git a/v3.0.1-draft/model/SimpleLicensing/Properties/customIdToUri/index.html b/v3.0.1-draft/model/SimpleLicensing/Properties/customIdToUri/index.html index 8e4de0a52d..87073b1155 100644 --- a/v3.0.1-draft/model/SimpleLicensing/Properties/customIdToUri/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/Properties/customIdToUri/index.html @@ -822,7 +822,7 @@
- +

customIdToUri

diff --git a/v3.0.1-draft/model/SimpleLicensing/Properties/licenseExpression/index.html b/v3.0.1-draft/model/SimpleLicensing/Properties/licenseExpression/index.html index 1c3ccd5112..30fe3e8774 100644 --- a/v3.0.1-draft/model/SimpleLicensing/Properties/licenseExpression/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/Properties/licenseExpression/index.html @@ -822,7 +822,7 @@
- +

licenseExpression

diff --git a/v3.0.1-draft/model/SimpleLicensing/Properties/licenseListVersion/index.html b/v3.0.1-draft/model/SimpleLicensing/Properties/licenseListVersion/index.html index 3404fcac36..ad0d533187 100644 --- a/v3.0.1-draft/model/SimpleLicensing/Properties/licenseListVersion/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/Properties/licenseListVersion/index.html @@ -822,7 +822,7 @@
- +

licenseListVersion

diff --git a/v3.0.1-draft/model/SimpleLicensing/Properties/licenseText/index.html b/v3.0.1-draft/model/SimpleLicensing/Properties/licenseText/index.html index ab1852eb6f..131f7f9885 100644 --- a/v3.0.1-draft/model/SimpleLicensing/Properties/licenseText/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/Properties/licenseText/index.html @@ -822,7 +822,7 @@
- +

licenseText

diff --git a/v3.0.1-draft/model/SimpleLicensing/SimpleLicensing/index.html b/v3.0.1-draft/model/SimpleLicensing/SimpleLicensing/index.html index 7beba1479b..48df236aec 100644 --- a/v3.0.1-draft/model/SimpleLicensing/SimpleLicensing/index.html +++ b/v3.0.1-draft/model/SimpleLicensing/SimpleLicensing/index.html @@ -819,7 +819,7 @@
- +

SimpleLicensing

diff --git a/v3.0.1-draft/model/Software/Classes/ContentIdentifier/index.html b/v3.0.1-draft/model/Software/Classes/ContentIdentifier/index.html index a125d5373e..04fef6cb14 100644 --- a/v3.0.1-draft/model/Software/Classes/ContentIdentifier/index.html +++ b/v3.0.1-draft/model/Software/Classes/ContentIdentifier/index.html @@ -826,7 +826,7 @@
- +

ContentIdentifier

diff --git a/v3.0.1-draft/model/Software/Classes/File/index.html b/v3.0.1-draft/model/Software/Classes/File/index.html index c0cc07b6ec..41d369d676 100644 --- a/v3.0.1-draft/model/Software/Classes/File/index.html +++ b/v3.0.1-draft/model/Software/Classes/File/index.html @@ -828,7 +828,7 @@
- +

File

diff --git a/v3.0.1-draft/model/Software/Classes/Package/index.html b/v3.0.1-draft/model/Software/Classes/Package/index.html index a4daad8078..9f2cd1e6f4 100644 --- a/v3.0.1-draft/model/Software/Classes/Package/index.html +++ b/v3.0.1-draft/model/Software/Classes/Package/index.html @@ -828,7 +828,7 @@
- +

Package

diff --git a/v3.0.1-draft/model/Software/Classes/Sbom/index.html b/v3.0.1-draft/model/Software/Classes/Sbom/index.html index 50d401a81f..2cb3c638f5 100644 --- a/v3.0.1-draft/model/Software/Classes/Sbom/index.html +++ b/v3.0.1-draft/model/Software/Classes/Sbom/index.html @@ -826,7 +826,7 @@
- +

Sbom

diff --git a/v3.0.1-draft/model/Software/Classes/Snippet/index.html b/v3.0.1-draft/model/Software/Classes/Snippet/index.html index 0c8d094331..024cc868a2 100644 --- a/v3.0.1-draft/model/Software/Classes/Snippet/index.html +++ b/v3.0.1-draft/model/Software/Classes/Snippet/index.html @@ -826,7 +826,7 @@
- +

Snippet

diff --git a/v3.0.1-draft/model/Software/Classes/SoftwareArtifact/index.html b/v3.0.1-draft/model/Software/Classes/SoftwareArtifact/index.html index 6c1ebdf0ee..91d8cae2a1 100644 --- a/v3.0.1-draft/model/Software/Classes/SoftwareArtifact/index.html +++ b/v3.0.1-draft/model/Software/Classes/SoftwareArtifact/index.html @@ -826,7 +826,7 @@
- +

SoftwareArtifact

diff --git a/v3.0.1-draft/model/Software/Properties/additionalPurpose/index.html b/v3.0.1-draft/model/Software/Properties/additionalPurpose/index.html index 248d79b40a..88c1293898 100644 --- a/v3.0.1-draft/model/Software/Properties/additionalPurpose/index.html +++ b/v3.0.1-draft/model/Software/Properties/additionalPurpose/index.html @@ -822,7 +822,7 @@
- +

additionalPurpose

diff --git a/v3.0.1-draft/model/Software/Properties/attributionText/index.html b/v3.0.1-draft/model/Software/Properties/attributionText/index.html index 26c92ba8bf..a764271005 100644 --- a/v3.0.1-draft/model/Software/Properties/attributionText/index.html +++ b/v3.0.1-draft/model/Software/Properties/attributionText/index.html @@ -822,7 +822,7 @@
- +

attributionText

diff --git a/v3.0.1-draft/model/Software/Properties/byteRange/index.html b/v3.0.1-draft/model/Software/Properties/byteRange/index.html index 69c08a38ce..40e5233854 100644 --- a/v3.0.1-draft/model/Software/Properties/byteRange/index.html +++ b/v3.0.1-draft/model/Software/Properties/byteRange/index.html @@ -822,7 +822,7 @@
- +

byteRange

diff --git a/v3.0.1-draft/model/Software/Properties/contentIdentifier/index.html b/v3.0.1-draft/model/Software/Properties/contentIdentifier/index.html index 664eff580b..806257c4c2 100644 --- a/v3.0.1-draft/model/Software/Properties/contentIdentifier/index.html +++ b/v3.0.1-draft/model/Software/Properties/contentIdentifier/index.html @@ -822,7 +822,7 @@
- +

contentIdentifier

diff --git a/v3.0.1-draft/model/Software/Properties/contentIdentifierType/index.html b/v3.0.1-draft/model/Software/Properties/contentIdentifierType/index.html index 2f1a4ade09..302088f69a 100644 --- a/v3.0.1-draft/model/Software/Properties/contentIdentifierType/index.html +++ b/v3.0.1-draft/model/Software/Properties/contentIdentifierType/index.html @@ -822,7 +822,7 @@
- +

contentIdentifierType

diff --git a/v3.0.1-draft/model/Software/Properties/contentIdentifierValue/index.html b/v3.0.1-draft/model/Software/Properties/contentIdentifierValue/index.html index 815c3aac9e..e1b92b8e19 100644 --- a/v3.0.1-draft/model/Software/Properties/contentIdentifierValue/index.html +++ b/v3.0.1-draft/model/Software/Properties/contentIdentifierValue/index.html @@ -822,7 +822,7 @@
- +

contentIdentifierValue

diff --git a/v3.0.1-draft/model/Software/Properties/copyrightText/index.html b/v3.0.1-draft/model/Software/Properties/copyrightText/index.html index f8404cfc75..d7c3a86757 100644 --- a/v3.0.1-draft/model/Software/Properties/copyrightText/index.html +++ b/v3.0.1-draft/model/Software/Properties/copyrightText/index.html @@ -822,7 +822,7 @@
- +

copyrightText

diff --git a/v3.0.1-draft/model/Software/Properties/downloadLocation/index.html b/v3.0.1-draft/model/Software/Properties/downloadLocation/index.html index ea8c720fce..e557c25eee 100644 --- a/v3.0.1-draft/model/Software/Properties/downloadLocation/index.html +++ b/v3.0.1-draft/model/Software/Properties/downloadLocation/index.html @@ -822,7 +822,7 @@
- +

downloadLocation

diff --git a/v3.0.1-draft/model/Software/Properties/fileKind/index.html b/v3.0.1-draft/model/Software/Properties/fileKind/index.html index de51d87fca..e02f6090f4 100644 --- a/v3.0.1-draft/model/Software/Properties/fileKind/index.html +++ b/v3.0.1-draft/model/Software/Properties/fileKind/index.html @@ -822,7 +822,7 @@
- +

fileKind

diff --git a/v3.0.1-draft/model/Software/Properties/homePage/index.html b/v3.0.1-draft/model/Software/Properties/homePage/index.html index facb3fa034..71dcd2d98c 100644 --- a/v3.0.1-draft/model/Software/Properties/homePage/index.html +++ b/v3.0.1-draft/model/Software/Properties/homePage/index.html @@ -822,7 +822,7 @@
- +

homePage

diff --git a/v3.0.1-draft/model/Software/Properties/lineRange/index.html b/v3.0.1-draft/model/Software/Properties/lineRange/index.html index 3ff8b981f6..dc3f8939b7 100644 --- a/v3.0.1-draft/model/Software/Properties/lineRange/index.html +++ b/v3.0.1-draft/model/Software/Properties/lineRange/index.html @@ -822,7 +822,7 @@
- +

lineRange

diff --git a/v3.0.1-draft/model/Software/Properties/packageUrl/index.html b/v3.0.1-draft/model/Software/Properties/packageUrl/index.html index 034cfb5a12..1fa8a3ba04 100644 --- a/v3.0.1-draft/model/Software/Properties/packageUrl/index.html +++ b/v3.0.1-draft/model/Software/Properties/packageUrl/index.html @@ -822,7 +822,7 @@
- +

packageUrl

diff --git a/v3.0.1-draft/model/Software/Properties/packageVersion/index.html b/v3.0.1-draft/model/Software/Properties/packageVersion/index.html index b38bfc3d54..171cbdafda 100644 --- a/v3.0.1-draft/model/Software/Properties/packageVersion/index.html +++ b/v3.0.1-draft/model/Software/Properties/packageVersion/index.html @@ -822,7 +822,7 @@
- +

packageVersion

diff --git a/v3.0.1-draft/model/Software/Properties/primaryPurpose/index.html b/v3.0.1-draft/model/Software/Properties/primaryPurpose/index.html index 2d06f362be..6ac91155dc 100644 --- a/v3.0.1-draft/model/Software/Properties/primaryPurpose/index.html +++ b/v3.0.1-draft/model/Software/Properties/primaryPurpose/index.html @@ -822,7 +822,7 @@
- +

primaryPurpose

diff --git a/v3.0.1-draft/model/Software/Properties/sbomType/index.html b/v3.0.1-draft/model/Software/Properties/sbomType/index.html index e4c1cac3e2..4a639f8329 100644 --- a/v3.0.1-draft/model/Software/Properties/sbomType/index.html +++ b/v3.0.1-draft/model/Software/Properties/sbomType/index.html @@ -822,7 +822,7 @@
- +

sbomType

diff --git a/v3.0.1-draft/model/Software/Properties/snippetFromFile/index.html b/v3.0.1-draft/model/Software/Properties/snippetFromFile/index.html index 24bb5ed6f2..b2918aea72 100644 --- a/v3.0.1-draft/model/Software/Properties/snippetFromFile/index.html +++ b/v3.0.1-draft/model/Software/Properties/snippetFromFile/index.html @@ -822,7 +822,7 @@
- +

snippetFromFile

diff --git a/v3.0.1-draft/model/Software/Properties/sourceInfo/index.html b/v3.0.1-draft/model/Software/Properties/sourceInfo/index.html index 34f44ea9fc..459c3711f9 100644 --- a/v3.0.1-draft/model/Software/Properties/sourceInfo/index.html +++ b/v3.0.1-draft/model/Software/Properties/sourceInfo/index.html @@ -822,7 +822,7 @@
- +

sourceInfo

diff --git a/v3.0.1-draft/model/Software/Software/index.html b/v3.0.1-draft/model/Software/Software/index.html index 365b5fd1b3..d426b51e53 100644 --- a/v3.0.1-draft/model/Software/Software/index.html +++ b/v3.0.1-draft/model/Software/Software/index.html @@ -819,7 +819,7 @@
- +

Software

diff --git a/v3.0.1-draft/model/Software/Vocabularies/ContentIdentifierType/index.html b/v3.0.1-draft/model/Software/Vocabularies/ContentIdentifierType/index.html index c60c7c9493..d722ed3652 100644 --- a/v3.0.1-draft/model/Software/Vocabularies/ContentIdentifierType/index.html +++ b/v3.0.1-draft/model/Software/Vocabularies/ContentIdentifierType/index.html @@ -822,7 +822,7 @@
- +

ContentIdentifierType

diff --git a/v3.0.1-draft/model/Software/Vocabularies/FileKindType/index.html b/v3.0.1-draft/model/Software/Vocabularies/FileKindType/index.html index 14d4582175..88fe336354 100644 --- a/v3.0.1-draft/model/Software/Vocabularies/FileKindType/index.html +++ b/v3.0.1-draft/model/Software/Vocabularies/FileKindType/index.html @@ -822,7 +822,7 @@
- +

FileKindType

diff --git a/v3.0.1-draft/model/Software/Vocabularies/SbomType/index.html b/v3.0.1-draft/model/Software/Vocabularies/SbomType/index.html index bc592a64ee..0c21dbe1d3 100644 --- a/v3.0.1-draft/model/Software/Vocabularies/SbomType/index.html +++ b/v3.0.1-draft/model/Software/Vocabularies/SbomType/index.html @@ -822,7 +822,7 @@
- +

SbomType

diff --git a/v3.0.1-draft/model/Software/Vocabularies/SoftwarePurpose/index.html b/v3.0.1-draft/model/Software/Vocabularies/SoftwarePurpose/index.html index 75f61f5d51..a75e0d1e86 100644 --- a/v3.0.1-draft/model/Software/Vocabularies/SoftwarePurpose/index.html +++ b/v3.0.1-draft/model/Software/Vocabularies/SoftwarePurpose/index.html @@ -822,7 +822,7 @@
- +

SoftwarePurpose

diff --git a/v3.0.1-draft/model/model.json b/v3.0.1-draft/model/model.json index 227caf6e63..f506be0a83 100644 --- a/v3.0.1-draft/model/model.json +++ b/v3.0.1-draft/model/model.json @@ -5,43 +5,44 @@ { "py/object": "spec_parser.model.Namespace", "classes": { - "/SimpleLicensing/SimpleLicensingText": { + "/ExpandedLicensing/ConjunctiveLicenseSet": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "SimpleLicensingText", - "fqname": "/SimpleLicensing/SimpleLicensingText", - "summary": "A license or addition that is not listed on the SPDX License List.", - "description": "A SimpleLicensingText represents a License or Addition that is not listed on\nthe [SPDX License List](https://spdx.org/licenses),\nand is therefore defined by an SPDX data creator.", + "name": "ConjunctiveLicenseSet", + "fqname": "/ExpandedLicensing/ConjunctiveLicenseSet", + "summary": "Portion of an AnyLicenseInfo representing a set of licensing information\nwhere all elements apply.", + "description": "A ConjunctiveLicenseSet indicates that _each_ of its subsidiary\nAnyLicenseInfos apply. In other words, a ConjunctiveLicenseSet of two or\nmore licenses represents a licensing situation where _all_ of the specified\nlicenses are to be complied with. It is represented in the SPDX License\nExpression Syntax by the `AND` operator.\n\nIt is syntactically correct to specify a ConjunctiveLicenseSet where the\nsubsidiary AnyLicenseInfos may be \"incompatible\" according to a particular\ninterpretation of the corresponding Licenses.\nThe\n[SPDX License Expression Syntax](../../../annexes/SPDX-license-expressions.md)\ndoes not take into account interpretation of license texts, which is\nleft to the consumer of SPDX data to determine for themselves.", "metadata": { - "name": "SimpleLicensingText", - "SubclassOf": "/Core/Element", + "name": "ConjunctiveLicenseSet", + "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", "Instantiability": "Concrete" }, "properties": { - "licenseText": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/SimpleLicensing/licenseText" + "member": { + "type": "/SimpleLicensing/AnyLicenseInfo", + "minCount": "2", + "fqname": "/ExpandedLicensing/member", + "maxCount": "*" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText", - "fqsupercname": "/Core/Element", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet", + "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", "inheritance_stack": [ + "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { - "licenseText": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/SimpleLicensing/licenseText", - "fullname": "/SimpleLicensing/licenseText", - "fulltype": "xsd:string" + "member": { + "type": "/SimpleLicensing/AnyLicenseInfo", + "minCount": "2", + "fqname": "/ExpandedLicensing/member", + "maxCount": "*", + "fullname": "/ExpandedLicensing/member", + "fulltype": "/SimpleLicensing/AnyLicenseInfo" }, "spdxId": { "type": "xsd:anyURI", @@ -125,26 +126,27 @@ } } }, - "/SimpleLicensing/AnyLicenseInfo": { + "/ExpandedLicensing/IndividualLicensingInfo": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "AnyLicenseInfo", - "fqname": "/SimpleLicensing/AnyLicenseInfo", - "summary": "Abstract class representing a license combination consisting of one or more\nlicenses (optionally including additional text), which may be combined\naccording to the\n[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md).", - "description": "An AnyLicenseInfo is used by licensing properties of software artifacts.\n\nIt can be:\n\n- a NoneLicense;\n- a NoAssertionLicense;\n- a single license (either on the\n [SPDX License List](https://spdx.org/licenses/) or\n [a custom-defined license](../../ExpandedLicensing/Classes/CustomLicense.md));\n- a single license with an \"or later\" operator applied;\n- the foregoing with additional text applied; or\n- a set of licenses combined by applying \"AND\" and \"OR\" operators recursively.", + "name": "IndividualLicensingInfo", + "fqname": "/ExpandedLicensing/IndividualLicensingInfo", + "summary": "A concrete subclass of AnyLicenseInfo used by Individuals in the\nExpandedLicensing profile.", + "description": "Individuals, such as NoneLicense and NoAssertionLicense, need to reference a\nconcrete subclass of AnyLicenseInfo.\n\nThis class provides the type used by the individuals.", "metadata": { - "name": "AnyLicenseInfo", - "SubclassOf": "/Core/Element", - "Instantiability": "Abstract" + "name": "IndividualLicensingInfo", + "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", + "Instantiability": "Concrete" }, "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo", - "fqsupercname": "/Core/Element", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo", + "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", "inheritance_stack": [ + "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { @@ -230,72 +232,45 @@ } } }, - "/SimpleLicensing/LicenseExpression": { + "/ExpandedLicensing/OrLaterOperator": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "LicenseExpression", - "fqname": "/SimpleLicensing/LicenseExpression", - "summary": "An SPDX Element containing an SPDX license expression string.", - "description": "A LicenseExpression enables the representation, in a single string, of a\ncombination of one or more licenses, together with additions such as license\nexceptions.\n\nThe syntax for a LicenseExpression string is set forth in the Annex D\nof the SPDX Specification\n([\"SPDX license expressions\"](../../../annexes/SPDX-license-expressions.md)).\nA LicenseExpression string is not valid if it does not conform to the grammar\nset forth in that annex.\n\nThe ExpandedLicensing profile can be used to represent the complete parsed\nlicense expression as a combination of license objects.", + "name": "OrLaterOperator", + "fqname": "/ExpandedLicensing/OrLaterOperator", + "summary": "Portion of an AnyLicenseInfo representing this version, or any later version,\nof the indicated License.", + "description": "An OrLaterOperator indicates that this portion of the AnyLicenseInfo\nrepresents either (1) the specified version of the corresponding License, or\n(2) any later version of that License. It is represented in the SPDX License\nExpression Syntax by the `+` operator.\n\nIt is context-dependent, and unspecified by SPDX, as to what constitutes a\n\"later version\" of any particular License. Some Licenses may not be versioned,\nor may not have clearly-defined ordering for versions. The consumer of SPDX\ndata will need to determine for themselves what meaning to attribute to a\n\"later version\" operator for a particular License.", "metadata": { - "name": "LicenseExpression", - "SubclassOf": "AnyLicenseInfo", + "name": "OrLaterOperator", + "SubclassOf": "ExtendableLicense", "Instantiability": "Concrete" }, "properties": { - "licenseExpression": { - "type": "xsd:string", + "subjectLicense": { + "type": "License", "minCount": "1", "maxCount": "1", - "fqname": "/SimpleLicensing/licenseExpression" - }, - "licenseListVersion": { - "type": "/Core/SemVer", - "maxCount": "1", - "fqname": "/SimpleLicensing/licenseListVersion", - "minCount": 0 - }, - "customIdToUri": { - "type": "/Core/DictionaryEntry", - "minCount": "0", - "fqname": "/SimpleLicensing/customIdToUri", - "maxCount": "*" + "fqname": "/ExpandedLicensing/subjectLicense" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression", - "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator", + "fqsupercname": "/ExpandedLicensing/ExtendableLicense", "inheritance_stack": [ + "/ExpandedLicensing/ExtendableLicense", "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { - "licenseExpression": { - "type": "xsd:string", + "subjectLicense": { + "type": "License", "minCount": "1", "maxCount": "1", - "fqname": "/SimpleLicensing/licenseExpression", - "fullname": "/SimpleLicensing/licenseExpression", - "fulltype": "xsd:string" - }, - "licenseListVersion": { - "type": "/Core/SemVer", - "maxCount": "1", - "fqname": "/SimpleLicensing/licenseListVersion", - "minCount": 0, - "fullname": "/SimpleLicensing/licenseListVersion", - "fulltype": "/Core/SemVer" - }, - "customIdToUri": { - "type": "/Core/DictionaryEntry", - "minCount": "0", - "fqname": "/SimpleLicensing/customIdToUri", - "maxCount": "*", - "fullname": "/SimpleLicensing/customIdToUri", - "fulltype": "/Core/DictionaryEntry" + "fqname": "/ExpandedLicensing/subjectLicense", + "fullname": "/ExpandedLicensing/subjectLicense", + "fulltype": "/ExpandedLicensing/License" }, "spdxId": { "type": "xsd:anyURI", @@ -378,324 +353,158 @@ "fulltype": "/Extension/Extension" } } - } - }, - "properties": { - "/SimpleLicensing/customIdToUri": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 2 - }, - "license": "Community-Spec-1.0", - "name": "customIdToUri", - "fqname": "/SimpleLicensing/customIdToUri", - "summary": "Maps a LicenseRef or AdditionRef string for a Custom License or a Custom\nLicense Addition to its URI ID.", - "description": "Within a License Expression, references can be made to a Custom License or a\nCustom License Addition.\n\nThe [License Expression syntax](../../../annexes/SPDX-license-expressions.md)\ndictates any reference starting with a\n\"LicenseRef-\" or \"AdditionRef-\" refers to license or addition text not found in\nthe official [SPDX License List](https://spdx.org/licenses/).\n\nThese custom licenses must be a CustomLicense, a CustomLicenseAddition, or a\nSimpleLicensingText which are identified with a unique URI identifier.\n\nThe key for the DictionaryEntry is the string used in the license expression\nand the value is the URI for the corresponding CustomLicense,\nCustomLicenseAddition, or SimpleLicensingText.", - "metadata": { - "name": "customIdToUri", - "Nature": "ObjectProperty", - "Range": "/Core/DictionaryEntry" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri", - "used_in": [ - "/SimpleLicensing/LicenseExpression" - ] - }, - "/SimpleLicensing/licenseText": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 2 - }, - "license": "Community-Spec-1.0", - "name": "licenseText", - "fqname": "/SimpleLicensing/licenseText", - "summary": "Identifies the full text of a License or Addition.", - "description": "A licenseText contains the plain text of the License or Addition,\nwithout templating or other similar markup.\n\nUsers of the licenseText for a License can apply the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nwhen comparing it to another text for matching purposes.", - "metadata": { - "name": "licenseText", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText", - "used_in": [ - "/SimpleLicensing/SimpleLicensingText", - "/ExpandedLicensing/License" - ] - }, - "/SimpleLicensing/licenseExpression": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 2 - }, - "license": "Community-Spec-1.0", - "name": "licenseExpression", - "fqname": "/SimpleLicensing/licenseExpression", - "summary": "A string in the license expression format.", - "description": "A licenseExpression enables the representation, in a single string, of a\ncombination of one or more licenses, together with additions such as license\nexceptions.\n\nThe syntax for a LicenseExpression string is set forth in the Annex D\nof the SPDX Specification\n([\"SPDX license expressions\"](../../../annexes/SPDX-license-expressions.md)).\nA LicenseExpression string is not valid if it does not conform to the grammar\nset forth in that annex.\n\nThe ExpandedLicensing profile can be used to represent the complete parsed\nlicense expression as a combination of license objects.", - "metadata": { - "name": "licenseExpression", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression", - "used_in": [ - "/SimpleLicensing/LicenseExpression" - ] }, - "/SimpleLicensing/licenseListVersion": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 2 - }, - "license": "Community-Spec-1.0", - "name": "licenseListVersion", - "fqname": "/SimpleLicensing/licenseListVersion", - "summary": "The version of the SPDX License List used in the license expression.", - "description": "Recognizing that licenses are added to the\n[SPDX License List](https://spdx.org/licenses/) with each\nsubsequent version, the intent is to provide consumers with the version of the\nSPDX License List used.\n\nThis anticipates that in the future, license expression might have used a\nversion of the SPDX License List that is older than the then current one.\n\nThe specified version of the SPDX License List must include all listed licenses\nand exceptions referenced in the expression.", - "metadata": { - "name": "licenseListVersion", - "Nature": "DataProperty", - "Range": "/Core/SemVer" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion", - "used_in": [ - "/SimpleLicensing/LicenseExpression" - ] - } - }, - "vocabularies": {}, - "individuals": {}, - "datatypes": {}, - "license": "Community-Spec-1.0", - "name": "SimpleLicensing", - "summary": "Additional metadata relating to software licensing.", - "description": "The SimpleLicensing profile provides classes and properties to express licenses\nas a [license expression](../../annexes/SPDX-license-expressions.md) string.\n\nIt also provides the base abstract class, AnyLicenseInfo, used for references\nto license information.\n\nThe SimpleLicensingText class provides a place to record any license text found\nthat does not match a license on the\n[SPDX License List](https://spdx.org/licenses/).\n\nThe ExpandedLicensing profile can be used to represent the complete parsed\nlicense expressions.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing", - "name": "SimpleLicensing" - }, - "conformance": null, - "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": { - "/Core/DictionaryEntry": { + "/ExpandedLicensing/License": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "DictionaryEntry", - "fqname": "/Core/DictionaryEntry", - "summary": "A key with an associated value.", - "description": "The class used for implementing a generic string mapping (also known as\nassociative array, dictionary, or hash map) in SPDX.\n\nEach DictionaryEntry contains a key-value pair which maps the key to its\nassociated value.\n\nTo implement a dictionary, this class is to be used in a collection with\nunique keys.", + "name": "License", + "fqname": "/ExpandedLicensing/License", + "summary": "Abstract class for the portion of an AnyLicenseInfo representing a license.", + "description": "A License represents a license text, whether listed on the\n[SPDX License List](https://spdx.org/licenses/)\n(ListedLicense) or defined by an SPDX data creator (CustomLicense).", "metadata": { - "name": "DictionaryEntry", - "Instantiability": "Concrete" + "name": "License", + "SubclassOf": "ExtendableLicense", + "Instantiability": "Abstract" }, "properties": { - "key": { + "/SimpleLicensing/licenseText": { "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/Core/key" + "fqname": "/SimpleLicensing/licenseText" }, - "value": { - "type": "xsd:string", + "isDeprecatedLicenseId": { + "type": "xsd:boolean", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/value", - "minCount": 0 - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "key": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/key", - "fullname": "/Core/key", - "fulltype": "xsd:string" + "fqname": "/ExpandedLicensing/isDeprecatedLicenseId" }, - "value": { - "type": "xsd:string", + "isFsfLibre": { + "type": "xsd:boolean", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/value", - "minCount": 0, - "fullname": "/Core/value", - "fulltype": "xsd:string" - } - } - }, - "/Core/ExternalRef": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "ExternalRef", - "fqname": "/Core/ExternalRef", - "summary": "A reference to a resource outside the scope of SPDX-3.0 content related to an Element.", - "description": "An External Reference points to a general resource outside the scope of the SPDX-3.0 content\nthat provides additional context, characteristics or related information about an Element.", - "metadata": { - "name": "ExternalRef", - "Instantiability": "Concrete" - }, - "properties": { - "externalRefType": { - "type": "ExternalRefType", + "fqname": "/ExpandedLicensing/isFsfLibre" + }, + "isOsiApproved": { + "type": "xsd:boolean", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/externalRefType", - "minCount": 0 + "fqname": "/ExpandedLicensing/isOsiApproved" }, - "locator": { + "licenseXml": { "type": "xsd:string", - "fqname": "/Core/locator", - "minCount": 0, - "maxCount": "*" - }, - "contentType": { - "type": "MediaType", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/contentType", - "minCount": 0 + "fqname": "/ExpandedLicensing/licenseXml" }, - "comment": { + "obsoletedBy": { "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0 - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "externalRefType": { - "type": "ExternalRefType", - "maxCount": "1", - "fqname": "/Core/externalRefType", - "minCount": 0, - "fullname": "/Core/externalRefType", - "fulltype": "/Core/ExternalRefType" + "fqname": "/ExpandedLicensing/obsoletedBy" }, - "locator": { - "type": "xsd:string", - "fqname": "/Core/locator", + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", "minCount": 0, - "maxCount": "*", - "fullname": "/Core/locator", - "fulltype": "xsd:string" + "maxCount": "*" }, - "contentType": { - "type": "MediaType", + "standardLicenseHeader": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/contentType", - "minCount": 0, - "fullname": "/Core/contentType", - "fulltype": "/Core/MediaType" + "fqname": "/ExpandedLicensing/standardLicenseHeader" }, - "comment": { + "standardLicenseTemplate": { "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - } - } - }, - "/Core/LifecycleScopedRelationship": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "LifecycleScopedRelationship", - "fqname": "/Core/LifecycleScopedRelationship", - "summary": "Provide context for a relationship that occurs in the lifecycle.", - "description": "Certain relationships are sensitive to where they occur in the lifecycle. This parameter lets us avoid a proliferation of relationships, by parameterizing this context information for a relationship.", - "metadata": { - "name": "LifecycleScopedRelationship", - "SubclassOf": "Relationship", - "Instantiability": "Concrete" - }, - "properties": { - "scope": { - "type": "LifecycleScopeType", "minCount": "0", "maxCount": "1", - "fqname": "/Core/scope" + "fqname": "/ExpandedLicensing/standardLicenseTemplate" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship", - "fqsupercname": "/Core/Relationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License", + "fqsupercname": "/ExpandedLicensing/ExtendableLicense", "inheritance_stack": [ - "/Core/Relationship", + "/ExpandedLicensing/ExtendableLicense", + "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { - "scope": { - "type": "LifecycleScopeType", + "licenseText": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/SimpleLicensing/licenseText", + "fullname": "/SimpleLicensing/licenseText", + "fulltype": "xsd:string" + }, + "isDeprecatedLicenseId": { + "type": "xsd:boolean", "minCount": "0", "maxCount": "1", - "fqname": "/Core/scope", - "fullname": "/Core/scope", - "fulltype": "/Core/LifecycleScopeType" + "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", + "fullname": "/ExpandedLicensing/isDeprecatedLicenseId", + "fulltype": "xsd:boolean" }, - "from": { - "type": "Element", - "minCount": "1", + "isFsfLibre": { + "type": "xsd:boolean", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/from", - "fullname": "/Core/from", - "fulltype": "/Core/Element" + "fqname": "/ExpandedLicensing/isFsfLibre", + "fullname": "/ExpandedLicensing/isFsfLibre", + "fulltype": "xsd:boolean" }, - "to": { - "type": "Element", - "minCount": "1", - "fqname": "/Core/to", - "maxCount": "*", - "fullname": "/Core/to", - "fulltype": "/Core/Element" + "isOsiApproved": { + "type": "xsd:boolean", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/isOsiApproved", + "fullname": "/ExpandedLicensing/isOsiApproved", + "fulltype": "xsd:boolean" }, - "relationshipType": { - "type": "RelationshipType", - "minCount": "1", + "licenseXml": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/relationshipType", - "fullname": "/Core/relationshipType", - "fulltype": "/Core/RelationshipType" + "fqname": "/ExpandedLicensing/licenseXml", + "fullname": "/ExpandedLicensing/licenseXml", + "fulltype": "xsd:string" }, - "completeness": { - "type": "RelationshipCompleteness", + "obsoletedBy": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Core/completeness", - "fullname": "/Core/completeness", - "fulltype": "/Core/RelationshipCompleteness" + "fqname": "/ExpandedLicensing/obsoletedBy", + "fullname": "/ExpandedLicensing/obsoletedBy", + "fulltype": "xsd:string" }, - "startTime": { - "type": "DateTime", + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", + "minCount": 0, + "maxCount": "*", + "fullname": "/ExpandedLicensing/seeAlso", + "fulltype": "xsd:anyURI" + }, + "standardLicenseHeader": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Core/startTime", - "fullname": "/Core/startTime", - "fulltype": "/Core/DateTime" + "fqname": "/ExpandedLicensing/standardLicenseHeader", + "fullname": "/ExpandedLicensing/standardLicenseHeader", + "fulltype": "xsd:string" }, - "endTime": { - "type": "DateTime", + "standardLicenseTemplate": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Core/endTime", - "fullname": "/Core/endTime", - "fulltype": "/Core/DateTime" + "fqname": "/ExpandedLicensing/standardLicenseTemplate", + "fullname": "/ExpandedLicensing/standardLicenseTemplate", + "fulltype": "xsd:string" }, "spdxId": { "type": "xsd:anyURI", @@ -779,30 +588,45 @@ } } }, - "/Core/Organization": { + "/ExpandedLicensing/DisjunctiveLicenseSet": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Organization", - "fqname": "/Core/Organization", - "summary": "A group of people who work together in an organized way for a shared purpose.", - "description": "An Organization is a group of people who work together in an organized way for a shared purpose.", + "name": "DisjunctiveLicenseSet", + "fqname": "/ExpandedLicensing/DisjunctiveLicenseSet", + "summary": "Portion of an AnyLicenseInfo representing a set of licensing information where\nonly one of the elements applies.", + "description": "A DisjunctiveLicenseSet indicates that _only one_ of its subsidiary\nAnyLicenseInfos is required to apply. In other words, a DisjunctiveLicenseSet\nof two or more licenses represents a licensing situation where _only one_ of\nthe specified licenses are to be complied with.\n\nA consumer of SPDX data would typically understand this to permit the recipient\nof the licensed content to choose which of the corresponding license they would\nprefer to use. It is represented in the SPDX License Expression Syntax by the\n`OR` operator.", "metadata": { - "name": "Organization", - "SubclassOf": "Agent", + "name": "DisjunctiveLicenseSet", + "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", "Instantiability": "Concrete" }, - "properties": {}, + "properties": { + "member": { + "type": "/SimpleLicensing/AnyLicenseInfo", + "minCount": "2", + "fqname": "/ExpandedLicensing/member", + "maxCount": "*" + } + }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Organization", - "fqsupercname": "/Core/Agent", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet", + "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", "inheritance_stack": [ - "/Core/Agent", + "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { + "member": { + "type": "/SimpleLicensing/AnyLicenseInfo", + "minCount": "2", + "fqname": "/ExpandedLicensing/member", + "maxCount": "*", + "fullname": "/ExpandedLicensing/member", + "fulltype": "/SimpleLicensing/AnyLicenseInfo" + }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -885,27 +709,27 @@ } } }, - "/Core/Person": { + "/ExpandedLicensing/ExtendableLicense": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Person", - "fqname": "/Core/Person", - "summary": "An individual human being.", - "description": "A Person is an individual human being.", + "name": "ExtendableLicense", + "fqname": "/ExpandedLicensing/ExtendableLicense", + "summary": "Abstract class representing a License or an OrLaterOperator.", + "description": "The WithAdditionOperator can have a License or an OrLaterOperator as the\nlicense property value. This class is used for the value.", "metadata": { - "name": "Person", - "SubclassOf": "Agent", - "Instantiability": "Concrete" + "name": "ExtendableLicense", + "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", + "Instantiability": "Abstract" }, "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Person", - "fqsupercname": "/Core/Agent", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense", + "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", "inheritance_stack": [ - "/Core/Agent", + "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { @@ -991,151 +815,106 @@ } } }, - "/Core/CreationInfo": { + "/ExpandedLicensing/WithAdditionOperator": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "CreationInfo", - "fqname": "/Core/CreationInfo", - "summary": "Provides information about the creation of the Element.", - "description": "The CreationInfo provides information about who created the Element, and when\nand how it was created.\n\nThe dateTime created is often the date of last change\n(e.g., a git commit date), not the date when the SPDX data was created, as\ndoing so supports reproducible builds.", + "name": "WithAdditionOperator", + "fqname": "/ExpandedLicensing/WithAdditionOperator", + "summary": "Portion of an AnyLicenseInfo representing a License which has additional\ntext applied to it.", + "description": "A WithAdditionOperator indicates that the designated License is subject to the\ndesignated LicenseAddition, which might be a license exception on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html)\n(ListedLicenseException) or may be other additional text\n(CustomLicenseAddition). It is represented in the SPDX License Expression\nSyntax by the `WITH` operator.", "metadata": { - "name": "CreationInfo", + "name": "WithAdditionOperator", + "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", "Instantiability": "Concrete" }, "properties": { - "specVersion": { - "type": "SemVer", + "subjectAddition": { + "type": "LicenseAddition", "minCount": "1", "maxCount": "1", - "fqname": "/Core/specVersion" - }, - "comment": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/comment" + "fqname": "/ExpandedLicensing/subjectAddition" }, - "created": { - "type": "DateTime", + "subjectExtendableLicense": { + "type": "ExtendableLicense", "minCount": "1", "maxCount": "1", - "fqname": "/Core/created" - }, - "createdBy": { - "type": "Agent", - "minCount": "1", - "fqname": "/Core/createdBy", - "maxCount": "*" - }, - "createdUsing": { - "type": "Tool", - "minCount": "0", - "fqname": "/Core/createdUsing", - "maxCount": "*" + "fqname": "/ExpandedLicensing/subjectExtendableLicense" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo", - "fqsupercname": null, - "inheritance_stack": [], + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator", + "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", + "inheritance_stack": [ + "/SimpleLicensing/AnyLicenseInfo", + "/Core/Element" + ], "all_properties": { - "specVersion": { - "type": "SemVer", + "subjectAddition": { + "type": "LicenseAddition", "minCount": "1", "maxCount": "1", - "fqname": "/Core/specVersion", - "fullname": "/Core/specVersion", - "fulltype": "/Core/SemVer" - }, - "comment": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/comment", - "fullname": "/Core/comment", - "fulltype": "xsd:string" + "fqname": "/ExpandedLicensing/subjectAddition", + "fullname": "/ExpandedLicensing/subjectAddition", + "fulltype": "/ExpandedLicensing/LicenseAddition" }, - "created": { - "type": "DateTime", + "subjectExtendableLicense": { + "type": "ExtendableLicense", "minCount": "1", "maxCount": "1", - "fqname": "/Core/created", - "fullname": "/Core/created", - "fulltype": "/Core/DateTime" - }, - "createdBy": { - "type": "Agent", - "minCount": "1", - "fqname": "/Core/createdBy", - "maxCount": "*", - "fullname": "/Core/createdBy", - "fulltype": "/Core/Agent" + "fqname": "/ExpandedLicensing/subjectExtendableLicense", + "fullname": "/ExpandedLicensing/subjectExtendableLicense", + "fulltype": "/ExpandedLicensing/ExtendableLicense" }, - "createdUsing": { - "type": "Tool", - "minCount": "0", - "fqname": "/Core/createdUsing", - "maxCount": "*", - "fullname": "/Core/createdUsing", - "fulltype": "/Core/Tool" - } - } - }, - "/Core/ExternalMap": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "ExternalMap", - "fqname": "/Core/ExternalMap", - "summary": "A map of Element identifiers that are used within a Document but defined external to that Document.", - "description": "An External Map is a map of Element identifiers that are used within a Document\nbut defined external to that Document.\nThe external map provides details about the externally-defined Element\nsuch as its provenance, where to retrieve it, and how to verify its integrity.", - "metadata": { - "name": "ExternalMap", - "Instantiability": "Concrete" - }, - "properties": { - "externalSpdxId": { + "spdxId": { "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/Core/externalSpdxId" + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", + "name": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/name", "minCount": 0, - "maxCount": "*" + "fullname": "/Core/name", + "fulltype": "xsd:string" }, - "locationHint": { - "type": "xsd:anyURI", + "summary": { + "type": "xsd:string", "maxCount": "1", - "fqname": "/Core/locationHint", - "minCount": 0 + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", + "fulltype": "xsd:string" }, - "definingArtifact": { - "type": "Artifact", + "description": { + "type": "xsd:string", "maxCount": "1", - "fqname": "/Core/definingArtifact", - "minCount": 0 - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "externalSpdxId": { - "type": "xsd:anyURI", + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "creationInfo": { + "type": "CreationInfo", "minCount": "1", "maxCount": "1", - "fqname": "/Core/externalSpdxId", - "fullname": "/Core/externalSpdxId", - "fulltype": "xsd:anyURI" + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" }, "verifiedUsing": { "type": "IntegrityMethod", @@ -1145,89 +924,129 @@ "fullname": "/Core/verifiedUsing", "fulltype": "/Core/IntegrityMethod" }, - "locationHint": { - "type": "xsd:anyURI", - "maxCount": "1", - "fqname": "/Core/locationHint", - "minCount": 0, - "fullname": "/Core/locationHint", - "fulltype": "xsd:anyURI" + "externalRef": { + "type": "ExternalRef", + "minCount": "0", + "fqname": "/Core/externalRef", + "maxCount": "*", + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" }, - "definingArtifact": { - "type": "Artifact", - "maxCount": "1", - "fqname": "/Core/definingArtifact", - "minCount": 0, - "fullname": "/Core/definingArtifact", - "fulltype": "/Core/Artifact" + "externalIdentifier": { + "type": "ExternalIdentifier", + "minCount": "0", + "fqname": "/Core/externalIdentifier", + "maxCount": "*", + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" + }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" } } }, - "/Core/ElementCollection": { + "/ExpandedLicensing/CustomLicense": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "ElementCollection", - "fqname": "/Core/ElementCollection", - "summary": "A collection of Elements, not necessarily with unifying context.", - "description": "An ElementCollection is a collection of Elements, not necessarily with unifying\ncontext.\n\nNote that all ElementCollections must conform to the core profile even if the\ncore profile is no specified in the profileConformance property.\n\nIf the profileConformance property is not provided, core is to be assumed as\nthe default.\n\n**Constraints**\n\n- If the ElementCollection has at least 1 element, it must also have at least\n 1 rootElement.\n- The element must not be of type SpdxDocument.\n- The rootElement must not be of type SpdxDocument.", - "metadata": { - "name": "ElementCollection", - "SubclassOf": "Element", - "Instantiability": "Abstract" - }, - "properties": { - "element": { - "type": "Element", - "minCount": "0", - "fqname": "/Core/element", - "maxCount": "*" - }, - "rootElement": { - "type": "Element", - "minCount": "0", - "fqname": "/Core/rootElement", - "maxCount": "*" - }, - "profileConformance": { - "type": "ProfileIdentifierType", - "fqname": "/Core/profileConformance", - "minCount": 0, - "maxCount": "*" - } + "name": "CustomLicense", + "fqname": "/ExpandedLicensing/CustomLicense", + "summary": "A license that is not listed on the SPDX License List.", + "description": "A CustomLicense represents a License that is not listed on the\n[SPDX License List](https://spdx.org/licenses),\nand is therefore defined by an SPDX data creator.", + "metadata": { + "name": "CustomLicense", + "SubclassOf": "License", + "Instantiability": "Concrete" }, + "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection", - "fqsupercname": "/Core/Element", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense", + "fqsupercname": "/ExpandedLicensing/License", "inheritance_stack": [ + "/ExpandedLicensing/License", + "/ExpandedLicensing/ExtendableLicense", + "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { - "element": { - "type": "Element", + "licenseText": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/SimpleLicensing/licenseText", + "fullname": "/SimpleLicensing/licenseText", + "fulltype": "xsd:string" + }, + "isDeprecatedLicenseId": { + "type": "xsd:boolean", "minCount": "0", - "fqname": "/Core/element", - "maxCount": "*", - "fullname": "/Core/element", - "fulltype": "/Core/Element" + "maxCount": "1", + "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", + "fullname": "/ExpandedLicensing/isDeprecatedLicenseId", + "fulltype": "xsd:boolean" }, - "rootElement": { - "type": "Element", + "isFsfLibre": { + "type": "xsd:boolean", "minCount": "0", - "fqname": "/Core/rootElement", - "maxCount": "*", - "fullname": "/Core/rootElement", - "fulltype": "/Core/Element" + "maxCount": "1", + "fqname": "/ExpandedLicensing/isFsfLibre", + "fullname": "/ExpandedLicensing/isFsfLibre", + "fulltype": "xsd:boolean" }, - "profileConformance": { - "type": "ProfileIdentifierType", - "fqname": "/Core/profileConformance", + "isOsiApproved": { + "type": "xsd:boolean", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/isOsiApproved", + "fullname": "/ExpandedLicensing/isOsiApproved", + "fulltype": "xsd:boolean" + }, + "licenseXml": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/licenseXml", + "fullname": "/ExpandedLicensing/licenseXml", + "fulltype": "xsd:string" + }, + "obsoletedBy": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/obsoletedBy", + "fullname": "/ExpandedLicensing/obsoletedBy", + "fulltype": "xsd:string" + }, + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", "minCount": 0, "maxCount": "*", - "fullname": "/Core/profileConformance", - "fulltype": "/Core/ProfileIdentifierType" + "fullname": "/ExpandedLicensing/seeAlso", + "fulltype": "xsd:anyURI" + }, + "standardLicenseHeader": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/standardLicenseHeader", + "fullname": "/ExpandedLicensing/standardLicenseHeader", + "fulltype": "xsd:string" + }, + "standardLicenseTemplate": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/standardLicenseTemplate", + "fullname": "/ExpandedLicensing/standardLicenseTemplate", + "fulltype": "xsd:string" }, "spdxId": { "type": "xsd:anyURI", @@ -1311,139 +1130,124 @@ } } }, - "/Core/ExternalIdentifier": { + "/ExpandedLicensing/ListedLicenseException": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "ExternalIdentifier", - "fqname": "/Core/ExternalIdentifier", - "summary": "A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element.", - "description": "An ExternalIdentifier is a reference to a resource outside the scope of SPDX-3.0 content\nthat provides a unique key within an established domain that can uniquely identify an Element.", + "name": "ListedLicenseException", + "fqname": "/ExpandedLicensing/ListedLicenseException", + "summary": "A license exception that is listed on the SPDX Exceptions list.", + "description": "A ListedLicenseException represents an exception to a License (in other words,\nan exception to a license condition or an additional permission beyond those\ngranted in a License) which is listed on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html).", "metadata": { - "name": "ExternalIdentifier", + "name": "ListedLicenseException", + "SubclassOf": "LicenseAddition", "Instantiability": "Concrete" }, "properties": { - "externalIdentifierType": { - "type": "ExternalIdentifierType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/externalIdentifierType" - }, - "identifier": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/identifier" - }, - "comment": { + "deprecatedVersion": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Core/comment" - }, - "identifierLocator": { - "type": "xsd:anyURI", - "minCount": "0", - "fqname": "/Core/identifierLocator", - "maxCount": "*" + "fqname": "/ExpandedLicensing/deprecatedVersion" }, - "issuingAuthority": { + "listVersionAdded": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Core/issuingAuthority" + "fqname": "/ExpandedLicensing/listVersionAdded" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier", - "fqsupercname": null, - "inheritance_stack": [], + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException", + "fqsupercname": "/ExpandedLicensing/LicenseAddition", + "inheritance_stack": [ + "/ExpandedLicensing/LicenseAddition", + "/Core/Element" + ], "all_properties": { - "externalIdentifierType": { - "type": "ExternalIdentifierType", - "minCount": "1", + "deprecatedVersion": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/externalIdentifierType", - "fullname": "/Core/externalIdentifierType", - "fulltype": "/Core/ExternalIdentifierType" + "fqname": "/ExpandedLicensing/deprecatedVersion", + "fullname": "/ExpandedLicensing/deprecatedVersion", + "fulltype": "xsd:string" }, - "identifier": { + "listVersionAdded": { "type": "xsd:string", - "minCount": "1", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/identifier", - "fullname": "/Core/identifier", + "fqname": "/ExpandedLicensing/listVersionAdded", + "fullname": "/ExpandedLicensing/listVersionAdded", "fulltype": "xsd:string" }, - "comment": { + "additionText": { "type": "xsd:string", - "minCount": "0", + "minCount": "1", "maxCount": "1", - "fqname": "/Core/comment", - "fullname": "/Core/comment", + "fqname": "/ExpandedLicensing/additionText", + "fullname": "/ExpandedLicensing/additionText", "fulltype": "xsd:string" }, - "identifierLocator": { - "type": "xsd:anyURI", + "isDeprecatedAdditionId": { + "type": "xsd:boolean", "minCount": "0", - "fqname": "/Core/identifierLocator", - "maxCount": "*", - "fullname": "/Core/identifierLocator", - "fulltype": "xsd:anyURI" + "maxCount": "1", + "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", + "fullname": "/ExpandedLicensing/isDeprecatedAdditionId", + "fulltype": "xsd:boolean" }, - "issuingAuthority": { + "licenseXml": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Core/issuingAuthority", - "fullname": "/Core/issuingAuthority", + "fqname": "/ExpandedLicensing/licenseXml", + "fullname": "/ExpandedLicensing/licenseXml", "fulltype": "xsd:string" - } - } - }, - "/Core/Tool": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "Tool", - "fqname": "/Core/Tool", - "summary": "An element of hardware and/or software utilized to carry out a particular function.", - "description": "A Tool is an element of hardware and/or software utilized to carry out a particular function.", - "metadata": { - "name": "Tool", - "SubclassOf": "Element", - "Instantiability": "Concrete" - }, - "properties": {}, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Tool", - "fqsupercname": "/Core/Element", - "inheritance_stack": [ - "/Core/Element" - ], - "all_properties": { - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" }, - "name": { + "obsoletedBy": { "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", + "fqname": "/ExpandedLicensing/obsoletedBy", + "fullname": "/ExpandedLicensing/obsoletedBy", "fulltype": "xsd:string" }, - "summary": { + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", + "minCount": 0, + "maxCount": "*", + "fullname": "/ExpandedLicensing/seeAlso", + "fulltype": "xsd:anyURI" + }, + "standardAdditionTemplate": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/standardAdditionTemplate", + "fullname": "/ExpandedLicensing/standardAdditionTemplate", + "fulltype": "xsd:string" + }, + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" + }, + "name": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" + }, + "summary": { "type": "xsd:string", "maxCount": "1", "fqname": "/Core/summary", @@ -1509,130 +1313,132 @@ } } }, - "/Core/Hash": { + "/ExpandedLicensing/ListedLicense": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Hash", - "fqname": "/Core/Hash", - "summary": "A mathematically calculated representation of a grouping of data.", - "description": "A hash is a grouping of characteristics unique to the result\nof applying a mathematical algorithm\nthat maps data of arbitrary size to a bit string (the hash)\nand is a one-way function, that is,\na function which is practically infeasible to invert.\n\nThis is commonly used for integrity checking of data.\n\nPlease note that different profiles may also provide additional methods for verifying the integrity of specific subclasses of Elements.", + "name": "ListedLicense", + "fqname": "/ExpandedLicensing/ListedLicense", + "summary": "A license that is listed on the SPDX License List.", + "description": "A ListedLicense represents a License that is listed on the\n[SPDX License List](https://spdx.org/licenses).", "metadata": { - "name": "Hash", - "SubclassOf": "IntegrityMethod", + "name": "ListedLicense", + "SubclassOf": "License", "Instantiability": "Concrete" }, "properties": { - "algorithm": { - "type": "HashAlgorithm", - "minCount": "1", + "deprecatedVersion": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/algorithm" + "fqname": "/ExpandedLicensing/deprecatedVersion" }, - "hashValue": { + "listVersionAdded": { "type": "xsd:string", - "minCount": "1", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/hashValue" + "fqname": "/ExpandedLicensing/listVersionAdded" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Hash", - "fqsupercname": "/Core/IntegrityMethod", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense", + "fqsupercname": "/ExpandedLicensing/License", "inheritance_stack": [ - "/Core/IntegrityMethod" + "/ExpandedLicensing/License", + "/ExpandedLicensing/ExtendableLicense", + "/SimpleLicensing/AnyLicenseInfo", + "/Core/Element" ], "all_properties": { - "algorithm": { - "type": "HashAlgorithm", - "minCount": "1", + "deprecatedVersion": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/algorithm", - "fullname": "/Core/algorithm", - "fulltype": "/Core/HashAlgorithm" + "fqname": "/ExpandedLicensing/deprecatedVersion", + "fullname": "/ExpandedLicensing/deprecatedVersion", + "fulltype": "xsd:string" }, - "hashValue": { + "listVersionAdded": { "type": "xsd:string", - "minCount": "1", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/hashValue", - "fullname": "/Core/hashValue", + "fqname": "/ExpandedLicensing/listVersionAdded", + "fullname": "/ExpandedLicensing/listVersionAdded", "fulltype": "xsd:string" }, - "comment": { + "licenseText": { "type": "xsd:string", + "minCount": "1", "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", + "fqname": "/SimpleLicensing/licenseText", + "fullname": "/SimpleLicensing/licenseText", "fulltype": "xsd:string" - } - } - }, - "/Core/Bundle": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "Bundle", - "fqname": "/Core/Bundle", - "summary": "A collection of Elements that have a shared context.", - "description": "A bundle is a collection of Elements that have a shared context.", - "metadata": { - "name": "Bundle", - "SubclassOf": "ElementCollection", - "Instantiability": "Concrete" - }, - "properties": { - "context": { - "type": "xsd:string", + }, + "isDeprecatedLicenseId": { + "type": "xsd:boolean", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/context", - "minCount": 0 - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle", - "fqsupercname": "/Core/ElementCollection", - "inheritance_stack": [ - "/Core/ElementCollection", - "/Core/Element" - ], - "all_properties": { - "context": { + "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", + "fullname": "/ExpandedLicensing/isDeprecatedLicenseId", + "fulltype": "xsd:boolean" + }, + "isFsfLibre": { + "type": "xsd:boolean", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/isFsfLibre", + "fullname": "/ExpandedLicensing/isFsfLibre", + "fulltype": "xsd:boolean" + }, + "isOsiApproved": { + "type": "xsd:boolean", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/isOsiApproved", + "fullname": "/ExpandedLicensing/isOsiApproved", + "fulltype": "xsd:boolean" + }, + "licenseXml": { "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/context", - "minCount": 0, - "fullname": "/Core/context", + "fqname": "/ExpandedLicensing/licenseXml", + "fullname": "/ExpandedLicensing/licenseXml", "fulltype": "xsd:string" }, - "element": { - "type": "Element", + "obsoletedBy": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Core/element", + "maxCount": "1", + "fqname": "/ExpandedLicensing/obsoletedBy", + "fullname": "/ExpandedLicensing/obsoletedBy", + "fulltype": "xsd:string" + }, + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", + "minCount": 0, "maxCount": "*", - "fullname": "/Core/element", - "fulltype": "/Core/Element" + "fullname": "/ExpandedLicensing/seeAlso", + "fulltype": "xsd:anyURI" }, - "rootElement": { - "type": "Element", + "standardLicenseHeader": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Core/rootElement", - "maxCount": "*", - "fullname": "/Core/rootElement", - "fulltype": "/Core/Element" + "maxCount": "1", + "fqname": "/ExpandedLicensing/standardLicenseHeader", + "fullname": "/ExpandedLicensing/standardLicenseHeader", + "fulltype": "xsd:string" }, - "profileConformance": { - "type": "ProfileIdentifierType", - "fqname": "/Core/profileConformance", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/profileConformance", - "fulltype": "/Core/ProfileIdentifierType" + "standardLicenseTemplate": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/standardLicenseTemplate", + "fullname": "/ExpandedLicensing/standardLicenseTemplate", + "fulltype": "xsd:string" }, "spdxId": { "type": "xsd:anyURI", @@ -1716,168 +1522,78 @@ } } }, - "/Core/Agent": { + "/ExpandedLicensing/CustomLicenseAddition": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Agent", - "fqname": "/Core/Agent", - "summary": "Agent represents anything with the potential to act on a system.", - "description": "The Agent class represents anything that has the potential to act on a system.\n\nThis could be a person, organization, software agent, etc.\n\nThis is not to be confused with tools that are used to perform tasks.", + "name": "CustomLicenseAddition", + "fqname": "/ExpandedLicensing/CustomLicenseAddition", + "summary": "A license addition that is not listed on the SPDX Exceptions List.", + "description": "A CustomLicenseAddition represents an addition to a License that is not listed\non the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html),\nand is therefore defined by an SPDX data creator.\n\nIt is intended to represent additional language which is meant to be added to\na License, but which is not itself a standalone License.", "metadata": { - "name": "Agent", - "SubclassOf": "Element", + "name": "CustomLicenseAddition", + "SubclassOf": "LicenseAddition", "Instantiability": "Concrete" }, "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Agent", - "fqsupercname": "/Core/Element", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition", + "fqsupercname": "/ExpandedLicensing/LicenseAddition", "inheritance_stack": [ + "/ExpandedLicensing/LicenseAddition", "/Core/Element" ], "all_properties": { - "spdxId": { - "type": "xsd:anyURI", + "additionText": { + "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" + "fqname": "/ExpandedLicensing/additionText", + "fullname": "/ExpandedLicensing/additionText", + "fulltype": "xsd:string" }, - "name": { + "isDeprecatedAdditionId": { + "type": "xsd:boolean", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", + "fullname": "/ExpandedLicensing/isDeprecatedAdditionId", + "fulltype": "xsd:boolean" + }, + "licenseXml": { "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", + "fqname": "/ExpandedLicensing/licenseXml", + "fullname": "/ExpandedLicensing/licenseXml", "fulltype": "xsd:string" }, - "summary": { + "obsoletedBy": { "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", + "fqname": "/ExpandedLicensing/obsoletedBy", + "fullname": "/ExpandedLicensing/obsoletedBy", "fulltype": "xsd:string" }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", "minCount": 0, "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" + "fullname": "/ExpandedLicensing/seeAlso", + "fulltype": "xsd:anyURI" }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } - }, - "/Core/Bom": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "Bom", - "fqname": "/Core/Bom", - "summary": "A container for a grouping of SPDX-3.0 content characterizing details\n(provenence, composition, licensing, etc.) about a product.", - "description": "A Bill of Materials (BOM) is a container for a grouping of SPDX-3.0 content\ncharacterizing details about a product.\n\nThis could include details of the content and composition of the product,\nprovenence details of the product and/or\nits composition, licensing information, known quality or security issues, etc.", - "metadata": { - "name": "Bom", - "SubclassOf": "Bundle", - "Instantiability": "Concrete" - }, - "properties": {}, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Bom", - "fqsupercname": "/Core/Bundle", - "inheritance_stack": [ - "/Core/Bundle", - "/Core/ElementCollection", - "/Core/Element" - ], - "all_properties": { - "context": { + "standardAdditionTemplate": { "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/context", - "minCount": 0, - "fullname": "/Core/context", + "fqname": "/ExpandedLicensing/standardAdditionTemplate", + "fullname": "/ExpandedLicensing/standardAdditionTemplate", "fulltype": "xsd:string" }, - "element": { - "type": "Element", - "minCount": "0", - "fqname": "/Core/element", - "maxCount": "*", - "fullname": "/Core/element", - "fulltype": "/Core/Element" - }, - "rootElement": { - "type": "Element", - "minCount": "0", - "fqname": "/Core/rootElement", - "maxCount": "*", - "fullname": "/Core/rootElement", - "fulltype": "/Core/Element" - }, - "profileConformance": { - "type": "ProfileIdentifierType", - "fqname": "/Core/profileConformance", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/profileConformance", - "fulltype": "/Core/ProfileIdentifierType" - }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -1960,67 +1676,114 @@ } } }, - "/Core/IntegrityMethod": { + "/ExpandedLicensing/LicenseAddition": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "IntegrityMethod", - "fqname": "/Core/IntegrityMethod", - "summary": "Provides an independently reproducible mechanism that permits verification of a specific Element.", - "description": "An IntegrityMethod provides an independently reproducible mechanism that permits verification\nof a specific Element that correlates to the data in this SPDX document. This identifier enables\na recipient to determine if anything in the original Element has been changed and eliminates\nconfusion over which version or modification of a specific Element is referenced.\n\nPlease note that different profiles may also provide additional methods for verifying the integrity of specific subclasses of Elements.", + "name": "LicenseAddition", + "fqname": "/ExpandedLicensing/LicenseAddition", + "summary": "Abstract class for additional text intended to be added to a License, but\nwhich is not itself a standalone License.", + "description": "A LicenseAddition represents text which is intended to be added to a License\nas additional text, but which is not itself intended to be a standalone\nLicense.\n\nIt may be an exception which is listed on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html)\n(ListedLicenseException), or may be any other additional text (as an exception\nor otherwise) which is defined by an SPDX data creator (CustomLicenseAddition).", "metadata": { - "name": "IntegrityMethod", + "name": "LicenseAddition", + "SubclassOf": "/Core/Element", "Instantiability": "Abstract" }, "properties": { - "comment": { + "additionText": { "type": "xsd:string", + "minCount": "1", "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0 - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "comment": { + "fqname": "/ExpandedLicensing/additionText" + }, + "isDeprecatedAdditionId": { + "type": "xsd:boolean", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/isDeprecatedAdditionId" + }, + "licenseXml": { "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/comment", + "fqname": "/ExpandedLicensing/licenseXml" + }, + "obsoletedBy": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/obsoletedBy" + }, + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" + "maxCount": "*" + }, + "standardAdditionTemplate": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/standardAdditionTemplate" } - } - }, - "/Core/SoftwareAgent": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "SoftwareAgent", - "fqname": "/Core/SoftwareAgent", - "summary": "A software agent.", - "description": "A SoftwareAgent is a software program that is given the authority (similar to a\nuser's authority) to act on a system.", - "metadata": { - "name": "SoftwareAgent", - "SubclassOf": "Agent", - "Instantiability": "Concrete" }, - "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent", - "fqsupercname": "/Core/Agent", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition", + "fqsupercname": "/Core/Element", "inheritance_stack": [ - "/Core/Agent", "/Core/Element" ], "all_properties": { + "additionText": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/ExpandedLicensing/additionText", + "fullname": "/ExpandedLicensing/additionText", + "fulltype": "xsd:string" + }, + "isDeprecatedAdditionId": { + "type": "xsd:boolean", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", + "fullname": "/ExpandedLicensing/isDeprecatedAdditionId", + "fulltype": "xsd:boolean" + }, + "licenseXml": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/licenseXml", + "fullname": "/ExpandedLicensing/licenseXml", + "fulltype": "xsd:string" + }, + "obsoletedBy": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/obsoletedBy", + "fullname": "/ExpandedLicensing/obsoletedBy", + "fulltype": "xsd:string" + }, + "seeAlso": { + "type": "xsd:anyURI", + "fqname": "/ExpandedLicensing/seeAlso", + "minCount": 0, + "maxCount": "*", + "fullname": "/ExpandedLicensing/seeAlso", + "fulltype": "xsd:anyURI" + }, + "standardAdditionTemplate": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/ExpandedLicensing/standardAdditionTemplate", + "fullname": "/ExpandedLicensing/standardAdditionTemplate", + "fulltype": "xsd:string" + }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -2102,2852 +1865,802 @@ "fulltype": "/Extension/Extension" } } - }, - "/Core/Annotation": { - "py/object": "spec_parser.model.Class", + } + }, + "properties": { + "/ExpandedLicensing/seeAlso": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Annotation", - "fqname": "/Core/Annotation", - "summary": "An assertion made in relation to one or more elements.", - "description": "An Annotation is an assertion made in relation to one or more elements.\n\nThe `contentType` property describes the format of the `statement` property.", + "name": "seeAlso", + "fqname": "/ExpandedLicensing/seeAlso", + "summary": "Contains a URL where the License or LicenseAddition can be found in use.", + "description": "A seeAlso defines a cross-reference with a URL where the License or\nLicenseAddition can be found in use by one or a few projects.\n\nIf applicable, it should include a URL where the license text is posted by\nthe license steward, particularly if the license steward has made available a\n\"canonical\" primary URL for the license text.\n\nIf the license is OSI approved, a seeAlso should be included with the URL for\nthe license's listing on the OSI website.\n\nThe seeAlso URL may refer to a previously-available URL for the License or\nLicenseAddition which is no longer active.\n\nWhere applicable, the seeAlso URL should include the license text in its\nnative language. seeAlso URLs to English or other translations may be included\nwhere multiple, equivalent official translations exist.", "metadata": { - "name": "Annotation", - "SubclassOf": "Element", - "Instantiability": "Concrete" - }, - "properties": { - "annotationType": { - "type": "AnnotationType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/annotationType" - }, - "contentType": { - "type": "MediaType", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/contentType" - }, - "statement": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/statement" - }, - "subject": { - "type": "Element", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/subject" - } + "name": "seeAlso", + "Nature": "DataProperty", + "Range": "xsd:anyURI" }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Annotation", - "fqsupercname": "/Core/Element", - "inheritance_stack": [ - "/Core/Element" - ], - "all_properties": { - "annotationType": { - "type": "AnnotationType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/annotationType", - "fullname": "/Core/annotationType", - "fulltype": "/Core/AnnotationType" - }, - "contentType": { - "type": "MediaType", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/contentType", - "fullname": "/Core/contentType", - "fulltype": "/Core/MediaType" - }, - "statement": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/statement", - "fullname": "/Core/statement", - "fulltype": "xsd:string" - }, - "subject": { - "type": "Element", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/subject", - "fullname": "/Core/subject", - "fulltype": "/Core/Element" - }, - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso", + "used_in": [ + "/ExpandedLicensing/License", + "/ExpandedLicensing/LicenseAddition" + ] }, - "/Core/Element": { - "py/object": "spec_parser.model.Class", + "/ExpandedLicensing/standardLicenseHeader": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Element", - "fqname": "/Core/Element", - "summary": "Base domain class from which all other SPDX-3.0 domain classes derive.", - "description": "An Element is a representation of a fundamental concept either directly inherent\nto the Bill of Materials (BOM) domain or indirectly related to the BOM domain\nand necessary for contextually characterizing BOM concepts and relationships.\nWithin SPDX-3.0 structure this is the base class acting as a consistent,\nunifying, and interoperable foundation for all explicit\nand inter-relatable content objects.", + "name": "standardLicenseHeader", + "fqname": "/ExpandedLicensing/standardLicenseHeader", + "summary": "Provides a License author's preferred text to indicate that a file is covered\nby the License.", + "description": "A standardLicenseHeader contains the plain text of the License author's\npreferred wording to be used, typically in a source code file's header\ncomments or similar location, to indicate that the file is subject to\nthe specified License.", "metadata": { - "name": "Element", - "Instantiability": "Abstract" + "name": "standardLicenseHeader", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "properties": { - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0 - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0 - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0 - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0 - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*" - } + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader", + "used_in": [ + "/ExpandedLicensing/License" + ] + }, + "/ExpandedLicensing/subjectExtendableLicense": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 2 }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Element", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } + "license": "Community-Spec-1.0", + "name": "subjectExtendableLicense", + "fqname": "/ExpandedLicensing/subjectExtendableLicense", + "summary": "A License participating in a 'with addition' model.", + "description": "A subjectExtendableLicense is a License which is subject to a 'with additional\ntext' effect (WithAdditionOperator).", + "metadata": { + "name": "subjectExtendableLicense", + "Nature": "ObjectProperty", + "Range": "ExtendableLicense" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense", + "used_in": [ + "/ExpandedLicensing/WithAdditionOperator" + ] }, - "/Core/PositiveIntegerRange": { - "py/object": "spec_parser.model.Class", + "/ExpandedLicensing/obsoletedBy": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "PositiveIntegerRange", - "fqname": "/Core/PositiveIntegerRange", - "summary": "A tuple of two positive integers that define a range.", - "description": "PositiveIntegerRange is a tuple of two positive integers that define a range.\n\"beginIntegerRange\" must be less than or equal to \"endIntegerRange\".", + "name": "obsoletedBy", + "fqname": "/ExpandedLicensing/obsoletedBy", + "summary": "Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition.", + "description": "An obsoletedBy value for a deprecated License or LicenseAddition specifies\nthe licenseId of the replacement License or LicenseAddition that is preferred\nto be used in its place. It should use the same format as specified for a\nlicenseId.\n\nThe License's or LicenseAddition's comment value may include more information\nabout the reason why the licenseId specified in the obsoletedBy value is\npreferred.", "metadata": { - "name": "PositiveIntegerRange", - "Instantiability": "Concrete" - }, - "properties": { - "beginIntegerRange": { - "type": "xsd:positiveInteger", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/beginIntegerRange" - }, - "endIntegerRange": { - "type": "xsd:positiveInteger", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/endIntegerRange" - } + "name": "obsoletedBy", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "beginIntegerRange": { - "type": "xsd:positiveInteger", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/beginIntegerRange", - "fullname": "/Core/beginIntegerRange", - "fulltype": "xsd:positiveInteger" - }, - "endIntegerRange": { - "type": "xsd:positiveInteger", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/endIntegerRange", - "fullname": "/Core/endIntegerRange", - "fulltype": "xsd:positiveInteger" - } - } + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy", + "used_in": [ + "/ExpandedLicensing/License", + "/ExpandedLicensing/LicenseAddition" + ] }, - "/Core/NamespaceMap": { - "py/object": "spec_parser.model.Class", + "/ExpandedLicensing/listVersionAdded": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "NamespaceMap", - "fqname": "/Core/NamespaceMap", - "summary": "A mapping between prefixes and namespace partial URIs.", - "description": "A namespace map allows the creator of a collection of Elements that could be\nserialized to suggest a set of shorter identifiers (\"prefixes\") for particular\nnamespace portions of ElementIDs to be used in SPDX content serialization in\norder to provide a more human-readable and smaller serialized representation of\nthe Elements.\n\nFor details of how NamespaceMap content is to be serialized please refer to\ngeneral SPDX serialization guidance at\n\nand the various serialization format specific .md filed under\n\n(TODO: update the URLs as soon as the context is publicly available)\n\nNamespace maps support a variety of relevant use cases such as:\n\n1. An SPDX content producer wishing to provide clarity of their serialization\n of an SPDX 2.X simple style collection where all content is newly minted and\n a single prefix-namespace is used. The consumer of SPDX content wishes to\n preserve the name space mapping provided by such a producer. In this case,\n the consumer would record the namespace map prefixes in the NamespaceMap such\n that subsequent serializations could reproduce the prefixes / namespaces in\n the native serialization format.\n\n2. An SPDX content producer wishing to maintain consistent prefix use and\n understanding across multiple different serialization formats of the produced\n content.\n For example, an SBOM producer wishes to share/publish the SBOM as JSON-LD and\n XML. The producer can specify the preferred prefix mappings in the native\n serialization format using information from a single Namespacemap accessible\n local to the producer.\n\n3. An SPDX content consumer/producer wishing to maintain consistent prefix use\n while round tripping from SPDX content received, deserialized,\n modified/extended in some way, and then reserialized in the same\n serialization form.\n In this case the prefix-namespace mappings utilized in the content are\n transformed from the original native namespace/prefix into the in memory\n NamespaceMap then transformed from the NamespaceMap back into the resultant\n serialization native namespace / prefix format.", + "name": "listVersionAdded", + "fqname": "/ExpandedLicensing/listVersionAdded", + "summary": "Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added.", + "description": "A listVersionAdded for a ListedLicense or ListedLicenseException on the\n[SPDX License List](https://spdx.org/licenses/)\nspecifies which version release of the License List was the first\none in which it was included.", "metadata": { - "name": "NamespaceMap", - "Instantiability": "Concrete" + "name": "listVersionAdded", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "properties": { - "prefix": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/prefix" - }, - "namespace": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/namespace" - } + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded", + "used_in": [ + "/ExpandedLicensing/ListedLicenseException", + "/ExpandedLicensing/ListedLicense" + ] + }, + "/ExpandedLicensing/isDeprecatedAdditionId": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 2 }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "prefix": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/prefix", - "fullname": "/Core/prefix", - "fulltype": "xsd:string" - }, - "namespace": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/namespace", - "fullname": "/Core/namespace", - "fulltype": "xsd:anyURI" - } - } + "license": "Community-Spec-1.0", + "name": "isDeprecatedAdditionId", + "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", + "summary": "Specifies whether an additional text identifier has been marked as deprecated.", + "description": "The isDeprecatedAdditionId property specifies whether an identifier for a\nLicenseAddition has been marked as deprecated. If the property is not defined,\nthen it is presumed to be false (i.e., not deprecated).\n\nIf the LicenseAddition is included on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html),\nthen the `deprecatedVersion` property indicates on which version release of the\nExceptions List it was first marked as deprecated.\n\n\"Deprecated\" in this context refers to deprecating the use of the\n_identifier_, not the underlying license addition. In other words, even if a\nLicenseAddition's author or steward has stated that a particular\nLicenseAddition generally should not be used, that would _not_ mean that the\nLicenseAddition's identifier is \"deprecated.\" Rather, a LicenseAddition\noperator is typically marked as \"deprecated\" when it is determined that use of\nanother identifier is preferable.", + "metadata": { + "name": "isDeprecatedAdditionId", + "Nature": "DataProperty", + "Range": "xsd:boolean" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId", + "used_in": [ + "/ExpandedLicensing/LicenseAddition" + ] }, - "/Core/Relationship": { - "py/object": "spec_parser.model.Class", + "/ExpandedLicensing/standardLicenseTemplate": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Relationship", - "fqname": "/Core/Relationship", - "summary": "Describes a relationship between one or more elements.", - "description": "A Relationship is a grouping of characteristics unique to an assertion\nthat one Element is related to one or more other Elements in some way.\n\nTo explicitly assert that no such relationships exist, the `to` property\nshould contain the 'NONE' individual and no other elements.\n\nA relationship that contains 'NONE' and additional elements in the `to`\nproperty is not valid.\n\nTo explicitly assert that no assertions are being made regarding the\nexistence of such relationships, the `to` property should contain the\n'NOASSERTION' individual.", + "name": "standardLicenseTemplate", + "fqname": "/ExpandedLicensing/standardLicenseTemplate", + "summary": "Identifies the full text of a License, in SPDX templating format.", + "description": "A standardLicenseTemplate contains a license template which describes sections\nof the License text which can be varied.\n\nSee the Legacy Text Template format section of the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nfor format information.\n\nIt is recommended to use [licenseXml](./licenseXml.md) instead, as it can\ncapture all the text and metadata associated with a license.", "metadata": { - "name": "Relationship", - "SubclassOf": "Element", - "Instantiability": "Concrete" + "name": "standardLicenseTemplate", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "properties": { - "from": { - "type": "Element", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/from" - }, - "to": { - "type": "Element", - "minCount": "1", - "fqname": "/Core/to", - "maxCount": "*" - }, - "relationshipType": { - "type": "RelationshipType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/relationshipType" - }, - "completeness": { - "type": "RelationshipCompleteness", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/completeness" - }, - "startTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/startTime" - }, - "endTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/endTime" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship", - "fqsupercname": "/Core/Element", - "inheritance_stack": [ - "/Core/Element" - ], - "all_properties": { - "from": { - "type": "Element", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/from", - "fullname": "/Core/from", - "fulltype": "/Core/Element" - }, - "to": { - "type": "Element", - "minCount": "1", - "fqname": "/Core/to", - "maxCount": "*", - "fullname": "/Core/to", - "fulltype": "/Core/Element" - }, - "relationshipType": { - "type": "RelationshipType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/relationshipType", - "fullname": "/Core/relationshipType", - "fulltype": "/Core/RelationshipType" - }, - "completeness": { - "type": "RelationshipCompleteness", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/completeness", - "fullname": "/Core/completeness", - "fulltype": "/Core/RelationshipCompleteness" - }, - "startTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/startTime", - "fullname": "/Core/startTime", - "fulltype": "/Core/DateTime" - }, - "endTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/endTime", - "fullname": "/Core/endTime", - "fulltype": "/Core/DateTime" - }, - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate", + "used_in": [ + "/ExpandedLicensing/License" + ] }, - "/Core/Artifact": { - "py/object": "spec_parser.model.Class", + "/ExpandedLicensing/isFsfLibre": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "Artifact", - "fqname": "/Core/Artifact", - "summary": "A distinct article or unit within the digital domain.", - "description": "An artifact is a distinct article or unit within the digital domain,\nsuch as an electronic file, a software package, a device or an element of data.", + "name": "isFsfLibre", + "fqname": "/ExpandedLicensing/isFsfLibre", + "summary": "Specifies whether the License is listed as free by the\n[Free Software Foundation (FSF)](https://fsf.org).", + "description": "isFsfLibre specifies whether the\n[Free Software Foundation (FSF)](https://fsf.org)\nhas listed this License as \"free\" in their commentary on licenses, located at\nthe time of this writing at\n[Various Licenses and Comments about Them](https://www.gnu.org/licenses/license-list.en.html).\n\nA value of \"true\" indicates that the license is in the list of licenses that\nFSF publishes as libre.\n\nA value of \"false\" indicates that the license is explicitly not in the\ncorresponding list of FSF libre licenses (e.g., FSF has the license on a\nnon-free list).\n\nIf the isFsfLibre field is not specified, the SPDX data creator makes no\nassertions about whether the License is listed in the FSF's commentary.", "metadata": { - "name": "Artifact", - "SubclassOf": "Element", - "Instantiability": "Abstract" + "name": "isFsfLibre", + "Nature": "DataProperty", + "Range": "xsd:boolean" }, - "properties": { - "originatedBy": { - "type": "Agent", - "minCount": "0", - "fqname": "/Core/originatedBy", - "maxCount": "*" - }, - "suppliedBy": { - "type": "Agent", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/suppliedBy" - }, - "builtTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/builtTime" - }, - "releaseTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/releaseTime" - }, - "validUntilTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/validUntilTime" - }, - "standardName": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Core/standardName", - "maxCount": "*" - }, - "supportLevel": { - "type": "SupportType", - "minCount": "0", - "fqname": "/Core/supportLevel", - "maxCount": "*" - } + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre", + "used_in": [ + "/ExpandedLicensing/License" + ] + }, + "/ExpandedLicensing/licenseXml": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 2 }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact", - "fqsupercname": "/Core/Element", - "inheritance_stack": [ - "/Core/Element" - ], - "all_properties": { - "originatedBy": { - "type": "Agent", - "minCount": "0", - "fqname": "/Core/originatedBy", - "maxCount": "*", - "fullname": "/Core/originatedBy", - "fulltype": "/Core/Agent" - }, - "suppliedBy": { - "type": "Agent", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" - }, - "builtTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/builtTime", - "fullname": "/Core/builtTime", - "fulltype": "/Core/DateTime" - }, - "releaseTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/releaseTime", - "fullname": "/Core/releaseTime", - "fulltype": "/Core/DateTime" - }, - "validUntilTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/validUntilTime", - "fullname": "/Core/validUntilTime", - "fulltype": "/Core/DateTime" - }, - "standardName": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Core/standardName", - "maxCount": "*", - "fullname": "/Core/standardName", - "fulltype": "xsd:string" - }, - "supportLevel": { - "type": "SupportType", - "minCount": "0", - "fqname": "/Core/supportLevel", - "maxCount": "*", - "fullname": "/Core/supportLevel", - "fulltype": "/Core/SupportType" - }, - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } + "license": "Community-Spec-1.0", + "name": "licenseXml", + "fqname": "/ExpandedLicensing/licenseXml", + "summary": "Identifies all the text and metadata associated with a license in the license\nXML format.", + "description": "The license XML format is defined and used by the SPDX legal team.\n\nThe formal schema definition is available at\n[SPDX License List XML Schema](https://github.com/spdx/license-list-XML/blob/v3.24.0/schema/ListedLicense.xsd).\n\nFor a text description of the XML fields, see\n[XML template fields](https://github.com/spdx/license-list-XML/blob/v3.24.0/DOCS/xml-fields.md).", + "metadata": { + "name": "licenseXml", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml", + "used_in": [ + "/ExpandedLicensing/License", + "/ExpandedLicensing/LicenseAddition" + ] }, - "/Core/SpdxDocument": { - "py/object": "spec_parser.model.Class", + "/ExpandedLicensing/member": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "SpdxDocument", - "fqname": "/Core/SpdxDocument", - "summary": "A collection of SPDX Elements that could potentially be serialized.", - "description": "The SpdxDocument provides a convenient way to express information about\ncollections of SPDX Elements that could potentially be serialized as complete\nunits (e.g., all in-scope SPDX data within a single JSON-LD file).\n\nSpdxDocument is independent of any particular serialization format or instance.\n\nInformation we wish to preserve about a specific instance of serialization of\nthis SPDX content is NOT expressed using the SpdxDocument but rather using an\nassociated Artifact representing a particular instance of SPDX data physical\nserialization.\n\nAny instance of serialization of SPDX data MUST NOT contain more than one\nSpdxDocument element definition.", + "name": "member", + "fqname": "/ExpandedLicensing/member", + "summary": "A license expression participating in a license set.", + "description": "A member is a license expression participating in a conjunctive (of type\nConjunctiveLicenseSet) or a disjunctive (of type DisjunctiveLicenseSet)\nlicense set.", "metadata": { - "name": "SpdxDocument", - "SubclassOf": "ElementCollection", - "Instantiability": "Concrete" + "name": "member", + "Nature": "ObjectProperty", + "Range": "/SimpleLicensing/AnyLicenseInfo" }, - "properties": { - "imports": { - "type": "ExternalMap", - "fqname": "/Core/imports", - "minCount": 0, - "maxCount": "*" - }, - "namespaceMap": { - "type": "NamespaceMap", - "fqname": "/Core/namespaceMap", - "minCount": 0, - "maxCount": "*" - }, - "dataLicense": { - "type": "/SimpleLicensing/AnyLicenseInfo", - "maxCount": "1", - "fqname": "/Core/dataLicense", - "minCount": 0 - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument", - "fqsupercname": "/Core/ElementCollection", - "inheritance_stack": [ - "/Core/ElementCollection", - "/Core/Element" - ], - "all_properties": { - "imports": { - "type": "ExternalMap", - "fqname": "/Core/imports", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/imports", - "fulltype": "/Core/ExternalMap" - }, - "namespaceMap": { - "type": "NamespaceMap", - "fqname": "/Core/namespaceMap", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/namespaceMap", - "fulltype": "/Core/NamespaceMap" - }, - "dataLicense": { - "type": "/SimpleLicensing/AnyLicenseInfo", - "maxCount": "1", - "fqname": "/Core/dataLicense", - "minCount": 0, - "fullname": "/Core/dataLicense", - "fulltype": "/SimpleLicensing/AnyLicenseInfo" - }, - "element": { - "type": "Element", - "minCount": "0", - "fqname": "/Core/element", - "maxCount": "*", - "fullname": "/Core/element", - "fulltype": "/Core/Element" - }, - "rootElement": { - "type": "Element", - "minCount": "0", - "fqname": "/Core/rootElement", - "maxCount": "*", - "fullname": "/Core/rootElement", - "fulltype": "/Core/Element" - }, - "profileConformance": { - "type": "ProfileIdentifierType", - "fqname": "/Core/profileConformance", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/profileConformance", - "fulltype": "/Core/ProfileIdentifierType" - }, - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } - }, - "/Core/PackageVerificationCode": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "PackageVerificationCode", - "fqname": "/Core/PackageVerificationCode", - "summary": "An SPDX version 2.X compatible verification method for software packages.", - "description": "This verification method is provided for compatibility with SPDX 2.X.\n\nUse of this verification code method is discouraged except for scenarios where the `contentIdentifier` property on `Artifact` can not be used.\n\nThis verification method provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX document itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX document.\n\nThis identifier enables a recipient to determine if any file in the original package (that the analysis was done on) has been changed and permits inclusion of an SPDX document as part of a package.\n\nAlgorithm:\n\n verificationcode = 0\n filelist = templist = \"\"\n for all files in the package {\n if file is an \"excludes\" file, skip it /* exclude SPDX analysis file(s) */\n else append templist with \"algorithm(file)/n\"\n }\n \n sort templist in ascending order by algorithm value\n \n filelist = templist with \"/n\"s removed. /* ordered sequence of algorithm values with no separators */\n \n hashValue = algorithm(filelist) /* Where algorithm(file) applies a hash algorithm on the contents of file and returns the result in lowercase hexadecimal digits. */\n\nRequired sort order: '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' (ASCII order)", - "metadata": { - "name": "PackageVerificationCode", - "SubclassOf": "/Core/IntegrityMethod", - "Instantiability": "Concrete" - }, - "properties": { - "algorithm": { - "type": "HashAlgorithm", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/algorithm" - }, - "hashValue": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/hashValue" - }, - "packageVerificationCodeExcludedFile": { - "type": "xsd:string", - "fqname": "/Core/packageVerificationCodeExcludedFile", - "minCount": 0, - "maxCount": "*" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode", - "fqsupercname": "/Core/IntegrityMethod", - "inheritance_stack": [ - "/Core/IntegrityMethod" - ], - "all_properties": { - "algorithm": { - "type": "HashAlgorithm", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/algorithm", - "fullname": "/Core/algorithm", - "fulltype": "/Core/HashAlgorithm" - }, - "hashValue": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/hashValue", - "fullname": "/Core/hashValue", - "fulltype": "xsd:string" - }, - "packageVerificationCodeExcludedFile": { - "type": "xsd:string", - "fqname": "/Core/packageVerificationCodeExcludedFile", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/packageVerificationCodeExcludedFile", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - } - } - } - }, - "properties": { - "/Core/contentType": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member", + "used_in": [ + "/ExpandedLicensing/ConjunctiveLicenseSet", + "/ExpandedLicensing/DisjunctiveLicenseSet" + ] + }, + "/ExpandedLicensing/additionText": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "contentType", - "fqname": "/Core/contentType", - "summary": "Provides information about the content type of an Element or a Property.", - "description": "This field is a reasonable estimation of the content type of the Element or the\nProperty, from a creator perspective.\n\nContent type is intrinsic to the Element or the Property, independent of how it\nis being used.", + "name": "additionText", + "fqname": "/ExpandedLicensing/additionText", + "summary": "Identifies the full text of a LicenseAddition.", + "description": "An additionText contains the plain text of the LicenseAddition, without\ntemplating or other similar markup.\n\nUsers of the additionText for a License can apply the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nwhen comparing it to another text for matching purposes.", "metadata": { - "name": "contentType", + "name": "additionText", "Nature": "DataProperty", - "Range": "MediaType" + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/contentType", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText", "used_in": [ - "/Core/ExternalRef", - "/Core/Annotation", - "/Software/File" + "/ExpandedLicensing/LicenseAddition" ] }, - "/Core/externalRefType": { + "/ExpandedLicensing/isOsiApproved": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "externalRefType", - "fqname": "/Core/externalRefType", - "summary": "Specifies the type of the external reference.", - "description": "An externalRefType specifies the type of the external reference.", + "name": "isOsiApproved", + "fqname": "/ExpandedLicensing/isOsiApproved", + "summary": "Specifies whether the License is listed as approved by the\n[Open Source Initiative (OSI)](https://opensource.org).", + "description": "isOsiApproved specifies whether the\n[Open Source Initiative (OSI)](https://opensource.org)\nhas listed this License as \"approved\" in their list of OSI Approved Licenses,\nlocated at the time of this writing at\n[OSI Approved Licenses](https://opensource.org/licenses).\n\nA value of \"true\" indicates that the license is in the list of licenses that\nOSI publishes as approved.\n\nA value of \"false\" indicates that the license is explicitly not in the\ncorresponding list of OSI licenses (e.g., OSI has stated publicly that a\nlicense is not approved).\n\nIf the isOsiApproved field is not specified, the SPDX data creator makes no\nassertions about whether the License is approved by the OSI.", "metadata": { - "name": "externalRefType", - "Nature": "ObjectProperty", - "Range": "ExternalRefType" + "name": "isOsiApproved", + "Nature": "DataProperty", + "Range": "xsd:boolean" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved", "used_in": [ - "/Core/ExternalRef" + "/ExpandedLicensing/License" ] }, - "/Core/identifier": { + "/ExpandedLicensing/deprecatedVersion": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "identifier", - "fqname": "/Core/identifier", - "summary": "Uniquely identifies an external element.", - "description": "An identifier uniquely identifies an external element.", + "name": "deprecatedVersion", + "fqname": "/ExpandedLicensing/deprecatedVersion", + "summary": "Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated.", + "description": "A deprecatedVersion, for a ListedLicense on the\n[SPDX License List](https://spdx.org/licenses/)\nor a ListedLicenseException on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html),\nspecifies which version release of the License List was the first\none in which it was marked as deprecated.", "metadata": { - "name": "identifier", + "name": "deprecatedVersion", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/identifier", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion", "used_in": [ - "/Core/ExternalIdentifier" + "/ExpandedLicensing/ListedLicenseException", + "/ExpandedLicensing/ListedLicense" ] }, - "/Core/description": { + "/ExpandedLicensing/subjectLicense": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "description", - "fqname": "/Core/description", - "summary": "Provides a detailed description of the Element.", - "description": "This field is a detailed description of the Element. It may also be extracted\nfrom the Element itself.\n\nThe intent is to provide recipients of the SPDX file with a detailed technical\nexplanation of the functionality, anticipated use, and anticipated\nimplementation of the Element.\n\nThis field may also include a description of improvements over prior versions\nof the Element.", + "name": "subjectLicense", + "fqname": "/ExpandedLicensing/subjectLicense", + "summary": "A License participating in an 'or later' model.", + "description": "A subjectLicense is a License which is subject an 'or later' effect\n(OrLaterOperator).", "metadata": { - "name": "description", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "subjectLicense", + "Nature": "ObjectProperty", + "Range": "License" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/description", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense", "used_in": [ - "/Core/Element" + "/ExpandedLicensing/OrLaterOperator" ] }, - "/Core/completeness": { + "/ExpandedLicensing/subjectAddition": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "completeness", - "fqname": "/Core/completeness", - "summary": "Provides information about the completeness of relationships.", - "description": "Completeness gives information about whether the provided relationships are\ncomplete, known to be incomplete or if no assertion is made either way.", + "name": "subjectAddition", + "fqname": "/ExpandedLicensing/subjectAddition", + "summary": "A LicenseAddition participating in a 'with addition' model.", + "description": "A subjectAddition is a LicenseAddition which is subject to a 'with additional\ntext' effect (WithAdditionOperator).", "metadata": { - "name": "completeness", + "name": "subjectAddition", "Nature": "ObjectProperty", - "Range": "RelationshipCompleteness" + "Range": "LicenseAddition" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/completeness", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition", "used_in": [ - "/Core/Relationship" + "/ExpandedLicensing/WithAdditionOperator" ] }, - "/Core/externalRef": { + "/ExpandedLicensing/isDeprecatedLicenseId": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "externalRef", - "fqname": "/Core/externalRef", - "summary": "Points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element.", - "description": "This field points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element.", - "metadata": { - "name": "externalRef", - "Nature": "ObjectProperty", - "Range": "ExternalRef" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef", - "used_in": [ - "/Core/Element" - ] - }, - "/Core/supportLevel": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "supportLevel", - "fqname": "/Core/supportLevel", - "summary": "Specifies the level of support associated with an artifact.", - "description": "supportLevel provides an indication of what support expectations that the\nsupplier of an artifact is providing to the user.", - "metadata": { - "name": "supportLevel", - "Nature": "ObjectProperty", - "Range": "SupportType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel", - "used_in": [ - "/Core/Artifact" - ] - }, - "/Core/spdxId": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "spdxId", - "fqname": "/Core/spdxId", - "summary": "Identifies an Element to be referenced by other Elements.", - "description": "SpdxId uniquely identifies an Element which may thereby be referenced by other Elements.\nThese references may be internal or external.\nWhile there may be several versions of the same Element, each one needs to be able to be referred to uniquely\nso that relationships between Elements can be clearly articulated.", + "name": "isDeprecatedLicenseId", + "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", + "summary": "Specifies whether a license or additional text identifier has been marked as\ndeprecated.", + "description": "The isDeprecatedLicenseId property specifies whether an identifier for a\nLicense or LicenseAddition has been marked as deprecated. If the property\nis not defined, then it is presumed to be false (i.e., not deprecated).\n\nIf the License or LicenseAddition is included on the\n[SPDX License List](https://spdx.org/licenses/), then\nthe `deprecatedVersion` property indicates on which version release of the\nLicense List it was first marked as deprecated.\n\n\"Deprecated\" in this context refers to deprecating the use of the\n_identifier_, not the underlying license. In other words, even if a License's\nauthor or steward has stated that a particular License generally should not be\nused, that would _not_ mean that the License's identifier is \"deprecated.\"\nRather, a License or LicenseAddition operator is typically marked as\n\"deprecated\" when it is determined that use of another identifier is\npreferable.", "metadata": { - "name": "spdxId", + "name": "isDeprecatedLicenseId", "Nature": "DataProperty", - "Range": "xsd:anyURI" + "Range": "xsd:boolean" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/spdxId", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId", "used_in": [ - "/Core/Element" + "/ExpandedLicensing/License" ] }, - "/Core/packageVerificationCodeExcludedFile": { + "/ExpandedLicensing/standardAdditionTemplate": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "packageVerificationCodeExcludedFile", - "fqname": "/Core/packageVerificationCodeExcludedFile", - "summary": "The relative file name of a file to be excluded from the\n`PackageVerificationCode`.", - "description": "A relative filename with the root of the package archive or directory\nreferencing a file to be excluded from the `PackageVerificationCode`.\n\nIn general, every filename is preceded with a `./`, see\n[RFC 3986 Uniform Resource Identifier (URI): Generic Syntax](https://www.rfc-editor.org/info/rfc3986)\nfor syntax.", + "name": "standardAdditionTemplate", + "fqname": "/ExpandedLicensing/standardAdditionTemplate", + "summary": "Identifies the full text of a LicenseAddition, in SPDX templating format.", + "description": "A standardAdditionTemplate contains a license addition template which describes\nsections of the LicenseAddition text which can be varied.\n\nSee the Legacy Text Template format section of the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nfor format information.\n\nIt is recommended to use [licenseXml](./licenseXml.md) instead, as it can\ncapture all the text and metadata associated with a license.", "metadata": { - "name": "packageVerificationCodeExcludedFile", + "name": "standardAdditionTemplate", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile", - "used_in": [ - "/Core/PackageVerificationCode" - ] - }, - "/Core/imports": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "imports", - "fqname": "/Core/imports", - "summary": "Provides an ExternalMap of Element identifiers.", - "description": "Imports provides an ExternalMap of Element identifiers that are used within a\ndocument but defined external to that document.", - "metadata": { - "name": "imports", - "Nature": "ObjectProperty", - "Range": "ExternalMap" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/imports", - "used_in": [ - "/Core/SpdxDocument" - ] - }, - "/Core/endIntegerRange": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "endIntegerRange", - "fqname": "/Core/endIntegerRange", - "summary": "Defines the end of a range.", - "description": "endIntegerRange is a positive integer that defines the end of a range.", - "metadata": { - "name": "endIntegerRange", - "Nature": "DataProperty", - "Range": "xsd:positiveInteger" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate", "used_in": [ - "/Core/PositiveIntegerRange" + "/ExpandedLicensing/LicenseAddition" ] - }, - "/Core/externalIdentifierType": { - "py/object": "spec_parser.model.Property", + } + }, + "vocabularies": {}, + "individuals": { + "/ExpandedLicensing/NoAssertionLicense": { + "py/object": "spec_parser.model.Individual", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "externalIdentifierType", - "fqname": "/Core/externalIdentifierType", - "summary": "Specifies the type of the external identifier.", - "description": "An externalIdentifierType specifies the type of the external identifier.", + "name": "NoAssertionLicense", + "fqname": "/ExpandedLicensing/NoAssertionLicense", + "summary": "An Individual Value for License when no assertion can be made about its actual\nvalue.", + "description": "NoAssertionLicense should be used if\n\n- the SPDX creator has attempted to but cannot reach a reasonable objective\n determination;\n- the SPDX creator has made no attempt to determine this field; or\n- the SPDX creator has intentionally provided no information (no meaning should\n be implied by doing so).", "metadata": { - "name": "externalIdentifierType", - "Nature": "ObjectProperty", - "Range": "ExternalIdentifierType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType", - "used_in": [ - "/Core/ExternalIdentifier" - ] - }, - "/Core/locationHint": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 + "name": "NoAssertionLicense", + "type": "IndividualLicensingInfo", + "IRI": "https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion" }, - "license": "Community-Spec-1.0", - "name": "locationHint", - "fqname": "/Core/locationHint", - "summary": "Provides an indication of where to retrieve an external Element.", - "description": "A locationHint provides an indication of where to retrieve an external Element.", - "metadata": { - "name": "locationHint", - "Nature": "DataProperty", - "Range": "xsd:anyURI" + "values": { + "name": "\"NOASSERTION\"" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint", - "used_in": [ - "/Core/ExternalMap" - ] + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense" }, - "/Core/suppliedBy": { - "py/object": "spec_parser.model.Property", + "/ExpandedLicensing/NoneLicense": { + "py/object": "spec_parser.model.Individual", "ns": { - "py/id": 77 + "py/id": 2 }, "license": "Community-Spec-1.0", - "name": "suppliedBy", - "fqname": "/Core/suppliedBy", - "summary": "Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element.", - "description": "Identify the actual distribution source for the artifact (e.g., snippet, file,\npackage, vulnerability) or VulnAssessmentRelationship being referenced.\n\nThis might or might not be different from the originating distribution source\nfor the artifact (e.g., snippet, file, package, vulnerability) or\nVulnAssessmentRelationship.", + "name": "NoneLicense", + "fqname": "/ExpandedLicensing/NoneLicense", + "summary": "An Individual Value for License where the SPDX data creator determines that no\nlicense is present.", + "description": "NoneLicense should be used if the SPDX creator determines there is no license\navailable for this Artifact.", "metadata": { - "name": "suppliedBy", - "Nature": "ObjectProperty", - "Range": "Agent" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy", - "used_in": [ - "/Core/Artifact", - "/Security/VulnAssessmentRelationship" - ] - }, - "/Core/extension": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 + "name": "NoneLicense", + "type": "IndividualLicensingInfo", + "IRI": "https://spdx.org/rdf/3.0.1/terms/Licensing/None" }, - "license": "Community-Spec-1.0", - "name": "extension", - "fqname": "/Core/extension", - "summary": "Specifies an Extension characterization of some aspect of an Element.", - "description": "`extension` specifies an Extension-based characterization of a particular\naspect of an Element.", - "metadata": { - "name": "extension", - "Nature": "ObjectProperty", - "Range": "/Extension/Extension" + "values": { + "name": "\"NONE\"" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/extension", - "used_in": [ - "/Core/Element" - ] - }, - "/Core/locator": { - "py/object": "spec_parser.model.Property", + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense" + } + }, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "ExpandedLicensing", + "summary": "Fully expanded license expressions.", + "description": "This profile supports representing a fully expanded\n[license expression](../../annexes/SPDX-license-expressions.md)\nin object form.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing", + "name": "ExpandedLicensing" + }, + "conformance": null, + "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": { + "/AI/AIPackage": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 77 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "locator", - "fqname": "/Core/locator", - "summary": "Provides the location of an external reference.", - "description": "A locator provides the location of an external reference.", + "name": "AIPackage", + "fqname": "/AI/AIPackage", + "summary": "Specifies an AI package and its associated information.", + "description": "Metadata information that can be added to a package to describe an AI application or trained AI model.", "metadata": { - "name": "locator", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/locator", - "used_in": [ - "/Core/ExternalRef" - ] - }, - "/Core/from": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 + "name": "AIPackage", + "SubclassOf": "/Software/Package", + "Instantiability": "Concrete" }, - "license": "Community-Spec-1.0", - "name": "from", - "fqname": "/Core/from", - "summary": "References the Element on the left-hand side of a relationship.", - "description": "This field references the Element on the left-hand side of a relationship.", - "metadata": { - "name": "from", - "Nature": "ObjectProperty", - "Range": "Element" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/from", - "used_in": [ - "/Core/Relationship" - ] - }, - "/Core/beginIntegerRange": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "beginIntegerRange", - "fqname": "/Core/beginIntegerRange", - "summary": "Defines the beginning of a range.", - "description": "beginIntegerRange is a positive integer that defines the beginning of a range.", - "metadata": { - "name": "beginIntegerRange", - "Nature": "DataProperty", - "Range": "xsd:positiveInteger" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange", - "used_in": [ - "/Core/PositiveIntegerRange" - ] - }, - "/Core/value": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "value", - "fqname": "/Core/value", - "summary": "A value used in a generic key-value pair.", - "description": "A value used in a generic key-value pair.\n\nA key-value pair can be used to implement a dictionary which associates a key\nwith a value.", - "metadata": { - "name": "value", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/value", - "used_in": [ - "/Core/DictionaryEntry" - ] - }, - "/Core/scope": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "scope", - "fqname": "/Core/scope", - "summary": "Capture the scope of information about a specific relationship between elements.", - "description": "A scope is additional context about a relationship, that clarifies the relationship between elements.", - "metadata": { - "name": "scope", - "Nature": "ObjectProperty", - "Range": "LifecycleScopeType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/scope", - "used_in": [ - "/Core/LifecycleScopedRelationship" - ] - }, - "/Core/startTime": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "startTime", - "fqname": "/Core/startTime", - "summary": "Specifies the time from which an element is applicable / valid.", - "description": "A startTime specifies the time from which an element is applicable / valid.", - "metadata": { - "name": "startTime", - "Nature": "DataProperty", - "Range": "DateTime" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/startTime", - "used_in": [ - "/Core/Relationship" - ] - }, - "/Core/specVersion": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "specVersion", - "fqname": "/Core/specVersion", - "summary": "Provides a reference number that can be used to understand how to parse and interpret an Element.", - "description": "The specVersion provides a reference number that can be used to understand how to parse and interpret an Element.\nIt will enable both future changes to the specification and to support backward compatibility.\nThe major version number shall be incremented when incompatible changes between versions are made\n(one or more sections are created, modified or deleted).\nThe minor version number shall be incremented when backwards compatible changes are made.\n\nHere, parties exchanging information in accordance with the SPDX specification need to provide\n100% transparency as to which SPDX specification version such information is conforming to.", - "metadata": { - "name": "specVersion", - "Nature": "DataProperty", - "Range": "SemVer" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion", - "used_in": [ - "/Core/CreationInfo" - ] - }, - "/Core/name": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 + "properties": { + "autonomyType": { + "type": "/Core/PresenceType", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/autonomyType" + }, + "domain": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/domain", + "maxCount": "*" + }, + "energyConsumption": { + "type": "EnergyConsumption", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/energyConsumption" + }, + "hyperparameter": { + "type": "/Core/DictionaryEntry", + "minCount": "0", + "fqname": "/AI/hyperparameter", + "maxCount": "*" + }, + "informationAboutApplication": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/informationAboutApplication" + }, + "informationAboutTraining": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/informationAboutTraining" + }, + "limitation": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/limitation" + }, + "metric": { + "type": "/Core/DictionaryEntry", + "minCount": "0", + "fqname": "/AI/metric", + "maxCount": "*" + }, + "metricDecisionThreshold": { + "type": "/Core/DictionaryEntry", + "minCount": "0", + "fqname": "/AI/metricDecisionThreshold", + "maxCount": "*" + }, + "modelDataPreprocessing": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/modelDataPreprocessing", + "maxCount": "*" + }, + "modelExplainability": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/modelExplainability", + "maxCount": "*" + }, + "safetyRiskAssessment": { + "type": "SafetyRiskAssessmentType", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/safetyRiskAssessment" + }, + "standardCompliance": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/standardCompliance", + "maxCount": "*" + }, + "typeOfModel": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/typeOfModel", + "maxCount": "*" + }, + "useSensitivePersonalInformation": { + "type": "/Core/PresenceType", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/useSensitivePersonalInformation" + } }, - "license": "Community-Spec-1.0", - "name": "name", - "fqname": "/Core/name", - "summary": "Identifies the name of an Element as designated by the creator.", - "description": "This field identifies the name of an Element as designated by the creator.\n\nThe name of an Element is an important convention and easier to refer to than\nthe URI.", - "metadata": { - "name": "name", - "Nature": "DataProperty", - "Range": "xsd:string" + "ext_prop_restrs": { + "/Core/Artifact/releaseTime": { + "minCount": "1" + }, + "/Core/Artifact/suppliedBy": { + "minCount": "1" + }, + "/Software/Package/downloadLocation": { + "minCount": "1" + }, + "/Software/Package/packageVersion": { + "minCount": "1" + }, + "/Software/SoftwareArtifact/primaryPurpose": { + "minCount": "1" + } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/name", - "used_in": [ + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/AIPackage", + "fqsupercname": "/Software/Package", + "inheritance_stack": [ + "/Software/Package", + "/Software/SoftwareArtifact", + "/Core/Artifact", "/Core/Element" - ] - }, - "/Core/endTime": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "endTime", - "fqname": "/Core/endTime", - "summary": "Specifies the time from which an element is no longer applicable / valid.", - "description": "An endTime specifies the time from which element is no longer applicable\n/ valid.", - "metadata": { - "name": "endTime", - "Nature": "DataProperty", - "Range": "DateTime" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/endTime", - "used_in": [ - "/Core/Relationship" - ] - }, - "/Core/definingArtifact": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "definingArtifact", - "fqname": "/Core/definingArtifact", - "summary": "Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element.", - "description": "A definingArtifact property is used to link the Element identifier for an\nElement defined external to a given SpdxDocument to an Artifact Element\nrepresenting the SPDX serialization instance which contains the definition for\nthe Element.", - "metadata": { - "name": "definingArtifact", - "Nature": "ObjectProperty", - "Range": "Artifact" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact", - "used_in": [ - "/Core/ExternalMap" - ] - }, - "/Core/summary": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "summary", - "fqname": "/Core/summary", - "summary": "A short description of an Element.", - "description": "A summary is a short description of an Element. Here, the intent is to allow\nthe Element creator to provide concise information about the function or use of\nthe Element.", - "metadata": { - "name": "summary", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/summary", - "used_in": [ - "/Core/Element" - ] - }, - "/Core/to": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "to", - "fqname": "/Core/to", - "summary": "References an Element on the right-hand side of a relationship.", - "description": "This field references an Element on the right-hand side of a relationship.\n\nIf it is not provided, it indicates that there are no known relationships of\nthe given type.", - "metadata": { - "name": "to", - "Nature": "ObjectProperty", - "Range": "Element" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/to", - "used_in": [ - "/Core/Relationship" - ] - }, - "/Core/originatedBy": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "originatedBy", - "fqname": "/Core/originatedBy", - "summary": "Identifies from where or whom the Element originally came.", - "description": "OriginatedBy identifies from where or whom the Element originally came.", - "metadata": { - "name": "originatedBy", - "Nature": "ObjectProperty", - "Range": "Agent" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy", - "used_in": [ - "/Core/Artifact" - ] - }, - "/Core/created": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "created", - "fqname": "/Core/created", - "summary": "Identifies when the Element was originally created.", - "description": "Created is a date that identifies when the Element was originally created.\n\nThe time stamp can serve as an indication as to whether the analysis needs to\nbe updated.\n\nThis is often the date of last change (e.g., a git commit date), not the date\nwhen the SPDX data was created, as doing so supports reproducible builds.", - "metadata": { - "name": "created", - "Nature": "DataProperty", - "Range": "DateTime" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/created", - "used_in": [ - "/Core/CreationInfo" - ] - }, - "/Core/comment": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "comment", - "fqname": "/Core/comment", - "summary": "Provide consumers with comments by the creator of the Element about the\nElement.", - "description": "A comment is an optional field for creators of the Element to provide comments\nto the readers/reviewers of the document.", - "metadata": { - "name": "comment", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/comment", - "used_in": [ - "/Core/ExternalRef", - "/Core/CreationInfo", - "/Core/ExternalIdentifier", - "/Core/IntegrityMethod", - "/Core/Element" - ] - }, - "/Core/relationshipType": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "relationshipType", - "fqname": "/Core/relationshipType", - "summary": "Information about the relationship between two Elements.", - "description": "This field provides information about the relationship between two Elements.\nFor example, you can represent a relationship between two different Files,\nbetween a Package and a File, between two Packages, or between one SPDXDocument and another SPDXDocument.", - "metadata": { - "name": "relationshipType", - "Nature": "ObjectProperty", - "Range": "RelationshipType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType", - "used_in": [ - "/Core/Relationship" - ] - }, - "/Core/namespaceMap": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "namespaceMap", - "fqname": "/Core/namespaceMap", - "summary": "Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance.", - "description": "This field provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance.", - "metadata": { - "name": "namespaceMap", - "Nature": "ObjectProperty", - "Range": "NamespaceMap" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap", - "used_in": [ - "/Core/SpdxDocument" - ] - }, - "/Core/builtTime": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "builtTime", - "fqname": "/Core/builtTime", - "summary": "Specifies the time an artifact was built.", - "description": "A builtTime specifies the time an artifact was built.", - "metadata": { - "name": "builtTime", - "Nature": "DataProperty", - "Range": "DateTime" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime", - "used_in": [ - "/Core/Artifact" - ] - }, - "/Core/namespace": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "namespace", - "fqname": "/Core/namespace", - "summary": "Provides an unambiguous mechanism for conveying a URI fragment portion of an\nElementID.", - "description": "A namespace provides an unambiguous mechanism for conveying a URI fragment\nportion of an ElementID.", - "metadata": { - "name": "namespace", - "Nature": "DataProperty", - "Range": "xsd:anyURI" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/namespace", - "used_in": [ - "/Core/NamespaceMap" - ] - }, - "/Core/identifierLocator": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "identifierLocator", - "fqname": "/Core/identifierLocator", - "summary": "Provides the location for more information regarding an external identifier.", - "description": "Identifiers are not always structured as URIs. An identifierLocator is a\nlocation hint (a URL) that provides contextual information relevant to the\nidentifier.", - "metadata": { - "name": "identifierLocator", - "Nature": "DataProperty", - "Range": "xsd:anyURI" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator", - "used_in": [ - "/Core/ExternalIdentifier" - ] - }, - "/Core/annotationType": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "annotationType", - "fqname": "/Core/annotationType", - "summary": "Describes the type of annotation.", - "description": "An annotationType describes the type of an annotation.", - "metadata": { - "name": "annotationType", - "Nature": "ObjectProperty", - "Range": "AnnotationType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType", - "used_in": [ - "/Core/Annotation" - ] - }, - "/Core/statement": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "statement", - "fqname": "/Core/statement", - "summary": "Commentary on an assertion that an annotator has made.", - "description": "A statement is a commentary on an assertion that an annotator has made.", - "metadata": { - "name": "statement", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/statement", - "used_in": [ - "/Core/Annotation" - ] - }, - "/Core/releaseTime": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "releaseTime", - "fqname": "/Core/releaseTime", - "summary": "Specifies the time an artifact was released.", - "description": "A releaseTime specifies the time an artifact was released.", - "metadata": { - "name": "releaseTime", - "Nature": "DataProperty", - "Range": "DateTime" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime", - "used_in": [ - "/Core/Artifact" - ] - }, - "/Core/externalIdentifier": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "externalIdentifier", - "fqname": "/Core/externalIdentifier", - "summary": "Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element.", - "description": "ExternalIdentifier points to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element.", - "metadata": { - "name": "externalIdentifier", - "Nature": "ObjectProperty", - "Range": "ExternalIdentifier" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier", - "used_in": [ - "/Core/Element" - ] - }, - "/Core/issuingAuthority": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "issuingAuthority", - "fqname": "/Core/issuingAuthority", - "summary": "An entity that is authorized to issue identification credentials.", - "description": "An issuingAuthority is an entity that is authorized to issue identification\ncredentials.\n\nThe entity may be a government, non-profit, educational institution, or\ncommercial enterprise.\n\nThe string provides a unique identifier for the issuing authority.", - "metadata": { - "name": "issuingAuthority", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority", - "used_in": [ - "/Core/ExternalIdentifier" - ] - }, - "/Core/standardName": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "standardName", - "fqname": "/Core/standardName", - "summary": "The name of a relevant standard that may apply to an artifact.", - "description": "Various standards may be relevant to useful to capture for specific artifacts.", - "metadata": { - "name": "standardName", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/standardName", - "used_in": [ - "/Core/Artifact" - ] - }, - "/Core/validUntilTime": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "validUntilTime", - "fqname": "/Core/validUntilTime", - "summary": "Specifies until when the artifact can be used before its usage needs to be\nreassessed.", - "description": "A validUntilTime specifies until when the artifact can be used before its usage\nneeds to be reassessed.", - "metadata": { - "name": "validUntilTime", - "Nature": "DataProperty", - "Range": "DateTime" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime", - "used_in": [ - "/Core/Artifact" - ] - }, - "/Core/createdBy": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "createdBy", - "fqname": "/Core/createdBy", - "summary": "Identifies who or what created the Element.", - "description": "CreatedBy identifies who or what created the Element.\n\nThe generation method will assist the recipient of the Element in assessing\nthe general reliability/accuracy of the analysis information.", - "metadata": { - "name": "createdBy", - "Nature": "ObjectProperty", - "Range": "Agent" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy", - "used_in": [ - "/Core/CreationInfo" - ] - }, - "/Core/algorithm": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "algorithm", - "fqname": "/Core/algorithm", - "summary": "Specifies the algorithm used for calculating the hash value.", - "description": "An algorithm specifies the algorithm that was used for calculating the hash\nvalue.", - "metadata": { - "name": "algorithm", - "Nature": "ObjectProperty", - "Range": "HashAlgorithm" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm", - "used_in": [ - "/Core/Hash", - "/Core/PackageVerificationCode" - ] - }, - "/Core/verifiedUsing": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "verifiedUsing", - "fqname": "/Core/verifiedUsing", - "summary": "Provides an IntegrityMethod with which the integrity of an Element can be\nasserted.", - "description": "VerifiedUsing provides an IntegrityMethod with which the integrity of an\nElement can be asserted.\n\nPlease note that different profiles may also provide additional methods for\nverifying the integrity of specific subclasses of Elements.", - "metadata": { - "name": "verifiedUsing", - "Nature": "ObjectProperty", - "Range": "IntegrityMethod" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing", - "used_in": [ - "/Core/ExternalMap", - "/Core/Element" - ] - }, - "/Core/rootElement": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "rootElement", - "fqname": "/Core/rootElement", - "summary": "This property is used to denote the root Element(s) of a tree of elements contained in a BOM.", - "description": "This property is used to denote the root Element(s) of a tree of elements contained in a BOM.\nThe tree consists of other elements directly and indirectly related through properties or Relationships from the root.", - "metadata": { - "name": "rootElement", - "Nature": "ObjectProperty", - "Range": "Element" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement", - "used_in": [ - "/Core/ElementCollection" - ] - }, - "/Core/hashValue": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "hashValue", - "fqname": "/Core/hashValue", - "summary": "The result of applying a hash algorithm to an Element.", - "description": "HashValue is the result of applying a hash algorithm to an Element.", - "metadata": { - "name": "hashValue", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue", - "used_in": [ - "/Core/Hash", - "/Core/PackageVerificationCode" - ] - }, - "/Core/creationInfo": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "creationInfo", - "fqname": "/Core/creationInfo", - "summary": "Provides information about the creation of the Element.", - "description": "CreationInfo provides information about the creation of the Element.", - "metadata": { - "name": "creationInfo", - "Nature": "ObjectProperty", - "Range": "CreationInfo" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo", - "used_in": [ - "/Core/Element" - ] - }, - "/Core/externalSpdxId": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "externalSpdxId", - "fqname": "/Core/externalSpdxId", - "summary": "Identifies an external Element used within a Document but defined external to\nthat Document.", - "description": "ExternalSpdxId identifies an external Element used within a Document but\ndefined external to that Document.", - "metadata": { - "name": "externalSpdxId", - "Nature": "DataProperty", - "Range": "xsd:anyURI" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId", - "used_in": [ - "/Core/ExternalMap" - ] - }, - "/Core/context": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "context", - "fqname": "/Core/context", - "summary": "Gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under.", - "description": "A context gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under.", - "metadata": { - "name": "context", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/context", - "used_in": [ - "/Core/Bundle" - ] - }, - "/Core/subject": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "subject", - "fqname": "/Core/subject", - "summary": "An Element an annotator has made an assertion about.", - "description": "A subject is an Element an annotator has made an assertion about.", - "metadata": { - "name": "subject", - "Nature": "ObjectProperty", - "Range": "Element" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/subject", - "used_in": [ - "/Core/Annotation" - ] - }, - "/Core/prefix": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "prefix", - "fqname": "/Core/prefix", - "summary": "A substitute for a URI.", - "description": "A prefix is a substitute for a URI.", - "metadata": { - "name": "prefix", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/prefix", - "used_in": [ - "/Core/NamespaceMap" - ] - }, - "/Core/element": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "element", - "fqname": "/Core/element", - "summary": "Refers to one or more Elements that are part of an ElementCollection.", - "description": "This field refers to one or more Elements that are part of an\nElementCollection.", - "metadata": { - "name": "element", - "Nature": "ObjectProperty", - "Range": "Element" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/element", - "used_in": [ - "/Core/ElementCollection" - ] - }, - "/Core/profileConformance": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "profileConformance", - "fqname": "/Core/profileConformance", - "summary": "Describes one a profile which the creator of this ElementCollection intends to\nconform to.", - "description": "Describes a profile to which the creator of this ElementCollection intends to\nconform.\n\nThe profileConformance will apply to all Elements contained within the\ncollection as well as the collection itself.\n\nConformance to a profile is defined by the additional restrictions documented\nin the profile specific documentation and schema files.\n\nUse of this property allows the creator of an ElementCollection to communicate\nto consumers their intent to adhere to the profile additional restrictions.\n\nThe profileConformance has a default value of core if no other\nprofileConformance is specified since all ElementCollections and Element must\nadhere to the core profile.", - "metadata": { - "name": "profileConformance", - "Nature": "ObjectProperty", - "Range": "ProfileIdentifierType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance", - "used_in": [ - "/Core/ElementCollection" - ] - }, - "/Core/key": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "key", - "fqname": "/Core/key", - "summary": "A key used in a generic key-value pair.", - "description": "A key used in generic a key-value pair.\n\nA key-value pair can be used to implement a dictionary which associates a key\nwith a value.", - "metadata": { - "name": "key", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/key", - "used_in": [ - "/Core/DictionaryEntry" - ] - }, - "/Core/createdUsing": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "createdUsing", - "fqname": "/Core/createdUsing", - "summary": "Identifies the tooling that was used during the creation of the Element.", - "description": "CreatedUsing identifies the tooling that was used during the creation of the\nElement.\n\nThe generation method will assist the recipient of the Element in assessing\nthe general reliability/accuracy of the analysis information.", - "metadata": { - "name": "createdUsing", - "Nature": "ObjectProperty", - "Range": "Tool" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing", - "used_in": [ - "/Core/CreationInfo" - ] - }, - "/Core/dataLicense": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "dataLicense", - "fqname": "/Core/dataLicense", - "summary": "Provides the license under which the SPDX documentation of the Element can be\nused.", - "description": "The data license provides the license under which the SPDX documentation of the Element can be used.\n\nThis is to alleviate any concern that content (the data or database) in an SPDX file\nis subject to any form of intellectual property right that could restrict the re-use\nof the information or the creation of another SPDX file for the same project(s).\n\nThis approach avoids intellectual property and related restrictions over the SPDX file,\nhowever individuals can still contract with each other to restrict release\nof specific collections of SPDX files (which map to software bill of materials)\nand the identification of the supplier of SPDX files.\n\nCompliance with this document includes populating the SPDX fields therein\nwith data related to such fields (\"SPDX-Metadata\").\n\n\nThis document contains numerous fields where an SPDX file creator may provide\nrelevant explanatory text in SPDX-Metadata. Without opining on the lawfulness\nof \"database rights\" (in jurisdictions where applicable),\nsuch explanatory text is copyrightable subject matter in most Berne Convention countries.\n\nBy using the SPDX specification, or any portion hereof,\nyou hereby agree that any copyright rights (as determined by your jurisdiction)\nin any SPDX-Metadata, including without limitation explanatory text,\nshall be subject to the terms of the Creative Commons CC0 1.0 Universal license.\n\nFor SPDX-Metadata not containing any copyright rights,\nyou hereby agree and acknowledge that the SPDX-Metadata is provided to you \"as-is\"\nand without any representations or warranties of any kind concerning the SPDX-Metadata,\nexpress, implied, statutory or otherwise, including without limitation warranties\nof title, merchantability, fitness for a particular purpose, non-infringement,\nor the absence of latent or other defects, accuracy, or the presence or absence of errors,\nwhether or not discoverable, all to the greatest extent permissible under applicable law.", - "metadata": { - "name": "dataLicense", - "Nature": "ObjectProperty", - "Range": "/SimpleLicensing/AnyLicenseInfo" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense", - "used_in": [ - "/Core/SpdxDocument" - ] - } - }, - "vocabularies": { - "/Core/RelationshipCompleteness": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "RelationshipCompleteness", - "fqname": "/Core/RelationshipCompleteness", - "summary": "Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness.", - "description": "RelationshipCompleteness indicates whether the provided relationship is known to be complete, known to be incomplete, or if no assertion is made by the relationship creator.", - "metadata": { - "name": "RelationshipCompleteness" - }, - "entries": { - "incomplete": "The relationship is known not to be exhaustive.", - "complete": "The relationship is known to be exhaustive.", - "noAssertion": "No assertion can be made about the completeness of the relationship." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" - }, - "/Core/ExternalRefType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "ExternalRefType", - "fqname": "/Core/ExternalRefType", - "summary": "Specifies the type of an external reference.", - "description": "ExternalRefType specifies the type of an external reference.", - "metadata": { - "name": "ExternalRefType" - }, - "entries": { - "altDownloadLocation": "A reference to an alternative download location.", - "altWebPage": "A reference to an alternative web page.", - "binaryArtifact": "A reference to binary artifacts related to a package.", - "bower": "A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install).", - "buildMeta": "A reference build metadata related to a published package.", - "buildSystem": "A reference build system used to create or publish the package.", - "chat": "A reference to the instant messaging system used by the maintainer for a package.", - "certificationReport": "A reference to a certification report for a package from an accredited/independent body.", - "componentAnalysisReport": "A reference to a Software Composition Analysis (SCA) report.", - "cwe": "[Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/).", - "documentation": "A reference to the documentation for a package.", - "dynamicAnalysisReport": "A reference to a dynamic analysis report for a package.", - "eolNotice": "A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package.", - "exportControlAssessment": "A reference to a export control assessment for a package.", - "funding": "A reference to funding information related to a package.", - "issueTracker": "A reference to the issue tracker for a package.", - "mailingList": "A reference to the mailing list used by the maintainer for a package.", - "mavenCentral": "A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html).", - "metrics": "A reference to metrics related to package such as OpenSSF scorecards.", - "npm": "A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json).", - "nuget": "A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org).", - "license": "A reference to additional license information related to an artifact.", - "other": "Used when the type does not match any of the other options.", - "privacyAssessment": "A reference to a privacy assessment for a package.", - "productMetadata": "A reference to additional product metadata such as reference within organization's product catalog.", - "purchaseOrder": "A reference to a purchase order for a package.", - "qualityAssessmentReport": "A reference to a quality assessment for a package.", - "releaseNotes": "A reference to the release notes for a package.", - "releaseHistory": "A reference to a published list of releases for a package.", - "riskAssessment": "A reference to a risk assessment for a package.", - "runtimeAnalysisReport": "A reference to a runtime analysis report for a package.", - "secureSoftwareAttestation": "A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form).", - "securityAdvisory": "A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries.", - "securityAdversaryModel": "A reference to the security adversary model for a package.", - "securityFix": "A reference to the patch or source code that fixes a vulnerability.", - "securityOther": "A reference to related security information of unspecified type.", - "securityPenTestReport": "A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package.", - "securityPolicy": "A reference to instructions for reporting newly discovered security vulnerabilities for a package.", - "securityThreatModel": "A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package.", - "socialMedia": "A reference to a social media channel for a package.", - "sourceArtifact": "A reference to an artifact containing the sources for a package.", - "staticAnalysisReport": "A reference to a static analysis report for a package.", - "support": "A reference to the software support channel or other support information for a package.", - "vcs": "A reference to a version control system related to a software artifact.", - "vulnerabilityDisclosureReport": "A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final).", - "vulnerabilityExploitabilityAssessment": "A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf)." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" - }, - "/Core/HashAlgorithm": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "HashAlgorithm", - "fqname": "/Core/HashAlgorithm", - "summary": "A mathematical algorithm that maps data of arbitrary size to a bit string.", - "description": "A HashAlgorithm is a mathematical algorithm that maps data of arbitrary size to\na bit string (the hash) and is a one-way function, that is, a function which is\npractically infeasible to invert.", - "metadata": { - "name": "HashAlgorithm" - }, - "entries": { - "blake2b256": "BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4.", - "blake2b384": "BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4.", - "blake2b512": "BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4.", - "blake3": "[BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf)", - "crystalsDilithium": "[Dilithium](https://pq-crystals.org/dilithium/)", - "crystalsKyber": "[Kyber](https://pq-crystals.org/kyber/)", - "falcon": "[FALCON](https://falcon-sign.info/falcon.pdf)", - "md2": "MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/).", - "md4": "MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186).", - "md5": "MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321).", - "md6": "[MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf)", - "other": "any hashing algorithm that does not exist in this list of entries", - "sha1": "SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174).", - "sha224": "SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874).", - "sha256": "SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234).", - "sha384": "SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234).", - "sha512": "SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234).", - "sha3_224": "SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).", - "sha3_256": "SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).", - "sha3_384": "SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).", - "sha3_512": "SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" - }, - "/Core/PresenceType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "PresenceType", - "fqname": "/Core/PresenceType", - "summary": "Categories of presence or absence.", - "description": "This type is used to indicate if a given field is present or absent or unknown.", - "metadata": { - "name": "PresenceType" - }, - "entries": { - "yes": "Indicates presence of the field.", - "no": "Indicates absence of the field.", - "noAssertion": "Makes no assertion about the field." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" - }, - "/Core/ExternalIdentifierType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "ExternalIdentifierType", - "fqname": "/Core/ExternalIdentifierType", - "summary": "Specifies the type of an external identifier.", - "description": "ExteralIdentifierType specifies the type of an external identifier.", - "metadata": { - "name": "ExternalIdentifierType" - }, - "entries": { - "cpe22": "[Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf)", - "cpe23": "[Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final)", - "cve": "Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id).", - "email": "Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3.", - "gitoid": "[Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property.", - "other": "Used when the type does not match any of the other options.", - "packageUrl": "[package URL](https://github.com/package-url/purl-spec)", - "securityOther": "Used when there is a security related identifier of unspecified type.", - "swhid": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`.", - "swid": "Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3.", - "urlScheme": "[Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" - }, - "/Core/AnnotationType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "AnnotationType", - "fqname": "/Core/AnnotationType", - "summary": "Specifies the type of an annotation.", - "description": "AnnotationType specifies the type of an annotation.", - "metadata": { - "name": "AnnotationType" - }, - "entries": { - "other": "Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element).", - "review": "Used when someone reviews the Element." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" - }, - "/Core/SupportType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "SupportType", - "fqname": "/Core/SupportType", - "summary": "Indicates the type of support that is associated with an artifact.", - "description": "SupportType is an enumeration of the various types of support commonly found for artifacts in the software supply chain. Specific details of what that support entails are provided by agreements between the producer and consumer of the artifact.", - "metadata": { - "name": "SupportType" - }, - "entries": { - "development": "the artifact is in active development and is not considered ready for formal support from the supplier.", - "support": "the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support.", - "deployed": "in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service.", - "limitedSupport": "the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support.", - "endOfSupport": "there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact.", - "noSupport": "there is no support for the artifact from the supplier, consumer assumes any support obligations.", - "noAssertion": "no assertion about the type of support is made. This is considered the default if no other support type is used." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" - }, - "/Core/LifecycleScopeType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "LifecycleScopeType", - "fqname": "/Core/LifecycleScopeType", - "summary": "Provide an enumerated set of lifecycle phases that can provide context to relationships.", - "description": "This enumeration summarizes common phases when dependency and other relationships, have different implications, based on their context. For example, a build dependency, may have different implications than a operational dependency.", - "metadata": { - "name": "LifecycleScopeType" - }, - "entries": { - "design": "A relationship has specific context implications during an element's design.", - "development": "A relationship has specific context implications during development phase of an element.", - "build": "A relationship has specific context implications during an element's build phase, during development.", - "test": "A relationship has specific context implications during an element's testing phase, during development.", - "runtime": "A relationship has specific context implications during the execution phase of an element.", - "other": "A relationship has other specific context information necessary to capture that the above set of enumerations does not handle." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" - }, - "/Core/RelationshipType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "RelationshipType", - "fqname": "/Core/RelationshipType", - "summary": "Information about the relationship between two Elements.", - "description": "Provides information about the relationship between two Elements.\nFor example, you can represent a relationship between two different Files,\nbetween a Package and a File, between two Packages, or between one SPDXDocument\nand another SPDXDocument.\n\nRelationship names be descriptive enough to easily deduce the correct direction\nfrom their name. The best way to do this is to make sure that the relationship\nname completes the sentence:\n\n`from` (is) (a) `RELATIONSHIP` `to`", - "metadata": { - "name": "RelationshipType" - }, - "entries": { - "affects": "(Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships.", - "amendedBy": "The `from` Element is amended by each `to` Element.", - "ancestorOf": "The `from` Element is an ancestor of each `to` Element.", - "availableFrom": "The `from` Element is available from the additional supplier described by each `to` Element.", - "configures": "The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period.", - "contains": "The `from` Element contains each `to` Element.", - "coordinatedBy": "(Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent).", - "copiedTo": "The `from` Element has been copied to each `to` Element.", - "delegatedTo": "The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`).", - "dependsOn": "The `from` Element depends on each `to` Element, during a LifecycleScopeType period.", - "descendantOf": "The `from` Element is a descendant of each `to` Element.", - "describes": "The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used.", - "doesNotAffect": "(Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships.", - "expandsTo": "The `from` archive expands out as an artifact described by each `to` Element.", - "exploitCreatedBy": "(Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent.", - "fixedBy": "(Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s).", - "fixedIn": "(Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships.", - "foundBy": "(Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s).", - "generates": "The `from` Element generates each `to` Element.", - "hasAddedFile": "Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`).", - "hasAssessmentFor": "(Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types.", - "hasAssociatedVulnerability": "(Security) Used to associate a `from` Artifact with each `to` Vulnerability.", - "hasConcludedLicense": "The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license.", - "hasDataFile": "The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency.", - "hasDeclaredLicense": "The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling.", - "hasDeletedFile": "Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`).", - "hasDependencyManifest": "The `from` Element has manifest files that contain dependency information in each `to` Element.", - "hasDistributionArtifact": "The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file).", - "hasDocumentation": "The `from` Element is documented by each `to` Element.", - "hasDynamicLink": "The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period.", - "hasEvidence": "(Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`).", - "hasExample": "Every `to` Element is an example for the `from` Element (`from` hasExample `to`).", - "hasHost": "The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on).", - "hasInputs": "The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period.", - "hasMetadata": "Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`).", - "hasOptionalComponent": "Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`).", - "hasOptionalDependency": "The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period.", - "hasOutputs": "The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period.", - "hasPrerequisite": "The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period.", - "hasProvidedDependency": "The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period.", - "hasRequirement": "The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period.", - "hasSpecification": "Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period.", - "hasStaticLink": "The `from` Element statically links in each `to` Element, during a LifecycleScopeType period.", - "hasTest": "Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period.", - "hasTestCase": "Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`).", - "hasVariant": "Every `to` Element is a variant the `from` Element (`from` hasVariant `to`).", - "invokedBy": "The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step).", - "modifiedBy": "The `from` Element is modified by each `to` Element.", - "other": "Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless).", - "packagedBy": "Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`).", - "patchedBy": "Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`).", - "publishedBy": "(Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent.", - "reportedBy": "(Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent.", - "republishedBy": "(Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent.", - "serializedInArtifact": "The `from` SPDXDocument can be found in a serialized form in each `to` Artifact.", - "testedOn": "(AI, Dataset) The `from` Element has been tested on the `to` Element(s).", - "trainedOn": "(AI, Dataset) The `from` Element has been trained on the `to` Element(s).", - "underInvestigationFor": "(Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships.", - "usesTool": "The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - }, - "/Core/ProfileIdentifierType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "ProfileIdentifierType", - "fqname": "/Core/ProfileIdentifierType", - "summary": "Enumeration of the valid profiles.", - "description": "There are a set of profiles that have been defined by a profile team.\n\nA profile consists of a namespace that may add properties and classes to the\ncore profile unique to the domain covered by the profile.\n\nThe profile may also contain additional restrictions on existing properties and\nclasses defined in other profiles.\n\nIf the creator of an SPDX collection of elements includes a profile in the list\nof profileConformance, they are claiming that all contained elements conform\nto all restrictions defined for that profile.", - "metadata": { - "name": "ProfileIdentifierType" - }, - "entries": { - "core": "the element follows the Core profile specification", - "software": "the element follows the Software profile specification", - "simpleLicensing": "the element follows the simple Licensing profile specification", - "expandedLicensing": "the element follows the expanded Licensing profile specification", - "security": "the element follows the Security profile specification", - "build": "the element follows the Build profile specification", - "ai": "the element follows the AI profile specification", - "dataset": "the element follows the Dataset profile specification", - "extension": "the element follows the Extension profile specification", - "lite": "the element follows the Lite profile specification" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" - } - }, - "individuals": { - "/Core/NoneElement": { - "py/object": "spec_parser.model.Individual", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "NoneElement", - "fqname": "/Core/NoneElement", - "summary": "An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero.", - "description": "NoneLicenseElement should be used if the SPDX creator desires to assert that\nthere are NO elements for the given context of use.\n\nFor example, a Relationship with `from`=Element1,\n`relationshipType`=\"ancestorOf\", and `to`=NONE is explicitly expressing an\nassertion that Element1 has no descendents.", - "metadata": { - "name": "NoneElement", - "type": "Element", - "IRI": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement" - }, - "values": { - "name": "\"NONE\"" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement" - }, - "/Core/NoAssertionElement": { - "py/object": "spec_parser.model.Individual", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "NoAssertionElement", - "fqname": "/Core/NoAssertionElement", - "summary": "An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number).", - "description": "NoAssertionElement should be used if\n\n- the SPDX creator has attempted to but cannot reach a reasonable objective\n determination;\n- the SPDX creator has made no attempt to determine this field; or\n- the SPDX creator has intentionally provided no information (no meaning should\n be implied by doing so).\n\nFor example, a Relationship with `from`=Element1,\n`relationshipType`=\"ancestorOf\", and `to`=NOASSERTION is explicitly expressing\nthat no assertion is being made about any potential descendents of Element1.", - "metadata": { - "name": "NoAssertionElement", - "type": "Element", - "IRI": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement" - }, - "values": { - "name": "\"NOASSERTION\"" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement" - } - }, - "datatypes": { - "/Core/DateTime": { - "py/object": "spec_parser.model.Datatype", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "DateTime", - "fqname": "/Core/DateTime", - "summary": "A string representing a specific date and time.", - "description": "A Datetime is a string representation of a specific date and time.\n\nIt has resolution of seconds and is always expressed in UTC timezone.\n\nThe specific format is one of the most commonly used ISO-8601 formats.", - "metadata": { - "name": "DateTime", - "SubclassOf": "xsd:dateTimeStamp" - }, - "format": { - "pattern": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/DateTime" - }, - "/Core/SemVer": { - "py/object": "spec_parser.model.Datatype", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "SemVer", - "fqname": "/Core/SemVer", - "summary": "A string constrained to the SemVer 2.0.0 specification.", - "description": "A semantic version is a string that is following the specification of\n[Semantic Versioning 2.0.0](https://semver.org/).", - "metadata": { - "name": "SemVer", - "SubclassOf": "xsd:string" - }, - "format": { - "pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SemVer" - }, - "/Core/MediaType": { - "py/object": "spec_parser.model.Datatype", - "ns": { - "py/id": 77 - }, - "license": "Community-Spec-1.0", - "name": "MediaType", - "fqname": "/Core/MediaType", - "summary": "Standardized way of indicating the type of content of an Element or a Property.\nA String constrained to the RFC 2046 specificiation.", - "description": "A MediaType is a string constrained to the\n[RFC 2046 MIME Part Two: Media Types](https://www.rfc-editor.org/info/rfc2046).\nIt provides a standardized way of indicating the type of content of an Element\nor a Property.\n\n**Examples**\n\n- `application/java-archive`\n- `application/vcard+json`\n- `application/vnd.oasis.opendocument.text`\n- `image/avif`\n- `text/csv;charset=UTF-8`\n- `text/javascript`\n- `text/spdx`\n\nA list of all possible media types is available at\n[IANA Protocol Registries](https://www.iana.org/assignments/media-types/media-types.xhtml).", - "metadata": { - "name": "MediaType", - "SubclassOf": "xsd:string" - }, - "format": { - "pattern": "^[^\\/]+\\/[^\\/]+$" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core/MediaType" - } - }, - "license": "Community-Spec-1.0", - "name": "Core", - "summary": "The basis for all SPDX profiles.", - "description": "The Core namespace defines foundational concepts serving as the basis for all\nSPDX-3.0 profiles.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/Core", - "name": "Core" - }, - "conformance": null, - "iri": "https://spdx.org/rdf/3.0.1/terms/Core" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": {}, - "properties": {}, - "vocabularies": {}, - "individuals": {}, - "datatypes": {}, - "license": "Community-Spec-1.0", - "name": "Lite", - "summary": "The SPDX Lite profile defines a subset of the SPDX specification, from the\npoint of view of use cases in some industries. SPDX Lite aims at the balance\nbetween the SPDX standard and actual workflows in some industries.", - "description": "The SPDX Lite profile consists of mandatory fields from the Document Creation\nand Package Information sections and other basic information.\n\nThe mandatory part of the Package information in SPDX Lite is basic but useful\nfor complying with licenses. It is easy to understand licensing information by\nreading an SPDX Lite file. It is easy to create manually an SPDX Lite file by\nanyone who does not have enough knowledge about licensing information, so that\ntools are not necessarily required to create an SPDX Lite file.\n\nSPDX Lite has affinity with SPDX tools due to its containing the mandatory part\nof the Document Creation and Package Information in the SPDX Lite definition.\n\nAn SPDX Lite document can be used in parallel with SPDX documents in software\nsupply chains.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/Lite", - "name": "Lite" - }, - "conformance": "In addition to the following, please refer to the Annex for elements defined in\nother profiles that should be included as part of the Lite profile.\n\nFor a /Software/Package to be conformant with this profile,\nthe following has to hold:\n\n1. The mincount for `/Core/Element/name` is 1\n1. The mincount for `/Software/Package/packageVersion` is 1\n1. The mincount for `/Software/SoftwareArtifact/copyrightText` is 1\n1. for every `/Software/Package` there MUST exist exactly one\n `/Core/Relationship` of type `hasConcludedLicense` having that element as\n its `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.\n1. for every `/Software/Package` there MUST exist exactly one\n `/Core/Relationship` of type `hasDeclaredLicense` having that element as its\n `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.", - "iri": "https://spdx.org/rdf/3.0.1/terms/Lite" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": { - "/Build/Build": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 729 - }, - "license": "Community-Spec-1.0", - "name": "Build", - "fqname": "/Build/Build", - "summary": "Class that describes a build instance of software/artifacts.", - "description": "A build is a representation of the process in which a piece of software or\nartifact is built. It encapsulates information related to a build process and\nprovides an element from which relationships can be created to describe the\nbuild's inputs, outputs, and related entities (e.g. builders, identities,\netc.).\n\nDefinitions of \"buildType\", \"configSourceEntrypoint\", \"configSourceUri\",\n\"parameters\" and \"environment\" follow those defined in\n[SLSA Provenance v0.2](https://slsa.dev/provenance/v0.2).\n\nExternalIdentifier of type \"urlScheme\" may be used to identify build logs.\nIn this case, the comment of the ExternalIdentifier should be \"LogReference\".\n\nNote that buildStartTime and buildEndTime are optional, and may be omitted to\nsimplify creating reproducible builds.", - "metadata": { - "name": "Build", - "SubclassOf": "/Core/Element", - "Instantiability": "Concrete" - }, - "properties": { - "buildType": { - "type": "xsd:anyURI", - "minCount": "1", + ], + "all_properties": { + "autonomyType": { + "type": "/Core/PresenceType", + "minCount": "0", "maxCount": "1", - "fqname": "/Build/buildType" + "fqname": "/AI/autonomyType", + "fullname": "/AI/autonomyType", + "fulltype": "/Core/PresenceType" }, - "buildId": { + "domain": { "type": "xsd:string", "minCount": "0", + "fqname": "/AI/domain", + "maxCount": "*", + "fullname": "/AI/domain", + "fulltype": "xsd:string" + }, + "energyConsumption": { + "type": "EnergyConsumption", + "minCount": "0", "maxCount": "1", - "fqname": "/Build/buildId" + "fqname": "/AI/energyConsumption", + "fullname": "/AI/energyConsumption", + "fulltype": "/AI/EnergyConsumption" }, - "configSourceEntrypoint": { + "hyperparameter": { + "type": "/Core/DictionaryEntry", + "minCount": "0", + "fqname": "/AI/hyperparameter", + "maxCount": "*", + "fullname": "/AI/hyperparameter", + "fulltype": "/Core/DictionaryEntry" + }, + "informationAboutApplication": { "type": "xsd:string", "minCount": "0", - "fqname": "/Build/configSourceEntrypoint", - "maxCount": "*" + "maxCount": "1", + "fqname": "/AI/informationAboutApplication", + "fullname": "/AI/informationAboutApplication", + "fulltype": "xsd:string" }, - "configSourceUri": { - "type": "xsd:anyURI", + "informationAboutTraining": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Build/configSourceUri", - "maxCount": "*" + "maxCount": "1", + "fqname": "/AI/informationAboutTraining", + "fullname": "/AI/informationAboutTraining", + "fulltype": "xsd:string" }, - "configSourceDigest": { - "type": "/Core/Hash", + "limitation": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Build/configSourceDigest", - "maxCount": "*" + "maxCount": "1", + "fqname": "/AI/limitation", + "fullname": "/AI/limitation", + "fulltype": "xsd:string" }, - "parameters": { + "metric": { "type": "/Core/DictionaryEntry", "minCount": "0", - "fqname": "/Build/parameters", - "maxCount": "*" + "fqname": "/AI/metric", + "maxCount": "*", + "fullname": "/AI/metric", + "fulltype": "/Core/DictionaryEntry" }, - "buildStartTime": { - "type": "/Core/DateTime", + "metricDecisionThreshold": { + "type": "/Core/DictionaryEntry", "minCount": "0", - "maxCount": "1", - "fqname": "/Build/buildStartTime" + "fqname": "/AI/metricDecisionThreshold", + "maxCount": "*", + "fullname": "/AI/metricDecisionThreshold", + "fulltype": "/Core/DictionaryEntry" }, - "buildEndTime": { - "type": "/Core/DateTime", + "modelDataPreprocessing": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/modelDataPreprocessing", + "maxCount": "*", + "fullname": "/AI/modelDataPreprocessing", + "fulltype": "xsd:string" + }, + "modelExplainability": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/modelExplainability", + "maxCount": "*", + "fullname": "/AI/modelExplainability", + "fulltype": "xsd:string" + }, + "safetyRiskAssessment": { + "type": "SafetyRiskAssessmentType", "minCount": "0", "maxCount": "1", - "fqname": "/Build/buildEndTime" + "fqname": "/AI/safetyRiskAssessment", + "fullname": "/AI/safetyRiskAssessment", + "fulltype": "/AI/SafetyRiskAssessmentType" }, - "environment": { - "type": "/Core/DictionaryEntry", + "standardCompliance": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Build/environment", - "maxCount": "*" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/Build", - "fqsupercname": "/Core/Element", - "inheritance_stack": [ - "/Core/Element" - ], - "all_properties": { - "buildType": { + "fqname": "/AI/standardCompliance", + "maxCount": "*", + "fullname": "/AI/standardCompliance", + "fulltype": "xsd:string" + }, + "typeOfModel": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/AI/typeOfModel", + "maxCount": "*", + "fullname": "/AI/typeOfModel", + "fulltype": "xsd:string" + }, + "useSensitivePersonalInformation": { + "type": "/Core/PresenceType", + "minCount": "0", + "maxCount": "1", + "fqname": "/AI/useSensitivePersonalInformation", + "fullname": "/AI/useSensitivePersonalInformation", + "fulltype": "/Core/PresenceType" + }, + "packageVersion": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Software/packageVersion", + "fullname": "/Software/packageVersion", + "fulltype": "xsd:string" + }, + "downloadLocation": { "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/Build/buildType", - "fullname": "/Build/buildType", + "fqname": "/Software/downloadLocation", + "fullname": "/Software/downloadLocation", "fulltype": "xsd:anyURI" }, - "buildId": { + "packageUrl": { + "type": "xsd:anyURI", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/packageUrl", + "fullname": "/Software/packageUrl", + "fulltype": "xsd:anyURI" + }, + "homePage": { + "type": "xsd:anyURI", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/homePage", + "fullname": "/Software/homePage", + "fulltype": "xsd:anyURI" + }, + "sourceInfo": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Build/buildId", - "fullname": "/Build/buildId", + "fqname": "/Software/sourceInfo", + "fullname": "/Software/sourceInfo", "fulltype": "xsd:string" }, - "configSourceEntrypoint": { - "type": "xsd:string", + "primaryPurpose": { + "type": "SoftwarePurpose", + "minCount": "1", + "maxCount": "1", + "fqname": "/Software/primaryPurpose", + "fullname": "/Software/primaryPurpose", + "fulltype": "/Software/SoftwarePurpose" + }, + "additionalPurpose": { + "type": "SoftwarePurpose", "minCount": "0", - "fqname": "/Build/configSourceEntrypoint", + "fqname": "/Software/additionalPurpose", "maxCount": "*", - "fullname": "/Build/configSourceEntrypoint", + "fullname": "/Software/additionalPurpose", + "fulltype": "/Software/SoftwarePurpose" + }, + "copyrightText": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/copyrightText", + "fullname": "/Software/copyrightText", "fulltype": "xsd:string" }, - "configSourceUri": { - "type": "xsd:anyURI", + "attributionText": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Build/configSourceUri", + "fqname": "/Software/attributionText", "maxCount": "*", - "fullname": "/Build/configSourceUri", - "fulltype": "xsd:anyURI" + "fullname": "/Software/attributionText", + "fulltype": "xsd:string" }, - "configSourceDigest": { - "type": "/Core/Hash", + "contentIdentifier": { + "type": "ContentIdentifier", "minCount": "0", - "fqname": "/Build/configSourceDigest", + "fqname": "/Software/contentIdentifier", "maxCount": "*", - "fullname": "/Build/configSourceDigest", - "fulltype": "/Core/Hash" + "fullname": "/Software/contentIdentifier", + "fulltype": "/Software/ContentIdentifier" }, - "parameters": { - "type": "/Core/DictionaryEntry", + "originatedBy": { + "type": "Agent", "minCount": "0", - "fqname": "/Build/parameters", + "fqname": "/Core/originatedBy", "maxCount": "*", - "fullname": "/Build/parameters", - "fulltype": "/Core/DictionaryEntry" + "fullname": "/Core/originatedBy", + "fulltype": "/Core/Agent" }, - "buildStartTime": { - "type": "/Core/DateTime", + "suppliedBy": { + "type": "Agent", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" + }, + "builtTime": { + "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Build/buildStartTime", - "fullname": "/Build/buildStartTime", + "fqname": "/Core/builtTime", + "fullname": "/Core/builtTime", "fulltype": "/Core/DateTime" }, - "buildEndTime": { - "type": "/Core/DateTime", + "releaseTime": { + "type": "DateTime", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/releaseTime", + "fullname": "/Core/releaseTime", + "fulltype": "/Core/DateTime" + }, + "validUntilTime": { + "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Build/buildEndTime", - "fullname": "/Build/buildEndTime", + "fqname": "/Core/validUntilTime", + "fullname": "/Core/validUntilTime", "fulltype": "/Core/DateTime" }, - "environment": { - "type": "/Core/DictionaryEntry", + "standardName": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Build/environment", + "fqname": "/Core/standardName", "maxCount": "*", - "fullname": "/Build/environment", - "fulltype": "/Core/DictionaryEntry" + "fullname": "/Core/standardName", + "fulltype": "xsd:string" + }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*", + "fullname": "/Core/supportLevel", + "fulltype": "/Core/SupportType" }, "spdxId": { "type": "xsd:anyURI", @@ -4961,7 +2674,7 @@ "type": "xsd:string", "maxCount": "1", "fqname": "/Core/name", - "minCount": 0, + "minCount": "1", "fullname": "/Core/name", "fulltype": "xsd:string" }, @@ -5030,603 +2743,651 @@ "fulltype": "/Extension/Extension" } } + }, + "/AI/EnergyConsumption": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "EnergyConsumption", + "fqname": "/AI/EnergyConsumption", + "summary": "A class for describing the energy consumption incurred by an AI model in\ndifferent stages of its lifecycle.", + "description": "A class to denote the known or estimated energy consumption of an AI model\nduring its training, fine-tuning, and inference stages.\n\n**Syntax**\n\n```json\n{\n \"type\": \"ai_EnergyConsumption\",\n \"ai_trainingEnergyConsumption\": [\n {\n \"type\": \"ai_EnergyConsumptionDescription\",\n \"ai_energyQuantity\": \"36.5\",\n \"ai_energyUnit\": \"kilowattHour\"\n }\n ],\n \"ai_inferenceEnergyConsumption\": [\n {\n \"type\": \"ai_EnergyConsumptionDescription\",\n \"ai_energyQuantity\": \"0.042\",\n \"ai_energyUnit\": \"kilowattHour\"\n }\n ]\n}\n```", + "metadata": { + "name": "EnergyConsumption", + "Instantiability": "Concrete" + }, + "properties": { + "finetuningEnergyConsumption": { + "type": "EnergyConsumptionDescription", + "fqname": "/AI/finetuningEnergyConsumption", + "minCount": 0, + "maxCount": "*" + }, + "inferenceEnergyConsumption": { + "type": "EnergyConsumptionDescription", + "fqname": "/AI/inferenceEnergyConsumption", + "minCount": 0, + "maxCount": "*" + }, + "trainingEnergyConsumption": { + "type": "EnergyConsumptionDescription", + "fqname": "/AI/trainingEnergyConsumption", + "minCount": 0, + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "finetuningEnergyConsumption": { + "type": "EnergyConsumptionDescription", + "fqname": "/AI/finetuningEnergyConsumption", + "minCount": 0, + "maxCount": "*", + "fullname": "/AI/finetuningEnergyConsumption", + "fulltype": "/AI/EnergyConsumptionDescription" + }, + "inferenceEnergyConsumption": { + "type": "EnergyConsumptionDescription", + "fqname": "/AI/inferenceEnergyConsumption", + "minCount": 0, + "maxCount": "*", + "fullname": "/AI/inferenceEnergyConsumption", + "fulltype": "/AI/EnergyConsumptionDescription" + }, + "trainingEnergyConsumption": { + "type": "EnergyConsumptionDescription", + "fqname": "/AI/trainingEnergyConsumption", + "minCount": 0, + "maxCount": "*", + "fullname": "/AI/trainingEnergyConsumption", + "fulltype": "/AI/EnergyConsumptionDescription" + } + } + }, + "/AI/EnergyConsumptionDescription": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "EnergyConsumptionDescription", + "fqname": "/AI/EnergyConsumptionDescription", + "summary": "The class that helps note down the quantity of energy consumption and the unit\nused for measurement.", + "description": "This class is designed to store energy consumption data, including the quantity\nand the unit of measurement.\n\nThe `energyQuantity` property stores the amount of energy consumed,\nand the `energyUnit` property stores the unit used for measurement.\n\nFor example, 0.0042 kilowatt-hour of energy will have `0.042` as a value for\nproperty `energyQuantity`, and `\"kilowattHour\"` as a value for property\n`energyUnit`.\n\n**Syntax**\n\n```json\n{\n \"type\": \"ai_EnergyConsumptionDescription\",\n \"ai_energyQuantity\": \"0.042\",\n \"ai_energyUnit\": \"kilowattHour\"\n}\n```", + "metadata": { + "name": "EnergyConsumptionDescription", + "Instantiability": "Concrete" + }, + "properties": { + "energyQuantity": { + "type": "xsd:decimal", + "minCount": "1", + "maxCount": "1", + "fqname": "/AI/energyQuantity" + }, + "energyUnit": { + "type": "EnergyUnitType", + "minCount": "1", + "maxCount": "1", + "fqname": "/AI/energyUnit" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "energyQuantity": { + "type": "xsd:decimal", + "minCount": "1", + "maxCount": "1", + "fqname": "/AI/energyQuantity", + "fullname": "/AI/energyQuantity", + "fulltype": "xsd:decimal" + }, + "energyUnit": { + "type": "EnergyUnitType", + "minCount": "1", + "maxCount": "1", + "fqname": "/AI/energyUnit", + "fullname": "/AI/energyUnit", + "fulltype": "/AI/EnergyUnitType" + } + } } }, "properties": { - "/Build/configSourceUri": { + "/AI/safetyRiskAssessment": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "safetyRiskAssessment", + "fqname": "/AI/safetyRiskAssessment", + "summary": "Records the results of general safety risk assessment of the AI system.", + "description": "Records the results of general safety risk assessment of the AI system.\n\nUsing categorization according to the\n[EU general risk assessment methodology](https://ec.europa.eu/docsroom/documents/17107).\nThe methodology implements Article 20 of Regulation (EC) No 765/2008 and is\nintended to assist authorities when they assess general product safety\ncompliance.\n\nIt is important to note that this categorization differs from the one proposed\nin the EU AI Act's provisional agreement.", + "metadata": { + "name": "safetyRiskAssessment", + "Nature": "ObjectProperty", + "Range": "SafetyRiskAssessmentType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/informationAboutApplication": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "informationAboutApplication", + "fqname": "/AI/informationAboutApplication", + "summary": "Provides relevant information about the AI software, not including the model\ndescription.", + "description": "A free-form text description of how the AI model is used within the software.\n\nIt should include any relevant information, such as pre-processing steps,\nthird-party APIs, and other pertinent details.\n\nIt can also include:\n\n- Functionality provided by the AI model within the software application,\n including: any specific tasks or decisions it is designed to perform;\n any pre-processing steps that are applied to the input data before it is\n fed into the AI model for inference, such as data cleaning, normalization,\n or feature extraction;\n and any third-party APIs or services that are used in conjunction with\n the AI model, such as data sources, cloud services, or other AI models.\n- Description of any dependencies or requirements needed to run the AI model\n within the software application, including: specific hardware,\n software libraries, and operating systems.", + "metadata": { + "name": "informationAboutApplication", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/finetuningEnergyConsumption": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "finetuningEnergyConsumption", + "fqname": "/AI/finetuningEnergyConsumption", + "summary": "Specifies the amount of energy consumed when finetuning the AI model that is\nbeing used in the AI system.", + "description": "The field specifies the amount of energy consumed when finetuning the AI model\nthat is being used in the AI system.", + "metadata": { + "name": "finetuningEnergyConsumption", + "Nature": "ObjectProperty", + "Range": "EnergyConsumptionDescription" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption", + "used_in": [ + "/AI/EnergyConsumption" + ] + }, + "/AI/informationAboutTraining": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "informationAboutTraining", + "fqname": "/AI/informationAboutTraining", + "summary": "Describes relevant information about different steps of the training process.", + "description": "A detailed explanation of the training process,\nincluding the specific techniques, algorithms, and methods employed.\n\nExamples include:\n\n- training data used to train the AI model, along with any relevant details\n about its source, quality, and pre-processing steps;\n- specific training algorithms employed, including stochastic gradient descent,\n backpropagation, and reinforcement learning;\n- specific training techniques used to improve the performance or accuracy\n of the AI model, such as transfer learning, fine-tuning, or active learning;\n and\n- any evaluation metrics used to assess the performance of the AI model\n during the training process, including accuracy, precision, recall, and F1\n score.", + "metadata": { + "name": "informationAboutTraining", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/inferenceEnergyConsumption": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "configSourceUri", - "fqname": "/Build/configSourceUri", - "summary": "Property that describes the URI of the build configuration source file.", - "description": "If a build configuration exists for the toolchain or platform performing the\nbuild, the configSourceUri of a build is the URI of that build configuration.\n\nFor example, a build triggered by a GitHub Action is defined by a build\nconfiguration YAML file. In this case, the configSourceUri is the URL of that\nYAML file.", + "name": "inferenceEnergyConsumption", + "fqname": "/AI/inferenceEnergyConsumption", + "summary": "Specifies the amount of energy consumed during inference time by an AI model\nthat is being used in the AI system.", + "description": "The field specifies the amount of energy consumed during inference time by an\nAI model that is being used in the AI system.", "metadata": { - "name": "configSourceUri", + "name": "inferenceEnergyConsumption", + "Nature": "ObjectProperty", + "Range": "EnergyConsumptionDescription" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption", + "used_in": [ + "/AI/EnergyConsumption" + ] + }, + "/AI/limitation": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "limitation", + "fqname": "/AI/limitation", + "summary": "Captures a limitation of the AI software.", + "description": "A free-form text that captures a limitation of the AI package\n(or of the AI models present in the AI package).\n\nNote that this is not guaranteed to be exhaustive.\n\nFor instance, a limitation might be that the AI package cannot be used on\ndatasets from a certain demography.", + "metadata": { + "name": "limitation", "Nature": "DataProperty", - "Range": "xsd:anyURI" + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/limitation", "used_in": [ - "/Build/Build" + "/AI/AIPackage" ] }, - "/Build/parameters": { + "/AI/useSensitivePersonalInformation": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "parameters", - "fqname": "/Build/parameters", - "summary": "Property describing the parameters used in an instance of a build.", - "description": "parameters is a key-value map of all build parameters and their values that\nwere provided to the builder for a build instance. This is different from the\n[environment](environment.md) property in that the keys and values are provided\nas command line arguments or a configuration file to the builder.", + "name": "useSensitivePersonalInformation", + "fqname": "/AI/useSensitivePersonalInformation", + "summary": "Records if sensitive personal information is used during model training or\ncould be used during the inference.", + "description": "Notes if sensitive personal information is used in the training or inference of\nthe AI models.\n\nThis might include biometric data, addresses or other data that can be used to\ninfer a person's identity.\n\nRelated: `hasSensitivePersonalInformation` in `/Dataset/DatasetPackage`", "metadata": { - "name": "parameters", + "name": "useSensitivePersonalInformation", "Nature": "ObjectProperty", - "Range": "/Core/DictionaryEntry" + "Range": "/Core/PresenceType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/parameters", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation", "used_in": [ - "/Build/Build" + "/AI/AIPackage" ] }, - "/Build/configSourceDigest": { + "/AI/energyQuantity": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "configSourceDigest", - "fqname": "/Build/configSourceDigest", - "summary": "Property that describes the digest of the build configuration file used to\ninvoke a build.", - "description": "configSourceDigest is the checksum of the build configuration file used by a\nbuilder to execute a build.\n\nThis Property uses the Core model's [Hash](../../Core/Classes/Hash.md) class.", + "name": "energyQuantity", + "fqname": "/AI/energyQuantity", + "summary": "Represents the energy quantity.", + "description": "Provides the quantity information of the energy.", "metadata": { - "name": "configSourceDigest", + "name": "energyQuantity", + "Nature": "DataProperty", + "Range": "xsd:decimal" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity", + "used_in": [ + "/AI/EnergyConsumptionDescription" + ] + }, + "/AI/trainingEnergyConsumption": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "trainingEnergyConsumption", + "fqname": "/AI/trainingEnergyConsumption", + "summary": "Specifies the amount of energy consumed when training the AI model that is\nbeing used in the AI system.", + "description": "The field specifies the amount of energy consumed when training the AI model\nthat is being used in the AI system.", + "metadata": { + "name": "trainingEnergyConsumption", "Nature": "ObjectProperty", - "Range": "/Core/Hash" + "Range": "EnergyConsumptionDescription" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption", "used_in": [ - "/Build/Build" + "/AI/EnergyConsumption" ] }, - "/Build/buildId": { + "/AI/typeOfModel": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "buildId", - "fqname": "/Build/buildId", - "summary": "A buildId is a locally unique identifier used by a builder to identify a unique\ninstance of a build produced by it.", - "description": "A buildId is a locally unique identifier to identify a unique instance of a\nbuild.\n\nThis identifier differs based on build toolchain, platform, or naming\nconvention used by an organization or standard.", + "name": "typeOfModel", + "fqname": "/AI/typeOfModel", + "summary": "Records the type of the model used in the AI software.", + "description": "A free-form text that records the type of the AI model(s) used in the software.\n\nFor instance, if it is a supervised model, unsupervised model, reinforcement\nlearning model or a combination of those.", "metadata": { - "name": "buildId", + "name": "typeOfModel", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildId", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel", "used_in": [ - "/Build/Build" + "/AI/AIPackage" ] }, - "/Build/buildStartTime": { + "/AI/autonomyType": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "buildStartTime", - "fqname": "/Build/buildStartTime", - "summary": "Property describing the start time of a build.", - "description": "buildStartTime is the time at which a build is triggered.\n\nThe builder typically records this value.", + "name": "autonomyType", + "fqname": "/AI/autonomyType", + "summary": "Indicates whether the system can perform a decision or action without human\ninvolvement or guidance.", + "description": "Indicates if the system is fully automated or a human is involved in any of the\ndecisions of the AI system.\n\n- yes: Indicates that the system is fully automated\n- no: Indicates that a human is involved in any of the decisions of the AI\n system\n- noAssertion: Makes no assertion about the autonomy", "metadata": { - "name": "buildStartTime", - "Nature": "DataProperty", - "Range": "/Core/DateTime" + "name": "autonomyType", + "Nature": "ObjectProperty", + "Range": "/Core/PresenceType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType", "used_in": [ - "/Build/Build" + "/AI/AIPackage" ] }, - "/Build/buildType": { + "/AI/energyConsumption": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "buildType", - "fqname": "/Build/buildType", - "summary": "A buildType is a hint that is used to indicate the toolchain, platform, or\ninfrastructure that the build was invoked on.", - "description": "A buildType is a URI expressing the toolchain, platform, or infrastructure that\nthe build was invoked on.\n\nFor example, if the build was invoked on GitHub's CI platform using GitHub\nActions, the buildType can be expressed as `https://github.com/actions`.\n\nIn contrast, if the build was invoked on a local machine, the buildType can be\nexpressed as `file://username@host/path/to/build`.", + "name": "energyConsumption", + "fqname": "/AI/energyConsumption", + "summary": "Indicates the amount of energy consumption incurred by an AI model.", + "description": "Captures the energy consumption of an AI model, either known or estimated.\n\nIn the absence of direct measurements, an SPDX data creator may choose to\nestimate the energy consumption based on information about computational\nresources (e.g., number of floating-point operations), training time, and other\nrelevant training details.", "metadata": { - "name": "buildType", + "name": "energyConsumption", + "Nature": "ObjectProperty", + "Range": "EnergyConsumption" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/metric": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "metric", + "fqname": "/AI/metric", + "summary": "Records the measurement of prediction quality of the AI model.", + "description": "Records the measurement with which the AI model was evaluated.\n\nThis makes statements about the prediction quality including uncertainty,\naccuracy, characteristics of the tested population, quality, fairness,\nexplainability, robustness etc.", + "metadata": { + "name": "metric", + "Nature": "ObjectProperty", + "Range": "/Core/DictionaryEntry" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/metric", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/hyperparameter": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "hyperparameter", + "fqname": "/AI/hyperparameter", + "summary": "Records a hyperparameter used to build the AI model contained in the AI\npackage.", + "description": "Records a hyperparameter value.\n\nHyperparameters are settings defined before the training process that control\nthe learning algorithm's behavior. They differ from model parameters,\nwhich are learned from the data during training. Developers typically set\nhyperparameters manually or through a process of hyperparameter tuning\n(also known as trial and error).\n\nExamples of hyperparameters include learning rate, batch size, and the number\nof layers in a neural network.", + "metadata": { + "name": "hyperparameter", + "Nature": "ObjectProperty", + "Range": "/Core/DictionaryEntry" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/domain": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "domain", + "fqname": "/AI/domain", + "summary": "Captures the domain in which the AI package can be used.", + "description": "A free-form text that describes the domain where the AI model contained in the\nAI software can be expected to operate successfully.\n\nExamples include computer vision, natural language processing, etc.", + "metadata": { + "name": "domain", "Nature": "DataProperty", - "Range": "xsd:anyURI" + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildType", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/domain", "used_in": [ - "/Build/Build" + "/AI/AIPackage" ] }, - "/Build/buildEndTime": { + "/AI/metricDecisionThreshold": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "buildEndTime", - "fqname": "/Build/buildEndTime", - "summary": "Property that describes the time at which a build stops.", - "description": "buildEndTime describes the time at which a build stops or finishes.\n\nThis value is typically recorded by the builder.", + "name": "metricDecisionThreshold", + "fqname": "/AI/metricDecisionThreshold", + "summary": "Captures the threshold that was used for computation of a metric described in\nthe metric field.", + "description": "Each metric might be computed based on a decision threshold.\n\nFor instance, precision or recall is typically computed by checking if the\nprobability of the outcome is larger than 0.5.\n\nEach decision threshold should match with a metric field defined in the AI\npackage.", "metadata": { - "name": "buildEndTime", + "name": "metricDecisionThreshold", + "Nature": "ObjectProperty", + "Range": "/Core/DictionaryEntry" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/standardCompliance": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "standardCompliance", + "fqname": "/AI/standardCompliance", + "summary": "Captures a standard that is being complied with.", + "description": "A free-form text that captures a standard that the AI software complies with.\n\nThis includes both published and unpublished standards, such as those developed\nby ISO, IEEE, and ETSI.\n\nThe standard may, but is not necessarily required to, satisfy a legal or\nregulatory requirement.", + "metadata": { + "name": "standardCompliance", "Nature": "DataProperty", - "Range": "/Core/DateTime" + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance", + "used_in": [ + "/AI/AIPackage" + ] + }, + "/AI/energyUnit": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 336 + }, + "license": "Community-Spec-1.0", + "name": "energyUnit", + "fqname": "/AI/energyUnit", + "summary": "Specifies the unit in which energy is measured.", + "description": "Provides the unit information of the energy.", + "metadata": { + "name": "energyUnit", + "Nature": "ObjectProperty", + "Range": "EnergyUnitType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit", "used_in": [ - "/Build/Build" + "/AI/EnergyConsumptionDescription" ] }, - "/Build/configSourceEntrypoint": { + "/AI/modelExplainability": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "configSourceEntrypoint", - "fqname": "/Build/configSourceEntrypoint", - "summary": "Property describes the invocation entrypoint of a build.", - "description": "A build entrypoint is the invoked executable of a build which always runs when\nthe build is triggered.\n\nFor example, when a build is triggered by running a shell script, the\nentrypoint is `script.sh`.\n\nIn terms of a declared build, the entrypoint is the position in a configuration\nfile or a build declaration which is always run when the build is triggered.\n\nFor example, in the following configuration file, the entrypoint of the build\nis `publish`.\n\n```yaml\nname: Publish packages to PyPI\n\non:\ncreate:\ntags: \"*\"\n\njobs:\npublish:\nruns-on: ubuntu-latest\nif: startsWith(github.ref, 'refs/tags/')\nsteps:\n\n...\n```", + "name": "modelExplainability", + "fqname": "/AI/modelExplainability", + "summary": "Describes methods that can be used to explain the results from the AI model.", + "description": "A free-form text that lists the different explainability mechanisms and how\nthey can be used to explain the results from the AI model.\n\nThe mechanisms can be model-agnostic methods, such as\n[SHapley Additive exPlanations (SHAP)](https://shap.readthedocs.io/) and\n[Local Interpretable Model-agnostic Explanations (LIME)](https://github.com/marcotcr/lime),\nand model-specific methods that applied to a limited category of models.", "metadata": { - "name": "configSourceEntrypoint", + "name": "modelExplainability", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability", "used_in": [ - "/Build/Build" + "/AI/AIPackage" ] }, - "/Build/environment": { + "/AI/modelDataPreprocessing": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 729 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "environment", - "fqname": "/Build/environment", - "summary": "Property describing the session in which a build is invoked.", - "description": "environment is a map of environment variables and values that are set during a\nbuild session.\n\nThis is different from the [parameters](parameters.md) property in that it\ndescribes the environment variables set before a build is invoked rather than\nthe variables provided to the builder.", + "name": "modelDataPreprocessing", + "fqname": "/AI/modelDataPreprocessing", + "summary": "Describes all the preprocessing steps applied to the training data before the\nmodel training.", + "description": "A free-form text that describes the preprocessing steps applied to the training\ndata before training of the model(s) contained in the AI software.", "metadata": { - "name": "environment", - "Nature": "ObjectProperty", - "Range": "/Core/DictionaryEntry" + "name": "modelDataPreprocessing", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build/environment", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing", "used_in": [ - "/Build/Build" + "/AI/AIPackage" ] } }, - "vocabularies": {}, - "individuals": {}, - "datatypes": {}, - "license": "Community-Spec-1.0", - "name": "Build", - "summary": "The Build Profile defines the set of information required to describe an\ninstance of a Software Build.", - "description": "A Software Build is defined here as the act of converting software inputs into\nsoftware artifacts using software build tools. Inputs can include source code,\nconfig files, artifacts that are build environments, and build tools. Outputs\ncan include intermediate artifacts to other build inputs or the final\nartifacts.\n\nThe Build profile provides a subclass of Element called Build.\n\nIt also provides a minimum set of required Relationship Types from the Core\nprofile:\n\n- hasInputs: Describes the relationship from the Build element to its inputs.\n- hasOutputs: Describes the relationship from the Build element to its outputs.\n- invokedBy: Describes the relationship from the Build element to the Agent\n that invoked it.\n\nIn addition, the following Relationship Types may be used to describe a Build.\n\n- hasHost: Describes the relationship from the Build element to the build stage\n or host.\n- configures: Describes the relationship from a configuration to the Build\n element.\n- ancestorOf: Describes a relationship from a Build element to Build eelements\n that describe its child builds.\n- decendentOf: Describes a relationship from a child Build element to its\n parent.\n- usesTool: Describes a relationship from a Build element to a build tool.\n\nAll relationships in the Build Profile are scoped to the \"build\"\nLifecycleScopeType period.\n\nThe `hasInputs` relationship can be applied to a config file or a build tool if\nthe nature of these inputs are not known at the creation of an SPDX document.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/Build", - "name": "Build" - }, - "conformance": null, - "iri": "https://spdx.org/rdf/3.0.1/terms/Build" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": { - "/ExpandedLicensing/ListedLicenseException": { - "py/object": "spec_parser.model.Class", + "vocabularies": { + "/AI/EnergyUnitType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 797 + "py/id": 336 }, "license": "Community-Spec-1.0", - "name": "ListedLicenseException", - "fqname": "/ExpandedLicensing/ListedLicenseException", - "summary": "A license exception that is listed on the SPDX Exceptions list.", - "description": "A ListedLicenseException represents an exception to a License (in other words,\nan exception to a license condition or an additional permission beyond those\ngranted in a License) which is listed on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html).", + "name": "EnergyUnitType", + "fqname": "/AI/EnergyUnitType", + "summary": "Specifies the unit of energy consumption.", + "description": "List the different acceptable units for measuring energy consumption.\n\nIf the unit in which the energy consumption has been recorded\nis not listed here, please select \"other\".", "metadata": { - "name": "ListedLicenseException", - "SubclassOf": "LicenseAddition", - "Instantiability": "Concrete" + "name": "EnergyUnitType" }, - "properties": { - "deprecatedVersion": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/deprecatedVersion" - }, - "listVersionAdded": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/listVersionAdded" - } + "entries": { + "kilowattHour": "Kilowatt-hour.", + "megajoule": "Megajoule.", + "other": "Any other units of energy measurement." }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException", - "fqsupercname": "/ExpandedLicensing/LicenseAddition", - "inheritance_stack": [ - "/ExpandedLicensing/LicenseAddition", - "/Core/Element" - ], - "all_properties": { - "deprecatedVersion": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/deprecatedVersion", - "fullname": "/ExpandedLicensing/deprecatedVersion", - "fulltype": "xsd:string" - }, - "listVersionAdded": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/listVersionAdded", - "fullname": "/ExpandedLicensing/listVersionAdded", - "fulltype": "xsd:string" - }, - "additionText": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/ExpandedLicensing/additionText", - "fullname": "/ExpandedLicensing/additionText", - "fulltype": "xsd:string" - }, - "isDeprecatedAdditionId": { - "type": "xsd:boolean", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", - "fullname": "/ExpandedLicensing/isDeprecatedAdditionId", - "fulltype": "xsd:boolean" - }, - "licenseXml": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml", - "fullname": "/ExpandedLicensing/licenseXml", - "fulltype": "xsd:string" - }, - "obsoletedBy": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy", - "fullname": "/ExpandedLicensing/obsoletedBy", - "fulltype": "xsd:string" - }, - "seeAlso": { - "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", - "minCount": 0, - "maxCount": "*", - "fullname": "/ExpandedLicensing/seeAlso", - "fulltype": "xsd:anyURI" - }, - "standardAdditionTemplate": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/standardAdditionTemplate", - "fullname": "/ExpandedLicensing/standardAdditionTemplate", - "fulltype": "xsd:string" - }, - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" }, - "/ExpandedLicensing/IndividualLicensingInfo": { - "py/object": "spec_parser.model.Class", + "/AI/SafetyRiskAssessmentType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 797 + "py/id": 336 }, - "license": "Community-Spec-1.0", - "name": "IndividualLicensingInfo", - "fqname": "/ExpandedLicensing/IndividualLicensingInfo", - "summary": "A concrete subclass of AnyLicenseInfo used by Individuals in the\nExpandedLicensing profile.", - "description": "Individuals, such as NoneLicense and NoAssertionLicense, need to reference a\nconcrete subclass of AnyLicenseInfo.\n\nThis class provides the type used by the individuals.", + "license": "Community-Spec-1.0", + "name": "SafetyRiskAssessmentType", + "fqname": "/AI/SafetyRiskAssessmentType", + "summary": "Specifies the safety risk level.", + "description": "Lists the different general safety risk levels that can be used to describe the\ngeneral safety risk of an AI system.\n\nUsing categorization according to the\n[EU general risk assessment methodology](https://ec.europa.eu/docsroom/documents/17107).\nThe methodology implements Article 20 of Regulation (EC) No 765/2008 and is\nintended to assist authorities when they assess general product safety\ncompliance.", "metadata": { - "name": "IndividualLicensingInfo", - "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", - "Instantiability": "Concrete" + "name": "SafetyRiskAssessmentType" }, - "properties": {}, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo", - "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", - "inheritance_stack": [ - "/SimpleLicensing/AnyLicenseInfo", - "/Core/Element" - ], - "all_properties": { - "spdxId": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", - "fulltype": "xsd:anyURI" - }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" - }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" - }, - "externalRef": { - "type": "ExternalRef", - "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" - }, - "externalIdentifier": { - "type": "ExternalIdentifier", - "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" - }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } - }, - "/ExpandedLicensing/LicenseAddition": { + "entries": { + "serious": "The highest level of risk posed by an AI system.", + "high": "The second-highest level of risk posed by an AI system.", + "medium": "The third-highest level of risk posed by an AI system.", + "low": "Low/no risk is posed by an AI system." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" + } + }, + "individuals": {}, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "AI", + "summary": "The AI Profile is designed to provide a standardized way of documenting and\nsharing information about AI software packages (i.e. systems).", + "description": "The AI namespace defines a set of concepts and data elements related to AI\nsystem and model artifacts. These artifacts are the tangible outputs of the AI\ndevelopment process, such as software packages, models, and datasets.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/AI", + "name": "AI" + }, + "conformance": "For an element collection to be conformant with this profile,\nthe following has to hold:\n\n1. for every `/AI/AIPackage` there MUST exist exactly one `/Core/Relationship`\n of type `hasConcludedLicense` having that element as its `from` property\n and an `/SimpleLicensing/AnyLicenseInfo` as its `to` property.\n2. for every `/AI/AIPackage` there MUST exist exactly one `/Core/Relationship`\n of type `hasDeclaredLicense` having that element as its `from` property\n and an `/SimpleLicensing/AnyLicenseInfo` as its `to` property.", + "iri": "https://spdx.org/rdf/3.0.1/terms/AI" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": { + "/SimpleLicensing/LicenseExpression": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 499 }, "license": "Community-Spec-1.0", - "name": "LicenseAddition", - "fqname": "/ExpandedLicensing/LicenseAddition", - "summary": "Abstract class for additional text intended to be added to a License, but\nwhich is not itself a standalone License.", - "description": "A LicenseAddition represents text which is intended to be added to a License\nas additional text, but which is not itself intended to be a standalone\nLicense.\n\nIt may be an exception which is listed on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html)\n(ListedLicenseException), or may be any other additional text (as an exception\nor otherwise) which is defined by an SPDX data creator (CustomLicenseAddition).", + "name": "LicenseExpression", + "fqname": "/SimpleLicensing/LicenseExpression", + "summary": "An SPDX Element containing an SPDX license expression string.", + "description": "A LicenseExpression enables the representation, in a single string, of a\ncombination of one or more licenses, together with additions such as license\nexceptions.\n\nThe syntax for a LicenseExpression string is set forth in the Annex D\nof the SPDX Specification\n([\"SPDX license expressions\"](../../../annexes/SPDX-license-expressions.md)).\nA LicenseExpression string is not valid if it does not conform to the grammar\nset forth in that annex.\n\nThe ExpandedLicensing profile can be used to represent the complete parsed\nlicense expression as a combination of license objects.", "metadata": { - "name": "LicenseAddition", - "SubclassOf": "/Core/Element", - "Instantiability": "Abstract" + "name": "LicenseExpression", + "SubclassOf": "AnyLicenseInfo", + "Instantiability": "Concrete" }, "properties": { - "additionText": { + "licenseExpression": { "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/additionText" - }, - "isDeprecatedAdditionId": { - "type": "xsd:boolean", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedAdditionId" + "fqname": "/SimpleLicensing/licenseExpression" }, - "licenseXml": { - "type": "xsd:string", - "minCount": "0", + "licenseListVersion": { + "type": "/Core/SemVer", "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml" + "fqname": "/SimpleLicensing/licenseListVersion", + "minCount": 0 }, - "obsoletedBy": { - "type": "xsd:string", + "customIdToUri": { + "type": "/Core/DictionaryEntry", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy" - }, - "seeAlso": { - "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", - "minCount": 0, + "fqname": "/SimpleLicensing/customIdToUri", "maxCount": "*" - }, - "standardAdditionTemplate": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/standardAdditionTemplate" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition", - "fqsupercname": "/Core/Element", + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression", + "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", "inheritance_stack": [ + "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { - "additionText": { + "licenseExpression": { "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/additionText", - "fullname": "/ExpandedLicensing/additionText", - "fulltype": "xsd:string" - }, - "isDeprecatedAdditionId": { - "type": "xsd:boolean", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", - "fullname": "/ExpandedLicensing/isDeprecatedAdditionId", - "fulltype": "xsd:boolean" - }, - "licenseXml": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml", - "fullname": "/ExpandedLicensing/licenseXml", + "fqname": "/SimpleLicensing/licenseExpression", + "fullname": "/SimpleLicensing/licenseExpression", "fulltype": "xsd:string" }, - "obsoletedBy": { - "type": "xsd:string", - "minCount": "0", + "licenseListVersion": { + "type": "/Core/SemVer", "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy", - "fullname": "/ExpandedLicensing/obsoletedBy", - "fulltype": "xsd:string" - }, - "seeAlso": { - "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", + "fqname": "/SimpleLicensing/licenseListVersion", "minCount": 0, - "maxCount": "*", - "fullname": "/ExpandedLicensing/seeAlso", - "fulltype": "xsd:anyURI" + "fullname": "/SimpleLicensing/licenseListVersion", + "fulltype": "/Core/SemVer" }, - "standardAdditionTemplate": { - "type": "xsd:string", + "customIdToUri": { + "type": "/Core/DictionaryEntry", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/standardAdditionTemplate", - "fullname": "/ExpandedLicensing/standardAdditionTemplate", - "fulltype": "xsd:string" + "fqname": "/SimpleLicensing/customIdToUri", + "maxCount": "*", + "fullname": "/SimpleLicensing/customIdToUri", + "fulltype": "/Core/DictionaryEntry" }, "spdxId": { "type": "xsd:anyURI", @@ -5710,46 +3471,29 @@ } } }, - "/ExpandedLicensing/OrLaterOperator": { + "/SimpleLicensing/AnyLicenseInfo": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 499 }, "license": "Community-Spec-1.0", - "name": "OrLaterOperator", - "fqname": "/ExpandedLicensing/OrLaterOperator", - "summary": "Portion of an AnyLicenseInfo representing this version, or any later version,\nof the indicated License.", - "description": "An OrLaterOperator indicates that this portion of the AnyLicenseInfo\nrepresents either (1) the specified version of the corresponding License, or\n(2) any later version of that License. It is represented in the SPDX License\nExpression Syntax by the `+` operator.\n\nIt is context-dependent, and unspecified by SPDX, as to what constitutes a\n\"later version\" of any particular License. Some Licenses may not be versioned,\nor may not have clearly-defined ordering for versions. The consumer of SPDX\ndata will need to determine for themselves what meaning to attribute to a\n\"later version\" operator for a particular License.", + "name": "AnyLicenseInfo", + "fqname": "/SimpleLicensing/AnyLicenseInfo", + "summary": "Abstract class representing a license combination consisting of one or more\nlicenses (optionally including additional text), which may be combined\naccording to the\n[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md).", + "description": "An AnyLicenseInfo is used by licensing properties of software artifacts.\n\nIt can be:\n\n- a NoneLicense;\n- a NoAssertionLicense;\n- a single license (either on the\n [SPDX License List](https://spdx.org/licenses/) or\n [a custom-defined license](../../ExpandedLicensing/Classes/CustomLicense.md));\n- a single license with an \"or later\" operator applied;\n- the foregoing with additional text applied; or\n- a set of licenses combined by applying \"AND\" and \"OR\" operators recursively.", "metadata": { - "name": "OrLaterOperator", - "SubclassOf": "ExtendableLicense", - "Instantiability": "Concrete" - }, - "properties": { - "subjectLicense": { - "type": "License", - "minCount": "1", - "maxCount": "1", - "fqname": "/ExpandedLicensing/subjectLicense" - } + "name": "AnyLicenseInfo", + "SubclassOf": "/Core/Element", + "Instantiability": "Abstract" }, + "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator", - "fqsupercname": "/ExpandedLicensing/ExtendableLicense", + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo", + "fqsupercname": "/Core/Element", "inheritance_stack": [ - "/ExpandedLicensing/ExtendableLicense", - "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { - "subjectLicense": { - "type": "License", - "minCount": "1", - "maxCount": "1", - "fqname": "/ExpandedLicensing/subjectLicense", - "fullname": "/ExpandedLicensing/subjectLicense", - "fulltype": "/ExpandedLicensing/License" - }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -5832,44 +3576,43 @@ } } }, - "/ExpandedLicensing/DisjunctiveLicenseSet": { + "/SimpleLicensing/SimpleLicensingText": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 499 }, "license": "Community-Spec-1.0", - "name": "DisjunctiveLicenseSet", - "fqname": "/ExpandedLicensing/DisjunctiveLicenseSet", - "summary": "Portion of an AnyLicenseInfo representing a set of licensing information where\nonly one of the elements applies.", - "description": "A DisjunctiveLicenseSet indicates that _only one_ of its subsidiary\nAnyLicenseInfos is required to apply. In other words, a DisjunctiveLicenseSet\nof two or more licenses represents a licensing situation where _only one_ of\nthe specified licenses are to be complied with.\n\nA consumer of SPDX data would typically understand this to permit the recipient\nof the licensed content to choose which of the corresponding license they would\nprefer to use. It is represented in the SPDX License Expression Syntax by the\n`OR` operator.", + "name": "SimpleLicensingText", + "fqname": "/SimpleLicensing/SimpleLicensingText", + "summary": "A license or addition that is not listed on the SPDX License List.", + "description": "A SimpleLicensingText represents a License or Addition that is not listed on\nthe [SPDX License List](https://spdx.org/licenses),\nand is therefore defined by an SPDX data creator.", "metadata": { - "name": "DisjunctiveLicenseSet", - "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", + "name": "SimpleLicensingText", + "SubclassOf": "/Core/Element", "Instantiability": "Concrete" }, "properties": { - "member": { - "type": "/SimpleLicensing/AnyLicenseInfo", - "minCount": "2", - "fqname": "/ExpandedLicensing/member", - "maxCount": "*" + "licenseText": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/SimpleLicensing/licenseText" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet", - "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText", + "fqsupercname": "/Core/Element", "inheritance_stack": [ - "/SimpleLicensing/AnyLicenseInfo", "/Core/Element" ], "all_properties": { - "member": { - "type": "/SimpleLicensing/AnyLicenseInfo", - "minCount": "2", - "fqname": "/ExpandedLicensing/member", - "maxCount": "*", - "fullname": "/ExpandedLicensing/member", - "fulltype": "/SimpleLicensing/AnyLicenseInfo" + "licenseText": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/SimpleLicensing/licenseText", + "fullname": "/SimpleLicensing/licenseText", + "fulltype": "xsd:string" }, "spdxId": { "type": "xsd:anyURI", @@ -5952,133 +3695,257 @@ "fulltype": "/Extension/Extension" } } + } + }, + "properties": { + "/SimpleLicensing/licenseListVersion": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 499 + }, + "license": "Community-Spec-1.0", + "name": "licenseListVersion", + "fqname": "/SimpleLicensing/licenseListVersion", + "summary": "The version of the SPDX License List used in the license expression.", + "description": "Recognizing that licenses are added to the\n[SPDX License List](https://spdx.org/licenses/) with each\nsubsequent version, the intent is to provide consumers with the version of the\nSPDX License List used.\n\nThis anticipates that in the future, license expression might have used a\nversion of the SPDX License List that is older than the then current one.\n\nThe specified version of the SPDX License List must include all listed licenses\nand exceptions referenced in the expression.", + "metadata": { + "name": "licenseListVersion", + "Nature": "DataProperty", + "Range": "/Core/SemVer" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion", + "used_in": [ + "/SimpleLicensing/LicenseExpression" + ] }, - "/ExpandedLicensing/ListedLicense": { + "/SimpleLicensing/licenseText": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 499 + }, + "license": "Community-Spec-1.0", + "name": "licenseText", + "fqname": "/SimpleLicensing/licenseText", + "summary": "Identifies the full text of a License or Addition.", + "description": "A licenseText contains the plain text of the License or Addition,\nwithout templating or other similar markup.\n\nUsers of the licenseText for a License can apply the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nwhen comparing it to another text for matching purposes.", + "metadata": { + "name": "licenseText", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText", + "used_in": [ + "/ExpandedLicensing/License", + "/SimpleLicensing/SimpleLicensingText" + ] + }, + "/SimpleLicensing/licenseExpression": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 499 + }, + "license": "Community-Spec-1.0", + "name": "licenseExpression", + "fqname": "/SimpleLicensing/licenseExpression", + "summary": "A string in the license expression format.", + "description": "A licenseExpression enables the representation, in a single string, of a\ncombination of one or more licenses, together with additions such as license\nexceptions.\n\nThe syntax for a LicenseExpression string is set forth in the Annex D\nof the SPDX Specification\n([\"SPDX license expressions\"](../../../annexes/SPDX-license-expressions.md)).\nA LicenseExpression string is not valid if it does not conform to the grammar\nset forth in that annex.\n\nThe ExpandedLicensing profile can be used to represent the complete parsed\nlicense expression as a combination of license objects.", + "metadata": { + "name": "licenseExpression", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression", + "used_in": [ + "/SimpleLicensing/LicenseExpression" + ] + }, + "/SimpleLicensing/customIdToUri": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 499 + }, + "license": "Community-Spec-1.0", + "name": "customIdToUri", + "fqname": "/SimpleLicensing/customIdToUri", + "summary": "Maps a LicenseRef or AdditionRef string for a Custom License or a Custom\nLicense Addition to its URI ID.", + "description": "Within a License Expression, references can be made to a Custom License or a\nCustom License Addition.\n\nThe [License Expression syntax](../../../annexes/SPDX-license-expressions.md)\ndictates any reference starting with a\n\"LicenseRef-\" or \"AdditionRef-\" refers to license or addition text not found in\nthe official [SPDX License List](https://spdx.org/licenses/).\n\nThese custom licenses must be a CustomLicense, a CustomLicenseAddition, or a\nSimpleLicensingText which are identified with a unique URI identifier.\n\nThe key for the DictionaryEntry is the string used in the license expression\nand the value is the URI for the corresponding CustomLicense,\nCustomLicenseAddition, or SimpleLicensingText.", + "metadata": { + "name": "customIdToUri", + "Nature": "ObjectProperty", + "Range": "/Core/DictionaryEntry" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri", + "used_in": [ + "/SimpleLicensing/LicenseExpression" + ] + } + }, + "vocabularies": {}, + "individuals": {}, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "SimpleLicensing", + "summary": "Additional metadata relating to software licensing.", + "description": "The SimpleLicensing profile provides classes and properties to express licenses\nas a [license expression](../../annexes/SPDX-license-expressions.md) string.\n\nIt also provides the base abstract class, AnyLicenseInfo, used for references\nto license information.\n\nThe SimpleLicensingText class provides a place to record any license text found\nthat does not match a license on the\n[SPDX License List](https://spdx.org/licenses/).\n\nThe ExpandedLicensing profile can be used to represent the complete parsed\nlicense expressions.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing", + "name": "SimpleLicensing" + }, + "conformance": null, + "iri": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": { + "/Build/Build": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 574 }, "license": "Community-Spec-1.0", - "name": "ListedLicense", - "fqname": "/ExpandedLicensing/ListedLicense", - "summary": "A license that is listed on the SPDX License List.", - "description": "A ListedLicense represents a License that is listed on the\n[SPDX License List](https://spdx.org/licenses).", + "name": "Build", + "fqname": "/Build/Build", + "summary": "Class that describes a build instance of software/artifacts.", + "description": "A build is a representation of the process in which a piece of software or\nartifact is built. It encapsulates information related to a build process and\nprovides an element from which relationships can be created to describe the\nbuild's inputs, outputs, and related entities (e.g. builders, identities,\netc.).\n\nDefinitions of \"buildType\", \"configSourceEntrypoint\", \"configSourceUri\",\n\"parameters\" and \"environment\" follow those defined in\n[SLSA Provenance v0.2](https://slsa.dev/provenance/v0.2).\n\nExternalIdentifier of type \"urlScheme\" may be used to identify build logs.\nIn this case, the comment of the ExternalIdentifier should be \"LogReference\".\n\nNote that buildStartTime and buildEndTime are optional, and may be omitted to\nsimplify creating reproducible builds.", "metadata": { - "name": "ListedLicense", - "SubclassOf": "License", + "name": "Build", + "SubclassOf": "/Core/Element", "Instantiability": "Concrete" }, "properties": { - "deprecatedVersion": { - "type": "xsd:string", - "minCount": "0", + "buildType": { + "type": "xsd:anyURI", + "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/deprecatedVersion" + "fqname": "/Build/buildType" }, - "listVersionAdded": { + "buildId": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/listVersionAdded" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense", - "fqsupercname": "/ExpandedLicensing/License", - "inheritance_stack": [ - "/ExpandedLicensing/License", - "/ExpandedLicensing/ExtendableLicense", - "/SimpleLicensing/AnyLicenseInfo", - "/Core/Element" - ], - "all_properties": { - "deprecatedVersion": { + "fqname": "/Build/buildId" + }, + "configSourceEntrypoint": { "type": "xsd:string", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/deprecatedVersion", - "fullname": "/ExpandedLicensing/deprecatedVersion", - "fulltype": "xsd:string" + "fqname": "/Build/configSourceEntrypoint", + "maxCount": "*" }, - "listVersionAdded": { - "type": "xsd:string", + "configSourceUri": { + "type": "xsd:anyURI", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/listVersionAdded", - "fullname": "/ExpandedLicensing/listVersionAdded", - "fulltype": "xsd:string" + "fqname": "/Build/configSourceUri", + "maxCount": "*" }, - "licenseText": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/SimpleLicensing/licenseText", - "fullname": "/SimpleLicensing/licenseText", - "fulltype": "xsd:string" + "configSourceDigest": { + "type": "/Core/Hash", + "minCount": "0", + "fqname": "/Build/configSourceDigest", + "maxCount": "*" }, - "isDeprecatedLicenseId": { - "type": "xsd:boolean", + "parameters": { + "type": "/Core/DictionaryEntry", + "minCount": "0", + "fqname": "/Build/parameters", + "maxCount": "*" + }, + "buildStartTime": { + "type": "/Core/DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", - "fullname": "/ExpandedLicensing/isDeprecatedLicenseId", - "fulltype": "xsd:boolean" + "fqname": "/Build/buildStartTime" }, - "isFsfLibre": { - "type": "xsd:boolean", + "buildEndTime": { + "type": "/Core/DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isFsfLibre", - "fullname": "/ExpandedLicensing/isFsfLibre", - "fulltype": "xsd:boolean" + "fqname": "/Build/buildEndTime" }, - "isOsiApproved": { - "type": "xsd:boolean", + "environment": { + "type": "/Core/DictionaryEntry", "minCount": "0", + "fqname": "/Build/environment", + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/Build", + "fqsupercname": "/Core/Element", + "inheritance_stack": [ + "/Core/Element" + ], + "all_properties": { + "buildType": { + "type": "xsd:anyURI", + "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/isOsiApproved", - "fullname": "/ExpandedLicensing/isOsiApproved", - "fulltype": "xsd:boolean" + "fqname": "/Build/buildType", + "fullname": "/Build/buildType", + "fulltype": "xsd:anyURI" }, - "licenseXml": { + "buildId": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml", - "fullname": "/ExpandedLicensing/licenseXml", + "fqname": "/Build/buildId", + "fullname": "/Build/buildId", "fulltype": "xsd:string" }, - "obsoletedBy": { + "configSourceEntrypoint": { "type": "xsd:string", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy", - "fullname": "/ExpandedLicensing/obsoletedBy", + "fqname": "/Build/configSourceEntrypoint", + "maxCount": "*", + "fullname": "/Build/configSourceEntrypoint", "fulltype": "xsd:string" }, - "seeAlso": { + "configSourceUri": { "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", - "minCount": 0, + "minCount": "0", + "fqname": "/Build/configSourceUri", "maxCount": "*", - "fullname": "/ExpandedLicensing/seeAlso", + "fullname": "/Build/configSourceUri", "fulltype": "xsd:anyURI" }, - "standardLicenseHeader": { - "type": "xsd:string", + "configSourceDigest": { + "type": "/Core/Hash", + "minCount": "0", + "fqname": "/Build/configSourceDigest", + "maxCount": "*", + "fullname": "/Build/configSourceDigest", + "fulltype": "/Core/Hash" + }, + "parameters": { + "type": "/Core/DictionaryEntry", + "minCount": "0", + "fqname": "/Build/parameters", + "maxCount": "*", + "fullname": "/Build/parameters", + "fulltype": "/Core/DictionaryEntry" + }, + "buildStartTime": { + "type": "/Core/DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseHeader", - "fullname": "/ExpandedLicensing/standardLicenseHeader", - "fulltype": "xsd:string" + "fqname": "/Build/buildStartTime", + "fullname": "/Build/buildStartTime", + "fulltype": "/Core/DateTime" }, - "standardLicenseTemplate": { - "type": "xsd:string", + "buildEndTime": { + "type": "/Core/DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseTemplate", - "fullname": "/ExpandedLicensing/standardLicenseTemplate", - "fulltype": "xsd:string" + "fqname": "/Build/buildEndTime", + "fullname": "/Build/buildEndTime", + "fulltype": "/Core/DateTime" + }, + "environment": { + "type": "/Core/DictionaryEntry", + "minCount": "0", + "fqname": "/Build/environment", + "maxCount": "*", + "fullname": "/Build/environment", + "fulltype": "/Core/DictionaryEntry" }, "spdxId": { "type": "xsd:anyURI", @@ -6161,92 +4028,277 @@ "fulltype": "/Extension/Extension" } } + } + }, + "properties": { + "/Build/buildId": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "buildId", + "fqname": "/Build/buildId", + "summary": "A buildId is a locally unique identifier used by a builder to identify a unique\ninstance of a build produced by it.", + "description": "A buildId is a locally unique identifier to identify a unique instance of a\nbuild.\n\nThis identifier differs based on build toolchain, platform, or naming\nconvention used by an organization or standard.", + "metadata": { + "name": "buildId", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildId", + "used_in": [ + "/Build/Build" + ] }, - "/ExpandedLicensing/WithAdditionOperator": { + "/Build/parameters": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "parameters", + "fqname": "/Build/parameters", + "summary": "Property describing the parameters used in an instance of a build.", + "description": "parameters is a key-value map of all build parameters and their values that\nwere provided to the builder for a build instance. This is different from the\n[environment](environment.md) property in that the keys and values are provided\nas command line arguments or a configuration file to the builder.", + "metadata": { + "name": "parameters", + "Nature": "ObjectProperty", + "Range": "/Core/DictionaryEntry" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/parameters", + "used_in": [ + "/Build/Build" + ] + }, + "/Build/environment": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "environment", + "fqname": "/Build/environment", + "summary": "Property describing the session in which a build is invoked.", + "description": "environment is a map of environment variables and values that are set during a\nbuild session.\n\nThis is different from the [parameters](parameters.md) property in that it\ndescribes the environment variables set before a build is invoked rather than\nthe variables provided to the builder.", + "metadata": { + "name": "environment", + "Nature": "ObjectProperty", + "Range": "/Core/DictionaryEntry" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/environment", + "used_in": [ + "/Build/Build" + ] + }, + "/Build/buildType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "buildType", + "fqname": "/Build/buildType", + "summary": "A buildType is a hint that is used to indicate the toolchain, platform, or\ninfrastructure that the build was invoked on.", + "description": "A buildType is a URI expressing the toolchain, platform, or infrastructure that\nthe build was invoked on.\n\nFor example, if the build was invoked on GitHub's CI platform using GitHub\nActions, the buildType can be expressed as `https://github.com/actions`.\n\nIn contrast, if the build was invoked on a local machine, the buildType can be\nexpressed as `file://username@host/path/to/build`.", + "metadata": { + "name": "buildType", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildType", + "used_in": [ + "/Build/Build" + ] + }, + "/Build/configSourceDigest": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "configSourceDigest", + "fqname": "/Build/configSourceDigest", + "summary": "Property that describes the digest of the build configuration file used to\ninvoke a build.", + "description": "configSourceDigest is the checksum of the build configuration file used by a\nbuilder to execute a build.\n\nThis Property uses the Core model's [Hash](../../Core/Classes/Hash.md) class.", + "metadata": { + "name": "configSourceDigest", + "Nature": "ObjectProperty", + "Range": "/Core/Hash" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest", + "used_in": [ + "/Build/Build" + ] + }, + "/Build/configSourceEntrypoint": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "configSourceEntrypoint", + "fqname": "/Build/configSourceEntrypoint", + "summary": "Property describes the invocation entrypoint of a build.", + "description": "A build entrypoint is the invoked executable of a build which always runs when\nthe build is triggered.\n\nFor example, when a build is triggered by running a shell script, the\nentrypoint is `script.sh`.\n\nIn terms of a declared build, the entrypoint is the position in a configuration\nfile or a build declaration which is always run when the build is triggered.\n\nFor example, in the following configuration file, the entrypoint of the build\nis `publish`.\n\n```yaml\nname: Publish packages to PyPI\n\non:\ncreate:\ntags: \"*\"\n\njobs:\npublish:\nruns-on: ubuntu-latest\nif: startsWith(github.ref, 'refs/tags/')\nsteps:\n\n...\n```", + "metadata": { + "name": "configSourceEntrypoint", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint", + "used_in": [ + "/Build/Build" + ] + }, + "/Build/buildStartTime": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "buildStartTime", + "fqname": "/Build/buildStartTime", + "summary": "Property describing the start time of a build.", + "description": "buildStartTime is the time at which a build is triggered.\n\nThe builder typically records this value.", + "metadata": { + "name": "buildStartTime", + "Nature": "DataProperty", + "Range": "/Core/DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime", + "used_in": [ + "/Build/Build" + ] + }, + "/Build/configSourceUri": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "configSourceUri", + "fqname": "/Build/configSourceUri", + "summary": "Property that describes the URI of the build configuration source file.", + "description": "If a build configuration exists for the toolchain or platform performing the\nbuild, the configSourceUri of a build is the URI of that build configuration.\n\nFor example, a build triggered by a GitHub Action is defined by a build\nconfiguration YAML file. In this case, the configSourceUri is the URL of that\nYAML file.", + "metadata": { + "name": "configSourceUri", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri", + "used_in": [ + "/Build/Build" + ] + }, + "/Build/buildEndTime": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 574 + }, + "license": "Community-Spec-1.0", + "name": "buildEndTime", + "fqname": "/Build/buildEndTime", + "summary": "Property that describes the time at which a build stops.", + "description": "buildEndTime describes the time at which a build stops or finishes.\n\nThis value is typically recorded by the builder.", + "metadata": { + "name": "buildEndTime", + "Nature": "DataProperty", + "Range": "/Core/DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime", + "used_in": [ + "/Build/Build" + ] + } + }, + "vocabularies": {}, + "individuals": {}, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "Build", + "summary": "The Build Profile defines the set of information required to describe an\ninstance of a Software Build.", + "description": "A Software Build is defined here as the act of converting software inputs into\nsoftware artifacts using software build tools. Inputs can include source code,\nconfig files, artifacts that are build environments, and build tools. Outputs\ncan include intermediate artifacts to other build inputs or the final\nartifacts.\n\nThe Build profile provides a subclass of Element called Build.\n\nIt also provides a minimum set of required Relationship Types from the Core\nprofile:\n\n- hasInputs: Describes the relationship from the Build element to its inputs.\n- hasOutputs: Describes the relationship from the Build element to its outputs.\n- invokedBy: Describes the relationship from the Build element to the Agent\n that invoked it.\n\nIn addition, the following Relationship Types may be used to describe a Build.\n\n- hasHost: Describes the relationship from the Build element to the build stage\n or host.\n- configures: Describes the relationship from a configuration to the Build\n element.\n- ancestorOf: Describes a relationship from a Build element to Build eelements\n that describe its child builds.\n- decendentOf: Describes a relationship from a child Build element to its\n parent.\n- usesTool: Describes a relationship from a Build element to a build tool.\n\nAll relationships in the Build Profile are scoped to the \"build\"\nLifecycleScopeType period.\n\nThe `hasInputs` relationship can be applied to a config file or a build tool if\nthe nature of these inputs are not known at the creation of an SPDX document.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/Build", + "name": "Build" + }, + "conformance": null, + "iri": "https://spdx.org/rdf/3.0.1/terms/Build" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": {}, + "properties": {}, + "vocabularies": {}, + "individuals": {}, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "Licensing", + "summary": "The Licensing Profile defines a minimum set of license information to\nfacilitate compliance with typical license use cases.", + "description": "The Licensing profile only contains the additional requirement that any\nSoftware Artifact must have a `Relationship` of type `hasConcludedLicense`.\n\nClasses and Property restrictions are defined in the `SimpleLicensingProfile`\n(Classes and Properties associated with\n[license expression strings](../../annexes/SPDX-license-expressions.md))\nand in the `ExpandedLicensingProfile` (Classes and Properties used for a\nfully parsed syntax tree of license expressions).\n\nThere are 2 relationship types related to licensing - `hasDeclaredLicense` and\n`hasConcludedLicense`.\n\nIf the `hasConcludedLicense` for a Software Artifact is not the same as its\n`hasDeclaredLicense`, a written explanation SHOULD be provided in the\n`hasConcludedLicense` relationship `comment` field.\n\nA written explanation of a relationship to a `NoAssertionLicense` MAY be\nprovided in the `comment` field for the relationship.\n\n***hasDeclaredLicense***\n\nA hasDeclaredLicense identifies the license information actually found in the\nSoftware Artifact, for example as detected by use of automated tooling.\n\nThis field is not intended to capture license information obtained from an\nexternal source, such as a package's website. Such information can be\nincluded, as needed, in the hasConcludedLicense field.\n\nA hasDeclaredLicense may be expressed differently in practice for different\ntypes of Software Artifacts. For example:\n\nfor Packages:\n\n- would include license info for the Package as a\n whole, found in the Package itself (e.g., LICENSE file,\n README file, metadata in the Package, etc.)\n- would not include any license information that is not in the Package\n itself (e.g., license information from the project's website or from a\n third party repository or website)\n\nfor Files:\n\n- would include license info found in the File itself (e.g., license\n header or notice, comments indicating the license, SPDX-License-Identifier\n expression)\n- would not include license info found in a different file (e.g., LICENSE\n file in the top directory of a repository)\n\nfor Snippets:\n\n- would include license info found in the Snippet itself (e.g., license\n notice, comments, SPDX-License-Identifier expression)\n- would not include license info found elsewhere in the File or in a\n different File (e.g., comment at top of File if it is not within the\n Snippet, LICENSE file in the top directory of a repository)\n\nA hasDeclaredLicense relationship to NoneLicense indicates that the\ncorresponding Package, File or Snippet contains no license information\nwhatsoever.\n\nA hasDeclaredLicense relationship to NoAssertionLicense\nindicates that one of the following applies:\n\n- the SPDX data creator has attempted to but cannot reach a reasonable\n objective determination;\n- the SPDX data creator has made no attempt to determine this field; or\n- the SPDX data creator has intentionally provided no information (no meaning\n should be implied by doing so).\n \nIf a hasDeclaredLicense relationship is not present, no assumptions can be made\nabout whether or not a hasDeclaredLicense exists.\n\nNote that a missing hasDeclaredLicense is not the same as a relationship to\nNoAssertionLicense since the latter is a \"known unknown\" whereas no assumptions\ncan be made from a missing hasDeclaredLicense relationship.\n\n***hasConcludedLicense***\n\nA hasConcludedLicense is the license identified by the SPDX data creator,\nbased on analyzing the license information in the Software Artifact\nand other information to arrive at a reasonably objective\nconclusion as to what license governs the Software Artifact.\n\nA hasConcludedLicense relationship to NoneLicense indicates that the\nSPDX data creator has looked and did not find any license information for this\nSoftware Artifact.\n\nA hasConcludedLicense relationship to NoAssertionLicense\nindicates that one of the following applies:\n\n- the SPDX data creator has attempted to but cannot reach a reasonable\n objective determination;\n- the SPDX data creator has made no attempt to determine this field; or\n- the SPDX data creator has intentionally provided no information (no\n meaning should be implied by doing so).\n\nIf a hasConcludedLicense is not present, no assumptions can be made\nabout whether or not a hasConcludedLicense exists.\n\nNote that a missing hasConcludedLicense is not the same as a relationship to a\nNoAssertionLicense since the latter is a \"known unknown\" whereas no assumptions\ncan be made from a missing hasConcludedLicense relationship.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/Licensing", + "name": "Licensing" + }, + "conformance": "For an element collection to be conformant with this profile,\nthe following has to hold:\n\n1. for every `/Software/SoftwareArtifact` there MUST exist exactly one\n `/Core/Relationship` of type `hasConcludedLicense` having that element as\n its `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.", + "iri": "https://spdx.org/rdf/3.0.1/terms/Licensing" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": { + "/Software/ContentIdentifier": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "WithAdditionOperator", - "fqname": "/ExpandedLicensing/WithAdditionOperator", - "summary": "Portion of an AnyLicenseInfo representing a License which has additional\ntext applied to it.", - "description": "A WithAdditionOperator indicates that the designated License is subject to the\ndesignated LicenseAddition, which might be a license exception on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html)\n(ListedLicenseException) or may be other additional text\n(CustomLicenseAddition). It is represented in the SPDX License Expression\nSyntax by the `WITH` operator.", + "name": "ContentIdentifier", + "fqname": "/Software/ContentIdentifier", + "summary": "A canonical, unique, immutable identifier", + "description": "A ContentIdentifier is a canonical, unique, immutable identifier of the content\nof a software artifact, such as a package, a file, or a snippet.\n\nIt can be used for verifying its identity and integrity.", "metadata": { - "name": "WithAdditionOperator", - "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", + "name": "ContentIdentifier", + "SubclassOf": "/Core/IntegrityMethod", "Instantiability": "Concrete" }, "properties": { - "subjectAddition": { - "type": "LicenseAddition", + "contentIdentifierType": { + "type": "ContentIdentifierType", "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/subjectAddition" + "fqname": "/Software/contentIdentifierType" }, - "subjectExtendableLicense": { - "type": "ExtendableLicense", + "contentIdentifierValue": { + "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/subjectExtendableLicense" + "fqname": "/Software/contentIdentifierValue" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator", - "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", + "fqsupercname": "/Core/IntegrityMethod", "inheritance_stack": [ - "/SimpleLicensing/AnyLicenseInfo", - "/Core/Element" + "/Core/IntegrityMethod" ], "all_properties": { - "subjectAddition": { - "type": "LicenseAddition", - "minCount": "1", - "maxCount": "1", - "fqname": "/ExpandedLicensing/subjectAddition", - "fullname": "/ExpandedLicensing/subjectAddition", - "fulltype": "/ExpandedLicensing/LicenseAddition" - }, - "subjectExtendableLicense": { - "type": "ExtendableLicense", + "contentIdentifierType": { + "type": "ContentIdentifierType", "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/subjectExtendableLicense", - "fullname": "/ExpandedLicensing/subjectExtendableLicense", - "fulltype": "/ExpandedLicensing/ExtendableLicense" + "fqname": "/Software/contentIdentifierType", + "fullname": "/Software/contentIdentifierType", + "fulltype": "/Software/ContentIdentifierType" }, - "spdxId": { + "contentIdentifierValue": { "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/Core/spdxId", - "fullname": "/Core/spdxId", + "fqname": "/Software/contentIdentifierValue", + "fullname": "/Software/contentIdentifierValue", "fulltype": "xsd:anyURI" }, - "name": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/name", - "minCount": 0, - "fullname": "/Core/name", - "fulltype": "xsd:string" - }, - "summary": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/summary", - "minCount": 0, - "fullname": "/Core/summary", - "fulltype": "xsd:string" - }, - "description": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/description", - "minCount": 0, - "fullname": "/Core/description", - "fulltype": "xsd:string" - }, "comment": { "type": "xsd:string", "maxCount": "1", @@ -6254,147 +4306,205 @@ "minCount": 0, "fullname": "/Core/comment", "fulltype": "xsd:string" - }, - "creationInfo": { - "type": "CreationInfo", - "minCount": "1", + } + } + }, + "/Software/Package": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "Package", + "fqname": "/Software/Package", + "summary": "Refers to any unit of content that can be associated with a distribution of\nsoftware.", + "description": "A package refers to any unit of content that can be associated with a\ndistribution of software.\n\nTypically, a package is composed of one or more files. \n\nAny of the following non-limiting examples may be (but are not required to be)\nrepresented in SPDX as a package:\n\n- a tarball, zip file or other archive\n- a directory or sub-directory\n- a separately distributed piece of software which another Package or File uses\n or depends upon (e.g., a Python package, a Go module, ...)\n- a container image, and/or each image layer within a container image\n- a collection of one or more sub-packages\n- a Git repository snapshot from a particular point in time\n\nNote that some of these could be represented in SPDX as a file as well.", + "metadata": { + "name": "Package", + "SubclassOf": "/Software/SoftwareArtifact", + "Instantiability": "Concrete" + }, + "properties": { + "packageVersion": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/creationInfo", - "fullname": "/Core/creationInfo", - "fulltype": "/Core/CreationInfo" + "fqname": "/Software/packageVersion" }, - "verifiedUsing": { - "type": "IntegrityMethod", - "fqname": "/Core/verifiedUsing", - "minCount": 0, - "maxCount": "*", - "fullname": "/Core/verifiedUsing", - "fulltype": "/Core/IntegrityMethod" + "downloadLocation": { + "type": "xsd:anyURI", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/downloadLocation" }, - "externalRef": { - "type": "ExternalRef", + "packageUrl": { + "type": "xsd:anyURI", "minCount": "0", - "fqname": "/Core/externalRef", - "maxCount": "*", - "fullname": "/Core/externalRef", - "fulltype": "/Core/ExternalRef" + "maxCount": "1", + "fqname": "/Software/packageUrl" }, - "externalIdentifier": { - "type": "ExternalIdentifier", + "homePage": { + "type": "xsd:anyURI", "minCount": "0", - "fqname": "/Core/externalIdentifier", - "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" + "maxCount": "1", + "fqname": "/Software/homePage" }, - "extension": { - "type": "/Extension/Extension", + "sourceInfo": { + "type": "xsd:string", "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" + "maxCount": "1", + "fqname": "/Software/sourceInfo" } - } - }, - "/ExpandedLicensing/CustomLicense": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 797 }, - "license": "Community-Spec-1.0", - "name": "CustomLicense", - "fqname": "/ExpandedLicensing/CustomLicense", - "summary": "A license that is not listed on the SPDX License List.", - "description": "A CustomLicense represents a License that is not listed on the\n[SPDX License List](https://spdx.org/licenses),\nand is therefore defined by an SPDX data creator.", - "metadata": { - "name": "CustomLicense", - "SubclassOf": "License", - "Instantiability": "Concrete" + "ext_prop_restrs": { + "/Core/Element/name": { + "minCount": "1" + } }, - "properties": {}, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense", - "fqsupercname": "/ExpandedLicensing/License", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/Package", + "fqsupercname": "/Software/SoftwareArtifact", "inheritance_stack": [ - "/ExpandedLicensing/License", - "/ExpandedLicensing/ExtendableLicense", - "/SimpleLicensing/AnyLicenseInfo", + "/Software/SoftwareArtifact", + "/Core/Artifact", "/Core/Element" ], "all_properties": { - "licenseText": { + "packageVersion": { "type": "xsd:string", - "minCount": "1", + "minCount": "0", "maxCount": "1", - "fqname": "/SimpleLicensing/licenseText", - "fullname": "/SimpleLicensing/licenseText", + "fqname": "/Software/packageVersion", + "fullname": "/Software/packageVersion", "fulltype": "xsd:string" }, - "isDeprecatedLicenseId": { - "type": "xsd:boolean", + "downloadLocation": { + "type": "xsd:anyURI", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", - "fullname": "/ExpandedLicensing/isDeprecatedLicenseId", - "fulltype": "xsd:boolean" + "fqname": "/Software/downloadLocation", + "fullname": "/Software/downloadLocation", + "fulltype": "xsd:anyURI" + }, + "packageUrl": { + "type": "xsd:anyURI", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/packageUrl", + "fullname": "/Software/packageUrl", + "fulltype": "xsd:anyURI" + }, + "homePage": { + "type": "xsd:anyURI", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/homePage", + "fullname": "/Software/homePage", + "fulltype": "xsd:anyURI" + }, + "sourceInfo": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/sourceInfo", + "fullname": "/Software/sourceInfo", + "fulltype": "xsd:string" }, - "isFsfLibre": { - "type": "xsd:boolean", + "primaryPurpose": { + "type": "SoftwarePurpose", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isFsfLibre", - "fullname": "/ExpandedLicensing/isFsfLibre", - "fulltype": "xsd:boolean" + "fqname": "/Software/primaryPurpose", + "fullname": "/Software/primaryPurpose", + "fulltype": "/Software/SoftwarePurpose" }, - "isOsiApproved": { - "type": "xsd:boolean", + "additionalPurpose": { + "type": "SoftwarePurpose", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/isOsiApproved", - "fullname": "/ExpandedLicensing/isOsiApproved", - "fulltype": "xsd:boolean" + "fqname": "/Software/additionalPurpose", + "maxCount": "*", + "fullname": "/Software/additionalPurpose", + "fulltype": "/Software/SoftwarePurpose" }, - "licenseXml": { + "copyrightText": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml", - "fullname": "/ExpandedLicensing/licenseXml", + "fqname": "/Software/copyrightText", + "fullname": "/Software/copyrightText", "fulltype": "xsd:string" }, - "obsoletedBy": { + "attributionText": { "type": "xsd:string", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy", - "fullname": "/ExpandedLicensing/obsoletedBy", + "fqname": "/Software/attributionText", + "maxCount": "*", + "fullname": "/Software/attributionText", "fulltype": "xsd:string" }, - "seeAlso": { - "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", - "minCount": 0, + "contentIdentifier": { + "type": "ContentIdentifier", + "minCount": "0", + "fqname": "/Software/contentIdentifier", "maxCount": "*", - "fullname": "/ExpandedLicensing/seeAlso", - "fulltype": "xsd:anyURI" + "fullname": "/Software/contentIdentifier", + "fulltype": "/Software/ContentIdentifier" }, - "standardLicenseHeader": { - "type": "xsd:string", + "originatedBy": { + "type": "Agent", + "minCount": "0", + "fqname": "/Core/originatedBy", + "maxCount": "*", + "fullname": "/Core/originatedBy", + "fulltype": "/Core/Agent" + }, + "suppliedBy": { + "type": "Agent", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseHeader", - "fullname": "/ExpandedLicensing/standardLicenseHeader", - "fulltype": "xsd:string" + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" }, - "standardLicenseTemplate": { - "type": "xsd:string", + "builtTime": { + "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseTemplate", - "fullname": "/ExpandedLicensing/standardLicenseTemplate", + "fqname": "/Core/builtTime", + "fullname": "/Core/builtTime", + "fulltype": "/Core/DateTime" + }, + "releaseTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/releaseTime", + "fullname": "/Core/releaseTime", + "fulltype": "/Core/DateTime" + }, + "validUntilTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/validUntilTime", + "fullname": "/Core/validUntilTime", + "fulltype": "/Core/DateTime" + }, + "standardName": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Core/standardName", + "maxCount": "*", + "fullname": "/Core/standardName", "fulltype": "xsd:string" }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*", + "fullname": "/Core/supportLevel", + "fulltype": "/Core/SupportType" + }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -6407,7 +4517,7 @@ "type": "xsd:string", "maxCount": "1", "fqname": "/Core/name", - "minCount": 0, + "minCount": "1", "fullname": "/Core/name", "fulltype": "xsd:string" }, @@ -6477,44 +4587,159 @@ } } }, - "/ExpandedLicensing/ConjunctiveLicenseSet": { + "/Software/File": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "ConjunctiveLicenseSet", - "fqname": "/ExpandedLicensing/ConjunctiveLicenseSet", - "summary": "Portion of an AnyLicenseInfo representing a set of licensing information\nwhere all elements apply.", - "description": "A ConjunctiveLicenseSet indicates that _each_ of its subsidiary\nAnyLicenseInfos apply. In other words, a ConjunctiveLicenseSet of two or\nmore licenses represents a licensing situation where _all_ of the specified\nlicenses are to be complied with. It is represented in the SPDX License\nExpression Syntax by the `AND` operator.\n\nIt is syntactically correct to specify a ConjunctiveLicenseSet where the\nsubsidiary AnyLicenseInfos may be \"incompatible\" according to a particular\ninterpretation of the corresponding Licenses.\nThe\n[SPDX License Expression Syntax](../../../annexes/SPDX-license-expressions.md)\ndoes not take into account interpretation of license texts, which is\nleft to the consumer of SPDX data to determine for themselves.", + "name": "File", + "fqname": "/Software/File", + "summary": "Refers to any object that stores content on a computer.", + "description": "Refers to any object that stores content on a computer.\nThe type of content can optionally be provided in the contentType property.\n\nThe fileKind property can be set to `directory` to indicate the file represents\na directory and all content stored in that directory.", "metadata": { - "name": "ConjunctiveLicenseSet", - "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", + "name": "File", + "SubclassOf": "/Software/SoftwareArtifact", "Instantiability": "Concrete" }, "properties": { - "member": { - "type": "/SimpleLicensing/AnyLicenseInfo", - "minCount": "2", - "fqname": "/ExpandedLicensing/member", - "maxCount": "*" + "/Core/contentType": { + "type": "/Core/MediaType", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/contentType" + }, + "fileKind": { + "type": "FileKindType", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/fileKind" } }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet", - "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", + "ext_prop_restrs": { + "/Core/Element/name": { + "minCount": "1" + } + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/File", + "fqsupercname": "/Software/SoftwareArtifact", "inheritance_stack": [ - "/SimpleLicensing/AnyLicenseInfo", + "/Software/SoftwareArtifact", + "/Core/Artifact", "/Core/Element" ], "all_properties": { - "member": { - "type": "/SimpleLicensing/AnyLicenseInfo", - "minCount": "2", - "fqname": "/ExpandedLicensing/member", + "contentType": { + "type": "/Core/MediaType", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/contentType", + "fullname": "/Core/contentType", + "fulltype": "/Core/MediaType" + }, + "fileKind": { + "type": "FileKindType", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/fileKind", + "fullname": "/Software/fileKind", + "fulltype": "/Software/FileKindType" + }, + "primaryPurpose": { + "type": "SoftwarePurpose", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/primaryPurpose", + "fullname": "/Software/primaryPurpose", + "fulltype": "/Software/SoftwarePurpose" + }, + "additionalPurpose": { + "type": "SoftwarePurpose", + "minCount": "0", + "fqname": "/Software/additionalPurpose", + "maxCount": "*", + "fullname": "/Software/additionalPurpose", + "fulltype": "/Software/SoftwarePurpose" + }, + "copyrightText": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/copyrightText", + "fullname": "/Software/copyrightText", + "fulltype": "xsd:string" + }, + "attributionText": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Software/attributionText", + "maxCount": "*", + "fullname": "/Software/attributionText", + "fulltype": "xsd:string" + }, + "contentIdentifier": { + "type": "ContentIdentifier", + "minCount": "0", + "fqname": "/Software/contentIdentifier", + "maxCount": "*", + "fullname": "/Software/contentIdentifier", + "fulltype": "/Software/ContentIdentifier" + }, + "originatedBy": { + "type": "Agent", + "minCount": "0", + "fqname": "/Core/originatedBy", + "maxCount": "*", + "fullname": "/Core/originatedBy", + "fulltype": "/Core/Agent" + }, + "suppliedBy": { + "type": "Agent", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" + }, + "builtTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/builtTime", + "fullname": "/Core/builtTime", + "fulltype": "/Core/DateTime" + }, + "releaseTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/releaseTime", + "fullname": "/Core/releaseTime", + "fulltype": "/Core/DateTime" + }, + "validUntilTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/validUntilTime", + "fullname": "/Core/validUntilTime", + "fulltype": "/Core/DateTime" + }, + "standardName": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Core/standardName", "maxCount": "*", - "fullname": "/ExpandedLicensing/member", - "fulltype": "/SimpleLicensing/AnyLicenseInfo" + "fullname": "/Core/standardName", + "fulltype": "xsd:string" + }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*", + "fullname": "/Core/supportLevel", + "fulltype": "/Core/SupportType" }, "spdxId": { "type": "xsd:anyURI", @@ -6528,7 +4753,7 @@ "type": "xsd:string", "maxCount": "1", "fqname": "/Core/name", - "minCount": 0, + "minCount": "1", "fullname": "/Core/name", "fulltype": "xsd:string" }, @@ -6598,78 +4823,157 @@ } } }, - "/ExpandedLicensing/CustomLicenseAddition": { + "/Software/SoftwareArtifact": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "CustomLicenseAddition", - "fqname": "/ExpandedLicensing/CustomLicenseAddition", - "summary": "A license addition that is not listed on the SPDX Exceptions List.", - "description": "A CustomLicenseAddition represents an addition to a License that is not listed\non the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html),\nand is therefore defined by an SPDX data creator.\n\nIt is intended to represent additional language which is meant to be added to\na License, but which is not itself a standalone License.", + "name": "SoftwareArtifact", + "fqname": "/Software/SoftwareArtifact", + "summary": "A distinct article or unit related to Software.", + "description": "A software artifact is a distinct article or unit related to software\nsuch as a package, a file, or a snippet.", "metadata": { - "name": "CustomLicenseAddition", - "SubclassOf": "LicenseAddition", - "Instantiability": "Concrete" + "name": "SoftwareArtifact", + "SubclassOf": "/Core/Artifact", + "Instantiability": "Abstract" + }, + "properties": { + "primaryPurpose": { + "type": "SoftwarePurpose", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/primaryPurpose" + }, + "additionalPurpose": { + "type": "SoftwarePurpose", + "minCount": "0", + "fqname": "/Software/additionalPurpose", + "maxCount": "*" + }, + "copyrightText": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Software/copyrightText" + }, + "attributionText": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Software/attributionText", + "maxCount": "*" + }, + "contentIdentifier": { + "type": "ContentIdentifier", + "minCount": "0", + "fqname": "/Software/contentIdentifier", + "maxCount": "*" + } }, - "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition", - "fqsupercname": "/ExpandedLicensing/LicenseAddition", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact", + "fqsupercname": "/Core/Artifact", "inheritance_stack": [ - "/ExpandedLicensing/LicenseAddition", + "/Core/Artifact", "/Core/Element" ], "all_properties": { - "additionText": { - "type": "xsd:string", - "minCount": "1", + "primaryPurpose": { + "type": "SoftwarePurpose", + "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/additionText", - "fullname": "/ExpandedLicensing/additionText", - "fulltype": "xsd:string" + "fqname": "/Software/primaryPurpose", + "fullname": "/Software/primaryPurpose", + "fulltype": "/Software/SoftwarePurpose" }, - "isDeprecatedAdditionId": { - "type": "xsd:boolean", + "additionalPurpose": { + "type": "SoftwarePurpose", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", - "fullname": "/ExpandedLicensing/isDeprecatedAdditionId", - "fulltype": "xsd:boolean" + "fqname": "/Software/additionalPurpose", + "maxCount": "*", + "fullname": "/Software/additionalPurpose", + "fulltype": "/Software/SoftwarePurpose" }, - "licenseXml": { + "copyrightText": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml", - "fullname": "/ExpandedLicensing/licenseXml", + "fqname": "/Software/copyrightText", + "fullname": "/Software/copyrightText", "fulltype": "xsd:string" }, - "obsoletedBy": { + "attributionText": { "type": "xsd:string", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy", - "fullname": "/ExpandedLicensing/obsoletedBy", + "fqname": "/Software/attributionText", + "maxCount": "*", + "fullname": "/Software/attributionText", "fulltype": "xsd:string" }, - "seeAlso": { - "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", - "minCount": 0, + "contentIdentifier": { + "type": "ContentIdentifier", + "minCount": "0", + "fqname": "/Software/contentIdentifier", "maxCount": "*", - "fullname": "/ExpandedLicensing/seeAlso", - "fulltype": "xsd:anyURI" + "fullname": "/Software/contentIdentifier", + "fulltype": "/Software/ContentIdentifier" }, - "standardAdditionTemplate": { - "type": "xsd:string", + "originatedBy": { + "type": "Agent", + "minCount": "0", + "fqname": "/Core/originatedBy", + "maxCount": "*", + "fullname": "/Core/originatedBy", + "fulltype": "/Core/Agent" + }, + "suppliedBy": { + "type": "Agent", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/standardAdditionTemplate", - "fullname": "/ExpandedLicensing/standardAdditionTemplate", + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" + }, + "builtTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/builtTime", + "fullname": "/Core/builtTime", + "fulltype": "/Core/DateTime" + }, + "releaseTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/releaseTime", + "fullname": "/Core/releaseTime", + "fulltype": "/Core/DateTime" + }, + "validUntilTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/validUntilTime", + "fullname": "/Core/validUntilTime", + "fulltype": "/Core/DateTime" + }, + "standardName": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Core/standardName", + "maxCount": "*", + "fullname": "/Core/standardName", "fulltype": "xsd:string" }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*", + "fullname": "/Core/supportLevel", + "fulltype": "/Core/SupportType" + }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -6739,43 +5043,92 @@ "minCount": "0", "fqname": "/Core/externalIdentifier", "maxCount": "*", - "fullname": "/Core/externalIdentifier", - "fulltype": "/Core/ExternalIdentifier" + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" + }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } + }, + "/Software/Sbom": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "Sbom", + "fqname": "/Software/Sbom", + "summary": "A collection of SPDX Elements describing a single package.", + "description": "A Software Bill of Materials (SBOM) is a collection of SPDX Elements describing\na single package.\n\nThis could include details of the content and composition of the product,\nprovenance details of the product and/or its composition, licensing\ninformation, known quality or security issues, etc.", + "metadata": { + "name": "Sbom", + "SubclassOf": "/Core/Bom", + "Instantiability": "Concrete" + }, + "properties": { + "sbomType": { + "type": "SbomType", + "minCount": "0", + "fqname": "/Software/sbomType", + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/Sbom", + "fqsupercname": "/Core/Bom", + "inheritance_stack": [ + "/Core/Bom", + "/Core/Bundle", + "/Core/ElementCollection", + "/Core/Element" + ], + "all_properties": { + "sbomType": { + "type": "SbomType", + "minCount": "0", + "fqname": "/Software/sbomType", + "maxCount": "*", + "fullname": "/Software/sbomType", + "fulltype": "/Software/SbomType" + }, + "context": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/context", + "minCount": 0, + "fullname": "/Core/context", + "fulltype": "xsd:string" + }, + "element": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/element", + "maxCount": "*", + "fullname": "/Core/element", + "fulltype": "/Core/Element" + }, + "rootElement": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/rootElement", + "maxCount": "*", + "fullname": "/Core/rootElement", + "fulltype": "/Core/Element" + }, + "profileConformance": { + "type": "ProfileIdentifierType", + "fqname": "/Core/profileConformance", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/profileConformance", + "fulltype": "/Core/ProfileIdentifierType" }, - "extension": { - "type": "/Extension/Extension", - "minCount": "0", - "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } - }, - "/ExpandedLicensing/ExtendableLicense": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 797 - }, - "license": "Community-Spec-1.0", - "name": "ExtendableLicense", - "fqname": "/ExpandedLicensing/ExtendableLicense", - "summary": "Abstract class representing a License or an OrLaterOperator.", - "description": "The WithAdditionOperator can have a License or an OrLaterOperator as the\nlicense property value. This class is used for the value.", - "metadata": { - "name": "ExtendableLicense", - "SubclassOf": "/SimpleLicensing/AnyLicenseInfo", - "Instantiability": "Abstract" - }, - "properties": {}, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense", - "fqsupercname": "/SimpleLicensing/AnyLicenseInfo", - "inheritance_stack": [ - "/SimpleLicensing/AnyLicenseInfo", - "/Core/Element" - ], - "all_properties": { "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -6858,158 +5211,170 @@ } } }, - "/ExpandedLicensing/License": { + "/Software/Snippet": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "License", - "fqname": "/ExpandedLicensing/License", - "summary": "Abstract class for the portion of an AnyLicenseInfo representing a license.", - "description": "A License represents a license text, whether listed on the\n[SPDX License List](https://spdx.org/licenses/)\n(ListedLicense) or defined by an SPDX data creator (CustomLicense).", + "name": "Snippet", + "fqname": "/Software/Snippet", + "summary": "Describes a certain part of a file.", + "description": "A Snippet describes a certain part of a file and can be used when the file is\nknown to have some content that has been included from another original source.\n\nSnippets are useful for denoting when part of a file may have been originally\ncreated under another license or copied from a place with a known\nvulnerability.", "metadata": { - "name": "License", - "SubclassOf": "ExtendableLicense", - "Instantiability": "Abstract" + "name": "Snippet", + "SubclassOf": "/Software/SoftwareArtifact", + "Instantiability": "Concrete" }, "properties": { - "/SimpleLicensing/licenseText": { - "type": "xsd:string", - "minCount": "1", + "byteRange": { + "type": "/Core/PositiveIntegerRange", + "minCount": "0", "maxCount": "1", - "fqname": "/SimpleLicensing/licenseText" + "fqname": "/Software/byteRange" }, - "isDeprecatedLicenseId": { - "type": "xsd:boolean", + "lineRange": { + "type": "/Core/PositiveIntegerRange", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedLicenseId" + "fqname": "/Software/lineRange" }, - "isFsfLibre": { - "type": "xsd:boolean", + "snippetFromFile": { + "type": "File", + "minCount": "1", + "maxCount": "1", + "fqname": "/Software/snippetFromFile" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/Snippet", + "fqsupercname": "/Software/SoftwareArtifact", + "inheritance_stack": [ + "/Software/SoftwareArtifact", + "/Core/Artifact", + "/Core/Element" + ], + "all_properties": { + "byteRange": { + "type": "/Core/PositiveIntegerRange", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isFsfLibre" + "fqname": "/Software/byteRange", + "fullname": "/Software/byteRange", + "fulltype": "/Core/PositiveIntegerRange" }, - "isOsiApproved": { - "type": "xsd:boolean", + "lineRange": { + "type": "/Core/PositiveIntegerRange", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isOsiApproved" + "fqname": "/Software/lineRange", + "fullname": "/Software/lineRange", + "fulltype": "/Core/PositiveIntegerRange" }, - "licenseXml": { - "type": "xsd:string", - "minCount": "0", + "snippetFromFile": { + "type": "File", + "minCount": "1", "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml" + "fqname": "/Software/snippetFromFile", + "fullname": "/Software/snippetFromFile", + "fulltype": "/Software/File" }, - "obsoletedBy": { - "type": "xsd:string", + "primaryPurpose": { + "type": "SoftwarePurpose", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy" + "fqname": "/Software/primaryPurpose", + "fullname": "/Software/primaryPurpose", + "fulltype": "/Software/SoftwarePurpose" }, - "seeAlso": { - "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", - "minCount": 0, - "maxCount": "*" + "additionalPurpose": { + "type": "SoftwarePurpose", + "minCount": "0", + "fqname": "/Software/additionalPurpose", + "maxCount": "*", + "fullname": "/Software/additionalPurpose", + "fulltype": "/Software/SoftwarePurpose" }, - "standardLicenseHeader": { + "copyrightText": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseHeader" + "fqname": "/Software/copyrightText", + "fullname": "/Software/copyrightText", + "fulltype": "xsd:string" }, - "standardLicenseTemplate": { + "attributionText": { "type": "xsd:string", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseTemplate" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License", - "fqsupercname": "/ExpandedLicensing/ExtendableLicense", - "inheritance_stack": [ - "/ExpandedLicensing/ExtendableLicense", - "/SimpleLicensing/AnyLicenseInfo", - "/Core/Element" - ], - "all_properties": { - "licenseText": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/SimpleLicensing/licenseText", - "fullname": "/SimpleLicensing/licenseText", + "fqname": "/Software/attributionText", + "maxCount": "*", + "fullname": "/Software/attributionText", "fulltype": "xsd:string" }, - "isDeprecatedLicenseId": { - "type": "xsd:boolean", + "contentIdentifier": { + "type": "ContentIdentifier", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", - "fullname": "/ExpandedLicensing/isDeprecatedLicenseId", - "fulltype": "xsd:boolean" + "fqname": "/Software/contentIdentifier", + "maxCount": "*", + "fullname": "/Software/contentIdentifier", + "fulltype": "/Software/ContentIdentifier" }, - "isFsfLibre": { - "type": "xsd:boolean", + "originatedBy": { + "type": "Agent", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/isFsfLibre", - "fullname": "/ExpandedLicensing/isFsfLibre", - "fulltype": "xsd:boolean" + "fqname": "/Core/originatedBy", + "maxCount": "*", + "fullname": "/Core/originatedBy", + "fulltype": "/Core/Agent" }, - "isOsiApproved": { - "type": "xsd:boolean", + "suppliedBy": { + "type": "Agent", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/isOsiApproved", - "fullname": "/ExpandedLicensing/isOsiApproved", - "fulltype": "xsd:boolean" + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" }, - "licenseXml": { - "type": "xsd:string", + "builtTime": { + "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/licenseXml", - "fullname": "/ExpandedLicensing/licenseXml", - "fulltype": "xsd:string" + "fqname": "/Core/builtTime", + "fullname": "/Core/builtTime", + "fulltype": "/Core/DateTime" }, - "obsoletedBy": { - "type": "xsd:string", + "releaseTime": { + "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/obsoletedBy", - "fullname": "/ExpandedLicensing/obsoletedBy", - "fulltype": "xsd:string" - }, - "seeAlso": { - "type": "xsd:anyURI", - "fqname": "/ExpandedLicensing/seeAlso", - "minCount": 0, - "maxCount": "*", - "fullname": "/ExpandedLicensing/seeAlso", - "fulltype": "xsd:anyURI" + "fqname": "/Core/releaseTime", + "fullname": "/Core/releaseTime", + "fulltype": "/Core/DateTime" }, - "standardLicenseHeader": { - "type": "xsd:string", + "validUntilTime": { + "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseHeader", - "fullname": "/ExpandedLicensing/standardLicenseHeader", - "fulltype": "xsd:string" + "fqname": "/Core/validUntilTime", + "fullname": "/Core/validUntilTime", + "fulltype": "/Core/DateTime" }, - "standardLicenseTemplate": { + "standardName": { "type": "xsd:string", "minCount": "0", - "maxCount": "1", - "fqname": "/ExpandedLicensing/standardLicenseTemplate", - "fullname": "/ExpandedLicensing/standardLicenseTemplate", + "fqname": "/Core/standardName", + "maxCount": "*", + "fullname": "/Core/standardName", "fulltype": "xsd:string" }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*", + "fullname": "/Core/supportLevel", + "fulltype": "/Core/SupportType" + }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -7094,706 +5459,1160 @@ } }, "properties": { - "/ExpandedLicensing/subjectAddition": { + "/Software/contentIdentifierValue": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "contentIdentifierValue", + "fqname": "/Software/contentIdentifierValue", + "summary": "Specifies the value of the content identifier.", + "description": "A contentIdentifierValue specifies the value of a content identifier.", + "metadata": { + "name": "contentIdentifierValue", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue", + "used_in": [ + "/Software/ContentIdentifier" + ] + }, + "/Software/contentIdentifier": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "subjectAddition", - "fqname": "/ExpandedLicensing/subjectAddition", - "summary": "A LicenseAddition participating in a 'with addition' model.", - "description": "A subjectAddition is a LicenseAddition which is subject to a 'with additional\ntext' effect (WithAdditionOperator).", + "name": "contentIdentifier", + "fqname": "/Software/contentIdentifier", + "summary": "A canonical, unique, immutable identifier of the artifact content, that may be\nused for verifying its identity and/or integrity.", + "description": "A contentIdentifier is a canonical, unique, immutable identifier of the content\nof a software artifact, such as a package, a file, or a snippet.\n\nIt may be used for verifying its identity and/or integrity.", "metadata": { - "name": "subjectAddition", + "name": "contentIdentifier", + "Nature": "DataProperty", + "Range": "ContentIdentifier" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier", + "used_in": [ + "/Software/SoftwareArtifact" + ] + }, + "/Software/sourceInfo": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "sourceInfo", + "fqname": "/Software/sourceInfo", + "summary": "Records any relevant background information or additional comments\nabout the origin of the package.", + "description": "SourceInfo records any relevant background information or additional comments\nabout the origin of the package.\n\nFor example, this field might include comments indicating whether the package\nwas pulled from a source code management system or has been repackaged.\n\nThe creator can provide additional information to describe any anomalies or\ndiscoveries in the determination of the origin of the package.", + "metadata": { + "name": "sourceInfo", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo", + "used_in": [ + "/Software/Package" + ] + }, + "/Software/additionalPurpose": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "additionalPurpose", + "fqname": "/Software/additionalPurpose", + "summary": "Provides additional purpose information of the software artifact.", + "description": "Additional purpose provides information about the additional purposes of the\nsoftware artifact in addition to the primaryPurpose.", + "metadata": { + "name": "additionalPurpose", "Nature": "ObjectProperty", - "Range": "LicenseAddition" + "Range": "SoftwarePurpose" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose", "used_in": [ - "/ExpandedLicensing/WithAdditionOperator" + "/Software/SoftwareArtifact" ] }, - "/ExpandedLicensing/isOsiApproved": { + "/Software/byteRange": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "isOsiApproved", - "fqname": "/ExpandedLicensing/isOsiApproved", - "summary": "Specifies whether the License is listed as approved by the\n[Open Source Initiative (OSI)](https://opensource.org).", - "description": "isOsiApproved specifies whether the\n[Open Source Initiative (OSI)](https://opensource.org)\nhas listed this License as \"approved\" in their list of OSI Approved Licenses,\nlocated at the time of this writing at\n[OSI Approved Licenses](https://opensource.org/licenses).\n\nA value of \"true\" indicates that the license is in the list of licenses that\nOSI publishes as approved.\n\nA value of \"false\" indicates that the license is explicitly not in the\ncorresponding list of OSI licenses (e.g., OSI has stated publicly that a\nlicense is not approved).\n\nIf the isOsiApproved field is not specified, the SPDX data creator makes no\nassertions about whether the License is approved by the OSI.", + "name": "byteRange", + "fqname": "/Software/byteRange", + "summary": "Defines the byte range in the original host file that the snippet information\napplies to.", + "description": "This field defines the byte range in the original host file that the snippet\ninformation applies to.\n\nA range of bytes is independent of various formatting concerns, and the most\naccurate way of referring to the differences. The choice was made to start the\nnumbering of the byte range at 1 to be consistent with the W3C pointer method\nvocabulary.", "metadata": { - "name": "isOsiApproved", + "name": "byteRange", "Nature": "DataProperty", - "Range": "xsd:boolean" + "Range": "/Core/PositiveIntegerRange" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange", "used_in": [ - "/ExpandedLicensing/License" + "/Software/Snippet" ] }, - "/ExpandedLicensing/obsoletedBy": { + "/Software/packageVersion": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "obsoletedBy", - "fqname": "/ExpandedLicensing/obsoletedBy", - "summary": "Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition.", - "description": "An obsoletedBy value for a deprecated License or LicenseAddition specifies\nthe licenseId of the replacement License or LicenseAddition that is preferred\nto be used in its place. It should use the same format as specified for a\nlicenseId.\n\nThe License's or LicenseAddition's comment value may include more information\nabout the reason why the licenseId specified in the obsoletedBy value is\npreferred.", + "name": "packageVersion", + "fqname": "/Software/packageVersion", + "summary": "Identify the version of a package.", + "description": "A packageVersion is useful for identification purposes and for indicating later\nchanges of the package version.", "metadata": { - "name": "obsoletedBy", + "name": "packageVersion", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion", "used_in": [ - "/ExpandedLicensing/LicenseAddition", - "/ExpandedLicensing/License" + "/Software/Package" ] }, - "/ExpandedLicensing/seeAlso": { + "/Software/attributionText": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "seeAlso", - "fqname": "/ExpandedLicensing/seeAlso", - "summary": "Contains a URL where the License or LicenseAddition can be found in use.", - "description": "A seeAlso defines a cross-reference with a URL where the License or\nLicenseAddition can be found in use by one or a few projects.\n\nIf applicable, it should include a URL where the license text is posted by\nthe license steward, particularly if the license steward has made available a\n\"canonical\" primary URL for the license text.\n\nIf the license is OSI approved, a seeAlso should be included with the URL for\nthe license's listing on the OSI website.\n\nThe seeAlso URL may refer to a previously-available URL for the License or\nLicenseAddition which is no longer active.\n\nWhere applicable, the seeAlso URL should include the license text in its\nnative language. seeAlso URLs to English or other translations may be included\nwhere multiple, equivalent official translations exist.", + "name": "attributionText", + "fqname": "/Software/attributionText", + "summary": "Provides a place for the SPDX data creator to record acknowledgement text for\na software Package, File or Snippet.", + "description": "An attributionText for a software Package, File or Snippet provides a consumer\nof SPDX data with acknowledgement content, to assist redistributors of the\nPackage, File or Snippet with reproducing those acknowledgements.\n\nFor example, this field may include a statement that is required by a\nparticular license to be reproduced in end-user documentation, advertising\nmaterials, or another form.\n\nThis field may describe where, or in which contexts, the acknowledgements\nneed to be reproduced, but it is not required to do so. The SPDX data creator\nmay also explain elsewhere (such as in a comment field) how they intend for\ndata in this field to be used.\n\nAn attributionText is not meant to include the software Package, File or\nSnippet's actual complete license text. Use hasConcludedLicense to identify the\ncorresponding license.", "metadata": { - "name": "seeAlso", + "name": "attributionText", "Nature": "DataProperty", - "Range": "xsd:anyURI" + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText", "used_in": [ - "/ExpandedLicensing/LicenseAddition", - "/ExpandedLicensing/License" + "/Software/SoftwareArtifact" ] }, - "/ExpandedLicensing/member": { + "/Software/lineRange": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "member", - "fqname": "/ExpandedLicensing/member", - "summary": "A license expression participating in a license set.", - "description": "A member is a license expression participating in a conjunctive (of type\nConjunctiveLicenseSet) or a disjunctive (of type DisjunctiveLicenseSet)\nlicense set.", + "name": "lineRange", + "fqname": "/Software/lineRange", + "summary": "Defines the line range in the original host file that the snippet information\napplies to.", + "description": "This field defines the line range in the original host file that the snippet\ninformation applies to.\n\nIf there is a disagreement between the byte range and line range, the byte\nrange values will take precedence.\n\nA range of lines is a convenient reference for those files where there is a\nknown line delimiter.\nThe choice was made to start the numbering of the lines at 1 to be consistent\nwith the W3C pointer method vocabulary.", "metadata": { - "name": "member", - "Nature": "ObjectProperty", - "Range": "/SimpleLicensing/AnyLicenseInfo" + "name": "lineRange", + "Nature": "DataProperty", + "Range": "/Core/PositiveIntegerRange" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange", "used_in": [ - "/ExpandedLicensing/DisjunctiveLicenseSet", - "/ExpandedLicensing/ConjunctiveLicenseSet" + "/Software/Snippet" ] }, - "/ExpandedLicensing/isDeprecatedAdditionId": { + "/Software/homePage": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "isDeprecatedAdditionId", - "fqname": "/ExpandedLicensing/isDeprecatedAdditionId", - "summary": "Specifies whether an additional text identifier has been marked as deprecated.", - "description": "The isDeprecatedAdditionId property specifies whether an identifier for a\nLicenseAddition has been marked as deprecated. If the property is not defined,\nthen it is presumed to be false (i.e., not deprecated).\n\nIf the LicenseAddition is included on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html),\nthen the `deprecatedVersion` property indicates on which version release of the\nExceptions List it was first marked as deprecated.\n\n\"Deprecated\" in this context refers to deprecating the use of the\n_identifier_, not the underlying license addition. In other words, even if a\nLicenseAddition's author or steward has stated that a particular\nLicenseAddition generally should not be used, that would _not_ mean that the\nLicenseAddition's identifier is \"deprecated.\" Rather, a LicenseAddition\noperator is typically marked as \"deprecated\" when it is determined that use of\nanother identifier is preferable.", + "name": "homePage", + "fqname": "/Software/homePage", + "summary": "A place for the SPDX document creator to record a website that serves as the\npackage's home page.", + "description": "A homePage is a place for the SPDX document creator to record a website that\nserves as the package's home page.\n\nThis saves the recipient of the SPDX document who is looking for more info from\nhaving to search for and verify a match between the package and the associated\nproject home page.\n\nThis link can also be used to reference further information about the package\nreferenced by the SPDX document creator.", "metadata": { - "name": "isDeprecatedAdditionId", + "name": "homePage", "Nature": "DataProperty", - "Range": "xsd:boolean" + "Range": "xsd:anyURI" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/homePage", "used_in": [ - "/ExpandedLicensing/LicenseAddition" + "/Software/Package" ] }, - "/ExpandedLicensing/standardLicenseHeader": { + "/Software/contentIdentifierType": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "standardLicenseHeader", - "fqname": "/ExpandedLicensing/standardLicenseHeader", - "summary": "Provides a License author's preferred text to indicate that a file is covered\nby the License.", - "description": "A standardLicenseHeader contains the plain text of the License author's\npreferred wording to be used, typically in a source code file's header\ncomments or similar location, to indicate that the file is subject to\nthe specified License.", + "name": "contentIdentifierType", + "fqname": "/Software/contentIdentifierType", + "summary": "Specifies the type of the content identifier.", + "description": "A contentIdentifierType specifies the type of the content identifier.", "metadata": { - "name": "standardLicenseHeader", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "contentIdentifierType", + "Nature": "ObjectProperty", + "Range": "ContentIdentifierType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType", "used_in": [ - "/ExpandedLicensing/License" + "/Software/ContentIdentifier" ] }, - "/ExpandedLicensing/subjectExtendableLicense": { + "/Software/snippetFromFile": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "subjectExtendableLicense", - "fqname": "/ExpandedLicensing/subjectExtendableLicense", - "summary": "A License participating in a 'with addition' model.", - "description": "A subjectExtendableLicense is a License which is subject to a 'with additional\ntext' effect (WithAdditionOperator).", + "name": "snippetFromFile", + "fqname": "/Software/snippetFromFile", + "summary": "Defines the original host file that the snippet information applies to.", + "description": "The field identifies the file which contains the snippet.", "metadata": { - "name": "subjectExtendableLicense", + "name": "snippetFromFile", "Nature": "ObjectProperty", - "Range": "ExtendableLicense" + "Range": "File" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile", "used_in": [ - "/ExpandedLicensing/WithAdditionOperator" + "/Software/Snippet" ] }, - "/ExpandedLicensing/additionText": { + "/Software/packageUrl": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "additionText", - "fqname": "/ExpandedLicensing/additionText", - "summary": "Identifies the full text of a LicenseAddition.", - "description": "An additionText contains the plain text of the LicenseAddition, without\ntemplating or other similar markup.\n\nUsers of the additionText for a License can apply the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nwhen comparing it to another text for matching purposes.", + "name": "packageUrl", + "fqname": "/Software/packageUrl", + "summary": "Provides a place for the SPDX data creator to record the package URL string\n(in accordance with the\n[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst))\nfor a software Package.", + "description": "A packageUrl (commonly pronounced and referred to as \"purl\") is an attempt to\nstandardize package representations in order to reliably identify and locate\nsoftware packages. A purl is a URL string which represents a package in a\nmostly universal and uniform way across programming languages, package\nmanagers, packaging conventions, tools, APIs and databases.\n\nThe purl URL string is defined by seven components:\n\n```text\nscheme:type/namespace/name@version?qualifiers#subpath\n```\n\nThe definition for each component can be found in the\n[purl specification](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst).\nComponents are designed such that they form a hierarchy from the most\nsignificant on the left to the least significant components on the right.\n\nParsing a purl string into its components works from left to right. Some extra\ntype-specific normalizations are required. For more information, see\n[How to parse a purl string in its components](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst#how-to-parse-a-purl-string-in-its-components).", "metadata": { - "name": "additionText", + "name": "packageUrl", "Nature": "DataProperty", - "Range": "xsd:string" + "Range": "xsd:anyURI" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl", "used_in": [ - "/ExpandedLicensing/LicenseAddition" + "/Software/Package" ] }, - "/ExpandedLicensing/subjectLicense": { + "/Software/fileKind": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "subjectLicense", - "fqname": "/ExpandedLicensing/subjectLicense", - "summary": "A License participating in an 'or later' model.", - "description": "A subjectLicense is a License which is subject an 'or later' effect\n(OrLaterOperator).", + "name": "fileKind", + "fqname": "/Software/fileKind", + "summary": "Describes if a given file is a directory or non-directory kind of file.", + "description": "An SPDX file may represent a specific file or a directory of files.\n\nIn the future, this may be extended to other kinds (e.g. network based files).", + "metadata": { + "name": "fileKind", + "Nature": "ObjectProperty", + "Range": "FileKindType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind", + "used_in": [ + "/Software/File" + ] + }, + "/Software/primaryPurpose": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "primaryPurpose", + "fqname": "/Software/primaryPurpose", + "summary": "Provides information about the primary purpose of the software artifact.", + "description": "primaryPurpose provides information about the primary purpose of the software\nartifact.", + "metadata": { + "name": "primaryPurpose", + "Nature": "ObjectProperty", + "Range": "SoftwarePurpose" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose", + "used_in": [ + "/Software/SoftwareArtifact" + ] + }, + "/Software/sbomType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "sbomType", + "fqname": "/Software/sbomType", + "summary": "Provides information about the type of an SBOM.", + "description": "This field is a reasonable estimation of the type of SBOM created from a\ncreator perspective.\n\nIt is intended to be used to give guidance on the elements that may be\ncontained within it.\n\nAligning with the guidance produced in\n[Types of Software Bill of Material (SBOM) Documents](https://www.cisa.gov/sites/default/files/2023-04/sbom-types-document-508c.pdf).", "metadata": { - "name": "subjectLicense", + "name": "sbomType", "Nature": "ObjectProperty", - "Range": "License" + "Range": "SbomType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType", "used_in": [ - "/ExpandedLicensing/OrLaterOperator" + "/Software/Sbom" ] }, - "/ExpandedLicensing/licenseXml": { + "/Software/copyrightText": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "licenseXml", - "fqname": "/ExpandedLicensing/licenseXml", - "summary": "Identifies all the text and metadata associated with a license in the license\nXML format.", - "description": "The license XML format is defined and used by the SPDX legal team.\n\nThe formal schema definition is available at\n[SPDX License List XML Schema](https://github.com/spdx/license-list-XML/blob/v3.24.0/schema/ListedLicense.xsd).\n\nFor a text description of the XML fields, see\n[XML template fields](https://github.com/spdx/license-list-XML/blob/v3.24.0/DOCS/xml-fields.md).", + "name": "copyrightText", + "fqname": "/Software/copyrightText", + "summary": "Identifies the text of one or more copyright notices for a software Package,\nFile or Snippet, if any.", + "description": "A copyrightText consists of the text(s) of the copyright notice(s) found\nfor a software Package, File or Snippet, if any.\n\nIf a copyrightText contains text, then it may contain any text related to\none or more copyright notices (even if not complete) for that software\nPackage, File or Snippet.\n\nIf a copyrightText has a \"NONE\" value, this indicates that the software\nPackage, File or Snippet contains no copyright notice whatsoever.\n\nIf a copyrightText has a \"NOASSERTION\" value, this indicates that one of the\nfollowing applies:\n\n- the SPDX data creator has attempted to but cannot reach a reasonable\n objective determination;\n- the SPDX data creator has made no attempt to determine this field; or\n- the SPDX data creator has intentionally provided no information (no\n meaning should be implied by doing so).\n\nIf a copyrightText is present, but consists of solely an empty string or a\nstring with no substantive content (e.g., a string that contains only\nwhitespace), then this should be interpreted as equivalent to a \"NOASSERTION\"\nvalue as described above.", "metadata": { - "name": "licenseXml", + "name": "copyrightText", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText", "used_in": [ - "/ExpandedLicensing/LicenseAddition", - "/ExpandedLicensing/License" + "/Software/SoftwareArtifact" ] }, - "/ExpandedLicensing/listVersionAdded": { + "/Software/downloadLocation": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "listVersionAdded", - "fqname": "/ExpandedLicensing/listVersionAdded", - "summary": "Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added.", - "description": "A listVersionAdded for a ListedLicense or ListedLicenseException on the\n[SPDX License List](https://spdx.org/licenses/)\nspecifies which version release of the License List was the first\none in which it was included.", + "name": "downloadLocation", + "fqname": "/Software/downloadLocation", + "summary": "Identifies the download Uniform Resource Identifier for the package at the time\nthat the document was created.", + "description": "A downloadLocation identifies the download Uniform Resource Identifier\nfor the package at the time that the document was created.\n\nWhere and how to download the exact package being referenced\nis critical for verification and tracking data.", "metadata": { - "name": "listVersionAdded", + "name": "downloadLocation", "Nature": "DataProperty", - "Range": "xsd:string" + "Range": "xsd:anyURI" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded", + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation", "used_in": [ - "/ExpandedLicensing/ListedLicenseException", - "/ExpandedLicensing/ListedLicense" + "/Software/Package" ] + } + }, + "vocabularies": { + "/Software/SbomType": { + "py/object": "spec_parser.model.Vocabulary", + "ns": { + "py/id": 649 + }, + "license": "Community-Spec-1.0", + "name": "SbomType", + "fqname": "/Software/SbomType", + "summary": "Provides a set of values to be used to describe the common types of SBOMs that\ntools may create.", + "description": "The set of SBOM types with definitions as defined in\n[Types of Software Bill of Material (SBOM) Documents](https://www.cisa.gov/sites/default/files/2023-04/sbom-types-document-508c.pdf),\npublished on April 21, 2023.\n\nAn SBOM type describes the most likely type of an SBOM from the producer\nperspective, so that consumers can draw conclusions about the data inside an\nSBOM.\n\nA single SBOM can have multiple SBOM document types associated with it.", + "metadata": { + "name": "SbomType" + }, + "entries": { + "design": "SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact.", + "source": "SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact.", + "build": "SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs.", + "deployed": "SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment.", + "runtime": "SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM.", + "analyzed": "SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" }, - "/ExpandedLicensing/deprecatedVersion": { - "py/object": "spec_parser.model.Property", + "/Software/SoftwarePurpose": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "deprecatedVersion", - "fqname": "/ExpandedLicensing/deprecatedVersion", - "summary": "Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated.", - "description": "A deprecatedVersion, for a ListedLicense on the\n[SPDX License List](https://spdx.org/licenses/)\nor a ListedLicenseException on the\n[SPDX License Exceptions](https://spdx.org/licenses/exceptions-index.html),\nspecifies which version release of the License List was the first\none in which it was marked as deprecated.", + "name": "SoftwarePurpose", + "fqname": "/Software/SoftwarePurpose", + "summary": "Provides information about the primary purpose of an Element.", + "description": "This field provides information about the primary purpose of an Element.\n\nSoftware Purpose is intrinsic to how the Element is being used rather than the\ncontent of the Element.\n\nThis field is a reasonable estimate of the most likely usage of the Element\nfrom the producer and consumer perspective from which both parties can draw\nconclusions about the context in which the Element exists.", "metadata": { - "name": "deprecatedVersion", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "SoftwarePurpose" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion", - "used_in": [ - "/ExpandedLicensing/ListedLicenseException", - "/ExpandedLicensing/ListedLicense" - ] + "entries": { + "application": "the Element is a software application", + "archive": "the Element is an archived collection of one or more files (.tar, .zip, etc)", + "bom": "Element is a bill of materials", + "configuration": "Element is configuration data", + "container": "the Element is a container image which can be used by a container runtime application", + "data": "Element is data", + "device": "the Element refers to a chipset, processor, or electronic board", + "diskImage": "the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc.", + "deviceDriver": "Element represents software that controls hardware devices", + "documentation": "Element is documentation", + "evidence": "the Element is the evidence that a specification or requirement has been fulfilled", + "executable": "Element is an Artifact that can be run on a computer", + "file": "the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc)", + "filesystemImage": "the Element is a file system image that can be written to a disk (or virtual) partition", + "firmware": "the Element provides low level control over a device's hardware", + "framework": "the Element is a software framework", + "install": "the Element is used to install software on disk", + "library": "the Element is a software library", + "manifest": "the Element is a software manifest", + "model": "the Element is a machine learning or artificial intelligence model", + "module": "the Element is a module of a piece of software", + "operatingSystem": "the Element is an operating system", + "other": "the Element doesn't fit into any of the other categories", + "patch": "Element contains a set of changes to update, fix, or improve another Element", + "platform": "Element represents a runtime environment", + "requirement": "the Element provides a requirement needed as input for another Element", + "source": "the Element is a single or a collection of source files", + "specification": "the Element is a plan, guideline or strategy how to create, perform or analyse an application", + "test": "The Element is a test used to verify functionality on an software element" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" }, - "/ExpandedLicensing/isDeprecatedLicenseId": { - "py/object": "spec_parser.model.Property", + "/Software/ContentIdentifierType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "isDeprecatedLicenseId", - "fqname": "/ExpandedLicensing/isDeprecatedLicenseId", - "summary": "Specifies whether a license or additional text identifier has been marked as\ndeprecated.", - "description": "The isDeprecatedLicenseId property specifies whether an identifier for a\nLicense or LicenseAddition has been marked as deprecated. If the property\nis not defined, then it is presumed to be false (i.e., not deprecated).\n\nIf the License or LicenseAddition is included on the\n[SPDX License List](https://spdx.org/licenses/), then\nthe `deprecatedVersion` property indicates on which version release of the\nLicense List it was first marked as deprecated.\n\n\"Deprecated\" in this context refers to deprecating the use of the\n_identifier_, not the underlying license. In other words, even if a License's\nauthor or steward has stated that a particular License generally should not be\nused, that would _not_ mean that the License's identifier is \"deprecated.\"\nRather, a License or LicenseAddition operator is typically marked as\n\"deprecated\" when it is determined that use of another identifier is\npreferable.", + "name": "ContentIdentifierType", + "fqname": "/Software/ContentIdentifierType", + "summary": "Specifies the type of a content identifier.", + "description": "ContentIdentifierType specifies the type of a content identifier.", "metadata": { - "name": "isDeprecatedLicenseId", - "Nature": "DataProperty", - "Range": "xsd:boolean" + "name": "ContentIdentifierType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId", - "used_in": [ - "/ExpandedLicensing/License" - ] + "entries": { + "gitoid": "Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document).", + "swhid": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" }, - "/ExpandedLicensing/standardAdditionTemplate": { - "py/object": "spec_parser.model.Property", + "/Software/FileKindType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 797 + "py/id": 649 }, "license": "Community-Spec-1.0", - "name": "standardAdditionTemplate", - "fqname": "/ExpandedLicensing/standardAdditionTemplate", - "summary": "Identifies the full text of a LicenseAddition, in SPDX templating format.", - "description": "A standardAdditionTemplate contains a license addition template which describes\nsections of the LicenseAddition text which can be varied.\n\nSee the Legacy Text Template format section of the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nfor format information.\n\nIt is recommended to use [licenseXml](./licenseXml.md) instead, as it can\ncapture all the text and metadata associated with a license.", + "name": "FileKindType", + "fqname": "/Software/FileKindType", + "summary": "Enumeration of the different kinds of SPDX file.", + "description": "An SPDX file may represent a file on disk or a directory of files.\n\nIn the future, this may be extended to other kinds (e.g. network based files).", "metadata": { - "name": "standardAdditionTemplate", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "FileKindType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate", - "used_in": [ - "/ExpandedLicensing/LicenseAddition" - ] + "entries": { + "file": "The file represents a single file (default).", + "directory": "The file represents a directory and all content stored in that directory." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" + } + }, + "individuals": {}, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "Software", + "summary": "Everything having to do with software.", + "description": "The Software namespace defines concepts related to software artifacts.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/Software", + "name": "Software" + }, + "conformance": null, + "iri": "https://spdx.org/rdf/3.0.1/terms/Software" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": { + "/Core/IntegrityMethod": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "IntegrityMethod", + "fqname": "/Core/IntegrityMethod", + "summary": "Provides an independently reproducible mechanism that permits verification of a specific Element.", + "description": "An IntegrityMethod provides an independently reproducible mechanism that permits verification\nof a specific Element that correlates to the data in this SPDX document. This identifier enables\na recipient to determine if anything in the original Element has been changed and eliminates\nconfusion over which version or modification of a specific Element is referenced.\n\nPlease note that different profiles may also provide additional methods for verifying the integrity of specific subclasses of Elements.", + "metadata": { + "name": "IntegrityMethod", + "Instantiability": "Abstract" + }, + "properties": { + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0 + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + } + } }, - "/ExpandedLicensing/isFsfLibre": { - "py/object": "spec_parser.model.Property", + "/Core/DictionaryEntry": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "isFsfLibre", - "fqname": "/ExpandedLicensing/isFsfLibre", - "summary": "Specifies whether the License is listed as free by the\n[Free Software Foundation (FSF)](https://fsf.org).", - "description": "isFsfLibre specifies whether the\n[Free Software Foundation (FSF)](https://fsf.org)\nhas listed this License as \"free\" in their commentary on licenses, located at\nthe time of this writing at\n[Various Licenses and Comments about Them](https://www.gnu.org/licenses/license-list.en.html).\n\nA value of \"true\" indicates that the license is in the list of licenses that\nFSF publishes as libre.\n\nA value of \"false\" indicates that the license is explicitly not in the\ncorresponding list of FSF libre licenses (e.g., FSF has the license on a\nnon-free list).\n\nIf the isFsfLibre field is not specified, the SPDX data creator makes no\nassertions about whether the License is listed in the FSF's commentary.", + "name": "DictionaryEntry", + "fqname": "/Core/DictionaryEntry", + "summary": "A key with an associated value.", + "description": "The class used for implementing a generic string mapping (also known as\nassociative array, dictionary, or hash map) in SPDX.\n\nEach DictionaryEntry contains a key-value pair which maps the key to its\nassociated value.\n\nTo implement a dictionary, this class is to be used in a collection with\nunique keys.", "metadata": { - "name": "isFsfLibre", - "Nature": "DataProperty", - "Range": "xsd:boolean" + "name": "DictionaryEntry", + "Instantiability": "Concrete" + }, + "properties": { + "key": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/key" + }, + "value": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/value", + "minCount": 0 + } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre", - "used_in": [ - "/ExpandedLicensing/License" - ] + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "key": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/key", + "fullname": "/Core/key", + "fulltype": "xsd:string" + }, + "value": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/value", + "minCount": 0, + "fullname": "/Core/value", + "fulltype": "xsd:string" + } + } }, - "/ExpandedLicensing/standardLicenseTemplate": { - "py/object": "spec_parser.model.Property", + "/Core/Artifact": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "standardLicenseTemplate", - "fqname": "/ExpandedLicensing/standardLicenseTemplate", - "summary": "Identifies the full text of a License, in SPDX templating format.", - "description": "A standardLicenseTemplate contains a license template which describes sections\nof the License text which can be varied.\n\nSee the Legacy Text Template format section of the\n[SPDX License List Matching Guidelines](../../../annexes/license-matching-guidelines-and-templates.md)\nfor format information.\n\nIt is recommended to use [licenseXml](./licenseXml.md) instead, as it can\ncapture all the text and metadata associated with a license.", + "name": "Artifact", + "fqname": "/Core/Artifact", + "summary": "A distinct article or unit within the digital domain.", + "description": "An artifact is a distinct article or unit within the digital domain,\nsuch as an electronic file, a software package, a device or an element of data.", "metadata": { - "name": "standardLicenseTemplate", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "Artifact", + "SubclassOf": "Element", + "Instantiability": "Abstract" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate", - "used_in": [ - "/ExpandedLicensing/License" - ] - } - }, - "vocabularies": {}, - "individuals": { - "/ExpandedLicensing/NoAssertionLicense": { - "py/object": "spec_parser.model.Individual", + "properties": { + "originatedBy": { + "type": "Agent", + "minCount": "0", + "fqname": "/Core/originatedBy", + "maxCount": "*" + }, + "suppliedBy": { + "type": "Agent", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/suppliedBy" + }, + "builtTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/builtTime" + }, + "releaseTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/releaseTime" + }, + "validUntilTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/validUntilTime" + }, + "standardName": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Core/standardName", + "maxCount": "*" + }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact", + "fqsupercname": "/Core/Element", + "inheritance_stack": [ + "/Core/Element" + ], + "all_properties": { + "originatedBy": { + "type": "Agent", + "minCount": "0", + "fqname": "/Core/originatedBy", + "maxCount": "*", + "fullname": "/Core/originatedBy", + "fulltype": "/Core/Agent" + }, + "suppliedBy": { + "type": "Agent", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" + }, + "builtTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/builtTime", + "fullname": "/Core/builtTime", + "fulltype": "/Core/DateTime" + }, + "releaseTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/releaseTime", + "fullname": "/Core/releaseTime", + "fulltype": "/Core/DateTime" + }, + "validUntilTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/validUntilTime", + "fullname": "/Core/validUntilTime", + "fulltype": "/Core/DateTime" + }, + "standardName": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Core/standardName", + "maxCount": "*", + "fullname": "/Core/standardName", + "fulltype": "xsd:string" + }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*", + "fullname": "/Core/supportLevel", + "fulltype": "/Core/SupportType" + }, + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" + }, + "name": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" + }, + "summary": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", + "fulltype": "xsd:string" + }, + "description": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "creationInfo": { + "type": "CreationInfo", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" + }, + "externalRef": { + "type": "ExternalRef", + "minCount": "0", + "fqname": "/Core/externalRef", + "maxCount": "*", + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" + }, + "externalIdentifier": { + "type": "ExternalIdentifier", + "minCount": "0", + "fqname": "/Core/externalIdentifier", + "maxCount": "*", + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" + }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } + }, + "/Core/ExternalMap": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "NoAssertionLicense", - "fqname": "/ExpandedLicensing/NoAssertionLicense", - "summary": "An Individual Value for License when no assertion can be made about its actual\nvalue.", - "description": "NoAssertionLicense should be used if\n\n- the SPDX creator has attempted to but cannot reach a reasonable objective\n determination;\n- the SPDX creator has made no attempt to determine this field; or\n- the SPDX creator has intentionally provided no information (no meaning should\n be implied by doing so).", + "name": "ExternalMap", + "fqname": "/Core/ExternalMap", + "summary": "A map of Element identifiers that are used within a Document but defined external to that Document.", + "description": "An External Map is a map of Element identifiers that are used within a Document\nbut defined external to that Document.\nThe external map provides details about the externally-defined Element\nsuch as its provenance, where to retrieve it, and how to verify its integrity.", "metadata": { - "name": "NoAssertionLicense", - "type": "IndividualLicensingInfo", - "IRI": "https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion" + "name": "ExternalMap", + "Instantiability": "Concrete" }, - "values": { - "name": "\"NOASSERTION\"" + "properties": { + "externalSpdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/externalSpdxId" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*" + }, + "locationHint": { + "type": "xsd:anyURI", + "maxCount": "1", + "fqname": "/Core/locationHint", + "minCount": 0 + }, + "definingArtifact": { + "type": "Artifact", + "maxCount": "1", + "fqname": "/Core/definingArtifact", + "minCount": 0 + } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense" + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "externalSpdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/externalSpdxId", + "fullname": "/Core/externalSpdxId", + "fulltype": "xsd:anyURI" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" + }, + "locationHint": { + "type": "xsd:anyURI", + "maxCount": "1", + "fqname": "/Core/locationHint", + "minCount": 0, + "fullname": "/Core/locationHint", + "fulltype": "xsd:anyURI" + }, + "definingArtifact": { + "type": "Artifact", + "maxCount": "1", + "fqname": "/Core/definingArtifact", + "minCount": 0, + "fullname": "/Core/definingArtifact", + "fulltype": "/Core/Artifact" + } + } }, - "/ExpandedLicensing/NoneLicense": { - "py/object": "spec_parser.model.Individual", + "/Core/CreationInfo": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 797 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "NoneLicense", - "fqname": "/ExpandedLicensing/NoneLicense", - "summary": "An Individual Value for License where the SPDX data creator determines that no\nlicense is present.", - "description": "NoneLicense should be used if the SPDX creator determines there is no license\navailable for this Artifact.", + "name": "CreationInfo", + "fqname": "/Core/CreationInfo", + "summary": "Provides information about the creation of the Element.", + "description": "The CreationInfo provides information about who created the Element, and when\nand how it was created.\n\nThe dateTime created is often the date of last change\n(e.g., a git commit date), not the date when the SPDX data was created, as\ndoing so supports reproducible builds.", "metadata": { - "name": "NoneLicense", - "type": "IndividualLicensingInfo", - "IRI": "https://spdx.org/rdf/3.0.1/terms/Licensing/None" + "name": "CreationInfo", + "Instantiability": "Concrete" }, - "values": { - "name": "\"NONE\"" + "properties": { + "specVersion": { + "type": "SemVer", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/specVersion" + }, + "comment": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/comment" + }, + "created": { + "type": "DateTime", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/created" + }, + "createdBy": { + "type": "Agent", + "minCount": "1", + "fqname": "/Core/createdBy", + "maxCount": "*" + }, + "createdUsing": { + "type": "Tool", + "minCount": "0", + "fqname": "/Core/createdUsing", + "maxCount": "*" + } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense" - } - }, - "datatypes": {}, - "license": "Community-Spec-1.0", - "name": "ExpandedLicensing", - "summary": "Fully expanded license expressions.", - "description": "This profile supports representing a fully expanded\n[license expression](../../annexes/SPDX-license-expressions.md)\nin object form.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing", - "name": "ExpandedLicensing" - }, - "conformance": null, - "iri": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": { - "/Extension/CdxPropertyEntry": { + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "specVersion": { + "type": "SemVer", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/specVersion", + "fullname": "/Core/specVersion", + "fulltype": "/Core/SemVer" + }, + "comment": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/comment", + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "created": { + "type": "DateTime", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/created", + "fullname": "/Core/created", + "fulltype": "/Core/DateTime" + }, + "createdBy": { + "type": "Agent", + "minCount": "1", + "fqname": "/Core/createdBy", + "maxCount": "*", + "fullname": "/Core/createdBy", + "fulltype": "/Core/Agent" + }, + "createdUsing": { + "type": "Tool", + "minCount": "0", + "fqname": "/Core/createdUsing", + "maxCount": "*", + "fullname": "/Core/createdUsing", + "fulltype": "/Core/Tool" + } + } + }, + "/Core/ElementCollection": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1131 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "CdxPropertyEntry", - "fqname": "/Extension/CdxPropertyEntry", - "summary": "A property name with an associated value.", - "description": "Each CdxPropertyEntry contains a name-value pair which maps the name to its\nassociated value.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.\n\nThis class can be used to implement CycloneDX compatible properties.", + "name": "ElementCollection", + "fqname": "/Core/ElementCollection", + "summary": "A collection of Elements, not necessarily with unifying context.", + "description": "An ElementCollection is a collection of Elements, not necessarily with unifying\ncontext.\n\nNote that all ElementCollections must conform to the core profile even if the\ncore profile is no specified in the profileConformance property.\n\nIf the profileConformance property is not provided, core is to be assumed as\nthe default.\n\n**Constraints**\n\n- If the ElementCollection has at least 1 element, it must also have at least\n 1 rootElement.\n- The element must not be of type SpdxDocument.\n- The rootElement must not be of type SpdxDocument.", "metadata": { - "name": "CdxPropertyEntry", - "Instantiability": "Concrete" + "name": "ElementCollection", + "SubclassOf": "Element", + "Instantiability": "Abstract" }, "properties": { - "cdxPropName": { - "type": "xsd:string", + "element": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/element", + "maxCount": "*" + }, + "rootElement": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/rootElement", + "maxCount": "*" + }, + "profileConformance": { + "type": "ProfileIdentifierType", + "fqname": "/Core/profileConformance", + "minCount": 0, + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection", + "fqsupercname": "/Core/Element", + "inheritance_stack": [ + "/Core/Element" + ], + "all_properties": { + "element": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/element", + "maxCount": "*", + "fullname": "/Core/element", + "fulltype": "/Core/Element" + }, + "rootElement": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/rootElement", + "maxCount": "*", + "fullname": "/Core/rootElement", + "fulltype": "/Core/Element" + }, + "profileConformance": { + "type": "ProfileIdentifierType", + "fqname": "/Core/profileConformance", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/profileConformance", + "fulltype": "/Core/ProfileIdentifierType" + }, + "spdxId": { + "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/Extension/cdxPropName" + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" }, - "cdxPropValue": { + "name": { "type": "xsd:string", "maxCount": "1", - "fqname": "/Extension/cdxPropValue", - "minCount": 0 - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "cdxPropName": { + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" + }, + "summary": { "type": "xsd:string", - "minCount": "1", "maxCount": "1", - "fqname": "/Extension/cdxPropName", - "fullname": "/Extension/cdxPropName", + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", "fulltype": "xsd:string" }, - "cdxPropValue": { + "description": { "type": "xsd:string", "maxCount": "1", - "fqname": "/Extension/cdxPropValue", + "fqname": "/Core/description", "minCount": 0, - "fullname": "/Extension/cdxPropValue", + "fullname": "/Core/description", "fulltype": "xsd:string" - } - } - }, - "/Extension/Extension": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 1131 - }, - "license": "Community-Spec-1.0", - "name": "Extension", - "fqname": "/Extension/Extension", - "summary": "A characterization of some aspect of an Element that is associated with the Element in a generalized fashion.", - "description": "An Extension is a characterization of some aspect of an Element that is associated with the Element in a generalized fashion.\n\nRather than being associated with a particular Element through the typical use of a purpose-specific object property an Extension is associated with the Element it characterizes using a single common generalized object property.\n\nThis approach serves multiple purposes:\n\n1. **Support profile-based extended characterization of Elements.** Enables specification and expression of Element characterization extensions within any profile and namespace of SPDX without requiring changes to other profiles or namespaces and without requiring local subclassing of remote classes (which could inhibit ecosystem interoperability in some cases).\n\n2. **Support extension of SPDX by adopting individuals or communities with Element characterization details uniquely specialized to their particular context.** Enables adopting individuals or communities to utilize SPDX expressive capabilities along with expressing more arcane Element characterization details specific to them and not appropriate for standardization across SPDX.\n\n3. **Support structured capture of expressive solutions for gaps in SPDX coverage from real-world use.** Enables adopting individuals or communities to express Element characterization details they require that are not currently defined in SPDX but likely should be. Enables a practical pipeline that\n\n - identifies gaps in SPDX that should be filled,\n - expresses solutions to those gaps in a way that allows the identifying adopters to use the extended solutions with SPDX and does not conflict with current SPDX,\n - can be clearly detected among the SPDX content exchange ecosystem,\n - provides a clear and structured definition of gap solution that can be used as submission for revision to SPDX standard", - "metadata": { - "name": "Extension", - "Instantiability": "Abstract" - }, - "properties": {}, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": {} - }, - "/Extension/CdxPropertiesExtension": { - "py/object": "spec_parser.model.Class", - "ns": { - "py/id": 1131 - }, - "license": "Community-Spec-1.0", - "name": "CdxPropertiesExtension", - "fqname": "/Extension/CdxPropertiesExtension", - "summary": "A type of extension consisting of a list of name value pairs.", - "description": "This extension provides a more structured extension using a name-value\napproach.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.\n\nThis is intended to be compatible with the CycloneDX property `properties`.", - "metadata": { - "name": "CdxPropertiesExtension", - "SubclassOf": "Extension", - "Instantiability": "Concrete" - }, - "properties": { - "cdxProperty": { - "type": "CdxPropertyEntry", - "minCount": "1", - "fqname": "/Extension/cdxProperty", - "maxCount": "*" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension", - "fqsupercname": "/Extension/Extension", - "inheritance_stack": [ - "/Extension/Extension" - ], - "all_properties": { - "cdxProperty": { - "type": "CdxPropertyEntry", + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "creationInfo": { + "type": "CreationInfo", "minCount": "1", - "fqname": "/Extension/cdxProperty", + "maxCount": "1", + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, "maxCount": "*", - "fullname": "/Extension/cdxProperty", - "fulltype": "/Extension/CdxPropertyEntry" + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" + }, + "externalRef": { + "type": "ExternalRef", + "minCount": "0", + "fqname": "/Core/externalRef", + "maxCount": "*", + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" + }, + "externalIdentifier": { + "type": "ExternalIdentifier", + "minCount": "0", + "fqname": "/Core/externalIdentifier", + "maxCount": "*", + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" + }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" } } - } - }, - "properties": { - "/Extension/cdxPropValue": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1131 - }, - "license": "Community-Spec-1.0", - "name": "cdxPropValue", - "fqname": "/Extension/cdxPropValue", - "summary": "A value used in a CdxExtension name-value pair.", - "description": "A cdxPropValue is used in a CdxExtension name-value pair.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.", - "metadata": { - "name": "cdxPropValue", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue", - "used_in": [ - "/Extension/CdxPropertyEntry" - ] - }, - "/Extension/cdxPropName": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1131 - }, - "license": "Community-Spec-1.0", - "name": "cdxPropName", - "fqname": "/Extension/cdxPropName", - "summary": "A name used in a CdxExtension name-value pair.", - "description": "A cdxPropName is used in a CdxExtension name-value pair.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.", - "metadata": { - "name": "cdxPropName", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName", - "used_in": [ - "/Extension/CdxPropertyEntry" - ] }, - "/Extension/cdxProperty": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1131 - }, - "license": "Community-Spec-1.0", - "name": "cdxProperty", - "fqname": "/Extension/cdxProperty", - "summary": "Provides a map of a property names to a values.", - "description": "This field provides a mapping of a name to a value.\n\nThis is intended to be compatible with the CycloneDX property \"properties\".\n\nUnlike key-value stores, properties support duplicate names, each potentially\nhaving different values.", - "metadata": { - "name": "cdxProperty", - "Nature": "ObjectProperty", - "Range": "CdxPropertyEntry" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty", - "used_in": [ - "/Extension/CdxPropertiesExtension" - ] - } - }, - "vocabularies": {}, - "individuals": {}, - "datatypes": {}, - "license": "Community-Spec-1.0", - "name": "Extension", - "summary": "Everything having to do with SPDX extensions.", - "description": "The Extension namespace defines the abstract Extension class serving as the\nbase for all defined extension subclasses.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/Extension", - "name": "Extension" - }, - "conformance": null, - "iri": "https://spdx.org/rdf/3.0.1/terms/Extension" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": { - "/Software/ContentIdentifier": { + "/Core/NamespaceMap": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "ContentIdentifier", - "fqname": "/Software/ContentIdentifier", - "summary": "A canonical, unique, immutable identifier", - "description": "A ContentIdentifier is a canonical, unique, immutable identifier of the content\nof a software artifact, such as a package, a file, or a snippet.\n\nIt can be used for verifying its identity and integrity.", + "name": "NamespaceMap", + "fqname": "/Core/NamespaceMap", + "summary": "A mapping between prefixes and namespace partial URIs.", + "description": "A namespace map allows the creator of a collection of Elements that could be\nserialized to suggest a set of shorter identifiers (\"prefixes\") for particular\nnamespace portions of ElementIDs to be used in SPDX content serialization in\norder to provide a more human-readable and smaller serialized representation of\nthe Elements.\n\nFor details of how NamespaceMap content is to be serialized please refer to\ngeneral SPDX serialization guidance at\n\nand the various serialization format specific .md filed under\n\n(TODO: update the URLs as soon as the context is publicly available)\n\nNamespace maps support a variety of relevant use cases such as:\n\n1. An SPDX content producer wishing to provide clarity of their serialization\n of an SPDX 2.X simple style collection where all content is newly minted and\n a single prefix-namespace is used. The consumer of SPDX content wishes to\n preserve the name space mapping provided by such a producer. In this case,\n the consumer would record the namespace map prefixes in the NamespaceMap such\n that subsequent serializations could reproduce the prefixes / namespaces in\n the native serialization format.\n\n2. An SPDX content producer wishing to maintain consistent prefix use and\n understanding across multiple different serialization formats of the produced\n content.\n For example, an SBOM producer wishes to share/publish the SBOM as JSON-LD and\n XML. The producer can specify the preferred prefix mappings in the native\n serialization format using information from a single Namespacemap accessible\n local to the producer.\n\n3. An SPDX content consumer/producer wishing to maintain consistent prefix use\n while round tripping from SPDX content received, deserialized,\n modified/extended in some way, and then reserialized in the same\n serialization form.\n In this case the prefix-namespace mappings utilized in the content are\n transformed from the original native namespace/prefix into the in memory\n NamespaceMap then transformed from the NamespaceMap back into the resultant\n serialization native namespace / prefix format.", "metadata": { - "name": "ContentIdentifier", - "SubclassOf": "/Core/IntegrityMethod", + "name": "NamespaceMap", "Instantiability": "Concrete" }, "properties": { - "contentIdentifierType": { - "type": "ContentIdentifierType", + "prefix": { + "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/Software/contentIdentifierType" + "fqname": "/Core/prefix" }, - "contentIdentifierValue": { + "namespace": { "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/Software/contentIdentifierValue" + "fqname": "/Core/namespace" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", - "fqsupercname": "/Core/IntegrityMethod", - "inheritance_stack": [ - "/Core/IntegrityMethod" - ], + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap", + "fqsupercname": null, + "inheritance_stack": [], "all_properties": { - "contentIdentifierType": { - "type": "ContentIdentifierType", + "prefix": { + "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/Software/contentIdentifierType", - "fullname": "/Software/contentIdentifierType", - "fulltype": "/Software/ContentIdentifierType" + "fqname": "/Core/prefix", + "fullname": "/Core/prefix", + "fulltype": "xsd:string" }, - "contentIdentifierValue": { + "namespace": { "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/Software/contentIdentifierValue", - "fullname": "/Software/contentIdentifierValue", + "fqname": "/Core/namespace", + "fullname": "/Core/namespace", "fulltype": "xsd:anyURI" - }, - "comment": { - "type": "xsd:string", - "maxCount": "1", - "fqname": "/Core/comment", - "minCount": 0, - "fullname": "/Core/comment", - "fulltype": "xsd:string" } } }, - "/Software/Sbom": { + "/Core/Bom": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "Sbom", - "fqname": "/Software/Sbom", - "summary": "A collection of SPDX Elements describing a single package.", - "description": "A Software Bill of Materials (SBOM) is a collection of SPDX Elements describing\na single package.\n\nThis could include details of the content and composition of the product,\nprovenance details of the product and/or its composition, licensing\ninformation, known quality or security issues, etc.", + "name": "Bom", + "fqname": "/Core/Bom", + "summary": "A container for a grouping of SPDX-3.0 content characterizing details\n(provenence, composition, licensing, etc.) about a product.", + "description": "A Bill of Materials (BOM) is a container for a grouping of SPDX-3.0 content\ncharacterizing details about a product.\n\nThis could include details of the content and composition of the product,\nprovenence details of the product and/or\nits composition, licensing information, known quality or security issues, etc.", "metadata": { - "name": "Sbom", - "SubclassOf": "/Core/Bom", + "name": "Bom", + "SubclassOf": "Bundle", "Instantiability": "Concrete" }, - "properties": { - "sbomType": { - "type": "SbomType", - "minCount": "0", - "fqname": "/Software/sbomType", - "maxCount": "*" - } - }, + "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/Sbom", - "fqsupercname": "/Core/Bom", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Bom", + "fqsupercname": "/Core/Bundle", "inheritance_stack": [ - "/Core/Bom", "/Core/Bundle", "/Core/ElementCollection", "/Core/Element" ], "all_properties": { - "sbomType": { - "type": "SbomType", - "minCount": "0", - "fqname": "/Software/sbomType", - "maxCount": "*", - "fullname": "/Software/sbomType", - "fulltype": "/Software/SbomType" - }, "context": { "type": "xsd:string", "maxCount": "1", @@ -7908,201 +6727,85 @@ } } }, - "/Software/Package": { + "/Core/Annotation": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "Package", - "fqname": "/Software/Package", - "summary": "Refers to any unit of content that can be associated with a distribution of\nsoftware.", - "description": "A package refers to any unit of content that can be associated with a\ndistribution of software.\n\nTypically, a package is composed of one or more files. \n\nAny of the following non-limiting examples may be (but are not required to be)\nrepresented in SPDX as a package:\n\n- a tarball, zip file or other archive\n- a directory or sub-directory\n- a separately distributed piece of software which another Package or File uses\n or depends upon (e.g., a Python package, a Go module, ...)\n- a container image, and/or each image layer within a container image\n- a collection of one or more sub-packages\n- a Git repository snapshot from a particular point in time\n\nNote that some of these could be represented in SPDX as a file as well.", + "name": "Annotation", + "fqname": "/Core/Annotation", + "summary": "An assertion made in relation to one or more elements.", + "description": "An Annotation is an assertion made in relation to one or more elements.\n\nThe `contentType` property describes the format of the `statement` property.", "metadata": { - "name": "Package", - "SubclassOf": "/Software/SoftwareArtifact", + "name": "Annotation", + "SubclassOf": "Element", "Instantiability": "Concrete" }, "properties": { - "packageVersion": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/packageVersion" - }, - "downloadLocation": { - "type": "xsd:anyURI", - "minCount": "0", + "annotationType": { + "type": "AnnotationType", + "minCount": "1", "maxCount": "1", - "fqname": "/Software/downloadLocation" + "fqname": "/Core/annotationType" }, - "packageUrl": { - "type": "xsd:anyURI", + "contentType": { + "type": "MediaType", "minCount": "0", "maxCount": "1", - "fqname": "/Software/packageUrl" + "fqname": "/Core/contentType" }, - "homePage": { - "type": "xsd:anyURI", + "statement": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Software/homePage" + "fqname": "/Core/statement" }, - "sourceInfo": { - "type": "xsd:string", - "minCount": "0", + "subject": { + "type": "Element", + "minCount": "1", "maxCount": "1", - "fqname": "/Software/sourceInfo" - } - }, - "ext_prop_restrs": { - "/Core/Element/name": { - "minCount": "1" + "fqname": "/Core/subject" } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/Package", - "fqsupercname": "/Software/SoftwareArtifact", + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Annotation", + "fqsupercname": "/Core/Element", "inheritance_stack": [ - "/Software/SoftwareArtifact", - "/Core/Artifact", "/Core/Element" ], "all_properties": { - "packageVersion": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/packageVersion", - "fullname": "/Software/packageVersion", - "fulltype": "xsd:string" - }, - "downloadLocation": { - "type": "xsd:anyURI", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/downloadLocation", - "fullname": "/Software/downloadLocation", - "fulltype": "xsd:anyURI" - }, - "packageUrl": { - "type": "xsd:anyURI", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/packageUrl", - "fullname": "/Software/packageUrl", - "fulltype": "xsd:anyURI" - }, - "homePage": { - "type": "xsd:anyURI", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/homePage", - "fullname": "/Software/homePage", - "fulltype": "xsd:anyURI" - }, - "sourceInfo": { - "type": "xsd:string", - "minCount": "0", + "annotationType": { + "type": "AnnotationType", + "minCount": "1", "maxCount": "1", - "fqname": "/Software/sourceInfo", - "fullname": "/Software/sourceInfo", - "fulltype": "xsd:string" + "fqname": "/Core/annotationType", + "fullname": "/Core/annotationType", + "fulltype": "/Core/AnnotationType" }, - "primaryPurpose": { - "type": "SoftwarePurpose", + "contentType": { + "type": "MediaType", "minCount": "0", "maxCount": "1", - "fqname": "/Software/primaryPurpose", - "fullname": "/Software/primaryPurpose", - "fulltype": "/Software/SoftwarePurpose" - }, - "additionalPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "fqname": "/Software/additionalPurpose", - "maxCount": "*", - "fullname": "/Software/additionalPurpose", - "fulltype": "/Software/SoftwarePurpose" + "fqname": "/Core/contentType", + "fullname": "/Core/contentType", + "fulltype": "/Core/MediaType" }, - "copyrightText": { + "statement": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Software/copyrightText", - "fullname": "/Software/copyrightText", - "fulltype": "xsd:string" - }, - "attributionText": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Software/attributionText", - "maxCount": "*", - "fullname": "/Software/attributionText", + "fqname": "/Core/statement", + "fullname": "/Core/statement", "fulltype": "xsd:string" }, - "contentIdentifier": { - "type": "ContentIdentifier", - "minCount": "0", - "fqname": "/Software/contentIdentifier", - "maxCount": "*", - "fullname": "/Software/contentIdentifier", - "fulltype": "/Software/ContentIdentifier" - }, - "originatedBy": { - "type": "Agent", - "minCount": "0", - "fqname": "/Core/originatedBy", - "maxCount": "*", - "fullname": "/Core/originatedBy", - "fulltype": "/Core/Agent" - }, - "suppliedBy": { - "type": "Agent", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" - }, - "builtTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/builtTime", - "fullname": "/Core/builtTime", - "fulltype": "/Core/DateTime" - }, - "releaseTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/releaseTime", - "fullname": "/Core/releaseTime", - "fulltype": "/Core/DateTime" - }, - "validUntilTime": { - "type": "DateTime", - "minCount": "0", + "subject": { + "type": "Element", + "minCount": "1", "maxCount": "1", - "fqname": "/Core/validUntilTime", - "fullname": "/Core/validUntilTime", - "fulltype": "/Core/DateTime" - }, - "standardName": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Core/standardName", - "maxCount": "*", - "fullname": "/Core/standardName", - "fulltype": "xsd:string" - }, - "supportLevel": { - "type": "SupportType", - "minCount": "0", - "fqname": "/Core/supportLevel", - "maxCount": "*", - "fullname": "/Core/supportLevel", - "fulltype": "/Core/SupportType" + "fqname": "/Core/subject", + "fullname": "/Core/subject", + "fulltype": "/Core/Element" }, "spdxId": { "type": "xsd:anyURI", @@ -8116,7 +6819,7 @@ "type": "xsd:string", "maxCount": "1", "fqname": "/Core/name", - "minCount": "1", + "minCount": 0, "fullname": "/Core/name", "fulltype": "xsd:string" }, @@ -8186,170 +6889,30 @@ } } }, - "/Software/Snippet": { + "/Core/SoftwareAgent": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "Snippet", - "fqname": "/Software/Snippet", - "summary": "Describes a certain part of a file.", - "description": "A Snippet describes a certain part of a file and can be used when the file is\nknown to have some content that has been included from another original source.\n\nSnippets are useful for denoting when part of a file may have been originally\ncreated under another license or copied from a place with a known\nvulnerability.", + "name": "SoftwareAgent", + "fqname": "/Core/SoftwareAgent", + "summary": "A software agent.", + "description": "A SoftwareAgent is a software program that is given the authority (similar to a\nuser's authority) to act on a system.", "metadata": { - "name": "Snippet", - "SubclassOf": "/Software/SoftwareArtifact", + "name": "SoftwareAgent", + "SubclassOf": "Agent", "Instantiability": "Concrete" }, - "properties": { - "byteRange": { - "type": "/Core/PositiveIntegerRange", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/byteRange" - }, - "lineRange": { - "type": "/Core/PositiveIntegerRange", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/lineRange" - }, - "snippetFromFile": { - "type": "File", - "minCount": "1", - "maxCount": "1", - "fqname": "/Software/snippetFromFile" - } - }, + "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/Snippet", - "fqsupercname": "/Software/SoftwareArtifact", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent", + "fqsupercname": "/Core/Agent", "inheritance_stack": [ - "/Software/SoftwareArtifact", - "/Core/Artifact", + "/Core/Agent", "/Core/Element" ], "all_properties": { - "byteRange": { - "type": "/Core/PositiveIntegerRange", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/byteRange", - "fullname": "/Software/byteRange", - "fulltype": "/Core/PositiveIntegerRange" - }, - "lineRange": { - "type": "/Core/PositiveIntegerRange", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/lineRange", - "fullname": "/Software/lineRange", - "fulltype": "/Core/PositiveIntegerRange" - }, - "snippetFromFile": { - "type": "File", - "minCount": "1", - "maxCount": "1", - "fqname": "/Software/snippetFromFile", - "fullname": "/Software/snippetFromFile", - "fulltype": "/Software/File" - }, - "primaryPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/primaryPurpose", - "fullname": "/Software/primaryPurpose", - "fulltype": "/Software/SoftwarePurpose" - }, - "additionalPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "fqname": "/Software/additionalPurpose", - "maxCount": "*", - "fullname": "/Software/additionalPurpose", - "fulltype": "/Software/SoftwarePurpose" - }, - "copyrightText": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/copyrightText", - "fullname": "/Software/copyrightText", - "fulltype": "xsd:string" - }, - "attributionText": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Software/attributionText", - "maxCount": "*", - "fullname": "/Software/attributionText", - "fulltype": "xsd:string" - }, - "contentIdentifier": { - "type": "ContentIdentifier", - "minCount": "0", - "fqname": "/Software/contentIdentifier", - "maxCount": "*", - "fullname": "/Software/contentIdentifier", - "fulltype": "/Software/ContentIdentifier" - }, - "originatedBy": { - "type": "Agent", - "minCount": "0", - "fqname": "/Core/originatedBy", - "maxCount": "*", - "fullname": "/Core/originatedBy", - "fulltype": "/Core/Agent" - }, - "suppliedBy": { - "type": "Agent", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" - }, - "builtTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/builtTime", - "fullname": "/Core/builtTime", - "fulltype": "/Core/DateTime" - }, - "releaseTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/releaseTime", - "fullname": "/Core/releaseTime", - "fulltype": "/Core/DateTime" - }, - "validUntilTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/validUntilTime", - "fullname": "/Core/validUntilTime", - "fulltype": "/Core/DateTime" - }, - "standardName": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Core/standardName", - "maxCount": "*", - "fullname": "/Core/standardName", - "fulltype": "xsd:string" - }, - "supportLevel": { - "type": "SupportType", - "minCount": "0", - "fqname": "/Core/supportLevel", - "maxCount": "*", - "fullname": "/Core/supportLevel", - "fulltype": "/Core/SupportType" - }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -8432,157 +6995,114 @@ } } }, - "/Software/SoftwareArtifact": { + "/Core/Relationship": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "SoftwareArtifact", - "fqname": "/Software/SoftwareArtifact", - "summary": "A distinct article or unit related to Software.", - "description": "A software artifact is a distinct article or unit related to software\nsuch as a package, a file, or a snippet.", + "name": "Relationship", + "fqname": "/Core/Relationship", + "summary": "Describes a relationship between one or more elements.", + "description": "A Relationship is a grouping of characteristics unique to an assertion\nthat one Element is related to one or more other Elements in some way.\n\nTo explicitly assert that no such relationships exist, the `to` property\nshould contain the 'NONE' individual and no other elements.\n\nA relationship that contains 'NONE' and additional elements in the `to`\nproperty is not valid.\n\nTo explicitly assert that no assertions are being made regarding the\nexistence of such relationships, the `to` property should contain the\n'NOASSERTION' individual.", "metadata": { - "name": "SoftwareArtifact", - "SubclassOf": "/Core/Artifact", - "Instantiability": "Abstract" + "name": "Relationship", + "SubclassOf": "Element", + "Instantiability": "Concrete" }, "properties": { - "primaryPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/primaryPurpose" - }, - "additionalPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "fqname": "/Software/additionalPurpose", - "maxCount": "*" - }, - "copyrightText": { - "type": "xsd:string", - "minCount": "0", + "from": { + "type": "Element", + "minCount": "1", "maxCount": "1", - "fqname": "/Software/copyrightText" - }, - "attributionText": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Software/attributionText", - "maxCount": "*" + "fqname": "/Core/from" }, - "contentIdentifier": { - "type": "ContentIdentifier", - "minCount": "0", - "fqname": "/Software/contentIdentifier", + "to": { + "type": "Element", + "minCount": "1", + "fqname": "/Core/to", "maxCount": "*" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact", - "fqsupercname": "/Core/Artifact", - "inheritance_stack": [ - "/Core/Artifact", - "/Core/Element" - ], - "all_properties": { - "primaryPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/primaryPurpose", - "fullname": "/Software/primaryPurpose", - "fulltype": "/Software/SoftwarePurpose" - }, - "additionalPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "fqname": "/Software/additionalPurpose", - "maxCount": "*", - "fullname": "/Software/additionalPurpose", - "fulltype": "/Software/SoftwarePurpose" }, - "copyrightText": { - "type": "xsd:string", - "minCount": "0", + "relationshipType": { + "type": "RelationshipType", + "minCount": "1", "maxCount": "1", - "fqname": "/Software/copyrightText", - "fullname": "/Software/copyrightText", - "fulltype": "xsd:string" + "fqname": "/Core/relationshipType" }, - "attributionText": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Software/attributionText", - "maxCount": "*", - "fullname": "/Software/attributionText", - "fulltype": "xsd:string" + "completeness": { + "type": "RelationshipCompleteness", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/completeness" }, - "contentIdentifier": { - "type": "ContentIdentifier", + "startTime": { + "type": "DateTime", "minCount": "0", - "fqname": "/Software/contentIdentifier", - "maxCount": "*", - "fullname": "/Software/contentIdentifier", - "fulltype": "/Software/ContentIdentifier" + "maxCount": "1", + "fqname": "/Core/startTime" }, - "originatedBy": { - "type": "Agent", + "endTime": { + "type": "DateTime", "minCount": "0", - "fqname": "/Core/originatedBy", + "maxCount": "1", + "fqname": "/Core/endTime" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship", + "fqsupercname": "/Core/Element", + "inheritance_stack": [ + "/Core/Element" + ], + "all_properties": { + "from": { + "type": "Element", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/from", + "fullname": "/Core/from", + "fulltype": "/Core/Element" + }, + "to": { + "type": "Element", + "minCount": "1", + "fqname": "/Core/to", "maxCount": "*", - "fullname": "/Core/originatedBy", - "fulltype": "/Core/Agent" + "fullname": "/Core/to", + "fulltype": "/Core/Element" }, - "suppliedBy": { - "type": "Agent", - "minCount": "0", + "relationshipType": { + "type": "RelationshipType", + "minCount": "1", "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" + "fqname": "/Core/relationshipType", + "fullname": "/Core/relationshipType", + "fulltype": "/Core/RelationshipType" }, - "builtTime": { - "type": "DateTime", + "completeness": { + "type": "RelationshipCompleteness", "minCount": "0", "maxCount": "1", - "fqname": "/Core/builtTime", - "fullname": "/Core/builtTime", - "fulltype": "/Core/DateTime" + "fqname": "/Core/completeness", + "fullname": "/Core/completeness", + "fulltype": "/Core/RelationshipCompleteness" }, - "releaseTime": { + "startTime": { "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Core/releaseTime", - "fullname": "/Core/releaseTime", + "fqname": "/Core/startTime", + "fullname": "/Core/startTime", "fulltype": "/Core/DateTime" }, - "validUntilTime": { + "endTime": { "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Core/validUntilTime", - "fullname": "/Core/validUntilTime", + "fqname": "/Core/endTime", + "fullname": "/Core/endTime", "fulltype": "/Core/DateTime" }, - "standardName": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Core/standardName", - "maxCount": "*", - "fullname": "/Core/standardName", - "fulltype": "xsd:string" - }, - "supportLevel": { - "type": "SupportType", - "minCount": "0", - "fqname": "/Core/supportLevel", - "maxCount": "*", - "fullname": "/Core/supportLevel", - "fulltype": "/Core/SupportType" - }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -8665,159 +7185,68 @@ } } }, - "/Software/File": { + "/Core/Bundle": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "File", - "fqname": "/Software/File", - "summary": "Refers to any object that stores content on a computer.", - "description": "Refers to any object that stores content on a computer.\nThe type of content can optionally be provided in the contentType property.\n\nThe fileKind property can be set to `directory` to indicate the file represents\na directory and all content stored in that directory.", + "name": "Bundle", + "fqname": "/Core/Bundle", + "summary": "A collection of Elements that have a shared context.", + "description": "A bundle is a collection of Elements that have a shared context.", "metadata": { - "name": "File", - "SubclassOf": "/Software/SoftwareArtifact", + "name": "Bundle", + "SubclassOf": "ElementCollection", "Instantiability": "Concrete" }, "properties": { - "/Core/contentType": { - "type": "/Core/MediaType", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/contentType" - }, - "fileKind": { - "type": "FileKindType", - "minCount": "0", + "context": { + "type": "xsd:string", "maxCount": "1", - "fqname": "/Software/fileKind" - } - }, - "ext_prop_restrs": { - "/Core/Element/name": { - "minCount": "1" + "fqname": "/Core/context", + "minCount": 0 } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/File", - "fqsupercname": "/Software/SoftwareArtifact", + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle", + "fqsupercname": "/Core/ElementCollection", "inheritance_stack": [ - "/Software/SoftwareArtifact", - "/Core/Artifact", + "/Core/ElementCollection", "/Core/Element" ], "all_properties": { - "contentType": { - "type": "/Core/MediaType", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/contentType", - "fullname": "/Core/contentType", - "fulltype": "/Core/MediaType" - }, - "fileKind": { - "type": "FileKindType", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/fileKind", - "fullname": "/Software/fileKind", - "fulltype": "/Software/FileKindType" - }, - "primaryPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/primaryPurpose", - "fullname": "/Software/primaryPurpose", - "fulltype": "/Software/SoftwarePurpose" - }, - "additionalPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "fqname": "/Software/additionalPurpose", - "maxCount": "*", - "fullname": "/Software/additionalPurpose", - "fulltype": "/Software/SoftwarePurpose" - }, - "copyrightText": { + "context": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/Software/copyrightText", - "fullname": "/Software/copyrightText", - "fulltype": "xsd:string" - }, - "attributionText": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Software/attributionText", - "maxCount": "*", - "fullname": "/Software/attributionText", + "fqname": "/Core/context", + "minCount": 0, + "fullname": "/Core/context", "fulltype": "xsd:string" }, - "contentIdentifier": { - "type": "ContentIdentifier", - "minCount": "0", - "fqname": "/Software/contentIdentifier", - "maxCount": "*", - "fullname": "/Software/contentIdentifier", - "fulltype": "/Software/ContentIdentifier" - }, - "originatedBy": { - "type": "Agent", + "element": { + "type": "Element", "minCount": "0", - "fqname": "/Core/originatedBy", + "fqname": "/Core/element", "maxCount": "*", - "fullname": "/Core/originatedBy", - "fulltype": "/Core/Agent" - }, - "suppliedBy": { - "type": "Agent", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" - }, - "builtTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/builtTime", - "fullname": "/Core/builtTime", - "fulltype": "/Core/DateTime" - }, - "releaseTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/releaseTime", - "fullname": "/Core/releaseTime", - "fulltype": "/Core/DateTime" - }, - "validUntilTime": { - "type": "DateTime", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/validUntilTime", - "fullname": "/Core/validUntilTime", - "fulltype": "/Core/DateTime" + "fullname": "/Core/element", + "fulltype": "/Core/Element" }, - "standardName": { - "type": "xsd:string", + "rootElement": { + "type": "Element", "minCount": "0", - "fqname": "/Core/standardName", + "fqname": "/Core/rootElement", "maxCount": "*", - "fullname": "/Core/standardName", - "fulltype": "xsd:string" + "fullname": "/Core/rootElement", + "fulltype": "/Core/Element" }, - "supportLevel": { - "type": "SupportType", - "minCount": "0", - "fqname": "/Core/supportLevel", + "profileConformance": { + "type": "ProfileIdentifierType", + "fqname": "/Core/profileConformance", + "minCount": 0, "maxCount": "*", - "fullname": "/Core/supportLevel", - "fulltype": "/Core/SupportType" + "fullname": "/Core/profileConformance", + "fulltype": "/Core/ProfileIdentifierType" }, "spdxId": { "type": "xsd:anyURI", @@ -8831,7 +7260,7 @@ "type": "xsd:string", "maxCount": "1", "fqname": "/Core/name", - "minCount": "1", + "minCount": 0, "fullname": "/Core/name", "fulltype": "xsd:string" }, @@ -8895,920 +7324,1088 @@ "type": "/Extension/Extension", "minCount": "0", "fqname": "/Core/extension", - "maxCount": "*", - "fullname": "/Core/extension", - "fulltype": "/Extension/Extension" - } - } - } - }, - "properties": { - "/Software/sbomType": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "sbomType", - "fqname": "/Software/sbomType", - "summary": "Provides information about the type of an SBOM.", - "description": "This field is a reasonable estimation of the type of SBOM created from a\ncreator perspective.\n\nIt is intended to be used to give guidance on the elements that may be\ncontained within it.\n\nAligning with the guidance produced in\n[Types of Software Bill of Material (SBOM) Documents](https://www.cisa.gov/sites/default/files/2023-04/sbom-types-document-508c.pdf).", - "metadata": { - "name": "sbomType", - "Nature": "ObjectProperty", - "Range": "SbomType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType", - "used_in": [ - "/Software/Sbom" - ] - }, - "/Software/downloadLocation": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "downloadLocation", - "fqname": "/Software/downloadLocation", - "summary": "Identifies the download Uniform Resource Identifier for the package at the time\nthat the document was created.", - "description": "A downloadLocation identifies the download Uniform Resource Identifier\nfor the package at the time that the document was created.\n\nWhere and how to download the exact package being referenced\nis critical for verification and tracking data.", - "metadata": { - "name": "downloadLocation", - "Nature": "DataProperty", - "Range": "xsd:anyURI" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation", - "used_in": [ - "/Software/Package" - ] - }, - "/Software/lineRange": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "lineRange", - "fqname": "/Software/lineRange", - "summary": "Defines the line range in the original host file that the snippet information\napplies to.", - "description": "This field defines the line range in the original host file that the snippet\ninformation applies to.\n\nIf there is a disagreement between the byte range and line range, the byte\nrange values will take precedence.\n\nA range of lines is a convenient reference for those files where there is a\nknown line delimiter.\nThe choice was made to start the numbering of the lines at 1 to be consistent\nwith the W3C pointer method vocabulary.", - "metadata": { - "name": "lineRange", - "Nature": "DataProperty", - "Range": "/Core/PositiveIntegerRange" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange", - "used_in": [ - "/Software/Snippet" - ] - }, - "/Software/contentIdentifierType": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "contentIdentifierType", - "fqname": "/Software/contentIdentifierType", - "summary": "Specifies the type of the content identifier.", - "description": "A contentIdentifierType specifies the type of the content identifier.", - "metadata": { - "name": "contentIdentifierType", - "Nature": "ObjectProperty", - "Range": "ContentIdentifierType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType", - "used_in": [ - "/Software/ContentIdentifier" - ] - }, - "/Software/snippetFromFile": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "snippetFromFile", - "fqname": "/Software/snippetFromFile", - "summary": "Defines the original host file that the snippet information applies to.", - "description": "The field identifies the file which contains the snippet.", - "metadata": { - "name": "snippetFromFile", - "Nature": "ObjectProperty", - "Range": "File" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile", - "used_in": [ - "/Software/Snippet" - ] - }, - "/Software/contentIdentifier": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "contentIdentifier", - "fqname": "/Software/contentIdentifier", - "summary": "A canonical, unique, immutable identifier of the artifact content, that may be\nused for verifying its identity and/or integrity.", - "description": "A contentIdentifier is a canonical, unique, immutable identifier of the content\nof a software artifact, such as a package, a file, or a snippet.\n\nIt may be used for verifying its identity and/or integrity.", - "metadata": { - "name": "contentIdentifier", - "Nature": "DataProperty", - "Range": "ContentIdentifier" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier", - "used_in": [ - "/Software/SoftwareArtifact" - ] - }, - "/Software/packageVersion": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "packageVersion", - "fqname": "/Software/packageVersion", - "summary": "Identify the version of a package.", - "description": "A packageVersion is useful for identification purposes and for indicating later\nchanges of the package version.", - "metadata": { - "name": "packageVersion", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion", - "used_in": [ - "/Software/Package" - ] - }, - "/Software/primaryPurpose": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "primaryPurpose", - "fqname": "/Software/primaryPurpose", - "summary": "Provides information about the primary purpose of the software artifact.", - "description": "primaryPurpose provides information about the primary purpose of the software\nartifact.", - "metadata": { - "name": "primaryPurpose", - "Nature": "ObjectProperty", - "Range": "SoftwarePurpose" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose", - "used_in": [ - "/Software/SoftwareArtifact" - ] - }, - "/Software/fileKind": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "fileKind", - "fqname": "/Software/fileKind", - "summary": "Describes if a given file is a directory or non-directory kind of file.", - "description": "An SPDX file may represent a specific file or a directory of files.\n\nIn the future, this may be extended to other kinds (e.g. network based files).", - "metadata": { - "name": "fileKind", - "Nature": "ObjectProperty", - "Range": "FileKindType" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind", - "used_in": [ - "/Software/File" - ] - }, - "/Software/byteRange": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "byteRange", - "fqname": "/Software/byteRange", - "summary": "Defines the byte range in the original host file that the snippet information\napplies to.", - "description": "This field defines the byte range in the original host file that the snippet\ninformation applies to.\n\nA range of bytes is independent of various formatting concerns, and the most\naccurate way of referring to the differences. The choice was made to start the\nnumbering of the byte range at 1 to be consistent with the W3C pointer method\nvocabulary.", - "metadata": { - "name": "byteRange", - "Nature": "DataProperty", - "Range": "/Core/PositiveIntegerRange" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange", - "used_in": [ - "/Software/Snippet" - ] - }, - "/Software/copyrightText": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "copyrightText", - "fqname": "/Software/copyrightText", - "summary": "Identifies the text of one or more copyright notices for a software Package,\nFile or Snippet, if any.", - "description": "A copyrightText consists of the text(s) of the copyright notice(s) found\nfor a software Package, File or Snippet, if any.\n\nIf a copyrightText contains text, then it may contain any text related to\none or more copyright notices (even if not complete) for that software\nPackage, File or Snippet.\n\nIf a copyrightText has a \"NONE\" value, this indicates that the software\nPackage, File or Snippet contains no copyright notice whatsoever.\n\nIf a copyrightText has a \"NOASSERTION\" value, this indicates that one of the\nfollowing applies:\n\n- the SPDX data creator has attempted to but cannot reach a reasonable\n objective determination;\n- the SPDX data creator has made no attempt to determine this field; or\n- the SPDX data creator has intentionally provided no information (no\n meaning should be implied by doing so).\n\nIf a copyrightText is present, but consists of solely an empty string or a\nstring with no substantive content (e.g., a string that contains only\nwhitespace), then this should be interpreted as equivalent to a \"NOASSERTION\"\nvalue as described above.", - "metadata": { - "name": "copyrightText", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText", - "used_in": [ - "/Software/SoftwareArtifact" - ] - }, - "/Software/additionalPurpose": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "additionalPurpose", - "fqname": "/Software/additionalPurpose", - "summary": "Provides additional purpose information of the software artifact.", - "description": "Additional purpose provides information about the additional purposes of the\nsoftware artifact in addition to the primaryPurpose.", - "metadata": { - "name": "additionalPurpose", - "Nature": "ObjectProperty", - "Range": "SoftwarePurpose" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose", - "used_in": [ - "/Software/SoftwareArtifact" - ] - }, - "/Software/contentIdentifierValue": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "contentIdentifierValue", - "fqname": "/Software/contentIdentifierValue", - "summary": "Specifies the value of the content identifier.", - "description": "A contentIdentifierValue specifies the value of a content identifier.", - "metadata": { - "name": "contentIdentifierValue", - "Nature": "DataProperty", - "Range": "xsd:anyURI" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue", - "used_in": [ - "/Software/ContentIdentifier" - ] + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } }, - "/Software/attributionText": { - "py/object": "spec_parser.model.Property", + "/Core/Person": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "attributionText", - "fqname": "/Software/attributionText", - "summary": "Provides a place for the SPDX data creator to record acknowledgement text for\na software Package, File or Snippet.", - "description": "An attributionText for a software Package, File or Snippet provides a consumer\nof SPDX data with acknowledgement content, to assist redistributors of the\nPackage, File or Snippet with reproducing those acknowledgements.\n\nFor example, this field may include a statement that is required by a\nparticular license to be reproduced in end-user documentation, advertising\nmaterials, or another form.\n\nThis field may describe where, or in which contexts, the acknowledgements\nneed to be reproduced, but it is not required to do so. The SPDX data creator\nmay also explain elsewhere (such as in a comment field) how they intend for\ndata in this field to be used.\n\nAn attributionText is not meant to include the software Package, File or\nSnippet's actual complete license text. Use hasConcludedLicense to identify the\ncorresponding license.", + "name": "Person", + "fqname": "/Core/Person", + "summary": "An individual human being.", + "description": "A Person is an individual human being.", "metadata": { - "name": "attributionText", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "Person", + "SubclassOf": "Agent", + "Instantiability": "Concrete" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText", - "used_in": [ - "/Software/SoftwareArtifact" - ] + "properties": {}, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Person", + "fqsupercname": "/Core/Agent", + "inheritance_stack": [ + "/Core/Agent", + "/Core/Element" + ], + "all_properties": { + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" + }, + "name": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" + }, + "summary": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", + "fulltype": "xsd:string" + }, + "description": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "creationInfo": { + "type": "CreationInfo", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" + }, + "externalRef": { + "type": "ExternalRef", + "minCount": "0", + "fqname": "/Core/externalRef", + "maxCount": "*", + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" + }, + "externalIdentifier": { + "type": "ExternalIdentifier", + "minCount": "0", + "fqname": "/Core/externalIdentifier", + "maxCount": "*", + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" + }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } }, - "/Software/packageUrl": { - "py/object": "spec_parser.model.Property", + "/Core/SpdxDocument": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "packageUrl", - "fqname": "/Software/packageUrl", - "summary": "Provides a place for the SPDX data creator to record the package URL string\n(in accordance with the\n[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst))\nfor a software Package.", - "description": "A packageUrl (commonly pronounced and referred to as \"purl\") is an attempt to\nstandardize package representations in order to reliably identify and locate\nsoftware packages. A purl is a URL string which represents a package in a\nmostly universal and uniform way across programming languages, package\nmanagers, packaging conventions, tools, APIs and databases.\n\nThe purl URL string is defined by seven components:\n\n```text\nscheme:type/namespace/name@version?qualifiers#subpath\n```\n\nThe definition for each component can be found in the\n[purl specification](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst).\nComponents are designed such that they form a hierarchy from the most\nsignificant on the left to the least significant components on the right.\n\nParsing a purl string into its components works from left to right. Some extra\ntype-specific normalizations are required. For more information, see\n[How to parse a purl string in its components](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst#how-to-parse-a-purl-string-in-its-components).", + "name": "SpdxDocument", + "fqname": "/Core/SpdxDocument", + "summary": "A collection of SPDX Elements that could potentially be serialized.", + "description": "The SpdxDocument provides a convenient way to express information about\ncollections of SPDX Elements that could potentially be serialized as complete\nunits (e.g., all in-scope SPDX data within a single JSON-LD file).\n\nSpdxDocument is independent of any particular serialization format or instance.\n\nInformation we wish to preserve about a specific instance of serialization of\nthis SPDX content is NOT expressed using the SpdxDocument but rather using an\nassociated Artifact representing a particular instance of SPDX data physical\nserialization.\n\nAny instance of serialization of SPDX data MUST NOT contain more than one\nSpdxDocument element definition.", "metadata": { - "name": "packageUrl", - "Nature": "DataProperty", - "Range": "xsd:anyURI" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl", - "used_in": [ - "/Software/Package" - ] - }, - "/Software/sourceInfo": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 + "name": "SpdxDocument", + "SubclassOf": "ElementCollection", + "Instantiability": "Concrete" }, - "license": "Community-Spec-1.0", - "name": "sourceInfo", - "fqname": "/Software/sourceInfo", - "summary": "Records any relevant background information or additional comments\nabout the origin of the package.", - "description": "SourceInfo records any relevant background information or additional comments\nabout the origin of the package.\n\nFor example, this field might include comments indicating whether the package\nwas pulled from a source code management system or has been repackaged.\n\nThe creator can provide additional information to describe any anomalies or\ndiscoveries in the determination of the origin of the package.", - "metadata": { - "name": "sourceInfo", - "Nature": "DataProperty", - "Range": "xsd:string" + "properties": { + "imports": { + "type": "ExternalMap", + "fqname": "/Core/imports", + "minCount": 0, + "maxCount": "*" + }, + "namespaceMap": { + "type": "NamespaceMap", + "fqname": "/Core/namespaceMap", + "minCount": 0, + "maxCount": "*" + }, + "dataLicense": { + "type": "/SimpleLicensing/AnyLicenseInfo", + "maxCount": "1", + "fqname": "/Core/dataLicense", + "minCount": 0 + } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo", - "used_in": [ - "/Software/Package" - ] + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument", + "fqsupercname": "/Core/ElementCollection", + "inheritance_stack": [ + "/Core/ElementCollection", + "/Core/Element" + ], + "all_properties": { + "imports": { + "type": "ExternalMap", + "fqname": "/Core/imports", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/imports", + "fulltype": "/Core/ExternalMap" + }, + "namespaceMap": { + "type": "NamespaceMap", + "fqname": "/Core/namespaceMap", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/namespaceMap", + "fulltype": "/Core/NamespaceMap" + }, + "dataLicense": { + "type": "/SimpleLicensing/AnyLicenseInfo", + "maxCount": "1", + "fqname": "/Core/dataLicense", + "minCount": 0, + "fullname": "/Core/dataLicense", + "fulltype": "/SimpleLicensing/AnyLicenseInfo" + }, + "element": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/element", + "maxCount": "*", + "fullname": "/Core/element", + "fulltype": "/Core/Element" + }, + "rootElement": { + "type": "Element", + "minCount": "0", + "fqname": "/Core/rootElement", + "maxCount": "*", + "fullname": "/Core/rootElement", + "fulltype": "/Core/Element" + }, + "profileConformance": { + "type": "ProfileIdentifierType", + "fqname": "/Core/profileConformance", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/profileConformance", + "fulltype": "/Core/ProfileIdentifierType" + }, + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" + }, + "name": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" + }, + "summary": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", + "fulltype": "xsd:string" + }, + "description": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "creationInfo": { + "type": "CreationInfo", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" + }, + "externalRef": { + "type": "ExternalRef", + "minCount": "0", + "fqname": "/Core/externalRef", + "maxCount": "*", + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" + }, + "externalIdentifier": { + "type": "ExternalIdentifier", + "minCount": "0", + "fqname": "/Core/externalIdentifier", + "maxCount": "*", + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" + }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } }, - "/Software/homePage": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "homePage", - "fqname": "/Software/homePage", - "summary": "A place for the SPDX document creator to record a website that serves as the\npackage's home page.", - "description": "A homePage is a place for the SPDX document creator to record a website that\nserves as the package's home page.\n\nThis saves the recipient of the SPDX document who is looking for more info from\nhaving to search for and verify a match between the package and the associated\nproject home page.\n\nThis link can also be used to reference further information about the package\nreferenced by the SPDX document creator.", - "metadata": { - "name": "homePage", - "Nature": "DataProperty", - "Range": "xsd:anyURI" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/homePage", - "used_in": [ - "/Software/Package" - ] - } - }, - "vocabularies": { - "/Software/SoftwarePurpose": { - "py/object": "spec_parser.model.Vocabulary", + "/Core/Hash": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "SoftwarePurpose", - "fqname": "/Software/SoftwarePurpose", - "summary": "Provides information about the primary purpose of an Element.", - "description": "This field provides information about the primary purpose of an Element.\n\nSoftware Purpose is intrinsic to how the Element is being used rather than the\ncontent of the Element.\n\nThis field is a reasonable estimate of the most likely usage of the Element\nfrom the producer and consumer perspective from which both parties can draw\nconclusions about the context in which the Element exists.", + "name": "Hash", + "fqname": "/Core/Hash", + "summary": "A mathematically calculated representation of a grouping of data.", + "description": "A hash is a grouping of characteristics unique to the result\nof applying a mathematical algorithm\nthat maps data of arbitrary size to a bit string (the hash)\nand is a one-way function, that is,\na function which is practically infeasible to invert.\n\nThis is commonly used for integrity checking of data.\n\nPlease note that different profiles may also provide additional methods for verifying the integrity of specific subclasses of Elements.", "metadata": { - "name": "SoftwarePurpose" + "name": "Hash", + "SubclassOf": "IntegrityMethod", + "Instantiability": "Concrete" }, - "entries": { - "application": "the Element is a software application", - "archive": "the Element is an archived collection of one or more files (.tar, .zip, etc)", - "bom": "Element is a bill of materials", - "configuration": "Element is configuration data", - "container": "the Element is a container image which can be used by a container runtime application", - "data": "Element is data", - "device": "the Element refers to a chipset, processor, or electronic board", - "diskImage": "the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc.", - "deviceDriver": "Element represents software that controls hardware devices", - "documentation": "Element is documentation", - "evidence": "the Element is the evidence that a specification or requirement has been fulfilled", - "executable": "Element is an Artifact that can be run on a computer", - "file": "the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc)", - "filesystemImage": "the Element is a file system image that can be written to a disk (or virtual) partition", - "firmware": "the Element provides low level control over a device's hardware", - "framework": "the Element is a software framework", - "install": "the Element is used to install software on disk", - "library": "the Element is a software library", - "manifest": "the Element is a software manifest", - "model": "the Element is a machine learning or artificial intelligence model", - "module": "the Element is a module of a piece of software", - "operatingSystem": "the Element is an operating system", - "other": "the Element doesn't fit into any of the other categories", - "patch": "Element contains a set of changes to update, fix, or improve another Element", - "platform": "Element represents a runtime environment", - "requirement": "the Element provides a requirement needed as input for another Element", - "source": "the Element is a single or a collection of source files", - "specification": "the Element is a plan, guideline or strategy how to create, perform or analyse an application", - "test": "The Element is a test used to verify functionality on an software element" + "properties": { + "algorithm": { + "type": "HashAlgorithm", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/algorithm" + }, + "hashValue": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/hashValue" + } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Hash", + "fqsupercname": "/Core/IntegrityMethod", + "inheritance_stack": [ + "/Core/IntegrityMethod" + ], + "all_properties": { + "algorithm": { + "type": "HashAlgorithm", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/algorithm", + "fullname": "/Core/algorithm", + "fulltype": "/Core/HashAlgorithm" + }, + "hashValue": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/hashValue", + "fullname": "/Core/hashValue", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + } + } }, - "/Software/SbomType": { - "py/object": "spec_parser.model.Vocabulary", + "/Core/Tool": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "SbomType", - "fqname": "/Software/SbomType", - "summary": "Provides a set of values to be used to describe the common types of SBOMs that\ntools may create.", - "description": "The set of SBOM types with definitions as defined in\n[Types of Software Bill of Material (SBOM) Documents](https://www.cisa.gov/sites/default/files/2023-04/sbom-types-document-508c.pdf),\npublished on April 21, 2023.\n\nAn SBOM type describes the most likely type of an SBOM from the producer\nperspective, so that consumers can draw conclusions about the data inside an\nSBOM.\n\nA single SBOM can have multiple SBOM document types associated with it.", + "name": "Tool", + "fqname": "/Core/Tool", + "summary": "An element of hardware and/or software utilized to carry out a particular function.", + "description": "A Tool is an element of hardware and/or software utilized to carry out a particular function.", "metadata": { - "name": "SbomType" - }, - "entries": { - "design": "SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact.", - "source": "SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact.", - "build": "SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs.", - "deployed": "SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment.", - "runtime": "SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM.", - "analyzed": "SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM." + "name": "Tool", + "SubclassOf": "Element", + "Instantiability": "Concrete" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "properties": {}, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Tool", + "fqsupercname": "/Core/Element", + "inheritance_stack": [ + "/Core/Element" + ], + "all_properties": { + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" + }, + "name": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" + }, + "summary": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", + "fulltype": "xsd:string" + }, + "description": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "creationInfo": { + "type": "CreationInfo", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" + }, + "externalRef": { + "type": "ExternalRef", + "minCount": "0", + "fqname": "/Core/externalRef", + "maxCount": "*", + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" + }, + "externalIdentifier": { + "type": "ExternalIdentifier", + "minCount": "0", + "fqname": "/Core/externalIdentifier", + "maxCount": "*", + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" + }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } }, - "/Software/ContentIdentifierType": { - "py/object": "spec_parser.model.Vocabulary", + "/Core/ExternalIdentifier": { + "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1171 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "ContentIdentifierType", - "fqname": "/Software/ContentIdentifierType", - "summary": "Specifies the type of a content identifier.", - "description": "ContentIdentifierType specifies the type of a content identifier.", + "name": "ExternalIdentifier", + "fqname": "/Core/ExternalIdentifier", + "summary": "A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element.", + "description": "An ExternalIdentifier is a reference to a resource outside the scope of SPDX-3.0 content\nthat provides a unique key within an established domain that can uniquely identify an Element.", "metadata": { - "name": "ContentIdentifierType" + "name": "ExternalIdentifier", + "Instantiability": "Concrete" }, - "entries": { - "gitoid": "Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document).", - "swhid": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`." + "properties": { + "externalIdentifierType": { + "type": "ExternalIdentifierType", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/externalIdentifierType" + }, + "identifier": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/identifier" + }, + "comment": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/comment" + }, + "identifierLocator": { + "type": "xsd:anyURI", + "minCount": "0", + "fqname": "/Core/identifierLocator", + "maxCount": "*" + }, + "issuingAuthority": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/issuingAuthority" + } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "externalIdentifierType": { + "type": "ExternalIdentifierType", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/externalIdentifierType", + "fullname": "/Core/externalIdentifierType", + "fulltype": "/Core/ExternalIdentifierType" + }, + "identifier": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/identifier", + "fullname": "/Core/identifier", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/comment", + "fullname": "/Core/comment", + "fulltype": "xsd:string" + }, + "identifierLocator": { + "type": "xsd:anyURI", + "minCount": "0", + "fqname": "/Core/identifierLocator", + "maxCount": "*", + "fullname": "/Core/identifierLocator", + "fulltype": "xsd:anyURI" + }, + "issuingAuthority": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/issuingAuthority", + "fullname": "/Core/issuingAuthority", + "fulltype": "xsd:string" + } + } }, - "/Software/FileKindType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 1171 - }, - "license": "Community-Spec-1.0", - "name": "FileKindType", - "fqname": "/Software/FileKindType", - "summary": "Enumeration of the different kinds of SPDX file.", - "description": "An SPDX file may represent a file on disk or a directory of files.\n\nIn the future, this may be extended to other kinds (e.g. network based files).", - "metadata": { - "name": "FileKindType" - }, - "entries": { - "file": "The file represents a single file (default).", - "directory": "The file represents a directory and all content stored in that directory." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" - } - }, - "individuals": {}, - "datatypes": {}, - "license": "Community-Spec-1.0", - "name": "Software", - "summary": "Everything having to do with software.", - "description": "The Software namespace defines concepts related to software artifacts.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/Software", - "name": "Software" - }, - "conformance": null, - "iri": "https://spdx.org/rdf/3.0.1/terms/Software" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": { - "/AI/EnergyConsumptionDescription": { + "/Core/PackageVerificationCode": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "EnergyConsumptionDescription", - "fqname": "/AI/EnergyConsumptionDescription", - "summary": "The class that helps note down the quantity of energy consumption and the unit\nused for measurement.", - "description": "This class is designed to store energy consumption data, including the quantity\nand the unit of measurement.\n\nThe `energyQuantity` property stores the amount of energy consumed,\nand the `energyUnit` property stores the unit used for measurement.\n\nFor example, 0.0042 kilowatt-hour of energy will have `0.042` as a value for\nproperty `energyQuantity`, and `\"kilowattHour\"` as a value for property\n`energyUnit`.\n\n**Syntax**\n\n```json\n{\n \"type\": \"ai_EnergyConsumptionDescription\",\n \"ai_energyQuantity\": \"0.042\",\n \"ai_energyUnit\": \"kilowattHour\"\n}\n```", + "name": "PackageVerificationCode", + "fqname": "/Core/PackageVerificationCode", + "summary": "An SPDX version 2.X compatible verification method for software packages.", + "description": "This verification method is provided for compatibility with SPDX 2.X.\n\nUse of this verification code method is discouraged except for scenarios where the `contentIdentifier` property on `Artifact` can not be used.\n\nThis verification method provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX document itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX document.\n\nThis identifier enables a recipient to determine if any file in the original package (that the analysis was done on) has been changed and permits inclusion of an SPDX document as part of a package.\n\nAlgorithm:\n\n verificationcode = 0\n filelist = templist = \"\"\n for all files in the package {\n if file is an \"excludes\" file, skip it /* exclude SPDX analysis file(s) */\n else append templist with \"algorithm(file)/n\"\n }\n \n sort templist in ascending order by algorithm value\n \n filelist = templist with \"/n\"s removed. /* ordered sequence of algorithm values with no separators */\n \n hashValue = algorithm(filelist) /* Where algorithm(file) applies a hash algorithm on the contents of file and returns the result in lowercase hexadecimal digits. */\n\nRequired sort order: '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' (ASCII order)", "metadata": { - "name": "EnergyConsumptionDescription", + "name": "PackageVerificationCode", + "SubclassOf": "/Core/IntegrityMethod", "Instantiability": "Concrete" }, "properties": { - "energyQuantity": { - "type": "xsd:decimal", + "algorithm": { + "type": "HashAlgorithm", "minCount": "1", "maxCount": "1", - "fqname": "/AI/energyQuantity" + "fqname": "/Core/algorithm" }, - "energyUnit": { - "type": "EnergyUnitType", + "hashValue": { + "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/AI/energyUnit" + "fqname": "/Core/hashValue" + }, + "packageVerificationCodeExcludedFile": { + "type": "xsd:string", + "fqname": "/Core/packageVerificationCodeExcludedFile", + "minCount": 0, + "maxCount": "*" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription", - "fqsupercname": null, - "inheritance_stack": [], + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode", + "fqsupercname": "/Core/IntegrityMethod", + "inheritance_stack": [ + "/Core/IntegrityMethod" + ], "all_properties": { - "energyQuantity": { - "type": "xsd:decimal", + "algorithm": { + "type": "HashAlgorithm", "minCount": "1", "maxCount": "1", - "fqname": "/AI/energyQuantity", - "fullname": "/AI/energyQuantity", - "fulltype": "xsd:decimal" + "fqname": "/Core/algorithm", + "fullname": "/Core/algorithm", + "fulltype": "/Core/HashAlgorithm" }, - "energyUnit": { - "type": "EnergyUnitType", + "hashValue": { + "type": "xsd:string", "minCount": "1", "maxCount": "1", - "fqname": "/AI/energyUnit", - "fullname": "/AI/energyUnit", - "fulltype": "/AI/EnergyUnitType" + "fqname": "/Core/hashValue", + "fullname": "/Core/hashValue", + "fulltype": "xsd:string" + }, + "packageVerificationCodeExcludedFile": { + "type": "xsd:string", + "fqname": "/Core/packageVerificationCodeExcludedFile", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/packageVerificationCodeExcludedFile", + "fulltype": "xsd:string" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" } } }, - "/AI/AIPackage": { + "/Core/Agent": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "AIPackage", - "fqname": "/AI/AIPackage", - "summary": "Specifies an AI package and its associated information.", - "description": "Metadata information that can be added to a package to describe an AI application or trained AI model.", + "name": "Agent", + "fqname": "/Core/Agent", + "summary": "Agent represents anything with the potential to act on a system.", + "description": "The Agent class represents anything that has the potential to act on a system.\n\nThis could be a person, organization, software agent, etc.\n\nThis is not to be confused with tools that are used to perform tasks.", "metadata": { - "name": "AIPackage", - "SubclassOf": "/Software/Package", + "name": "Agent", + "SubclassOf": "Element", "Instantiability": "Concrete" }, - "properties": { - "autonomyType": { - "type": "/Core/PresenceType", - "minCount": "0", + "properties": {}, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Agent", + "fqsupercname": "/Core/Element", + "inheritance_stack": [ + "/Core/Element" + ], + "all_properties": { + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", "maxCount": "1", - "fqname": "/AI/autonomyType" + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" }, - "domain": { + "name": { "type": "xsd:string", - "minCount": "0", - "fqname": "/AI/domain", - "maxCount": "*" - }, - "energyConsumption": { - "type": "EnergyConsumption", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/energyConsumption" - }, - "hyperparameter": { - "type": "/Core/DictionaryEntry", - "minCount": "0", - "fqname": "/AI/hyperparameter", - "maxCount": "*" + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" }, - "informationAboutApplication": { + "summary": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/informationAboutApplication" + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", + "fulltype": "xsd:string" }, - "informationAboutTraining": { + "description": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/informationAboutTraining" + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", + "fulltype": "xsd:string" }, - "limitation": { + "comment": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/limitation" - }, - "metric": { - "type": "/Core/DictionaryEntry", - "minCount": "0", - "fqname": "/AI/metric", - "maxCount": "*" - }, - "metricDecisionThreshold": { - "type": "/Core/DictionaryEntry", - "minCount": "0", - "fqname": "/AI/metricDecisionThreshold", - "maxCount": "*" - }, - "modelDataPreprocessing": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/AI/modelDataPreprocessing", - "maxCount": "*" - }, - "modelExplainability": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/AI/modelExplainability", - "maxCount": "*" + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" }, - "safetyRiskAssessment": { - "type": "SafetyRiskAssessmentType", - "minCount": "0", + "creationInfo": { + "type": "CreationInfo", + "minCount": "1", "maxCount": "1", - "fqname": "/AI/safetyRiskAssessment" + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" }, - "standardCompliance": { - "type": "xsd:string", + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" + }, + "externalRef": { + "type": "ExternalRef", "minCount": "0", - "fqname": "/AI/standardCompliance", - "maxCount": "*" + "fqname": "/Core/externalRef", + "maxCount": "*", + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" }, - "typeOfModel": { - "type": "xsd:string", + "externalIdentifier": { + "type": "ExternalIdentifier", "minCount": "0", - "fqname": "/AI/typeOfModel", - "maxCount": "*" + "fqname": "/Core/externalIdentifier", + "maxCount": "*", + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" }, - "useSensitivePersonalInformation": { - "type": "/Core/PresenceType", + "extension": { + "type": "/Extension/Extension", "minCount": "0", - "maxCount": "1", - "fqname": "/AI/useSensitivePersonalInformation" + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" } + } + }, + "/Core/LifecycleScopedRelationship": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 891 }, - "ext_prop_restrs": { - "/Core/Artifact/releaseTime": { - "minCount": "1" - }, - "/Core/Artifact/suppliedBy": { - "minCount": "1" - }, - "/Software/Package/downloadLocation": { - "minCount": "1" - }, - "/Software/Package/packageVersion": { - "minCount": "1" - }, - "/Software/SoftwareArtifact/primaryPurpose": { - "minCount": "1" + "license": "Community-Spec-1.0", + "name": "LifecycleScopedRelationship", + "fqname": "/Core/LifecycleScopedRelationship", + "summary": "Provide context for a relationship that occurs in the lifecycle.", + "description": "Certain relationships are sensitive to where they occur in the lifecycle. This parameter lets us avoid a proliferation of relationships, by parameterizing this context information for a relationship.", + "metadata": { + "name": "LifecycleScopedRelationship", + "SubclassOf": "Relationship", + "Instantiability": "Concrete" + }, + "properties": { + "scope": { + "type": "LifecycleScopeType", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/scope" } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/AIPackage", - "fqsupercname": "/Software/Package", + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship", + "fqsupercname": "/Core/Relationship", "inheritance_stack": [ - "/Software/Package", - "/Software/SoftwareArtifact", - "/Core/Artifact", + "/Core/Relationship", "/Core/Element" ], "all_properties": { - "autonomyType": { - "type": "/Core/PresenceType", + "scope": { + "type": "LifecycleScopeType", "minCount": "0", "maxCount": "1", - "fqname": "/AI/autonomyType", - "fullname": "/AI/autonomyType", - "fulltype": "/Core/PresenceType" + "fqname": "/Core/scope", + "fullname": "/Core/scope", + "fulltype": "/Core/LifecycleScopeType" }, - "domain": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/AI/domain", + "from": { + "type": "Element", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/from", + "fullname": "/Core/from", + "fulltype": "/Core/Element" + }, + "to": { + "type": "Element", + "minCount": "1", + "fqname": "/Core/to", "maxCount": "*", - "fullname": "/AI/domain", - "fulltype": "xsd:string" + "fullname": "/Core/to", + "fulltype": "/Core/Element" }, - "energyConsumption": { - "type": "EnergyConsumption", + "relationshipType": { + "type": "RelationshipType", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/relationshipType", + "fullname": "/Core/relationshipType", + "fulltype": "/Core/RelationshipType" + }, + "completeness": { + "type": "RelationshipCompleteness", "minCount": "0", "maxCount": "1", - "fqname": "/AI/energyConsumption", - "fullname": "/AI/energyConsumption", - "fulltype": "/AI/EnergyConsumption" + "fqname": "/Core/completeness", + "fullname": "/Core/completeness", + "fulltype": "/Core/RelationshipCompleteness" }, - "hyperparameter": { - "type": "/Core/DictionaryEntry", + "startTime": { + "type": "DateTime", "minCount": "0", - "fqname": "/AI/hyperparameter", - "maxCount": "*", - "fullname": "/AI/hyperparameter", - "fulltype": "/Core/DictionaryEntry" + "maxCount": "1", + "fqname": "/Core/startTime", + "fullname": "/Core/startTime", + "fulltype": "/Core/DateTime" + }, + "endTime": { + "type": "DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/endTime", + "fullname": "/Core/endTime", + "fulltype": "/Core/DateTime" + }, + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" + }, + "name": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", + "fulltype": "xsd:string" }, - "informationAboutApplication": { + "summary": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/informationAboutApplication", - "fullname": "/AI/informationAboutApplication", + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", "fulltype": "xsd:string" }, - "informationAboutTraining": { + "description": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/informationAboutTraining", - "fullname": "/AI/informationAboutTraining", + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", "fulltype": "xsd:string" }, - "limitation": { + "comment": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/limitation", - "fullname": "/AI/limitation", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", "fulltype": "xsd:string" }, - "metric": { - "type": "/Core/DictionaryEntry", - "minCount": "0", - "fqname": "/AI/metric", - "maxCount": "*", - "fullname": "/AI/metric", - "fulltype": "/Core/DictionaryEntry" + "creationInfo": { + "type": "CreationInfo", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" }, - "metricDecisionThreshold": { - "type": "/Core/DictionaryEntry", - "minCount": "0", - "fqname": "/AI/metricDecisionThreshold", + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, "maxCount": "*", - "fullname": "/AI/metricDecisionThreshold", - "fulltype": "/Core/DictionaryEntry" + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" }, - "modelDataPreprocessing": { - "type": "xsd:string", + "externalRef": { + "type": "ExternalRef", "minCount": "0", - "fqname": "/AI/modelDataPreprocessing", + "fqname": "/Core/externalRef", "maxCount": "*", - "fullname": "/AI/modelDataPreprocessing", - "fulltype": "xsd:string" + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" }, - "modelExplainability": { - "type": "xsd:string", + "externalIdentifier": { + "type": "ExternalIdentifier", "minCount": "0", - "fqname": "/AI/modelExplainability", + "fqname": "/Core/externalIdentifier", "maxCount": "*", - "fullname": "/AI/modelExplainability", - "fulltype": "xsd:string" + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" }, - "safetyRiskAssessment": { - "type": "SafetyRiskAssessmentType", + "extension": { + "type": "/Extension/Extension", "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } + }, + "/Core/Organization": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "Organization", + "fqname": "/Core/Organization", + "summary": "A group of people who work together in an organized way for a shared purpose.", + "description": "An Organization is a group of people who work together in an organized way for a shared purpose.", + "metadata": { + "name": "Organization", + "SubclassOf": "Agent", + "Instantiability": "Concrete" + }, + "properties": {}, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Organization", + "fqsupercname": "/Core/Agent", + "inheritance_stack": [ + "/Core/Agent", + "/Core/Element" + ], + "all_properties": { + "spdxId": { + "type": "xsd:anyURI", + "minCount": "1", "maxCount": "1", - "fqname": "/AI/safetyRiskAssessment", - "fullname": "/AI/safetyRiskAssessment", - "fulltype": "/AI/SafetyRiskAssessmentType" + "fqname": "/Core/spdxId", + "fullname": "/Core/spdxId", + "fulltype": "xsd:anyURI" }, - "standardCompliance": { + "name": { "type": "xsd:string", - "minCount": "0", - "fqname": "/AI/standardCompliance", - "maxCount": "*", - "fullname": "/AI/standardCompliance", + "maxCount": "1", + "fqname": "/Core/name", + "minCount": 0, + "fullname": "/Core/name", "fulltype": "xsd:string" }, - "typeOfModel": { + "summary": { "type": "xsd:string", - "minCount": "0", - "fqname": "/AI/typeOfModel", - "maxCount": "*", - "fullname": "/AI/typeOfModel", - "fulltype": "xsd:string" - }, - "useSensitivePersonalInformation": { - "type": "/Core/PresenceType", - "minCount": "0", "maxCount": "1", - "fqname": "/AI/useSensitivePersonalInformation", - "fullname": "/AI/useSensitivePersonalInformation", - "fulltype": "/Core/PresenceType" + "fqname": "/Core/summary", + "minCount": 0, + "fullname": "/Core/summary", + "fulltype": "xsd:string" }, - "packageVersion": { + "description": { "type": "xsd:string", - "minCount": "1", "maxCount": "1", - "fqname": "/Software/packageVersion", - "fullname": "/Software/packageVersion", + "fqname": "/Core/description", + "minCount": 0, + "fullname": "/Core/description", "fulltype": "xsd:string" }, - "downloadLocation": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Software/downloadLocation", - "fullname": "/Software/downloadLocation", - "fulltype": "xsd:anyURI" - }, - "packageUrl": { - "type": "xsd:anyURI", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/packageUrl", - "fullname": "/Software/packageUrl", - "fulltype": "xsd:anyURI" - }, - "homePage": { - "type": "xsd:anyURI", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/homePage", - "fullname": "/Software/homePage", - "fulltype": "xsd:anyURI" - }, - "sourceInfo": { + "comment": { "type": "xsd:string", - "minCount": "0", "maxCount": "1", - "fqname": "/Software/sourceInfo", - "fullname": "/Software/sourceInfo", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", "fulltype": "xsd:string" }, - "primaryPurpose": { - "type": "SoftwarePurpose", + "creationInfo": { + "type": "CreationInfo", "minCount": "1", "maxCount": "1", - "fqname": "/Software/primaryPurpose", - "fullname": "/Software/primaryPurpose", - "fulltype": "/Software/SoftwarePurpose" + "fqname": "/Core/creationInfo", + "fullname": "/Core/creationInfo", + "fulltype": "/Core/CreationInfo" }, - "additionalPurpose": { - "type": "SoftwarePurpose", - "minCount": "0", - "fqname": "/Software/additionalPurpose", + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, "maxCount": "*", - "fullname": "/Software/additionalPurpose", - "fulltype": "/Software/SoftwarePurpose" - }, - "copyrightText": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Software/copyrightText", - "fullname": "/Software/copyrightText", - "fulltype": "xsd:string" + "fullname": "/Core/verifiedUsing", + "fulltype": "/Core/IntegrityMethod" }, - "attributionText": { - "type": "xsd:string", + "externalRef": { + "type": "ExternalRef", "minCount": "0", - "fqname": "/Software/attributionText", + "fqname": "/Core/externalRef", "maxCount": "*", - "fullname": "/Software/attributionText", - "fulltype": "xsd:string" + "fullname": "/Core/externalRef", + "fulltype": "/Core/ExternalRef" }, - "contentIdentifier": { - "type": "ContentIdentifier", + "externalIdentifier": { + "type": "ExternalIdentifier", "minCount": "0", - "fqname": "/Software/contentIdentifier", + "fqname": "/Core/externalIdentifier", "maxCount": "*", - "fullname": "/Software/contentIdentifier", - "fulltype": "/Software/ContentIdentifier" + "fullname": "/Core/externalIdentifier", + "fulltype": "/Core/ExternalIdentifier" }, - "originatedBy": { - "type": "Agent", + "extension": { + "type": "/Extension/Extension", "minCount": "0", - "fqname": "/Core/originatedBy", + "fqname": "/Core/extension", "maxCount": "*", - "fullname": "/Core/originatedBy", - "fulltype": "/Core/Agent" - }, - "suppliedBy": { - "type": "Agent", + "fullname": "/Core/extension", + "fulltype": "/Extension/Extension" + } + } + }, + "/Core/Element": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "Element", + "fqname": "/Core/Element", + "summary": "Base domain class from which all other SPDX-3.0 domain classes derive.", + "description": "An Element is a representation of a fundamental concept either directly inherent\nto the Bill of Materials (BOM) domain or indirectly related to the BOM domain\nand necessary for contextually characterizing BOM concepts and relationships.\nWithin SPDX-3.0 structure this is the base class acting as a consistent,\nunifying, and interoperable foundation for all explicit\nand inter-relatable content objects.", + "metadata": { + "name": "Element", + "Instantiability": "Abstract" + }, + "properties": { + "spdxId": { + "type": "xsd:anyURI", "minCount": "1", "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" + "fqname": "/Core/spdxId" }, - "builtTime": { - "type": "DateTime", - "minCount": "0", + "name": { + "type": "xsd:string", "maxCount": "1", - "fqname": "/Core/builtTime", - "fullname": "/Core/builtTime", - "fulltype": "/Core/DateTime" + "fqname": "/Core/name", + "minCount": 0 }, - "releaseTime": { - "type": "DateTime", - "minCount": "1", + "summary": { + "type": "xsd:string", "maxCount": "1", - "fqname": "/Core/releaseTime", - "fullname": "/Core/releaseTime", - "fulltype": "/Core/DateTime" + "fqname": "/Core/summary", + "minCount": 0 }, - "validUntilTime": { - "type": "DateTime", - "minCount": "0", + "description": { + "type": "xsd:string", "maxCount": "1", - "fqname": "/Core/validUntilTime", - "fullname": "/Core/validUntilTime", - "fulltype": "/Core/DateTime" + "fqname": "/Core/description", + "minCount": 0 }, - "standardName": { + "comment": { "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0 + }, + "creationInfo": { + "type": "CreationInfo", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/creationInfo" + }, + "verifiedUsing": { + "type": "IntegrityMethod", + "fqname": "/Core/verifiedUsing", + "minCount": 0, + "maxCount": "*" + }, + "externalRef": { + "type": "ExternalRef", "minCount": "0", - "fqname": "/Core/standardName", - "maxCount": "*", - "fullname": "/Core/standardName", - "fulltype": "xsd:string" + "fqname": "/Core/externalRef", + "maxCount": "*" }, - "supportLevel": { - "type": "SupportType", + "externalIdentifier": { + "type": "ExternalIdentifier", "minCount": "0", - "fqname": "/Core/supportLevel", - "maxCount": "*", - "fullname": "/Core/supportLevel", - "fulltype": "/Core/SupportType" + "fqname": "/Core/externalIdentifier", + "maxCount": "*" }, + "extension": { + "type": "/Extension/Extension", + "minCount": "0", + "fqname": "/Core/extension", + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/Element", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -9821,7 +8418,7 @@ "type": "xsd:string", "maxCount": "1", "fqname": "/Core/name", - "minCount": "1", + "minCount": 0, "fullname": "/Core/name", "fulltype": "xsd:string" }, @@ -9891,547 +8488,1740 @@ } } }, - "/AI/EnergyConsumption": { - "py/object": "spec_parser.model.Class", + "/Core/ExternalRef": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "ExternalRef", + "fqname": "/Core/ExternalRef", + "summary": "A reference to a resource outside the scope of SPDX-3.0 content related to an Element.", + "description": "An External Reference points to a general resource outside the scope of the SPDX-3.0 content\nthat provides additional context, characteristics or related information about an Element.", + "metadata": { + "name": "ExternalRef", + "Instantiability": "Concrete" + }, + "properties": { + "externalRefType": { + "type": "ExternalRefType", + "maxCount": "1", + "fqname": "/Core/externalRefType", + "minCount": 0 + }, + "locator": { + "type": "xsd:string", + "fqname": "/Core/locator", + "minCount": 0, + "maxCount": "*" + }, + "contentType": { + "type": "MediaType", + "maxCount": "1", + "fqname": "/Core/contentType", + "minCount": 0 + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0 + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "externalRefType": { + "type": "ExternalRefType", + "maxCount": "1", + "fqname": "/Core/externalRefType", + "minCount": 0, + "fullname": "/Core/externalRefType", + "fulltype": "/Core/ExternalRefType" + }, + "locator": { + "type": "xsd:string", + "fqname": "/Core/locator", + "minCount": 0, + "maxCount": "*", + "fullname": "/Core/locator", + "fulltype": "xsd:string" + }, + "contentType": { + "type": "MediaType", + "maxCount": "1", + "fqname": "/Core/contentType", + "minCount": 0, + "fullname": "/Core/contentType", + "fulltype": "/Core/MediaType" + }, + "comment": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Core/comment", + "minCount": 0, + "fullname": "/Core/comment", + "fulltype": "xsd:string" + } + } + }, + "/Core/PositiveIntegerRange": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "PositiveIntegerRange", + "fqname": "/Core/PositiveIntegerRange", + "summary": "A tuple of two positive integers that define a range.", + "description": "PositiveIntegerRange is a tuple of two positive integers that define a range.\n\"beginIntegerRange\" must be less than or equal to \"endIntegerRange\".", + "metadata": { + "name": "PositiveIntegerRange", + "Instantiability": "Concrete" + }, + "properties": { + "beginIntegerRange": { + "type": "xsd:positiveInteger", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/beginIntegerRange" + }, + "endIntegerRange": { + "type": "xsd:positiveInteger", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/endIntegerRange" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "beginIntegerRange": { + "type": "xsd:positiveInteger", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/beginIntegerRange", + "fullname": "/Core/beginIntegerRange", + "fulltype": "xsd:positiveInteger" + }, + "endIntegerRange": { + "type": "xsd:positiveInteger", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/endIntegerRange", + "fullname": "/Core/endIntegerRange", + "fulltype": "xsd:positiveInteger" + } + } + } + }, + "properties": { + "/Core/endTime": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "endTime", + "fqname": "/Core/endTime", + "summary": "Specifies the time from which an element is no longer applicable / valid.", + "description": "An endTime specifies the time from which element is no longer applicable\n/ valid.", + "metadata": { + "name": "endTime", + "Nature": "DataProperty", + "Range": "DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/endTime", + "used_in": [ + "/Core/Relationship" + ] + }, + "/Core/identifierLocator": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "identifierLocator", + "fqname": "/Core/identifierLocator", + "summary": "Provides the location for more information regarding an external identifier.", + "description": "Identifiers are not always structured as URIs. An identifierLocator is a\nlocation hint (a URL) that provides contextual information relevant to the\nidentifier.", + "metadata": { + "name": "identifierLocator", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator", + "used_in": [ + "/Core/ExternalIdentifier" + ] + }, + "/Core/description": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "description", + "fqname": "/Core/description", + "summary": "Provides a detailed description of the Element.", + "description": "This field is a detailed description of the Element. It may also be extracted\nfrom the Element itself.\n\nThe intent is to provide recipients of the SPDX file with a detailed technical\nexplanation of the functionality, anticipated use, and anticipated\nimplementation of the Element.\n\nThis field may also include a description of improvements over prior versions\nof the Element.", + "metadata": { + "name": "description", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/description", + "used_in": [ + "/Core/Element" + ] + }, + "/Core/summary": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "summary", + "fqname": "/Core/summary", + "summary": "A short description of an Element.", + "description": "A summary is a short description of an Element. Here, the intent is to allow\nthe Element creator to provide concise information about the function or use of\nthe Element.", + "metadata": { + "name": "summary", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/summary", + "used_in": [ + "/Core/Element" + ] + }, + "/Core/namespaceMap": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "namespaceMap", + "fqname": "/Core/namespaceMap", + "summary": "Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance.", + "description": "This field provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance.", + "metadata": { + "name": "namespaceMap", + "Nature": "ObjectProperty", + "Range": "NamespaceMap" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap", + "used_in": [ + "/Core/SpdxDocument" + ] + }, + "/Core/dataLicense": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "dataLicense", + "fqname": "/Core/dataLicense", + "summary": "Provides the license under which the SPDX documentation of the Element can be\nused.", + "description": "The data license provides the license under which the SPDX documentation of the Element can be used.\n\nThis is to alleviate any concern that content (the data or database) in an SPDX file\nis subject to any form of intellectual property right that could restrict the re-use\nof the information or the creation of another SPDX file for the same project(s).\n\nThis approach avoids intellectual property and related restrictions over the SPDX file,\nhowever individuals can still contract with each other to restrict release\nof specific collections of SPDX files (which map to software bill of materials)\nand the identification of the supplier of SPDX files.\n\nCompliance with this document includes populating the SPDX fields therein\nwith data related to such fields (\"SPDX-Metadata\").\n\n\nThis document contains numerous fields where an SPDX file creator may provide\nrelevant explanatory text in SPDX-Metadata. Without opining on the lawfulness\nof \"database rights\" (in jurisdictions where applicable),\nsuch explanatory text is copyrightable subject matter in most Berne Convention countries.\n\nBy using the SPDX specification, or any portion hereof,\nyou hereby agree that any copyright rights (as determined by your jurisdiction)\nin any SPDX-Metadata, including without limitation explanatory text,\nshall be subject to the terms of the Creative Commons CC0 1.0 Universal license.\n\nFor SPDX-Metadata not containing any copyright rights,\nyou hereby agree and acknowledge that the SPDX-Metadata is provided to you \"as-is\"\nand without any representations or warranties of any kind concerning the SPDX-Metadata,\nexpress, implied, statutory or otherwise, including without limitation warranties\nof title, merchantability, fitness for a particular purpose, non-infringement,\nor the absence of latent or other defects, accuracy, or the presence or absence of errors,\nwhether or not discoverable, all to the greatest extent permissible under applicable law.", + "metadata": { + "name": "dataLicense", + "Nature": "ObjectProperty", + "Range": "/SimpleLicensing/AnyLicenseInfo" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense", + "used_in": [ + "/Core/SpdxDocument" + ] + }, + "/Core/builtTime": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "builtTime", + "fqname": "/Core/builtTime", + "summary": "Specifies the time an artifact was built.", + "description": "A builtTime specifies the time an artifact was built.", + "metadata": { + "name": "builtTime", + "Nature": "DataProperty", + "Range": "DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime", + "used_in": [ + "/Core/Artifact" + ] + }, + "/Core/createdUsing": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "createdUsing", + "fqname": "/Core/createdUsing", + "summary": "Identifies the tooling that was used during the creation of the Element.", + "description": "CreatedUsing identifies the tooling that was used during the creation of the\nElement.\n\nThe generation method will assist the recipient of the Element in assessing\nthe general reliability/accuracy of the analysis information.", + "metadata": { + "name": "createdUsing", + "Nature": "ObjectProperty", + "Range": "Tool" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing", + "used_in": [ + "/Core/CreationInfo" + ] + }, + "/Core/scope": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "scope", + "fqname": "/Core/scope", + "summary": "Capture the scope of information about a specific relationship between elements.", + "description": "A scope is additional context about a relationship, that clarifies the relationship between elements.", + "metadata": { + "name": "scope", + "Nature": "ObjectProperty", + "Range": "LifecycleScopeType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/scope", + "used_in": [ + "/Core/LifecycleScopedRelationship" + ] + }, + "/Core/from": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "from", + "fqname": "/Core/from", + "summary": "References the Element on the left-hand side of a relationship.", + "description": "This field references the Element on the left-hand side of a relationship.", + "metadata": { + "name": "from", + "Nature": "ObjectProperty", + "Range": "Element" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/from", + "used_in": [ + "/Core/Relationship" + ] + }, + "/Core/validUntilTime": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "validUntilTime", + "fqname": "/Core/validUntilTime", + "summary": "Specifies until when the artifact can be used before its usage needs to be\nreassessed.", + "description": "A validUntilTime specifies until when the artifact can be used before its usage\nneeds to be reassessed.", + "metadata": { + "name": "validUntilTime", + "Nature": "DataProperty", + "Range": "DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime", + "used_in": [ + "/Core/Artifact" + ] + }, + "/Core/context": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "context", + "fqname": "/Core/context", + "summary": "Gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under.", + "description": "A context gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under.", + "metadata": { + "name": "context", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/context", + "used_in": [ + "/Core/Bundle" + ] + }, + "/Core/extension": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "extension", + "fqname": "/Core/extension", + "summary": "Specifies an Extension characterization of some aspect of an Element.", + "description": "`extension` specifies an Extension-based characterization of a particular\naspect of an Element.", + "metadata": { + "name": "extension", + "Nature": "ObjectProperty", + "Range": "/Extension/Extension" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/extension", + "used_in": [ + "/Core/Element" + ] + }, + "/Core/imports": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "imports", + "fqname": "/Core/imports", + "summary": "Provides an ExternalMap of Element identifiers.", + "description": "Imports provides an ExternalMap of Element identifiers that are used within a\ndocument but defined external to that document.", + "metadata": { + "name": "imports", + "Nature": "ObjectProperty", + "Range": "ExternalMap" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/imports", + "used_in": [ + "/Core/SpdxDocument" + ] + }, + "/Core/name": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "name", + "fqname": "/Core/name", + "summary": "Identifies the name of an Element as designated by the creator.", + "description": "This field identifies the name of an Element as designated by the creator.\n\nThe name of an Element is an important convention and easier to refer to than\nthe URI.", + "metadata": { + "name": "name", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/name", + "used_in": [ + "/Core/Element" + ] + }, + "/Core/comment": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "comment", + "fqname": "/Core/comment", + "summary": "Provide consumers with comments by the creator of the Element about the\nElement.", + "description": "A comment is an optional field for creators of the Element to provide comments\nto the readers/reviewers of the document.", + "metadata": { + "name": "comment", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/comment", + "used_in": [ + "/Core/IntegrityMethod", + "/Core/CreationInfo", + "/Core/ExternalIdentifier", + "/Core/Element", + "/Core/ExternalRef" + ] + }, + "/Core/to": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "to", + "fqname": "/Core/to", + "summary": "References an Element on the right-hand side of a relationship.", + "description": "This field references an Element on the right-hand side of a relationship.\n\nIf it is not provided, it indicates that there are no known relationships of\nthe given type.", + "metadata": { + "name": "to", + "Nature": "ObjectProperty", + "Range": "Element" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/to", + "used_in": [ + "/Core/Relationship" + ] + }, + "/Core/creationInfo": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "creationInfo", + "fqname": "/Core/creationInfo", + "summary": "Provides information about the creation of the Element.", + "description": "CreationInfo provides information about the creation of the Element.", + "metadata": { + "name": "creationInfo", + "Nature": "ObjectProperty", + "Range": "CreationInfo" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo", + "used_in": [ + "/Core/Element" + ] + }, + "/Core/algorithm": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "algorithm", + "fqname": "/Core/algorithm", + "summary": "Specifies the algorithm used for calculating the hash value.", + "description": "An algorithm specifies the algorithm that was used for calculating the hash\nvalue.", + "metadata": { + "name": "algorithm", + "Nature": "ObjectProperty", + "Range": "HashAlgorithm" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm", + "used_in": [ + "/Core/Hash", + "/Core/PackageVerificationCode" + ] + }, + "/Core/locator": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "locator", + "fqname": "/Core/locator", + "summary": "Provides the location of an external reference.", + "description": "A locator provides the location of an external reference.", + "metadata": { + "name": "locator", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/locator", + "used_in": [ + "/Core/ExternalRef" + ] + }, + "/Core/specVersion": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "specVersion", + "fqname": "/Core/specVersion", + "summary": "Provides a reference number that can be used to understand how to parse and interpret an Element.", + "description": "The specVersion provides a reference number that can be used to understand how to parse and interpret an Element.\nIt will enable both future changes to the specification and to support backward compatibility.\nThe major version number shall be incremented when incompatible changes between versions are made\n(one or more sections are created, modified or deleted).\nThe minor version number shall be incremented when backwards compatible changes are made.\n\nHere, parties exchanging information in accordance with the SPDX specification need to provide\n100% transparency as to which SPDX specification version such information is conforming to.", + "metadata": { + "name": "specVersion", + "Nature": "DataProperty", + "Range": "SemVer" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion", + "used_in": [ + "/Core/CreationInfo" + ] + }, + "/Core/locationHint": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "locationHint", + "fqname": "/Core/locationHint", + "summary": "Provides an indication of where to retrieve an external Element.", + "description": "A locationHint provides an indication of where to retrieve an external Element.", + "metadata": { + "name": "locationHint", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint", + "used_in": [ + "/Core/ExternalMap" + ] + }, + "/Core/startTime": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "startTime", + "fqname": "/Core/startTime", + "summary": "Specifies the time from which an element is applicable / valid.", + "description": "A startTime specifies the time from which an element is applicable / valid.", + "metadata": { + "name": "startTime", + "Nature": "DataProperty", + "Range": "DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/startTime", + "used_in": [ + "/Core/Relationship" + ] + }, + "/Core/externalRefType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "externalRefType", + "fqname": "/Core/externalRefType", + "summary": "Specifies the type of the external reference.", + "description": "An externalRefType specifies the type of the external reference.", + "metadata": { + "name": "externalRefType", + "Nature": "ObjectProperty", + "Range": "ExternalRefType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType", + "used_in": [ + "/Core/ExternalRef" + ] + }, + "/Core/endIntegerRange": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "endIntegerRange", + "fqname": "/Core/endIntegerRange", + "summary": "Defines the end of a range.", + "description": "endIntegerRange is a positive integer that defines the end of a range.", + "metadata": { + "name": "endIntegerRange", + "Nature": "DataProperty", + "Range": "xsd:positiveInteger" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange", + "used_in": [ + "/Core/PositiveIntegerRange" + ] + }, + "/Core/hashValue": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "hashValue", + "fqname": "/Core/hashValue", + "summary": "The result of applying a hash algorithm to an Element.", + "description": "HashValue is the result of applying a hash algorithm to an Element.", + "metadata": { + "name": "hashValue", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue", + "used_in": [ + "/Core/Hash", + "/Core/PackageVerificationCode" + ] + }, + "/Core/statement": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "statement", + "fqname": "/Core/statement", + "summary": "Commentary on an assertion that an annotator has made.", + "description": "A statement is a commentary on an assertion that an annotator has made.", + "metadata": { + "name": "statement", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/statement", + "used_in": [ + "/Core/Annotation" + ] + }, + "/Core/rootElement": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "rootElement", + "fqname": "/Core/rootElement", + "summary": "This property is used to denote the root Element(s) of a tree of elements contained in a BOM.", + "description": "This property is used to denote the root Element(s) of a tree of elements contained in a BOM.\nThe tree consists of other elements directly and indirectly related through properties or Relationships from the root.", + "metadata": { + "name": "rootElement", + "Nature": "ObjectProperty", + "Range": "Element" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement", + "used_in": [ + "/Core/ElementCollection" + ] + }, + "/Core/identifier": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "identifier", + "fqname": "/Core/identifier", + "summary": "Uniquely identifies an external element.", + "description": "An identifier uniquely identifies an external element.", + "metadata": { + "name": "identifier", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/identifier", + "used_in": [ + "/Core/ExternalIdentifier" + ] + }, + "/Core/value": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "value", + "fqname": "/Core/value", + "summary": "A value used in a generic key-value pair.", + "description": "A value used in a generic key-value pair.\n\nA key-value pair can be used to implement a dictionary which associates a key\nwith a value.", + "metadata": { + "name": "value", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/value", + "used_in": [ + "/Core/DictionaryEntry" + ] + }, + "/Core/element": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "element", + "fqname": "/Core/element", + "summary": "Refers to one or more Elements that are part of an ElementCollection.", + "description": "This field refers to one or more Elements that are part of an\nElementCollection.", + "metadata": { + "name": "element", + "Nature": "ObjectProperty", + "Range": "Element" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/element", + "used_in": [ + "/Core/ElementCollection" + ] + }, + "/Core/verifiedUsing": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "verifiedUsing", + "fqname": "/Core/verifiedUsing", + "summary": "Provides an IntegrityMethod with which the integrity of an Element can be\nasserted.", + "description": "VerifiedUsing provides an IntegrityMethod with which the integrity of an\nElement can be asserted.\n\nPlease note that different profiles may also provide additional methods for\nverifying the integrity of specific subclasses of Elements.", + "metadata": { + "name": "verifiedUsing", + "Nature": "ObjectProperty", + "Range": "IntegrityMethod" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing", + "used_in": [ + "/Core/ExternalMap", + "/Core/Element" + ] + }, + "/Core/beginIntegerRange": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "beginIntegerRange", + "fqname": "/Core/beginIntegerRange", + "summary": "Defines the beginning of a range.", + "description": "beginIntegerRange is a positive integer that defines the beginning of a range.", + "metadata": { + "name": "beginIntegerRange", + "Nature": "DataProperty", + "Range": "xsd:positiveInteger" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange", + "used_in": [ + "/Core/PositiveIntegerRange" + ] + }, + "/Core/created": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "created", + "fqname": "/Core/created", + "summary": "Identifies when the Element was originally created.", + "description": "Created is a date that identifies when the Element was originally created.\n\nThe time stamp can serve as an indication as to whether the analysis needs to\nbe updated.\n\nThis is often the date of last change (e.g., a git commit date), not the date\nwhen the SPDX data was created, as doing so supports reproducible builds.", + "metadata": { + "name": "created", + "Nature": "DataProperty", + "Range": "DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/created", + "used_in": [ + "/Core/CreationInfo" + ] + }, + "/Core/relationshipType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "relationshipType", + "fqname": "/Core/relationshipType", + "summary": "Information about the relationship between two Elements.", + "description": "This field provides information about the relationship between two Elements.\nFor example, you can represent a relationship between two different Files,\nbetween a Package and a File, between two Packages, or between one SPDXDocument and another SPDXDocument.", + "metadata": { + "name": "relationshipType", + "Nature": "ObjectProperty", + "Range": "RelationshipType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType", + "used_in": [ + "/Core/Relationship" + ] + }, + "/Core/annotationType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "annotationType", + "fqname": "/Core/annotationType", + "summary": "Describes the type of annotation.", + "description": "An annotationType describes the type of an annotation.", + "metadata": { + "name": "annotationType", + "Nature": "ObjectProperty", + "Range": "AnnotationType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType", + "used_in": [ + "/Core/Annotation" + ] + }, + "/Core/releaseTime": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "releaseTime", + "fqname": "/Core/releaseTime", + "summary": "Specifies the time an artifact was released.", + "description": "A releaseTime specifies the time an artifact was released.", + "metadata": { + "name": "releaseTime", + "Nature": "DataProperty", + "Range": "DateTime" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime", + "used_in": [ + "/Core/Artifact" + ] + }, + "/Core/contentType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "contentType", + "fqname": "/Core/contentType", + "summary": "Provides information about the content type of an Element or a Property.", + "description": "This field is a reasonable estimation of the content type of the Element or the\nProperty, from a creator perspective.\n\nContent type is intrinsic to the Element or the Property, independent of how it\nis being used.", + "metadata": { + "name": "contentType", + "Nature": "DataProperty", + "Range": "MediaType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/contentType", + "used_in": [ + "/Software/File", + "/Core/Annotation", + "/Core/ExternalRef" + ] + }, + "/Core/createdBy": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "createdBy", + "fqname": "/Core/createdBy", + "summary": "Identifies who or what created the Element.", + "description": "CreatedBy identifies who or what created the Element.\n\nThe generation method will assist the recipient of the Element in assessing\nthe general reliability/accuracy of the analysis information.", + "metadata": { + "name": "createdBy", + "Nature": "ObjectProperty", + "Range": "Agent" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy", + "used_in": [ + "/Core/CreationInfo" + ] + }, + "/Core/profileConformance": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "profileConformance", + "fqname": "/Core/profileConformance", + "summary": "Describes one a profile which the creator of this ElementCollection intends to\nconform to.", + "description": "Describes a profile to which the creator of this ElementCollection intends to\nconform.\n\nThe profileConformance will apply to all Elements contained within the\ncollection as well as the collection itself.\n\nConformance to a profile is defined by the additional restrictions documented\nin the profile specific documentation and schema files.\n\nUse of this property allows the creator of an ElementCollection to communicate\nto consumers their intent to adhere to the profile additional restrictions.\n\nThe profileConformance has a default value of core if no other\nprofileConformance is specified since all ElementCollections and Element must\nadhere to the core profile.", + "metadata": { + "name": "profileConformance", + "Nature": "ObjectProperty", + "Range": "ProfileIdentifierType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance", + "used_in": [ + "/Core/ElementCollection" + ] + }, + "/Core/definingArtifact": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "definingArtifact", + "fqname": "/Core/definingArtifact", + "summary": "Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element.", + "description": "A definingArtifact property is used to link the Element identifier for an\nElement defined external to a given SpdxDocument to an Artifact Element\nrepresenting the SPDX serialization instance which contains the definition for\nthe Element.", + "metadata": { + "name": "definingArtifact", + "Nature": "ObjectProperty", + "Range": "Artifact" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact", + "used_in": [ + "/Core/ExternalMap" + ] + }, + "/Core/supportLevel": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "supportLevel", + "fqname": "/Core/supportLevel", + "summary": "Specifies the level of support associated with an artifact.", + "description": "supportLevel provides an indication of what support expectations that the\nsupplier of an artifact is providing to the user.", + "metadata": { + "name": "supportLevel", + "Nature": "ObjectProperty", + "Range": "SupportType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel", + "used_in": [ + "/Core/Artifact" + ] + }, + "/Core/key": { + "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "EnergyConsumption", - "fqname": "/AI/EnergyConsumption", - "summary": "A class for describing the energy consumption incurred by an AI model in\ndifferent stages of its lifecycle.", - "description": "A class to denote the known or estimated energy consumption of an AI model\nduring its training, fine-tuning, and inference stages.\n\n**Syntax**\n\n```json\n{\n \"type\": \"ai_EnergyConsumption\",\n \"ai_trainingEnergyConsumption\": [\n {\n \"type\": \"ai_EnergyConsumptionDescription\",\n \"ai_energyQuantity\": \"36.5\",\n \"ai_energyUnit\": \"kilowattHour\"\n }\n ],\n \"ai_inferenceEnergyConsumption\": [\n {\n \"type\": \"ai_EnergyConsumptionDescription\",\n \"ai_energyQuantity\": \"0.042\",\n \"ai_energyUnit\": \"kilowattHour\"\n }\n ]\n}\n```", + "name": "key", + "fqname": "/Core/key", + "summary": "A key used in a generic key-value pair.", + "description": "A key used in generic a key-value pair.\n\nA key-value pair can be used to implement a dictionary which associates a key\nwith a value.", "metadata": { - "name": "EnergyConsumption", - "Instantiability": "Concrete" + "name": "key", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "properties": { - "finetuningEnergyConsumption": { - "type": "EnergyConsumptionDescription", - "fqname": "/AI/finetuningEnergyConsumption", - "minCount": 0, - "maxCount": "*" - }, - "inferenceEnergyConsumption": { - "type": "EnergyConsumptionDescription", - "fqname": "/AI/inferenceEnergyConsumption", - "minCount": 0, - "maxCount": "*" - }, - "trainingEnergyConsumption": { - "type": "EnergyConsumptionDescription", - "fqname": "/AI/trainingEnergyConsumption", - "minCount": 0, - "maxCount": "*" - } + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/key", + "used_in": [ + "/Core/DictionaryEntry" + ] + }, + "/Core/namespace": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption", - "fqsupercname": null, - "inheritance_stack": [], - "all_properties": { - "finetuningEnergyConsumption": { - "type": "EnergyConsumptionDescription", - "fqname": "/AI/finetuningEnergyConsumption", - "minCount": 0, - "maxCount": "*", - "fullname": "/AI/finetuningEnergyConsumption", - "fulltype": "/AI/EnergyConsumptionDescription" - }, - "inferenceEnergyConsumption": { - "type": "EnergyConsumptionDescription", - "fqname": "/AI/inferenceEnergyConsumption", - "minCount": 0, - "maxCount": "*", - "fullname": "/AI/inferenceEnergyConsumption", - "fulltype": "/AI/EnergyConsumptionDescription" - }, - "trainingEnergyConsumption": { - "type": "EnergyConsumptionDescription", - "fqname": "/AI/trainingEnergyConsumption", - "minCount": 0, - "maxCount": "*", - "fullname": "/AI/trainingEnergyConsumption", - "fulltype": "/AI/EnergyConsumptionDescription" - } - } - } - }, - "properties": { - "/AI/modelExplainability": { + "license": "Community-Spec-1.0", + "name": "namespace", + "fqname": "/Core/namespace", + "summary": "Provides an unambiguous mechanism for conveying a URI fragment portion of an\nElementID.", + "description": "A namespace provides an unambiguous mechanism for conveying a URI fragment\nportion of an ElementID.", + "metadata": { + "name": "namespace", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/namespace", + "used_in": [ + "/Core/NamespaceMap" + ] + }, + "/Core/completeness": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "modelExplainability", - "fqname": "/AI/modelExplainability", - "summary": "Describes methods that can be used to explain the results from the AI model.", - "description": "A free-form text that lists the different explainability mechanisms and how\nthey can be used to explain the results from the AI model.\n\nThe mechanisms can be model-agnostic methods, such as\n[SHapley Additive exPlanations (SHAP)](https://shap.readthedocs.io/) and\n[Local Interpretable Model-agnostic Explanations (LIME)](https://github.com/marcotcr/lime),\nand model-specific methods that applied to a limited category of models.", + "name": "completeness", + "fqname": "/Core/completeness", + "summary": "Provides information about the completeness of relationships.", + "description": "Completeness gives information about whether the provided relationships are\ncomplete, known to be incomplete or if no assertion is made either way.", "metadata": { - "name": "modelExplainability", + "name": "completeness", + "Nature": "ObjectProperty", + "Range": "RelationshipCompleteness" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/completeness", + "used_in": [ + "/Core/Relationship" + ] + }, + "/Core/suppliedBy": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "suppliedBy", + "fqname": "/Core/suppliedBy", + "summary": "Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element.", + "description": "Identify the actual distribution source for the artifact (e.g., snippet, file,\npackage, vulnerability) or VulnAssessmentRelationship being referenced.\n\nThis might or might not be different from the originating distribution source\nfor the artifact (e.g., snippet, file, package, vulnerability) or\nVulnAssessmentRelationship.", + "metadata": { + "name": "suppliedBy", + "Nature": "ObjectProperty", + "Range": "Agent" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy", + "used_in": [ + "/Core/Artifact", + "/Security/VulnAssessmentRelationship" + ] + }, + "/Core/subject": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "subject", + "fqname": "/Core/subject", + "summary": "An Element an annotator has made an assertion about.", + "description": "A subject is an Element an annotator has made an assertion about.", + "metadata": { + "name": "subject", + "Nature": "ObjectProperty", + "Range": "Element" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/subject", + "used_in": [ + "/Core/Annotation" + ] + }, + "/Core/packageVerificationCodeExcludedFile": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "packageVerificationCodeExcludedFile", + "fqname": "/Core/packageVerificationCodeExcludedFile", + "summary": "The relative file name of a file to be excluded from the\n`PackageVerificationCode`.", + "description": "A relative filename with the root of the package archive or directory\nreferencing a file to be excluded from the `PackageVerificationCode`.\n\nIn general, every filename is preceded with a `./`, see\n[RFC 3986 Uniform Resource Identifier (URI): Generic Syntax](https://www.rfc-editor.org/info/rfc3986)\nfor syntax.", + "metadata": { + "name": "packageVerificationCodeExcludedFile", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile", "used_in": [ - "/AI/AIPackage" + "/Core/PackageVerificationCode" ] }, - "/AI/domain": { + "/Core/externalIdentifier": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "domain", - "fqname": "/AI/domain", - "summary": "Captures the domain in which the AI package can be used.", - "description": "A free-form text that describes the domain where the AI model contained in the\nAI software can be expected to operate successfully.\n\nExamples include computer vision, natural language processing, etc.", + "name": "externalIdentifier", + "fqname": "/Core/externalIdentifier", + "summary": "Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element.", + "description": "ExternalIdentifier points to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element.", "metadata": { - "name": "domain", + "name": "externalIdentifier", + "Nature": "ObjectProperty", + "Range": "ExternalIdentifier" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier", + "used_in": [ + "/Core/Element" + ] + }, + "/Core/externalSpdxId": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "externalSpdxId", + "fqname": "/Core/externalSpdxId", + "summary": "Identifies an external Element used within a Document but defined external to\nthat Document.", + "description": "ExternalSpdxId identifies an external Element used within a Document but\ndefined external to that Document.", + "metadata": { + "name": "externalSpdxId", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId", + "used_in": [ + "/Core/ExternalMap" + ] + }, + "/Core/spdxId": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "spdxId", + "fqname": "/Core/spdxId", + "summary": "Identifies an Element to be referenced by other Elements.", + "description": "SpdxId uniquely identifies an Element which may thereby be referenced by other Elements.\nThese references may be internal or external.\nWhile there may be several versions of the same Element, each one needs to be able to be referred to uniquely\nso that relationships between Elements can be clearly articulated.", + "metadata": { + "name": "spdxId", + "Nature": "DataProperty", + "Range": "xsd:anyURI" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/spdxId", + "used_in": [ + "/Core/Element" + ] + }, + "/Core/standardName": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 891 + }, + "license": "Community-Spec-1.0", + "name": "standardName", + "fqname": "/Core/standardName", + "summary": "The name of a relevant standard that may apply to an artifact.", + "description": "Various standards may be relevant to useful to capture for specific artifacts.", + "metadata": { + "name": "standardName", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/domain", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/standardName", "used_in": [ - "/AI/AIPackage" + "/Core/Artifact" ] }, - "/AI/metric": { + "/Core/externalRef": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "metric", - "fqname": "/AI/metric", - "summary": "Records the measurement of prediction quality of the AI model.", - "description": "Records the measurement with which the AI model was evaluated.\n\nThis makes statements about the prediction quality including uncertainty,\naccuracy, characteristics of the tested population, quality, fairness,\nexplainability, robustness etc.", + "name": "externalRef", + "fqname": "/Core/externalRef", + "summary": "Points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element.", + "description": "This field points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element.", "metadata": { - "name": "metric", + "name": "externalRef", "Nature": "ObjectProperty", - "Range": "/Core/DictionaryEntry" + "Range": "ExternalRef" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/metric", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef", "used_in": [ - "/AI/AIPackage" + "/Core/Element" ] }, - "/AI/typeOfModel": { + "/Core/externalIdentifierType": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "typeOfModel", - "fqname": "/AI/typeOfModel", - "summary": "Records the type of the model used in the AI software.", - "description": "A free-form text that records the type of the AI model(s) used in the software.\n\nFor instance, if it is a supervised model, unsupervised model, reinforcement\nlearning model or a combination of those.", + "name": "externalIdentifierType", + "fqname": "/Core/externalIdentifierType", + "summary": "Specifies the type of the external identifier.", + "description": "An externalIdentifierType specifies the type of the external identifier.", "metadata": { - "name": "typeOfModel", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "externalIdentifierType", + "Nature": "ObjectProperty", + "Range": "ExternalIdentifierType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType", "used_in": [ - "/AI/AIPackage" + "/Core/ExternalIdentifier" ] }, - "/AI/informationAboutTraining": { + "/Core/issuingAuthority": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "informationAboutTraining", - "fqname": "/AI/informationAboutTraining", - "summary": "Describes relevant information about different steps of the training process.", - "description": "A detailed explanation of the training process,\nincluding the specific techniques, algorithms, and methods employed.\n\nExamples include:\n\n- training data used to train the AI model, along with any relevant details\n about its source, quality, and pre-processing steps;\n- specific training algorithms employed, including stochastic gradient descent,\n backpropagation, and reinforcement learning;\n- specific training techniques used to improve the performance or accuracy\n of the AI model, such as transfer learning, fine-tuning, or active learning;\n and\n- any evaluation metrics used to assess the performance of the AI model\n during the training process, including accuracy, precision, recall, and F1\n score.", + "name": "issuingAuthority", + "fqname": "/Core/issuingAuthority", + "summary": "An entity that is authorized to issue identification credentials.", + "description": "An issuingAuthority is an entity that is authorized to issue identification\ncredentials.\n\nThe entity may be a government, non-profit, educational institution, or\ncommercial enterprise.\n\nThe string provides a unique identifier for the issuing authority.", "metadata": { - "name": "informationAboutTraining", + "name": "issuingAuthority", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority", "used_in": [ - "/AI/AIPackage" + "/Core/ExternalIdentifier" ] }, - "/AI/safetyRiskAssessment": { + "/Core/originatedBy": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "safetyRiskAssessment", - "fqname": "/AI/safetyRiskAssessment", - "summary": "Records the results of general safety risk assessment of the AI system.", - "description": "Records the results of general safety risk assessment of the AI system.\n\nUsing categorization according to the\n[EU general risk assessment methodology](https://ec.europa.eu/docsroom/documents/17107).\nThe methodology implements Article 20 of Regulation (EC) No 765/2008 and is\nintended to assist authorities when they assess general product safety\ncompliance.\n\nIt is important to note that this categorization differs from the one proposed\nin the EU AI Act's provisional agreement.", + "name": "originatedBy", + "fqname": "/Core/originatedBy", + "summary": "Identifies from where or whom the Element originally came.", + "description": "OriginatedBy identifies from where or whom the Element originally came.", "metadata": { - "name": "safetyRiskAssessment", + "name": "originatedBy", "Nature": "ObjectProperty", - "Range": "SafetyRiskAssessmentType" + "Range": "Agent" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy", "used_in": [ - "/AI/AIPackage" + "/Core/Artifact" ] }, - "/AI/useSensitivePersonalInformation": { + "/Core/prefix": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "useSensitivePersonalInformation", - "fqname": "/AI/useSensitivePersonalInformation", - "summary": "Records if sensitive personal information is used during model training or\ncould be used during the inference.", - "description": "Notes if sensitive personal information is used in the training or inference of\nthe AI models.\n\nThis might include biometric data, addresses or other data that can be used to\ninfer a person's identity.\n\nRelated: `hasSensitivePersonalInformation` in `/Dataset/DatasetPackage`", + "name": "prefix", + "fqname": "/Core/prefix", + "summary": "A substitute for a URI.", + "description": "A prefix is a substitute for a URI.", "metadata": { - "name": "useSensitivePersonalInformation", - "Nature": "ObjectProperty", - "Range": "/Core/PresenceType" + "name": "prefix", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation", + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/prefix", "used_in": [ - "/AI/AIPackage" + "/Core/NamespaceMap" ] - }, - "/AI/hyperparameter": { - "py/object": "spec_parser.model.Property", + } + }, + "vocabularies": { + "/Core/HashAlgorithm": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "hyperparameter", - "fqname": "/AI/hyperparameter", - "summary": "Records a hyperparameter used to build the AI model contained in the AI\npackage.", - "description": "Records a hyperparameter value.\n\nHyperparameters are settings defined before the training process that control\nthe learning algorithm's behavior. They differ from model parameters,\nwhich are learned from the data during training. Developers typically set\nhyperparameters manually or through a process of hyperparameter tuning\n(also known as trial and error).\n\nExamples of hyperparameters include learning rate, batch size, and the number\nof layers in a neural network.", + "name": "HashAlgorithm", + "fqname": "/Core/HashAlgorithm", + "summary": "A mathematical algorithm that maps data of arbitrary size to a bit string.", + "description": "A HashAlgorithm is a mathematical algorithm that maps data of arbitrary size to\na bit string (the hash) and is a one-way function, that is, a function which is\npractically infeasible to invert.", "metadata": { - "name": "hyperparameter", - "Nature": "ObjectProperty", - "Range": "/Core/DictionaryEntry" + "name": "HashAlgorithm" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter", - "used_in": [ - "/AI/AIPackage" - ] + "entries": { + "blake2b256": "BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4.", + "blake2b384": "BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4.", + "blake2b512": "BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4.", + "blake3": "[BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf)", + "crystalsDilithium": "[Dilithium](https://pq-crystals.org/dilithium/)", + "crystalsKyber": "[Kyber](https://pq-crystals.org/kyber/)", + "falcon": "[FALCON](https://falcon-sign.info/falcon.pdf)", + "md2": "MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/).", + "md4": "MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186).", + "md5": "MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321).", + "md6": "[MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf)", + "other": "any hashing algorithm that does not exist in this list of entries", + "sha1": "SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174).", + "sha224": "SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874).", + "sha256": "SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234).", + "sha384": "SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234).", + "sha512": "SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234).", + "sha3_224": "SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).", + "sha3_256": "SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).", + "sha3_384": "SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).", + "sha3_512": "SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" }, - "/AI/trainingEnergyConsumption": { - "py/object": "spec_parser.model.Property", + "/Core/RelationshipCompleteness": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "trainingEnergyConsumption", - "fqname": "/AI/trainingEnergyConsumption", - "summary": "Specifies the amount of energy consumed when training the AI model that is\nbeing used in the AI system.", - "description": "The field specifies the amount of energy consumed when training the AI model\nthat is being used in the AI system.", + "name": "RelationshipCompleteness", + "fqname": "/Core/RelationshipCompleteness", + "summary": "Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness.", + "description": "RelationshipCompleteness indicates whether the provided relationship is known to be complete, known to be incomplete, or if no assertion is made by the relationship creator.", "metadata": { - "name": "trainingEnergyConsumption", - "Nature": "ObjectProperty", - "Range": "EnergyConsumptionDescription" + "name": "RelationshipCompleteness" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption", - "used_in": [ - "/AI/EnergyConsumption" - ] + "entries": { + "incomplete": "The relationship is known not to be exhaustive.", + "complete": "The relationship is known to be exhaustive.", + "noAssertion": "No assertion can be made about the completeness of the relationship." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" }, - "/AI/standardCompliance": { - "py/object": "spec_parser.model.Property", + "/Core/ExternalRefType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "standardCompliance", - "fqname": "/AI/standardCompliance", - "summary": "Captures a standard that is being complied with.", - "description": "A free-form text that captures a standard that the AI software complies with.\n\nThis includes both published and unpublished standards, such as those developed\nby ISO, IEEE, and ETSI.\n\nThe standard may, but is not necessarily required to, satisfy a legal or\nregulatory requirement.", + "name": "ExternalRefType", + "fqname": "/Core/ExternalRefType", + "summary": "Specifies the type of an external reference.", + "description": "ExternalRefType specifies the type of an external reference.", "metadata": { - "name": "standardCompliance", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "ExternalRefType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance", - "used_in": [ - "/AI/AIPackage" - ] + "entries": { + "altDownloadLocation": "A reference to an alternative download location.", + "altWebPage": "A reference to an alternative web page.", + "binaryArtifact": "A reference to binary artifacts related to a package.", + "bower": "A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install).", + "buildMeta": "A reference build metadata related to a published package.", + "buildSystem": "A reference build system used to create or publish the package.", + "chat": "A reference to the instant messaging system used by the maintainer for a package.", + "certificationReport": "A reference to a certification report for a package from an accredited/independent body.", + "componentAnalysisReport": "A reference to a Software Composition Analysis (SCA) report.", + "cwe": "[Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/).", + "documentation": "A reference to the documentation for a package.", + "dynamicAnalysisReport": "A reference to a dynamic analysis report for a package.", + "eolNotice": "A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package.", + "exportControlAssessment": "A reference to a export control assessment for a package.", + "funding": "A reference to funding information related to a package.", + "issueTracker": "A reference to the issue tracker for a package.", + "mailingList": "A reference to the mailing list used by the maintainer for a package.", + "mavenCentral": "A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html).", + "metrics": "A reference to metrics related to package such as OpenSSF scorecards.", + "npm": "A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json).", + "nuget": "A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org).", + "license": "A reference to additional license information related to an artifact.", + "other": "Used when the type does not match any of the other options.", + "privacyAssessment": "A reference to a privacy assessment for a package.", + "productMetadata": "A reference to additional product metadata such as reference within organization's product catalog.", + "purchaseOrder": "A reference to a purchase order for a package.", + "qualityAssessmentReport": "A reference to a quality assessment for a package.", + "releaseNotes": "A reference to the release notes for a package.", + "releaseHistory": "A reference to a published list of releases for a package.", + "riskAssessment": "A reference to a risk assessment for a package.", + "runtimeAnalysisReport": "A reference to a runtime analysis report for a package.", + "secureSoftwareAttestation": "A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form).", + "securityAdvisory": "A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries.", + "securityAdversaryModel": "A reference to the security adversary model for a package.", + "securityFix": "A reference to the patch or source code that fixes a vulnerability.", + "securityOther": "A reference to related security information of unspecified type.", + "securityPenTestReport": "A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package.", + "securityPolicy": "A reference to instructions for reporting newly discovered security vulnerabilities for a package.", + "securityThreatModel": "A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package.", + "socialMedia": "A reference to a social media channel for a package.", + "sourceArtifact": "A reference to an artifact containing the sources for a package.", + "staticAnalysisReport": "A reference to a static analysis report for a package.", + "support": "A reference to the software support channel or other support information for a package.", + "vcs": "A reference to a version control system related to a software artifact.", + "vulnerabilityDisclosureReport": "A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final).", + "vulnerabilityExploitabilityAssessment": "A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf)." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" }, - "/AI/informationAboutApplication": { - "py/object": "spec_parser.model.Property", + "/Core/ProfileIdentifierType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "informationAboutApplication", - "fqname": "/AI/informationAboutApplication", - "summary": "Provides relevant information about the AI software, not including the model\ndescription.", - "description": "A free-form text description of how the AI model is used within the software.\n\nIt should include any relevant information, such as pre-processing steps,\nthird-party APIs, and other pertinent details.\n\nIt can also include:\n\n- Functionality provided by the AI model within the software application,\n including: any specific tasks or decisions it is designed to perform;\n any pre-processing steps that are applied to the input data before it is\n fed into the AI model for inference, such as data cleaning, normalization,\n or feature extraction;\n and any third-party APIs or services that are used in conjunction with\n the AI model, such as data sources, cloud services, or other AI models.\n- Description of any dependencies or requirements needed to run the AI model\n within the software application, including: specific hardware,\n software libraries, and operating systems.", + "name": "ProfileIdentifierType", + "fqname": "/Core/ProfileIdentifierType", + "summary": "Enumeration of the valid profiles.", + "description": "There are a set of profiles that have been defined by a profile team.\n\nA profile consists of a namespace that may add properties and classes to the\ncore profile unique to the domain covered by the profile.\n\nThe profile may also contain additional restrictions on existing properties and\nclasses defined in other profiles.\n\nIf the creator of an SPDX collection of elements includes a profile in the list\nof profileConformance, they are claiming that all contained elements conform\nto all restrictions defined for that profile.", "metadata": { - "name": "informationAboutApplication", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "ProfileIdentifierType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication", - "used_in": [ - "/AI/AIPackage" - ] + "entries": { + "core": "the element follows the Core profile specification", + "software": "the element follows the Software profile specification", + "simpleLicensing": "the element follows the simple Licensing profile specification", + "expandedLicensing": "the element follows the expanded Licensing profile specification", + "security": "the element follows the Security profile specification", + "build": "the element follows the Build profile specification", + "ai": "the element follows the AI profile specification", + "dataset": "the element follows the Dataset profile specification", + "extension": "the element follows the Extension profile specification", + "lite": "the element follows the Lite profile specification" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" }, - "/AI/modelDataPreprocessing": { - "py/object": "spec_parser.model.Property", + "/Core/PresenceType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "modelDataPreprocessing", - "fqname": "/AI/modelDataPreprocessing", - "summary": "Describes all the preprocessing steps applied to the training data before the\nmodel training.", - "description": "A free-form text that describes the preprocessing steps applied to the training\ndata before training of the model(s) contained in the AI software.", + "name": "PresenceType", + "fqname": "/Core/PresenceType", + "summary": "Categories of presence or absence.", + "description": "This type is used to indicate if a given field is present or absent or unknown.", "metadata": { - "name": "modelDataPreprocessing", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "PresenceType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing", - "used_in": [ - "/AI/AIPackage" - ] + "entries": { + "yes": "Indicates presence of the field.", + "no": "Indicates absence of the field.", + "noAssertion": "Makes no assertion about the field." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" }, - "/AI/autonomyType": { - "py/object": "spec_parser.model.Property", + "/Core/SupportType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "autonomyType", - "fqname": "/AI/autonomyType", - "summary": "Indicates whether the system can perform a decision or action without human\ninvolvement or guidance.", - "description": "Indicates if the system is fully automated or a human is involved in any of the\ndecisions of the AI system.\n\n- yes: Indicates that the system is fully automated\n- no: Indicates that a human is involved in any of the decisions of the AI\n system\n- noAssertion: Makes no assertion about the autonomy", + "name": "SupportType", + "fqname": "/Core/SupportType", + "summary": "Indicates the type of support that is associated with an artifact.", + "description": "SupportType is an enumeration of the various types of support commonly found for artifacts in the software supply chain. Specific details of what that support entails are provided by agreements between the producer and consumer of the artifact.", "metadata": { - "name": "autonomyType", - "Nature": "ObjectProperty", - "Range": "/Core/PresenceType" + "name": "SupportType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType", - "used_in": [ - "/AI/AIPackage" - ] + "entries": { + "development": "the artifact is in active development and is not considered ready for formal support from the supplier.", + "support": "the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support.", + "deployed": "in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service.", + "limitedSupport": "the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support.", + "endOfSupport": "there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact.", + "noSupport": "there is no support for the artifact from the supplier, consumer assumes any support obligations.", + "noAssertion": "no assertion about the type of support is made. This is considered the default if no other support type is used." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" }, - "/AI/energyConsumption": { - "py/object": "spec_parser.model.Property", + "/Core/LifecycleScopeType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "energyConsumption", - "fqname": "/AI/energyConsumption", - "summary": "Indicates the amount of energy consumption incurred by an AI model.", - "description": "Captures the energy consumption of an AI model, either known or estimated.\n\nIn the absence of direct measurements, an SPDX data creator may choose to\nestimate the energy consumption based on information about computational\nresources (e.g., number of floating-point operations), training time, and other\nrelevant training details.", + "name": "LifecycleScopeType", + "fqname": "/Core/LifecycleScopeType", + "summary": "Provide an enumerated set of lifecycle phases that can provide context to relationships.", + "description": "This enumeration summarizes common phases when dependency and other relationships, have different implications, based on their context. For example, a build dependency, may have different implications than a operational dependency.", "metadata": { - "name": "energyConsumption", - "Nature": "ObjectProperty", - "Range": "EnergyConsumption" + "name": "LifecycleScopeType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption", - "used_in": [ - "/AI/AIPackage" - ] + "entries": { + "design": "A relationship has specific context implications during an element's design.", + "development": "A relationship has specific context implications during development phase of an element.", + "build": "A relationship has specific context implications during an element's build phase, during development.", + "test": "A relationship has specific context implications during an element's testing phase, during development.", + "runtime": "A relationship has specific context implications during the execution phase of an element.", + "other": "A relationship has other specific context information necessary to capture that the above set of enumerations does not handle." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" }, - "/AI/finetuningEnergyConsumption": { - "py/object": "spec_parser.model.Property", + "/Core/ExternalIdentifierType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "finetuningEnergyConsumption", - "fqname": "/AI/finetuningEnergyConsumption", - "summary": "Specifies the amount of energy consumed when finetuning the AI model that is\nbeing used in the AI system.", - "description": "The field specifies the amount of energy consumed when finetuning the AI model\nthat is being used in the AI system.", + "name": "ExternalIdentifierType", + "fqname": "/Core/ExternalIdentifierType", + "summary": "Specifies the type of an external identifier.", + "description": "ExteralIdentifierType specifies the type of an external identifier.", "metadata": { - "name": "finetuningEnergyConsumption", - "Nature": "ObjectProperty", - "Range": "EnergyConsumptionDescription" + "name": "ExternalIdentifierType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption", - "used_in": [ - "/AI/EnergyConsumption" - ] + "entries": { + "cpe22": "[Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf)", + "cpe23": "[Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final)", + "cve": "Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id).", + "email": "Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3.", + "gitoid": "[Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property.", + "other": "Used when the type does not match any of the other options.", + "packageUrl": "[package URL](https://github.com/package-url/purl-spec)", + "securityOther": "Used when there is a security related identifier of unspecified type.", + "swhid": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`.", + "swid": "Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3.", + "urlScheme": "[Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" }, - "/AI/limitation": { - "py/object": "spec_parser.model.Property", + "/Core/AnnotationType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "limitation", - "fqname": "/AI/limitation", - "summary": "Captures a limitation of the AI software.", - "description": "A free-form text that captures a limitation of the AI package\n(or of the AI models present in the AI package).\n\nNote that this is not guaranteed to be exhaustive.\n\nFor instance, a limitation might be that the AI package cannot be used on\ndatasets from a certain demography.", + "name": "AnnotationType", + "fqname": "/Core/AnnotationType", + "summary": "Specifies the type of an annotation.", + "description": "AnnotationType specifies the type of an annotation.", "metadata": { - "name": "limitation", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "AnnotationType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/limitation", - "used_in": [ - "/AI/AIPackage" - ] + "entries": { + "other": "Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element).", + "review": "Used when someone reviews the Element." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" }, - "/AI/metricDecisionThreshold": { - "py/object": "spec_parser.model.Property", + "/Core/RelationshipType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "metricDecisionThreshold", - "fqname": "/AI/metricDecisionThreshold", - "summary": "Captures the threshold that was used for computation of a metric described in\nthe metric field.", - "description": "Each metric might be computed based on a decision threshold.\n\nFor instance, precision or recall is typically computed by checking if the\nprobability of the outcome is larger than 0.5.\n\nEach decision threshold should match with a metric field defined in the AI\npackage.", + "name": "RelationshipType", + "fqname": "/Core/RelationshipType", + "summary": "Information about the relationship between two Elements.", + "description": "Provides information about the relationship between two Elements.\nFor example, you can represent a relationship between two different Files,\nbetween a Package and a File, between two Packages, or between one SPDXDocument\nand another SPDXDocument.\n\nRelationship names be descriptive enough to easily deduce the correct direction\nfrom their name. The best way to do this is to make sure that the relationship\nname completes the sentence:\n\n`from` (is) (a) `RELATIONSHIP` `to`", "metadata": { - "name": "metricDecisionThreshold", - "Nature": "ObjectProperty", - "Range": "/Core/DictionaryEntry" + "name": "RelationshipType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold", - "used_in": [ - "/AI/AIPackage" - ] - }, - "/AI/inferenceEnergyConsumption": { - "py/object": "spec_parser.model.Property", + "entries": { + "affects": "(Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships.", + "amendedBy": "The `from` Element is amended by each `to` Element.", + "ancestorOf": "The `from` Element is an ancestor of each `to` Element.", + "availableFrom": "The `from` Element is available from the additional supplier described by each `to` Element.", + "configures": "The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period.", + "contains": "The `from` Element contains each `to` Element.", + "coordinatedBy": "(Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent).", + "copiedTo": "The `from` Element has been copied to each `to` Element.", + "delegatedTo": "The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`).", + "dependsOn": "The `from` Element depends on each `to` Element, during a LifecycleScopeType period.", + "descendantOf": "The `from` Element is a descendant of each `to` Element.", + "describes": "The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used.", + "doesNotAffect": "(Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships.", + "expandsTo": "The `from` archive expands out as an artifact described by each `to` Element.", + "exploitCreatedBy": "(Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent.", + "fixedBy": "(Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s).", + "fixedIn": "(Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships.", + "foundBy": "(Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s).", + "generates": "The `from` Element generates each `to` Element.", + "hasAddedFile": "Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`).", + "hasAssessmentFor": "(Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types.", + "hasAssociatedVulnerability": "(Security) Used to associate a `from` Artifact with each `to` Vulnerability.", + "hasConcludedLicense": "The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license.", + "hasDataFile": "The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency.", + "hasDeclaredLicense": "The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling.", + "hasDeletedFile": "Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`).", + "hasDependencyManifest": "The `from` Element has manifest files that contain dependency information in each `to` Element.", + "hasDistributionArtifact": "The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file).", + "hasDocumentation": "The `from` Element is documented by each `to` Element.", + "hasDynamicLink": "The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period.", + "hasEvidence": "(Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`).", + "hasExample": "Every `to` Element is an example for the `from` Element (`from` hasExample `to`).", + "hasHost": "The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on).", + "hasInputs": "The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period.", + "hasMetadata": "Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`).", + "hasOptionalComponent": "Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`).", + "hasOptionalDependency": "The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period.", + "hasOutputs": "The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period.", + "hasPrerequisite": "The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period.", + "hasProvidedDependency": "The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period.", + "hasRequirement": "The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period.", + "hasSpecification": "Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period.", + "hasStaticLink": "The `from` Element statically links in each `to` Element, during a LifecycleScopeType period.", + "hasTest": "Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period.", + "hasTestCase": "Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`).", + "hasVariant": "Every `to` Element is a variant the `from` Element (`from` hasVariant `to`).", + "invokedBy": "The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step).", + "modifiedBy": "The `from` Element is modified by each `to` Element.", + "other": "Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless).", + "packagedBy": "Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`).", + "patchedBy": "Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`).", + "publishedBy": "(Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent.", + "reportedBy": "(Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent.", + "republishedBy": "(Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent.", + "serializedInArtifact": "The `from` SPDXDocument can be found in a serialized form in each `to` Artifact.", + "testedOn": "(AI, Dataset) The `from` Element has been tested on the `to` Element(s).", + "trainedOn": "(AI, Dataset) The `from` Element has been trained on the `to` Element(s).", + "underInvestigationFor": "(Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships.", + "usesTool": "The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + } + }, + "individuals": { + "/Core/NoAssertionElement": { + "py/object": "spec_parser.model.Individual", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "inferenceEnergyConsumption", - "fqname": "/AI/inferenceEnergyConsumption", - "summary": "Specifies the amount of energy consumed during inference time by an AI model\nthat is being used in the AI system.", - "description": "The field specifies the amount of energy consumed during inference time by an\nAI model that is being used in the AI system.", + "name": "NoAssertionElement", + "fqname": "/Core/NoAssertionElement", + "summary": "An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number).", + "description": "NoAssertionElement should be used if\n\n- the SPDX creator has attempted to but cannot reach a reasonable objective\n determination;\n- the SPDX creator has made no attempt to determine this field; or\n- the SPDX creator has intentionally provided no information (no meaning should\n be implied by doing so).\n\nFor example, a Relationship with `from`=Element1,\n`relationshipType`=\"ancestorOf\", and `to`=NOASSERTION is explicitly expressing\nthat no assertion is being made about any potential descendents of Element1.", "metadata": { - "name": "inferenceEnergyConsumption", - "Nature": "ObjectProperty", - "Range": "EnergyConsumptionDescription" + "name": "NoAssertionElement", + "type": "Element", + "IRI": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption", - "used_in": [ - "/AI/EnergyConsumption" - ] + "values": { + "name": "\"NOASSERTION\"" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement" }, - "/AI/energyUnit": { - "py/object": "spec_parser.model.Property", + "/Core/NoneElement": { + "py/object": "spec_parser.model.Individual", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "energyUnit", - "fqname": "/AI/energyUnit", - "summary": "Specifies the unit in which energy is measured.", - "description": "Provides the unit information of the energy.", + "name": "NoneElement", + "fqname": "/Core/NoneElement", + "summary": "An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero.", + "description": "NoneLicenseElement should be used if the SPDX creator desires to assert that\nthere are NO elements for the given context of use.\n\nFor example, a Relationship with `from`=Element1,\n`relationshipType`=\"ancestorOf\", and `to`=NONE is explicitly expressing an\nassertion that Element1 has no descendents.", "metadata": { - "name": "energyUnit", - "Nature": "ObjectProperty", - "Range": "EnergyUnitType" + "name": "NoneElement", + "type": "Element", + "IRI": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit", - "used_in": [ - "/AI/EnergyConsumptionDescription" - ] - }, - "/AI/energyQuantity": { - "py/object": "spec_parser.model.Property", + "values": { + "name": "\"NONE\"" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement" + } + }, + "datatypes": { + "/Core/DateTime": { + "py/object": "spec_parser.model.Datatype", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "energyQuantity", - "fqname": "/AI/energyQuantity", - "summary": "Represents the energy quantity.", - "description": "Provides the quantity information of the energy.", + "name": "DateTime", + "fqname": "/Core/DateTime", + "summary": "A string representing a specific date and time.", + "description": "A Datetime is a string representation of a specific date and time.\n\nIt has resolution of seconds and is always expressed in UTC timezone.\n\nThe specific format is one of the most commonly used ISO-8601 formats.", "metadata": { - "name": "energyQuantity", - "Nature": "DataProperty", - "Range": "xsd:decimal" + "name": "DateTime", + "SubclassOf": "xsd:dateTimeStamp" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity", - "used_in": [ - "/AI/EnergyConsumptionDescription" - ] - } - }, - "vocabularies": { - "/AI/SafetyRiskAssessmentType": { - "py/object": "spec_parser.model.Vocabulary", + "format": { + "pattern": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/DateTime" + }, + "/Core/MediaType": { + "py/object": "spec_parser.model.Datatype", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "SafetyRiskAssessmentType", - "fqname": "/AI/SafetyRiskAssessmentType", - "summary": "Specifies the safety risk level.", - "description": "Lists the different general safety risk levels that can be used to describe the\ngeneral safety risk of an AI system.\n\nUsing categorization according to the\n[EU general risk assessment methodology](https://ec.europa.eu/docsroom/documents/17107).\nThe methodology implements Article 20 of Regulation (EC) No 765/2008 and is\nintended to assist authorities when they assess general product safety\ncompliance.", + "name": "MediaType", + "fqname": "/Core/MediaType", + "summary": "Standardized way of indicating the type of content of an Element or a Property.\nA String constrained to the RFC 2046 specificiation.", + "description": "A MediaType is a string constrained to the\n[RFC 2046 MIME Part Two: Media Types](https://www.rfc-editor.org/info/rfc2046).\nIt provides a standardized way of indicating the type of content of an Element\nor a Property.\n\n**Examples**\n\n- `application/java-archive`\n- `application/vcard+json`\n- `application/vnd.oasis.opendocument.text`\n- `image/avif`\n- `text/csv;charset=UTF-8`\n- `text/javascript`\n- `text/spdx`\n\nA list of all possible media types is available at\n[IANA Protocol Registries](https://www.iana.org/assignments/media-types/media-types.xhtml).", "metadata": { - "name": "SafetyRiskAssessmentType" + "name": "MediaType", + "SubclassOf": "xsd:string" }, - "entries": { - "serious": "The highest level of risk posed by an AI system.", - "high": "The second-highest level of risk posed by an AI system.", - "medium": "The third-highest level of risk posed by an AI system.", - "low": "Low/no risk is posed by an AI system." + "format": { + "pattern": "^[^\\/]+\\/[^\\/]+$" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/MediaType" }, - "/AI/EnergyUnitType": { - "py/object": "spec_parser.model.Vocabulary", + "/Core/SemVer": { + "py/object": "spec_parser.model.Datatype", "ns": { - "py/id": 1413 + "py/id": 891 }, "license": "Community-Spec-1.0", - "name": "EnergyUnitType", - "fqname": "/AI/EnergyUnitType", - "summary": "Specifies the unit of energy consumption.", - "description": "List the different acceptable units for measuring energy consumption.\n\nIf the unit in which the energy consumption has been recorded\nis not listed here, please select \"other\".", + "name": "SemVer", + "fqname": "/Core/SemVer", + "summary": "A string constrained to the SemVer 2.0.0 specification.", + "description": "A semantic version is a string that is following the specification of\n[Semantic Versioning 2.0.0](https://semver.org/).", "metadata": { - "name": "EnergyUnitType" + "name": "SemVer", + "SubclassOf": "xsd:string" }, - "entries": { - "kilowattHour": "Kilowatt-hour.", - "megajoule": "Megajoule.", - "other": "Any other units of energy measurement." + "format": { + "pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" + "iri": "https://spdx.org/rdf/3.0.1/terms/Core/SemVer" } }, - "individuals": {}, - "datatypes": {}, - "license": "Community-Spec-1.0", - "name": "AI", - "summary": "The AI Profile is designed to provide a standardized way of documenting and\nsharing information about AI software packages (i.e. systems).", - "description": "The AI namespace defines a set of concepts and data elements related to AI\nsystem and model artifacts. These artifacts are the tangible outputs of the AI\ndevelopment process, such as software packages, models, and datasets.", - "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/AI", - "name": "AI" - }, - "conformance": "For an element collection to be conformant with this profile,\nthe following has to hold:\n\n1. for every `/AI/AIPackage` there MUST exist exactly one `/Core/Relationship`\n of type `hasConcludedLicense` having that element as its `from` property\n and an `/SimpleLicensing/AnyLicenseInfo` as its `to` property.\n2. for every `/AI/AIPackage` there MUST exist exactly one `/Core/Relationship`\n of type `hasDeclaredLicense` having that element as its `from` property\n and an `/SimpleLicensing/AnyLicenseInfo` as its `to` property.", - "iri": "https://spdx.org/rdf/3.0.1/terms/AI" - }, - { - "py/object": "spec_parser.model.Namespace", - "classes": {}, - "properties": {}, - "vocabularies": {}, - "individuals": {}, - "datatypes": {}, "license": "Community-Spec-1.0", - "name": "Licensing", - "summary": "The Licensing Profile defines a minimum set of license information to\nfacilitate compliance with typical license use cases.", - "description": "The Licensing profile only contains the additional requirement that any\nSoftware Artifact must have a `Relationship` of type `hasConcludedLicense`.\n\nClasses and Property restrictions are defined in the `SimpleLicensingProfile`\n(Classes and Properties associated with\n[license expression strings](../../annexes/SPDX-license-expressions.md))\nand in the `ExpandedLicensingProfile` (Classes and Properties used for a\nfully parsed syntax tree of license expressions).\n\nThere are 2 relationship types related to licensing - `hasDeclaredLicense` and\n`hasConcludedLicense`.\n\nIf the `hasConcludedLicense` for a Software Artifact is not the same as its\n`hasDeclaredLicense`, a written explanation SHOULD be provided in the\n`hasConcludedLicense` relationship `comment` field.\n\nA written explanation of a relationship to a `NoAssertionLicense` MAY be\nprovided in the `comment` field for the relationship.\n\n***hasDeclaredLicense***\n\nA hasDeclaredLicense identifies the license information actually found in the\nSoftware Artifact, for example as detected by use of automated tooling.\n\nThis field is not intended to capture license information obtained from an\nexternal source, such as a package's website. Such information can be\nincluded, as needed, in the hasConcludedLicense field.\n\nA hasDeclaredLicense may be expressed differently in practice for different\ntypes of Software Artifacts. For example:\n\nfor Packages:\n\n- would include license info for the Package as a\n whole, found in the Package itself (e.g., LICENSE file,\n README file, metadata in the Package, etc.)\n- would not include any license information that is not in the Package\n itself (e.g., license information from the project's website or from a\n third party repository or website)\n\nfor Files:\n\n- would include license info found in the File itself (e.g., license\n header or notice, comments indicating the license, SPDX-License-Identifier\n expression)\n- would not include license info found in a different file (e.g., LICENSE\n file in the top directory of a repository)\n\nfor Snippets:\n\n- would include license info found in the Snippet itself (e.g., license\n notice, comments, SPDX-License-Identifier expression)\n- would not include license info found elsewhere in the File or in a\n different File (e.g., comment at top of File if it is not within the\n Snippet, LICENSE file in the top directory of a repository)\n\nA hasDeclaredLicense relationship to NoneLicense indicates that the\ncorresponding Package, File or Snippet contains no license information\nwhatsoever.\n\nA hasDeclaredLicense relationship to NoAssertionLicense\nindicates that one of the following applies:\n\n- the SPDX data creator has attempted to but cannot reach a reasonable\n objective determination;\n- the SPDX data creator has made no attempt to determine this field; or\n- the SPDX data creator has intentionally provided no information (no meaning\n should be implied by doing so).\n \nIf a hasDeclaredLicense relationship is not present, no assumptions can be made\nabout whether or not a hasDeclaredLicense exists.\n\nNote that a missing hasDeclaredLicense is not the same as a relationship to\nNoAssertionLicense since the latter is a \"known unknown\" whereas no assumptions\ncan be made from a missing hasDeclaredLicense relationship.\n\n***hasConcludedLicense***\n\nA hasConcludedLicense is the license identified by the SPDX data creator,\nbased on analyzing the license information in the Software Artifact\nand other information to arrive at a reasonably objective\nconclusion as to what license governs the Software Artifact.\n\nA hasConcludedLicense relationship to NoneLicense indicates that the\nSPDX data creator has looked and did not find any license information for this\nSoftware Artifact.\n\nA hasConcludedLicense relationship to NoAssertionLicense\nindicates that one of the following applies:\n\n- the SPDX data creator has attempted to but cannot reach a reasonable\n objective determination;\n- the SPDX data creator has made no attempt to determine this field; or\n- the SPDX data creator has intentionally provided no information (no\n meaning should be implied by doing so).\n\nIf a hasConcludedLicense is not present, no assumptions can be made\nabout whether or not a hasConcludedLicense exists.\n\nNote that a missing hasConcludedLicense is not the same as a relationship to a\nNoAssertionLicense since the latter is a \"known unknown\" whereas no assumptions\ncan be made from a missing hasConcludedLicense relationship.", + "name": "Core", + "summary": "The basis for all SPDX profiles.", + "description": "The Core namespace defines foundational concepts serving as the basis for all\nSPDX-3.0 profiles.", "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/Licensing", - "name": "Licensing" + "id": "https://spdx.org/rdf/3.0.1/terms/Core", + "name": "Core" }, - "conformance": "For an element collection to be conformant with this profile,\nthe following has to hold:\n\n1. for every `/Software/SoftwareArtifact` there MUST exist exactly one\n `/Core/Relationship` of type `hasConcludedLicense` having that element as\n its `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.", - "iri": "https://spdx.org/rdf/3.0.1/terms/Licensing" + "conformance": null, + "iri": "https://spdx.org/rdf/3.0.1/terms/Core" }, { "py/object": "spec_parser.model.Namespace", @@ -10439,7 +10229,7 @@ "/Dataset/DatasetPackage": { "py/object": "spec_parser.model.Class", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", "name": "DatasetPackage", @@ -10882,42 +10672,122 @@ } }, "properties": { - "/Dataset/anonymizationMethodUsed": { + "/Dataset/hasSensitivePersonalInformation": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", - "name": "anonymizationMethodUsed", - "fqname": "/Dataset/anonymizationMethodUsed", - "summary": "Describes the anonymization methods used.", - "description": "A free-form text that describes the methods used to anonymize the dataset (of fields in the dataset).", + "name": "hasSensitivePersonalInformation", + "fqname": "/Dataset/hasSensitivePersonalInformation", + "summary": "Describes if any sensitive personal information is present in the dataset.", + "description": "Indicates the presence of sensitive personal data\nor information that allows drawing conclusions about a person's identity.\n\nRelated: `useSensitivePersonalInformation` in `/AI/AIPackage`", "metadata": { - "name": "anonymizationMethodUsed", + "name": "hasSensitivePersonalInformation", + "Nature": "ObjectProperty", + "Range": "/Core/PresenceType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation", + "used_in": [ + "/Dataset/DatasetPackage" + ] + }, + "/Dataset/datasetUpdateMechanism": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1536 + }, + "license": "Community-Spec-1.0", + "name": "datasetUpdateMechanism", + "fqname": "/Dataset/datasetUpdateMechanism", + "summary": "Describes a mechanism to update the dataset.", + "description": "A free-form text that describes a mechanism to update the dataset.", + "metadata": { + "name": "datasetUpdateMechanism", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed", + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism", "used_in": [ "/Dataset/DatasetPackage" ] }, - "/Dataset/hasSensitivePersonalInformation": { + "/Dataset/datasetAvailability": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", - "name": "hasSensitivePersonalInformation", - "fqname": "/Dataset/hasSensitivePersonalInformation", - "summary": "Describes if any sensitive personal information is present in the dataset.", - "description": "Indicates the presence of sensitive personal data\nor information that allows drawing conclusions about a person's identity.\n\nRelated: `useSensitivePersonalInformation` in `/AI/AIPackage`", + "name": "datasetAvailability", + "fqname": "/Dataset/datasetAvailability", + "summary": "The field describes the availability of a dataset.", + "description": "Some datasets are publicly available and can be downloaded directly. Others are only accessible behind a clickthrough, or after filling a registration form. This field will describe the dataset availability from that perspective.", "metadata": { - "name": "hasSensitivePersonalInformation", + "name": "datasetAvailability", "Nature": "ObjectProperty", - "Range": "/Core/PresenceType" + "Range": "DatasetAvailabilityType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation", + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability", + "used_in": [ + "/Dataset/DatasetPackage" + ] + }, + "/Dataset/datasetNoise": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1536 + }, + "license": "Community-Spec-1.0", + "name": "datasetNoise", + "fqname": "/Dataset/datasetNoise", + "summary": "Describes potentially noisy elements of the dataset.", + "description": "Describes what kinds of noises a dataset might encompass.\n\nThe free-form text specifies fields or samples that might be noisy.\n\nAlternatively, it can also be used to describe various noises that could impact the whole dataset.", + "metadata": { + "name": "datasetNoise", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise", + "used_in": [ + "/Dataset/DatasetPackage" + ] + }, + "/Dataset/dataPreprocessing": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1536 + }, + "license": "Community-Spec-1.0", + "name": "dataPreprocessing", + "fqname": "/Dataset/dataPreprocessing", + "summary": "Describes the preprocessing steps that were applied to the raw data to create the given dataset.", + "description": "A free-form text that describes the various preprocessing steps\nthat were applied to the raw data to create the dataset.\n\nExamples include standardization, normalization, deduplication, tokenization, and removal of tokens.", + "metadata": { + "name": "dataPreprocessing", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing", + "used_in": [ + "/Dataset/DatasetPackage" + ] + }, + "/Dataset/anonymizationMethodUsed": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1536 + }, + "license": "Community-Spec-1.0", + "name": "anonymizationMethodUsed", + "fqname": "/Dataset/anonymizationMethodUsed", + "summary": "Describes the anonymization methods used.", + "description": "A free-form text that describes the methods used to anonymize the dataset (of fields in the dataset).", + "metadata": { + "name": "anonymizationMethodUsed", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed", "used_in": [ "/Dataset/DatasetPackage" ] @@ -10925,7 +10795,7 @@ "/Dataset/sensor": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", "name": "sensor", @@ -10942,22 +10812,22 @@ "/Dataset/DatasetPackage" ] }, - "/Dataset/datasetAvailability": { + "/Dataset/intendedUse": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", - "name": "datasetAvailability", - "fqname": "/Dataset/datasetAvailability", - "summary": "The field describes the availability of a dataset.", - "description": "Some datasets are publicly available and can be downloaded directly. Others are only accessible behind a clickthrough, or after filling a registration form. This field will describe the dataset availability from that perspective.", - "metadata": { - "name": "datasetAvailability", - "Nature": "ObjectProperty", - "Range": "DatasetAvailabilityType" + "name": "intendedUse", + "fqname": "/Dataset/intendedUse", + "summary": "Describes what the given dataset should be used for.", + "description": "A free-form text that describes what the given dataset should be used for.\n\nSome datasets are collected to be used only for particular purposes.\n\nFor example, medical data collected from a specific demography might only be applicable\nfor training machine learning models to make predictions for that demography.\nIn such a case, the intendedUse field would capture this information.\nSimilarly, if a dataset is collected for building a facial recognition model,\nthe intendedUse field would specify that.", + "metadata": { + "name": "intendedUse", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability", + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse", "used_in": [ "/Dataset/DatasetPackage" ] @@ -10965,7 +10835,7 @@ "/Dataset/knownBias": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", "name": "knownBias", @@ -10982,22 +10852,42 @@ "/Dataset/DatasetPackage" ] }, - "/Dataset/dataPreprocessing": { + "/Dataset/dataCollectionProcess": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", - "name": "dataPreprocessing", - "fqname": "/Dataset/dataPreprocessing", - "summary": "Describes the preprocessing steps that were applied to the raw data to create the given dataset.", - "description": "A free-form text that describes the various preprocessing steps\nthat were applied to the raw data to create the dataset.\n\nExamples include standardization, normalization, deduplication, tokenization, and removal of tokens.", + "name": "dataCollectionProcess", + "fqname": "/Dataset/dataCollectionProcess", + "summary": "Describes how the dataset was collected.", + "description": "A free-form text that describes how a dataset was collected.\n\nExamples include the sources from which a dataset was scrapped and\nthe interview protocol that was used for data collection.", "metadata": { - "name": "dataPreprocessing", + "name": "dataCollectionProcess", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing", + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess", + "used_in": [ + "/Dataset/DatasetPackage" + ] + }, + "/Dataset/datasetType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1536 + }, + "license": "Community-Spec-1.0", + "name": "datasetType", + "fqname": "/Dataset/datasetType", + "summary": "Describes the type of the given dataset.", + "description": "Describes the datatype contained in the dataset.\n\nFor example, a dataset can be an image dataset for computer vision applications, a text dataset such as the contents of a book or Wikipedia article, or sometimes a multimodal dataset that contains multiple types of data.", + "metadata": { + "name": "datasetType", + "Nature": "ObjectProperty", + "Range": "DatasetType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType", "used_in": [ "/Dataset/DatasetPackage" ] @@ -11005,7 +10895,7 @@ "/Dataset/datasetSize": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", "name": "datasetSize", @@ -11022,262 +10912,379 @@ "/Dataset/DatasetPackage" ] }, - "/Dataset/intendedUse": { + "/Dataset/confidentialityLevel": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", - "name": "intendedUse", - "fqname": "/Dataset/intendedUse", - "summary": "Describes what the given dataset should be used for.", - "description": "A free-form text that describes what the given dataset should be used for.\n\nSome datasets are collected to be used only for particular purposes.\n\nFor example, medical data collected from a specific demography might only be applicable\nfor training machine learning models to make predictions for that demography.\nIn such a case, the intendedUse field would capture this information.\nSimilarly, if a dataset is collected for building a facial recognition model,\nthe intendedUse field would specify that.", + "name": "confidentialityLevel", + "fqname": "/Dataset/confidentialityLevel", + "summary": "Describes the confidentiality level of the data points contained in the dataset.", + "description": "Describes the levels of confidentiality of the data points contained in the dataset.", "metadata": { - "name": "intendedUse", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "confidentialityLevel", + "Nature": "ObjectProperty", + "Range": "ConfidentialityLevelType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse", + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel", "used_in": [ "/Dataset/DatasetPackage" ] + } + }, + "vocabularies": { + "/Dataset/DatasetAvailabilityType": { + "py/object": "spec_parser.model.Vocabulary", + "ns": { + "py/id": 1536 + }, + "license": "Community-Spec-1.0", + "name": "DatasetAvailabilityType", + "fqname": "/Dataset/DatasetAvailabilityType", + "summary": "Availability of dataset.", + "description": "Describes the possible types of availability of a dataset, indicating whether\nthe dataset can be directly downloaded, can be assembled using a script for\nscraping the data, is only available after a clickthrough or a registration\nform.", + "metadata": { + "name": "DatasetAvailabilityType" + }, + "entries": { + "clickthrough": "the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage.", + "directDownload": "the dataset is publicly available and can be downloaded directly.", + "query": "the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset.", + "registration": "the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms.", + "scrapingScript": "the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" }, - "/Dataset/dataCollectionProcess": { - "py/object": "spec_parser.model.Property", + "/Dataset/ConfidentialityLevelType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", - "name": "dataCollectionProcess", - "fqname": "/Dataset/dataCollectionProcess", - "summary": "Describes how the dataset was collected.", - "description": "A free-form text that describes how a dataset was collected.\n\nExamples include the sources from which a dataset was scrapped and\nthe interview protocol that was used for data collection.", + "name": "ConfidentialityLevelType", + "fqname": "/Dataset/ConfidentialityLevelType", + "summary": "Categories of confidentiality level.", + "description": "Describes the different confidentiality levels as given by the\n[Traffic Light Protocol](https://en.wikipedia.org/wiki/Traffic_Light_Protocol).", "metadata": { - "name": "dataCollectionProcess", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "ConfidentialityLevelType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess", - "used_in": [ - "/Dataset/DatasetPackage" - ] + "entries": { + "red": "Data points in the dataset are highly confidential and can only be shared with named recipients.", + "amber": "Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis.", + "green": "Dataset can be shared within a community of peers and partners.", + "clear": "Dataset may be distributed freely, without restriction." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" }, - "/Dataset/datasetNoise": { - "py/object": "spec_parser.model.Property", + "/Dataset/DatasetType": { + "py/object": "spec_parser.model.Vocabulary", "ns": { - "py/id": 1583 + "py/id": 1536 }, "license": "Community-Spec-1.0", - "name": "datasetNoise", - "fqname": "/Dataset/datasetNoise", - "summary": "Describes potentially noisy elements of the dataset.", - "description": "Describes what kinds of noises a dataset might encompass.\n\nThe free-form text specifies fields or samples that might be noisy.\n\nAlternatively, it can also be used to describe various noises that could impact the whole dataset.", + "name": "DatasetType", + "fqname": "/Dataset/DatasetType", + "summary": "Enumeration of dataset types.", + "description": "Describes the different structures of data within a given dataset. A dataset\ncan have multiple types of data, or even a single type of data but still match\nmultiple types, for example sensor data could also be timeseries or labeled\nimage data could also be considered categorical.", + "metadata": { + "name": "DatasetType" + }, + "entries": { + "audio": "data is audio based, such as a collection of music from the 80s.", + "categorical": "data that is classified into a discrete number of categories, such as the eye color of a population of people.", + "graph": "data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends.", + "image": "data is a collection of images such as pictures of animals.", + "noAssertion": "data type is not known.", + "numeric": "data consists only of numeric entries.", + "other": "data is of a type not included in this list.", + "sensor": "data is recorded from a physical sensor, such as a thermometer reading or biometric device.", + "structured": "data is stored in tabular format or retrieved from a relational database.", + "syntactic": "data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing.", + "text": "data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript.", + "timeseries": "data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day.", + "timestamp": "data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends.", + "video": "data is video based, such as a collection of movie clips featuring Tom Hanks." + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + } + }, + "individuals": {}, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "Dataset", + "summary": "The Dataset Profile provides additional metadata, based on Software Profile,\nthat is useful for datasets.", + "description": "The Dataset namespace defines concepts related to dataset, including its\npreparation process, its characteristics, and its access methods.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/Dataset", + "name": "Dataset" + }, + "conformance": "For an element collection to be conformant with this profile,\nthe following has to hold:\n\n1. for every `/Dataset/DatasetPackage` there MUST exist exactly one\n `/Core/Relationship` of type `hasConcludedLicense` having that element as its\n `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.\n2. for every `/Dataset/DatasetPackage` there MUST exist exactly one\n `/Core/Relationship` of type `hasDeclaredLicense` having that element as its\n `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.", + "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": { + "/Extension/CdxPropertiesExtension": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 1655 + }, + "license": "Community-Spec-1.0", + "name": "CdxPropertiesExtension", + "fqname": "/Extension/CdxPropertiesExtension", + "summary": "A type of extension consisting of a list of name value pairs.", + "description": "This extension provides a more structured extension using a name-value\napproach.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.\n\nThis is intended to be compatible with the CycloneDX property `properties`.", + "metadata": { + "name": "CdxPropertiesExtension", + "SubclassOf": "Extension", + "Instantiability": "Concrete" + }, + "properties": { + "cdxProperty": { + "type": "CdxPropertyEntry", + "minCount": "1", + "fqname": "/Extension/cdxProperty", + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension", + "fqsupercname": "/Extension/Extension", + "inheritance_stack": [ + "/Extension/Extension" + ], + "all_properties": { + "cdxProperty": { + "type": "CdxPropertyEntry", + "minCount": "1", + "fqname": "/Extension/cdxProperty", + "maxCount": "*", + "fullname": "/Extension/cdxProperty", + "fulltype": "/Extension/CdxPropertyEntry" + } + } + }, + "/Extension/CdxPropertyEntry": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 1655 + }, + "license": "Community-Spec-1.0", + "name": "CdxPropertyEntry", + "fqname": "/Extension/CdxPropertyEntry", + "summary": "A property name with an associated value.", + "description": "Each CdxPropertyEntry contains a name-value pair which maps the name to its\nassociated value.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.\n\nThis class can be used to implement CycloneDX compatible properties.", + "metadata": { + "name": "CdxPropertyEntry", + "Instantiability": "Concrete" + }, + "properties": { + "cdxPropName": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Extension/cdxPropName" + }, + "cdxPropValue": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Extension/cdxPropValue", + "minCount": 0 + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": { + "cdxPropName": { + "type": "xsd:string", + "minCount": "1", + "maxCount": "1", + "fqname": "/Extension/cdxPropName", + "fullname": "/Extension/cdxPropName", + "fulltype": "xsd:string" + }, + "cdxPropValue": { + "type": "xsd:string", + "maxCount": "1", + "fqname": "/Extension/cdxPropValue", + "minCount": 0, + "fullname": "/Extension/cdxPropValue", + "fulltype": "xsd:string" + } + } + }, + "/Extension/Extension": { + "py/object": "spec_parser.model.Class", + "ns": { + "py/id": 1655 + }, + "license": "Community-Spec-1.0", + "name": "Extension", + "fqname": "/Extension/Extension", + "summary": "A characterization of some aspect of an Element that is associated with the Element in a generalized fashion.", + "description": "An Extension is a characterization of some aspect of an Element that is associated with the Element in a generalized fashion.\n\nRather than being associated with a particular Element through the typical use of a purpose-specific object property an Extension is associated with the Element it characterizes using a single common generalized object property.\n\nThis approach serves multiple purposes:\n\n1. **Support profile-based extended characterization of Elements.** Enables specification and expression of Element characterization extensions within any profile and namespace of SPDX without requiring changes to other profiles or namespaces and without requiring local subclassing of remote classes (which could inhibit ecosystem interoperability in some cases).\n\n2. **Support extension of SPDX by adopting individuals or communities with Element characterization details uniquely specialized to their particular context.** Enables adopting individuals or communities to utilize SPDX expressive capabilities along with expressing more arcane Element characterization details specific to them and not appropriate for standardization across SPDX.\n\n3. **Support structured capture of expressive solutions for gaps in SPDX coverage from real-world use.** Enables adopting individuals or communities to express Element characterization details they require that are not currently defined in SPDX but likely should be. Enables a practical pipeline that\n\n - identifies gaps in SPDX that should be filled,\n - expresses solutions to those gaps in a way that allows the identifying adopters to use the extended solutions with SPDX and does not conflict with current SPDX,\n - can be clearly detected among the SPDX content exchange ecosystem,\n - provides a clear and structured definition of gap solution that can be used as submission for revision to SPDX standard", "metadata": { - "name": "datasetNoise", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "Extension", + "Instantiability": "Abstract" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise", - "used_in": [ - "/Dataset/DatasetPackage" - ] - }, - "/Dataset/datasetUpdateMechanism": { + "properties": {}, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension", + "fqsupercname": null, + "inheritance_stack": [], + "all_properties": {} + } + }, + "properties": { + "/Extension/cdxPropName": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1655 }, "license": "Community-Spec-1.0", - "name": "datasetUpdateMechanism", - "fqname": "/Dataset/datasetUpdateMechanism", - "summary": "Describes a mechanism to update the dataset.", - "description": "A free-form text that describes a mechanism to update the dataset.", + "name": "cdxPropName", + "fqname": "/Extension/cdxPropName", + "summary": "A name used in a CdxExtension name-value pair.", + "description": "A cdxPropName is used in a CdxExtension name-value pair.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.", "metadata": { - "name": "datasetUpdateMechanism", + "name": "cdxPropName", "Nature": "DataProperty", "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism", + "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName", "used_in": [ - "/Dataset/DatasetPackage" + "/Extension/CdxPropertyEntry" ] }, - "/Dataset/datasetType": { + "/Extension/cdxProperty": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1655 }, "license": "Community-Spec-1.0", - "name": "datasetType", - "fqname": "/Dataset/datasetType", - "summary": "Describes the type of the given dataset.", - "description": "Describes the datatype contained in the dataset.\n\nFor example, a dataset can be an image dataset for computer vision applications, a text dataset such as the contents of a book or Wikipedia article, or sometimes a multimodal dataset that contains multiple types of data.", + "name": "cdxProperty", + "fqname": "/Extension/cdxProperty", + "summary": "Provides a map of a property names to a values.", + "description": "This field provides a mapping of a name to a value.\n\nThis is intended to be compatible with the CycloneDX property \"properties\".\n\nUnlike key-value stores, properties support duplicate names, each potentially\nhaving different values.", "metadata": { - "name": "datasetType", + "name": "cdxProperty", "Nature": "ObjectProperty", - "Range": "DatasetType" + "Range": "CdxPropertyEntry" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType", + "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty", "used_in": [ - "/Dataset/DatasetPackage" + "/Extension/CdxPropertiesExtension" ] }, - "/Dataset/confidentialityLevel": { + "/Extension/cdxPropValue": { "py/object": "spec_parser.model.Property", "ns": { - "py/id": 1583 + "py/id": 1655 }, "license": "Community-Spec-1.0", - "name": "confidentialityLevel", - "fqname": "/Dataset/confidentialityLevel", - "summary": "Describes the confidentiality level of the data points contained in the dataset.", - "description": "Describes the levels of confidentiality of the data points contained in the dataset.", + "name": "cdxPropValue", + "fqname": "/Extension/cdxPropValue", + "summary": "A value used in a CdxExtension name-value pair.", + "description": "A cdxPropValue is used in a CdxExtension name-value pair.\n\nUnlike key-value stores, cdxProperties support duplicate names, each\npotentially having different values.", "metadata": { - "name": "confidentialityLevel", - "Nature": "ObjectProperty", - "Range": "ConfidentialityLevelType" + "name": "cdxPropValue", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel", + "iri": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue", "used_in": [ - "/Dataset/DatasetPackage" + "/Extension/CdxPropertyEntry" ] } }, - "vocabularies": { - "/Dataset/DatasetType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 1583 - }, - "license": "Community-Spec-1.0", - "name": "DatasetType", - "fqname": "/Dataset/DatasetType", - "summary": "Enumeration of dataset types.", - "description": "Describes the different structures of data within a given dataset. A dataset\ncan have multiple types of data, or even a single type of data but still match\nmultiple types, for example sensor data could also be timeseries or labeled\nimage data could also be considered categorical.", - "metadata": { - "name": "DatasetType" - }, - "entries": { - "audio": "data is audio based, such as a collection of music from the 80s.", - "categorical": "data that is classified into a discrete number of categories, such as the eye color of a population of people.", - "graph": "data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends.", - "image": "data is a collection of images such as pictures of animals.", - "noAssertion": "data type is not known.", - "numeric": "data consists only of numeric entries.", - "other": "data is of a type not included in this list.", - "sensor": "data is recorded from a physical sensor, such as a thermometer reading or biometric device.", - "structured": "data is stored in tabular format or retrieved from a relational database.", - "syntactic": "data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing.", - "text": "data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript.", - "timeseries": "data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day.", - "timestamp": "data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends.", - "video": "data is video based, such as a collection of movie clips featuring Tom Hanks." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" - }, - "/Dataset/DatasetAvailabilityType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 1583 - }, - "license": "Community-Spec-1.0", - "name": "DatasetAvailabilityType", - "fqname": "/Dataset/DatasetAvailabilityType", - "summary": "Availability of dataset.", - "description": "Describes the possible types of availability of a dataset, indicating whether\nthe dataset can be directly downloaded, can be assembled using a script for\nscraping the data, is only available after a clickthrough or a registration\nform.", - "metadata": { - "name": "DatasetAvailabilityType" - }, - "entries": { - "clickthrough": "the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage.", - "directDownload": "the dataset is publicly available and can be downloaded directly.", - "query": "the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset.", - "registration": "the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms.", - "scrapingScript": "the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" - }, - "/Dataset/ConfidentialityLevelType": { - "py/object": "spec_parser.model.Vocabulary", - "ns": { - "py/id": 1583 - }, - "license": "Community-Spec-1.0", - "name": "ConfidentialityLevelType", - "fqname": "/Dataset/ConfidentialityLevelType", - "summary": "Categories of confidentiality level.", - "description": "Describes the different confidentiality levels as given by the\n[Traffic Light Protocol](https://en.wikipedia.org/wiki/Traffic_Light_Protocol).", - "metadata": { - "name": "ConfidentialityLevelType" - }, - "entries": { - "red": "Data points in the dataset are highly confidential and can only be shared with named recipients.", - "amber": "Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis.", - "green": "Dataset can be shared within a community of peers and partners.", - "clear": "Dataset may be distributed freely, without restriction." - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" - } + "vocabularies": {}, + "individuals": {}, + "datatypes": {}, + "license": "Community-Spec-1.0", + "name": "Extension", + "summary": "Everything having to do with SPDX extensions.", + "description": "The Extension namespace defines the abstract Extension class serving as the\nbase for all defined extension subclasses.", + "metadata": { + "id": "https://spdx.org/rdf/3.0.1/terms/Extension", + "name": "Extension" }, + "conformance": null, + "iri": "https://spdx.org/rdf/3.0.1/terms/Extension" + }, + { + "py/object": "spec_parser.model.Namespace", + "classes": {}, + "properties": {}, + "vocabularies": {}, "individuals": {}, "datatypes": {}, "license": "Community-Spec-1.0", - "name": "Dataset", - "summary": "The Dataset Profile provides additional metadata, based on Software Profile,\nthat is useful for datasets.", - "description": "The Dataset namespace defines concepts related to dataset, including its\npreparation process, its characteristics, and its access methods.", + "name": "Lite", + "summary": "The SPDX Lite profile defines a subset of the SPDX specification, from the\npoint of view of use cases in some industries. SPDX Lite aims at the balance\nbetween the SPDX standard and actual workflows in some industries.", + "description": "The SPDX Lite profile consists of mandatory fields from the Document Creation\nand Package Information sections and other basic information.\n\nThe mandatory part of the Package information in SPDX Lite is basic but useful\nfor complying with licenses. It is easy to understand licensing information by\nreading an SPDX Lite file. It is easy to create manually an SPDX Lite file by\nanyone who does not have enough knowledge about licensing information, so that\ntools are not necessarily required to create an SPDX Lite file.\n\nSPDX Lite has affinity with SPDX tools due to its containing the mandatory part\nof the Document Creation and Package Information in the SPDX Lite definition.\n\nAn SPDX Lite document can be used in parallel with SPDX documents in software\nsupply chains.", "metadata": { - "id": "https://spdx.org/rdf/3.0.1/terms/Dataset", - "name": "Dataset" + "id": "https://spdx.org/rdf/3.0.1/terms/Lite", + "name": "Lite" }, - "conformance": "For an element collection to be conformant with this profile,\nthe following has to hold:\n\n1. for every `/Dataset/DatasetPackage` there MUST exist exactly one\n `/Core/Relationship` of type `hasConcludedLicense` having that element as its\n `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.\n2. for every `/Dataset/DatasetPackage` there MUST exist exactly one\n `/Core/Relationship` of type `hasDeclaredLicense` having that element as its\n `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.", - "iri": "https://spdx.org/rdf/3.0.1/terms/Dataset" + "conformance": "In addition to the following, please refer to the Annex for elements defined in\nother profiles that should be included as part of the Lite profile.\n\nFor a /Software/Package to be conformant with this profile,\nthe following has to hold:\n\n1. The mincount for `/Core/Element/name` is 1\n1. The mincount for `/Software/Package/packageVersion` is 1\n1. The mincount for `/Software/SoftwareArtifact/copyrightText` is 1\n1. for every `/Software/Package` there MUST exist exactly one\n `/Core/Relationship` of type `hasConcludedLicense` having that element as\n its `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.\n1. for every `/Software/Package` there MUST exist exactly one\n `/Core/Relationship` of type `hasDeclaredLicense` having that element as its\n `from` property and an `/SimpleLicensing/AnyLicenseInfo` as its `to`\n property.", + "iri": "https://spdx.org/rdf/3.0.1/terms/Lite" }, { "py/object": "spec_parser.model.Namespace", "classes": { - "/Security/Vulnerability": { + "/Security/VexUnderInvestigationVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "Vulnerability", - "fqname": "/Security/Vulnerability", - "summary": "Specifies a vulnerability and its associated information.", - "description": "Specifies a vulnerability and its associated information.\n\n**Syntax**\n\n```json\n{\n \"type\": \"Vulnerability\",\n \"spdxId\": \"urn:spdx.dev:vuln-1\",\n \"summary\": \"Use of a Broken or Risky Cryptographic Algorithm\",\n \"description\": \"The npm package `elliptic` before version 6.5.4 are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. There is no check to confirm that the public key point passed into the derive function actually exists on the secp256k1 curve. This results in the potential for the private key used in this implementation to be revealed after a number of ECDH operations are performed.\", \n \"modifiedTime\": \"2021-03-08T16:06:43Z\",\n \"publishedTime\": \"2021-03-08T16:02:50Z\",\n \"externalIdentifier\": [\n {\n \"type\": \"ExternalIdentifier\",\n \"externalIdentifierType\": \"cve\",\n \"identifier\": \"CVE-2020-2849\",\n \"identifierLocator\": [\n \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28498\",\n \"https://www.cve.org/CVERecord?id=CVE-2020-28498\"\n ],\n \"issuingAuthority\": \"urn:spdx.dev:agent-cve.org\"\n },\n {\n \"type\": \"ExternalIdentifier\",\n \"externalIdentifierType\": \"securityOther\",\n \"identifier\": \"GHSA-r9p9-mrjm-926w\",\n \"identifierLocator\": \"https://github.com/advisories/GHSA-r9p9-mrjm-926w\"\n },\n {\n \"type\": \"ExternalIdentifier\",\n \"externalIdentifierType\": \"securityOther\",\n \"identifier\": \"SNYK-JS-ELLIPTIC-1064899\",\n \"identifierLocator\": \"https://security.snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899\"\n }\n ],\n \"externalRef\": [\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://ubuntu.com/security/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityOther\",\n \"locator\": \"https://github.com/indutny/elliptic/pull/244/commits\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityOther\",\n \"locator\": \"https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md\"\n }\n ]\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnRelationship-1\",\n \"relationshipType\": \"hasAssociatedVulnerability\",\n \"from\": \"urn:npm-elliptic-6.5.2\",\n \"to\": [\"urn:spdx.dev:vuln-1\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\", \n \"relationshipType\": \"publishedBy\", \n \"from\": \"urn:spdx.dev:vuln-1\",\n \"to\": [\"urn:spdx.dev:agent-snyk\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n}\n```", + "name": "VexUnderInvestigationVulnAssessmentRelationship", + "fqname": "/Security/VexUnderInvestigationVulnAssessmentRelationship", + "summary": "Designates elements as products where the impact of a vulnerability is being\ninvestigated.", + "description": "VexUnderInvestigationVulnAssessmentRelationship links a vulnerability to a\nnumber of products stating the vulnerability's impact on them is being\ninvestigated. It represents the VEX under_investigation status.\n\n**Constraints**\n\nWhen linking elements using a VexUnderInvestigationVulnAssessmentRelationship\nthe following requirements must be observed:\n\n- Elements linked with a VexUnderInvestigationVulnAssessmentRelationship are\n constrained to using the underInvestigationFor relationship type.\n- The from: end of the relationship must ve a /Security/Vulnerability classed\n element.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexUnderInvestigationVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-underInvestigation-1\",\n \"relationshipType\": \"underInvestigationFor\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", "metadata": { - "name": "Vulnerability", - "SubclassOf": "/Core/Artifact", + "name": "VexUnderInvestigationVulnAssessmentRelationship", + "SubclassOf": "VexVulnAssessmentRelationship", "Instantiability": "Concrete" }, - "properties": { - "publishedTime": { - "type": "/Core/DateTime", + "properties": {}, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship", + "fqsupercname": "/Security/VexVulnAssessmentRelationship", + "inheritance_stack": [ + "/Security/VexVulnAssessmentRelationship", + "/Security/VulnAssessmentRelationship", + "/Core/Relationship", + "/Core/Element" + ], + "all_properties": { + "vexVersion": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Security/publishedTime" + "fqname": "/Security/vexVersion", + "fullname": "/Security/vexVersion", + "fulltype": "xsd:string" }, - "modifiedTime": { - "type": "/Core/DateTime", + "statusNotes": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Security/modifiedTime" + "fqname": "/Security/statusNotes", + "fullname": "/Security/statusNotes", + "fulltype": "xsd:string" }, - "withdrawnTime": { - "type": "/Core/DateTime", + "assessedElement": { + "type": "/Core/Element", "minCount": "0", "maxCount": "1", - "fqname": "/Security/withdrawnTime" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability", - "fqsupercname": "/Core/Artifact", - "inheritance_stack": [ - "/Core/Artifact", - "/Core/Element" - ], - "all_properties": { + "fqname": "/Security/assessedElement", + "fullname": "/Security/assessedElement", + "fulltype": "/Core/Element" + }, "publishedTime": { "type": "/Core/DateTime", "minCount": "0", @@ -11286,6 +11293,14 @@ "fullname": "/Security/publishedTime", "fulltype": "/Core/DateTime" }, + "suppliedBy": { + "type": "/Core/Agent", + "minCount": "0", + "maxCount": "1", + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" + }, "modifiedTime": { "type": "/Core/DateTime", "minCount": "0", @@ -11302,62 +11317,54 @@ "fullname": "/Security/withdrawnTime", "fulltype": "/Core/DateTime" }, - "originatedBy": { - "type": "Agent", - "minCount": "0", - "fqname": "/Core/originatedBy", + "from": { + "type": "Element", + "minCount": "1", + "maxCount": "1", + "fqname": "/Core/from", + "fullname": "/Core/from", + "fulltype": "/Core/Element" + }, + "to": { + "type": "Element", + "minCount": "1", + "fqname": "/Core/to", "maxCount": "*", - "fullname": "/Core/originatedBy", - "fulltype": "/Core/Agent" + "fullname": "/Core/to", + "fulltype": "/Core/Element" }, - "suppliedBy": { - "type": "Agent", - "minCount": "0", + "relationshipType": { + "type": "RelationshipType", + "minCount": "1", "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" + "fqname": "/Core/relationshipType", + "fullname": "/Core/relationshipType", + "fulltype": "/Core/RelationshipType" }, - "builtTime": { - "type": "DateTime", + "completeness": { + "type": "RelationshipCompleteness", "minCount": "0", "maxCount": "1", - "fqname": "/Core/builtTime", - "fullname": "/Core/builtTime", - "fulltype": "/Core/DateTime" + "fqname": "/Core/completeness", + "fullname": "/Core/completeness", + "fulltype": "/Core/RelationshipCompleteness" }, - "releaseTime": { + "startTime": { "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Core/releaseTime", - "fullname": "/Core/releaseTime", + "fqname": "/Core/startTime", + "fullname": "/Core/startTime", "fulltype": "/Core/DateTime" }, - "validUntilTime": { + "endTime": { "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Core/validUntilTime", - "fullname": "/Core/validUntilTime", + "fqname": "/Core/endTime", + "fullname": "/Core/endTime", "fulltype": "/Core/DateTime" }, - "standardName": { - "type": "xsd:string", - "minCount": "0", - "fqname": "/Core/standardName", - "maxCount": "*", - "fullname": "/Core/standardName", - "fulltype": "xsd:string" - }, - "supportLevel": { - "type": "SupportType", - "minCount": "0", - "fqname": "/Core/supportLevel", - "maxCount": "*", - "fullname": "/Core/supportLevel", - "fulltype": "/Core/SupportType" - }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -11440,72 +11447,46 @@ } } }, - "/Security/CvssV4VulnAssessmentRelationship": { + "/Security/VexFixedVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "CvssV4VulnAssessmentRelationship", - "fqname": "/Security/CvssV4VulnAssessmentRelationship", - "summary": "Provides a CVSS version 4 assessment for a vulnerability.", - "description": "A CvssV4VulnAssessmentRelationship relationship describes the determined score,\nseverity, and vector of a vulnerability using version 4 of the Common\nVulnerability Scoring System (CVSS) as defined on\n.\nIt is intended to communicate the results of using a CVSS calculator.\n\n**Constraints**\n\n- The value of severity must be one of 'none', 'low', 'medium', 'high' or\n 'critical'.\n- The relationship type must be set to hasAssessmentFor.\n\n**Syntax**\n\n```json\n{\n \"type\": \"CvssV4VulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:cvssv4-cve-2021-44228\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_severity\": \"medium\",\n \"security_score\": \"10.0\",\n \"security_vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/AR:N/UI:N/VCH/VI:H/VA:H/SC:H/SI:H/SA:H/E:A\",\n \"from\": \"urn:spdx.dev:vuln-cve-2021-44228\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:apache-log4j-2.14.1\",\n \"externalRef\": [\n {\n \"@type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2021-44228\"\n },\n {\n \"@type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://logging.apache.org/log4j/2.x/security.html\"\n },\n {\n \"@type\": \"ExternalRef\",\n \"externalRefType\": \"securityOther\",\n \"locator\": \" https://www.first.org/cvss/v4.0/examples#Apache-log4j-JNDI-Command-Execution-log4shell-Vulnerability-CVE-2021-44228\"\n },\n ],\n \"suppliedBy\": [\"urn:spdx.dev:agent-my-security-vendor\"],\n \"publishedTime\": \"2023-10-05T23:09:13Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\",\n \"relationshipType\": \"publishedBy\",\n \"from\": \"urn:spdx.dev:cvssv4-cve-2021-44228\",\n \"to\": [\"urn:spdx.dev:agent-apache.org\"],\n \"startTime\": \"2021-12-11T18:39:00Z\"\n}\n```", + "name": "VexFixedVulnAssessmentRelationship", + "fqname": "/Security/VexFixedVulnAssessmentRelationship", + "summary": "Links a vulnerability and elements representing products (in the VEX sense) where\na fix has been applied and are no longer affected.", + "description": "VexFixedVulnAssessmentRelationship links a vulnerability to a number of elements\nrepresenting VEX products where a vulnerability has been fixed and are no longer\naffected. It represents the VEX fixed status.\n\n**Constraints**\n\nWhen linking elements using a VexFixedVulnAssessmentRelationship, the following\nrequirements must be observed:\n\n- Elements linked with a VulnVexFixedAssessmentRelationship are constrained to\n using the fixedIn relationship type.\n- The from: end of the relationship must ve a /Security/Vulnerability classed\n element.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexFixedVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-fixed-in-1\",\n \"relationshipType\": \"fixedIn\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.4\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", "metadata": { - "name": "CvssV4VulnAssessmentRelationship", - "SubclassOf": "VulnAssessmentRelationship", + "name": "VexFixedVulnAssessmentRelationship", + "SubclassOf": "VexVulnAssessmentRelationship", "Instantiability": "Concrete" }, - "properties": { - "score": { - "type": "xsd:decimal", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/score" - }, - "severity": { - "type": "CvssSeverityType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/severity" - }, - "vectorString": { - "type": "xsd:string", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/vectorString" - } - }, + "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship", - "fqsupercname": "/Security/VulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship", + "fqsupercname": "/Security/VexVulnAssessmentRelationship", "inheritance_stack": [ + "/Security/VexVulnAssessmentRelationship", "/Security/VulnAssessmentRelationship", "/Core/Relationship", "/Core/Element" ], "all_properties": { - "score": { - "type": "xsd:decimal", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/score", - "fullname": "/Security/score", - "fulltype": "xsd:decimal" - }, - "severity": { - "type": "CvssSeverityType", - "minCount": "1", + "vexVersion": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Security/severity", - "fullname": "/Security/severity", - "fulltype": "/Security/CvssSeverityType" + "fqname": "/Security/vexVersion", + "fullname": "/Security/vexVersion", + "fulltype": "xsd:string" }, - "vectorString": { + "statusNotes": { "type": "xsd:string", - "minCount": "1", + "minCount": "0", "maxCount": "1", - "fqname": "/Security/vectorString", - "fullname": "/Security/vectorString", + "fqname": "/Security/statusNotes", + "fullname": "/Security/statusNotes", "fulltype": "xsd:string" }, "assessedElement": { @@ -11678,43 +11659,41 @@ } } }, - "/Security/CvssV3VulnAssessmentRelationship": { + "/Security/EpssVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "CvssV3VulnAssessmentRelationship", - "fqname": "/Security/CvssV3VulnAssessmentRelationship", - "summary": "Provides a CVSS version 3 assessment for a vulnerability.", - "description": "A CvssV3VulnAssessmentRelationship relationship describes the determined score,\nseverity, and vector of a vulnerability using version\n[3.0](https://www.first.org/cvss/v3.0/specification-document) or\n[3.1](https://www.first.org/cvss/v3.1/specification-document) of the Common\nVulnerability Scoring System (CVSS).\nIt is intended to communicate the results of using a CVSS calculator.\n\n**Constraints**\n\n- The value of severity must be one of 'none', 'low', 'medium', 'high' or\n 'critical'.\n- The relationship type must be set to `hasAssessmentFor`.\n\n**Syntax**\n\n```json\n{\n \"type\": \"CvssV3VulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:cvssv3-cve-2020-28498\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_score\": \"6.8\",\n \"security_severity\": \"medium\",\n \"security_vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"externalRef\": [\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityFix\",\n \"locator\": \"https://github.com/indutny/elliptic/commit/441b742\"\n }\n ],\n \"suppliedBy\": [\"urn:spdx.dev:agent-my-security-vendor\"],\n \"publishedTime\": \"2023-05-06T10:06:13Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\",\n \"relationshipType\": \"publishedBy\",\n \"from\": \"urn:spdx.dev:cvssv3-cve-2020-28498\",\n \"to\": [\"urn:spdx.dev:agent-snyk\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n}\n```", + "name": "EpssVulnAssessmentRelationship", + "fqname": "/Security/EpssVulnAssessmentRelationship", + "summary": "Provides an EPSS assessment for a vulnerability.", + "description": "An EpssVulnAssessmentRelationship relationship describes the likelihood or\nprobability that a vulnerability will be exploited in the wild, and the\npercentile ranking of probability relative to all other vulnerabilities' EPSS\nscores, using the Exploit Prediction Scoring System (EPSS) as defined at\n.\n\n**Constraints**\n\n- The relationship type must be set to hasAssessmentFor.\n- The probability must be between 0 and 1.\n- The percentile must be between 0 and 1.\n\n**Syntax**\n\n```json\n{\n \"type\": \"EpssVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:epss-CVE-2020-28498\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_probability\": \"0.00105\",\n \"security_percentile\": \"0.42356\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2023-10-05T00:00:30Z\"\n}\n```", "metadata": { - "name": "CvssV3VulnAssessmentRelationship", + "name": "EpssVulnAssessmentRelationship", "SubclassOf": "VulnAssessmentRelationship", "Instantiability": "Concrete" }, "properties": { - "score": { + "probability": { "type": "xsd:decimal", "minCount": "1", "maxCount": "1", - "fqname": "/Security/score" - }, - "severity": { - "type": "CvssSeverityType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/severity" + "fqname": "/Security/probability" }, - "vectorString": { - "type": "xsd:string", + "percentile": { + "type": "xsd:decimal", "minCount": "1", "maxCount": "1", - "fqname": "/Security/vectorString" + "fqname": "/Security/percentile" } }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship", + "ext_prop_restrs": { + "/Security/VulnAssessmentRelationship/publishedTime": { + "minCount": "1" + } + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship", "fqsupercname": "/Security/VulnAssessmentRelationship", "inheritance_stack": [ "/Security/VulnAssessmentRelationship", @@ -11722,29 +11701,21 @@ "/Core/Element" ], "all_properties": { - "score": { + "probability": { "type": "xsd:decimal", "minCount": "1", "maxCount": "1", - "fqname": "/Security/score", - "fullname": "/Security/score", + "fqname": "/Security/probability", + "fullname": "/Security/probability", "fulltype": "xsd:decimal" }, - "severity": { - "type": "CvssSeverityType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/severity", - "fullname": "/Security/severity", - "fulltype": "/Security/CvssSeverityType" - }, - "vectorString": { - "type": "xsd:string", + "percentile": { + "type": "xsd:decimal", "minCount": "1", "maxCount": "1", - "fqname": "/Security/vectorString", - "fullname": "/Security/vectorString", - "fulltype": "xsd:string" + "fqname": "/Security/percentile", + "fullname": "/Security/percentile", + "fulltype": "xsd:decimal" }, "assessedElement": { "type": "/Core/Element", @@ -11756,7 +11727,7 @@ }, "publishedTime": { "type": "/Core/DateTime", - "minCount": "0", + "minCount": "1", "maxCount": "1", "fqname": "/Security/publishedTime", "fullname": "/Security/publishedTime", @@ -11916,27 +11887,39 @@ } } }, - "/Security/VexFixedVulnAssessmentRelationship": { + "/Security/VexVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "VexFixedVulnAssessmentRelationship", - "fqname": "/Security/VexFixedVulnAssessmentRelationship", - "summary": "Links a vulnerability and elements representing products (in the VEX sense) where\na fix has been applied and are no longer affected.", - "description": "VexFixedVulnAssessmentRelationship links a vulnerability to a number of elements\nrepresenting VEX products where a vulnerability has been fixed and are no longer\naffected. It represents the VEX fixed status.\n\n**Constraints**\n\nWhen linking elements using a VexFixedVulnAssessmentRelationship, the following\nrequirements must be observed:\n\n- Elements linked with a VulnVexFixedAssessmentRelationship are constrained to\n using the fixedIn relationship type.\n- The from: end of the relationship must ve a /Security/Vulnerability classed\n element.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexFixedVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-fixed-in-1\",\n \"relationshipType\": \"fixedIn\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.4\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", + "name": "VexVulnAssessmentRelationship", + "fqname": "/Security/VexVulnAssessmentRelationship", + "summary": "Asbtract ancestor class for all VEX relationships", + "description": "VexVulnAssessmentRelationship is an abstract subclass that defined the common\nproperties shared by all the SPDX-VEX status relationships.\n\n**Constraints**\n\nWhen linking elements using a VexVulnAssessmentRelationship, the following\nrequirements must be observed:\n\n- The from: end must be a /Security/Vulnerability classed element\n- The to: end must point to elements representing the VEX _products_.\n\nTo specify a different element where the vulnerability was detected, the VEX\nrelationship can optionally specify _subcomponents_ using the assessedElement\nproperty.\n\nVEX inherits information from the document level down to its statements. When a\nstatement is missing information it can be completed by reading the equivalent\nfield from the containing document. For example, if a VEX relationship is\nmissing data in its createdBy property, tools must consider the entity\nlisted in the CreationInfo section of the document as the VEX author.\nIn the same way, when a VEX relationship does not have a created property,\nthe document's date must be considered as authoritative.", "metadata": { - "name": "VexFixedVulnAssessmentRelationship", - "SubclassOf": "VexVulnAssessmentRelationship", - "Instantiability": "Concrete" + "name": "VexVulnAssessmentRelationship", + "SubclassOf": "VulnAssessmentRelationship", + "Instantiability": "Abstract" + }, + "properties": { + "vexVersion": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/vexVersion" + }, + "statusNotes": { + "type": "xsd:string", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/statusNotes" + } }, - "properties": {}, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship", - "fqsupercname": "/Security/VexVulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship", + "fqsupercname": "/Security/VulnAssessmentRelationship", "inheritance_stack": [ - "/Security/VexVulnAssessmentRelationship", "/Security/VulnAssessmentRelationship", "/Core/Relationship", "/Core/Element" @@ -12128,37 +12111,43 @@ } } }, - "/Security/VexAffectedVulnAssessmentRelationship": { + "/Security/VexNotAffectedVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "VexAffectedVulnAssessmentRelationship", - "fqname": "/Security/VexAffectedVulnAssessmentRelationship", - "summary": "Connects a vulnerability and an element designating the element as a product\naffected by the vulnerability.", - "description": "VexAffectedVulnAssessmentRelationship connects a vulnerability and a number of\nelements. The relationship marks these elements as products affected by the\nvulnerability. This relationship corresponds to the VEX affected status.\n\n**Constraints**\n\nWhen linking elements using a VexAffectedVulnAssessmentRelationship, the\nfollowing requirements must be observed:\n\n- Elements linked with a VulnVexAffectedAssessmentRelationship are constrained\n to the affects relationship type.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexAffectedVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-affected-1\",\n \"relationshipType\": \"affects\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"security_actionStatement\": \"Upgrade to version 1.4 of ACME application.\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", + "name": "VexNotAffectedVulnAssessmentRelationship", + "fqname": "/Security/VexNotAffectedVulnAssessmentRelationship", + "summary": "Links a vulnerability and one or more elements designating the latter as products\nnot affected by the vulnerability.", + "description": "VexNotAffectedVulnAssessmentRelationship connects a vulnerability and a number\nof elements designating them as products not affected by the vulnerability.\nThis relationship corresponds to the VEX not_affected status.\n\n**Constraints**\n\nWhen linking elements using a VexNotVulnAffectedAssessmentRelationship, the\nfollowing requirements must be observed:\n\n- Relating elements with a VexNotAffectedVulnAssessmentRelationship is\n restricted to the doesNotAffect relationship type.\n- The from: end of the relationship must be a /Security/Vulnerability classed\n element.\n- Both impactStatement and justificationType properties have a cardinality of\n 0..1 making them optional. Nevertheless, to produce a valid VEX not_affected\n statement, one of them MUST be defined. This is specified in the Minimum\n Elements for VEX.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexNotAffectedVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-not-affected-1\",\n \"relationshipType\": \"doesNotAffect\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"security_justificationType\": \"componentNotPresent\",\n \"security_impactStatement\": \"Not using this vulnerable part of this library.\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", "metadata": { - "name": "VexAffectedVulnAssessmentRelationship", + "name": "VexNotAffectedVulnAssessmentRelationship", "SubclassOf": "VexVulnAssessmentRelationship", "Instantiability": "Concrete" }, "properties": { - "actionStatement": { + "justificationType": { + "type": "VexJustificationType", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/justificationType" + }, + "impactStatement": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Security/actionStatement" + "fqname": "/Security/impactStatement" }, - "actionStatementTime": { + "impactStatementTime": { "type": "/Core/DateTime", "minCount": "0", - "fqname": "/Security/actionStatementTime", - "maxCount": "*" + "maxCount": "1", + "fqname": "/Security/impactStatementTime" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship", "fqsupercname": "/Security/VexVulnAssessmentRelationship", "inheritance_stack": [ "/Security/VexVulnAssessmentRelationship", @@ -12167,20 +12156,28 @@ "/Core/Element" ], "all_properties": { - "actionStatement": { + "justificationType": { + "type": "VexJustificationType", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/justificationType", + "fullname": "/Security/justificationType", + "fulltype": "/Security/VexJustificationType" + }, + "impactStatement": { "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Security/actionStatement", - "fullname": "/Security/actionStatement", + "fqname": "/Security/impactStatement", + "fullname": "/Security/impactStatement", "fulltype": "xsd:string" }, - "actionStatementTime": { + "impactStatementTime": { "type": "/Core/DateTime", "minCount": "0", - "fqname": "/Security/actionStatementTime", - "maxCount": "*", - "fullname": "/Security/actionStatementTime", + "maxCount": "1", + "fqname": "/Security/impactStatementTime", + "fullname": "/Security/impactStatementTime", "fulltype": "/Core/DateTime" }, "vexVersion": { @@ -12369,89 +12366,72 @@ } } }, - "/Security/VexNotAffectedVulnAssessmentRelationship": { + "/Security/CvssV3VulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "VexNotAffectedVulnAssessmentRelationship", - "fqname": "/Security/VexNotAffectedVulnAssessmentRelationship", - "summary": "Links a vulnerability and one or more elements designating the latter as products\nnot affected by the vulnerability.", - "description": "VexNotAffectedVulnAssessmentRelationship connects a vulnerability and a number\nof elements designating them as products not affected by the vulnerability.\nThis relationship corresponds to the VEX not_affected status.\n\n**Constraints**\n\nWhen linking elements using a VexNotVulnAffectedAssessmentRelationship, the\nfollowing requirements must be observed:\n\n- Relating elements with a VexNotAffectedVulnAssessmentRelationship is\n restricted to the doesNotAffect relationship type.\n- The from: end of the relationship must be a /Security/Vulnerability classed\n element.\n- Both impactStatement and justificationType properties have a cardinality of\n 0..1 making them optional. Nevertheless, to produce a valid VEX not_affected\n statement, one of them MUST be defined. This is specified in the Minimum\n Elements for VEX.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexNotAffectedVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-not-affected-1\",\n \"relationshipType\": \"doesNotAffect\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"security_justificationType\": \"componentNotPresent\",\n \"security_impactStatement\": \"Not using this vulnerable part of this library.\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", + "name": "CvssV3VulnAssessmentRelationship", + "fqname": "/Security/CvssV3VulnAssessmentRelationship", + "summary": "Provides a CVSS version 3 assessment for a vulnerability.", + "description": "A CvssV3VulnAssessmentRelationship relationship describes the determined score,\nseverity, and vector of a vulnerability using version\n[3.0](https://www.first.org/cvss/v3.0/specification-document) or\n[3.1](https://www.first.org/cvss/v3.1/specification-document) of the Common\nVulnerability Scoring System (CVSS).\nIt is intended to communicate the results of using a CVSS calculator.\n\n**Constraints**\n\n- The value of severity must be one of 'none', 'low', 'medium', 'high' or\n 'critical'.\n- The relationship type must be set to `hasAssessmentFor`.\n\n**Syntax**\n\n```json\n{\n \"type\": \"CvssV3VulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:cvssv3-cve-2020-28498\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_score\": \"6.8\",\n \"security_severity\": \"medium\",\n \"security_vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"externalRef\": [\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityFix\",\n \"locator\": \"https://github.com/indutny/elliptic/commit/441b742\"\n }\n ],\n \"suppliedBy\": [\"urn:spdx.dev:agent-my-security-vendor\"],\n \"publishedTime\": \"2023-05-06T10:06:13Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\",\n \"relationshipType\": \"publishedBy\",\n \"from\": \"urn:spdx.dev:cvssv3-cve-2020-28498\",\n \"to\": [\"urn:spdx.dev:agent-snyk\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n}\n```", "metadata": { - "name": "VexNotAffectedVulnAssessmentRelationship", - "SubclassOf": "VexVulnAssessmentRelationship", + "name": "CvssV3VulnAssessmentRelationship", + "SubclassOf": "VulnAssessmentRelationship", "Instantiability": "Concrete" }, "properties": { - "justificationType": { - "type": "VexJustificationType", - "minCount": "0", + "score": { + "type": "xsd:decimal", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/justificationType" + "fqname": "/Security/score" }, - "impactStatement": { - "type": "xsd:string", - "minCount": "0", + "severity": { + "type": "CvssSeverityType", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/impactStatement" + "fqname": "/Security/severity" }, - "impactStatementTime": { - "type": "/Core/DateTime", - "minCount": "0", + "vectorString": { + "type": "xsd:string", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/impactStatementTime" + "fqname": "/Security/vectorString" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship", - "fqsupercname": "/Security/VexVulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship", + "fqsupercname": "/Security/VulnAssessmentRelationship", "inheritance_stack": [ - "/Security/VexVulnAssessmentRelationship", "/Security/VulnAssessmentRelationship", "/Core/Relationship", "/Core/Element" ], "all_properties": { - "justificationType": { - "type": "VexJustificationType", - "minCount": "0", - "maxCount": "1", - "fqname": "/Security/justificationType", - "fullname": "/Security/justificationType", - "fulltype": "/Security/VexJustificationType" - }, - "impactStatement": { - "type": "xsd:string", - "minCount": "0", - "maxCount": "1", - "fqname": "/Security/impactStatement", - "fullname": "/Security/impactStatement", - "fulltype": "xsd:string" - }, - "impactStatementTime": { - "type": "/Core/DateTime", - "minCount": "0", + "score": { + "type": "xsd:decimal", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/impactStatementTime", - "fullname": "/Security/impactStatementTime", - "fulltype": "/Core/DateTime" + "fqname": "/Security/score", + "fullname": "/Security/score", + "fulltype": "xsd:decimal" }, - "vexVersion": { - "type": "xsd:string", - "minCount": "0", + "severity": { + "type": "CvssSeverityType", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/vexVersion", - "fullname": "/Security/vexVersion", - "fulltype": "xsd:string" + "fqname": "/Security/severity", + "fullname": "/Security/severity", + "fulltype": "/Security/CvssSeverityType" }, - "statusNotes": { + "vectorString": { "type": "xsd:string", - "minCount": "0", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/statusNotes", - "fullname": "/Security/statusNotes", + "fqname": "/Security/vectorString", + "fullname": "/Security/vectorString", "fulltype": "xsd:string" }, "assessedElement": { @@ -12624,41 +12604,31 @@ } } }, - "/Security/EpssVulnAssessmentRelationship": { + "/Security/SsvcVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "EpssVulnAssessmentRelationship", - "fqname": "/Security/EpssVulnAssessmentRelationship", - "summary": "Provides an EPSS assessment for a vulnerability.", - "description": "An EpssVulnAssessmentRelationship relationship describes the likelihood or\nprobability that a vulnerability will be exploited in the wild, and the\npercentile ranking of probability relative to all other vulnerabilities' EPSS\nscores, using the Exploit Prediction Scoring System (EPSS) as defined at\n.\n\n**Constraints**\n\n- The relationship type must be set to hasAssessmentFor.\n- The probability must be between 0 and 1.\n- The percentile must be between 0 and 1.\n\n**Syntax**\n\n```json\n{\n \"type\": \"EpssVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:epss-CVE-2020-28498\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_probability\": \"0.00105\",\n \"security_percentile\": \"0.42356\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2023-10-05T00:00:30Z\"\n}\n```", + "name": "SsvcVulnAssessmentRelationship", + "fqname": "/Security/SsvcVulnAssessmentRelationship", + "summary": "Provides an SSVC assessment for a vulnerability.", + "description": "An SsvcVulnAssessmentRelationship describes the decision made using the\nStakeholder-Specific Vulnerability Categorization (SSVC) decision tree as\ndefined on [https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc).\nIt is intended to communicate the results of using the CISA SSVC Calculator.\n\n**Constraints**\n\n- The relationship type must be set to hasAssessmentFor.\n\n**Syntax**\n\n```json\n{\n \"@type\": \"SsvcVulnAssessmentRelationship\",\n \"@id\": \"urn:spdx.dev:ssvc-1\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_decisionType\": \"act\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", "metadata": { - "name": "EpssVulnAssessmentRelationship", + "name": "SsvcVulnAssessmentRelationship", "SubclassOf": "VulnAssessmentRelationship", "Instantiability": "Concrete" }, "properties": { - "probability": { - "type": "xsd:decimal", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/probability" - }, - "percentile": { - "type": "xsd:decimal", + "decisionType": { + "type": "SsvcDecisionType", "minCount": "1", "maxCount": "1", - "fqname": "/Security/percentile" - } - }, - "ext_prop_restrs": { - "/Security/VulnAssessmentRelationship/publishedTime": { - "minCount": "1" + "fqname": "/Security/decisionType" } }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship", + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship", "fqsupercname": "/Security/VulnAssessmentRelationship", "inheritance_stack": [ "/Security/VulnAssessmentRelationship", @@ -12666,21 +12636,13 @@ "/Core/Element" ], "all_properties": { - "probability": { - "type": "xsd:decimal", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/probability", - "fullname": "/Security/probability", - "fulltype": "xsd:decimal" - }, - "percentile": { - "type": "xsd:decimal", + "decisionType": { + "type": "SsvcDecisionType", "minCount": "1", "maxCount": "1", - "fqname": "/Security/percentile", - "fullname": "/Security/percentile", - "fulltype": "xsd:decimal" + "fqname": "/Security/decisionType", + "fullname": "/Security/decisionType", + "fulltype": "/Security/SsvcDecisionType" }, "assessedElement": { "type": "/Core/Element", @@ -12692,7 +12654,7 @@ }, "publishedTime": { "type": "/Core/DateTime", - "minCount": "1", + "minCount": "0", "maxCount": "1", "fqname": "/Security/publishedTime", "fullname": "/Security/publishedTime", @@ -12852,18 +12814,18 @@ } } }, - "/Security/CvssV2VulnAssessmentRelationship": { + "/Security/CvssV4VulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "CvssV2VulnAssessmentRelationship", - "fqname": "/Security/CvssV2VulnAssessmentRelationship", - "summary": "Provides a CVSS version 2.0 assessment for a vulnerability.", - "description": "A CvssV2VulnAssessmentRelationship relationship describes the determined score\nand vector of a vulnerability using version 2.0 of the Common Vulnerability\nScoring System (CVSS) as defined at .\nIt is intended to communicate the results of using a CVSS calculator.\n\n**Constraints**\n\n- The relationship type must be set to `hasAssessmentFor`.\n\n**Syntax**\n\n```json\n{\n \"type\": \"CvssV2VulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:cvssv2-cve-2020-28498\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_score\": \"4.3\",\n \"security_vectorString\": \"(AV:N/AC:M/Au:N/C:P/I:N/A:N)\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"externalRef\": [\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityFix\",\n \"locator\": \"https://github.com/indutny/elliptic/commit/441b742\"\n }\n ],\n \"suppliedBy\": [\"urn:spdx.dev:agent-my-security-vendor\"],\n \"publishedTime\": \"2023-05-06T10:06:13Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\", \n \"relationshipType\": \"publishedBy\", \n \"from\": \"urn:spdx.dev:cvssv2-cve-2020-28498\",\n \"to\": [\"urn:spdx.dev:agent-snyk\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n}\n```", + "name": "CvssV4VulnAssessmentRelationship", + "fqname": "/Security/CvssV4VulnAssessmentRelationship", + "summary": "Provides a CVSS version 4 assessment for a vulnerability.", + "description": "A CvssV4VulnAssessmentRelationship relationship describes the determined score,\nseverity, and vector of a vulnerability using version 4 of the Common\nVulnerability Scoring System (CVSS) as defined on\n.\nIt is intended to communicate the results of using a CVSS calculator.\n\n**Constraints**\n\n- The value of severity must be one of 'none', 'low', 'medium', 'high' or\n 'critical'.\n- The relationship type must be set to hasAssessmentFor.\n\n**Syntax**\n\n```json\n{\n \"type\": \"CvssV4VulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:cvssv4-cve-2021-44228\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_severity\": \"medium\",\n \"security_score\": \"10.0\",\n \"security_vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/AR:N/UI:N/VCH/VI:H/VA:H/SC:H/SI:H/SA:H/E:A\",\n \"from\": \"urn:spdx.dev:vuln-cve-2021-44228\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:apache-log4j-2.14.1\",\n \"externalRef\": [\n {\n \"@type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2021-44228\"\n },\n {\n \"@type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://logging.apache.org/log4j/2.x/security.html\"\n },\n {\n \"@type\": \"ExternalRef\",\n \"externalRefType\": \"securityOther\",\n \"locator\": \" https://www.first.org/cvss/v4.0/examples#Apache-log4j-JNDI-Command-Execution-log4shell-Vulnerability-CVE-2021-44228\"\n },\n ],\n \"suppliedBy\": [\"urn:spdx.dev:agent-my-security-vendor\"],\n \"publishedTime\": \"2023-10-05T23:09:13Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\",\n \"relationshipType\": \"publishedBy\",\n \"from\": \"urn:spdx.dev:cvssv4-cve-2021-44228\",\n \"to\": [\"urn:spdx.dev:agent-apache.org\"],\n \"startTime\": \"2021-12-11T18:39:00Z\"\n}\n```", "metadata": { - "name": "CvssV2VulnAssessmentRelationship", + "name": "CvssV4VulnAssessmentRelationship", "SubclassOf": "VulnAssessmentRelationship", "Instantiability": "Concrete" }, @@ -12874,6 +12836,12 @@ "maxCount": "1", "fqname": "/Security/score" }, + "severity": { + "type": "CvssSeverityType", + "minCount": "1", + "maxCount": "1", + "fqname": "/Security/severity" + }, "vectorString": { "type": "xsd:string", "minCount": "1", @@ -12882,7 +12850,7 @@ } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship", "fqsupercname": "/Security/VulnAssessmentRelationship", "inheritance_stack": [ "/Security/VulnAssessmentRelationship", @@ -12898,6 +12866,14 @@ "fullname": "/Security/score", "fulltype": "xsd:decimal" }, + "severity": { + "type": "CvssSeverityType", + "minCount": "1", + "maxCount": "1", + "fqname": "/Security/severity", + "fullname": "/Security/severity", + "fulltype": "/Security/CvssSeverityType" + }, "vectorString": { "type": "xsd:string", "minCount": "1", @@ -13076,37 +13052,37 @@ } } }, - "/Security/VexVulnAssessmentRelationship": { + "/Security/CvssV2VulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "VexVulnAssessmentRelationship", - "fqname": "/Security/VexVulnAssessmentRelationship", - "summary": "Asbtract ancestor class for all VEX relationships", - "description": "VexVulnAssessmentRelationship is an abstract subclass that defined the common\nproperties shared by all the SPDX-VEX status relationships.\n\n**Constraints**\n\nWhen linking elements using a VexVulnAssessmentRelationship, the following\nrequirements must be observed:\n\n- The from: end must be a /Security/Vulnerability classed element\n- The to: end must point to elements representing the VEX _products_.\n\nTo specify a different element where the vulnerability was detected, the VEX\nrelationship can optionally specify _subcomponents_ using the assessedElement\nproperty.\n\nVEX inherits information from the document level down to its statements. When a\nstatement is missing information it can be completed by reading the equivalent\nfield from the containing document. For example, if a VEX relationship is\nmissing data in its createdBy property, tools must consider the entity\nlisted in the CreationInfo section of the document as the VEX author.\nIn the same way, when a VEX relationship does not have a created property,\nthe document's date must be considered as authoritative.", + "name": "CvssV2VulnAssessmentRelationship", + "fqname": "/Security/CvssV2VulnAssessmentRelationship", + "summary": "Provides a CVSS version 2.0 assessment for a vulnerability.", + "description": "A CvssV2VulnAssessmentRelationship relationship describes the determined score\nand vector of a vulnerability using version 2.0 of the Common Vulnerability\nScoring System (CVSS) as defined at .\nIt is intended to communicate the results of using a CVSS calculator.\n\n**Constraints**\n\n- The relationship type must be set to `hasAssessmentFor`.\n\n**Syntax**\n\n```json\n{\n \"type\": \"CvssV2VulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:cvssv2-cve-2020-28498\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_score\": \"4.3\",\n \"security_vectorString\": \"(AV:N/AC:M/Au:N/C:P/I:N/A:N)\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"externalRef\": [\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityFix\",\n \"locator\": \"https://github.com/indutny/elliptic/commit/441b742\"\n }\n ],\n \"suppliedBy\": [\"urn:spdx.dev:agent-my-security-vendor\"],\n \"publishedTime\": \"2023-05-06T10:06:13Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\", \n \"relationshipType\": \"publishedBy\", \n \"from\": \"urn:spdx.dev:cvssv2-cve-2020-28498\",\n \"to\": [\"urn:spdx.dev:agent-snyk\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n}\n```", "metadata": { - "name": "VexVulnAssessmentRelationship", + "name": "CvssV2VulnAssessmentRelationship", "SubclassOf": "VulnAssessmentRelationship", - "Instantiability": "Abstract" + "Instantiability": "Concrete" }, "properties": { - "vexVersion": { - "type": "xsd:string", - "minCount": "0", + "score": { + "type": "xsd:decimal", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/vexVersion" + "fqname": "/Security/score" }, - "statusNotes": { + "vectorString": { "type": "xsd:string", - "minCount": "0", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/statusNotes" + "fqname": "/Security/vectorString" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship", "fqsupercname": "/Security/VulnAssessmentRelationship", "inheritance_stack": [ "/Security/VulnAssessmentRelationship", @@ -13114,20 +13090,20 @@ "/Core/Element" ], "all_properties": { - "vexVersion": { - "type": "xsd:string", - "minCount": "0", + "score": { + "type": "xsd:decimal", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/vexVersion", - "fullname": "/Security/vexVersion", - "fulltype": "xsd:string" + "fqname": "/Security/score", + "fullname": "/Security/score", + "fulltype": "xsd:decimal" }, - "statusNotes": { + "vectorString": { "type": "xsd:string", - "minCount": "0", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/statusNotes", - "fullname": "/Security/statusNotes", + "fqname": "/Security/vectorString", + "fullname": "/Security/vectorString", "fulltype": "xsd:string" }, "assessedElement": { @@ -13300,61 +13276,77 @@ } } }, - "/Security/VulnAssessmentRelationship": { + "/Security/VexAffectedVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "VulnAssessmentRelationship", - "fqname": "/Security/VulnAssessmentRelationship", - "summary": "Abstract ancestor class for all vulnerability assessments", - "description": "VulnAssessmentRelationship is the ancestor class common to all vulnerability\nassessment relationships. It factors out the common properties shared by them.", + "name": "VexAffectedVulnAssessmentRelationship", + "fqname": "/Security/VexAffectedVulnAssessmentRelationship", + "summary": "Connects a vulnerability and an element designating the element as a product\naffected by the vulnerability.", + "description": "VexAffectedVulnAssessmentRelationship connects a vulnerability and a number of\nelements. The relationship marks these elements as products affected by the\nvulnerability. This relationship corresponds to the VEX affected status.\n\n**Constraints**\n\nWhen linking elements using a VexAffectedVulnAssessmentRelationship, the\nfollowing requirements must be observed:\n\n- Elements linked with a VulnVexAffectedAssessmentRelationship are constrained\n to the affects relationship type.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexAffectedVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-affected-1\",\n \"relationshipType\": \"affects\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"security_actionStatement\": \"Upgrade to version 1.4 of ACME application.\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", "metadata": { - "name": "VulnAssessmentRelationship", - "SubclassOf": "/Core/Relationship", - "Instantiability": "Abstract" + "name": "VexAffectedVulnAssessmentRelationship", + "SubclassOf": "VexVulnAssessmentRelationship", + "Instantiability": "Concrete" }, "properties": { - "assessedElement": { - "type": "/Core/Element", + "actionStatement": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Security/assessedElement" + "fqname": "/Security/actionStatement" }, - "publishedTime": { + "actionStatementTime": { "type": "/Core/DateTime", "minCount": "0", - "maxCount": "1", - "fqname": "/Security/publishedTime" - }, - "/Core/suppliedBy": { - "type": "/Core/Agent", + "fqname": "/Security/actionStatementTime", + "maxCount": "*" + } + }, + "ext_prop_restrs": {}, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship", + "fqsupercname": "/Security/VexVulnAssessmentRelationship", + "inheritance_stack": [ + "/Security/VexVulnAssessmentRelationship", + "/Security/VulnAssessmentRelationship", + "/Core/Relationship", + "/Core/Element" + ], + "all_properties": { + "actionStatement": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Core/suppliedBy" + "fqname": "/Security/actionStatement", + "fullname": "/Security/actionStatement", + "fulltype": "xsd:string" }, - "modifiedTime": { + "actionStatementTime": { "type": "/Core/DateTime", "minCount": "0", + "fqname": "/Security/actionStatementTime", + "maxCount": "*", + "fullname": "/Security/actionStatementTime", + "fulltype": "/Core/DateTime" + }, + "vexVersion": { + "type": "xsd:string", + "minCount": "0", "maxCount": "1", - "fqname": "/Security/modifiedTime" + "fqname": "/Security/vexVersion", + "fullname": "/Security/vexVersion", + "fulltype": "xsd:string" }, - "withdrawnTime": { - "type": "/Core/DateTime", + "statusNotes": { + "type": "xsd:string", "minCount": "0", "maxCount": "1", - "fqname": "/Security/withdrawnTime" - } - }, - "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship", - "fqsupercname": "/Core/Relationship", - "inheritance_stack": [ - "/Core/Relationship", - "/Core/Element" - ], - "all_properties": { + "fqname": "/Security/statusNotes", + "fullname": "/Security/statusNotes", + "fulltype": "xsd:string" + }, "assessedElement": { "type": "/Core/Element", "minCount": "0", @@ -13525,54 +13517,49 @@ } } }, - "/Security/SsvcVulnAssessmentRelationship": { + "/Security/Vulnerability": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "SsvcVulnAssessmentRelationship", - "fqname": "/Security/SsvcVulnAssessmentRelationship", - "summary": "Provides an SSVC assessment for a vulnerability.", - "description": "An SsvcVulnAssessmentRelationship describes the decision made using the\nStakeholder-Specific Vulnerability Categorization (SSVC) decision tree as\ndefined on [https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc).\nIt is intended to communicate the results of using the CISA SSVC Calculator.\n\n**Constraints**\n\n- The relationship type must be set to hasAssessmentFor.\n\n**Syntax**\n\n```json\n{\n \"@type\": \"SsvcVulnAssessmentRelationship\",\n \"@id\": \"urn:spdx.dev:ssvc-1\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_decisionType\": \"act\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", + "name": "Vulnerability", + "fqname": "/Security/Vulnerability", + "summary": "Specifies a vulnerability and its associated information.", + "description": "Specifies a vulnerability and its associated information.\n\n**Syntax**\n\n```json\n{\n \"type\": \"Vulnerability\",\n \"spdxId\": \"urn:spdx.dev:vuln-1\",\n \"summary\": \"Use of a Broken or Risky Cryptographic Algorithm\",\n \"description\": \"The npm package `elliptic` before version 6.5.4 are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. There is no check to confirm that the public key point passed into the derive function actually exists on the secp256k1 curve. This results in the potential for the private key used in this implementation to be revealed after a number of ECDH operations are performed.\", \n \"modifiedTime\": \"2021-03-08T16:06:43Z\",\n \"publishedTime\": \"2021-03-08T16:02:50Z\",\n \"externalIdentifier\": [\n {\n \"type\": \"ExternalIdentifier\",\n \"externalIdentifierType\": \"cve\",\n \"identifier\": \"CVE-2020-2849\",\n \"identifierLocator\": [\n \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28498\",\n \"https://www.cve.org/CVERecord?id=CVE-2020-28498\"\n ],\n \"issuingAuthority\": \"urn:spdx.dev:agent-cve.org\"\n },\n {\n \"type\": \"ExternalIdentifier\",\n \"externalIdentifierType\": \"securityOther\",\n \"identifier\": \"GHSA-r9p9-mrjm-926w\",\n \"identifierLocator\": \"https://github.com/advisories/GHSA-r9p9-mrjm-926w\"\n },\n {\n \"type\": \"ExternalIdentifier\",\n \"externalIdentifierType\": \"securityOther\",\n \"identifier\": \"SNYK-JS-ELLIPTIC-1064899\",\n \"identifierLocator\": \"https://security.snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899\"\n }\n ],\n \"externalRef\": [\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityAdvisory\",\n \"locator\": \"https://ubuntu.com/security/CVE-2020-28498\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityOther\",\n \"locator\": \"https://github.com/indutny/elliptic/pull/244/commits\"\n },\n {\n \"type\": \"ExternalRef\",\n \"externalRefType\": \"securityOther\",\n \"locator\": \"https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md\"\n }\n ]\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnRelationship-1\",\n \"relationshipType\": \"hasAssociatedVulnerability\",\n \"from\": \"urn:npm-elliptic-6.5.2\",\n \"to\": [\"urn:spdx.dev:vuln-1\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n},\n{\n \"type\": \"Relationship\",\n \"spdxId\": \"urn:spdx.dev:vulnAgentRel-1\", \n \"relationshipType\": \"publishedBy\", \n \"from\": \"urn:spdx.dev:vuln-1\",\n \"to\": [\"urn:spdx.dev:agent-snyk\"],\n \"startTime\": \"2021-03-08T16:06:50Z\"\n}\n```", "metadata": { - "name": "SsvcVulnAssessmentRelationship", - "SubclassOf": "VulnAssessmentRelationship", + "name": "Vulnerability", + "SubclassOf": "/Core/Artifact", "Instantiability": "Concrete" }, "properties": { - "decisionType": { - "type": "SsvcDecisionType", - "minCount": "1", + "publishedTime": { + "type": "/Core/DateTime", + "minCount": "0", "maxCount": "1", - "fqname": "/Security/decisionType" + "fqname": "/Security/publishedTime" + }, + "modifiedTime": { + "type": "/Core/DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/modifiedTime" + }, + "withdrawnTime": { + "type": "/Core/DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/withdrawnTime" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship", - "fqsupercname": "/Security/VulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability", + "fqsupercname": "/Core/Artifact", "inheritance_stack": [ - "/Security/VulnAssessmentRelationship", - "/Core/Relationship", + "/Core/Artifact", "/Core/Element" ], "all_properties": { - "decisionType": { - "type": "SsvcDecisionType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/decisionType", - "fullname": "/Security/decisionType", - "fulltype": "/Security/SsvcDecisionType" - }, - "assessedElement": { - "type": "/Core/Element", - "minCount": "0", - "maxCount": "1", - "fqname": "/Security/assessedElement", - "fullname": "/Security/assessedElement", - "fulltype": "/Core/Element" - }, "publishedTime": { "type": "/Core/DateTime", "minCount": "0", @@ -13581,14 +13568,6 @@ "fullname": "/Security/publishedTime", "fulltype": "/Core/DateTime" }, - "suppliedBy": { - "type": "/Core/Agent", - "minCount": "0", - "maxCount": "1", - "fqname": "/Core/suppliedBy", - "fullname": "/Core/suppliedBy", - "fulltype": "/Core/Agent" - }, "modifiedTime": { "type": "/Core/DateTime", "minCount": "0", @@ -13605,54 +13584,62 @@ "fullname": "/Security/withdrawnTime", "fulltype": "/Core/DateTime" }, - "from": { - "type": "Element", - "minCount": "1", - "maxCount": "1", - "fqname": "/Core/from", - "fullname": "/Core/from", - "fulltype": "/Core/Element" - }, - "to": { - "type": "Element", - "minCount": "1", - "fqname": "/Core/to", + "originatedBy": { + "type": "Agent", + "minCount": "0", + "fqname": "/Core/originatedBy", "maxCount": "*", - "fullname": "/Core/to", - "fulltype": "/Core/Element" + "fullname": "/Core/originatedBy", + "fulltype": "/Core/Agent" }, - "relationshipType": { - "type": "RelationshipType", - "minCount": "1", + "suppliedBy": { + "type": "Agent", + "minCount": "0", "maxCount": "1", - "fqname": "/Core/relationshipType", - "fullname": "/Core/relationshipType", - "fulltype": "/Core/RelationshipType" + "fqname": "/Core/suppliedBy", + "fullname": "/Core/suppliedBy", + "fulltype": "/Core/Agent" }, - "completeness": { - "type": "RelationshipCompleteness", + "builtTime": { + "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Core/completeness", - "fullname": "/Core/completeness", - "fulltype": "/Core/RelationshipCompleteness" + "fqname": "/Core/builtTime", + "fullname": "/Core/builtTime", + "fulltype": "/Core/DateTime" }, - "startTime": { + "releaseTime": { "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Core/startTime", - "fullname": "/Core/startTime", + "fqname": "/Core/releaseTime", + "fullname": "/Core/releaseTime", "fulltype": "/Core/DateTime" }, - "endTime": { + "validUntilTime": { "type": "DateTime", "minCount": "0", "maxCount": "1", - "fqname": "/Core/endTime", - "fullname": "/Core/endTime", + "fqname": "/Core/validUntilTime", + "fullname": "/Core/validUntilTime", "fulltype": "/Core/DateTime" }, + "standardName": { + "type": "xsd:string", + "minCount": "0", + "fqname": "/Core/standardName", + "maxCount": "*", + "fullname": "/Core/standardName", + "fulltype": "xsd:string" + }, + "supportLevel": { + "type": "SupportType", + "minCount": "0", + "fqname": "/Core/supportLevel", + "maxCount": "*", + "fullname": "/Core/supportLevel", + "fulltype": "/Core/SupportType" + }, "spdxId": { "type": "xsd:anyURI", "minCount": "1", @@ -13735,47 +13722,73 @@ } } }, - "/Security/VexUnderInvestigationVulnAssessmentRelationship": { + "/Security/ExploitCatalogVulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "VexUnderInvestigationVulnAssessmentRelationship", - "fqname": "/Security/VexUnderInvestigationVulnAssessmentRelationship", - "summary": "Designates elements as products where the impact of a vulnerability is being\ninvestigated.", - "description": "VexUnderInvestigationVulnAssessmentRelationship links a vulnerability to a\nnumber of products stating the vulnerability's impact on them is being\ninvestigated. It represents the VEX under_investigation status.\n\n**Constraints**\n\nWhen linking elements using a VexUnderInvestigationVulnAssessmentRelationship\nthe following requirements must be observed:\n\n- Elements linked with a VexUnderInvestigationVulnAssessmentRelationship are\n constrained to using the underInvestigationFor relationship type.\n- The from: end of the relationship must ve a /Security/Vulnerability classed\n element.\n\n**Syntax**\n\n```json\n{\n \"type\": \"VexUnderInvestigationVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:vex-underInvestigation-1\",\n \"relationshipType\": \"underInvestigationFor\",\n \"from\": \"urn:spdx.dev:vuln-cve-2020-28498\",\n \"to\": [\"urn:product-acme-application-1.3\"],\n \"security_assessedElement\": \"urn:npm-elliptic-6.5.2\",\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", + "name": "ExploitCatalogVulnAssessmentRelationship", + "fqname": "/Security/ExploitCatalogVulnAssessmentRelationship", + "summary": "Provides an exploit assessment of a vulnerability.", + "description": "An ExploitCatalogVulnAssessmentRelationship describes if a vulnerability is\nlisted in any exploit catalog such as the CISA Known Exploited Vulnerabilities\nCatalog (KEV)\n[https://www.cisa.gov/known-exploited-vulnerabilities-catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog).\n\n**Constraints**\n\n- The relationship type must be set to hasAssessmentFor.\n\n**Syntax**\n\n```json\n{\n \"type\": \"ExploitCatalogVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:exploit-catalog-1\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_catalogType\": \"kev\",\n \"locator\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog\",\n \"security_exploited\": \"true\",\n \"from\": \"urn:spdx.dev:vuln-cve-2023-2136\",\n \"to\": [\"urn:product-google-chrome-112.0.5615.136\"],\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", "metadata": { - "name": "VexUnderInvestigationVulnAssessmentRelationship", - "SubclassOf": "VexVulnAssessmentRelationship", + "name": "ExploitCatalogVulnAssessmentRelationship", + "SubclassOf": "VulnAssessmentRelationship", "Instantiability": "Concrete" }, - "properties": {}, + "properties": { + "catalogType": { + "type": "ExploitCatalogType", + "minCount": "1", + "maxCount": "1", + "fqname": "/Security/catalogType" + }, + "exploited": { + "type": "xsd:boolean", + "minCount": "1", + "maxCount": "1", + "fqname": "/Security/exploited" + }, + "locator": { + "type": "xsd:anyURI", + "minCount": "1", + "maxCount": "1", + "fqname": "/Security/locator" + } + }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship", - "fqsupercname": "/Security/VexVulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship", + "fqsupercname": "/Security/VulnAssessmentRelationship", "inheritance_stack": [ - "/Security/VexVulnAssessmentRelationship", "/Security/VulnAssessmentRelationship", "/Core/Relationship", "/Core/Element" ], "all_properties": { - "vexVersion": { - "type": "xsd:string", - "minCount": "0", + "catalogType": { + "type": "ExploitCatalogType", + "minCount": "1", + "maxCount": "1", + "fqname": "/Security/catalogType", + "fullname": "/Security/catalogType", + "fulltype": "/Security/ExploitCatalogType" + }, + "exploited": { + "type": "xsd:boolean", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/vexVersion", - "fullname": "/Security/vexVersion", - "fulltype": "xsd:string" + "fqname": "/Security/exploited", + "fullname": "/Security/exploited", + "fulltype": "xsd:boolean" }, - "statusNotes": { - "type": "xsd:string", - "minCount": "0", + "locator": { + "type": "xsd:anyURI", + "minCount": "1", "maxCount": "1", - "fqname": "/Security/statusNotes", - "fullname": "/Security/statusNotes", - "fulltype": "xsd:string" + "fqname": "/Security/locator", + "fullname": "/Security/locator", + "fulltype": "xsd:anyURI" }, "assessedElement": { "type": "/Core/Element", @@ -13947,74 +13960,61 @@ } } }, - "/Security/ExploitCatalogVulnAssessmentRelationship": { + "/Security/VulnAssessmentRelationship": { "py/object": "spec_parser.model.Class", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "ExploitCatalogVulnAssessmentRelationship", - "fqname": "/Security/ExploitCatalogVulnAssessmentRelationship", - "summary": "Provides an exploit assessment of a vulnerability.", - "description": "An ExploitCatalogVulnAssessmentRelationship describes if a vulnerability is\nlisted in any exploit catalog such as the CISA Known Exploited Vulnerabilities\nCatalog (KEV)\n[https://www.cisa.gov/known-exploited-vulnerabilities-catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog).\n\n**Constraints**\n\n- The relationship type must be set to hasAssessmentFor.\n\n**Syntax**\n\n```json\n{\n \"type\": \"ExploitCatalogVulnAssessmentRelationship\",\n \"spdxId\": \"urn:spdx.dev:exploit-catalog-1\",\n \"relationshipType\": \"hasAssessmentFor\",\n \"security_catalogType\": \"kev\",\n \"locator\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog\",\n \"security_exploited\": \"true\",\n \"from\": \"urn:spdx.dev:vuln-cve-2023-2136\",\n \"to\": [\"urn:product-google-chrome-112.0.5615.136\"],\n \"suppliedBy\": [\"urn:spdx.dev:agent-jane-doe\"],\n \"publishedTime\": \"2021-03-09T11:04:53Z\"\n}\n```", + "name": "VulnAssessmentRelationship", + "fqname": "/Security/VulnAssessmentRelationship", + "summary": "Abstract ancestor class for all vulnerability assessments", + "description": "VulnAssessmentRelationship is the ancestor class common to all vulnerability\nassessment relationships. It factors out the common properties shared by them.", "metadata": { - "name": "ExploitCatalogVulnAssessmentRelationship", - "SubclassOf": "VulnAssessmentRelationship", - "Instantiability": "Concrete" + "name": "VulnAssessmentRelationship", + "SubclassOf": "/Core/Relationship", + "Instantiability": "Abstract" }, "properties": { - "catalogType": { - "type": "ExploitCatalogType", - "minCount": "1", + "assessedElement": { + "type": "/Core/Element", + "minCount": "0", "maxCount": "1", - "fqname": "/Security/catalogType" + "fqname": "/Security/assessedElement" }, - "exploited": { - "type": "xsd:boolean", - "minCount": "1", + "publishedTime": { + "type": "/Core/DateTime", + "minCount": "0", "maxCount": "1", - "fqname": "/Security/exploited" + "fqname": "/Security/publishedTime" }, - "locator": { - "type": "xsd:anyURI", - "minCount": "1", + "/Core/suppliedBy": { + "type": "/Core/Agent", + "minCount": "0", "maxCount": "1", - "fqname": "/Security/locator" + "fqname": "/Core/suppliedBy" + }, + "modifiedTime": { + "type": "/Core/DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/modifiedTime" + }, + "withdrawnTime": { + "type": "/Core/DateTime", + "minCount": "0", + "maxCount": "1", + "fqname": "/Security/withdrawnTime" } }, "ext_prop_restrs": {}, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship", - "fqsupercname": "/Security/VulnAssessmentRelationship", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship", + "fqsupercname": "/Core/Relationship", "inheritance_stack": [ - "/Security/VulnAssessmentRelationship", "/Core/Relationship", "/Core/Element" ], "all_properties": { - "catalogType": { - "type": "ExploitCatalogType", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/catalogType", - "fullname": "/Security/catalogType", - "fulltype": "/Security/ExploitCatalogType" - }, - "exploited": { - "type": "xsd:boolean", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/exploited", - "fullname": "/Security/exploited", - "fulltype": "xsd:boolean" - }, - "locator": { - "type": "xsd:anyURI", - "minCount": "1", - "maxCount": "1", - "fqname": "/Security/locator", - "fullname": "/Security/locator", - "fulltype": "xsd:anyURI" - }, "assessedElement": { "type": "/Core/Element", "minCount": "0", @@ -14187,6 +14187,66 @@ } }, "properties": { + "/Security/statusNotes": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1702 + }, + "license": "Community-Spec-1.0", + "name": "statusNotes", + "fqname": "/Security/statusNotes", + "summary": "Conveys information about how VEX status was determined.", + "description": "A VEX statement may convey information about how status was determined and may reference other VEX information.", + "metadata": { + "name": "statusNotes", + "Nature": "DataProperty", + "Range": "xsd:string" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes", + "used_in": [ + "/Security/VexVulnAssessmentRelationship" + ] + }, + "/Security/probability": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1702 + }, + "license": "Community-Spec-1.0", + "name": "probability", + "fqname": "/Security/probability", + "summary": "A probability score between 0 and 1 of a vulnerability being exploited.", + "description": "The probability score between 0 and 1 (0 and 100%) estimating the likelihood of exploitation in the wild in the next 30 days (following score publication). [https://www.first.org/epss/data_stats](https://www.first.org/epss/data_stats)", + "metadata": { + "name": "probability", + "Nature": "DataProperty", + "Range": "xsd:decimal" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/probability", + "used_in": [ + "/Security/EpssVulnAssessmentRelationship" + ] + }, + "/Security/exploited": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1702 + }, + "license": "Community-Spec-1.0", + "name": "exploited", + "fqname": "/Security/exploited", + "summary": "Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog.", + "description": "This field is set when a CVE is listed in an exploit catalog.", + "metadata": { + "name": "exploited", + "Nature": "DataProperty", + "Range": "xsd:boolean" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/exploited", + "used_in": [ + "/Security/ExploitCatalogVulnAssessmentRelationship" + ] + }, "/Security/vexVersion": { "py/object": "spec_parser.model.Property", "ns": { @@ -14207,65 +14267,66 @@ "/Security/VexVulnAssessmentRelationship" ] }, - "/Security/severity": { + "/Security/vectorString": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "severity", - "fqname": "/Security/severity", - "summary": "Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software.", - "description": "The severity field provides a human readable string of the resulting numerical CVSS score.", + "name": "vectorString", + "fqname": "/Security/vectorString", + "summary": "Specifies the CVSS vector string for a vulnerability.", + "description": "Specifies any combination of the CVSS Base, Temporal, Threat, Environmental,\nand/or Supplemental vector string values for a vulnerability.\n\nSupports vectorStrings specified in all CVSS versions.\n\n**Constraints**\n\nString values for the vectorString range must only include the abbreviated form\nof metric names specified in CVSS specifications, e.g.\n[https://www.first.org/cvss/v4.0/specification-document#Vector-String](https://www.first.org/cvss/v4.0/specification-document#Vector-String)", "metadata": { - "name": "severity", - "Nature": "ObjectProperty", - "Range": "CvssSeverityType" + "name": "vectorString", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/severity", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString", "used_in": [ + "/Security/CvssV3VulnAssessmentRelationship", "/Security/CvssV4VulnAssessmentRelationship", - "/Security/CvssV3VulnAssessmentRelationship" + "/Security/CvssV2VulnAssessmentRelationship" ] }, - "/Security/decisionType": { + "/Security/impactStatement": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "decisionType", - "fqname": "/Security/decisionType", - "summary": "Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf)", - "description": "A decisionType is a mandatory value and must select one of the four entries in the `SsvcDecisionType.md` vocabulary.", + "name": "impactStatement", + "fqname": "/Security/impactStatement", + "summary": "Explains why a VEX product is not affected by a vulnerability. It is an\nalternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable\njustification label.", + "description": "When a VEX product element is related with a VexNotAffectedVulnAssessmentRelationship\nand a machine readable justification label is not provided, then an impactStatement\nthat further explains how or why the prouct(s) are not affected by the vulnerability\nmust be provided.", "metadata": { - "name": "decisionType", - "Nature": "ObjectProperty", - "Range": "SsvcDecisionType" + "name": "impactStatement", + "Nature": "DataProperty", + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement", "used_in": [ - "/Security/SsvcVulnAssessmentRelationship" + "/Security/VexNotAffectedVulnAssessmentRelationship" ] }, - "/Security/exploited": { + "/Security/actionStatement": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "exploited", - "fqname": "/Security/exploited", - "summary": "Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog.", - "description": "This field is set when a CVE is listed in an exploit catalog.", + "name": "actionStatement", + "fqname": "/Security/actionStatement", + "summary": "Provides advise on how to mitigate or remediate a vulnerability when a VEX product\nis affected by it.", + "description": "When an element is referenced with a VexAffectedVulnAssessmentRelationship,\nthe relationship MUST include one actionStatement that SHOULD describe actions\nto remediate or mitigate the vulnerability.", "metadata": { - "name": "exploited", + "name": "actionStatement", "Nature": "DataProperty", - "Range": "xsd:boolean" + "Range": "xsd:string" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/exploited", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement", "used_in": [ - "/Security/ExploitCatalogVulnAssessmentRelationship" + "/Security/VexAffectedVulnAssessmentRelationship" ] }, "/Security/locator": { @@ -14288,44 +14349,65 @@ "/Security/ExploitCatalogVulnAssessmentRelationship" ] }, - "/Security/statusNotes": { + "/Security/severity": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "statusNotes", - "fqname": "/Security/statusNotes", - "summary": "Conveys information about how VEX status was determined.", - "description": "A VEX statement may convey information about how status was determined and may reference other VEX information.", + "name": "severity", + "fqname": "/Security/severity", + "summary": "Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software.", + "description": "The severity field provides a human readable string of the resulting numerical CVSS score.", "metadata": { - "name": "statusNotes", - "Nature": "DataProperty", - "Range": "xsd:string" + "name": "severity", + "Nature": "ObjectProperty", + "Range": "CvssSeverityType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/severity", + "used_in": [ + "/Security/CvssV3VulnAssessmentRelationship", + "/Security/CvssV4VulnAssessmentRelationship" + ] + }, + "/Security/decisionType": { + "py/object": "spec_parser.model.Property", + "ns": { + "py/id": 1702 + }, + "license": "Community-Spec-1.0", + "name": "decisionType", + "fqname": "/Security/decisionType", + "summary": "Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf)", + "description": "A decisionType is a mandatory value and must select one of the four entries in the `SsvcDecisionType.md` vocabulary.", + "metadata": { + "name": "decisionType", + "Nature": "ObjectProperty", + "Range": "SsvcDecisionType" + }, + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType", "used_in": [ - "/Security/VexVulnAssessmentRelationship" + "/Security/SsvcVulnAssessmentRelationship" ] }, - "/Security/catalogType": { + "/Security/actionStatementTime": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "catalogType", - "fqname": "/Security/catalogType", - "summary": "Specifies the exploit catalog type.", - "description": "A catalogType is a mandatory value and must select one of the existing entries in the `ExploitCatalogType.md` vocabulary.", + "name": "actionStatementTime", + "fqname": "/Security/actionStatementTime", + "summary": "Records the time when a recommended action was communicated in a VEX statement\nto mitigate a vulnerability.", + "description": "When a VEX statement communicates an affected status, the author MUST\ninclude an action statement with a recommended action to help mitigate the\nvulnerability's impact. The actionStatementTime property records the time\nwhen the action statement was first communicated.", "metadata": { - "name": "catalogType", - "Nature": "ObjectProperty", - "Range": "ExploitCatalogType" + "name": "actionStatementTime", + "Nature": "DataProperty", + "Range": "/Core/DateTime" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime", "used_in": [ - "/Security/ExploitCatalogVulnAssessmentRelationship" + "/Security/VexAffectedVulnAssessmentRelationship" ] }, "/Security/publishedTime": { @@ -14349,26 +14431,6 @@ "/Security/VulnAssessmentRelationship" ] }, - "/Security/impactStatement": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1702 - }, - "license": "Community-Spec-1.0", - "name": "impactStatement", - "fqname": "/Security/impactStatement", - "summary": "Explains why a VEX product is not affected by a vulnerability. It is an\nalternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable\njustification label.", - "description": "When a VEX product element is related with a VexNotAffectedVulnAssessmentRelationship\nand a machine readable justification label is not provided, then an impactStatement\nthat further explains how or why the prouct(s) are not affected by the vulnerability\nmust be provided.", - "metadata": { - "name": "impactStatement", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement", - "used_in": [ - "/Security/VexNotAffectedVulnAssessmentRelationship" - ] - }, "/Security/withdrawnTime": { "py/object": "spec_parser.model.Property", "ns": { @@ -14410,46 +14472,24 @@ "/Security/VexNotAffectedVulnAssessmentRelationship" ] }, - "/Security/score": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1702 - }, - "license": "Community-Spec-1.0", - "name": "score", - "fqname": "/Security/score", - "summary": "Provides a numerical (0-10) representation of the severity of a vulnerability.", - "description": "The score provides information on the severity of a vulnerability per the\nCommon Vulnerability Scoring System as defined on [https://www.first.org/cvss](https://www.first.org/cvss/).", - "metadata": { - "name": "score", - "Nature": "DataProperty", - "Range": "xsd:decimal" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/score", - "used_in": [ - "/Security/CvssV4VulnAssessmentRelationship", - "/Security/CvssV3VulnAssessmentRelationship", - "/Security/CvssV2VulnAssessmentRelationship" - ] - }, - "/Security/probability": { + "/Security/assessedElement": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "probability", - "fqname": "/Security/probability", - "summary": "A probability score between 0 and 1 of a vulnerability being exploited.", - "description": "The probability score between 0 and 1 (0 and 100%) estimating the likelihood of exploitation in the wild in the next 30 days (following score publication). [https://www.first.org/epss/data_stats](https://www.first.org/epss/data_stats)", + "name": "assessedElement", + "fqname": "/Security/assessedElement", + "summary": "Specifies an Element contained in a piece of software where a vulnerability was\nfound.", + "description": "Specifies subpackages, files or snippets referenced by a security assessment\nto specify the precise location where a vulnerability was found.", "metadata": { - "name": "probability", - "Nature": "DataProperty", - "Range": "xsd:decimal" + "name": "assessedElement", + "Nature": "ObjectProperty", + "Range": "/Core/Element" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/probability", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/assessedElement", "used_in": [ - "/Security/EpssVulnAssessmentRelationship" + "/Security/VulnAssessmentRelationship" ] }, "/Security/percentile": { @@ -14472,214 +14512,174 @@ "/Security/EpssVulnAssessmentRelationship" ] }, - "/Security/modifiedTime": { + "/Security/catalogType": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "modifiedTime", - "fqname": "/Security/modifiedTime", - "summary": "Specifies a time when a vulnerability assessment was modified", - "description": "Specifies a time when a vulnerability assessment was last modified.", + "name": "catalogType", + "fqname": "/Security/catalogType", + "summary": "Specifies the exploit catalog type.", + "description": "A catalogType is a mandatory value and must select one of the existing entries in the `ExploitCatalogType.md` vocabulary.", "metadata": { - "name": "modifiedTime", - "Nature": "DataProperty", - "Range": "/Core/DateTime" + "name": "catalogType", + "Nature": "ObjectProperty", + "Range": "ExploitCatalogType" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType", "used_in": [ - "/Security/Vulnerability", - "/Security/VulnAssessmentRelationship" + "/Security/ExploitCatalogVulnAssessmentRelationship" ] }, - "/Security/actionStatementTime": { + "/Security/impactStatementTime": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "actionStatementTime", - "fqname": "/Security/actionStatementTime", - "summary": "Records the time when a recommended action was communicated in a VEX statement\nto mitigate a vulnerability.", - "description": "When a VEX statement communicates an affected status, the author MUST\ninclude an action statement with a recommended action to help mitigate the\nvulnerability's impact. The actionStatementTime property records the time\nwhen the action statement was first communicated.", + "name": "impactStatementTime", + "fqname": "/Security/impactStatementTime", + "summary": "Timestamp of impact statement.", + "description": "Specifies the time when the impact statement was recorded.", "metadata": { - "name": "actionStatementTime", + "name": "impactStatementTime", "Nature": "DataProperty", "Range": "/Core/DateTime" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime", "used_in": [ - "/Security/VexAffectedVulnAssessmentRelationship" + "/Security/VexNotAffectedVulnAssessmentRelationship" ] }, - "/Security/vectorString": { + "/Security/score": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "vectorString", - "fqname": "/Security/vectorString", - "summary": "Specifies the CVSS vector string for a vulnerability.", - "description": "Specifies any combination of the CVSS Base, Temporal, Threat, Environmental,\nand/or Supplemental vector string values for a vulnerability.\n\nSupports vectorStrings specified in all CVSS versions.\n\n**Constraints**\n\nString values for the vectorString range must only include the abbreviated form\nof metric names specified in CVSS specifications, e.g.\n[https://www.first.org/cvss/v4.0/specification-document#Vector-String](https://www.first.org/cvss/v4.0/specification-document#Vector-String)", + "name": "score", + "fqname": "/Security/score", + "summary": "Provides a numerical (0-10) representation of the severity of a vulnerability.", + "description": "The score provides information on the severity of a vulnerability per the\nCommon Vulnerability Scoring System as defined on [https://www.first.org/cvss](https://www.first.org/cvss/).", "metadata": { - "name": "vectorString", + "name": "score", "Nature": "DataProperty", - "Range": "xsd:string" + "Range": "xsd:decimal" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/score", "used_in": [ - "/Security/CvssV4VulnAssessmentRelationship", "/Security/CvssV3VulnAssessmentRelationship", + "/Security/CvssV4VulnAssessmentRelationship", "/Security/CvssV2VulnAssessmentRelationship" ] }, - "/Security/assessedElement": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1702 - }, - "license": "Community-Spec-1.0", - "name": "assessedElement", - "fqname": "/Security/assessedElement", - "summary": "Specifies an Element contained in a piece of software where a vulnerability was\nfound.", - "description": "Specifies subpackages, files or snippets referenced by a security assessment\nto specify the precise location where a vulnerability was found.", - "metadata": { - "name": "assessedElement", - "Nature": "ObjectProperty", - "Range": "/Core/Element" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/assessedElement", - "used_in": [ - "/Security/VulnAssessmentRelationship" - ] - }, - "/Security/actionStatement": { - "py/object": "spec_parser.model.Property", - "ns": { - "py/id": 1702 - }, - "license": "Community-Spec-1.0", - "name": "actionStatement", - "fqname": "/Security/actionStatement", - "summary": "Provides advise on how to mitigate or remediate a vulnerability when a VEX product\nis affected by it.", - "description": "When an element is referenced with a VexAffectedVulnAssessmentRelationship,\nthe relationship MUST include one actionStatement that SHOULD describe actions\nto remediate or mitigate the vulnerability.", - "metadata": { - "name": "actionStatement", - "Nature": "DataProperty", - "Range": "xsd:string" - }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement", - "used_in": [ - "/Security/VexAffectedVulnAssessmentRelationship" - ] - }, - "/Security/impactStatementTime": { + "/Security/modifiedTime": { "py/object": "spec_parser.model.Property", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "impactStatementTime", - "fqname": "/Security/impactStatementTime", - "summary": "Timestamp of impact statement.", - "description": "Specifies the time when the impact statement was recorded.", + "name": "modifiedTime", + "fqname": "/Security/modifiedTime", + "summary": "Specifies a time when a vulnerability assessment was modified", + "description": "Specifies a time when a vulnerability assessment was last modified.", "metadata": { - "name": "impactStatementTime", + "name": "modifiedTime", "Nature": "DataProperty", "Range": "/Core/DateTime" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime", + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime", "used_in": [ - "/Security/VexNotAffectedVulnAssessmentRelationship" + "/Security/Vulnerability", + "/Security/VulnAssessmentRelationship" ] } }, "vocabularies": { - "/Security/CvssSeverityType": { + "/Security/VexJustificationType": { "py/object": "spec_parser.model.Vocabulary", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "CvssSeverityType", - "fqname": "/Security/CvssSeverityType", - "summary": "Specifies the CVSS base, temporal, threat, or environmental severity type.", - "description": "CvssSeverityType specifies the CVSS severity type, defined in the CVSS specifications as the textual representation of the numeric CVSS score. The severity type entries are inclusive of and applicable to enumerations found in CVSS versions [3](https://www.first.org/cvss/v3.0/specification-document#Qualitative-Severity-Rating-Scale) and [4](https://www.first.org/cvss/v4.0/specification-document#Qualitative-Severity-Rating-Scale). CvssSeverityType is a mandatory field because baseSeverity is required in the CVSS version [3.0](https://www.first.org/cvss/cvss-v3.0.json), [3.1](https://www.first.org/cvss/cvss-v3.1.json), and [4.0](https://www.first.org/cvss/cvss-v4.0.json) schemas. The field can be used to document the base, temporal, threat, or environmental severity.", + "name": "VexJustificationType", + "fqname": "/Security/VexJustificationType", + "summary": "Specifies the VEX justification type.", + "description": "VexJustificationType specifies the type of Vulnerability Exploitability eXchange (VEX) justification.", "metadata": { - "name": "CvssSeverityType" + "name": "VexJustificationType" }, "entries": { - "critical": "When a CVSS score is between 9.0 - 10.0", - "high": "When a CVSS score is between 7.0 - 8.9", - "medium": "When a CVSS score is between 4.0 - 6.9", - "low": "When a CVSS score is between 0.1 - 3.9", - "none": "When a CVSS score is 0.0" + "componentNotPresent": "The software is not affected because the vulnerable component is not in the product.", + "vulnerableCodeNotPresent": "The product is not affected because the code underlying the vulnerability is not present in the product.", + "vulnerableCodeCannotBeControlledByAdversary": "The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack.", + "vulnerableCodeNotInExecutePath": "The affected code is not reachable through the execution of the code, including non-anticipated states of the product.", + "inlineMitigationsAlreadyExist": "Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability." }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" }, - "/Security/SsvcDecisionType": { + "/Security/ExploitCatalogType": { "py/object": "spec_parser.model.Vocabulary", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "SsvcDecisionType", - "fqname": "/Security/SsvcDecisionType", - "summary": "Specifies the SSVC decision type.", - "description": "SsvcDecisionType specifies the type of decision that's been made according to the Stakeholder-Specific Vulnerability Categorization (SSVC) system [https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc)", + "name": "ExploitCatalogType", + "fqname": "/Security/ExploitCatalogType", + "summary": "Specifies the exploit catalog type.", + "description": "ExploitCatalogType specifies the type of exploit catalog that a vulnerability is listed in.", "metadata": { - "name": "SsvcDecisionType" + "name": "ExploitCatalogType" }, "entries": { - "act": "The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible.", - "attend": "The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines.", - "track": "The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines.", - "trackStar": "(\"Track*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines." + "kev": "CISA's Known Exploited Vulnerability (KEV) Catalog", + "other": "Other exploit catalogs" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" }, - "/Security/ExploitCatalogType": { + "/Security/SsvcDecisionType": { "py/object": "spec_parser.model.Vocabulary", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "ExploitCatalogType", - "fqname": "/Security/ExploitCatalogType", - "summary": "Specifies the exploit catalog type.", - "description": "ExploitCatalogType specifies the type of exploit catalog that a vulnerability is listed in.", + "name": "SsvcDecisionType", + "fqname": "/Security/SsvcDecisionType", + "summary": "Specifies the SSVC decision type.", + "description": "SsvcDecisionType specifies the type of decision that's been made according to the Stakeholder-Specific Vulnerability Categorization (SSVC) system [https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc)", "metadata": { - "name": "ExploitCatalogType" + "name": "SsvcDecisionType" }, - "entries": { - "kev": "CISA's Known Exploited Vulnerability (KEV) Catalog", - "other": "Other exploit catalogs" + "entries": { + "act": "The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible.", + "attend": "The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines.", + "track": "The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines.", + "trackStar": "(\"Track*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines." }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" }, - "/Security/VexJustificationType": { + "/Security/CvssSeverityType": { "py/object": "spec_parser.model.Vocabulary", "ns": { "py/id": 1702 }, "license": "Community-Spec-1.0", - "name": "VexJustificationType", - "fqname": "/Security/VexJustificationType", - "summary": "Specifies the VEX justification type.", - "description": "VexJustificationType specifies the type of Vulnerability Exploitability eXchange (VEX) justification.", + "name": "CvssSeverityType", + "fqname": "/Security/CvssSeverityType", + "summary": "Specifies the CVSS base, temporal, threat, or environmental severity type.", + "description": "CvssSeverityType specifies the CVSS severity type, defined in the CVSS specifications as the textual representation of the numeric CVSS score. The severity type entries are inclusive of and applicable to enumerations found in CVSS versions [3](https://www.first.org/cvss/v3.0/specification-document#Qualitative-Severity-Rating-Scale) and [4](https://www.first.org/cvss/v4.0/specification-document#Qualitative-Severity-Rating-Scale). CvssSeverityType is a mandatory field because baseSeverity is required in the CVSS version [3.0](https://www.first.org/cvss/cvss-v3.0.json), [3.1](https://www.first.org/cvss/cvss-v3.1.json), and [4.0](https://www.first.org/cvss/cvss-v4.0.json) schemas. The field can be used to document the base, temporal, threat, or environmental severity.", "metadata": { - "name": "VexJustificationType" + "name": "CvssSeverityType" }, "entries": { - "componentNotPresent": "The software is not affected because the vulnerable component is not in the product.", - "vulnerableCodeNotPresent": "The product is not affected because the code underlying the vulnerability is not present in the product.", - "vulnerableCodeCannotBeControlledByAdversary": "The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack.", - "vulnerableCodeNotInExecutePath": "The affected code is not reachable through the execution of the code, including non-anticipated states of the product.", - "inlineMitigationsAlreadyExist": "Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability." + "critical": "When a CVSS score is between 9.0 - 10.0", + "high": "When a CVSS score is between 7.0 - 8.9", + "medium": "When a CVSS score is between 4.0 - 6.9", + "low": "When a CVSS score is between 0.1 - 3.9", + "none": "When a CVSS score is 0.0" }, - "iri": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" + "iri": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" } }, "individuals": {}, @@ -14697,781 +14697,781 @@ } ], "classes": { - "/SimpleLicensing/SimpleLicensingText": { + "/ExpandedLicensing/ConjunctiveLicenseSet": { "py/id": 4 }, - "/SimpleLicensing/AnyLicenseInfo": { + "/ExpandedLicensing/IndividualLicensingInfo": { "py/id": 22 }, - "/SimpleLicensing/LicenseExpression": { + "/ExpandedLicensing/OrLaterOperator": { "py/id": 38 }, - "/Core/DictionaryEntry": { - "py/id": 79 + "/ExpandedLicensing/License": { + "py/id": 56 }, - "/Core/ExternalRef": { - "py/id": 89 + "/ExpandedLicensing/DisjunctiveLicenseSet": { + "py/id": 90 }, - "/Core/LifecycleScopedRelationship": { - "py/id": 103 + "/ExpandedLicensing/ExtendableLicense": { + "py/id": 108 }, - "/Core/Organization": { - "py/id": 127 + "/ExpandedLicensing/WithAdditionOperator": { + "py/id": 124 }, - "/Core/Person": { - "py/id": 143 + "/ExpandedLicensing/CustomLicense": { + "py/id": 144 }, - "/Core/CreationInfo": { - "py/id": 159 + "/ExpandedLicensing/ListedLicenseException": { + "py/id": 169 }, - "/Core/ExternalMap": { - "py/id": 175 + "/ExpandedLicensing/ListedLicense": { + "py/id": 195 }, - "/Core/ElementCollection": { - "py/id": 189 + "/ExpandedLicensing/CustomLicenseAddition": { + "py/id": 224 }, - "/Core/ExternalIdentifier": { - "py/id": 211 + "/ExpandedLicensing/LicenseAddition": { + "py/id": 246 }, - "/Core/Tool": { - "py/id": 227 + "/AI/AIPackage": { + "py/id": 338 }, - "/Core/Hash": { - "py/id": 243 + "/AI/EnergyConsumption": { + "py/id": 406 }, - "/Core/Bundle": { - "py/id": 254 + "/AI/EnergyConsumptionDescription": { + "py/id": 418 }, - "/Core/Agent": { - "py/id": 275 + "/SimpleLicensing/LicenseExpression": { + "py/id": 501 }, - "/Core/Bom": { - "py/id": 291 + "/SimpleLicensing/AnyLicenseInfo": { + "py/id": 523 }, - "/Core/IntegrityMethod": { - "py/id": 311 + "/SimpleLicensing/SimpleLicensingText": { + "py/id": 539 }, - "/Core/SoftwareAgent": { - "py/id": 319 + "/Build/Build": { + "py/id": 576 }, - "/Core/Annotation": { - "py/id": 335 + "/Software/ContentIdentifier": { + "py/id": 651 }, - "/Core/Element": { - "py/id": 359 + "/Software/Package": { + "py/id": 662 }, - "/Core/PositiveIntegerRange": { - "py/id": 385 + "/Software/File": { + "py/id": 701 }, - "/Core/NamespaceMap": { - "py/id": 395 + "/Software/SoftwareArtifact": { + "py/id": 734 }, - "/Core/Relationship": { - "py/id": 405 + "/Software/Sbom": { + "py/id": 767 }, - "/Core/Artifact": { - "py/id": 433 + "/Software/Snippet": { + "py/id": 789 }, - "/Core/SpdxDocument": { - "py/id": 463 + "/Core/IntegrityMethod": { + "py/id": 893 }, - "/Core/PackageVerificationCode": { - "py/id": 488 + "/Core/DictionaryEntry": { + "py/id": 901 }, - "/Build/Build": { - "py/id": 731 + "/Core/Artifact": { + "py/id": 911 }, - "/ExpandedLicensing/ListedLicenseException": { - "py/id": 799 + "/Core/ExternalMap": { + "py/id": 941 }, - "/ExpandedLicensing/IndividualLicensingInfo": { - "py/id": 825 + "/Core/CreationInfo": { + "py/id": 955 }, - "/ExpandedLicensing/LicenseAddition": { - "py/id": 841 + "/Core/ElementCollection": { + "py/id": 971 }, - "/ExpandedLicensing/OrLaterOperator": { - "py/id": 869 + "/Core/NamespaceMap": { + "py/id": 993 }, - "/ExpandedLicensing/DisjunctiveLicenseSet": { - "py/id": 887 + "/Core/Bom": { + "py/id": 1003 }, - "/ExpandedLicensing/ListedLicense": { - "py/id": 905 + "/Core/Annotation": { + "py/id": 1023 }, - "/ExpandedLicensing/WithAdditionOperator": { - "py/id": 934 + "/Core/SoftwareAgent": { + "py/id": 1047 }, - "/ExpandedLicensing/CustomLicense": { - "py/id": 954 + "/Core/Relationship": { + "py/id": 1063 }, - "/ExpandedLicensing/ConjunctiveLicenseSet": { - "py/id": 979 + "/Core/Bundle": { + "py/id": 1091 }, - "/ExpandedLicensing/CustomLicenseAddition": { - "py/id": 997 + "/Core/Person": { + "py/id": 1112 }, - "/ExpandedLicensing/ExtendableLicense": { - "py/id": 1019 + "/Core/SpdxDocument": { + "py/id": 1128 }, - "/ExpandedLicensing/License": { - "py/id": 1035 + "/Core/Hash": { + "py/id": 1153 }, - "/Extension/CdxPropertyEntry": { - "py/id": 1133 + "/Core/Tool": { + "py/id": 1164 }, - "/Extension/Extension": { - "py/id": 1143 + "/Core/ExternalIdentifier": { + "py/id": 1180 }, - "/Extension/CdxPropertiesExtension": { - "py/id": 1149 + "/Core/PackageVerificationCode": { + "py/id": 1196 }, - "/Software/ContentIdentifier": { - "py/id": 1173 + "/Core/Agent": { + "py/id": 1209 }, - "/Software/Sbom": { - "py/id": 1184 + "/Core/LifecycleScopedRelationship": { + "py/id": 1225 }, - "/Software/Package": { - "py/id": 1206 + "/Core/Organization": { + "py/id": 1249 }, - "/Software/Snippet": { - "py/id": 1245 + "/Core/Element": { + "py/id": 1265 }, - "/Software/SoftwareArtifact": { - "py/id": 1279 + "/Core/ExternalRef": { + "py/id": 1291 }, - "/Software/File": { - "py/id": 1312 + "/Core/PositiveIntegerRange": { + "py/id": 1305 }, - "/AI/EnergyConsumptionDescription": { - "py/id": 1415 + "/Dataset/DatasetPackage": { + "py/id": 1538 }, - "/AI/AIPackage": { - "py/id": 1425 + "/Extension/CdxPropertiesExtension": { + "py/id": 1657 }, - "/AI/EnergyConsumption": { - "py/id": 1493 + "/Extension/CdxPropertyEntry": { + "py/id": 1665 }, - "/Dataset/DatasetPackage": { - "py/id": 1585 + "/Extension/Extension": { + "py/id": 1675 }, - "/Security/Vulnerability": { + "/Security/VexUnderInvestigationVulnAssessmentRelationship": { "py/id": 1704 }, - "/Security/CvssV4VulnAssessmentRelationship": { + "/Security/VexFixedVulnAssessmentRelationship": { "py/id": 1733 }, - "/Security/CvssV3VulnAssessmentRelationship": { - "py/id": 1766 - }, - "/Security/VexFixedVulnAssessmentRelationship": { - "py/id": 1799 + "/Security/EpssVulnAssessmentRelationship": { + "py/id": 1762 }, - "/Security/VexAffectedVulnAssessmentRelationship": { - "py/id": 1828 + "/Security/VexVulnAssessmentRelationship": { + "py/id": 1794 }, "/Security/VexNotAffectedVulnAssessmentRelationship": { - "py/id": 1861 + "py/id": 1825 }, - "/Security/EpssVulnAssessmentRelationship": { - "py/id": 1896 + "/Security/CvssV3VulnAssessmentRelationship": { + "py/id": 1860 }, - "/Security/CvssV2VulnAssessmentRelationship": { - "py/id": 1928 + "/Security/SsvcVulnAssessmentRelationship": { + "py/id": 1893 }, - "/Security/VexVulnAssessmentRelationship": { - "py/id": 1959 + "/Security/CvssV4VulnAssessmentRelationship": { + "py/id": 1922 }, - "/Security/VulnAssessmentRelationship": { - "py/id": 1990 + "/Security/CvssV2VulnAssessmentRelationship": { + "py/id": 1955 }, - "/Security/SsvcVulnAssessmentRelationship": { - "py/id": 2022 + "/Security/VexAffectedVulnAssessmentRelationship": { + "py/id": 1986 }, - "/Security/VexUnderInvestigationVulnAssessmentRelationship": { - "py/id": 2051 + "/Security/Vulnerability": { + "py/id": 2019 }, "/Security/ExploitCatalogVulnAssessmentRelationship": { - "py/id": 2080 + "py/id": 2048 + }, + "/Security/VulnAssessmentRelationship": { + "py/id": 2081 } }, "properties": { - "/SimpleLicensing/customIdToUri": { - "py/id": 61 - }, - "/SimpleLicensing/licenseText": { - "py/id": 64 - }, - "/SimpleLicensing/licenseExpression": { - "py/id": 67 - }, - "/SimpleLicensing/licenseListVersion": { - "py/id": 70 - }, - "/Core/contentType": { - "py/id": 502 - }, - "/Core/externalRefType": { - "py/id": 505 - }, - "/Core/identifier": { - "py/id": 508 - }, - "/Core/description": { - "py/id": 511 - }, - "/Core/completeness": { - "py/id": 514 - }, - "/Core/externalRef": { - "py/id": 517 - }, - "/Core/supportLevel": { - "py/id": 520 - }, - "/Core/spdxId": { - "py/id": 523 - }, - "/Core/packageVerificationCodeExcludedFile": { - "py/id": 526 - }, - "/Core/imports": { - "py/id": 529 + "/ExpandedLicensing/seeAlso": { + "py/id": 275 }, - "/Core/endIntegerRange": { - "py/id": 532 + "/ExpandedLicensing/standardLicenseHeader": { + "py/id": 278 }, - "/Core/externalIdentifierType": { - "py/id": 535 + "/ExpandedLicensing/subjectExtendableLicense": { + "py/id": 281 }, - "/Core/locationHint": { - "py/id": 538 + "/ExpandedLicensing/obsoletedBy": { + "py/id": 284 }, - "/Core/suppliedBy": { - "py/id": 541 + "/ExpandedLicensing/listVersionAdded": { + "py/id": 287 }, - "/Core/extension": { - "py/id": 544 + "/ExpandedLicensing/isDeprecatedAdditionId": { + "py/id": 290 }, - "/Core/locator": { - "py/id": 547 + "/ExpandedLicensing/standardLicenseTemplate": { + "py/id": 293 }, - "/Core/from": { - "py/id": 550 + "/ExpandedLicensing/isFsfLibre": { + "py/id": 296 }, - "/Core/beginIntegerRange": { - "py/id": 553 + "/ExpandedLicensing/licenseXml": { + "py/id": 299 }, - "/Core/value": { - "py/id": 556 + "/ExpandedLicensing/member": { + "py/id": 302 }, - "/Core/scope": { - "py/id": 559 + "/ExpandedLicensing/additionText": { + "py/id": 305 }, - "/Core/startTime": { - "py/id": 562 + "/ExpandedLicensing/isOsiApproved": { + "py/id": 308 }, - "/Core/specVersion": { - "py/id": 565 + "/ExpandedLicensing/deprecatedVersion": { + "py/id": 311 }, - "/Core/name": { - "py/id": 568 + "/ExpandedLicensing/subjectLicense": { + "py/id": 314 }, - "/Core/endTime": { - "py/id": 571 + "/ExpandedLicensing/subjectAddition": { + "py/id": 317 }, - "/Core/definingArtifact": { - "py/id": 574 + "/ExpandedLicensing/isDeprecatedLicenseId": { + "py/id": 320 }, - "/Core/summary": { - "py/id": 577 + "/ExpandedLicensing/standardAdditionTemplate": { + "py/id": 323 }, - "/Core/to": { - "py/id": 580 + "/AI/safetyRiskAssessment": { + "py/id": 429 }, - "/Core/originatedBy": { - "py/id": 583 + "/AI/informationAboutApplication": { + "py/id": 432 }, - "/Core/created": { - "py/id": 586 + "/AI/finetuningEnergyConsumption": { + "py/id": 435 }, - "/Core/comment": { - "py/id": 589 + "/AI/informationAboutTraining": { + "py/id": 438 }, - "/Core/relationshipType": { - "py/id": 592 + "/AI/inferenceEnergyConsumption": { + "py/id": 441 }, - "/Core/namespaceMap": { - "py/id": 595 + "/AI/limitation": { + "py/id": 444 }, - "/Core/builtTime": { - "py/id": 598 + "/AI/useSensitivePersonalInformation": { + "py/id": 447 }, - "/Core/namespace": { - "py/id": 601 + "/AI/energyQuantity": { + "py/id": 450 }, - "/Core/identifierLocator": { - "py/id": 604 + "/AI/trainingEnergyConsumption": { + "py/id": 453 }, - "/Core/annotationType": { - "py/id": 607 + "/AI/typeOfModel": { + "py/id": 456 }, - "/Core/statement": { - "py/id": 610 + "/AI/autonomyType": { + "py/id": 459 }, - "/Core/releaseTime": { - "py/id": 613 + "/AI/energyConsumption": { + "py/id": 462 }, - "/Core/externalIdentifier": { - "py/id": 616 + "/AI/metric": { + "py/id": 465 }, - "/Core/issuingAuthority": { - "py/id": 619 + "/AI/hyperparameter": { + "py/id": 468 }, - "/Core/standardName": { - "py/id": 622 + "/AI/domain": { + "py/id": 471 }, - "/Core/validUntilTime": { - "py/id": 625 + "/AI/metricDecisionThreshold": { + "py/id": 474 }, - "/Core/createdBy": { - "py/id": 628 + "/AI/standardCompliance": { + "py/id": 477 }, - "/Core/algorithm": { - "py/id": 631 + "/AI/energyUnit": { + "py/id": 480 }, - "/Core/verifiedUsing": { - "py/id": 634 + "/AI/modelExplainability": { + "py/id": 483 }, - "/Core/rootElement": { - "py/id": 637 + "/AI/modelDataPreprocessing": { + "py/id": 486 }, - "/Core/hashValue": { - "py/id": 640 + "/SimpleLicensing/licenseListVersion": { + "py/id": 558 }, - "/Core/creationInfo": { - "py/id": 643 + "/SimpleLicensing/licenseText": { + "py/id": 561 }, - "/Core/externalSpdxId": { - "py/id": 646 + "/SimpleLicensing/licenseExpression": { + "py/id": 564 }, - "/Core/context": { - "py/id": 649 + "/SimpleLicensing/customIdToUri": { + "py/id": 567 }, - "/Core/subject": { - "py/id": 652 + "/Build/buildId": { + "py/id": 611 }, - "/Core/prefix": { - "py/id": 655 + "/Build/parameters": { + "py/id": 614 }, - "/Core/element": { - "py/id": 658 + "/Build/environment": { + "py/id": 617 }, - "/Core/profileConformance": { - "py/id": 661 + "/Build/buildType": { + "py/id": 620 }, - "/Core/key": { - "py/id": 664 + "/Build/configSourceDigest": { + "py/id": 623 }, - "/Core/createdUsing": { - "py/id": 667 + "/Build/configSourceEntrypoint": { + "py/id": 626 }, - "/Core/dataLicense": { - "py/id": 670 + "/Build/buildStartTime": { + "py/id": 629 }, "/Build/configSourceUri": { - "py/id": 766 + "py/id": 632 }, - "/Build/parameters": { - "py/id": 769 + "/Build/buildEndTime": { + "py/id": 635 }, - "/Build/configSourceDigest": { - "py/id": 772 + "/Software/contentIdentifierValue": { + "py/id": 824 }, - "/Build/buildId": { - "py/id": 775 + "/Software/contentIdentifier": { + "py/id": 827 }, - "/Build/buildStartTime": { - "py/id": 778 + "/Software/sourceInfo": { + "py/id": 830 }, - "/Build/buildType": { - "py/id": 781 + "/Software/additionalPurpose": { + "py/id": 833 }, - "/Build/buildEndTime": { - "py/id": 784 + "/Software/byteRange": { + "py/id": 836 }, - "/Build/configSourceEntrypoint": { - "py/id": 787 + "/Software/packageVersion": { + "py/id": 839 }, - "/Build/environment": { - "py/id": 790 + "/Software/attributionText": { + "py/id": 842 }, - "/ExpandedLicensing/subjectAddition": { - "py/id": 1070 + "/Software/lineRange": { + "py/id": 845 }, - "/ExpandedLicensing/isOsiApproved": { - "py/id": 1073 + "/Software/homePage": { + "py/id": 848 }, - "/ExpandedLicensing/obsoletedBy": { - "py/id": 1076 + "/Software/contentIdentifierType": { + "py/id": 851 }, - "/ExpandedLicensing/seeAlso": { - "py/id": 1079 + "/Software/snippetFromFile": { + "py/id": 854 }, - "/ExpandedLicensing/member": { - "py/id": 1082 + "/Software/packageUrl": { + "py/id": 857 }, - "/ExpandedLicensing/isDeprecatedAdditionId": { - "py/id": 1085 + "/Software/fileKind": { + "py/id": 860 }, - "/ExpandedLicensing/standardLicenseHeader": { - "py/id": 1088 + "/Software/primaryPurpose": { + "py/id": 863 }, - "/ExpandedLicensing/subjectExtendableLicense": { - "py/id": 1091 + "/Software/sbomType": { + "py/id": 866 }, - "/ExpandedLicensing/additionText": { - "py/id": 1094 + "/Software/copyrightText": { + "py/id": 869 }, - "/ExpandedLicensing/subjectLicense": { - "py/id": 1097 + "/Software/downloadLocation": { + "py/id": 872 }, - "/ExpandedLicensing/licenseXml": { - "py/id": 1100 + "/Core/endTime": { + "py/id": 1316 }, - "/ExpandedLicensing/listVersionAdded": { - "py/id": 1103 + "/Core/identifierLocator": { + "py/id": 1319 }, - "/ExpandedLicensing/deprecatedVersion": { - "py/id": 1106 + "/Core/description": { + "py/id": 1322 }, - "/ExpandedLicensing/isDeprecatedLicenseId": { - "py/id": 1109 + "/Core/summary": { + "py/id": 1325 }, - "/ExpandedLicensing/standardAdditionTemplate": { - "py/id": 1112 + "/Core/namespaceMap": { + "py/id": 1328 }, - "/ExpandedLicensing/isFsfLibre": { - "py/id": 1115 + "/Core/dataLicense": { + "py/id": 1331 }, - "/ExpandedLicensing/standardLicenseTemplate": { - "py/id": 1118 + "/Core/builtTime": { + "py/id": 1334 }, - "/Extension/cdxPropValue": { - "py/id": 1158 + "/Core/createdUsing": { + "py/id": 1337 }, - "/Extension/cdxPropName": { - "py/id": 1161 + "/Core/scope": { + "py/id": 1340 }, - "/Extension/cdxProperty": { - "py/id": 1164 + "/Core/from": { + "py/id": 1343 }, - "/Software/sbomType": { + "/Core/validUntilTime": { "py/id": 1346 }, - "/Software/downloadLocation": { + "/Core/context": { "py/id": 1349 }, - "/Software/lineRange": { + "/Core/extension": { "py/id": 1352 }, - "/Software/contentIdentifierType": { + "/Core/imports": { "py/id": 1355 }, - "/Software/snippetFromFile": { + "/Core/name": { "py/id": 1358 }, - "/Software/contentIdentifier": { + "/Core/comment": { "py/id": 1361 }, - "/Software/packageVersion": { + "/Core/to": { "py/id": 1364 }, - "/Software/primaryPurpose": { + "/Core/creationInfo": { "py/id": 1367 }, - "/Software/fileKind": { + "/Core/algorithm": { "py/id": 1370 }, - "/Software/byteRange": { + "/Core/locator": { "py/id": 1373 }, - "/Software/copyrightText": { + "/Core/specVersion": { "py/id": 1376 }, - "/Software/additionalPurpose": { + "/Core/locationHint": { "py/id": 1379 }, - "/Software/contentIdentifierValue": { + "/Core/startTime": { "py/id": 1382 }, - "/Software/attributionText": { + "/Core/externalRefType": { "py/id": 1385 }, - "/Software/packageUrl": { + "/Core/endIntegerRange": { "py/id": 1388 }, - "/Software/sourceInfo": { + "/Core/hashValue": { "py/id": 1391 }, - "/Software/homePage": { + "/Core/statement": { "py/id": 1394 }, - "/AI/modelExplainability": { - "py/id": 1506 + "/Core/rootElement": { + "py/id": 1397 }, - "/AI/domain": { - "py/id": 1509 + "/Core/identifier": { + "py/id": 1400 }, - "/AI/metric": { - "py/id": 1512 + "/Core/value": { + "py/id": 1403 }, - "/AI/typeOfModel": { - "py/id": 1515 + "/Core/element": { + "py/id": 1406 }, - "/AI/informationAboutTraining": { - "py/id": 1518 + "/Core/verifiedUsing": { + "py/id": 1409 }, - "/AI/safetyRiskAssessment": { - "py/id": 1521 + "/Core/beginIntegerRange": { + "py/id": 1412 }, - "/AI/useSensitivePersonalInformation": { - "py/id": 1524 + "/Core/created": { + "py/id": 1415 }, - "/AI/hyperparameter": { - "py/id": 1527 + "/Core/relationshipType": { + "py/id": 1418 }, - "/AI/trainingEnergyConsumption": { - "py/id": 1530 + "/Core/annotationType": { + "py/id": 1421 }, - "/AI/standardCompliance": { - "py/id": 1533 + "/Core/releaseTime": { + "py/id": 1424 }, - "/AI/informationAboutApplication": { - "py/id": 1536 + "/Core/contentType": { + "py/id": 1427 }, - "/AI/modelDataPreprocessing": { - "py/id": 1539 + "/Core/createdBy": { + "py/id": 1430 }, - "/AI/autonomyType": { - "py/id": 1542 + "/Core/profileConformance": { + "py/id": 1433 }, - "/AI/energyConsumption": { - "py/id": 1545 + "/Core/definingArtifact": { + "py/id": 1436 }, - "/AI/finetuningEnergyConsumption": { - "py/id": 1548 + "/Core/supportLevel": { + "py/id": 1439 }, - "/AI/limitation": { - "py/id": 1551 + "/Core/key": { + "py/id": 1442 }, - "/AI/metricDecisionThreshold": { - "py/id": 1554 + "/Core/namespace": { + "py/id": 1445 }, - "/AI/inferenceEnergyConsumption": { - "py/id": 1557 + "/Core/completeness": { + "py/id": 1448 }, - "/AI/energyUnit": { - "py/id": 1560 + "/Core/suppliedBy": { + "py/id": 1451 }, - "/AI/energyQuantity": { - "py/id": 1563 + "/Core/subject": { + "py/id": 1454 }, - "/Dataset/anonymizationMethodUsed": { - "py/id": 1650 + "/Core/packageVerificationCodeExcludedFile": { + "py/id": 1457 + }, + "/Core/externalIdentifier": { + "py/id": 1460 + }, + "/Core/externalSpdxId": { + "py/id": 1463 + }, + "/Core/spdxId": { + "py/id": 1466 + }, + "/Core/standardName": { + "py/id": 1469 + }, + "/Core/externalRef": { + "py/id": 1472 + }, + "/Core/externalIdentifierType": { + "py/id": 1475 + }, + "/Core/issuingAuthority": { + "py/id": 1478 + }, + "/Core/originatedBy": { + "py/id": 1481 + }, + "/Core/prefix": { + "py/id": 1484 }, "/Dataset/hasSensitivePersonalInformation": { - "py/id": 1653 + "py/id": 1603 }, - "/Dataset/sensor": { - "py/id": 1656 + "/Dataset/datasetUpdateMechanism": { + "py/id": 1606 }, "/Dataset/datasetAvailability": { - "py/id": 1659 + "py/id": 1609 }, - "/Dataset/knownBias": { - "py/id": 1662 + "/Dataset/datasetNoise": { + "py/id": 1612 }, "/Dataset/dataPreprocessing": { - "py/id": 1665 + "py/id": 1615 }, - "/Dataset/datasetSize": { - "py/id": 1668 + "/Dataset/anonymizationMethodUsed": { + "py/id": 1618 }, - "/Dataset/intendedUse": { - "py/id": 1671 + "/Dataset/sensor": { + "py/id": 1621 }, - "/Dataset/dataCollectionProcess": { - "py/id": 1674 + "/Dataset/intendedUse": { + "py/id": 1624 }, - "/Dataset/datasetNoise": { - "py/id": 1677 + "/Dataset/knownBias": { + "py/id": 1627 }, - "/Dataset/datasetUpdateMechanism": { - "py/id": 1680 + "/Dataset/dataCollectionProcess": { + "py/id": 1630 }, "/Dataset/datasetType": { - "py/id": 1683 + "py/id": 1633 + }, + "/Dataset/datasetSize": { + "py/id": 1636 }, "/Dataset/confidentialityLevel": { - "py/id": 1686 + "py/id": 1639 }, - "/Security/vexVersion": { + "/Extension/cdxPropName": { + "py/id": 1682 + }, + "/Extension/cdxProperty": { + "py/id": 1685 + }, + "/Extension/cdxPropValue": { + "py/id": 1688 + }, + "/Security/statusNotes": { "py/id": 2114 }, - "/Security/severity": { + "/Security/probability": { "py/id": 2117 }, - "/Security/decisionType": { + "/Security/exploited": { "py/id": 2120 }, - "/Security/exploited": { + "/Security/vexVersion": { "py/id": 2123 }, - "/Security/locator": { + "/Security/vectorString": { "py/id": 2126 }, - "/Security/statusNotes": { + "/Security/impactStatement": { "py/id": 2129 }, - "/Security/catalogType": { + "/Security/actionStatement": { "py/id": 2132 }, - "/Security/publishedTime": { + "/Security/locator": { "py/id": 2135 }, - "/Security/impactStatement": { + "/Security/severity": { "py/id": 2138 }, - "/Security/withdrawnTime": { + "/Security/decisionType": { "py/id": 2141 }, - "/Security/justificationType": { + "/Security/actionStatementTime": { "py/id": 2144 }, - "/Security/score": { + "/Security/publishedTime": { "py/id": 2147 }, - "/Security/probability": { + "/Security/withdrawnTime": { "py/id": 2150 }, - "/Security/percentile": { + "/Security/justificationType": { "py/id": 2153 }, - "/Security/modifiedTime": { + "/Security/assessedElement": { "py/id": 2156 }, - "/Security/actionStatementTime": { + "/Security/percentile": { "py/id": 2159 }, - "/Security/vectorString": { + "/Security/catalogType": { "py/id": 2162 }, - "/Security/assessedElement": { + "/Security/impactStatementTime": { "py/id": 2165 }, - "/Security/actionStatement": { + "/Security/score": { "py/id": 2168 }, - "/Security/impactStatementTime": { + "/Security/modifiedTime": { "py/id": 2171 } }, "vocabularies": { - "/Core/RelationshipCompleteness": { - "py/id": 674 + "/AI/EnergyUnitType": { + "py/id": 490 }, - "/Core/ExternalRefType": { - "py/id": 677 + "/AI/SafetyRiskAssessmentType": { + "py/id": 493 }, - "/Core/HashAlgorithm": { - "py/id": 680 + "/Software/SbomType": { + "py/id": 876 }, - "/Core/PresenceType": { - "py/id": 683 + "/Software/SoftwarePurpose": { + "py/id": 879 }, - "/Core/ExternalIdentifierType": { - "py/id": 686 + "/Software/ContentIdentifierType": { + "py/id": 882 }, - "/Core/AnnotationType": { - "py/id": 689 + "/Software/FileKindType": { + "py/id": 885 }, - "/Core/SupportType": { - "py/id": 692 + "/Core/HashAlgorithm": { + "py/id": 1488 }, - "/Core/LifecycleScopeType": { - "py/id": 695 + "/Core/RelationshipCompleteness": { + "py/id": 1491 }, - "/Core/RelationshipType": { - "py/id": 698 + "/Core/ExternalRefType": { + "py/id": 1494 }, "/Core/ProfileIdentifierType": { - "py/id": 701 - }, - "/Software/SoftwarePurpose": { - "py/id": 1398 + "py/id": 1497 }, - "/Software/SbomType": { - "py/id": 1401 + "/Core/PresenceType": { + "py/id": 1500 }, - "/Software/ContentIdentifierType": { - "py/id": 1404 + "/Core/SupportType": { + "py/id": 1503 }, - "/Software/FileKindType": { - "py/id": 1407 + "/Core/LifecycleScopeType": { + "py/id": 1506 }, - "/AI/SafetyRiskAssessmentType": { - "py/id": 1567 + "/Core/ExternalIdentifierType": { + "py/id": 1509 }, - "/AI/EnergyUnitType": { - "py/id": 1570 + "/Core/AnnotationType": { + "py/id": 1512 }, - "/Dataset/DatasetType": { - "py/id": 1690 + "/Core/RelationshipType": { + "py/id": 1515 }, "/Dataset/DatasetAvailabilityType": { - "py/id": 1693 + "py/id": 1643 }, "/Dataset/ConfidentialityLevelType": { - "py/id": 1696 + "py/id": 1646 }, - "/Security/CvssSeverityType": { + "/Dataset/DatasetType": { + "py/id": 1649 + }, + "/Security/VexJustificationType": { "py/id": 2175 }, - "/Security/SsvcDecisionType": { + "/Security/ExploitCatalogType": { "py/id": 2178 }, - "/Security/ExploitCatalogType": { + "/Security/SsvcDecisionType": { "py/id": 2181 }, - "/Security/VexJustificationType": { + "/Security/CvssSeverityType": { "py/id": 2184 } }, "individuals": { - "/Core/NoneElement": { - "py/id": 705 - }, - "/Core/NoAssertionElement": { - "py/id": 708 - }, "/ExpandedLicensing/NoAssertionLicense": { - "py/id": 1123 + "py/id": 328 }, "/ExpandedLicensing/NoneLicense": { - "py/id": 1126 + "py/id": 331 + }, + "/Core/NoAssertionElement": { + "py/id": 1519 + }, + "/Core/NoneElement": { + "py/id": 1522 } }, "datatypes": { "/Core/DateTime": { - "py/id": 712 - }, - "/Core/SemVer": { - "py/id": 715 + "py/id": 1526 }, "/Core/MediaType": { - "py/id": 718 + "py/id": 1529 + }, + "/Core/SemVer": { + "py/id": 1532 } }, "toplevel": { @@ -15488,281 +15488,281 @@ ] }, "types": { - "/SimpleLicensing/SimpleLicensingText": { + "/ExpandedLicensing/ConjunctiveLicenseSet": { "py/id": 4 }, - "/SimpleLicensing/AnyLicenseInfo": { + "/ExpandedLicensing/IndividualLicensingInfo": { "py/id": 22 }, - "/SimpleLicensing/LicenseExpression": { + "/ExpandedLicensing/OrLaterOperator": { "py/id": 38 }, - "/Core/DictionaryEntry": { - "py/id": 79 + "/ExpandedLicensing/License": { + "py/id": 56 }, - "/Core/ExternalRef": { - "py/id": 89 + "/ExpandedLicensing/DisjunctiveLicenseSet": { + "py/id": 90 }, - "/Core/LifecycleScopedRelationship": { - "py/id": 103 + "/ExpandedLicensing/ExtendableLicense": { + "py/id": 108 }, - "/Core/Organization": { - "py/id": 127 + "/ExpandedLicensing/WithAdditionOperator": { + "py/id": 124 }, - "/Core/Person": { - "py/id": 143 + "/ExpandedLicensing/CustomLicense": { + "py/id": 144 }, - "/Core/CreationInfo": { - "py/id": 159 + "/ExpandedLicensing/ListedLicenseException": { + "py/id": 169 }, - "/Core/ExternalMap": { - "py/id": 175 + "/ExpandedLicensing/ListedLicense": { + "py/id": 195 }, - "/Core/ElementCollection": { - "py/id": 189 + "/ExpandedLicensing/CustomLicenseAddition": { + "py/id": 224 }, - "/Core/ExternalIdentifier": { - "py/id": 211 + "/ExpandedLicensing/LicenseAddition": { + "py/id": 246 }, - "/Core/Tool": { - "py/id": 227 + "/AI/AIPackage": { + "py/id": 338 }, - "/Core/Hash": { - "py/id": 243 + "/AI/EnergyConsumption": { + "py/id": 406 }, - "/Core/Bundle": { - "py/id": 254 + "/AI/EnergyConsumptionDescription": { + "py/id": 418 }, - "/Core/Agent": { - "py/id": 275 + "/SimpleLicensing/LicenseExpression": { + "py/id": 501 }, - "/Core/Bom": { - "py/id": 291 + "/SimpleLicensing/AnyLicenseInfo": { + "py/id": 523 }, - "/Core/IntegrityMethod": { - "py/id": 311 + "/SimpleLicensing/SimpleLicensingText": { + "py/id": 539 }, - "/Core/SoftwareAgent": { - "py/id": 319 + "/Build/Build": { + "py/id": 576 }, - "/Core/Annotation": { - "py/id": 335 + "/Software/ContentIdentifier": { + "py/id": 651 }, - "/Core/Element": { - "py/id": 359 + "/Software/Package": { + "py/id": 662 }, - "/Core/PositiveIntegerRange": { - "py/id": 385 + "/Software/File": { + "py/id": 701 }, - "/Core/NamespaceMap": { - "py/id": 395 + "/Software/SoftwareArtifact": { + "py/id": 734 }, - "/Core/Relationship": { - "py/id": 405 + "/Software/Sbom": { + "py/id": 767 }, - "/Core/Artifact": { - "py/id": 433 + "/Software/Snippet": { + "py/id": 789 }, - "/Core/SpdxDocument": { - "py/id": 463 + "/Core/IntegrityMethod": { + "py/id": 893 }, - "/Core/PackageVerificationCode": { - "py/id": 488 + "/Core/DictionaryEntry": { + "py/id": 901 }, - "/Build/Build": { - "py/id": 731 + "/Core/Artifact": { + "py/id": 911 }, - "/ExpandedLicensing/ListedLicenseException": { - "py/id": 799 + "/Core/ExternalMap": { + "py/id": 941 }, - "/ExpandedLicensing/IndividualLicensingInfo": { - "py/id": 825 + "/Core/CreationInfo": { + "py/id": 955 }, - "/ExpandedLicensing/LicenseAddition": { - "py/id": 841 + "/Core/ElementCollection": { + "py/id": 971 }, - "/ExpandedLicensing/OrLaterOperator": { - "py/id": 869 + "/Core/NamespaceMap": { + "py/id": 993 }, - "/ExpandedLicensing/DisjunctiveLicenseSet": { - "py/id": 887 + "/Core/Bom": { + "py/id": 1003 }, - "/ExpandedLicensing/ListedLicense": { - "py/id": 905 + "/Core/Annotation": { + "py/id": 1023 }, - "/ExpandedLicensing/WithAdditionOperator": { - "py/id": 934 + "/Core/SoftwareAgent": { + "py/id": 1047 }, - "/ExpandedLicensing/CustomLicense": { - "py/id": 954 + "/Core/Relationship": { + "py/id": 1063 }, - "/ExpandedLicensing/ConjunctiveLicenseSet": { - "py/id": 979 + "/Core/Bundle": { + "py/id": 1091 }, - "/ExpandedLicensing/CustomLicenseAddition": { - "py/id": 997 + "/Core/Person": { + "py/id": 1112 }, - "/ExpandedLicensing/ExtendableLicense": { - "py/id": 1019 + "/Core/SpdxDocument": { + "py/id": 1128 }, - "/ExpandedLicensing/License": { - "py/id": 1035 + "/Core/Hash": { + "py/id": 1153 }, - "/Extension/CdxPropertyEntry": { - "py/id": 1133 + "/Core/Tool": { + "py/id": 1164 }, - "/Extension/Extension": { - "py/id": 1143 + "/Core/ExternalIdentifier": { + "py/id": 1180 }, - "/Extension/CdxPropertiesExtension": { - "py/id": 1149 + "/Core/PackageVerificationCode": { + "py/id": 1196 }, - "/Software/ContentIdentifier": { - "py/id": 1173 + "/Core/Agent": { + "py/id": 1209 }, - "/Software/Sbom": { - "py/id": 1184 + "/Core/LifecycleScopedRelationship": { + "py/id": 1225 }, - "/Software/Package": { - "py/id": 1206 + "/Core/Organization": { + "py/id": 1249 }, - "/Software/Snippet": { - "py/id": 1245 + "/Core/Element": { + "py/id": 1265 }, - "/Software/SoftwareArtifact": { - "py/id": 1279 + "/Core/ExternalRef": { + "py/id": 1291 }, - "/Software/File": { - "py/id": 1312 + "/Core/PositiveIntegerRange": { + "py/id": 1305 }, - "/AI/EnergyConsumptionDescription": { - "py/id": 1415 + "/Dataset/DatasetPackage": { + "py/id": 1538 }, - "/AI/AIPackage": { - "py/id": 1425 + "/Extension/CdxPropertiesExtension": { + "py/id": 1657 }, - "/AI/EnergyConsumption": { - "py/id": 1493 + "/Extension/CdxPropertyEntry": { + "py/id": 1665 }, - "/Dataset/DatasetPackage": { - "py/id": 1585 + "/Extension/Extension": { + "py/id": 1675 }, - "/Security/Vulnerability": { + "/Security/VexUnderInvestigationVulnAssessmentRelationship": { "py/id": 1704 }, - "/Security/CvssV4VulnAssessmentRelationship": { + "/Security/VexFixedVulnAssessmentRelationship": { "py/id": 1733 }, - "/Security/CvssV3VulnAssessmentRelationship": { - "py/id": 1766 - }, - "/Security/VexFixedVulnAssessmentRelationship": { - "py/id": 1799 + "/Security/EpssVulnAssessmentRelationship": { + "py/id": 1762 }, - "/Security/VexAffectedVulnAssessmentRelationship": { - "py/id": 1828 + "/Security/VexVulnAssessmentRelationship": { + "py/id": 1794 }, "/Security/VexNotAffectedVulnAssessmentRelationship": { - "py/id": 1861 + "py/id": 1825 }, - "/Security/EpssVulnAssessmentRelationship": { - "py/id": 1896 + "/Security/CvssV3VulnAssessmentRelationship": { + "py/id": 1860 }, - "/Security/CvssV2VulnAssessmentRelationship": { - "py/id": 1928 + "/Security/SsvcVulnAssessmentRelationship": { + "py/id": 1893 }, - "/Security/VexVulnAssessmentRelationship": { - "py/id": 1959 + "/Security/CvssV4VulnAssessmentRelationship": { + "py/id": 1922 }, - "/Security/VulnAssessmentRelationship": { - "py/id": 1990 + "/Security/CvssV2VulnAssessmentRelationship": { + "py/id": 1955 }, - "/Security/SsvcVulnAssessmentRelationship": { - "py/id": 2022 + "/Security/VexAffectedVulnAssessmentRelationship": { + "py/id": 1986 }, - "/Security/VexUnderInvestigationVulnAssessmentRelationship": { - "py/id": 2051 + "/Security/Vulnerability": { + "py/id": 2019 }, "/Security/ExploitCatalogVulnAssessmentRelationship": { - "py/id": 2080 + "py/id": 2048 }, - "/Core/RelationshipCompleteness": { - "py/id": 674 + "/Security/VulnAssessmentRelationship": { + "py/id": 2081 }, - "/Core/ExternalRefType": { - "py/id": 677 + "/AI/EnergyUnitType": { + "py/id": 490 }, - "/Core/HashAlgorithm": { - "py/id": 680 + "/AI/SafetyRiskAssessmentType": { + "py/id": 493 }, - "/Core/PresenceType": { - "py/id": 683 + "/Software/SbomType": { + "py/id": 876 }, - "/Core/ExternalIdentifierType": { - "py/id": 686 + "/Software/SoftwarePurpose": { + "py/id": 879 }, - "/Core/AnnotationType": { - "py/id": 689 + "/Software/ContentIdentifierType": { + "py/id": 882 }, - "/Core/SupportType": { - "py/id": 692 + "/Software/FileKindType": { + "py/id": 885 }, - "/Core/LifecycleScopeType": { - "py/id": 695 + "/Core/HashAlgorithm": { + "py/id": 1488 }, - "/Core/RelationshipType": { - "py/id": 698 + "/Core/RelationshipCompleteness": { + "py/id": 1491 }, - "/Core/ProfileIdentifierType": { - "py/id": 701 + "/Core/ExternalRefType": { + "py/id": 1494 }, - "/Software/SoftwarePurpose": { - "py/id": 1398 + "/Core/ProfileIdentifierType": { + "py/id": 1497 }, - "/Software/SbomType": { - "py/id": 1401 + "/Core/PresenceType": { + "py/id": 1500 }, - "/Software/ContentIdentifierType": { - "py/id": 1404 + "/Core/SupportType": { + "py/id": 1503 }, - "/Software/FileKindType": { - "py/id": 1407 + "/Core/LifecycleScopeType": { + "py/id": 1506 }, - "/AI/SafetyRiskAssessmentType": { - "py/id": 1567 + "/Core/ExternalIdentifierType": { + "py/id": 1509 }, - "/AI/EnergyUnitType": { - "py/id": 1570 + "/Core/AnnotationType": { + "py/id": 1512 }, - "/Dataset/DatasetType": { - "py/id": 1690 + "/Core/RelationshipType": { + "py/id": 1515 }, "/Dataset/DatasetAvailabilityType": { - "py/id": 1693 + "py/id": 1643 }, "/Dataset/ConfidentialityLevelType": { - "py/id": 1696 + "py/id": 1646 }, - "/Security/CvssSeverityType": { + "/Dataset/DatasetType": { + "py/id": 1649 + }, + "/Security/VexJustificationType": { "py/id": 2175 }, - "/Security/SsvcDecisionType": { + "/Security/ExploitCatalogType": { "py/id": 2178 }, - "/Security/ExploitCatalogType": { + "/Security/SsvcDecisionType": { "py/id": 2181 }, - "/Security/VexJustificationType": { + "/Security/CvssSeverityType": { "py/id": 2184 }, "/Core/DateTime": { - "py/id": 712 - }, - "/Core/SemVer": { - "py/id": 715 + "py/id": 1526 }, "/Core/MediaType": { - "py/id": 718 + "py/id": 1529 + }, + "/Core/SemVer": { + "py/id": 1532 } } } \ No newline at end of file diff --git a/v3.0.1-draft/model/model.plantuml b/v3.0.1-draft/model/model.plantuml index ec55f8b233..c1c22c039a 100644 --- a/v3.0.1-draft/model/model.plantuml +++ b/v3.0.1-draft/model/model.plantuml @@ -1,67 +1,174 @@ @startuml -'Automatically generated by spec-parser v2.3.0 on 2024-08-06T19:37:57.860136+00:00 +'Automatically generated by spec-parser v2.3.0 on 2024-08-07T13:01:23.391426+00:00 title SPDXv3 model scale 4000*4000 hide methods skinparam packageStyle folder +package ExpandedLicensing { +} +package AI { +} package SimpleLicensing { } +package Build { +} +package Licensing { +} +package Software { +} package Core { } +package Dataset { +} +package Extension { +} package Lite { } -package Build { +package Security { } -package ExpandedLicensing { +class ExpandedLicensing.ConjunctiveLicenseSet { + member 2:* } -package Extension { +class ExpandedLicensing.IndividualLicensingInfo { } -package Software { +class ExpandedLicensing.OrLaterOperator { + subjectLicense 1:1 } -package AI { +abstract ExpandedLicensing.License { + /SimpleLicensing/licenseText 1:1 + isDeprecatedLicenseId 0:1 + isFsfLibre 0:1 + isOsiApproved 0:1 + licenseXml 0:1 + obsoletedBy 0:1 + seeAlso 0:* + standardLicenseHeader 0:1 + standardLicenseTemplate 0:1 } -package Licensing { +class ExpandedLicensing.DisjunctiveLicenseSet { + member 2:* } -package Dataset { +abstract ExpandedLicensing.ExtendableLicense { } -package Security { +class ExpandedLicensing.WithAdditionOperator { + subjectAddition 1:1 + subjectExtendableLicense 1:1 } -class SimpleLicensing.SimpleLicensingText { - licenseText 1:1 +class ExpandedLicensing.CustomLicense { } -abstract SimpleLicensing.AnyLicenseInfo { +class ExpandedLicensing.ListedLicenseException { + deprecatedVersion 0:1 + listVersionAdded 0:1 +} +class ExpandedLicensing.ListedLicense { + deprecatedVersion 0:1 + listVersionAdded 0:1 +} +class ExpandedLicensing.CustomLicenseAddition { +} +abstract ExpandedLicensing.LicenseAddition { + additionText 1:1 + isDeprecatedAdditionId 0:1 + licenseXml 0:1 + obsoletedBy 0:1 + seeAlso 0:* + standardAdditionTemplate 0:1 +} +class AI.AIPackage { + autonomyType 0:1 + domain 0:* + energyConsumption 0:1 + hyperparameter 0:* + informationAboutApplication 0:1 + informationAboutTraining 0:1 + limitation 0:1 + metric 0:* + metricDecisionThreshold 0:* + modelDataPreprocessing 0:* + modelExplainability 0:* + safetyRiskAssessment 0:1 + standardCompliance 0:* + typeOfModel 0:* + useSensitivePersonalInformation 0:1 +} +class AI.EnergyConsumption { + finetuningEnergyConsumption 0:* + inferenceEnergyConsumption 0:* + trainingEnergyConsumption 0:* +} +class AI.EnergyConsumptionDescription { + energyQuantity 1:1 + energyUnit 1:1 } class SimpleLicensing.LicenseExpression { customIdToUri 0:* licenseExpression 1:1 licenseListVersion 0:1 } -class Core.DictionaryEntry { - key 1:1 - value 0:1 +abstract SimpleLicensing.AnyLicenseInfo { } -class Core.ExternalRef { - comment 0:1 - contentType 0:1 - externalRefType 0:1 - locator 0:* +class SimpleLicensing.SimpleLicensingText { + licenseText 1:1 } -class Core.LifecycleScopedRelationship { - scope 0:1 +class Build.Build { + buildEndTime 0:1 + buildId 0:1 + buildStartTime 0:1 + buildType 1:1 + configSourceDigest 0:* + configSourceEntrypoint 0:* + configSourceUri 0:* + environment 0:* + parameters 0:* } -class Core.Organization { +class Software.ContentIdentifier { + contentIdentifierType 1:1 + contentIdentifierValue 1:1 } -class Core.Person { +class Software.Package { + downloadLocation 0:1 + homePage 0:1 + packageUrl 0:1 + packageVersion 0:1 + sourceInfo 0:1 } -class Core.CreationInfo { +class Software.File { + /Core/contentType 0:1 + fileKind 0:1 +} +abstract Software.SoftwareArtifact { + additionalPurpose 0:* + attributionText 0:* + contentIdentifier 0:* + copyrightText 0:1 + primaryPurpose 0:1 +} +class Software.Sbom { + sbomType 0:* +} +class Software.Snippet { + byteRange 0:1 + lineRange 0:1 + snippetFromFile 1:1 +} +abstract Core.IntegrityMethod { comment 0:1 - created 1:1 - createdBy 1:* - createdUsing 0:* - specVersion 1:1 +} +class Core.DictionaryEntry { + key 1:1 + value 0:1 +} +abstract Core.Artifact { + builtTime 0:1 + originatedBy 0:* + releaseTime 0:1 + standardName 0:* + suppliedBy 0:1 + supportLevel 0:* + validUntilTime 0:1 } class Core.ExternalMap { definingArtifact 0:1 @@ -69,61 +176,31 @@ class Core.ExternalMap { locationHint 0:1 verifiedUsing 0:* } +class Core.CreationInfo { + comment 0:1 + created 1:1 + createdBy 1:* + createdUsing 0:* + specVersion 1:1 +} abstract Core.ElementCollection { element 0:* profileConformance 0:* rootElement 0:* } -class Core.ExternalIdentifier { - comment 0:1 - externalIdentifierType 1:1 - identifier 1:1 - identifierLocator 0:* - issuingAuthority 0:1 -} -class Core.Tool { -} -class Core.Hash { - algorithm 1:1 - hashValue 1:1 -} -class Core.Bundle { - context 0:1 -} -class Core.Agent { +class Core.NamespaceMap { + namespace 1:1 + prefix 1:1 } class Core.Bom { } -abstract Core.IntegrityMethod { - comment 0:1 -} -class Core.SoftwareAgent { -} class Core.Annotation { annotationType 1:1 contentType 0:1 statement 0:1 subject 1:1 } -abstract Core.Element { - comment 0:1 - creationInfo 1:1 - description 0:1 - extension 0:* - externalIdentifier 0:* - externalRef 0:* - name 0:1 - spdxId 1:1 - summary 0:1 - verifiedUsing 0:* -} -class Core.PositiveIntegerRange { - beginIntegerRange 1:1 - endIntegerRange 1:1 -} -class Core.NamespaceMap { - namespace 1:1 - prefix 1:1 +class Core.SoftwareAgent { } class Core.Relationship { completeness 0:1 @@ -133,148 +210,62 @@ class Core.Relationship { startTime 0:1 to 1:* } -abstract Core.Artifact { - builtTime 0:1 - originatedBy 0:* - releaseTime 0:1 - standardName 0:* - suppliedBy 0:1 - supportLevel 0:* - validUntilTime 0:1 +class Core.Bundle { + context 0:1 +} +class Core.Person { } class Core.SpdxDocument { dataLicense 0:1 imports 0:* namespaceMap 0:* } -class Core.PackageVerificationCode { +class Core.Hash { algorithm 1:1 hashValue 1:1 - packageVerificationCodeExcludedFile 0:* -} -class Build.Build { - buildEndTime 0:1 - buildId 0:1 - buildStartTime 0:1 - buildType 1:1 - configSourceDigest 0:* - configSourceEntrypoint 0:* - configSourceUri 0:* - environment 0:* - parameters 0:* -} -class ExpandedLicensing.ListedLicenseException { - deprecatedVersion 0:1 - listVersionAdded 0:1 -} -class ExpandedLicensing.IndividualLicensingInfo { -} -abstract ExpandedLicensing.LicenseAddition { - additionText 1:1 - isDeprecatedAdditionId 0:1 - licenseXml 0:1 - obsoletedBy 0:1 - seeAlso 0:* - standardAdditionTemplate 0:1 -} -class ExpandedLicensing.OrLaterOperator { - subjectLicense 1:1 -} -class ExpandedLicensing.DisjunctiveLicenseSet { - member 2:* -} -class ExpandedLicensing.ListedLicense { - deprecatedVersion 0:1 - listVersionAdded 0:1 } -class ExpandedLicensing.WithAdditionOperator { - subjectAddition 1:1 - subjectExtendableLicense 1:1 -} -class ExpandedLicensing.CustomLicense { -} -class ExpandedLicensing.ConjunctiveLicenseSet { - member 2:* -} -class ExpandedLicensing.CustomLicenseAddition { -} -abstract ExpandedLicensing.ExtendableLicense { -} -abstract ExpandedLicensing.License { - /SimpleLicensing/licenseText 1:1 - isDeprecatedLicenseId 0:1 - isFsfLibre 0:1 - isOsiApproved 0:1 - licenseXml 0:1 - obsoletedBy 0:1 - seeAlso 0:* - standardLicenseHeader 0:1 - standardLicenseTemplate 0:1 -} -class Extension.CdxPropertyEntry { - cdxPropName 1:1 - cdxPropValue 0:1 -} -abstract Extension.Extension { -} -class Extension.CdxPropertiesExtension { - cdxProperty 1:* -} -class Software.ContentIdentifier { - contentIdentifierType 1:1 - contentIdentifierValue 1:1 +class Core.Tool { } -class Software.Sbom { - sbomType 0:* +class Core.ExternalIdentifier { + comment 0:1 + externalIdentifierType 1:1 + identifier 1:1 + identifierLocator 0:* + issuingAuthority 0:1 } -class Software.Package { - downloadLocation 0:1 - homePage 0:1 - packageUrl 0:1 - packageVersion 0:1 - sourceInfo 0:1 +class Core.PackageVerificationCode { + algorithm 1:1 + hashValue 1:1 + packageVerificationCodeExcludedFile 0:* } -class Software.Snippet { - byteRange 0:1 - lineRange 0:1 - snippetFromFile 1:1 +class Core.Agent { } -abstract Software.SoftwareArtifact { - additionalPurpose 0:* - attributionText 0:* - contentIdentifier 0:* - copyrightText 0:1 - primaryPurpose 0:1 +class Core.LifecycleScopedRelationship { + scope 0:1 } -class Software.File { - /Core/contentType 0:1 - fileKind 0:1 +class Core.Organization { } -class AI.EnergyConsumptionDescription { - energyQuantity 1:1 - energyUnit 1:1 +abstract Core.Element { + comment 0:1 + creationInfo 1:1 + description 0:1 + extension 0:* + externalIdentifier 0:* + externalRef 0:* + name 0:1 + spdxId 1:1 + summary 0:1 + verifiedUsing 0:* } -class AI.AIPackage { - autonomyType 0:1 - domain 0:* - energyConsumption 0:1 - hyperparameter 0:* - informationAboutApplication 0:1 - informationAboutTraining 0:1 - limitation 0:1 - metric 0:* - metricDecisionThreshold 0:* - modelDataPreprocessing 0:* - modelExplainability 0:* - safetyRiskAssessment 0:1 - standardCompliance 0:* - typeOfModel 0:* - useSensitivePersonalInformation 0:1 +class Core.ExternalRef { + comment 0:1 + contentType 0:1 + externalRefType 0:1 + locator 0:* } -class AI.EnergyConsumption { - finetuningEnergyConsumption 0:* - inferenceEnergyConsumption 0:* - trainingEnergyConsumption 0:* +class Core.PositiveIntegerRange { + beginIntegerRange 1:1 + endIntegerRange 1:1 } class Dataset.DatasetPackage { anonymizationMethodUsed 0:* @@ -291,257 +282,266 @@ class Dataset.DatasetPackage { knownBias 0:* sensor 0:* } -class Security.Vulnerability { - modifiedTime 0:1 - publishedTime 0:1 - withdrawnTime 0:1 +class Extension.CdxPropertiesExtension { + cdxProperty 1:* } -class Security.CvssV4VulnAssessmentRelationship { - score 1:1 - severity 1:1 - vectorString 1:1 +class Extension.CdxPropertyEntry { + cdxPropName 1:1 + cdxPropValue 0:1 } -class Security.CvssV3VulnAssessmentRelationship { - score 1:1 - severity 1:1 - vectorString 1:1 +abstract Extension.Extension { +} +class Security.VexUnderInvestigationVulnAssessmentRelationship { } class Security.VexFixedVulnAssessmentRelationship { } -class Security.VexAffectedVulnAssessmentRelationship { - actionStatement 0:1 - actionStatementTime 0:* +class Security.EpssVulnAssessmentRelationship { + percentile 1:1 + probability 1:1 +} +abstract Security.VexVulnAssessmentRelationship { + statusNotes 0:1 + vexVersion 0:1 } class Security.VexNotAffectedVulnAssessmentRelationship { impactStatement 0:1 impactStatementTime 0:1 justificationType 0:1 } -class Security.EpssVulnAssessmentRelationship { - percentile 1:1 - probability 1:1 +class Security.CvssV3VulnAssessmentRelationship { + score 1:1 + severity 1:1 + vectorString 1:1 +} +class Security.SsvcVulnAssessmentRelationship { + decisionType 1:1 +} +class Security.CvssV4VulnAssessmentRelationship { + score 1:1 + severity 1:1 + vectorString 1:1 } class Security.CvssV2VulnAssessmentRelationship { score 1:1 vectorString 1:1 } -abstract Security.VexVulnAssessmentRelationship { - statusNotes 0:1 - vexVersion 0:1 +class Security.VexAffectedVulnAssessmentRelationship { + actionStatement 0:1 + actionStatementTime 0:* } -abstract Security.VulnAssessmentRelationship { - /Core/suppliedBy 0:1 - assessedElement 0:1 +class Security.Vulnerability { modifiedTime 0:1 publishedTime 0:1 withdrawnTime 0:1 } -class Security.SsvcVulnAssessmentRelationship { - decisionType 1:1 -} -class Security.VexUnderInvestigationVulnAssessmentRelationship { -} class Security.ExploitCatalogVulnAssessmentRelationship { catalogType 1:1 exploited 1:1 locator 1:1 } -enum Core.RelationshipCompleteness { +abstract Security.VulnAssessmentRelationship { + /Core/suppliedBy 0:1 + assessedElement 0:1 + modifiedTime 0:1 + publishedTime 0:1 + withdrawnTime 0:1 } -enum Core.ExternalRefType { +enum AI.EnergyUnitType { } -enum Core.HashAlgorithm { +enum AI.SafetyRiskAssessmentType { } -enum Core.PresenceType { +enum Software.SbomType { } -enum Core.ExternalIdentifierType { +enum Software.SoftwarePurpose { } -enum Core.AnnotationType { +enum Software.ContentIdentifierType { } -enum Core.SupportType { +enum Software.FileKindType { } -enum Core.LifecycleScopeType { +enum Core.HashAlgorithm { } -enum Core.RelationshipType { +enum Core.RelationshipCompleteness { } -enum Core.ProfileIdentifierType { +enum Core.ExternalRefType { } -enum Software.SoftwarePurpose { +enum Core.ProfileIdentifierType { } -enum Software.SbomType { +enum Core.PresenceType { } -enum Software.ContentIdentifierType { +enum Core.SupportType { } -enum Software.FileKindType { +enum Core.LifecycleScopeType { } -enum AI.SafetyRiskAssessmentType { +enum Core.ExternalIdentifierType { } -enum AI.EnergyUnitType { +enum Core.AnnotationType { } -enum Dataset.DatasetType { +enum Core.RelationshipType { } enum Dataset.DatasetAvailabilityType { } enum Dataset.ConfidentialityLevelType { } -enum Security.CvssSeverityType { +enum Dataset.DatasetType { } -enum Security.SsvcDecisionType { +enum Security.VexJustificationType { } enum Security.ExploitCatalogType { } -enum Security.VexJustificationType { +enum Security.SsvcDecisionType { } -class Core.DateTime { +enum Security.CvssSeverityType { } -class Core.SemVer { +class Core.DateTime { } class Core.MediaType { } -SimpleLicensing.SimpleLicensingText --|> Element -SimpleLicensing.AnyLicenseInfo --|> Element -SimpleLicensing.LicenseExpression --|> AnyLicenseInfo -Core.LifecycleScopedRelationship --|> Relationship -Core.Organization --|> Agent -Core.Person --|> Agent -Core.ElementCollection --|> Element -Core.Tool --|> Element -Core.Hash --|> IntegrityMethod -Core.Bundle --|> ElementCollection -Core.Agent --|> Element -Core.Bom --|> Bundle -Core.SoftwareAgent --|> Agent -Core.Annotation --|> Element -Core.Relationship --|> Element -Core.Artifact --|> Element -Core.SpdxDocument --|> ElementCollection -Core.PackageVerificationCode --|> IntegrityMethod -Build.Build --|> Element -ExpandedLicensing.ListedLicenseException --|> LicenseAddition +class Core.SemVer { +} +ExpandedLicensing.ConjunctiveLicenseSet --|> AnyLicenseInfo ExpandedLicensing.IndividualLicensingInfo --|> AnyLicenseInfo -ExpandedLicensing.LicenseAddition --|> Element ExpandedLicensing.OrLaterOperator --|> ExtendableLicense +ExpandedLicensing.License --|> ExtendableLicense ExpandedLicensing.DisjunctiveLicenseSet --|> AnyLicenseInfo -ExpandedLicensing.ListedLicense --|> License +ExpandedLicensing.ExtendableLicense --|> AnyLicenseInfo ExpandedLicensing.WithAdditionOperator --|> AnyLicenseInfo ExpandedLicensing.CustomLicense --|> License -ExpandedLicensing.ConjunctiveLicenseSet --|> AnyLicenseInfo +ExpandedLicensing.ListedLicenseException --|> LicenseAddition +ExpandedLicensing.ListedLicense --|> License ExpandedLicensing.CustomLicenseAddition --|> LicenseAddition -ExpandedLicensing.ExtendableLicense --|> AnyLicenseInfo -ExpandedLicensing.License --|> ExtendableLicense -Extension.CdxPropertiesExtension --|> Extension +ExpandedLicensing.LicenseAddition --|> Element +AI.AIPackage --|> Package +SimpleLicensing.LicenseExpression --|> AnyLicenseInfo +SimpleLicensing.AnyLicenseInfo --|> Element +SimpleLicensing.SimpleLicensingText --|> Element +Build.Build --|> Element Software.ContentIdentifier --|> IntegrityMethod -Software.Sbom --|> Bom Software.Package --|> SoftwareArtifact -Software.Snippet --|> SoftwareArtifact -Software.SoftwareArtifact --|> Artifact Software.File --|> SoftwareArtifact -AI.AIPackage --|> Package +Software.SoftwareArtifact --|> Artifact +Software.Sbom --|> Bom +Software.Snippet --|> SoftwareArtifact +Core.Artifact --|> Element +Core.ElementCollection --|> Element +Core.Bom --|> Bundle +Core.Annotation --|> Element +Core.SoftwareAgent --|> Agent +Core.Relationship --|> Element +Core.Bundle --|> ElementCollection +Core.Person --|> Agent +Core.SpdxDocument --|> ElementCollection +Core.Hash --|> IntegrityMethod +Core.Tool --|> Element +Core.PackageVerificationCode --|> IntegrityMethod +Core.Agent --|> Element +Core.LifecycleScopedRelationship --|> Relationship +Core.Organization --|> Agent Dataset.DatasetPackage --|> Package -Security.Vulnerability --|> Artifact -Security.CvssV4VulnAssessmentRelationship --|> VulnAssessmentRelationship -Security.CvssV3VulnAssessmentRelationship --|> VulnAssessmentRelationship +Extension.CdxPropertiesExtension --|> Extension +Security.VexUnderInvestigationVulnAssessmentRelationship --|> VexVulnAssessmentRelationship Security.VexFixedVulnAssessmentRelationship --|> VexVulnAssessmentRelationship -Security.VexAffectedVulnAssessmentRelationship --|> VexVulnAssessmentRelationship -Security.VexNotAffectedVulnAssessmentRelationship --|> VexVulnAssessmentRelationship Security.EpssVulnAssessmentRelationship --|> VulnAssessmentRelationship -Security.CvssV2VulnAssessmentRelationship --|> VulnAssessmentRelationship Security.VexVulnAssessmentRelationship --|> VulnAssessmentRelationship -Security.VulnAssessmentRelationship --|> Relationship +Security.VexNotAffectedVulnAssessmentRelationship --|> VexVulnAssessmentRelationship +Security.CvssV3VulnAssessmentRelationship --|> VulnAssessmentRelationship Security.SsvcVulnAssessmentRelationship --|> VulnAssessmentRelationship -Security.VexUnderInvestigationVulnAssessmentRelationship --|> VexVulnAssessmentRelationship +Security.CvssV4VulnAssessmentRelationship --|> VulnAssessmentRelationship +Security.CvssV2VulnAssessmentRelationship --|> VulnAssessmentRelationship +Security.VexAffectedVulnAssessmentRelationship --|> VexVulnAssessmentRelationship +Security.Vulnerability --|> Artifact Security.ExploitCatalogVulnAssessmentRelationship --|> VulnAssessmentRelationship +Security.VulnAssessmentRelationship --|> Relationship +ExpandedLicensing.ConjunctiveLicenseSet::member --> AnyLicenseInfo +ExpandedLicensing.OrLaterOperator::subjectLicense --> License +ExpandedLicensing.DisjunctiveLicenseSet::member --> AnyLicenseInfo +ExpandedLicensing.WithAdditionOperator::subjectAddition --> LicenseAddition +ExpandedLicensing.WithAdditionOperator::subjectExtendableLicense --> ExtendableLicense +AI.AIPackage::autonomyType --> PresenceType +AI.AIPackage::energyConsumption --> EnergyConsumption +AI.AIPackage::hyperparameter --> DictionaryEntry +AI.AIPackage::metric --> DictionaryEntry +AI.AIPackage::metricDecisionThreshold --> DictionaryEntry +AI.AIPackage::safetyRiskAssessment --> SafetyRiskAssessmentType +AI.AIPackage::useSensitivePersonalInformation --> PresenceType +AI.EnergyConsumption::finetuningEnergyConsumption --> EnergyConsumptionDescription +AI.EnergyConsumption::inferenceEnergyConsumption --> EnergyConsumptionDescription +AI.EnergyConsumption::trainingEnergyConsumption --> EnergyConsumptionDescription +AI.EnergyConsumptionDescription::energyUnit --> EnergyUnitType SimpleLicensing.LicenseExpression::customIdToUri --> DictionaryEntry SimpleLicensing.LicenseExpression::licenseListVersion --> SemVer -Core.ExternalRef::contentType --> MediaType -Core.ExternalRef::externalRefType --> ExternalRefType -Core.LifecycleScopedRelationship::scope --> LifecycleScopeType +Build.Build::buildEndTime --> DateTime +Build.Build::buildStartTime --> DateTime +Build.Build::configSourceDigest --> Hash +Build.Build::environment --> DictionaryEntry +Build.Build::parameters --> DictionaryEntry +Software.ContentIdentifier::contentIdentifierType --> ContentIdentifierType +Software.File::/Core/contentType --> MediaType +Software.File::fileKind --> FileKindType +Software.SoftwareArtifact::additionalPurpose --> SoftwarePurpose +Software.SoftwareArtifact::contentIdentifier --> ContentIdentifier +Software.SoftwareArtifact::primaryPurpose --> SoftwarePurpose +Software.Sbom::sbomType --> SbomType +Software.Snippet::byteRange --> PositiveIntegerRange +Software.Snippet::lineRange --> PositiveIntegerRange +Software.Snippet::snippetFromFile --> File +Core.Artifact::builtTime --> DateTime +Core.Artifact::originatedBy --> Agent +Core.Artifact::releaseTime --> DateTime +Core.Artifact::suppliedBy --> Agent +Core.Artifact::supportLevel --> SupportType +Core.Artifact::validUntilTime --> DateTime +Core.ExternalMap::definingArtifact --> Artifact +Core.ExternalMap::verifiedUsing --> IntegrityMethod Core.CreationInfo::created --> DateTime Core.CreationInfo::createdBy --> Agent Core.CreationInfo::createdUsing --> Tool Core.CreationInfo::specVersion --> SemVer -Core.ExternalMap::definingArtifact --> Artifact -Core.ExternalMap::verifiedUsing --> IntegrityMethod Core.ElementCollection::element --> Element Core.ElementCollection::profileConformance --> ProfileIdentifierType Core.ElementCollection::rootElement --> Element -Core.ExternalIdentifier::externalIdentifierType --> ExternalIdentifierType -Core.Hash::algorithm --> HashAlgorithm Core.Annotation::annotationType --> AnnotationType Core.Annotation::contentType --> MediaType Core.Annotation::subject --> Element -Core.Element::creationInfo --> CreationInfo -Core.Element::extension --> Extension -Core.Element::externalIdentifier --> ExternalIdentifier -Core.Element::externalRef --> ExternalRef -Core.Element::verifiedUsing --> IntegrityMethod Core.Relationship::completeness --> RelationshipCompleteness Core.Relationship::endTime --> DateTime Core.Relationship::from --> Element Core.Relationship::relationshipType --> RelationshipType Core.Relationship::startTime --> DateTime Core.Relationship::to --> Element -Core.Artifact::builtTime --> DateTime -Core.Artifact::originatedBy --> Agent -Core.Artifact::releaseTime --> DateTime -Core.Artifact::suppliedBy --> Agent -Core.Artifact::supportLevel --> SupportType -Core.Artifact::validUntilTime --> DateTime Core.SpdxDocument::dataLicense --> AnyLicenseInfo Core.SpdxDocument::imports --> ExternalMap Core.SpdxDocument::namespaceMap --> NamespaceMap +Core.Hash::algorithm --> HashAlgorithm +Core.ExternalIdentifier::externalIdentifierType --> ExternalIdentifierType Core.PackageVerificationCode::algorithm --> HashAlgorithm -Build.Build::buildEndTime --> DateTime -Build.Build::buildStartTime --> DateTime -Build.Build::configSourceDigest --> Hash -Build.Build::environment --> DictionaryEntry -Build.Build::parameters --> DictionaryEntry -ExpandedLicensing.OrLaterOperator::subjectLicense --> License -ExpandedLicensing.DisjunctiveLicenseSet::member --> AnyLicenseInfo -ExpandedLicensing.WithAdditionOperator::subjectAddition --> LicenseAddition -ExpandedLicensing.WithAdditionOperator::subjectExtendableLicense --> ExtendableLicense -ExpandedLicensing.ConjunctiveLicenseSet::member --> AnyLicenseInfo -Extension.CdxPropertiesExtension::cdxProperty --> CdxPropertyEntry -Software.ContentIdentifier::contentIdentifierType --> ContentIdentifierType -Software.Sbom::sbomType --> SbomType -Software.Snippet::byteRange --> PositiveIntegerRange -Software.Snippet::lineRange --> PositiveIntegerRange -Software.Snippet::snippetFromFile --> File -Software.SoftwareArtifact::additionalPurpose --> SoftwarePurpose -Software.SoftwareArtifact::contentIdentifier --> ContentIdentifier -Software.SoftwareArtifact::primaryPurpose --> SoftwarePurpose -Software.File::/Core/contentType --> MediaType -Software.File::fileKind --> FileKindType -AI.EnergyConsumptionDescription::energyUnit --> EnergyUnitType -AI.AIPackage::autonomyType --> PresenceType -AI.AIPackage::energyConsumption --> EnergyConsumption -AI.AIPackage::hyperparameter --> DictionaryEntry -AI.AIPackage::metric --> DictionaryEntry -AI.AIPackage::metricDecisionThreshold --> DictionaryEntry -AI.AIPackage::safetyRiskAssessment --> SafetyRiskAssessmentType -AI.AIPackage::useSensitivePersonalInformation --> PresenceType -AI.EnergyConsumption::finetuningEnergyConsumption --> EnergyConsumptionDescription -AI.EnergyConsumption::inferenceEnergyConsumption --> EnergyConsumptionDescription -AI.EnergyConsumption::trainingEnergyConsumption --> EnergyConsumptionDescription +Core.LifecycleScopedRelationship::scope --> LifecycleScopeType +Core.Element::creationInfo --> CreationInfo +Core.Element::extension --> Extension +Core.Element::externalIdentifier --> ExternalIdentifier +Core.Element::externalRef --> ExternalRef +Core.Element::verifiedUsing --> IntegrityMethod +Core.ExternalRef::contentType --> MediaType +Core.ExternalRef::externalRefType --> ExternalRefType Dataset.DatasetPackage::confidentialityLevel --> ConfidentialityLevelType Dataset.DatasetPackage::datasetAvailability --> DatasetAvailabilityType Dataset.DatasetPackage::datasetType --> DatasetType Dataset.DatasetPackage::hasSensitivePersonalInformation --> PresenceType Dataset.DatasetPackage::sensor --> DictionaryEntry +Extension.CdxPropertiesExtension::cdxProperty --> CdxPropertyEntry +Security.VexNotAffectedVulnAssessmentRelationship::impactStatementTime --> DateTime +Security.VexNotAffectedVulnAssessmentRelationship::justificationType --> VexJustificationType +Security.CvssV3VulnAssessmentRelationship::severity --> CvssSeverityType +Security.SsvcVulnAssessmentRelationship::decisionType --> SsvcDecisionType +Security.CvssV4VulnAssessmentRelationship::severity --> CvssSeverityType +Security.VexAffectedVulnAssessmentRelationship::actionStatementTime --> DateTime Security.Vulnerability::modifiedTime --> DateTime Security.Vulnerability::publishedTime --> DateTime Security.Vulnerability::withdrawnTime --> DateTime -Security.CvssV4VulnAssessmentRelationship::severity --> CvssSeverityType -Security.CvssV3VulnAssessmentRelationship::severity --> CvssSeverityType -Security.VexAffectedVulnAssessmentRelationship::actionStatementTime --> DateTime -Security.VexNotAffectedVulnAssessmentRelationship::impactStatementTime --> DateTime -Security.VexNotAffectedVulnAssessmentRelationship::justificationType --> VexJustificationType +Security.ExploitCatalogVulnAssessmentRelationship::catalogType --> ExploitCatalogType Security.VulnAssessmentRelationship::/Core/suppliedBy --> Agent Security.VulnAssessmentRelationship::assessedElement --> Element Security.VulnAssessmentRelationship::modifiedTime --> DateTime Security.VulnAssessmentRelationship::publishedTime --> DateTime Security.VulnAssessmentRelationship::withdrawnTime --> DateTime -Security.SsvcVulnAssessmentRelationship::decisionType --> SsvcDecisionType -Security.ExploitCatalogVulnAssessmentRelationship::catalogType --> ExploitCatalogType @enduml diff --git a/v3.0.1-draft/model/spdx-model.dot b/v3.0.1-draft/model/spdx-model.dot index 7fa1bfa80c..0a43e6def5 100644 --- a/v3.0.1-draft/model/spdx-model.dot +++ b/v3.0.1-draft/model/spdx-model.dot @@ -1,4640 +1,4640 @@ digraph { node [ fontname="DejaVu Sans" ] ; - node0 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node2 -> node3 [ color=BLACK, label=< rdf:type > ] ; + node0 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node2 -> node3 [ color=BLACK, label=< rdf:rest > ] ; node4 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node6 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node9 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node10 -> node11 [ color=BLACK, label=< rdf:rest > ] ; - node12 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node13 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node15 -> node16 [ color=BLACK, label=< sh:property > ] ; - node17 -> node18 [ color=BLACK, label=< rdf:first > ] ; - node19 -> node20 [ color=BLACK, label=< rdf:first > ] ; + node6 -> node7 [ color=BLACK, label=< rdf:rest > ] ; + node8 -> node9 [ color=BLACK, label=< sh:path > ] ; + node10 -> node11 [ color=BLACK, label=< sh:class > ] ; + node12 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node15 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node17 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node19 -> node20 [ color=BLACK, label=< rdf:rest > ] ; node21 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node23 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node24 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node25 -> node26 [ color=BLACK, label=< sh:property > ] ; - node28 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node31 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node33 -> node34 [ color=BLACK, label=< sh:class > ] ; - node35 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node36 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node37 -> node38 [ color=BLACK, label=< rdf:type > ] ; - node39 -> node40 [ color=BLACK, label=< rdfs:range > ] ; - node41 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node42 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node43 -> node44 [ color=BLACK, label=< rdf:rest > ] ; - node45 -> node46 [ color=BLACK, label=< rdf:first > ] ; - node47 -> node48 [ color=BLACK, label=< sh:in > ] ; - node49 -> node50 [ color=BLACK, label=< rdf:first > ] ; + node24 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node25 -> node26 [ color=BLACK, label=< rdf:rest > ] ; + node27 -> node28 [ color=BLACK, label=< rdfs:range > ] ; + node29 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node31 -> node32 [ color=BLACK, label=< rdf:type > ] ; + node33 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node35 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node37 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node38 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node40 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node42 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node44 -> node45 [ color=BLACK, label=< rdf:rest > ] ; + node47 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node48 -> node28 [ color=BLACK, label=< sh:datatype > ] ; + node49 -> node50 [ color=BLACK, label=< sh:in > ] ; node51 -> node52 [ color=BLACK, label=< rdf:first > ] ; - node53 -> node54 [ color=BLACK, label=< rdf:rest > ] ; + node53 -> node54 [ color=BLACK, label=< sh:property > ] ; node55 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node57 -> node58 [ color=BLACK, label=< sh:property > ] ; - node59 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node63 -> node64 [ color=BLACK, label=< rdf:rest > ] ; - node67 -> node68 [ color=BLACK, label=< rdf:rest > ] ; - node71 -> node72 [ color=BLACK, label=< sh:property > ] ; - node73 -> node74 [ color=BLACK, label=< rdf:first > ] ; - node58 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node77 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node83 -> node84 [ color=BLACK, label=< rdf:first > ] ; - node86 -> node87 [ color=BLACK, label=< rdf:type > ] ; - node88 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node89 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node21 -> node90 [ color=BLACK, label=< sh:property > ] ; - node92 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node93 -> node94 [ color=BLACK, label=< sh:class > ] ; - node95 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node99 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node100 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node0 -> node101 [ color=BLACK, label=< sh:path > ] ; - node102 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node103 -> node104 [ color=BLACK, label=< rdf:rest > ] ; - node105 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node107 -> node108 [ color=BLACK, label=< rdf:rest > ] ; - node109 -> node110 [ color=BLACK, label=< rdf:first > ] ; - node112 -> node35 [ color=BLACK, label=< sh:property > ] ; - node113 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node114 -> node115 [ color=BLACK, label=< sh:property > ] ; - node116 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node118 -> node119 [ color=BLACK, label=< rdfs:range > ] ; - node121 -> node122 [ color=BLACK, label=< sh:in > ] ; - node124 -> node125 [ color=BLACK, label=< rdf:first > ] ; + node57 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node59 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node61 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node63 -> node64 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node65 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node66 -> node57 [ color=BLACK, label=< rdf:type > ] ; + node68 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node69 -> node70 [ color=BLACK, label=< rdf:first > ] ; + node72 -> node73 [ color=BLACK, label=< sh:property > ] ; + node33 -> node74 [ color=BLACK, label=< sh:property > ] ; + node75 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node77 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node79 -> node80 [ color=BLACK, label=< rdfs:range > ] ; + node82 -> node83 [ color=BLACK, label=< sh:property > ] ; + node84 -> node85 [ color=BLACK, label=< rdf:first > ] ; + node86 -> node87 [ color=BLACK, label=< sh:path > ] ; + node88 -> node89 [ color=BLACK, label=< rdf:rest > ] ; + node90 -> node91 [ color=BLACK, label=< sh:property > ] ; + node92 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node93 -> node94 [ color=BLACK, label=< rdf:rest > ] ; + node96 -> node97 [ color=BLACK, label=< rdf:rest > ] ; + node100 -> node101 [ color=BLACK, label=< rdf:first > ] ; + node102 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node103 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node53 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node104 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node105 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node107 -> node98 [ color=BLACK, label=< rdf:first > ] ; + node108 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node109 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node111 -> node112 [ color=BLACK, label=< rdf:first > ] ; + node113 -> node114 [ color=BLACK, label=< sh:path > ] ; + node115 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node116 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node117 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node120 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node122 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node124 -> node60 [ color=BLACK, label=< sh:property > ] ; + node125 -> node123 [ color=BLACK, label=< rdf:rest > ] ; node126 -> node127 [ color=BLACK, label=< rdf:first > ] ; - node129 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node131 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node133 -> node134 [ color=BLACK, label=< rdf:first > ] ; - node135 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node137 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node138 -> node121 [ color=BLACK, label=< sh:property > ] ; - node139 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node140 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node34 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node141 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node142 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node104 -> node147 [ color=BLACK, label=< rdf:first > ] ; - node148 -> node23 [ color=BLACK, label=< rdf:first > ] ; - node57 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node149 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node117 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node150 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node151 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node152 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node157 -> node158 [ color=BLACK, label=< rdf:first > ] ; - node4 -> node160 [ color=BLACK, label=< sh:property > ] ; - node161 -> node162 [ color=BLACK, label=< rdfs:range > ] ; + node129 -> node130 [ color=BLACK, label=< rdf:rest > ] ; + node131 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node75 -> node132 [ color=BLACK, label=< sh:property > ] ; + node133 -> node75 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node134 -> node135 [ color=BLACK, label=< sh:class > ] ; + node136 -> node137 [ color=BLACK, label=< rdf:rest > ] ; + node138 -> node139 [ color=BLACK, label=< rdf:first > ] ; + node140 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node141 -> node142 [ color=BLACK, label=< rdfs:range > ] ; + node143 -> node144 [ color=BLACK, label=< rdfs:range > ] ; + node145 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node147 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node148 -> node149 [ color=BLACK, label=< sh:property > ] ; + node150 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node151 -> node79 [ color=BLACK, label=< sh:path > ] ; + node152 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node154 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node156 -> node157 [ color=BLACK, label=< sh:class > ] ; + node158 -> node159 [ color=BLACK, label=< rdf:type > ] ; + node146 -> node114 [ color=BLACK, label=< sh:path > ] ; + node161 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node119 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node162 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; node163 -> node164 [ color=BLACK, label=< rdf:first > ] ; - node165 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node168 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node169 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node170 -> node171 [ color=BLACK, label=< sh:path > ] ; - node172 -> node173 [ color=BLACK, label=< rdf:first > ] ; - node174 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node21 -> node176 [ color=BLACK, label=< sh:property > ] ; - node177 -> node178 [ color=BLACK, label=< sh:property > ] ; - node179 -> node180 [ color=BLACK, label=< sh:property > ] ; - node181 -> node139 [ color=BLACK, label=< sh:path > ] ; - node182 -> node183 [ color=BLACK, label=< rdf:first > ] ; - node132 -> node40 [ color=BLACK, label=< rdfs:range > ] ; - node113 -> node184 [ color=BLACK, label=< sh:path > ] ; - node185 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node186 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node189 -> node190 [ color=BLACK, label=< rdf:first > ] ; - node191 -> node192 [ color=BLACK, label=< sh:property > ] ; - node193 -> node194 [ color=BLACK, label=< rdfs:range > ] ; - node15 -> node156 [ color=BLACK, label=< sh:property > ] ; - node82 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node197 -> node198 [ color=BLACK, label=< rdf:type > ] ; - node200 -> node34 [ color=BLACK, label=< sh:class > ] ; - node201 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node203 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node204 -> node205 [ color=BLACK, label=< sh:class > ] ; - node206 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node209 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node210 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node212 -> node213 [ color=BLACK, label=< rdf:first > ] ; - node216 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node217 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node183 -> node220 [ color=BLACK, label=< rdf:type > ] ; - node179 -> node221 [ color=BLACK, label=< sh:property > ] ; - node222 -> node223 [ color=BLACK, label=< sh:property > ] ; - node225 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node226 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node227 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node229 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node72 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node21 -> node144 [ color=BLACK, label=< sh:property > ] ; - node230 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node232 -> node233 [ color=BLACK, label=< sh:in > ] ; - node234 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node235 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node238 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node239 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node241 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node243 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node244 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node222 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node246 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node247 -> node41 [ color=BLACK, label=< rdf:type > ] ; - node186 -> node34 [ color=BLACK, label=< sh:class > ] ; - node99 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node248 -> node249 [ color=BLACK, label=< rdf:first > ] ; - node250 -> node251 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node18 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node252 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node253 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node254 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node255 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node258 -> node177 [ color=BLACK, label=< sh:class > ] ; - node259 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node260 -> node239 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node261 -> node130 [ color=BLACK, label=< sh:class > ] ; - node262 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node237 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node265 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node266 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node267 -> node268 [ color=BLACK, label=< rdf:first > ] ; - node271 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node184 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node272 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node274 -> node275 [ color=BLACK, label=< sh:path > ] ; - node276 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node277 -> node135 [ color=BLACK, label=< rdf:first > ] ; - node278 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node231 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node281 -> node282 [ color=BLACK, label=< rdf:rest > ] ; - node283 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node284 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node82 -> node218 [ color=BLACK, label=< sh:property > ] ; - node277 -> node287 [ color=BLACK, label=< rdf:rest > ] ; - node288 -> node289 [ color=BLACK, label=< sh:path > ] ; - node290 -> node291 [ color=BLACK, label=< rdf:rest > ] ; - node292 -> node237 [ color=BLACK, label=< rdfs:range > ] ; - node61 -> node3 [ color=BLACK, label=< rdf:type > ] ; - node293 -> node294 [ color=BLACK, label=< owl:sameAs > ] ; - node295 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node296 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node298 -> node299 [ color=BLACK, label=< rdf:first > ] ; - node300 -> node301 [ color=BLACK, label=< rdf:rest > ] ; - node302 -> node256 [ color=BLACK, label=< rdf:first > ] ; - node303 -> node20 [ color=BLACK, label=< rdf:first > ] ; - node272 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node185 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node305 -> node306 [ color=BLACK, label=< rdf:rest > ] ; - node308 -> node83 [ color=BLACK, label=< rdf:rest > ] ; - node309 -> node310 [ color=BLACK, label=< rdf:rest > ] ; - node311 -> node312 [ color=BLACK, label=< rdf:rest > ] ; - node70 -> node313 [ color=BLACK, label=< sh:path > ] ; - node30 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node314 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node315 -> node219 [ color=BLACK, label=< rdf:first > ] ; - node316 -> node317 [ color=BLACK, label=< rdf:first > ] ; - node318 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node319 -> node320 [ color=BLACK, label=< sh:path > ] ; - node321 -> node188 [ color=BLACK, label=< rdf:first > ] ; - node199 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node62 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node322 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node323 -> node324 [ color=BLACK, label=< rdf:first > ] ; - node327 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node328 -> node329 [ color=BLACK, label=< rdf:first > ] ; - node330 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node303 -> node67 [ color=BLACK, label=< rdf:rest > ] ; - node332 -> node333 [ color=BLACK, label=< sh:path > ] ; - node335 -> node336 [ color=BLACK, label=< rdf:rest > ] ; - node337 -> node338 [ color=BLACK, label=< rdf:type > ] ; - node339 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node340 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node342 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node343 -> node344 [ color=BLACK, label=< sh:path > ] ; - node70 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node345 -> node182 [ color=BLACK, label=< sh:in > ] ; - node346 -> node347 [ color=BLACK, label=< rdf:rest > ] ; - node348 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node349 -> node350 [ color=BLACK, label=< rdf:first > ] ; - node353 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node112 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node354 -> node355 [ color=BLACK, label=< sh:property > ] ; - node356 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node357 -> node358 [ color=BLACK, label=< sh:path > ] ; - node112 -> node359 [ color=BLACK, label=< sh:property > ] ; - node360 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node361 -> node362 [ color=BLACK, label=< rdf:rest > ] ; - node363 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node66 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node365 -> node366 [ color=BLACK, label=< rdfs:range > ] ; - node367 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node368 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node369 -> node114 [ color=BLACK, label=< rdfs:range > ] ; - node370 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node55 -> node251 [ color=BLACK, label=< rdfs:range > ] ; + node165 -> node166 [ color=BLACK, label=< rdf:first > ] ; + node167 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node168 -> node169 [ color=BLACK, label=< rdf:rest > ] ; + node172 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node71 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node12 -> node173 [ color=BLACK, label=< sh:class > ] ; + node132 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node174 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node175 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node176 -> node177 [ color=BLACK, label=< rdf:rest > ] ; + node178 -> node179 [ color=BLACK, label=< sh:property > ] ; + node180 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node167 -> node181 [ color=BLACK, label=< sh:property > ] ; + node182 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node183 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node184 -> node185 [ color=BLACK, label=< rdfs:range > ] ; + node187 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node188 -> node131 [ color=BLACK, label=< rdf:first > ] ; + node189 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node94 -> node193 [ color=BLACK, label=< rdf:rest > ] ; + node194 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node64 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node195 -> node196 [ color=BLACK, label=< rdf:first > ] ; + node197 -> node198 [ color=BLACK, label=< rdf:first > ] ; + node199 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node200 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node202 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node203 -> node204 [ color=BLACK, label=< rdf:rest > ] ; + node205 -> node206 [ color=BLACK, label=< rdf:first > ] ; + node207 -> node208 [ color=BLACK, label=< rdf:rest > ] ; + node185 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node210 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node212 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node214 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node215 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node218 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node219 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node63 -> node71 [ color=BLACK, label=< sh:property > ] ; + node220 -> node221 [ color=BLACK, label=< rdf:first > ] ; + node222 -> node223 [ color=BLACK, label=< sh:path > ] ; + node224 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node225 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node226 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node227 -> node157 [ color=BLACK, label=< sh:class > ] ; + node230 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node232 -> node233 [ color=BLACK, label=< sh:path > ] ; + node235 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node236 -> node237 [ color=BLACK, label=< rdf:first > ] ; + node142 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node241 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node242 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node243 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node244 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node245 -> node246 [ color=BLACK, label=< rdf:rest > ] ; + node249 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node251 -> node252 [ color=BLACK, label=< rdf:first > ] ; + node255 -> node77 [ color=BLACK, label=< sh:path > ] ; + node257 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node192 -> node258 [ color=BLACK, label=< sh:property > ] ; + node72 -> node259 [ color=BLACK, label=< sh:property > ] ; + node52 -> node32 [ color=BLACK, label=< rdf:type > ] ; + node260 -> node261 [ color=BLACK, label=< rdf:rest > ] ; + node204 -> node262 [ color=BLACK, label=< rdf:first > ] ; + node263 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node264 -> node66 [ color=BLACK, label=< rdf:first > ] ; + node266 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node267 -> node116 [ color=BLACK, label=< sh:path > ] ; + node269 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node167 -> node115 [ color=BLACK, label=< sh:property > ] ; + node270 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node271 -> node272 [ color=BLACK, label=< rdf:rest > ] ; + node273 -> node274 [ color=BLACK, label=< sh:path > ] ; + node263 -> node275 [ color=BLACK, label=< sh:path > ] ; + node276 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node279 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node280 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node281 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node282 -> node283 [ color=BLACK, label=< sh:path > ] ; + node284 -> node285 [ color=BLACK, label=< sh:class > ] ; + node286 -> node287 [ color=BLACK, label=< rdf:first > ] ; + node288 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node75 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node252 -> node290 [ color=BLACK, label=< rdf:type > ] ; + node293 -> node27 [ color=BLACK, label=< sh:path > ] ; + node295 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node296 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node297 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node298 -> node299 [ color=BLACK, label=< sh:path > ] ; + node301 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node302 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node22 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node303 -> node304 [ color=BLACK, label=< sh:in > ] ; + node72 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node269 -> node305 [ color=BLACK, label=< sh:in > ] ; + node306 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node253 -> node310 [ color=BLACK, label=< sh:path > ] ; + node312 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node192 -> node253 [ color=BLACK, label=< sh:property > ] ; + node314 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node200 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node317 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node318 -> node319 [ color=BLACK, label=< rdf:first > ] ; + node320 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node234 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node321 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node322 -> node323 [ color=BLACK, label=< rdf:rest > ] ; + node17 -> node324 [ color=BLACK, label=< sh:property > ] ; + node326 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node327 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node62 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node329 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node330 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node331 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node37 -> node128 [ color=BLACK, label=< sh:path > ] ; + node334 -> node335 [ color=BLACK, label=< sh:property > ] ; + node148 -> node336 [ color=BLACK, label=< sh:property > ] ; + node152 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node338 -> node339 [ color=BLACK, label=< rdf:rest > ] ; + node340 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node341 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node68 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node342 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node60 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node343 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node104 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node344 -> node345 [ color=BLACK, label=< rdf:first > ] ; + node346 -> node142 [ color=BLACK, label=< rdf:type > ] ; + node347 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node348 -> node349 [ color=BLACK, label=< rdf:rest > ] ; + node11 -> node48 [ color=BLACK, label=< sh:property > ] ; + node350 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node351 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node352 -> node353 [ color=BLACK, label=< rdf:first > ] ; + node79 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node355 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node357 -> node358 [ color=BLACK, label=< rdf:rest > ] ; + node359 -> node360 [ color=BLACK, label=< sh:class > ] ; + node361 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node362 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node363 -> node364 [ color=BLACK, label=< rdf:first > ] ; + node365 -> node366 [ color=BLACK, label=< sh:path > ] ; + node167 -> node340 [ color=BLACK, label=< sh:property > ] ; + node367 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node368 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node369 -> node370 [ color=BLACK, label=< rdf:first > ] ; + node115 -> node59 [ color=BLACK, label=< sh:path > ] ; node371 -> node372 [ color=BLACK, label=< rdf:first > ] ; - node373 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node374 -> node375 [ color=BLACK, label=< sh:path > ] ; - node376 -> node377 [ color=BLACK, label=< sh:path > ] ; - node378 -> node105 [ color=BLACK, label=< rdf:first > ] ; - node208 -> node253 [ color=BLACK, label=< rdf:type > ] ; - node380 -> node173 [ color=BLACK, label=< rdf:first > ] ; - node174 -> node181 [ color=BLACK, label=< sh:property > ] ; - node179 -> node12 [ color=BLACK, label=< sh:property > ] ; - node141 -> node382 [ color=BLACK, label=< sh:path > ] ; - node383 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node384 -> node87 [ color=BLACK, label=< rdfs:range > ] ; - node385 -> node34 [ color=BLACK, label=< rdfs:range > ] ; - node386 -> node109 [ color=BLACK, label=< rdf:rest > ] ; - node387 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node388 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node389 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node390 -> node127 [ color=BLACK, label=< rdf:first > ] ; - node391 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node392 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node214 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node394 -> node395 [ color=BLACK, label=< rdf:first > ] ; - node396 -> node397 [ color=BLACK, label=< sh:path > ] ; - node378 -> node346 [ color=BLACK, label=< rdf:rest > ] ; - node400 -> node401 [ color=BLACK, label=< rdf:first > ] ; - node191 -> node402 [ color=BLACK, label=< sh:property > ] ; - node79 -> node403 [ color=BLACK, label=< sh:datatype > ] ; - node219 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node404 -> node405 [ color=BLACK, label=< rdf:first > ] ; - node406 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node407 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node408 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node409 -> node224 [ color=BLACK, label=< rdf:first > ] ; - node410 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node411 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node412 -> node3 [ color=BLACK, label=< rdf:type > ] ; - node413 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node88 -> node374 [ color=BLACK, label=< sh:property > ] ; - node414 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node355 -> node40 [ color=BLACK, label=< sh:class > ] ; - node415 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node416 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node242 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node418 -> node419 [ color=BLACK, label=< sh:in > ] ; - node420 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node421 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node50 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node424 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node425 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node125 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node318 -> node274 [ color=BLACK, label=< sh:property > ] ; - node345 -> node427 [ color=BLACK, label=< sh:path > ] ; - node428 -> node429 [ color=BLACK, label=< rdf:rest > ] ; - node239 -> node413 [ color=BLACK, label=< sh:property > ] ; - node191 -> node432 [ color=BLACK, label=< sh:property > ] ; - node433 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node435 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node11 -> node406 [ color=BLACK, label=< rdf:first > ] ; - node212 -> node436 [ color=BLACK, label=< rdf:rest > ] ; - node229 -> node80 [ color=BLACK, label=< sh:property > ] ; - node90 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node438 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node439 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node249 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node440 -> node441 [ color=BLACK, label=< rdf:rest > ] ; - node442 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node443 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node89 -> node418 [ color=BLACK, label=< sh:property > ] ; - node444 -> node353 [ color=BLACK, label=< rdf:first > ] ; - node447 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node448 -> node298 [ color=BLACK, label=< rdf:rest > ] ; - node449 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node450 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node395 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node271 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node38 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node451 -> node452 [ color=BLACK, label=< rdf:first > ] ; - node28 -> node75 [ color=BLACK, label=< rdf:first > ] ; - node453 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node340 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node455 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node340 -> node456 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node457 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node240 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node459 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node461 -> node462 [ color=BLACK, label=< sh:path > ] ; - node191 -> node464 [ color=BLACK, label=< sh:property > ] ; - node222 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node177 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node464 -> node385 [ color=BLACK, label=< sh:path > ] ; - node465 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node456 -> node71 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node75 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node127 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node347 -> node469 [ color=BLACK, label=< rdf:rest > ] ; - node470 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node471 -> node437 [ color=BLACK, label=< sh:path > ] ; - node352 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node474 -> node475 [ color=BLACK, label=< rdf:rest > ] ; - node15 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node476 -> node477 [ color=BLACK, label=< rdf:rest > ] ; - node478 -> node479 [ color=BLACK, label=< sh:property > ] ; - node178 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node11 -> node480 [ color=BLACK, label=< rdf:rest > ] ; - node415 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node481 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node482 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node322 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node484 -> node39 [ color=BLACK, label=< sh:path > ] ; - node297 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node485 -> node486 [ color=BLACK, label=< rdf:first > ] ; - node276 -> node487 [ color=BLACK, label=< sh:path > ] ; - node489 -> node450 [ color=BLACK, label=< rdf:rest > ] ; - node15 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node490 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node491 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node202 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node493 -> node351 [ color=BLACK, label=< rdf:first > ] ; - node494 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node323 -> node302 [ color=BLACK, label=< rdf:rest > ] ; - node496 -> node451 [ color=BLACK, label=< rdf:rest > ] ; - node497 -> node338 [ color=BLACK, label=< rdfs:range > ] ; - node413 -> node95 [ color=BLACK, label=< sh:path > ] ; - node499 -> node205 [ color=BLACK, label=< rdfs:range > ] ; - node345 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node273 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node486 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node340 -> node500 [ color=BLACK, label=< sh:property > ] ; - node485 -> node502 [ color=BLACK, label=< rdf:rest > ] ; - node503 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node288 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node479 -> node195 [ color=BLACK, label=< sh:path > ] ; - node504 -> node505 [ color=BLACK, label=< rdf:rest > ] ; - node506 -> node507 [ color=BLACK, label=< rdf:first > ] ; - node179 -> node508 [ color=BLACK, label=< sh:property > ] ; - node179 -> node204 [ color=BLACK, label=< sh:property > ] ; - node289 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node307 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node509 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node46 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node513 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node6 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node514 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node515 -> node13 [ color=BLACK, label=< rdf:first > ] ; - node464 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node492 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node516 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node517 -> node338 [ color=BLACK, label=< rdf:type > ] ; - node518 -> node519 [ color=BLACK, label=< sh:path > ] ; - node520 -> node159 [ color=BLACK, label=< rdf:first > ] ; - node443 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node521 -> node522 [ color=BLACK, label=< rdf:first > ] ; - node523 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node446 -> node446 [ color=BLACK, label=< owl:versionIRI > ] ; - node525 -> node248 [ color=BLACK, label=< rdf:rest > ] ; - node526 -> node527 [ color=BLACK, label=< rdf:first > ] ; - node376 -> node198 [ color=BLACK, label=< sh:class > ] ; - node528 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node530 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node16 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node531 -> node532 [ color=BLACK, label=< rdf:rest > ] ; - node179 -> node533 [ color=BLACK, label=< sh:property > ] ; - node279 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node454 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node85 -> node467 [ color=BLACK, label=< sh:property > ] ; - node315 -> node534 [ color=BLACK, label=< rdf:rest > ] ; - node535 -> node536 [ color=BLACK, label=< rdf:rest > ] ; - node537 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node538 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node539 -> node540 [ color=BLACK, label=< rdf:first > ] ; - node542 -> node119 [ color=BLACK, label=< sh:datatype > ] ; - node142 -> node79 [ color=BLACK, label=< sh:property > ] ; - node397 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node544 -> node545 [ color=BLACK, label=< rdf:first > ] ; - node546 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node239 -> node548 [ color=BLACK, label=< sh:property > ] ; - node36 -> node416 [ color=BLACK, label=< sh:path > ] ; - node549 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node372 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node48 -> node550 [ color=BLACK, label=< rdf:rest > ] ; - node551 -> node552 [ color=BLACK, label=< rdf:first > ] ; - node276 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node114 -> node319 [ color=BLACK, label=< sh:property > ] ; - node553 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node274 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node82 -> node85 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node145 -> node170 [ color=BLACK, label=< sh:property > ] ; - node554 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node188 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node357 -> node82 [ color=BLACK, label=< sh:class > ] ; - node555 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node131 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node556 -> node65 [ color=BLACK, label=< sh:path > ] ; - node130 -> node259 [ color=BLACK, label=< sh:property > ] ; - node558 -> node559 [ color=BLACK, label=< rdf:rest > ] ; - node560 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node562 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node563 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node216 -> node3 [ color=BLACK, label=< rdf:type > ] ; - node318 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node481 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node567 -> node565 [ color=BLACK, label=< rdf:first > ] ; - node568 -> node224 [ color=BLACK, label=< rdf:first > ] ; - node569 -> node428 [ color=BLACK, label=< rdf:rest > ] ; - node570 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node572 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node124 -> node573 [ color=BLACK, label=< rdf:rest > ] ; - node434 -> node38 [ color=BLACK, label=< sh:class > ] ; - node574 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node448 -> node468 [ color=BLACK, label=< rdf:first > ] ; - node71 -> node232 [ color=BLACK, label=< sh:property > ] ; - node152 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node576 -> node325 [ color=BLACK, label=< rdf:first > ] ; - node402 -> node578 [ color=BLACK, label=< sh:path > ] ; - node486 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node579 -> node580 [ color=BLACK, label=< rdf:rest > ] ; - node581 -> node582 [ color=BLACK, label=< rdf:type > ] ; - node80 -> node583 [ color=BLACK, label=< sh:path > ] ; - node584 -> node283 [ color=BLACK, label=< rdf:rest > ] ; - node585 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node52 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node260 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node561 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node587 -> node588 [ color=BLACK, label=< rdf:first > ] ; - node189 -> node584 [ color=BLACK, label=< rdf:rest > ] ; - node591 -> node592 [ color=BLACK, label=< rdf:rest > ] ; - node25 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node214 -> node594 [ color=BLACK, label=< sh:property > ] ; - node596 -> node77 [ color=BLACK, label=< rdf:first > ] ; - node206 -> node455 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node597 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node598 -> node599 [ color=BLACK, label=< sh:path > ] ; - node600 -> node185 [ color=BLACK, label=< rdf:first > ] ; - node370 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node452 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node465 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node601 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node603 -> node335 [ color=BLACK, label=< rdf:rest > ] ; - node604 -> node605 [ color=BLACK, label=< sh:in > ] ; - node606 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node480 -> node53 [ color=BLACK, label=< rdf:rest > ] ; - node237 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node608 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node209 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node210 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node610 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node239 -> node399 [ color=BLACK, label=< sh:property > ] ; - node510 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node611 -> node325 [ color=BLACK, label=< rdf:first > ] ; - node613 -> node614 [ color=BLACK, label=< sh:class > ] ; - node615 -> node616 [ color=BLACK, label=< rdf:rest > ] ; - node618 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node440 -> node620 [ color=BLACK, label=< rdf:first > ] ; - node126 -> node621 [ color=BLACK, label=< rdf:rest > ] ; - node622 -> node119 [ color=BLACK, label=< rdfs:range > ] ; - node623 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node624 -> node625 [ color=BLACK, label=< rdf:first > ] ; - node140 -> node626 [ color=BLACK, label=< sh:path > ] ; - node21 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node627 -> node34 [ color=BLACK, label=< rdfs:range > ] ; - node510 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node629 -> node366 [ color=BLACK, label=< rdf:type > ] ; - node537 -> node161 [ color=BLACK, label=< sh:path > ] ; - node392 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node631 -> node167 [ color=BLACK, label=< rdf:first > ] ; - node4 -> node447 [ color=BLACK, label=< sh:property > ] ; - node632 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node508 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node8 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node47 -> node128 [ color=BLACK, label=< sh:class > ] ; - node633 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node635 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node636 -> node619 [ color=BLACK, label=< sh:path > ] ; - node193 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node467 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node238 -> node251 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node591 -> node381 [ color=BLACK, label=< rdf:first > ] ; - node380 -> node639 [ color=BLACK, label=< rdf:rest > ] ; - node640 -> node303 [ color=BLACK, label=< rdf:rest > ] ; - node622 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node641 -> node412 [ color=BLACK, label=< rdf:first > ] ; - node392 -> node141 [ color=BLACK, label=< sh:property > ] ; - node426 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node642 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node643 -> node644 [ color=BLACK, label=< rdfs:range > ] ; - node645 -> node646 [ color=BLACK, label=< rdf:first > ] ; - node238 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node647 -> node258 [ color=BLACK, label=< sh:property > ] ; - node648 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node88 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node90 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node649 -> node650 [ color=BLACK, label=< rdf:first > ] ; - node651 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node652 -> node653 [ color=BLACK, label=< sh:path > ] ; - node146 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node65 -> node4 [ color=BLACK, label=< rdfs:range > ] ; - node654 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node656 -> node526 [ color=BLACK, label=< rdf:rest > ] ; - node557 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node99 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node657 -> node658 [ color=BLACK, label=< sh:path > ] ; - node549 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node54 -> node423 [ color=BLACK, label=< rdf:first > ] ; - node660 -> node661 [ color=BLACK, label=< rdf:rest > ] ; - node167 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node304 -> node130 [ color=BLACK, label=< rdf:type > ] ; - node15 -> node410 [ color=BLACK, label=< sh:property > ] ; - node460 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node662 -> node146 [ color=BLACK, label=< rdf:first > ] ; - node663 -> node515 [ color=BLACK, label=< rdf:rest > ] ; - node664 -> node665 [ color=BLACK, label=< sh:path > ] ; - node666 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node98 -> node667 [ color=BLACK, label=< sh:in > ] ; - node608 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node668 -> node300 [ color=BLACK, label=< rdf:rest > ] ; - node260 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node669 -> node670 [ color=BLACK, label=< rdf:type > ] ; - node239 -> node288 [ color=BLACK, label=< sh:property > ] ; - node671 -> node169 [ color=BLACK, label=< rdf:first > ] ; - node672 -> node273 [ color=BLACK, label=< rdfs:range > ] ; - node367 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node673 -> node674 [ color=BLACK, label=< rdf:rest > ] ; - node675 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node676 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node25 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node174 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node215 -> node220 [ color=BLACK, label=< rdf:type > ] ; - node34 -> node677 [ color=BLACK, label=< sh:property > ] ; - node173 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node0 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node678 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node214 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node679 -> node680 [ color=BLACK, label=< sh:in > ] ; - node345 -> node220 [ color=BLACK, label=< sh:class > ] ; - node34 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node682 -> node683 [ color=BLACK, label=< rdf:first > ] ; - node363 -> node685 [ color=BLACK, label=< sh:property > ] ; - node57 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node686 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node687 -> node688 [ color=BLACK, label=< rdf:rest > ] ; - node353 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node689 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node690 -> node152 [ color=BLACK, label=< rdf:first > ] ; - node681 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node539 -> node691 [ color=BLACK, label=< rdf:rest > ] ; - node637 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node243 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node191 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node177 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node248 -> node671 [ color=BLACK, label=< rdf:rest > ] ; - node34 -> node572 [ color=BLACK, label=< sh:property > ] ; - node500 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node693 -> node455 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node401 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node569 -> node501 [ color=BLACK, label=< rdf:first > ] ; - node695 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node627 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node696 -> node269 [ color=BLACK, label=< sh:path > ] ; - node21 -> node503 [ color=BLACK, label=< sh:property > ] ; - node697 -> node331 [ color=BLACK, label=< sh:path > ] ; - node377 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node698 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node449 -> node699 [ color=BLACK, label=< sh:path > ] ; - node701 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node254 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node702 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node527 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node703 -> node644 [ color=BLACK, label=< rdf:type > ] ; - node156 -> node24 [ color=BLACK, label=< sh:class > ] ; - node130 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node704 -> node59 [ color=BLACK, label=< rdf:first > ] ; - node387 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node705 -> node73 [ color=BLACK, label=< rdf:rest > ] ; - node706 -> node354 [ color=BLACK, label=< rdfs:range > ] ; - node413 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node625 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node159 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node452 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node318 -> node70 [ color=BLACK, label=< sh:property > ] ; - node93 -> node535 [ color=BLACK, label=< sh:in > ] ; - node708 -> node709 [ color=BLACK, label=< rdf:rest > ] ; - node367 -> node632 [ color=BLACK, label=< sh:path > ] ; - node336 -> node711 [ color=BLACK, label=< rdf:rest > ] ; - node516 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node100 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node654 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node304 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node712 -> node107 [ color=BLACK, label=< rdf:rest > ] ; - node343 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node713 -> node60 [ color=BLACK, label=< sh:class > ] ; - node714 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node614 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node610 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node716 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node213 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node699 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node717 -> node117 [ color=BLACK, label=< rdf:first > ] ; - node69 -> node457 [ color=BLACK, label=< sh:path > ] ; - node718 -> node403 [ color=BLACK, label=< rdfs:range > ] ; - node26 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node586 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node605 -> node596 [ color=BLACK, label=< rdf:rest > ] ; - node719 -> node76 [ color=BLACK, label=< rdf:first > ] ; - node97 -> node514 [ color=BLACK, label=< sh:path > ] ; - node685 -> node602 [ color=BLACK, label=< sh:path > ] ; - node84 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node418 -> node253 [ color=BLACK, label=< sh:class > ] ; - node581 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node720 -> node721 [ color=BLACK, label=< rdf:rest > ] ; - node336 -> node203 [ color=BLACK, label=< rdf:first > ] ; - node722 -> node272 [ color=BLACK, label=< rdf:first > ] ; - node723 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node724 -> node725 [ color=BLACK, label=< rdf:first > ] ; - node125 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node441 -> node727 [ color=BLACK, label=< rdf:rest > ] ; - node123 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node424 -> node222 [ color=BLACK, label=< rdfs:range > ] ; - node728 -> node403 [ color=BLACK, label=< rdfs:range > ] ; - node410 -> node453 [ color=BLACK, label=< sh:path > ] ; - node729 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node731 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node237 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node579 -> node546 [ color=BLACK, label=< rdf:first > ] ; - node732 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node236 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node439 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node487 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node191 -> node318 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node733 -> node734 [ color=BLACK, label=< rdf:rest > ] ; - node434 -> node735 [ color=BLACK, label=< sh:path > ] ; - node198 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node736 -> node627 [ color=BLACK, label=< sh:path > ] ; - node737 -> node738 [ color=BLACK, label=< rdf:rest > ] ; - node98 -> node136 [ color=BLACK, label=< sh:class > ] ; - node179 -> node739 [ color=BLACK, label=< sh:property > ] ; - node516 -> node463 [ color=BLACK, label=< sh:path > ] ; - node446 -> node740 [ color=BLACK, label=< dcterms:license > ] ; - node741 -> node137 [ color=BLACK, label=< rdf:first > ] ; - node236 -> node236 [ color=BLACK, label=< owl:sameAs > ] ; - node363 -> node396 [ color=BLACK, label=< sh:property > ] ; - node85 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node742 -> node743 [ color=BLACK, label=< sh:path > ] ; - node82 -> node376 [ color=BLACK, label=< sh:property > ] ; - node46 -> node3 [ color=BLACK, label=< rdf:type > ] ; - node744 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node745 -> node273 [ color=BLACK, label=< sh:class > ] ; - node746 -> node747 [ color=BLACK, label=< rdf:rest > ] ; - node618 -> node205 [ color=BLACK, label=< rdf:type > ] ; - node501 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node748 -> node263 [ color=BLACK, label=< rdf:first > ] ; - node89 -> node71 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node138 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node310 -> node701 [ color=BLACK, label=< rdf:first > ] ; - node749 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node201 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node258 -> node751 [ color=BLACK, label=< sh:path > ] ; + node64 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node373 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node253 -> node374 [ color=BLACK, label=< sh:in > ] ; + node216 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node375 -> node341 [ color=BLACK, label=< rdf:type > ] ; + node40 -> node376 [ color=BLACK, label=< sh:property > ] ; + node377 -> node266 [ color=BLACK, label=< rdf:first > ] ; + node378 -> node379 [ color=BLACK, label=< rdf:first > ] ; + node380 -> node138 [ color=BLACK, label=< rdf:rest > ] ; + node179 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node381 -> node11 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node382 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node384 -> node385 [ color=BLACK, label=< rdf:rest > ] ; + node387 -> node388 [ color=BLACK, label=< sh:path > ] ; + node390 -> node391 [ color=BLACK, label=< rdf:first > ] ; + node375 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node308 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node393 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node394 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node395 -> node396 [ color=BLACK, label=< rdf:first > ] ; + node277 -> node397 [ color=BLACK, label=< sh:path > ] ; + node141 -> node398 [ color=BLACK, label=< owl:sameAs > ] ; + node159 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node274 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node400 -> node361 [ color=BLACK, label=< rdf:first > ] ; + node401 -> node402 [ color=BLACK, label=< rdf:rest > ] ; + node403 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node404 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node366 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node405 -> node406 [ color=BLACK, label=< sh:path > ] ; + node376 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node409 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node410 -> node411 [ color=BLACK, label=< rdf:rest > ] ; + node412 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node124 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node413 -> node200 [ color=BLACK, label=< rdf:first > ] ; + node297 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node416 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node328 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node401 -> node153 [ color=BLACK, label=< rdf:first > ] ; + node417 -> node418 [ color=BLACK, label=< rdf:first > ] ; + node198 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node112 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node133 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node419 -> node290 [ color=BLACK, label=< sh:class > ] ; + node420 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node421 -> node295 [ color=BLACK, label=< rdf:first > ] ; + node422 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node423 -> node424 [ color=BLACK, label=< rdf:rest > ] ; + node224 -> node425 [ color=BLACK, label=< sh:path > ] ; + node82 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node278 -> node426 [ color=BLACK, label=< sh:path > ] ; + node427 -> node428 [ color=BLACK, label=< rdf:type > ] ; + node323 -> node383 [ color=BLACK, label=< rdf:first > ] ; + node429 -> node288 [ color=BLACK, label=< rdf:type > ] ; + node430 -> node431 [ color=BLACK, label=< rdf:first > ] ; + node432 -> node135 [ color=BLACK, label=< rdf:type > ] ; + node435 -> node436 [ color=BLACK, label=< rdf:first > ] ; + node437 -> node438 [ color=BLACK, label=< rdf:rest > ] ; + node440 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node180 -> node441 [ color=BLACK, label=< sh:property > ] ; + node442 -> node443 [ color=BLACK, label=< rdf:first > ] ; + node445 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node447 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node172 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node449 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node450 -> node451 [ color=BLACK, label=< rdf:rest > ] ; + node452 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node453 -> node454 [ color=BLACK, label=< rdfs:range > ] ; + node456 -> node457 [ color=BLACK, label=< rdf:rest > ] ; + node381 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node458 -> node459 [ color=BLACK, label=< sh:property > ] ; + node460 -> node228 [ color=BLACK, label=< rdf:first > ] ; + node461 -> node462 [ color=BLACK, label=< rdf:first > ] ; + node290 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node461 -> node463 [ color=BLACK, label=< rdf:rest > ] ; + node464 -> node432 [ color=BLACK, label=< rdf:first > ] ; + node466 -> node467 [ color=BLACK, label=< sh:property > ] ; + node468 -> node469 [ color=BLACK, label=< rdf:rest > ] ; + node11 -> node470 [ color=BLACK, label=< sh:property > ] ; + node472 -> node57 [ color=BLACK, label=< sh:class > ] ; + node474 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node476 -> node476 [ color=BLACK, label=< owl:sameAs > ] ; + node85 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node477 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node458 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node478 -> node479 [ color=BLACK, label=< rdf:rest > ] ; + node481 -> node219 [ color=BLACK, label=< rdf:first > ] ; + node482 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node389 -> node11 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node186 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node455 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node483 -> node484 [ color=BLACK, label=< rdf:type > ] ; + node485 -> node419 [ color=BLACK, label=< sh:property > ] ; + node486 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node487 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node362 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node488 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node133 -> node489 [ color=BLACK, label=< sh:property > ] ; + node376 -> node491 [ color=BLACK, label=< sh:path > ] ; + node451 -> node220 [ color=BLACK, label=< rdf:rest > ] ; + node277 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node492 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node464 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node493 -> node494 [ color=BLACK, label=< rdf:first > ] ; + node72 -> node281 [ color=BLACK, label=< sh:property > ] ; + node496 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node14 -> node116 [ color=BLACK, label=< sh:path > ] ; + node497 -> node78 [ color=BLACK, label=< rdf:first > ] ; + node498 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node499 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node156 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node397 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node501 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node502 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node504 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node505 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node506 -> node507 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node256 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node162 -> node454 [ color=BLACK, label=< sh:datatype > ] ; + node307 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node204 -> node510 [ color=BLACK, label=< rdf:rest > ] ; + node387 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node511 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node512 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node192 -> node215 [ color=BLACK, label=< sh:property > ] ; + node514 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node53 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node466 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node395 -> node516 [ color=BLACK, label=< rdf:rest > ] ; + node517 -> node518 [ color=BLACK, label=< rdf:rest > ] ; + node520 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node522 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node523 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node192 -> node524 [ color=BLACK, label=< sh:property > ] ; + node525 -> node526 [ color=BLACK, label=< rdf:rest > ] ; + node527 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node96 -> node529 [ color=BLACK, label=< rdf:first > ] ; + node530 -> node210 [ color=BLACK, label=< rdf:first > ] ; + node53 -> node531 [ color=BLACK, label=< sh:property > ] ; + node532 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node533 -> node245 [ color=BLACK, label=< sh:in > ] ; + node127 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node66 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node535 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node207 -> node312 [ color=BLACK, label=< rdf:first > ] ; + node192 -> node439 [ color=BLACK, label=< sh:property > ] ; + node160 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node300 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node265 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node240 -> node178 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node215 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node211 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node538 -> node539 [ color=BLACK, label=< rdf:first > ] ; + node275 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node540 -> node156 [ color=BLACK, label=< sh:property > ] ; + node542 -> node75 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node455 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node543 -> node544 [ color=BLACK, label=< rdf:rest > ] ; + node545 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node546 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node192 -> node167 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node82 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node124 -> node547 [ color=BLACK, label=< sh:property > ] ; + node548 -> node549 [ color=BLACK, label=< rdf:rest > ] ; + node551 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node553 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node554 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node298 -> node555 [ color=BLACK, label=< sh:class > ] ; + node396 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node228 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node335 -> node185 [ color=BLACK, label=< sh:class > ] ; + node557 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node90 -> node558 [ color=BLACK, label=< sh:property > ] ; + node174 -> node15 [ color=BLACK, label=< sh:path > ] ; + node559 -> node560 [ color=BLACK, label=< rdf:rest > ] ; + node561 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node403 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node206 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node562 -> node563 [ color=BLACK, label=< rdf:rest > ] ; + node564 -> node565 [ color=BLACK, label=< rdf:rest > ] ; + node566 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node568 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node569 -> node170 [ color=BLACK, label=< rdf:first > ] ; + node500 -> node397 [ color=BLACK, label=< sh:path > ] ; + node570 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node571 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node572 -> node573 [ color=BLACK, label=< sh:path > ] ; + node574 -> node575 [ color=BLACK, label=< rdf:first > ] ; + node576 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node577 -> node578 [ color=BLACK, label=< rdf:rest > ] ; + node469 -> node579 [ color=BLACK, label=< rdf:rest > ] ; + node580 -> node555 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node78 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node583 -> node408 [ color=BLACK, label=< rdf:first > ] ; + node537 -> node584 [ color=BLACK, label=< sh:path > ] ; + node536 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node585 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node587 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node247 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node589 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node519 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node125 -> node590 [ color=BLACK, label=< rdf:first > ] ; + node23 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node591 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node592 -> node588 [ color=BLACK, label=< sh:path > ] ; + node281 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node594 -> node229 [ color=BLACK, label=< sh:property > ] ; + node543 -> node595 [ color=BLACK, label=< rdf:first > ] ; + node596 -> node597 [ color=BLACK, label=< rdf:rest > ] ; + node593 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node598 -> node226 [ color=BLACK, label=< rdf:first > ] ; + node439 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node601 -> node602 [ color=BLACK, label=< rdf:first > ] ; + node172 -> node603 [ color=BLACK, label=< sh:property > ] ; + node165 -> node478 [ color=BLACK, label=< rdf:rest > ] ; + node470 -> node604 [ color=BLACK, label=< sh:path > ] ; + node405 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node594 -> node605 [ color=BLACK, label=< sh:property > ] ; + node606 -> node122 [ color=BLACK, label=< rdf:rest > ] ; + node607 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node608 -> node108 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node609 -> node445 [ color=BLACK, label=< rdf:first > ] ; + node471 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node610 -> node461 [ color=BLACK, label=< rdf:rest > ] ; + node611 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node612 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node613 -> node61 [ color=BLACK, label=< rdf:first > ] ; + node17 -> node359 [ color=BLACK, label=< sh:property > ] ; + node379 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node614 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node457 -> node2 [ color=BLACK, label=< rdf:rest > ] ; + node320 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node615 -> node616 [ color=BLACK, label=< rdf:first > ] ; + node617 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node121 -> node618 [ color=BLACK, label=< sh:path > ] ; + node619 -> node150 [ color=BLACK, label=< sh:property > ] ; + node407 -> node144 [ color=BLACK, label=< rdfs:range > ] ; + node178 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node620 -> node621 [ color=BLACK, label=< rdf:first > ] ; + node622 -> node214 [ color=BLACK, label=< rdfs:range > ] ; + node435 -> node624 [ color=BLACK, label=< rdf:rest > ] ; + node582 -> node75 [ color=BLACK, label=< rdfs:range > ] ; + node625 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node365 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node48 -> node626 [ color=BLACK, label=< sh:path > ] ; + node627 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node629 -> node110 [ color=BLACK, label=< rdf:first > ] ; + node630 -> node631 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node542 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node632 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node423 -> node67 [ color=BLACK, label=< rdf:first > ] ; + node55 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node633 -> node507 [ color=BLACK, label=< sh:class > ] ; + node634 -> node203 [ color=BLACK, label=< rdf:rest > ] ; + node184 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node60 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node629 -> node100 [ color=BLACK, label=< rdf:rest > ] ; + node635 -> node205 [ color=BLACK, label=< rdf:rest > ] ; + node636 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node637 -> node171 [ color=BLACK, label=< rdf:first > ] ; + node638 -> node639 [ color=BLACK, label=< rdf:first > ] ; + node360 -> node640 [ color=BLACK, label=< sh:property > ] ; + node641 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node500 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node558 -> node642 [ color=BLACK, label=< sh:path > ] ; + node643 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node645 -> node178 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node647 -> node648 [ color=BLACK, label=< rdf:rest > ] ; + node386 -> node386 [ color=BLACK, label=< owl:sameAs > ] ; + node278 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node80 -> node649 [ color=BLACK, label=< sh:property > ] ; + node425 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node650 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node24 -> node488 [ color=BLACK, label=< sh:property > ] ; + node583 -> node652 [ color=BLACK, label=< rdf:rest > ] ; + node653 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node654 -> node655 [ color=BLACK, label=< sh:path > ] ; + node656 -> node657 [ color=BLACK, label=< rdf:first > ] ; + node658 -> node197 [ color=BLACK, label=< rdf:rest > ] ; + node294 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node262 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node661 -> node662 [ color=BLACK, label=< rdf:first > ] ; + node547 -> node144 [ color=BLACK, label=< sh:class > ] ; + node663 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node665 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node152 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node666 -> node667 [ color=BLACK, label=< rdf:rest > ] ; + node559 -> node505 [ color=BLACK, label=< rdf:first > ] ; + node86 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node668 -> node66 [ color=BLACK, label=< rdf:first > ] ; + node669 -> node670 [ color=BLACK, label=< rdf:first > ] ; + node72 -> node671 [ color=BLACK, label=< sh:property > ] ; + node72 -> node393 [ color=BLACK, label=< sh:property > ] ; + node372 -> node290 [ color=BLACK, label=< rdf:type > ] ; + node648 -> node672 [ color=BLACK, label=< rdf:rest > ] ; + node673 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node648 -> node46 [ color=BLACK, label=< rdf:first > ] ; + node597 -> node674 [ color=BLACK, label=< rdf:rest > ] ; + node19 -> node529 [ color=BLACK, label=< rdf:first > ] ; + node675 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node676 -> node403 [ color=BLACK, label=< rdf:first > ] ; + node393 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node148 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node677 -> node678 [ color=BLACK, label=< rdf:rest > ] ; + node155 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node11 -> node592 [ color=BLACK, label=< sh:property > ] ; + node150 -> node17 [ color=BLACK, label=< sh:class > ] ; + node258 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node569 -> node680 [ color=BLACK, label=< rdf:rest > ] ; + node681 -> node497 [ color=BLACK, label=< rdf:rest > ] ; + node682 -> node183 [ color=BLACK, label=< rdf:first > ] ; + node229 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node251 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node64 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node236 -> node423 [ color=BLACK, label=< rdf:rest > ] ; + node250 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node686 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node575 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node521 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node621 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node687 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node662 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node688 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node561 -> node416 [ color=BLACK, label=< sh:property > ] ; + node17 -> node689 [ color=BLACK, label=< sh:property > ] ; + node690 -> node691 [ color=BLACK, label=< rdf:rest > ] ; + node692 -> node693 [ color=BLACK, label=< rdf:rest > ] ; + node694 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node65 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node558 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node465 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node167 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node612 -> node267 [ color=BLACK, label=< sh:property > ] ; + node695 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node192 -> node291 [ color=BLACK, label=< sh:property > ] ; + node115 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node134 -> node696 [ color=BLACK, label=< sh:path > ] ; + node697 -> node675 [ color=BLACK, label=< rdf:first > ] ; + node698 -> node661 [ color=BLACK, label=< rdf:rest > ] ; + node699 -> node700 [ color=BLACK, label=< sh:path > ] ; + node514 -> node144 [ color=BLACK, label=< sh:class > ] ; + node534 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node619 -> node86 [ color=BLACK, label=< sh:property > ] ; + node586 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node192 -> node701 [ color=BLACK, label=< sh:property > ] ; + node702 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node703 -> node468 [ color=BLACK, label=< rdf:rest > ] ; + node180 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node124 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node217 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node704 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node459 -> node454 [ color=BLACK, label=< sh:datatype > ] ; + node631 -> node42 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node705 -> node108 [ color=BLACK, label=< sh:class > ] ; + node360 -> node707 [ color=BLACK, label=< sh:property > ] ; + node708 -> node609 [ color=BLACK, label=< rdf:rest > ] ; + node17 -> node705 [ color=BLACK, label=< sh:property > ] ; + node284 -> node328 [ color=BLACK, label=< sh:path > ] ; + node467 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node167 -> node710 [ color=BLACK, label=< sh:property > ] ; + node711 -> node712 [ color=BLACK, label=< rdf:rest > ] ; + node713 -> node536 [ color=BLACK, label=< sh:path > ] ; + node120 -> node157 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node619 -> node521 [ color=BLACK, label=< sh:property > ] ; + node701 -> node47 [ color=BLACK, label=< sh:path > ] ; + node443 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node192 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node299 -> node555 [ color=BLACK, label=< rdfs:range > ] ; + node715 -> node679 [ color=BLACK, label=< sh:path > ] ; + node716 -> node213 [ color=BLACK, label=< sh:path > ] ; + node453 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node717 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node444 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node719 -> node720 [ color=BLACK, label=< sh:path > ] ; + node91 -> node721 [ color=BLACK, label=< sh:path > ] ; + node683 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node722 -> node570 [ color=BLACK, label=< rdf:first > ] ; + node324 -> node643 [ color=BLACK, label=< sh:path > ] ; + node723 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node667 -> node681 [ color=BLACK, label=< rdf:rest > ] ; + node581 -> node90 [ color=BLACK, label=< rdfs:range > ] ; + node624 -> node129 [ color=BLACK, label=< rdf:rest > ] ; + node196 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node580 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node665 -> node327 [ color=BLACK, label=< sh:path > ] ; + node724 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node725 -> node260 [ color=BLACK, label=< rdf:rest > ] ; + node726 -> node727 [ color=BLACK, label=< sh:path > ] ; + node728 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node729 -> node730 [ color=BLACK, label=< rdf:first > ] ; + node142 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node731 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node11 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node734 -> node632 [ color=BLACK, label=< sh:path > ] ; + node67 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node152 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node735 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node498 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node736 -> node80 [ color=BLACK, label=< sh:class > ] ; + node178 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node737 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node738 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node367 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node739 -> node163 [ color=BLACK, label=< rdf:rest > ] ; + node91 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node740 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node581 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node31 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node741 -> node676 [ color=BLACK, label=< rdf:rest > ] ; + node619 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node743 -> node627 [ color=BLACK, label=< rdfs:range > ] ; + node744 -> node745 [ color=BLACK, label=< rdf:rest > ] ; + node544 -> node571 [ color=BLACK, label=< rdf:first > ] ; + node43 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node496 -> node289 [ color=BLACK, label=< sh:path > ] ; + node746 -> node95 [ color=BLACK, label=< rdf:first > ] ; + node747 -> node587 [ color=BLACK, label=< rdf:first > ] ; + node179 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node748 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node529 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node170 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node227 -> node321 [ color=BLACK, label=< sh:path > ] ; + node750 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node751 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; node752 -> node753 [ color=BLACK, label=< rdf:rest > ] ; - node334 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node755 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node518 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node363 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node757 -> node758 [ color=BLACK, label=< rdf:first > ] ; - node595 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node545 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node604 -> node529 [ color=BLACK, label=< sh:path > ] ; - node713 -> node349 [ color=BLACK, label=< sh:in > ] ; - node630 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node179 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node760 -> node761 [ color=BLACK, label=< rdf:first > ] ; - node762 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node471 -> node763 [ color=BLACK, label=< sh:class > ] ; - node764 -> node765 [ color=BLACK, label=< rdf:first > ] ; - node524 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node405 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node371 -> node766 [ color=BLACK, label=< rdf:rest > ] ; - node503 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node715 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node181 -> node88 [ color=BLACK, label=< sh:class > ] ; - node767 -> node458 [ color=BLACK, label=< sh:path > ] ; - node768 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node770 -> node771 [ color=BLACK, label=< rdf:first > ] ; - node772 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node473 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node102 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node542 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node396 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node456 -> node630 [ color=BLACK, label=< sh:property > ] ; - node482 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node773 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node716 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node291 -> node226 [ color=BLACK, label=< rdf:first > ] ; - node244 -> node657 [ color=BLACK, label=< sh:property > ] ; - node774 -> node439 [ color=BLACK, label=< rdf:first > ] ; - node275 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node112 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node775 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node107 -> node723 [ color=BLACK, label=< rdf:first > ] ; - node776 -> node237 [ color=BLACK, label=< sh:class > ] ; - node577 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node590 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node191 -> node777 [ color=BLACK, label=< sh:property > ] ; - node779 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node710 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node381 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node781 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node696 -> node119 [ color=BLACK, label=< sh:datatype > ] ; - node685 -> node138 [ color=BLACK, label=< sh:class > ] ; - node202 -> node251 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node634 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node225 -> node253 [ color=BLACK, label=< rdf:type > ] ; - node685 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node783 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node83 -> node784 [ color=BLACK, label=< rdf:rest > ] ; - node71 -> node617 [ color=BLACK, label=< sh:property > ] ; - node206 -> node786 [ color=BLACK, label=< sh:property > ] ; - node330 -> node222 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node370 -> node530 [ color=BLACK, label=< sh:path > ] ; - node110 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node222 -> node341 [ color=BLACK, label=< sh:property > ] ; - node508 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node376 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node788 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node789 -> node263 [ color=BLACK, label=< rdf:first > ] ; - node221 -> node790 [ color=BLACK, label=< sh:datatype > ] ; - node220 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node227 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node791 -> node134 [ color=BLACK, label=< rdf:first > ] ; - node675 -> node644 [ color=BLACK, label=< rdf:type > ] ; - node792 -> node361 [ color=BLACK, label=< rdf:rest > ] ; - node793 -> node608 [ color=BLACK, label=< sh:path > ] ; - node794 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node738 -> node795 [ color=BLACK, label=< rdf:rest > ] ; - node784 -> node281 [ color=BLACK, label=< rdf:rest > ] ; - node144 -> node119 [ color=BLACK, label=< sh:datatype > ] ; - node214 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node136 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node130 -> node796 [ color=BLACK, label=< sh:property > ] ; - node93 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node454 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node798 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node799 -> node560 [ color=BLACK, label=< rdf:first > ] ; - node612 -> node251 [ color=BLACK, label=< sh:class > ] ; - node800 -> node129 [ color=BLACK, label=< sh:path > ] ; - node801 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node802 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node804 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node805 -> node806 [ color=BLACK, label=< rdf:rest > ] ; - node223 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node204 -> node807 [ color=BLACK, label=< sh:in > ] ; - node530 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node808 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node768 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node809 -> node810 [ color=BLACK, label=< rdf:rest > ] ; - node595 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node811 -> node85 [ color=BLACK, label=< sh:class > ] ; - node329 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node377 -> node198 [ color=BLACK, label=< rdfs:range > ] ; - node49 -> node569 [ color=BLACK, label=< rdf:rest > ] ; - node33 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node536 -> node695 [ color=BLACK, label=< rdf:first > ] ; - node422 -> node813 [ color=BLACK, label=< sh:path > ] ; - node814 -> node815 [ color=BLACK, label=< sh:property > ] ; - node816 -> node520 [ color=BLACK, label=< rdf:rest > ] ; - node111 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node179 -> node318 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node265 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node69 -> node614 [ color=BLACK, label=< sh:class > ] ; - node560 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node731 -> node222 [ color=BLACK, label=< sh:class > ] ; - node204 -> node149 [ color=BLACK, label=< sh:path > ] ; - node75 -> node198 [ color=BLACK, label=< rdf:type > ] ; - node13 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node70 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node818 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node21 -> node388 [ color=BLACK, label=< sh:property > ] ; + node588 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node64 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node756 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node757 -> node525 [ color=BLACK, label=< rdf:rest > ] ; + node12 -> node758 [ color=BLACK, label=< sh:in > ] ; + node383 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node139 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node760 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node231 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node761 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node2 -> node614 [ color=BLACK, label=< rdf:first > ] ; + node49 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node108 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node430 -> node574 [ color=BLACK, label=< rdf:rest > ] ; + node617 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node592 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node667 -> node664 [ color=BLACK, label=< rdf:first > ] ; + node524 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node144 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node287 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node515 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node141 -> node142 [ color=BLACK, label=< rdf:type > ] ; + node765 -> node742 [ color=BLACK, label=< sh:path > ] ; + node766 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node485 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node306 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node470 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node618 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node110 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node670 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node768 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node769 -> node159 [ color=BLACK, label=< rdf:type > ] ; + node627 -> node269 [ color=BLACK, label=< sh:property > ] ; + node107 -> node464 [ color=BLACK, label=< rdf:rest > ] ; + node771 -> node737 [ color=BLACK, label=< rdf:first > ] ; + node772 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node531 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node87 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node650 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node659 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node773 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node719 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node774 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node418 -> node159 [ color=BLACK, label=< rdf:type > ] ; + node651 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node381 -> node248 [ color=BLACK, label=< sh:property > ] ; + node279 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node416 -> node743 [ color=BLACK, label=< sh:path > ] ; + node441 -> node776 [ color=BLACK, label=< sh:path > ] ; + node777 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node535 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node82 -> node315 [ color=BLACK, label=< sh:property > ] ; + node778 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node779 -> node368 [ color=BLACK, label=< rdf:first > ] ; + node117 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node590 -> node477 [ color=BLACK, label=< rdf:type > ] ; + node189 -> node600 [ color=BLACK, label=< sh:path > ] ; + node64 -> node303 [ color=BLACK, label=< sh:property > ] ; + node636 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node576 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node595 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node371 -> node251 [ color=BLACK, label=< rdf:rest > ] ; + node568 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node315 -> node320 [ color=BLACK, label=< sh:path > ] ; + node153 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node421 -> node363 [ color=BLACK, label=< rdf:rest > ] ; + node394 -> node17 [ color=BLACK, label=< sh:class > ] ; + node82 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node781 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node539 -> node32 [ color=BLACK, label=< rdf:type > ] ; + node177 -> node744 [ color=BLACK, label=< rdf:rest > ] ; + node575 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node707 -> node782 [ color=BLACK, label=< sh:path > ] ; + node783 -> node194 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node82 -> node409 [ color=BLACK, label=< sh:property > ] ; + node33 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node612 -> node194 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node784 -> node706 [ color=BLACK, label=< rdf:first > ] ; + node785 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node713 -> node144 [ color=BLACK, label=< sh:class > ] ; + node143 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node528 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node406 -> node157 [ color=BLACK, label=< rdfs:range > ] ; + node788 -> node760 [ color=BLACK, label=< sh:path > ] ; + node495 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node257 -> node217 [ color=BLACK, label=< sh:path > ] ; + node789 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node790 -> node480 [ color=BLACK, label=< rdf:first > ] ; + node791 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node311 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node433 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node61 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node415 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node792 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node52 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node370 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node754 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node260 -> node170 [ color=BLACK, label=< rdf:first > ] ; + node72 -> node628 [ color=BLACK, label=< sh:property > ] ; + node618 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node793 -> node794 [ color=BLACK, label=< rdf:first > ] ; + node730 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node625 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node795 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node278 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node51 -> node538 [ color=BLACK, label=< rdf:rest > ] ; + node594 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node535 -> node555 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node547 -> node797 [ color=BLACK, label=< sh:path > ] ; + node315 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node798 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node152 -> node284 [ color=BLACK, label=< sh:property > ] ; + node799 -> node800 [ color=BLACK, label=< rdf:rest > ] ; + node108 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node801 -> node327 [ color=BLACK, label=< sh:path > ] ; + node131 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node180 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node722 -> node802 [ color=BLACK, label=< rdf:rest > ] ; + node230 -> node803 [ color=BLACK, label=< sh:property > ] ; + node625 -> node474 [ color=BLACK, label=< sh:path > ] ; + node804 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node508 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node733 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node248 -> node502 [ color=BLACK, label=< sh:path > ] ; + node721 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node134 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node40 -> node763 [ color=BLACK, label=< sh:property > ] ; + node806 -> node771 [ color=BLACK, label=< rdf:rest > ] ; + node67 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node294 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node242 -> node307 [ color=BLACK, label=< sh:property > ] ; + node807 -> node808 [ color=BLACK, label=< rdf:rest > ] ; + node46 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node809 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node810 -> node653 [ color=BLACK, label=< rdf:type > ] ; + node473 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node762 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node690 -> node812 [ color=BLACK, label=< rdf:first > ] ; + node493 -> node698 [ color=BLACK, label=< rdf:rest > ] ; + node544 -> node813 [ color=BLACK, label=< rdf:rest > ] ; + node710 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node235 -> node814 [ color=BLACK, label=< sh:path > ] ; + node815 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node192 -> node816 [ color=BLACK, label=< sh:property > ] ; + node817 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node818 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node333 -> node22 [ color=BLACK, label=< rdf:type > ] ; node819 -> node820 [ color=BLACK, label=< rdf:rest > ] ; - node821 -> node822 [ color=BLACK, label=< rdf:rest > ] ; - node392 -> node823 [ color=BLACK, label=< sh:property > ] ; - node526 -> node824 [ color=BLACK, label=< rdf:rest > ] ; - node97 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node745 -> node672 [ color=BLACK, label=< sh:path > ] ; - node825 -> node431 [ color=BLACK, label=< rdfs:range > ] ; - node226 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node787 -> node116 [ color=BLACK, label=< sh:path > ] ; - node826 -> node827 [ color=BLACK, label=< rdf:rest > ] ; - node828 -> node829 [ color=BLACK, label=< rdf:rest > ] ; - node460 -> node718 [ color=BLACK, label=< sh:path > ] ; - node725 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node651 -> node38 [ color=BLACK, label=< rdf:type > ] ; - node830 -> node476 [ color=BLACK, label=< rdf:rest > ] ; - node361 -> node538 [ color=BLACK, label=< rdf:first > ] ; - node318 -> node798 [ color=BLACK, label=< sh:property > ] ; - node71 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node831 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node561 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node751 -> node177 [ color=BLACK, label=< rdfs:range > ] ; - node832 -> node690 [ color=BLACK, label=< rdf:rest > ] ; - node833 -> node717 [ color=BLACK, label=< rdf:rest > ] ; - node834 -> node618 [ color=BLACK, label=< rdf:first > ] ; - node211 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node694 -> node835 [ color=BLACK, label=< sh:path > ] ; - node290 -> node723 [ color=BLACK, label=< rdf:first > ] ; - node138 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node399 -> node836 [ color=BLACK, label=< sh:path > ] ; - node260 -> node201 [ color=BLACK, label=< sh:property > ] ; - node592 -> node748 [ color=BLACK, label=< rdf:rest > ] ; - node488 -> node24 [ color=BLACK, label=< rdf:type > ] ; - node628 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node838 -> node209 [ color=BLACK, label=< rdf:first > ] ; - node446 -> node839 [ color=BLACK, label=< rdf:type > ] ; - node342 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node222 -> node513 [ color=BLACK, label=< sh:property > ] ; + node336 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node438 -> node821 [ color=BLACK, label=< rdf:rest > ] ; + node822 -> node161 [ color=BLACK, label=< rdf:first > ] ; + node803 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node823 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node824 -> node775 [ color=BLACK, label=< rdf:first > ] ; + node360 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node799 -> node520 [ color=BLACK, label=< rdf:first > ] ; + node367 -> node826 [ color=BLACK, label=< sh:path > ] ; + node292 -> node288 [ color=BLACK, label=< rdf:type > ] ; + node733 -> node668 [ color=BLACK, label=< sh:in > ] ; + node732 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node449 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node798 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node610 -> node154 [ color=BLACK, label=< rdf:first > ] ; + node672 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node828 -> node173 [ color=BLACK, label=< rdf:type > ] ; + node93 -> node805 [ color=BLACK, label=< rdf:first > ] ; + node360 -> node387 [ color=BLACK, label=< sh:property > ] ; + node782 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node240 -> node513 [ color=BLACK, label=< sh:property > ] ; + node591 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node749 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node654 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node214 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node40 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node593 -> node288 [ color=BLACK, label=< rdfs:range > ] ; + node573 -> node830 [ color=BLACK, label=< rdfs:range > ] ; + node364 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node831 -> node17 [ color=BLACK, label=< sh:class > ] ; + node164 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node466 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node15 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node561 -> node738 [ color=BLACK, label=< sh:property > ] ; + node833 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node218 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node783 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node558 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node834 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node457 -> node332 [ color=BLACK, label=< rdf:first > ] ; + node434 -> node144 [ color=BLACK, label=< rdfs:range > ] ; + node644 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node835 -> node159 [ color=BLACK, label=< rdfs:range > ] ; + node73 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node8 -> node33 [ color=BLACK, label=< sh:class > ] ; + node836 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node837 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node838 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node345 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node738 -> node839 [ color=BLACK, label=< sh:path > ] ; + node534 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node518 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node194 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node95 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node90 -> node392 [ color=BLACK, label=< sh:property > ] ; + node386 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node537 -> node454 [ color=BLACK, label=< sh:datatype > ] ; node840 -> node841 [ color=BLACK, label=< rdf:rest > ] ; - node487 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node638 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node182 -> node842 [ color=BLACK, label=< rdf:rest > ] ; - node550 -> node270 [ color=BLACK, label=< rdf:first > ] ; - node844 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node115 -> node462 [ color=BLACK, label=< sh:path > ] ; - node347 -> node131 [ color=BLACK, label=< rdf:first > ] ; - node845 -> node828 [ color=BLACK, label=< rdf:rest > ] ; - node155 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node847 -> node547 [ color=BLACK, label=< rdf:first > ] ; - node270 -> node128 [ color=BLACK, label=< rdf:type > ] ; - node848 -> node843 [ color=BLACK, label=< rdf:first > ] ; - node849 -> node62 [ color=BLACK, label=< rdf:first > ] ; - node333 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node461 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node850 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node851 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node71 -> node800 [ color=BLACK, label=< sh:property > ] ; - node513 -> node780 [ color=BLACK, label=< sh:path > ] ; - node828 -> node322 [ color=BLACK, label=< rdf:first > ] ; - node418 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node836 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node823 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node852 -> node190 [ color=BLACK, label=< rdf:first > ] ; - node170 -> node21 [ color=BLACK, label=< sh:class > ] ; - node550 -> node760 [ color=BLACK, label=< rdf:rest > ] ; - node559 -> node853 [ color=BLACK, label=< rdf:first > ] ; - node391 -> node253 [ color=BLACK, label=< rdf:type > ] ; - node854 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node111 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node177 -> node586 [ color=BLACK, label=< sh:property > ] ; - node780 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node855 -> node24 [ color=BLACK, label=< rdf:type > ] ; - node150 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node151 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node73 -> node856 [ color=BLACK, label=< rdf:rest > ] ; - node241 -> node582 [ color=BLACK, label=< rdfs:range > ] ; - node857 -> node788 [ color=BLACK, label=< sh:path > ] ; - node858 -> node81 [ color=BLACK, label=< rdf:first > ] ; - node630 -> node523 [ color=BLACK, label=< sh:path > ] ; - node407 -> node253 [ color=BLACK, label=< rdf:type > ] ; - node18 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node401 -> node41 [ color=BLACK, label=< rdf:type > ] ; - node327 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node859 -> node779 [ color=BLACK, label=< rdf:first > ] ; - node464 -> node34 [ color=BLACK, label=< sh:class > ] ; - node571 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node348 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node860 -> node553 [ color=BLACK, label=< rdf:first > ] ; - node861 -> node720 [ color=BLACK, label=< rdf:rest > ] ; - node862 -> node253 [ color=BLACK, label=< rdf:type > ] ; - node262 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node750 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node368 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node642 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node687 -> node272 [ color=BLACK, label=< rdf:first > ] ; - node363 -> node664 [ color=BLACK, label=< sh:property > ] ; - node861 -> node701 [ color=BLACK, label=< rdf:first > ] ; - node240 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node369 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node337 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node233 -> node746 [ color=BLACK, label=< rdf:rest > ] ; - node132 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node864 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node865 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node724 -> node531 [ color=BLACK, label=< rdf:rest > ] ; - node251 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node866 -> node561 [ color=BLACK, label=< rdf:first > ] ; - node867 -> node868 [ color=BLACK, label=< rdf:first > ] ; - node25 -> node21 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node298 -> node757 [ color=BLACK, label=< rdf:rest > ] ; - node869 -> node128 [ color=BLACK, label=< rdf:type > ] ; - node856 -> node870 [ color=BLACK, label=< rdf:rest > ] ; - node691 -> node482 [ color=BLACK, label=< rdf:first > ] ; - node686 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node800 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node211 -> node403 [ color=BLACK, label=< rdfs:range > ] ; - node871 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node779 -> node205 [ color=BLACK, label=< rdf:type > ] ; - node71 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node374 -> node873 [ color=BLACK, label=< sh:datatype > ] ; - node754 -> node874 [ color=BLACK, label=< rdfs:range > ] ; - node851 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node363 -> node100 [ color=BLACK, label=< sh:property > ] ; - node344 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node552 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node536 -> node876 [ color=BLACK, label=< rdf:rest > ] ; - node206 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node324 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node877 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node878 -> node879 [ color=BLACK, label=< sh:path > ] ; - node427 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node178 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node566 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node121 -> node96 [ color=BLACK, label=< sh:class > ] ; - node425 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node108 -> node226 [ color=BLACK, label=< rdf:first > ] ; - node250 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node585 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node547 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node881 -> node13 [ color=BLACK, label=< rdf:first > ] ; - node617 -> node831 [ color=BLACK, label=< sh:path > ] ; - node449 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node787 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node219 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node650 -> node582 [ color=BLACK, label=< rdf:type > ] ; - node620 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node239 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node77 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node689 -> node516 [ color=BLACK, label=< sh:property > ] ; - node863 -> node614 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node466 -> node34 [ color=BLACK, label=< rdfs:range > ] ; - node423 -> node874 [ color=BLACK, label=< rdf:type > ] ; - node882 -> node575 [ color=BLACK, label=< rdf:first > ] ; - node288 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node396 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node883 -> node871 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node884 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node885 -> node769 [ color=BLACK, label=< rdf:first > ] ; - node232 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node822 -> node544 [ color=BLACK, label=< rdf:rest > ] ; - node195 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node224 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node885 -> node886 [ color=BLACK, label=< rdf:rest > ] ; - node340 -> node278 [ color=BLACK, label=< sh:property > ] ; - node470 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node838 -> node799 [ color=BLACK, label=< rdf:rest > ] ; - node814 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node25 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node515 -> node889 [ color=BLACK, label=< rdf:rest > ] ; - node658 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node317 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node785 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node236 -> node130 [ color=BLACK, label=< rdf:type > ] ; - node31 -> node890 [ color=BLACK, label=< sh:path > ] ; - node677 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node40 -> node509 [ color=BLACK, label=< sh:property > ] ; - node341 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node678 -> node825 [ color=BLACK, label=< sh:path > ] ; - node159 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node479 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node300 -> node642 [ color=BLACK, label=< rdf:first > ] ; - node88 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node511 -> node222 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node777 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node892 -> node543 [ color=BLACK, label=< rdf:first > ] ; - node893 -> node611 [ color=BLACK, label=< rdf:rest > ] ; - node894 -> node595 [ color=BLACK, label=< rdf:first > ] ; - node895 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node896 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node814 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node734 -> node801 [ color=BLACK, label=< rdf:first > ] ; - node589 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node897 -> node898 [ color=BLACK, label=< rdf:rest > ] ; - node179 -> node686 [ color=BLACK, label=< sh:property > ] ; - node93 -> node648 [ color=BLACK, label=< sh:path > ] ; - node167 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node772 -> node706 [ color=BLACK, label=< sh:path > ] ; - node702 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node899 -> node271 [ color=BLACK, label=< rdf:first > ] ; - node306 -> node168 [ color=BLACK, label=< rdf:first > ] ; - node490 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node763 -> node421 [ color=BLACK, label=< sh:property > ] ; - node168 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node477 -> node640 [ color=BLACK, label=< rdf:rest > ] ; - node900 -> node581 [ color=BLACK, label=< rdf:first > ] ; - node213 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node901 -> node902 [ color=BLACK, label=< rdf:rest > ] ; - node363 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node601 -> node128 [ color=BLACK, label=< rdfs:range > ] ; - node474 -> node794 [ color=BLACK, label=< rdf:first > ] ; - node71 -> node98 [ color=BLACK, label=< sh:property > ] ; - node580 -> node368 [ color=BLACK, label=< rdf:first > ] ; - node330 -> node9 [ color=BLACK, label=< sh:property > ] ; - node621 -> node903 [ color=BLACK, label=< rdf:first > ] ; - node904 -> node348 [ color=BLACK, label=< rdf:first > ] ; - node808 -> node455 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node683 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node392 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node837 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node874 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node905 -> node906 [ color=BLACK, label=< rdf:rest > ] ; - node372 -> node253 [ color=BLACK, label=< rdf:type > ] ; - node223 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node568 -> node907 [ color=BLACK, label=< rdf:rest > ] ; - node386 -> node804 [ color=BLACK, label=< rdf:first > ] ; - node908 -> node112 [ color=BLACK, label=< sh:class > ] ; - node66 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node909 -> node197 [ color=BLACK, label=< rdf:first > ] ; - node663 -> node803 [ color=BLACK, label=< rdf:first > ] ; - node350 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node747 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node192 -> node205 [ color=BLACK, label=< sh:class > ] ; - node435 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node910 -> node194 [ color=BLACK, label=< sh:class > ] ; - node399 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node785 -> node184 [ color=BLACK, label=< sh:path > ] ; - node9 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node251 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node12 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node79 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node911 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node250 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node573 -> node539 [ color=BLACK, label=< rdf:rest > ] ; - node466 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node521 -> node764 [ color=BLACK, label=< rdf:rest > ] ; - node222 -> node912 [ color=BLACK, label=< sh:property > ] ; - node543 -> node41 [ color=BLACK, label=< rdf:type > ] ; - node913 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node101 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node914 -> node440 [ color=BLACK, label=< rdf:rest > ] ; - node422 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node432 -> node895 [ color=BLACK, label=< sh:path > ] ; - node326 -> node128 [ color=BLACK, label=< rdf:type > ] ; - node693 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node780 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node207 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node236 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node916 -> node917 [ color=BLACK, label=< rdf:first > ] ; - node221 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node397 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node918 -> node840 [ color=BLACK, label=< rdf:rest > ] ; - node343 -> node398 [ color=BLACK, label=< sh:class > ] ; - node184 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node906 -> node417 [ color=BLACK, label=< rdf:first > ] ; - node749 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node478 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node261 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node919 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node755 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node484 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node905 -> node782 [ color=BLACK, label=< rdf:first > ] ; - node202 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node180 -> node34 [ color=BLACK, label=< sh:class > ] ; - node174 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node144 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node408 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node762 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node546 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node733 -> node154 [ color=BLACK, label=< rdf:first > ] ; - node922 -> node923 [ color=BLACK, label=< rdf:rest > ] ; - node153 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node517 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node912 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node431 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node924 -> node925 [ color=BLACK, label=< rdf:first > ] ; - node816 -> node590 [ color=BLACK, label=< rdf:first > ] ; - node35 -> node926 [ color=BLACK, label=< sh:path > ] ; - node484 -> node40 [ color=BLACK, label=< sh:class > ] ; - node913 -> node927 [ color=BLACK, label=< sh:property > ] ; - node928 -> node924 [ color=BLACK, label=< rdf:rest > ] ; - node848 -> node404 [ color=BLACK, label=< rdf:rest > ] ; - node177 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node188 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node68 -> node819 [ color=BLACK, label=< rdf:rest > ] ; - node172 -> node663 [ color=BLACK, label=< rdf:rest > ] ; - node51 -> node568 [ color=BLACK, label=< rdf:rest > ] ; - node884 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node280 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node778 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node493 -> node929 [ color=BLACK, label=< rdf:rest > ] ; - node590 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node928 -> node779 [ color=BLACK, label=< rdf:first > ] ; - node605 -> node931 [ color=BLACK, label=< rdf:first > ] ; - node932 -> node933 [ color=BLACK, label=< rdf:rest > ] ; - node505 -> node426 [ color=BLACK, label=< rdf:first > ] ; - node23 -> node41 [ color=BLACK, label=< rdf:type > ] ; - node350 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node266 -> node34 [ color=BLACK, label=< rdfs:range > ] ; - node597 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node573 -> node934 [ color=BLACK, label=< rdf:first > ] ; - node821 -> node725 [ color=BLACK, label=< rdf:first > ] ; - node668 -> node564 [ color=BLACK, label=< rdf:first > ] ; - node694 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node267 -> node830 [ color=BLACK, label=< rdf:rest > ] ; - node682 -> node838 [ color=BLACK, label=< rdf:rest > ] ; - node239 -> node240 [ color=BLACK, label=< sh:property > ] ; - node612 -> node55 [ color=BLACK, label=< sh:path > ] ; - node331 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node532 -> node737 [ color=BLACK, label=< rdf:rest > ] ; - node902 -> node935 [ color=BLACK, label=< rdf:rest > ] ; - node218 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node501 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node82 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node798 -> node936 [ color=BLACK, label=< sh:path > ] ; - node538 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node390 -> node937 [ color=BLACK, label=< rdf:rest > ] ; - node936 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node939 -> node857 [ color=BLACK, label=< sh:property > ] ; - node647 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node650 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node938 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node602 -> node138 [ color=BLACK, label=< rdfs:range > ] ; - node940 -> node563 [ color=BLACK, label=< sh:path > ] ; - node941 -> node337 [ color=BLACK, label=< rdf:first > ] ; - node868 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node889 -> node150 [ color=BLACK, label=< rdf:first > ] ; - node632 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node239 -> node742 [ color=BLACK, label=< sh:property > ] ; - node679 -> node754 [ color=BLACK, label=< sh:path > ] ; - node519 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node20 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node942 -> node943 [ color=BLACK, label=< rdf:rest > ] ; - node876 -> node944 [ color=BLACK, label=< rdf:first > ] ; - node945 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node829 -> node946 [ color=BLACK, label=< rdf:rest > ] ; - node947 -> node268 [ color=BLACK, label=< rdf:first > ] ; - node948 -> node205 [ color=BLACK, label=< sh:class > ] ; - node74 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node502 -> node920 [ color=BLACK, label=< rdf:first > ] ; - node221 -> node692 [ color=BLACK, label=< sh:path > ] ; - node91 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node582 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node114 -> node814 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node491 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node686 -> node949 [ color=BLACK, label=< sh:path > ] ; - node437 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node872 -> node614 [ color=BLACK, label=< rdfs:range > ] ; - node950 -> node55 [ color=BLACK, label=< sh:path > ] ; - node951 -> node915 [ color=BLACK, label=< rdf:first > ] ; - node880 -> node392 [ color=BLACK, label=< rdfs:range > ] ; - node147 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node826 -> node654 [ color=BLACK, label=< rdf:first > ] ; - node328 -> node558 [ color=BLACK, label=< rdf:rest > ] ; - node445 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node952 -> node951 [ color=BLACK, label=< rdf:rest > ] ; - node818 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node458 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node639 -> node881 [ color=BLACK, label=< rdf:rest > ] ; - node196 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node953 -> node593 [ color=BLACK, label=< rdf:first > ] ; - node275 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node895 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node726 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node199 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node540 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node910 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node954 -> node52 [ color=BLACK, label=< rdf:first > ] ; - node815 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node229 -> node455 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node778 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node824 -> node710 [ color=BLACK, label=< rdf:first > ] ; - node927 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node730 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node384 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node720 -> node381 [ color=BLACK, label=< rdf:first > ] ; - node106 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node291 -> node791 [ color=BLACK, label=< rdf:rest > ] ; - node955 -> node66 [ color=BLACK, label=< rdf:first > ] ; - node334 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node865 -> node101 [ color=BLACK, label=< sh:path > ] ; - node363 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node797 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node617 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node956 -> node380 [ color=BLACK, label=< rdf:rest > ] ; - node936 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node335 -> node812 [ color=BLACK, label=< rdf:first > ] ; - node823 -> node462 [ color=BLACK, label=< sh:path > ] ; - node278 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node507 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node285 -> node34 [ color=BLACK, label=< rdfs:range > ] ; - node164 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node957 -> node781 [ color=BLACK, label=< rdf:first > ] ; - node937 -> node903 [ color=BLACK, label=< rdf:first > ] ; - node769 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node638 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node398 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node588 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node44 -> node284 [ color=BLACK, label=< rdf:first > ] ; - node771 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node332 -> node273 [ color=BLACK, label=< sh:class > ] ; - node341 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node237 -> node958 [ color=BLACK, label=< sh:property > ] ; - node934 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node26 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node191 -> node959 [ color=BLACK, label=< sh:property > ] ; - node801 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node4 -> node537 [ color=BLACK, label=< sh:property > ] ; - node698 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node398 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node908 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node609 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node586 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node264 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node659 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node841 -> node49 [ color=BLACK, label=< rdf:rest > ] ; - node551 -> node960 [ color=BLACK, label=< rdf:rest > ] ; - node814 -> node745 [ color=BLACK, label=< sh:property > ] ; - node607 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node91 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node260 -> node155 [ color=BLACK, label=< sh:property > ] ; - node961 -> node85 [ color=BLACK, label=< sh:class > ] ; - node616 -> node704 [ color=BLACK, label=< rdf:rest > ] ; - node567 -> node603 [ color=BLACK, label=< rdf:rest > ] ; - node962 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node626 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node95 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node376 -> node909 [ color=BLACK, label=< sh:in > ] ; - node742 -> node41 [ color=BLACK, label=< sh:class > ] ; - node445 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node548 -> node872 [ color=BLACK, label=< sh:path > ] ; - node469 -> node963 [ color=BLACK, label=< rdf:rest > ] ; - node964 -> node699 [ color=BLACK, label=< sh:path > ] ; - node633 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node270 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node468 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node661 -> node255 [ color=BLACK, label=< rdf:first > ] ; - node104 -> node932 [ color=BLACK, label=< rdf:rest > ] ; - node402 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node681 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node864 -> node21 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node229 -> node47 [ color=BLACK, label=< sh:property > ] ; - node942 -> node779 [ color=BLACK, label=< rdf:first > ] ; - node255 -> node41 [ color=BLACK, label=< rdf:type > ] ; - node950 -> node251 [ color=BLACK, label=< sh:class > ] ; - node496 -> node327 [ color=BLACK, label=< rdf:first > ] ; - node871 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node835 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node966 -> node967 [ color=BLACK, label=< rdf:first > ] ; - node498 -> node770 [ color=BLACK, label=< sh:in > ] ; - node399 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node910 -> node882 [ color=BLACK, label=< sh:in > ] ; - node409 -> node968 [ color=BLACK, label=< rdf:rest > ] ; - node843 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node969 -> node124 [ color=BLACK, label=< rdf:rest > ] ; - node824 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node656 -> node555 [ color=BLACK, label=< rdf:first > ] ; - node518 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node886 -> node445 [ color=BLACK, label=< rdf:first > ] ; - node176 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node112 -> node420 [ color=BLACK, label=< sh:property > ] ; - node557 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node179 -> node438 [ color=BLACK, label=< sh:property > ] ; - node202 -> node678 [ color=BLACK, label=< sh:property > ] ; - node852 -> node489 [ color=BLACK, label=< rdf:rest > ] ; - node714 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node628 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node419 -> node862 [ color=BLACK, label=< rdf:first > ] ; - node86 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node630 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node438 -> node962 [ color=BLACK, label=< sh:path > ] ; - node422 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node813 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node76 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node47 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node903 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node731 -> node424 [ color=BLACK, label=< sh:path > ] ; - node955 -> node172 [ color=BLACK, label=< rdf:rest > ] ; - node319 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node232 -> node366 [ color=BLACK, label=< sh:class > ] ; - node354 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node970 -> node684 [ color=BLACK, label=< rdf:first > ] ; - node971 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node130 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node285 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node769 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node722 -> node972 [ color=BLACK, label=< rdf:rest > ] ; - node973 -> node974 [ color=BLACK, label=< rdf:rest > ] ; - node324 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node529 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node588 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node810 -> node208 [ color=BLACK, label=< rdf:first > ] ; - node857 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node689 -> node498 [ color=BLACK, label=< sh:property > ] ; - node480 -> node707 [ color=BLACK, label=< rdf:first > ] ; - node554 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node975 -> node277 [ color=BLACK, label=< rdf:rest > ] ; - node576 -> node309 [ color=BLACK, label=< rdf:rest > ] ; - node864 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node672 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node301 -> node896 [ color=BLACK, label=< rdf:first > ] ; - node976 -> node719 [ color=BLACK, label=< rdf:rest > ] ; - node508 -> node698 [ color=BLACK, label=< sh:path > ] ; - node529 -> node78 [ color=BLACK, label=< rdfs:range > ] ; - node938 -> node504 [ color=BLACK, label=< sh:in > ] ; - node869 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node21 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node130 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node331 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node191 -> node518 [ color=BLACK, label=< sh:property > ] ; - node961 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node27 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node287 -> node243 [ color=BLACK, label=< rdf:first > ] ; - node811 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node130 -> node307 [ color=BLACK, label=< sh:property > ] ; - node892 -> node660 [ color=BLACK, label=< rdf:rest > ] ; - node977 -> node87 [ color=BLACK, label=< rdf:type > ] ; - node858 -> node551 [ color=BLACK, label=< rdf:rest > ] ; - node363 -> node736 [ color=BLACK, label=< sh:property > ] ; - node263 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node742 -> node400 [ color=BLACK, label=< sh:in > ] ; - node902 -> node620 [ color=BLACK, label=< rdf:first > ] ; - node978 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node644 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node598 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node878 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node600 -> node952 [ color=BLACK, label=< rdf:rest > ] ; - node469 -> node106 [ color=BLACK, label=< rdf:first > ] ; - node863 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node92 -> node136 [ color=BLACK, label=< rdfs:range > ] ; - node171 -> node21 [ color=BLACK, label=< rdfs:range > ] ; - node317 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node160 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node127 -> node644 [ color=BLACK, label=< rdf:type > ] ; - node177 -> node961 [ color=BLACK, label=< sh:property > ] ; - node979 -> node797 [ color=BLACK, label=< rdf:first > ] ; - node689 -> node85 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node105 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node57 -> node434 [ color=BLACK, label=< sh:property > ] ; - node143 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node309 -> node553 [ color=BLACK, label=< rdf:first > ] ; - node837 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node166 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node245 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node305 -> node295 [ color=BLACK, label=< rdf:first > ] ; - node694 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node2 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node912 -> node118 [ color=BLACK, label=< sh:path > ] ; - node980 -> node928 [ color=BLACK, label=< rdf:rest > ] ; - node473 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node676 -> node119 [ color=BLACK, label=< rdfs:range > ] ; - node981 -> node130 [ color=BLACK, label=< sh:class > ] ; - node21 -> node982 [ color=BLACK, label=< sh:property > ] ; - node807 -> node859 [ color=BLACK, label=< rdf:rest > ] ; - node796 -> node414 [ color=BLACK, label=< sh:path > ] ; - node4 -> node726 [ color=BLACK, label=< sh:property > ] ; - node907 -> node947 [ color=BLACK, label=< rdf:rest > ] ; - node15 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node130 -> node811 [ color=BLACK, label=< sh:property > ] ; - node920 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node509 -> node497 [ color=BLACK, label=< sh:path > ] ; - node931 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node306 -> node867 [ color=BLACK, label=< rdf:rest > ] ; - node351 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node677 -> node265 [ color=BLACK, label=< sh:path > ] ; - node738 -> node510 [ color=BLACK, label=< rdf:first > ] ; - node459 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node926 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node330 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node379 -> node128 [ color=BLACK, label=< rdf:type > ] ; - node333 -> node273 [ color=BLACK, label=< rdfs:range > ] ; - node930 -> node40 [ color=BLACK, label=< rdfs:range > ] ; - node503 -> node554 [ color=BLACK, label=< sh:path > ] ; - node97 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node683 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node463 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node525 -> node749 [ color=BLACK, label=< rdf:first > ] ; - node893 -> node368 [ color=BLACK, label=< rdf:first > ] ; - node142 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node360 -> node6 [ color=BLACK, label=< sh:path > ] ; - node983 -> node768 [ color=BLACK, label=< sh:path > ] ; - node938 -> node582 [ color=BLACK, label=< sh:class > ] ; - node179 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node27 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node429 -> node969 [ color=BLACK, label=< rdf:rest > ] ; - node90 -> node530 [ color=BLACK, label=< sh:path > ] ; - node984 -> node977 [ color=BLACK, label=< rdf:first > ] ; - node729 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node244 -> node939 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node604 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node853 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node314 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node662 -> node305 [ color=BLACK, label=< rdf:rest > ] ; - node985 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node652 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node441 -> node681 [ color=BLACK, label=< rdf:first > ] ; - node296 -> node644 [ color=BLACK, label=< sh:class > ] ; - node786 -> node986 [ color=BLACK, label=< sh:path > ] ; - node705 -> node483 [ color=BLACK, label=< rdf:first > ] ; - node819 -> node8 [ color=BLACK, label=< rdf:first > ] ; - node231 -> node614 [ color=BLACK, label=< rdfs:range > ] ; - node21 -> node542 [ color=BLACK, label=< sh:property > ] ; - node966 -> node985 [ color=BLACK, label=< rdf:rest > ] ; - node381 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node114 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node847 -> node858 [ color=BLACK, label=< rdf:rest > ] ; - node962 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node364 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node987 -> node762 [ color=BLACK, label=< rdf:first > ] ; - node307 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node853 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node72 -> node877 [ color=BLACK, label=< sh:path > ] ; - node795 -> node284 [ color=BLACK, label=< rdf:first > ] ; - node614 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node726 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node359 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node153 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node531 -> node577 [ color=BLACK, label=< rdf:first > ] ; - node258 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node421 -> node988 [ color=BLACK, label=< sh:path > ] ; - node989 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node952 -> node430 [ color=BLACK, label=< rdf:first > ] ; - node990 -> node848 [ color=BLACK, label=< rdf:rest > ] ; - node702 -> node614 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node500 -> node195 [ color=BLACK, label=< sh:path > ] ; - node786 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node194 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node770 -> node904 [ color=BLACK, label=< rdf:rest > ] ; - node794 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node15 -> node461 [ color=BLACK, label=< sh:property > ] ; - node451 -> node899 [ color=BLACK, label=< rdf:rest > ] ; - node250 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node389 -> node24 [ color=BLACK, label=< rdfs:range > ] ; - node896 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node796 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node130 -> node989 [ color=BLACK, label=< sh:property > ] ; - node860 -> node861 [ color=BLACK, label=< rdf:rest > ] ; - node937 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node985 -> node247 [ color=BLACK, label=< rdf:first > ] ; - node58 -> node676 [ color=BLACK, label=< sh:path > ] ; + node842 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node843 -> node833 [ color=BLACK, label=< rdf:first > ] ; + node99 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node406 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node524 -> node144 [ color=BLACK, label=< sh:class > ] ; + node844 -> node582 [ color=BLACK, label=< sh:path > ] ; + node827 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node128 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node573 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node845 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node427 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node485 -> node663 [ color=BLACK, label=< sh:property > ] ; + node846 -> node847 [ color=BLACK, label=< rdf:rest > ] ; + node848 -> node644 [ color=BLACK, label=< rdf:first > ] ; + node208 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node849 -> node508 [ color=BLACK, label=< rdf:first > ] ; + node850 -> node851 [ color=BLACK, label=< rdf:rest > ] ; + node365 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node852 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node88 -> node853 [ color=BLACK, label=< rdf:first > ] ; + node264 -> node677 [ color=BLACK, label=< rdf:rest > ] ; + node708 -> node218 [ color=BLACK, label=< rdf:first > ] ; + node277 -> node313 [ color=BLACK, label=< sh:class > ] ; + node855 -> node599 [ color=BLACK, label=< rdf:first > ] ; + node172 -> node8 [ color=BLACK, label=< sh:property > ] ; + node72 -> node856 [ color=BLACK, label=< sh:property > ] ; + node735 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node548 -> node768 [ color=BLACK, label=< rdf:first > ] ; + node857 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node805 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node612 -> node817 [ color=BLACK, label=< sh:property > ] ; + node758 -> node795 [ color=BLACK, label=< rdf:rest > ] ; + node634 -> node852 [ color=BLACK, label=< rdf:first > ] ; + node452 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node42 -> node625 [ color=BLACK, label=< sh:property > ] ; + node858 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node859 -> node860 [ color=BLACK, label=< rdf:type > ] ; + node592 -> node28 [ color=BLACK, label=< sh:datatype > ] ; + node506 -> node10 [ color=BLACK, label=< sh:property > ] ; + node623 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node862 -> node447 [ color=BLACK, label=< rdf:first > ] ; + node863 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node628 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node404 -> node826 [ color=BLACK, label=< sh:path > ] ; + node864 -> node849 [ color=BLACK, label=< rdf:rest > ] ; + node580 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node35 -> node718 [ color=BLACK, label=< sh:path > ] ; + node854 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node752 -> node29 [ color=BLACK, label=< rdf:first > ] ; + node751 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node788 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node865 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node90 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node436 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node608 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node766 -> node454 [ color=BLACK, label=< rdfs:range > ] ; + node866 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node178 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node177 -> node777 [ color=BLACK, label=< rdf:first > ] ; + node325 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node867 -> node135 [ color=BLACK, label=< rdf:type > ] ; + node97 -> node186 [ color=BLACK, label=< rdf:first > ] ; + node868 -> node869 [ color=BLACK, label=< rdf:rest > ] ; + node349 -> node675 [ color=BLACK, label=< rdf:first > ] ; + node17 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node833 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node870 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node24 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node844 -> node75 [ color=BLACK, label=< sh:class > ] ; + node850 -> node651 [ color=BLACK, label=< rdf:first > ] ; + node645 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node475 -> node313 [ color=BLACK, label=< rdf:type > ] ; node871 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node447 -> node231 [ color=BLACK, label=< sh:path > ] ; - node308 -> node716 [ color=BLACK, label=< rdf:first > ] ; - node33 -> node285 [ color=BLACK, label=< sh:path > ] ; - node325 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node108 -> node133 [ color=BLACK, label=< rdf:rest > ] ; - node392 -> node991 [ color=BLACK, label=< sh:property > ] ; - node773 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node888 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node820 -> node492 [ color=BLACK, label=< rdf:first > ] ; - node757 -> node992 [ color=BLACK, label=< rdf:rest > ] ; - node31 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node594 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node42 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node993 -> node733 [ color=BLACK, label=< rdf:rest > ] ; - node366 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node506 -> node994 [ color=BLACK, label=< rdf:rest > ] ; - node67 -> node491 [ color=BLACK, label=< rdf:first > ] ; - node994 -> node700 [ color=BLACK, label=< rdf:first > ] ; - node939 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node759 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node758 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node340 -> node296 [ color=BLACK, label=< sh:property > ] ; - node374 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node912 -> node119 [ color=BLACK, label=< sh:datatype > ] ; - node354 -> node484 [ color=BLACK, label=< sh:property > ] ; - node743 -> node41 [ color=BLACK, label=< rdfs:range > ] ; - node965 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node191 -> node948 [ color=BLACK, label=< sh:property > ] ; - node808 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node939 -> node910 [ color=BLACK, label=< sh:property > ] ; - node734 -> node705 [ color=BLACK, label=< rdf:rest > ] ; - node174 -> node383 [ color=BLACK, label=< sh:property > ] ; - node572 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node239 -> node69 [ color=BLACK, label=< sh:property > ] ; - node870 -> node668 [ color=BLACK, label=< rdf:rest > ] ; - node21 -> node696 [ color=BLACK, label=< sh:property > ] ; - node988 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node817 -> node314 [ color=BLACK, label=< sh:path > ] ; - node596 -> node662 [ color=BLACK, label=< rdf:rest > ] ; - node883 -> node776 [ color=BLACK, label=< sh:property > ] ; - node814 -> node276 [ color=BLACK, label=< sh:property > ] ; - node442 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node996 -> node546 [ color=BLACK, label=< rdf:first > ] ; - node110 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node346 -> node442 [ color=BLACK, label=< rdf:first > ] ; - node479 -> node403 [ color=BLACK, label=< sh:datatype > ] ; - node939 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node60 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node996 -> node893 [ color=BLACK, label=< rdf:rest > ] ; - node47 -> node601 [ color=BLACK, label=< sh:path > ] ; - node166 -> node238 [ color=BLACK, label=< rdf:type > ] ; - node222 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node296 -> node997 [ color=BLACK, label=< sh:in > ] ; - node21 -> node431 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node191 -> node965 [ color=BLACK, label=< sh:property > ] ; - node402 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node318 -> node817 [ color=BLACK, label=< sh:property > ] ; - node612 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node998 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node598 -> node239 [ color=BLACK, label=< sh:class > ] ; + node594 -> node872 [ color=BLACK, label=< sh:property > ] ; + node227 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node640 -> node555 [ color=BLACK, label=< sh:class > ] ; + node874 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node335 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node770 -> node830 [ color=BLACK, label=< rdfs:range > ] ; + node875 -> node218 [ color=BLACK, label=< rdf:first > ] ; + node619 -> node49 [ color=BLACK, label=< sh:property > ] ; + node876 -> node144 [ color=BLACK, label=< sh:class > ] ; + node557 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node84 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node157 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node470 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node83 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node753 -> node265 [ color=BLACK, label=< rdf:first > ] ; + node878 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node550 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node368 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node489 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node714 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node324 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node705 -> node487 [ color=BLACK, label=< sh:path > ] ; + node879 -> node880 [ color=BLACK, label=< rdf:first > ] ; + node841 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node414 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node76 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node83 -> node62 [ color=BLACK, label=< sh:class > ] ; + node69 -> node819 [ color=BLACK, label=< rdf:rest > ] ; + node463 -> node212 [ color=BLACK, label=< rdf:first > ] ; + node695 -> node75 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node9 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node873 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node26 -> node786 [ color=BLACK, label=< rdf:first > ] ; + node730 -> node428 [ color=BLACK, label=< rdf:type > ] ; + node540 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node513 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node881 -> node555 [ color=BLACK, label=< sh:class > ] ; + node359 -> node316 [ color=BLACK, label=< sh:path > ] ; + node882 -> node429 [ color=BLACK, label=< rdf:first > ] ; + node883 -> node477 [ color=BLACK, label=< rdfs:range > ] ; + node728 -> node290 [ color=BLACK, label=< rdfs:range > ] ; + node101 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node624 -> node646 [ color=BLACK, label=< rdf:first > ] ; + node770 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node663 -> node17 [ color=BLACK, label=< sh:class > ] ; + node767 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node885 -> node507 [ color=BLACK, label=< rdfs:range > ] ; + node158 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node507 -> node157 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node869 -> node637 [ color=BLACK, label=< rdf:rest > ] ; + node144 -> node534 [ color=BLACK, label=< sh:property > ] ; + node229 -> node683 [ color=BLACK, label=< sh:path > ] ; + node86 -> node17 [ color=BLACK, label=< sh:class > ] ; + node389 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node381 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node192 -> node365 [ color=BLACK, label=< sh:property > ] ; + node795 -> node832 [ color=BLACK, label=< rdf:first > ] ; + node14 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node627 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node887 -> node810 [ color=BLACK, label=< rdf:first > ] ; + node446 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node224 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node384 -> node888 [ color=BLACK, label=< rdf:first > ] ; + node233 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node133 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node889 -> node682 [ color=BLACK, label=< rdf:rest > ] ; + node701 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node844 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node631 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node191 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node808 -> node838 [ color=BLACK, label=< rdf:first > ] ; + node664 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node890 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node891 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node419 -> node371 [ color=BLACK, label=< sh:in > ] ; + node856 -> node892 [ color=BLACK, label=< sh:datatype > ] ; + node503 -> node28 [ color=BLACK, label=< sh:datatype > ] ; + node48 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node893 -> node209 [ color=BLACK, label=< rdf:first > ] ; + node894 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node241 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node255 -> node895 [ color=BLACK, label=< sh:in > ] ; + node896 -> node581 [ color=BLACK, label=< sh:path > ] ; + node897 -> node769 [ color=BLACK, label=< rdf:first > ] ; + node567 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node870 -> node38 [ color=BLACK, label=< sh:path > ] ; + node462 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node884 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node363 -> node898 [ color=BLACK, label=< rdf:rest > ] ; + node671 -> node647 [ color=BLACK, label=< sh:in > ] ; + node82 -> node64 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node606 -> node754 [ color=BLACK, label=< rdf:first > ] ; + node899 -> node900 [ color=BLACK, label=< sh:path > ] ; + node854 -> node901 [ color=BLACK, label=< sh:path > ] ; + node382 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node776 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node768 -> node185 [ color=BLACK, label=< rdf:type > ] ; + node902 -> node903 [ color=BLACK, label=< rdf:rest > ] ; + node11 -> node273 [ color=BLACK, label=< sh:property > ] ; + node888 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node584 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node445 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node810 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node173 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node307 -> node905 [ color=BLACK, label=< sh:path > ] ; + node906 -> node799 [ color=BLACK, label=< rdf:rest > ] ; + node388 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node563 -> node703 [ color=BLACK, label=< rdf:rest > ] ; + node907 -> node244 [ color=BLACK, label=< rdf:first > ] ; + node812 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node327 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node765 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node24 -> node40 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node121 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node908 -> node909 [ color=BLACK, label=< rdf:first > ] ; + node678 -> node836 [ color=BLACK, label=< rdf:first > ] ; + node164 -> node428 [ color=BLACK, label=< rdf:type > ] ; + node572 -> node830 [ color=BLACK, label=< sh:datatype > ] ; + node352 -> node911 [ color=BLACK, label=< rdf:rest > ] ; + node91 -> node912 [ color=BLACK, label=< sh:in > ] ; + node186 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node80 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node913 -> node914 [ color=BLACK, label=< rdf:first > ] ; + node483 -> node915 [ color=BLACK, label=< dcterms:license > ] ; + node343 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node916 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node53 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node146 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node161 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node504 -> node62 [ color=BLACK, label=< rdfs:range > ] ; + node11 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node701 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node858 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node132 -> node917 [ color=BLACK, label=< sh:path > ] ; + node731 -> node182 [ color=BLACK, label=< rdf:first > ] ; + node192 -> node713 [ color=BLACK, label=< sh:property > ] ; + node918 -> node919 [ color=BLACK, label=< rdf:rest > ] ; + node205 -> node286 [ color=BLACK, label=< rdf:rest > ] ; + node12 -> node145 [ color=BLACK, label=< sh:path > ] ; + node905 -> node334 [ color=BLACK, label=< rdfs:range > ] ; + node412 -> node64 [ color=BLACK, label=< rdfs:range > ] ; + node29 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node630 -> node134 [ color=BLACK, label=< sh:property > ] ; + node41 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node483 -> node920 [ color=BLACK, label=< dcterms:references > ] ; node814 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node179 -> node339 [ color=BLACK, label=< sh:property > ] ; - node116 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node945 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node299 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node645 -> node975 [ color=BLACK, label=< rdf:rest > ] ; - node30 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node968 -> node267 [ color=BLACK, label=< rdf:rest > ] ; - node919 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node804 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node564 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node1000 -> node809 [ color=BLACK, label=< rdf:rest > ] ; - node176 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node114 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node854 -> node714 [ color=BLACK, label=< sh:path > ] ; - node606 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node467 -> node382 [ color=BLACK, label=< sh:path > ] ; - node799 -> node741 [ color=BLACK, label=< rdf:rest > ] ; - node787 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node78 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node247 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node74 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node304 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node745 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node752 -> node675 [ color=BLACK, label=< rdf:first > ] ; - node950 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node763 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node363 -> node97 [ color=BLACK, label=< sh:property > ] ; - node165 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node48 -> node326 [ color=BLACK, label=< rdf:first > ] ; - node577 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node706 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node355 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node619 -> node34 [ color=BLACK, label=< rdfs:range > ] ; - node392 -> node713 [ color=BLACK, label=< sh:property > ] ; - node680 -> node10 [ color=BLACK, label=< rdf:rest > ] ; - node340 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node476 -> node151 [ color=BLACK, label=< rdf:first > ] ; - node684 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node713 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node814 -> node357 [ color=BLACK, label=< sh:property > ] ; - node665 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node456 -> node964 [ color=BLACK, label=< sh:property > ] ; - node385 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node89 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node513 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node40 -> node460 [ color=BLACK, label=< sh:property > ] ; - node846 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node570 -> node41 [ color=BLACK, label=< rdf:type > ] ; - node756 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node79 -> node211 [ color=BLACK, label=< sh:path > ] ; - node721 -> node102 [ color=BLACK, label=< rdf:first > ] ; - node535 -> node589 [ color=BLACK, label=< rdf:first > ] ; - node462 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node540 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node98 -> node92 [ color=BLACK, label=< sh:path > ] ; - node735 -> node38 [ color=BLACK, label=< rdfs:range > ] ; - node978 -> node86 [ color=BLACK, label=< rdf:first > ] ; - node613 -> node457 [ color=BLACK, label=< sh:path > ] ; - node735 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node293 -> node238 [ color=BLACK, label=< rdfs:range > ] ; - node556 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node171 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node342 -> node780 [ color=BLACK, label=< sh:path > ] ; - node817 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node145 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node467 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node655 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node251 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node201 -> node523 [ color=BLACK, label=< sh:path > ] ; - node626 -> node873 [ color=BLACK, label=< rdfs:range > ] ; - node842 -> node655 [ color=BLACK, label=< rdf:first > ] ; - node969 -> node235 [ color=BLACK, label=< rdf:first > ] ; - node953 -> node567 [ color=BLACK, label=< rdf:rest > ] ; - node565 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node157 -> node916 [ color=BLACK, label=< rdf:rest > ] ; - node648 -> node94 [ color=BLACK, label=< rdfs:range > ] ; - node202 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node204 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node121 -> node744 [ color=BLACK, label=< sh:path > ] ; - node507 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node183 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node575 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node160 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node741 -> node311 [ color=BLACK, label=< rdf:rest > ] ; - node886 -> node624 [ color=BLACK, label=< rdf:rest > ] ; - node358 -> node82 [ color=BLACK, label=< rdfs:range > ] ; - node456 -> node613 [ color=BLACK, label=< sh:property > ] ; - node580 -> node576 [ color=BLACK, label=< rdf:rest > ] ; - node296 -> node643 [ color=BLACK, label=< sh:path > ] ; - node423 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node767 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node388 -> node574 [ color=BLACK, label=< sh:path > ] ; - node647 -> node471 [ color=BLACK, label=< sh:property > ] ; - node100 -> node1002 [ color=BLACK, label=< sh:path > ] ; - node364 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node363 -> node844 [ color=BLACK, label=< sh:property > ] ; - node934 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node232 -> node365 [ color=BLACK, label=< sh:path > ] ; - node964 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node624 -> node1003 [ color=BLACK, label=< rdf:rest > ] ; - node939 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node453 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node870 -> node818 [ color=BLACK, label=< rdf:first > ] ; - node891 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node120 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node264 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node222 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node192 -> node875 [ color=BLACK, label=< sh:path > ] ; - node613 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node745 -> node955 [ color=BLACK, label=< sh:in > ] ; - node894 -> node953 [ color=BLACK, label=< rdf:rest > ] ; - node421 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node566 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node65 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node986 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node1004 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node879 -> node88 [ color=BLACK, label=< rdfs:range > ] ; - node688 -> node189 [ color=BLACK, label=< rdf:rest > ] ; - node282 -> node905 [ color=BLACK, label=< rdf:rest > ] ; - node715 -> node199 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node881 -> node1005 [ color=BLACK, label=< rdf:rest > ] ; - node725 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node375 -> node873 [ color=BLACK, label=< rdfs:range > ] ; - node85 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node287 -> node157 [ color=BLACK, label=< rdf:rest > ] ; - node431 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node856 -> node888 [ color=BLACK, label=< rdf:first > ] ; - node967 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node599 -> node239 [ color=BLACK, label=< rdfs:range > ] ; - node620 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node256 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node462 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node658 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node122 -> node976 [ color=BLACK, label=< rdf:rest > ] ; - node142 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node36 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node334 -> node186 [ color=BLACK, label=< sh:property > ] ; - node477 -> node853 [ color=BLACK, label=< rdf:first > ] ; - node468 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node128 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node471 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node363 -> node33 [ color=BLACK, label=< sh:property > ] ; - node636 -> node34 [ color=BLACK, label=< sh:class > ] ; - node974 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node649 -> node900 [ color=BLACK, label=< rdf:rest > ] ; - node696 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node689 -> node785 [ color=BLACK, label=< sh:property > ] ; - node268 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node791 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node456 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node910 -> node193 [ color=BLACK, label=< sh:path > ] ; - node195 -> node403 [ color=BLACK, label=< rdfs:range > ] ; - node85 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node21 -> node342 [ color=BLACK, label=< sh:property > ] ; - node281 -> node262 [ color=BLACK, label=< rdf:first > ] ; - node206 -> node983 [ color=BLACK, label=< sh:property > ] ; - node117 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node138 -> node85 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node798 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node979 -> node805 [ color=BLACK, label=< rdf:rest > ] ; - node972 -> node971 [ color=BLACK, label=< rdf:first > ] ; - node362 -> node826 [ color=BLACK, label=< rdf:rest > ] ; - node652 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node664 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node647 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node940 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node946 -> node465 [ color=BLACK, label=< rdf:first > ] ; - node237 -> node367 [ color=BLACK, label=< sh:property > ] ; - node244 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node321 -> node996 [ color=BLACK, label=< rdf:rest > ] ; - node835 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node341 -> node554 [ color=BLACK, label=< sh:path > ] ; - node1007 -> node957 [ color=BLACK, label=< rdf:rest > ] ; - node833 -> node637 [ color=BLACK, label=< rdf:first > ] ; - node1001 -> node364 [ color=BLACK, label=< sh:path > ] ; - node878 -> node88 [ color=BLACK, label=< sh:class > ] ; - node40 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node164 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node359 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node456 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node684 -> node338 [ color=BLACK, label=< rdf:type > ] ; - node948 -> node499 [ color=BLACK, label=< sh:path > ] ; - node145 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node786 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node911 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node737 -> node297 [ color=BLACK, label=< rdf:first > ] ; - node1002 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node192 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node313 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node181 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node949 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node699 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node659 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node283 -> node1004 [ color=BLACK, label=< rdf:first > ] ; - node796 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node842 -> node1007 [ color=BLACK, label=< rdf:rest > ] ; - node43 -> node510 [ color=BLACK, label=< rdf:first > ] ; - node736 -> node34 [ color=BLACK, label=< sh:class > ] ; - node593 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node800 -> node130 [ color=BLACK, label=< sh:class > ] ; - node53 -> node411 [ color=BLACK, label=< rdf:first > ] ; - node191 -> node360 [ color=BLACK, label=< sh:property > ] ; - node948 -> node980 [ color=BLACK, label=< sh:in > ] ; - node890 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node101 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node1008 -> node212 [ color=BLACK, label=< rdf:rest > ] ; - node522 -> node87 [ color=BLACK, label=< rdf:type > ] ; - node156 -> node389 [ color=BLACK, label=< sh:path > ] ; - node533 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node388 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node156 -> node708 [ color=BLACK, label=< sh:in > ] ; - node320 -> node670 [ color=BLACK, label=< rdfs:range > ] ; - node709 -> node488 [ color=BLACK, label=< rdf:first > ] ; - node805 -> node675 [ color=BLACK, label=< rdf:first > ] ; - node759 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node958 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node707 -> node874 [ color=BLACK, label=< rdf:type > ] ; - node917 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node1009 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node1010 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node383 -> node369 [ color=BLACK, label=< sh:path > ] ; - node72 -> node130 [ color=BLACK, label=< sh:class > ] ; - node665 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node293 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node747 -> node629 [ color=BLACK, label=< rdf:first > ] ; - node541 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node191 -> node636 [ color=BLACK, label=< sh:property > ] ; - node1011 -> node1012 [ color=BLACK, label=< rdf:rest > ] ; - node1003 -> node729 [ color=BLACK, label=< rdf:first > ] ; - node814 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node419 -> node371 [ color=BLACK, label=< rdf:rest > ] ; - node280 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node897 -> node524 [ color=BLACK, label=< rdf:first > ] ; - node44 -> node954 [ color=BLACK, label=< rdf:rest > ] ; - node925 -> node205 [ color=BLACK, label=< rdf:type > ] ; - node191 -> node772 [ color=BLACK, label=< sh:property > ] ; - node239 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node823 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node134 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node320 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node753 -> node126 [ color=BLACK, label=< rdf:rest > ] ; - node679 -> node874 [ color=BLACK, label=< sh:class > ] ; - node179 -> node345 [ color=BLACK, label=< sh:property > ] ; - node259 -> node880 [ color=BLACK, label=< sh:path > ] ; - node688 -> node971 [ color=BLACK, label=< rdf:first > ] ; - node689 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node949 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node616 -> node481 [ color=BLACK, label=< rdf:first > ] ; - node727 -> node290 [ color=BLACK, label=< rdf:rest > ] ; - node571 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node382 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node207 -> node366 [ color=BLACK, label=< rdf:type > ] ; - node989 -> node730 [ color=BLACK, label=< sh:path > ] ; - node148 -> node892 [ color=BLACK, label=< rdf:rest > ] ; - node191 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node438 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node708 -> node855 [ color=BLACK, label=< rdf:first > ] ; - node295 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node334 -> node793 [ color=BLACK, label=< sh:property > ] ; - node646 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node776 -> node292 [ color=BLACK, label=< sh:path > ] ; - node9 -> node245 [ color=BLACK, label=< sh:path > ] ; - node977 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node890 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node224 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node222 -> node36 [ color=BLACK, label=< sh:property > ] ; - node456 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node935 -> node712 [ color=BLACK, label=< rdf:rest > ] ; - node807 -> node618 [ color=BLACK, label=< rdf:first > ] ; - node593 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node59 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node995 -> node813 [ color=BLACK, label=< sh:path > ] ; - node166 -> node238 [ color=BLACK, label=< rdfs:range > ] ; - node845 -> node884 [ color=BLACK, label=< rdf:first > ] ; - node904 -> node63 [ color=BLACK, label=< rdf:rest > ] ; - node900 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node512 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node814 -> node332 [ color=BLACK, label=< sh:property > ] ; - node891 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node695 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node1001 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node781 -> node220 [ color=BLACK, label=< rdf:type > ] ; - node519 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node144 -> node622 [ color=BLACK, label=< sh:path > ] ; - node533 -> node470 [ color=BLACK, label=< sh:path > ] ; - node655 -> node220 [ color=BLACK, label=< rdf:type > ] ; - node260 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node774 -> node993 [ color=BLACK, label=< rdf:rest > ] ; - node379 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node763 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node742 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node68 -> node147 [ color=BLACK, label=< rdf:first > ] ; - node39 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node354 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node692 -> node790 [ color=BLACK, label=< rdfs:range > ] ; - node495 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node948 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node880 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node817 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node178 -> node846 [ color=BLACK, label=< sh:path > ] ; - node946 -> node496 [ color=BLACK, label=< rdf:rest > ] ; - node939 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node458 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node730 -> node871 [ color=BLACK, label=< rdfs:range > ] ; - node812 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node811 -> node1014 [ color=BLACK, label=< sh:path > ] ; - node498 -> node96 [ color=BLACK, label=< sh:class > ] ; - node548 -> node614 [ color=BLACK, label=< sh:class > ] ; - node450 -> node1004 [ color=BLACK, label=< rdf:first > ] ; - node670 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node179 -> node93 [ color=BLACK, label=< sh:property > ] ; - node80 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node718 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node130 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node436 -> node448 [ color=BLACK, label=< rdf:rest > ] ; - node888 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node767 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node455 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node727 -> node512 [ color=BLACK, label=< rdf:first > ] ; - node927 -> node644 [ color=BLACK, label=< sh:class > ] ; - node289 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node913 -> node995 [ color=BLACK, label=< sh:property > ] ; - node970 -> node941 [ color=BLACK, label=< rdf:rest > ] ; - node806 -> node390 [ color=BLACK, label=< rdf:rest > ] ; - node617 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node286 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node700 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node795 -> node51 [ color=BLACK, label=< rdf:rest > ] ; - node815 -> node999 [ color=BLACK, label=< sh:path > ] ; - node728 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node312 -> node832 [ color=BLACK, label=< rdf:rest > ] ; - node975 -> node919 [ color=BLACK, label=< rdf:first > ] ; - node1012 -> node773 [ color=BLACK, label=< rdf:first > ] ; - node431 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node981 -> node571 [ color=BLACK, label=< sh:path > ] ; - node1016 -> node43 [ color=BLACK, label=< rdf:rest > ] ; - node1017 -> node887 [ color=BLACK, label=< rdf:first > ] ; - node313 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node475 -> node579 [ color=BLACK, label=< rdf:rest > ] ; - node57 -> node456 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node96 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node690 -> node631 [ color=BLACK, label=< rdf:rest > ] ; - node432 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node196 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node180 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node1018 -> node19 [ color=BLACK, label=< rdf:rest > ] ; - node831 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node191 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node933 -> node492 [ color=BLACK, label=< rdf:first > ] ; - node293 -> node238 [ color=BLACK, label=< rdf:type > ] ; - node764 -> node984 [ color=BLACK, label=< rdf:rest > ] ; - node750 -> node635 [ color=BLACK, label=< sh:path > ] ; - node488 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node991 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node657 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node284 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node619 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node349 -> node894 [ color=BLACK, label=< rdf:rest > ] ; - node158 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node697 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node834 -> node942 [ color=BLACK, label=< rdf:rest > ] ; - node123 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node179 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node428 -> node628 [ color=BLACK, label=< rdf:first > ] ; - node1019 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node959 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node203 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node998 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node299 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node587 -> node885 [ color=BLACK, label=< rdf:rest > ] ; - node898 -> node1017 [ color=BLACK, label=< rdf:rest > ] ; - node304 -> node304 [ color=BLACK, label=< owl:sameAs > ] ; - node611 -> node860 [ color=BLACK, label=< rdf:rest > ] ; - node498 -> node744 [ color=BLACK, label=< sh:path > ] ; - node879 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node542 -> node252 [ color=BLACK, label=< sh:path > ] ; - node607 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node759 -> node382 [ color=BLACK, label=< sh:path > ] ; - node592 -> node102 [ color=BLACK, label=< rdf:first > ] ; - node511 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node715 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node965 -> node87 [ color=BLACK, label=< sh:class > ] ; - node739 -> node3 [ color=BLACK, label=< sh:class > ] ; - node866 -> node444 [ color=BLACK, label=< rdf:rest > ] ; - node876 -> node378 [ color=BLACK, label=< rdf:rest > ] ; - node330 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node825 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node844 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node963 -> node30 [ color=BLACK, label=< rdf:first > ] ; - node234 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node564 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node997 -> node752 [ color=BLACK, label=< rdf:rest > ] ; - node292 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node939 -> node981 [ color=BLACK, label=< sh:property > ] ; - node771 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node812 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node461 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node859 -> node1009 [ color=BLACK, label=< rdf:rest > ] ; - node855 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node495 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node69 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node661 -> node966 [ color=BLACK, label=< rdf:rest > ] ; - node81 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node495 -> node456 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node344 -> node398 [ color=BLACK, label=< rdfs:range > ] ; - node631 -> node816 [ color=BLACK, label=< rdf:rest > ] ; - node997 -> node797 [ color=BLACK, label=< rdf:first > ] ; - node455 -> node697 [ color=BLACK, label=< sh:property > ] ; - node408 -> node614 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node334 -> node31 [ color=BLACK, label=< sh:property > ] ; - node814 -> node239 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node967 -> node41 [ color=BLACK, label=< rdf:type > ] ; - node854 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node130 -> node908 [ color=BLACK, label=< sh:property > ] ; - node223 -> node280 [ color=BLACK, label=< sh:path > ] ; - node40 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node820 -> node687 [ color=BLACK, label=< rdf:rest > ] ; - node434 -> node673 [ color=BLACK, label=< sh:in > ] ; - node252 -> node119 [ color=BLACK, label=< rdfs:range > ] ; - node813 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node227 -> node120 [ color=BLACK, label=< sh:path > ] ; - node758 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node166 -> node1020 [ color=BLACK, label=< owl:sameAs > ] ; - node114 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node883 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node867 -> node833 [ color=BLACK, label=< rdf:rest > ] ; - node756 -> node34 [ color=BLACK, label=< rdfs:range > ] ; - node935 -> node681 [ color=BLACK, label=< rdf:first > ] ; - node1014 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node916 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node534 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node994 -> node1008 [ color=BLACK, label=< rdf:rest > ] ; - node944 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node615 -> node356 [ color=BLACK, label=< rdf:first > ] ; - node739 -> node922 [ color=BLACK, label=< sh:in > ] ; - node354 -> node1021 [ color=BLACK, label=< sh:property > ] ; - node163 -> node682 [ color=BLACK, label=< rdf:rest > ] ; - node1021 -> node132 [ color=BLACK, label=< sh:path > ] ; - node974 -> node379 [ color=BLACK, label=< rdf:first > ] ; - node382 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node161 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node832 -> node454 [ color=BLACK, label=< rdf:first > ] ; - node112 -> node604 [ color=BLACK, label=< sh:property > ] ; - node711 -> node775 [ color=BLACK, label=< rdf:first > ] ; - node963 -> node847 [ color=BLACK, label=< rdf:rest > ] ; - node761 -> node128 [ color=BLACK, label=< rdf:type > ] ; - node186 -> node466 [ color=BLACK, label=< sh:path > ] ; - node20 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node621 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node862 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node923 -> node61 [ color=BLACK, label=< rdf:first > ] ; - node71 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node930 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node115 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node98 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node113 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node62 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node240 -> node123 [ color=BLACK, label=< sh:path > ] ; - node76 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node418 -> node1010 [ color=BLACK, label=< sh:path > ] ; - node746 -> node143 [ color=BLACK, label=< rdf:first > ] ; - node844 -> node911 [ color=BLACK, label=< sh:path > ] ; - node959 -> node27 [ color=BLACK, label=< sh:path > ] ; - node257 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node943 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node147 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node437 -> node763 [ color=BLACK, label=< rdfs:range > ] ; - node363 -> node940 [ color=BLACK, label=< sh:property > ] ; - node602 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node984 -> node978 [ color=BLACK, label=< rdf:rest > ] ; - node1009 -> node925 [ color=BLACK, label=< rdf:first > ] ; - node499 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node356 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node765 -> node87 [ color=BLACK, label=< rdf:type > ] ; - node704 -> node792 [ color=BLACK, label=< rdf:rest > ] ; - node4 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node122 -> node771 [ color=BLACK, label=< rdf:first > ] ; - node534 -> node549 [ color=BLACK, label=< rdf:first > ] ; - node54 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node850 -> node112 [ color=BLACK, label=< rdfs:range > ] ; - node257 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node174 -> node814 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node319 -> node670 [ color=BLACK, label=< sh:class > ] ; - node118 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node744 -> node96 [ color=BLACK, label=< rdfs:range > ] ; - node889 -> node821 [ color=BLACK, label=< rdf:rest > ] ; - node1007 -> node215 [ color=BLACK, label=< rdf:first > ] ; - node245 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node555 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node312 -> node254 [ color=BLACK, label=< rdf:first > ] ; - node436 -> node998 [ color=BLACK, label=< rdf:first > ] ; - node1005 -> node724 [ color=BLACK, label=< rdf:rest > ] ; - node669 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node94 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node375 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node431 -> node251 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node112 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node1022 -> node914 [ color=BLACK, label=< rdf:rest > ] ; - node170 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node792 -> node778 [ color=BLACK, label=< rdf:first > ] ; - node156 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node939 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node430 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node841 -> node217 [ color=BLACK, label=< rdf:first > ] ; - node191 -> node854 [ color=BLACK, label=< sh:property > ] ; - node709 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node586 -> node606 [ color=BLACK, label=< sh:path > ] ; - node426 -> node582 [ color=BLACK, label=< rdf:type > ] ; - node680 -> node433 [ color=BLACK, label=< rdf:first > ] ; - node843 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node140 -> node873 [ color=BLACK, label=< sh:datatype > ] ; - node263 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node334 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node191 -> node200 [ color=BLACK, label=< sh:property > ] ; - node927 -> node643 [ color=BLACK, label=< sh:path > ] ; - node785 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node677 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node89 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node887 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node635 -> node251 [ color=BLACK, label=< rdfs:range > ] ; - node319 -> node493 [ color=BLACK, label=< sh:in > ] ; - node463 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node215 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node88 -> node140 [ color=BLACK, label=< sh:property > ] ; - node693 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node995 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node460 -> node403 [ color=BLACK, label=< sh:datatype > ] ; - node926 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node609 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node497 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node711 -> node485 [ color=BLACK, label=< rdf:rest > ] ; - node533 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node863 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node692 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node715 -> node679 [ color=BLACK, label=< sh:property > ] ; - node594 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node947 -> node328 [ color=BLACK, label=< rdf:rest > ] ; - node297 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node760 -> node973 [ color=BLACK, label=< rdf:rest > ] ; - node138 -> node113 [ color=BLACK, label=< sh:property > ] ; - node653 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node362 -> node732 [ color=BLACK, label=< rdf:first > ] ; - node634 -> node195 [ color=BLACK, label=< sh:path > ] ; - node972 -> node852 [ color=BLACK, label=< rdf:rest > ] ; - node572 -> node490 [ color=BLACK, label=< sh:path > ] ; - node793 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node455 -> node767 [ color=BLACK, label=< sh:property > ] ; - node286 -> node60 [ color=BLACK, label=< rdfs:range > ] ; - node120 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node1010 -> node253 [ color=BLACK, label=< rdfs:range > ] ; - node927 -> node979 [ color=BLACK, label=< sh:in > ] ; - node143 -> node366 [ color=BLACK, label=< rdf:type > ] ; - node154 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node802 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node1019 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node674 -> node651 [ color=BLACK, label=< rdf:first > ] ; - node483 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node868 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node446 -> node1023 [ color=BLACK, label=< dcterms:references > ] ; - node145 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node556 -> node4 [ color=BLACK, label=< sh:class > ] ; - node992 -> node494 [ color=BLACK, label=< rdf:first > ] ; - node913 -> node634 [ color=BLACK, label=< sh:property > ] ; - node857 -> node130 [ color=BLACK, label=< sh:class > ] ; - node130 -> node42 [ color=BLACK, label=< sh:property > ] ; - node754 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node256 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node339 -> node425 [ color=BLACK, label=< sh:path > ] ; - node1014 -> node85 [ color=BLACK, label=< rdfs:range > ] ; - node492 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node1006 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node776 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node430 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node917 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node703 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node914 -> node196 [ color=BLACK, label=< rdf:first > ] ; - node404 -> node1011 [ color=BLACK, label=< rdf:rest > ] ; - node427 -> node220 [ color=BLACK, label=< rdfs:range > ] ; - node748 -> node1022 [ color=BLACK, label=< rdf:rest > ] ; - node222 -> node370 [ color=BLACK, label=< sh:property > ] ; - node532 -> node545 [ color=BLACK, label=< rdf:first > ] ; - node307 -> node607 [ color=BLACK, label=< sh:path > ] ; - node933 -> node722 [ color=BLACK, label=< rdf:rest > ] ; - node57 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node82 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node432 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node875 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node279 -> node728 [ color=BLACK, label=< sh:path > ] ; - node373 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node941 -> node562 [ color=BLACK, label=< rdf:rest > ] ; - node971 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node541 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node239 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node968 -> node609 [ color=BLACK, label=< rdf:first > ] ; - node548 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node206 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node130 -> node556 [ color=BLACK, label=< sh:property > ] ; - node657 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node200 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node887 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node1024 -> node901 [ color=BLACK, label=< rdf:rest > ] ; - node202 -> node731 [ color=BLACK, label=< sh:property > ] ; - node697 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node456 -> node261 [ color=BLACK, label=< sh:property > ] ; - node112 -> node759 [ color=BLACK, label=< sh:property > ] ; - node924 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node509 -> node970 [ color=BLACK, label=< sh:in > ] ; - node920 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node959 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node146 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node279 -> node403 [ color=BLACK, label=< sh:datatype > ] ; - node653 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node849 -> node587 [ color=BLACK, label=< rdf:rest > ] ; - node229 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node208 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node803 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node17 -> node897 [ color=BLACK, label=< rdf:rest > ] ; - node511 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node1022 -> node566 [ color=BLACK, label=< rdf:first > ] ; - node420 -> node851 [ color=BLACK, label=< sh:path > ] ; - node558 -> node151 [ color=BLACK, label=< rdf:first > ] ; - node416 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node358 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node502 -> node849 [ color=BLACK, label=< rdf:rest > ] ; - node239 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node406 -> node874 [ color=BLACK, label=< rdf:type > ] ; - node244 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node1025 -> node216 [ color=BLACK, label=< rdf:first > ] ; - node301 -> node987 [ color=BLACK, label=< rdf:rest > ] ; - node522 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node311 -> node210 [ color=BLACK, label=< rdf:first > ] ; - node411 -> node874 [ color=BLACK, label=< rdf:type > ] ; - node325 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node678 -> node431 [ color=BLACK, label=< sh:class > ] ; - node523 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node646 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node199 -> node244 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node197 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node414 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node803 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node302 -> node506 [ color=BLACK, label=< rdf:rest > ] ; - node355 -> node930 [ color=BLACK, label=< sh:path > ] ; - node766 -> node225 [ color=BLACK, label=< rdf:first > ] ; - node806 -> node703 [ color=BLACK, label=< rdf:first > ] ; - node583 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node604 -> node78 [ color=BLACK, label=< sh:class > ] ; - node954 -> node409 [ color=BLACK, label=< rdf:rest > ] ; - node929 -> node669 [ color=BLACK, label=< rdf:first > ] ; - node836 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node71 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node420 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node261 -> node459 [ color=BLACK, label=< sh:path > ] ; - node495 -> node938 [ color=BLACK, label=< sh:property > ] ; - node259 -> node392 [ color=BLACK, label=< sh:class > ] ; - node52 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node85 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node921 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node433 -> node874 [ color=BLACK, label=< rdf:type > ] ; - node585 -> node373 [ color=BLACK, label=< sh:path > ] ; - node1015 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node138 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node394 -> node163 [ color=BLACK, label=< rdf:rest > ] ; - node637 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node743 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node1006 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node915 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node400 -> node148 [ color=BLACK, label=< rdf:rest > ] ; - node509 -> node338 [ color=BLACK, label=< sh:class > ] ; - node278 -> node813 [ color=BLACK, label=< sh:path > ] ; - node712 -> node512 [ color=BLACK, label=< rdf:first > ] ; - node563 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node679 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node906 -> node600 [ color=BLACK, label=< rdf:rest > ] ; - node456 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node155 -> node116 [ color=BLACK, label=< sh:path > ] ; - node872 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node957 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node527 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node429 -> node659 [ color=BLACK, label=< rdf:first > ] ; - node115 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node739 -> node1015 [ color=BLACK, label=< sh:path > ] ; - node810 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node980 -> node618 [ color=BLACK, label=< rdf:first > ] ; - node177 -> node598 [ color=BLACK, label=< sh:property > ] ; - node964 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node589 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node318 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node1015 -> node3 [ color=BLACK, label=< rdfs:range > ] ; - node135 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node137 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node456 -> node787 [ color=BLACK, label=< sh:property > ] ; - node505 -> node649 [ color=BLACK, label=< rdf:rest > ] ; - node599 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node109 -> node1026 [ color=BLACK, label=< rdf:rest > ] ; - node965 -> node384 [ color=BLACK, label=< sh:path > ] ; - node142 -> node279 [ color=BLACK, label=< sh:property > ] ; - node623 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node316 -> node918 [ color=BLACK, label=< rdf:rest > ] ; - node1025 -> node641 [ color=BLACK, label=< rdf:rest > ] ; - node640 -> node257 [ color=BLACK, label=< rdf:first > ] ; - node352 -> node874 [ color=BLACK, label=< rdf:type > ] ; - node991 -> node802 [ color=BLACK, label=< sh:path > ] ; - node1018 -> node257 [ color=BLACK, label=< rdf:first > ] ; - node383 -> node114 [ color=BLACK, label=< sh:class > ] ; - node99 -> node251 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node142 -> node456 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node8 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node434 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node1017 -> node386 [ color=BLACK, label=< rdf:rest > ] ; - node751 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node594 -> node1013 [ color=BLACK, label=< sh:path > ] ; - node169 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node478 -> node422 [ color=BLACK, label=< sh:property > ] ; - node983 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node921 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node180 -> node756 [ color=BLACK, label=< sh:path > ] ; - node133 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node797 -> node644 [ color=BLACK, label=< rdf:type > ] ; - node783 -> node582 [ color=BLACK, label=< rdf:type > ] ; - node229 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node691 -> node323 [ color=BLACK, label=< rdf:rest > ] ; - node943 -> node925 [ color=BLACK, label=< rdf:first > ] ; - node339 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node130 -> node652 [ color=BLACK, label=< sh:property > ] ; - node815 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node982 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node1021 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node37 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node478 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node958 -> node1019 [ color=BLACK, label=< sh:path > ] ; - node940 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node553 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node990 -> node91 [ color=BLACK, label=< rdf:first > ] ; - node514 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node664 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node641 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node149 -> node205 [ color=BLACK, label=< rdfs:range > ] ; - node552 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node63 -> node76 [ color=BLACK, label=< rdf:first > ] ; - node158 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node965 -> node521 [ color=BLACK, label=< sh:in > ] ; - node960 -> node866 [ color=BLACK, label=< rdf:rest > ] ; - node988 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node282 -> node557 [ color=BLACK, label=< rdf:first > ] ; - node674 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node1021 -> node40 [ color=BLACK, label=< sh:class > ] ; - node883 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node986 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node915 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node898 -> node633 [ color=BLACK, label=< rdf:first > ] ; - node217 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node489 -> node623 [ color=BLACK, label=< rdf:first > ] ; - node57 -> node1001 [ color=BLACK, label=< sh:property > ] ; - node398 -> node130 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node547 -> node94 [ color=BLACK, label=< rdf:type > ] ; - node987 -> node316 [ color=BLACK, label=< rdf:rest > ] ; - node578 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node332 -> node956 [ color=BLACK, label=< sh:in > ] ; - node235 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node647 -> node750 [ color=BLACK, label=< sh:property > ] ; - node35 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node173 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node575 -> node194 [ color=BLACK, label=< rdf:type > ] ; - node603 -> node111 [ color=BLACK, label=< rdf:first > ] ; - node457 -> node614 [ color=BLACK, label=< rdfs:range > ] ; - node81 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node269 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node326 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node995 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node981 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node447 -> node614 [ color=BLACK, label=< sh:class > ] ; - node176 -> node1013 [ color=BLACK, label=< sh:path > ] ; - node717 -> node656 [ color=BLACK, label=< rdf:rest > ] ; - node214 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node520 -> node645 [ color=BLACK, label=< rdf:rest > ] ; - node907 -> node609 [ color=BLACK, label=< rdf:first > ] ; - node472 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node498 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node455 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node1026 -> node990 [ color=BLACK, label=< rdf:rest > ] ; - node882 -> node845 [ color=BLACK, label=< rdf:rest > ] ; - node700 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node139 -> node88 [ color=BLACK, label=< rdfs:range > ] ; - node574 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node25 -> node0 [ color=BLACK, label=< sh:property > ] ; - node992 -> node525 [ color=BLACK, label=< rdf:rest > ] ; - node365 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node643 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node958 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node721 -> node789 [ color=BLACK, label=< rdf:rest > ] ; - node222 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node793 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node763 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node944 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node809 -> node391 [ color=BLACK, label=< rdf:first > ] ; - node667 -> node774 [ color=BLACK, label=< rdf:rest > ] ; - node3 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node354 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node931 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node218 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node903 -> node644 [ color=BLACK, label=< rdf:type > ] ; - node155 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node4 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node200 -> node266 [ color=BLACK, label=< sh:path > ] ; - node495 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node763 -> node153 [ color=BLACK, label=< sh:property > ] ; - node846 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node34 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node629 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node455 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node310 -> node591 [ color=BLACK, label=< rdf:rest > ] ; - node777 -> node473 [ color=BLACK, label=< sh:path > ] ; - node475 -> node188 [ color=BLACK, label=< rdf:first > ] ; - node671 -> node394 [ color=BLACK, label=< rdf:rest > ] ; - node710 -> node78 [ color=BLACK, label=< rdf:type > ] ; - node1003 -> node17 [ color=BLACK, label=< rdf:rest > ] ; - node500 -> node403 [ color=BLACK, label=< sh:datatype > ] ; - node537 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node565 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node417 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node1002 -> node228 [ color=BLACK, label=< rdfs:range > ] ; - node689 -> node393 [ color=BLACK, label=< sh:nodeKind > ] ; - node938 -> node241 [ color=BLACK, label=< sh:path > ] ; - node951 -> node615 [ color=BLACK, label=< rdf:rest > ] ; - node639 -> node803 [ color=BLACK, label=< rdf:first > ] ; - node614 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node318 -> node814 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node583 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node141 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node999 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node242 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node274 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node129 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node190 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node673 -> node37 [ color=BLACK, label=< rdf:first > ] ; - node87 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node99 -> node950 [ color=BLACK, label=< sh:property > ] ; - node830 -> node329 [ color=BLACK, label=< rdf:first > ] ; - node559 -> node1018 [ color=BLACK, label=< rdf:rest > ] ; - node899 -> node315 [ color=BLACK, label=< rdf:rest > ] ; - node660 -> node570 [ color=BLACK, label=< rdf:first > ] ; - node478 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node1026 -> node1006 [ color=BLACK, label=< rdf:first > ] ; - node909 -> node28 [ color=BLACK, label=< rdf:rest > ] ; - node478 -> node456 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node179 -> node694 [ color=BLACK, label=< sh:property > ] ; - node837 -> node415 [ color=BLACK, label=< sh:path > ] ; - node190 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node15 -> node22 [ color=BLACK, label=< rdf:type > ] ; - node1000 -> node407 [ color=BLACK, label=< rdf:first > ] ; - node991 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node719 -> node474 [ color=BLACK, label=< rdf:rest > ] ; - node1008 -> node242 [ color=BLACK, label=< rdf:first > ] ; - node1012 -> node308 [ color=BLACK, label=< rdf:rest > ] ; - node707 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node1005 -> node150 [ color=BLACK, label=< rdf:first > ] ; - node504 -> node783 [ color=BLACK, label=< rdf:first > ] ; - node789 -> node1024 [ color=BLACK, label=< rdf:rest > ] ; - node761 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node667 -> node264 [ color=BLACK, label=< rdf:first > ] ; - node1013 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node827 -> node435 [ color=BLACK, label=< rdf:first > ] ; - node562 -> node517 [ color=BLACK, label=< rdf:first > ] ; - node165 -> node528 [ color=BLACK, label=< sh:path > ] ; - node19 -> node103 [ color=BLACK, label=< rdf:rest > ] ; - node1001 -> node228 [ color=BLACK, label=< sh:datatype > ] ; - node913 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node269 -> node119 [ color=BLACK, label=< rdfs:range > ] ; - node922 -> node2 [ color=BLACK, label=< rdf:first > ] ; - node191 -> node585 [ color=BLACK, label=< sh:property > ] ; - node865 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node913 -> node456 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node625 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node918 -> node755 [ color=BLACK, label=< rdf:first > ] ; - node877 -> node130 [ color=BLACK, label=< rdfs:range > ] ; - node925 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node61 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node913 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node960 -> node387 [ color=BLACK, label=< rdf:first > ] ; - node250 -> node612 [ color=BLACK, label=< sh:property > ] ; - node106 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node766 -> node1000 [ color=BLACK, label=< rdf:rest > ] ; - node71 -> node165 [ color=BLACK, label=< sh:property > ] ; - node251 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node544 -> node1016 [ color=BLACK, label=< rdf:rest > ] ; - node192 -> node834 [ color=BLACK, label=< sh:in > ] ; - node1016 -> node297 [ color=BLACK, label=< rdf:first > ] ; - node923 -> node45 [ color=BLACK, label=< rdf:rest > ] ; - node788 -> node56 [ color=BLACK, label=< rdf:type > ] ; - node782 -> node60 [ color=BLACK, label=< rdf:type > ] ; - node961 -> node1014 [ color=BLACK, label=< sh:path > ] ; - node545 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node999 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node840 -> node541 [ color=BLACK, label=< rdf:first > ] ; - node417 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node753 -> node703 [ color=BLACK, label=< rdf:first > ] ; - node715 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node822 -> node577 [ color=BLACK, label=< rdf:first > ] ; - node875 -> node205 [ color=BLACK, label=< rdfs:range > ] ; - node218 -> node891 [ color=BLACK, label=< sh:path > ] ; - node334 -> node251 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node666 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node50 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node84 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node772 -> node354 [ color=BLACK, label=< sh:class > ] ; - node765 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node993 -> node638 [ color=BLACK, label=< rdf:first > ] ; - node80 -> node162 [ color=BLACK, label=< sh:datatype > ] ; - node932 -> node8 [ color=BLACK, label=< rdf:first > ] ; - node26 -> node245 [ color=BLACK, label=< sh:path > ] ; - node174 -> node878 [ color=BLACK, label=< sh:property > ] ; - node739 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node455 -> node456 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node134 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node1004 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node584 -> node623 [ color=BLACK, label=< rdf:first > ] ; - node636 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node701 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node229 -> node837 [ color=BLACK, label=< sh:property > ] ; - node989 -> node871 [ color=BLACK, label=< sh:class > ] ; - node726 -> node382 [ color=BLACK, label=< sh:path > ] ; - node160 -> node472 [ color=BLACK, label=< sh:path > ] ; - node205 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node410 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node40 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node956 -> node66 [ color=BLACK, label=< rdf:first > ] ; - node249 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node145 -> node431 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node528 -> node162 [ color=BLACK, label=< rdfs:range > ] ; - node750 -> node251 [ color=BLACK, label=< sh:class > ] ; - node1013 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node543 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node732 -> node14 [ color=BLACK, label=< rdf:type > ] ; + node630 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node775 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node896 -> node90 [ color=BLACK, label=< sh:class > ] ; + node192 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node261 -> node586 [ color=BLACK, label=< rdf:first > ] ; + node921 -> node241 [ color=BLACK, label=< rdf:first > ] ; + node854 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node562 -> node923 [ color=BLACK, label=< rdf:first > ] ; + node309 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node924 -> node850 [ color=BLACK, label=< rdf:rest > ] ; + node925 -> node355 [ color=BLACK, label=< rdf:rest > ] ; + node505 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node113 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node145 -> node173 [ color=BLACK, label=< rdfs:range > ] ; + node212 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node500 -> node926 [ color=BLACK, label=< sh:in > ] ; + node73 -> node835 [ color=BLACK, label=< sh:path > ] ; + node269 -> node871 [ color=BLACK, label=< sh:path > ] ; + node927 -> node80 [ color=BLACK, label=< rdfs:range > ] ; + node385 -> node126 [ color=BLACK, label=< rdf:rest > ] ; + node307 -> node334 [ color=BLACK, label=< sh:class > ] ; + node855 -> node929 [ color=BLACK, label=< rdf:rest > ] ; + node344 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node494 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node21 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node847 -> node247 [ color=BLACK, label=< rdf:first > ] ; + node226 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node334 -> node82 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node476 -> node17 [ color=BLACK, label=< rdf:type > ] ; + node816 -> node930 [ color=BLACK, label=< sh:path > ] ; + node472 -> node354 [ color=BLACK, label=< sh:path > ] ; + node506 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node319 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node886 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node348 -> node228 [ color=BLACK, label=< rdf:first > ] ; + node272 -> node231 [ color=BLACK, label=< rdf:first > ] ; + node42 -> node152 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node926 -> node596 [ color=BLACK, label=< rdf:rest > ] ; + node146 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node459 -> node522 [ color=BLACK, label=< sh:path > ] ; + node194 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node404 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node619 -> node891 [ color=BLACK, label=< sh:property > ] ; + node284 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node803 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node64 -> node932 [ color=BLACK, label=< sh:property > ] ; + node657 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node794 -> node56 [ color=BLACK, label=< rdf:type > ] ; + node826 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node192 -> node910 [ color=BLACK, label=< sh:property > ] ; + node851 -> node921 [ color=BLACK, label=< rdf:rest > ] ; + node346 -> node933 [ color=BLACK, label=< owl:sameAs > ] ; + node594 -> node189 [ color=BLACK, label=< sh:property > ] ; + node782 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node691 -> node669 [ color=BLACK, label=< rdf:rest > ] ; + node604 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node248 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node178 -> node194 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node783 -> node293 [ color=BLACK, label=< sh:property > ] ; + node202 -> node274 [ color=BLACK, label=< sh:path > ] ; + node160 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node934 -> node762 [ color=BLACK, label=< rdf:first > ] ; + node489 -> node302 [ color=BLACK, label=< sh:path > ] ; + node329 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node936 -> node564 [ color=BLACK, label=< rdf:rest > ] ; + node254 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node194 -> node881 [ color=BLACK, label=< sh:property > ] ; + node268 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node126 -> node889 [ color=BLACK, label=< rdf:rest > ] ; + node741 -> node490 [ color=BLACK, label=< rdf:first > ] ; + node399 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node750 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node285 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node550 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node925 -> node688 [ color=BLACK, label=< rdf:first > ] ; + node714 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node856 -> node842 [ color=BLACK, label=< sh:path > ] ; + node450 -> node158 [ color=BLACK, label=< rdf:first > ] ; + node221 -> node159 [ color=BLACK, label=< rdf:type > ] ; + node938 -> node858 [ color=BLACK, label=< rdf:first > ] ; + node238 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node797 -> node144 [ color=BLACK, label=< rdfs:range > ] ; + node291 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node563 -> node414 [ color=BLACK, label=< rdf:first > ] ; + node674 -> node348 [ color=BLACK, label=< rdf:rest > ] ; + node140 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node474 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node24 -> node870 [ color=BLACK, label=< sh:property > ] ; + node561 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node358 -> node566 [ color=BLACK, label=< rdf:first > ] ; + node652 -> node338 [ color=BLACK, label=< rdf:rest > ] ; + node329 -> node14 [ color=BLACK, label=< sh:property > ] ; + node737 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node486 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node639 -> node477 [ color=BLACK, label=< rdf:type > ] ; + node939 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node53 -> node92 [ color=BLACK, label=< sh:property > ] ; + node783 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node565 -> node585 [ color=BLACK, label=< rdf:first > ] ; + node767 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node46 -> node477 [ color=BLACK, label=< rdf:type > ] ; + node912 -> node690 [ color=BLACK, label=< rdf:rest > ] ; + node570 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node940 -> node764 [ color=BLACK, label=< sh:path > ] ; + node941 -> node729 [ color=BLACK, label=< rdf:rest > ] ; + node75 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node45 -> node571 [ color=BLACK, label=< rdf:first > ] ; + node831 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node193 -> node928 [ color=BLACK, label=< rdf:first > ] ; + node242 -> node151 [ color=BLACK, label=< sh:property > ] ; + node304 -> node936 [ color=BLACK, label=< rdf:rest > ] ; + node816 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node909 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node560 -> node437 [ color=BLACK, label=< rdf:rest > ] ; + node315 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node11 -> node146 [ color=BLACK, label=< sh:property > ] ; + node194 -> node619 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node499 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node900 -> node201 [ color=BLACK, label=< rdfs:range > ] ; + node859 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node780 -> node791 [ color=BLACK, label=< sh:path > ] ; + node202 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node189 -> node542 [ color=BLACK, label=< sh:class > ] ; + node169 -> node160 [ color=BLACK, label=< rdf:first > ] ; + node942 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node446 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node943 -> node653 [ color=BLACK, label=< rdf:type > ] ; + node179 -> node527 [ color=BLACK, label=< sh:path > ] ; + node704 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node183 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node733 -> node57 [ color=BLACK, label=< sh:class > ] ; + node578 -> node906 [ color=BLACK, label=< rdf:rest > ] ; + node935 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node901 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node268 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node72 -> node533 [ color=BLACK, label=< sh:property > ] ; + node945 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node921 -> node176 [ color=BLACK, label=< rdf:rest > ] ; + node825 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node462 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node946 -> node317 [ color=BLACK, label=< rdf:first > ] ; + node361 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node92 -> node947 [ color=BLACK, label=< sh:path > ] ; + node948 -> node863 [ color=BLACK, label=< rdf:first > ] ; + node431 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node686 -> node653 [ color=BLACK, label=< rdfs:range > ] ; + node152 -> node394 [ color=BLACK, label=< sh:property > ] ; + node512 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node417 -> node450 [ color=BLACK, label=< rdf:rest > ] ; + node235 -> node949 [ color=BLACK, label=< sh:in > ] ; + node871 -> node32 [ color=BLACK, label=< rdfs:range > ] ; + node754 -> node57 [ color=BLACK, label=< rdf:type > ] ; + node152 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node788 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node527 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node608 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node503 -> node541 [ color=BLACK, label=< sh:path > ] ; + node950 -> node93 [ color=BLACK, label=< rdf:rest > ] ; + node812 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node17 -> node896 [ color=BLACK, label=< sh:property > ] ; + node860 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node244 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node181 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node49 -> node834 [ color=BLACK, label=< sh:class > ] ; + node672 -> node590 [ color=BLACK, label=< rdf:first > ] ; + node329 -> node162 [ color=BLACK, label=< sh:property > ] ; + node166 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node646 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node952 -> node687 [ color=BLACK, label=< rdf:first > ] ; + node870 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node100 -> node165 [ color=BLACK, label=< rdf:rest > ] ; + node542 -> node665 [ color=BLACK, label=< sh:property > ] ; + node354 -> node57 [ color=BLACK, label=< rdfs:range > ] ; + node660 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node334 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node322 -> node607 [ color=BLACK, label=< rdf:first > ] ; + node54 -> node256 [ color=BLACK, label=< sh:path > ] ; + node392 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node953 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node262 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node252 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node736 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node64 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node635 -> node175 [ color=BLACK, label=< rdf:first > ] ; + node684 -> node454 [ color=BLACK, label=< sh:datatype > ] ; + node40 -> node202 [ color=BLACK, label=< sh:property > ] ; + node458 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node89 -> node318 [ color=BLACK, label=< rdf:rest > ] ; + node299 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node163 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node319 -> node135 [ color=BLACK, label=< rdf:type > ] ; + node41 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node725 -> node837 [ color=BLACK, label=< rdf:first > ] ; + node73 -> node159 [ color=BLACK, label=< sh:class > ] ; + node564 -> node796 [ color=BLACK, label=< rdf:first > ] ; + node514 -> node143 [ color=BLACK, label=< sh:path > ] ; + node950 -> node773 [ color=BLACK, label=< rdf:first > ] ; + node324 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node358 -> node954 [ color=BLACK, label=< rdf:rest > ] ; + node914 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node763 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node309 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node829 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node162 -> node522 [ color=BLACK, label=< sh:path > ] ; + node74 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node532 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node591 -> node756 [ color=BLACK, label=< sh:path > ] ; + node605 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node955 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node221 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node685 -> node341 [ color=BLACK, label=< rdf:type > ] ; + node711 -> node617 [ color=BLACK, label=< rdf:first > ] ; + node828 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node441 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node314 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node706 -> node877 [ color=BLACK, label=< rdf:type > ] ; + node956 -> node944 [ color=BLACK, label=< rdf:first > ] ; + node124 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node192 -> node939 [ color=BLACK, label=< sh:property > ] ; + node896 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node957 -> node767 [ color=BLACK, label=< rdf:first > ] ; + node346 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node958 -> node653 [ color=BLACK, label=< rdf:type > ] ; + node959 -> node960 [ color=BLACK, label=< rdf:rest > ] ; + node685 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node688 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node340 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node961 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node326 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node697 -> node435 [ color=BLACK, label=< rdf:rest > ] ; + node243 -> node942 [ color=BLACK, label=< sh:path > ] ; + node90 -> node367 [ color=BLACK, label=< sh:property > ] ; + node424 -> node822 [ color=BLACK, label=< rdf:rest > ] ; + node609 -> node19 [ color=BLACK, label=< rdf:rest > ] ; + node233 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node815 -> node38 [ color=BLACK, label=< sh:path > ] ; + node336 -> node486 [ color=BLACK, label=< sh:path > ] ; + node480 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node839 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node17 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node378 -> node934 [ color=BLACK, label=< rdf:rest > ] ; + node335 -> node548 [ color=BLACK, label=< sh:in > ] ; + node662 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node476 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node277 -> node752 [ color=BLACK, label=< sh:in > ] ; + node553 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node347 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node695 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node530 -> node938 [ color=BLACK, label=< rdf:rest > ] ; + node836 -> node57 [ color=BLACK, label=< rdf:type > ] ; + node415 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node809 -> node834 [ color=BLACK, label=< rdf:type > ] ; + node350 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node351 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node345 -> node57 [ color=BLACK, label=< rdf:type > ] ; + node492 -> node917 [ color=BLACK, label=< sh:path > ] ; + node626 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node786 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node254 -> node659 [ color=BLACK, label=< sh:path > ] ; + node20 -> node950 [ color=BLACK, label=< rdf:rest > ] ; + node962 -> node917 [ color=BLACK, label=< sh:path > ] ; + node242 -> node736 [ color=BLACK, label=< sh:property > ] ; + node471 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node963 -> node55 [ color=BLACK, label=< rdf:first > ] ; + node658 -> node375 [ color=BLACK, label=< rdf:first > ] ; + node156 -> node406 [ color=BLACK, label=< sh:path > ] ; + node611 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node426 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node928 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node964 -> node722 [ color=BLACK, label=< rdf:rest > ] ; + node478 -> node102 [ color=BLACK, label=< rdf:first > ] ; + node526 -> node714 [ color=BLACK, label=< rdf:first > ] ; + node839 -> node627 [ color=BLACK, label=< rdfs:range > ] ; + node308 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node399 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node700 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node531 -> node658 [ color=BLACK, label=< sh:in > ] ; + node512 -> node604 [ color=BLACK, label=< sh:path > ] ; + node758 -> node828 [ color=BLACK, label=< rdf:first > ] ; + node495 -> node116 [ color=BLACK, label=< sh:path > ] ; + node82 -> node255 [ color=BLACK, label=< sh:property > ] ; + node59 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node742 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node503 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node292 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node508 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node965 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node81 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node408 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node717 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node787 -> node144 [ color=BLACK, label=< rdfs:range > ] ; + node304 -> node356 [ color=BLACK, label=< rdf:first > ] ; + node823 -> node426 [ color=BLACK, label=< sh:path > ] ; + node966 -> node909 [ color=BLACK, label=< rdf:first > ] ; + node540 -> node157 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node360 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node762 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node193 -> node967 [ color=BLACK, label=< rdf:rest > ] ; + node539 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node332 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node940 -> node148 [ color=BLACK, label=< sh:class > ] ; + node681 -> node399 [ color=BLACK, label=< rdf:first > ] ; + node289 -> node555 [ color=BLACK, label=< rdfs:range > ] ; + node64 -> node35 [ color=BLACK, label=< sh:property > ] ; node883 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node154 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node395 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node260 -> node449 [ color=BLACK, label=< sh:property > ] ; - node330 -> node865 [ color=BLACK, label=< sh:property > ] ; - node483 -> node136 [ color=BLACK, label=< rdf:type > ] ; - node230 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node121 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node4 -> node343 [ color=BLACK, label=< sh:property > ] ; - node351 -> node670 [ color=BLACK, label=< rdf:type > ] ; - node318 -> node227 [ color=BLACK, label=< sh:property > ] ; - node268 -> node273 [ color=BLACK, label=< rdf:type > ] ; - node827 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node10 -> node352 [ color=BLACK, label=< rdf:first > ] ; - node973 -> node869 [ color=BLACK, label=< rdf:first > ] ; - node901 -> node196 [ color=BLACK, label=< rdf:first > ] ; - node777 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node16 -> node130 [ color=BLACK, label=< sh:class > ] ; - node578 -> node7 [ color=BLACK, label=< rdf:type > ] ; - node103 -> node491 [ color=BLACK, label=< rdf:first > ] ; - node784 -> node234 [ color=BLACK, label=< rdf:first > ] ; - node16 -> node945 [ color=BLACK, label=< sh:path > ] ; - node58 -> node119 [ color=BLACK, label=< sh:datatype > ] ; - node647 -> node939 [ color=BLACK, label=< rdfs:subClassOf > ] ; - node338 -> node5 [ color=BLACK, label=< rdf:type > ] ; - node472 -> node32 [ color=BLACK, label=< rdfs:range > ] ; - node512 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node908 -> node850 [ color=BLACK, label=< sh:path > ] ; - node12 -> node597 [ color=BLACK, label=< sh:path > ] ; - node153 -> node666 [ color=BLACK, label=< sh:path > ] ; - node983 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node647 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node42 -> node382 [ color=BLACK, label=< sh:path > ] ; - node713 -> node286 [ color=BLACK, label=< sh:path > ] ; - node982 -> node921 [ color=BLACK, label=< sh:path > ] ; - node332 -> node175 [ color=BLACK, label=< sh:nodeKind > ] ; - node412 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node929 -> node29 [ color=BLACK, label=< rdf:rest > ] ; - node1011 -> node443 [ color=BLACK, label=< rdf:first > ] ; - node634 -> node403 [ color=BLACK, label=< sh:datatype > ] ; - node524 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node359 -> node230 [ color=BLACK, label=< sh:path > ] ; - node982 -> node1 [ color=BLACK, label=< sh:nodeKind > ] ; - node405 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node736 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node357 -> node187 [ color=BLACK, label=< sh:nodeKind > ] ; - node1024 -> node566 [ color=BLACK, label=< rdf:first > ] ; - node21 -> node246 [ color=BLACK, label=< rdf:type > ] ; - node723 -> node96 [ color=BLACK, label=< rdf:type > ] ; - node782 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node45 -> node1025 [ color=BLACK, label=< rdf:rest > ] ; - node64 -> node321 [ color=BLACK, label=< rdf:rest > ] ; - node360 -> node32 [ color=BLACK, label=< sh:datatype > ] ; - node329 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node233 -> node207 [ color=BLACK, label=< rdf:first > ] ; - node829 -> node610 [ color=BLACK, label=< rdf:first > ] ; - node64 -> node794 [ color=BLACK, label=< rdf:first > ] ; - node976 -> node348 [ color=BLACK, label=< rdf:first > ] ; - node494 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node775 -> node14 [ color=BLACK, label=< rdf:type > ] ; - node444 -> node29 [ color=BLACK, label=< rdf:rest > ] ; -# Nd37b14c41ee74a409251c039c2410877 node0 -node0 [ shape=none, color=black label=<
Nd37b14c41ee74a409251c039c2410877
Nd37b14c41ee74a409251c039c2410877
sh:maxCount"1"^^xsd:integer
> ] -# http://www.w3.org/ns/shacl#Literal node1 -node1 [ shape=none, color=black label=<
Literal
http://www.w3.org/ns/shacl#Literal
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough node2 -node2 [ shape=none, color=black label=<
clickthrough
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough
rdfs:comment"the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType node3 -node3 [ shape=none, color=black label=<
DatasetAvailabilityType
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType
rdfs:comment"Availability of dataset."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo node4 -node4 [ shape=none, color=black label=<
CreationInfo
https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo
rdfs:comment"Provides information about the creation of the Element."@en
> ] -# http://www.w3.org/2002/07/owl#Class node5 -node5 [ shape=none, color=black label=<
Class
http://www.w3.org/2002/07/owl#Class
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel node6 -node6 [ shape=none, color=black label=<
typeOfModel
https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel
rdfs:comment"Records the type of the model used in the AI software."@en
> ] -# http://www.w3.org/2002/07/owl#DatatypeProperty node7 -node7 [ shape=none, color=black label=<
DatatypeProperty
http://www.w3.org/2002/07/owl#DatatypeProperty
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other node8 -node8 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other
rdfs:comment"the Element doesn't fit into any of the other categories"@en
> ] -# Nd5d3ec9436fc4813acba9ba43b532d73 node9 -node9 [ shape=none, color=black label=<
Nd5d3ec9436fc4813acba9ba43b532d73
Nd5d3ec9436fc4813acba9ba43b532d73
sh:maxCount"1"^^xsd:integer
> ] -# N8152890ff07d43fc960b98f8690ecbf8 node10 -node10 [ shape=none, color=black label=<
N8152890ff07d43fc960b98f8690ecbf8
N8152890ff07d43fc960b98f8690ecbf8
> ] -# N15fb933075b34c4b84edba08865431fa node11 -node11 [ shape=none, color=black label=<
N15fb933075b34c4b84edba08865431fa
N15fb933075b34c4b84edba08865431fa
> ] -# Nae5d16b4cf8f4e5b89a5360b7ba27110 node12 -node12 [ shape=none, color=black label=<
Nae5d16b4cf8f4e5b89a5360b7ba27110
Nae5d16b4cf8f4e5b89a5360b7ba27110
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration node13 -node13 [ shape=none, color=black label=<
configuration
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration
rdfs:comment"Element is configuration data"@en
> ] -# http://www.w3.org/2002/07/owl#NamedIndividual node14 -node14 [ shape=none, color=black label=<
NamedIndividual
http://www.w3.org/2002/07/owl#NamedIndividual
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Annotation node15 -node15 [ shape=none, color=black label=<
Annotation
https://spdx.org/rdf/3.0.1/terms/Core/Annotation
rdfs:comment"An assertion made in relation to one or more elements."@en
> ] -# Nb43e5f1bb1bc4610a45d4ba2e90cdc20 node16 -node16 [ shape=none, color=black label=<
Nb43e5f1bb1bc4610a45d4ba2e90cdc20
Nb43e5f1bb1bc4610a45d4ba2e90cdc20
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Nd857f3ad6c25431f8ec2662dc0c47ce4 node17 -node17 [ shape=none, color=black label=<
Nd857f3ad6c25431f8ec2662dc0c47ce4
Nd857f3ad6c25431f8ec2662dc0c47ce4
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList node18 -node18 [ shape=none, color=black label=<
mailingList
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList
rdfs:comment"A reference to the mailing list used by the maintainer for a package."@en
> ] -# Nd70e9499239b4973a00308f443b0aa3a node19 -node19 [ shape=none, color=black label=<
Nd70e9499239b4973a00308f443b0aa3a
Nd70e9499239b4973a00308f443b0aa3a
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model node20 -node20 [ shape=none, color=black label=<
model
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model
rdfs:comment"the Element is a machine learning or artificial intelligence model"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License node21 -node21 [ shape=none, color=black label=<
License
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License
rdfs:comment"Abstract class for the portion of an AnyLicenseInfo representing a license."@en
> ] -# http://www.w3.org/ns/shacl#NodeShape node22 -node22 [ shape=none, color=black label=<
NodeShape
http://www.w3.org/ns/shacl#NodeShape
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support node23 -node23 [ shape=none, color=black label=<
support
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support
rdfs:comment"the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType node24 -node24 [ shape=none, color=black label=<
AnnotationType
https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType
rdfs:comment"Specifies the type of an annotation."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense node25 -node25 [ shape=none, color=black label=<
ListedLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense
rdfs:comment"A license that is listed on the SPDX License List."@en
> ] -# N0563aa63f65c47c8b4174e7081458902 node26 -node26 [ shape=none, color=black label=<
N0563aa63f65c47c8b4174e7081458902
N0563aa63f65c47c8b4174e7081458902
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability node27 -node27 [ shape=none, color=black label=<
modelExplainability
https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability
rdfs:comment"Describes methods that can be used to explain the results from the AI model."@en
> ] -# N4be8d8be36ed4c9980417563b4e60154 node28 -node28 [ shape=none, color=black label=<
N4be8d8be36ed4c9980417563b4e60154
N4be8d8be36ed4c9980417563b4e60154
> ] -# http://www.w3.org/1999/02/22-rdf-syntax-ns#nil node29 -node29 [ shape=none, color=black label=<
nil
http://www.w3.org/1999/02/22-rdf-syntax-ns#nil
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor node30 -node30 [ shape=none, color=black label=<
sensor
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor
rdfs:comment"data is recorded from a physical sensor, such as a thermometer reading or biometric device."@en
> ] -# N47f2fa3f4eb14cce8d2004886e665359 node31 -node31 [ shape=none, color=black label=<
N47f2fa3f4eb14cce8d2004886e665359
N47f2fa3f4eb14cce8d2004886e665359
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# http://www.w3.org/2001/XMLSchema#string node32 -node32 [ shape=none, color=black label=<
string
http://www.w3.org/2001/XMLSchema#string
> ] -# Nffc423768dab473b8dc162ee1e3fa4ef node33 -node33 [ shape=none, color=black label=<
Nffc423768dab473b8dc162ee1e3fa4ef
Nffc423768dab473b8dc162ee1e3fa4ef
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry node34 -node34 [ shape=none, color=black label=<
DictionaryEntry
https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry
rdfs:comment"A key with an associated value."@en
> ] -# N543d63687b8b48a6940b62df555fb341 node35 -node35 [ shape=none, color=black label=<
N543d63687b8b48a6940b62df555fb341
N543d63687b8b48a6940b62df555fb341
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N84b4909b82594347beb7e02ebfe2bf3d node36 -node36 [ shape=none, color=black label=<
N84b4909b82594347beb7e02ebfe2bf3d
N84b4909b82594347beb7e02ebfe2bf3d
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev node37 -node37 [ shape=none, color=black label=<
kev
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev
rdfs:comment"CISA's Known Exploited Vulnerability (KEV) Catalog"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType node38 -node38 [ shape=none, color=black label=<
ExploitCatalogType
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType
rdfs:comment"Specifies the exploit catalog type."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption node39 -node39 [ shape=none, color=black label=<
finetuningEnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption
rdfs:comment"Specifies the amount of energy consumed when finetuning the AI model that is -being used in the AI system."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription node40 -node40 [ shape=none, color=black label=<
EnergyConsumptionDescription
https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription
rdfs:comment"The class that helps note down the quantity of energy consumption and the unit -used for measurement."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType node41 -node41 [ shape=none, color=black label=<
SupportType
https://spdx.org/rdf/3.0.1/terms/Core/SupportType
rdfs:comment"Indicates the type of support that is associated with an artifact."@en
> ] -# N229a18e960c942c6815157a7732961db node42 -node42 [ shape=none, color=black label=<
N229a18e960c942c6815157a7732961db
N229a18e960c942c6815157a7732961db
sh:maxCount"1"^^xsd:integer
> ] -# N163b498ac04443a192cc1f9bd8d56c89 node43 -node43 [ shape=none, color=black label=<
N163b498ac04443a192cc1f9bd8d56c89
N163b498ac04443a192cc1f9bd8d56c89
> ] -# N55310ca8f242463f80f99f9980b47f20 node44 -node44 [ shape=none, color=black label=<
N55310ca8f242463f80f99f9980b47f20
N55310ca8f242463f80f99f9980b47f20
> ] -# Ne3568d381ced4ef186029dbdb135d9d0 node45 -node45 [ shape=none, color=black label=<
Ne3568d381ced4ef186029dbdb135d9d0
Ne3568d381ced4ef186029dbdb135d9d0
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query node46 -node46 [ shape=none, color=black label=<
query
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query
rdfs:comment"the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset."@en
> ] -# Nbd26c14b29914edcb6b1af22a23596cf node47 -node47 [ shape=none, color=black label=<
Nbd26c14b29914edcb6b1af22a23596cf
Nbd26c14b29914edcb6b1af22a23596cf
sh:maxCount"1"^^xsd:integer
> ] -# N9a0b2028f94a40f5918c364a849bbe4f node48 -node48 [ shape=none, color=black label=<
N9a0b2028f94a40f5918c364a849bbe4f
N9a0b2028f94a40f5918c364a849bbe4f
> ] -# N2a8de22f023443659801fa556ceb9073 node49 -node49 [ shape=none, color=black label=<
N2a8de22f023443659801fa556ceb9073
N2a8de22f023443659801fa556ceb9073
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy node50 -node50 [ shape=none, color=black label=<
foundBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy
rdfs:comment"(Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s)."@en
> ] -# N48b2fe27cfee44558d9afee8c2b66128 node51 -node51 [ shape=none, color=black label=<
N48b2fe27cfee44558d9afee8c2b66128
N48b2fe27cfee44558d9afee8c2b66128
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable node52 -node52 [ shape=none, color=black label=<
executable
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable
rdfs:comment"Element is an Artifact that can be run on a computer"@en
> ] -# N3a9105802b934ccd9f58ce85d1d9c32a node53 -node53 [ shape=none, color=black label=<
N3a9105802b934ccd9f58ce85d1d9c32a
N3a9105802b934ccd9f58ce85d1d9c32a
> ] -# Nb7a83c9ed855462b821801ecfb0fc376 node54 -node54 [ shape=none, color=black label=<
Nb7a83c9ed855462b821801ecfb0fc376
Nb7a83c9ed855462b821801ecfb0fc376
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member node55 -node55 [ shape=none, color=black label=<
member
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member
rdfs:comment"A license expression participating in a license set."@en
> ] -# http://www.w3.org/2002/07/owl#ObjectProperty node56 -node56 [ shape=none, color=black label=<
ObjectProperty
http://www.w3.org/2002/07/owl#ObjectProperty
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship node57 -node57 [ shape=none, color=black label=<
ExploitCatalogVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship
rdfs:comment"Provides an exploit assessment of a vulnerability."@en
> ] -# N50ee43d48bfa48a7a1ed11d8f1a142be node58 -node58 [ shape=none, color=black label=<
N50ee43d48bfa48a7a1ed11d8f1a142be
N50ee43d48bfa48a7a1ed11d8f1a142be
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact node59 -node59 [ shape=none, color=black label=<
sourceArtifact
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact
rdfs:comment"A reference to an artifact containing the sources for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType node60 -node60 [ shape=none, color=black label=<
ExternalRefType
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType
rdfs:comment"Specifies the type of an external reference."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload node61 -node61 [ shape=none, color=black label=<
directDownload
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload
rdfs:comment"the dataset is publicly available and can be downloaded directly."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation node62 -node62 [ shape=none, color=black label=<
documentation
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation
rdfs:comment"A reference to the documentation for a package."@en
> ] -# N64840a16f03c4fad8064fd615a0f2688 node63 -node63 [ shape=none, color=black label=<
N64840a16f03c4fad8064fd615a0f2688
N64840a16f03c4fad8064fd615a0f2688
> ] -# N233fe9bc1bc246b1af1d4517eb5c080d node64 -node64 [ shape=none, color=black label=<
N233fe9bc1bc246b1af1d4517eb5c080d
N233fe9bc1bc246b1af1d4517eb5c080d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/creationInfo node65 -node65 [ shape=none, color=black label=<
creationInfo
https://spdx.org/rdf/3.0.1/terms/Core/creationInfo
rdfs:comment"Provides information about the creation of the Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application node66 -node66 [ shape=none, color=black label=<
application
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application
rdfs:comment"the Element is a software application"@en
> ] -# Nf72986e1c98b463e943ec76915808e3c node67 -node67 [ shape=none, color=black label=<
Nf72986e1c98b463e943ec76915808e3c
Nf72986e1c98b463e943ec76915808e3c
> ] -# Nff4648904d5e4196b22b087b1f1ca6b5 node68 -node68 [ shape=none, color=black label=<
Nff4648904d5e4196b22b087b1f1ca6b5
Nff4648904d5e4196b22b087b1f1ca6b5
> ] -# N181a56b746e04042b562daa597b9d293 node69 -node69 [ shape=none, color=black label=<
N181a56b746e04042b562daa597b9d293
N181a56b746e04042b562daa597b9d293
sh:maxCount"1"^^xsd:integer
> ] -# N43b5df2908794ef3b4a68fd39936375c node70 -node70 [ shape=none, color=black label=<
N43b5df2908794ef3b4a68fd39936375c
N43b5df2908794ef3b4a68fd39936375c
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Relationship node71 -node71 [ shape=none, color=black label=<
Relationship
https://spdx.org/rdf/3.0.1/terms/Core/Relationship
rdfs:comment"Describes a relationship between one or more elements."@en
> ] -# N01bedce58ff844339283349897b23b39 node72 -node72 [ shape=none, color=black label=<
N01bedce58ff844339283349897b23b39
N01bedce58ff844339283349897b23b39
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N3cad7c17be0440a4903a2915ac43d25f node73 -node73 [ shape=none, color=black label=<
N3cad7c17be0440a4903a2915ac43d25f
N3cad7c17be0440a4903a2915ac43d25f
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy node74 -node74 [ shape=none, color=black label=<
coordinatedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy
rdfs:comment"(Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid node75 -node75 [ shape=none, color=black label=<
swhid
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid
rdfs:comment"SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512 node76 -node76 [ shape=none, color=black label=<
blake2b512
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512
rdfs:comment"BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23 node77 -node77 [ shape=none, color=black label=<
cpe23
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23
rdfs:comment"[Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType node78 -node78 [ shape=none, color=black label=<
ExternalIdentifierType
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType
rdfs:comment"Specifies the type of an external identifier."@en
> ] -# Nb59ef1dc77cc42edbf207f77d9ba0183 node79 -node79 [ shape=none, color=black label=<
Nb59ef1dc77cc42edbf207f77d9ba0183
Nb59ef1dc77cc42edbf207f77d9ba0183
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Ne1e293c61fa94dd783956b433df71aac node80 -node80 [ shape=none, color=black label=<
Ne1e293c61fa94dd783956b433df71aac
Ne1e293c61fa94dd783956b433df71aac
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic node81 -node81 [ shape=none, color=black label=<
syntactic
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic
rdfs:comment"data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier node82 -node82 [ shape=none, color=black label=<
ContentIdentifier
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier
rdfs:comment"A canonical, unique, immutable identifier"@en
> ] -# Nfe490fe1ea184ae7ad5670262baf67d5 node83 -node83 [ shape=none, color=black label=<
Nfe490fe1ea184ae7ad5670262baf67d5
Nfe490fe1ea184ae7ad5670262baf67d5
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment node84 -node84 [ shape=none, color=black label=<
riskAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment
rdfs:comment"A reference to a risk assessment for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod node85 -node85 [ shape=none, color=black label=<
IntegrityMethod
https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod
rdfs:comment"Provides an independently reproducible mechanism that permits verification of a specific Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low node86 -node86 [ shape=none, color=black label=<
low
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low
rdfs:comment"Low/no risk is posed by an AI system."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType node87 -node87 [ shape=none, color=black label=<
SafetyRiskAssessmentType
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType
rdfs:comment"Specifies the safety risk level."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange node88 -node88 [ shape=none, color=black label=<
PositiveIntegerRange
https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange
rdfs:comment"A tuple of two positive integers that define a range."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship node89 -node89 [ shape=none, color=black label=<
LifecycleScopedRelationship
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship
rdfs:comment"Provide context for a relationship that occurs in the lifecycle."@en
> ] -# Naa63031a8cfb4caab4f384ab084f19b5 node90 -node90 [ shape=none, color=black label=<
Naa63031a8cfb4caab4f384ab084f19b5
Naa63031a8cfb4caab4f384ab084f19b5
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment node91 -node91 [ shape=none, color=black label=<
privacyAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment
rdfs:comment"A reference to a privacy assessment for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/relationshipType node92 -node92 [ shape=none, color=black label=<
relationshipType
https://spdx.org/rdf/3.0.1/terms/Core/relationshipType
rdfs:comment"Information about the relationship between two Elements."@en
> ] -# N16ffe6992555405d94430b740912d3f1 node93 -node93 [ shape=none, color=black label=<
N16ffe6992555405d94430b740912d3f1
N16ffe6992555405d94430b740912d3f1
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType node94 -node94 [ shape=none, color=black label=<
DatasetType
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType
rdfs:comment"Enumeration of dataset types."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/standardName node95 -node95 [ shape=none, color=black label=<
standardName
https://spdx.org/rdf/3.0.1/terms/Core/standardName
rdfs:comment"The name of a relevant standard that may apply to an artifact."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm node96 -node96 [ shape=none, color=black label=<
HashAlgorithm
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm
rdfs:comment"A mathematical algorithm that maps data of arbitrary size to a bit string."@en
> ] -# N96e8d9fef23a46b7ac5c6cc061e4121a node97 -node97 [ shape=none, color=black label=<
N96e8d9fef23a46b7ac5c6cc061e4121a
N96e8d9fef23a46b7ac5c6cc061e4121a
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# Nd18adf36cbf54423b6154234d5f25535 node98 -node98 [ shape=none, color=black label=<
Nd18adf36cbf54423b6154234d5f25535
Nd18adf36cbf54423b6154234d5f25535
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet node99 -node99 [ shape=none, color=black label=<
ConjunctiveLicenseSet
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet
rdfs:comment"Portion of an AnyLicenseInfo representing a set of licensing information -where all elements apply."@en
> ] -# Ne2fe08f0ccdd49a79063c89a48aac770 node100 -node100 [ shape=none, color=black label=<
Ne2fe08f0ccdd49a79063c89a48aac770
Ne2fe08f0ccdd49a79063c89a48aac770
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion node101 -node101 [ shape=none, color=black label=<
deprecatedVersion
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion
rdfs:comment"Specifies the SPDX License List version in which this license or exception -identifier was deprecated."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other node102 -node102 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other
rdfs:comment"any hashing algorithm that does not exist in this list of entries"@en
> ] -# Nee795f5dcbac49be8664d6f72e015623 node103 -node103 [ shape=none, color=black label=<
Nee795f5dcbac49be8664d6f72e015623
Nee795f5dcbac49be8664d6f72e015623
> ] -# N69c41d6642104842bc846119a90cc306 node104 -node104 [ shape=none, color=black label=<
N69c41d6642104842bc846119a90cc306
N69c41d6642104842bc846119a90cc306
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image node105 -node105 [ shape=none, color=black label=<
image
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image
rdfs:comment"data is a collection of images such as pictures of animals."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other node106 -node106 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other
rdfs:comment"data is of a type not included in this list."@en
> ] -# Nfc72383686de41c587360e4dde50d30d node107 -node107 [ shape=none, color=black label=<
Nfc72383686de41c587360e4dde50d30d
Nfc72383686de41c587360e4dde50d30d
> ] -# N4bb0995617f64da4a04a2bedc61e9b1d node108 -node108 [ shape=none, color=black label=<
N4bb0995617f64da4a04a2bedc61e9b1d
N4bb0995617f64da4a04a2bedc61e9b1d
> ] -# N867b2281b1e34b83b3352ffb31f1aa60 node109 -node109 [ shape=none, color=black label=<
N867b2281b1e34b83b3352ffb31f1aa60
N867b2281b1e34b83b3352ffb31f1aa60
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license node110 -node110 [ shape=none, color=black label=<
license
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license
rdfs:comment"A reference to additional license information related to an artifact."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta node111 -node111 [ shape=none, color=black label=<
buildMeta
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta
rdfs:comment"A reference build metadata related to a published package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier node112 -node112 [ shape=none, color=black label=<
ExternalIdentifier
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier
rdfs:comment"A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element."@en
> ] -# Ncc2ce3cb0a1c40df9da785a3a532ce96 node113 -node113 [ shape=none, color=black label=<
Ncc2ce3cb0a1c40df9da785a3a532ce96
Ncc2ce3cb0a1c40df9da785a3a532ce96
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/File node114 -node114 [ shape=none, color=black label=<
File
https://spdx.org/rdf/3.0.1/terms/Software/File
rdfs:comment"Refers to any object that stores content on a computer."@en
> ] -# N334c6e67c3924cb888dfa06b0a4bcf49 node115 -node115 [ shape=none, color=black label=<
N334c6e67c3924cb888dfa06b0a4bcf49
N334c6e67c3924cb888dfa06b0a4bcf49
sh:maxCount"1"^^xsd:integer
sh:pattern"^[^\/]+\/[^\/]+$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime node116 -node116 [ shape=none, color=black label=<
withdrawnTime
https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime
rdfs:comment"Specified the time and date when a vulnerability was withdrawn."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther node117 -node117 [ shape=none, color=black label=<
securityOther
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther
rdfs:comment"Used when there is a security related identifier of unspecified type."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId node118 -node118 [ shape=none, color=black label=<
isDeprecatedAdditionId
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId
rdfs:comment"Specifies whether an additional text identifier has been marked as deprecated."@en
> ] -# http://www.w3.org/2001/XMLSchema#boolean node119 -node119 [ shape=none, color=black label=<
boolean
http://www.w3.org/2001/XMLSchema#boolean
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/packageUrl node120 -node120 [ shape=none, color=black label=<
packageUrl
https://spdx.org/rdf/3.0.1/terms/Software/packageUrl
rdfs:comment"Provides a place for the SPDX data creator to record the package URL string -(in accordance with the -[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) -for a software Package."@en
> ] -# Nf00b81ad7ca44af6b4e61198049f4bae node121 -node121 [ shape=none, color=black label=<
Nf00b81ad7ca44af6b4e61198049f4bae
Nf00b81ad7ca44af6b4e61198049f4bae
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Nc71121b14f1c40ce805cf5a05fe1bca8 node122 -node122 [ shape=none, color=black label=<
Nc71121b14f1c40ce805cf5a05fe1bca8
Nc71121b14f1c40ce805cf5a05fe1bca8
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime node123 -node123 [ shape=none, color=black label=<
validUntilTime
https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime
rdfs:comment"Specifies until when the artifact can be used before its usage needs to be -reassessed."@en
> ] -# N0dd471ab68d44275a6aacff04d3bb7d2 node124 -node124 [ shape=none, color=black label=<
N0dd471ab68d44275a6aacff04d3bb7d2
N0dd471ab68d44275a6aacff04d3bb7d2
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense node125 -node125 [ shape=none, color=black label=<
hasConcludedLicense
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense
rdfs:comment"The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license."@en
> ] -# N04ac6770bf634125b05408f611696e51 node126 -node126 [ shape=none, color=black label=<
N04ac6770bf634125b05408f611696e51
N04ac6770bf634125b05408f611696e51
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low node127 -node127 [ shape=none, color=black label=<
low
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low
rdfs:comment"When a CVSS score is between 0.1 - 3.9"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType node128 -node128 [ shape=none, color=black label=<
VexJustificationType
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType
rdfs:comment"Specifies the VEX justification type."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/to node129 -node129 [ shape=none, color=black label=<
to
https://spdx.org/rdf/3.0.1/terms/Core/to
rdfs:comment"References an Element on the right-hand side of a relationship."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Element node130 -node130 [ shape=none, color=black label=<
Element
https://spdx.org/rdf/3.0.1/terms/Core/Element
rdfs:comment"Base domain class from which all other SPDX-3.0 domain classes derive."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric node131 -node131 [ shape=none, color=black label=<
numeric
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric
rdfs:comment"data consists only of numeric entries."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption node132 -node132 [ shape=none, color=black label=<
trainingEnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption
rdfs:comment"Specifies the amount of energy consumed when training the AI model that is -being used in the AI system."@en
> ] -# N4cb90559b80645efaea9a909d630af04 node133 -node133 [ shape=none, color=black label=<
N4cb90559b80645efaea9a909d630af04
N4cb90559b80645efaea9a909d630af04
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512 node134 -node134 [ shape=none, color=black label=<
sha3_512
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512
rdfs:comment"SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn node135 -node135 [ shape=none, color=black label=<
testedOn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn
rdfs:comment"(AI, Dataset) The `from` Element has been tested on the `to` Element(s)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType node136 -node136 [ shape=none, color=black label=<
RelationshipType
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType
rdfs:comment"Information about the relationship between two Elements."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant node137 -node137 [ shape=none, color=black label=<
hasVariant
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant
rdfs:comment"Every `to` Element is a variant the `from` Element (`from` hasVariant `to`)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Hash node138 -node138 [ shape=none, color=black label=<
Hash
https://spdx.org/rdf/3.0.1/terms/Core/Hash
rdfs:comment"A mathematically calculated representation of a grouping of data."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/lineRange node139 -node139 [ shape=none, color=black label=<
lineRange
https://spdx.org/rdf/3.0.1/terms/Software/lineRange
rdfs:comment"Defines the line range in the original host file that the snippet information -applies to."@en
> ] -# N7724b5cdf9c84e5dbb77919f50fafab2 node140 -node140 [ shape=none, color=black label=<
N7724b5cdf9c84e5dbb77919f50fafab2
N7724b5cdf9c84e5dbb77919f50fafab2
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Nb5273969c5d14e4099642493bef7d0f6 node141 -node141 [ shape=none, color=black label=<
Nb5273969c5d14e4099642493bef7d0f6
Nb5273969c5d14e4099642493bef7d0f6
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship node142 -node142 [ shape=none, color=black label=<
EpssVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship
rdfs:comment"Provides an EPSS assessment for a vulnerability."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete node143 -node143 [ shape=none, color=black label=<
complete
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete
rdfs:comment"The relationship is known to be exhaustive."@en
> ] -# N6c9a5745db4045c692aebffdbbe7577e node144 -node144 [ shape=none, color=black label=<
N6c9a5745db4045c692aebffdbbe7577e
N6c9a5745db4045c692aebffdbbe7577e
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator node145 -node145 [ shape=none, color=black label=<
OrLaterOperator
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator
rdfs:comment"Portion of an AnyLicenseInfo representing this version, or any later version, -of the indicated License."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve node146 -node146 [ shape=none, color=black label=<
cve
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve
rdfs:comment"Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem node147 -node147 [ shape=none, color=black label=<
operatingSystem
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem
rdfs:comment"the Element is an operating system"@en
> ] -# Nb60d2038f6f24ee48e5e895c8e8ee740 node148 -node148 [ shape=none, color=black label=<
Nb60d2038f6f24ee48e5e895c8e8ee740
Nb60d2038f6f24ee48e5e895c8e8ee740
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation node149 -node149 [ shape=none, color=black label=<
hasSensitivePersonalInformation
https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation
rdfs:comment"Describes if any sensitive personal information is present in the dataset."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container node150 -node150 [ shape=none, color=black label=<
container
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container
rdfs:comment"the Element is a container image which can be used by a container runtime application"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install node151 -node151 [ shape=none, color=black label=<
install
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install
rdfs:comment"the Element is used to install software on disk"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy node152 -node152 [ shape=none, color=black label=<
packagedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy
rdfs:comment"Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`)."@en
> ] -# N7a31f4fb5ef44278bf709330ae6eae53 node153 -node153 [ shape=none, color=black label=<
N7a31f4fb5ef44278bf709330ae6eae53
N7a31f4fb5ef44278bf709330ae6eae53
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom node154 -node154 [ shape=none, color=black label=<
availableFrom
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom
rdfs:comment"The `from` Element is available from the additional supplier described by each `to` Element."@en
> ] -# N9d882705a80d42e997d7752d345d5ead node155 -node155 [ shape=none, color=black label=<
N9d882705a80d42e997d7752d345d5ead
N9d882705a80d42e997d7752d345d5ead
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# Nf74455b40487401bacf0b5a805cd676b node156 -node156 [ shape=none, color=black label=<
Nf74455b40487401bacf0b5a805cd676b
Nf74455b40487401bacf0b5a805cd676b
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N35da6e225a6d494a96ebd930023c28f7 node157 -node157 [ shape=none, color=black label=<
N35da6e225a6d494a96ebd930023c28f7
N35da6e225a6d494a96ebd930023c28f7
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor node158 -node158 [ shape=none, color=black label=<
underInvestigationFor
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor
rdfs:comment"(Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy node159 -node159 [ shape=none, color=black label=<
reportedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy
rdfs:comment"(Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent."@en
> ] -# Nf7f6bc4271d04cee8faee878d57ac02a node160 -node160 [ shape=none, color=black label=<
Nf7f6bc4271d04cee8faee878d57ac02a
Nf7f6bc4271d04cee8faee878d57ac02a
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
sh:pattern"^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/created node161 -node161 [ shape=none, color=black label=<
created
https://spdx.org/rdf/3.0.1/terms/Core/created
rdfs:comment"Identifies when the Element was originally created."@en
> ] -# http://www.w3.org/2001/XMLSchema#dateTimeStamp node162 -node162 [ shape=none, color=black label=<
dateTimeStamp
http://www.w3.org/2001/XMLSchema#dateTimeStamp
> ] -# N6327102cbcb74664ab2216d4736c1dd6 node163 -node163 [ shape=none, color=black label=<
N6327102cbcb74664ab2216d4736c1dd6
N6327102cbcb74664ab2216d4736c1dd6
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification node164 -node164 [ shape=none, color=black label=<
hasSpecification
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification
rdfs:comment"Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period."@en
> ] -# Nc652d63861a94e258b52ef0606636b7e node165 -node165 [ shape=none, color=black label=<
Nc652d63861a94e258b52ef0606636b7e
Nc652d63861a94e258b52ef0606636b7e
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense node166 -node166 [ shape=none, color=black label=<
NoneLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense
rdfs:comment"An Individual Value for License where the SPDX data creator determines that no -license is present."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy node167 -node167 [ shape=none, color=black label=<
patchedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy
rdfs:comment"Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid node168 -node168 [ shape=none, color=black label=<
gitoid
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid
rdfs:comment"[Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency node169 -node169 [ shape=none, color=black label=<
hasProvidedDependency
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency
rdfs:comment"The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period."@en
> ] -# Nfa6200b25f1f4064bcec07904bb825a6 node170 -node170 [ shape=none, color=black label=<
Nfa6200b25f1f4064bcec07904bb825a6
Nfa6200b25f1f4064bcec07904bb825a6
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense node171 -node171 [ shape=none, color=black label=<
subjectLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense
rdfs:comment"A License participating in an 'or later' model."@en
> ] -# Ndfd684d7c05b467ea0e0ab3f0964e858 node172 -node172 [ shape=none, color=black label=<
Ndfd684d7c05b467ea0e0ab3f0964e858
Ndfd684d7c05b467ea0e0ab3f0964e858
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive node173 -node173 [ shape=none, color=black label=<
archive
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive
rdfs:comment"the Element is an archived collection of one or more files (.tar, .zip, etc)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/Snippet node174 -node174 [ shape=none, color=black label=<
Snippet
https://spdx.org/rdf/3.0.1/terms/Software/Snippet
rdfs:comment"Describes a certain part of a file."@en
> ] -# http://www.w3.org/ns/shacl#IRI node175 -node175 [ shape=none, color=black label=<
IRI
http://www.w3.org/ns/shacl#IRI
> ] -# N27252e69a03245368441034ac3cc5c9a node176 -node176 [ shape=none, color=black label=<
N27252e69a03245368441034ac3cc5c9a
N27252e69a03245368441034ac3cc5c9a
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap node177 -node177 [ shape=none, color=black label=<
ExternalMap
https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap
rdfs:comment"A map of Element identifiers that are used within a Document but defined external to that Document."@en
> ] -# Ncd59883a81b9406da696982287f14697 node178 -node178 [ shape=none, color=black label=<
Ncd59883a81b9406da696982287f14697
Ncd59883a81b9406da696982287f14697
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage node179 -node179 [ shape=none, color=black label=<
DatasetPackage
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage
rdfs:comment"Specifies a data package and its associated information."@en
> ] -# Nacd7399b876d498ebecec321036204f4 node180 -node180 [ shape=none, color=black label=<
Nacd7399b876d498ebecec321036204f4
Nacd7399b876d498ebecec321036204f4
> ] -# Nd1e380e08b9a4284b5f95c19ff5bba4d node181 -node181 [ shape=none, color=black label=<
Nd1e380e08b9a4284b5f95c19ff5bba4d
Nd1e380e08b9a4284b5f95c19ff5bba4d
sh:maxCount"1"^^xsd:integer
> ] -# N20c44a71e2b6478a935477b3341ca177 node182 -node182 [ shape=none, color=black label=<
N20c44a71e2b6478a935477b3341ca177
N20c44a71e2b6478a935477b3341ca177
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red node183 -node183 [ shape=none, color=black label=<
red
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red
rdfs:comment"Data points in the dataset are highly confidential and can only be shared with named recipients."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/hashValue node184 -node184 [ shape=none, color=black label=<
hashValue
https://spdx.org/rdf/3.0.1/terms/Core/hashValue
rdfs:comment"The result of applying a hash algorithm to an Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther node185 -node185 [ shape=none, color=black label=<
securityOther
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther
rdfs:comment"A reference to related security information of unspecified type."@en
> ] -# Nf694f7ed838143b0be5c702ce1972914 node186 -node186 [ shape=none, color=black label=<
Nf694f7ed838143b0be5c702ce1972914
Nf694f7ed838143b0be5c702ce1972914
> ] -# http://www.w3.org/ns/shacl#BlankNodeOrIRI node187 -node187 [ shape=none, color=black label=<
BlankNodeOrIRI
http://www.w3.org/ns/shacl#BlankNodeOrIRI
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium node188 -node188 [ shape=none, color=black label=<
crystalsDilithium
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium
rdfs:comment"[Dilithium](https://pq-crystals.org/dilithium/)"@en
> ] -# N4a1c1b7fc91740429c6dcb48d57cea58 node189 -node189 [ shape=none, color=black label=<
N4a1c1b7fc91740429c6dcb48d57cea58
N4a1c1b7fc91740429c6dcb48d57cea58
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source node190 -node190 [ shape=none, color=black label=<
source
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source
rdfs:comment"the Element is a single or a collection of source files"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/AIPackage node191 -node191 [ shape=none, color=black label=<
AIPackage
https://spdx.org/rdf/3.0.1/terms/AI/AIPackage
rdfs:comment"Specifies an AI package and its associated information."@en
> ] -# N9e5ea3c1605c4c2580cb346739f79bb3 node192 -node192 [ shape=none, color=black label=<
N9e5ea3c1605c4c2580cb346739f79bb3
N9e5ea3c1605c4c2580cb346739f79bb3
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/profileConformance node193 -node193 [ shape=none, color=black label=<
profileConformance
https://spdx.org/rdf/3.0.1/terms/Core/profileConformance
rdfs:comment"Describes one a profile which the creator of this ElementCollection intends to -conform to."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType node194 -node194 [ shape=none, color=black label=<
ProfileIdentifierType
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType
rdfs:comment"Enumeration of the valid profiles."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/score node195 -node195 [ shape=none, color=black label=<
score
https://spdx.org/rdf/3.0.1/terms/Security/score
rdfs:comment"Provides a numerical (0-10) representation of the severity of a vulnerability."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256 node196 -node196 [ shape=none, color=black label=<
sha256
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256
rdfs:comment"SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid node197 -node197 [ shape=none, color=black label=<
gitoid
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid
rdfs:comment"Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType node198 -node198 [ shape=none, color=black label=<
ContentIdentifierType
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType
rdfs:comment"Specifies the type of a content identifier."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Bom node199 -node199 [ shape=none, color=black label=<
Bom
https://spdx.org/rdf/3.0.1/terms/Core/Bom
rdfs:comment"A container for a grouping of SPDX-3.0 content characterizing details -(provenence, composition, licensing, etc.) about a product."@en
> ] -# Nb785ed25d4024ef185b91a84abd92a98 node200 -node200 [ shape=none, color=black label=<
Nb785ed25d4024ef185b91a84abd92a98
Nb785ed25d4024ef185b91a84abd92a98
> ] -# N265a8e048b0b4ca990c968b6c2e33bb7 node201 -node201 [ shape=none, color=black label=<
N265a8e048b0b4ca990c968b6c2e33bb7
N265a8e048b0b4ca990c968b6c2e33bb7
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator node202 -node202 [ shape=none, color=black label=<
WithAdditionOperator
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator
rdfs:comment"Portion of an AnyLicenseInfo representing a License which has additional -text applied to it."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat node203 -node203 [ shape=none, color=black label=<
chat
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat
rdfs:comment"A reference to the instant messaging system used by the maintainer for a package."@en
> ] -# N1b79db887aba439b84c4d953b6b6292d node204 -node204 [ shape=none, color=black label=<
N1b79db887aba439b84c4d953b6b6292d
N1b79db887aba439b84c4d953b6b6292d
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType node205 -node205 [ shape=none, color=black label=<
PresenceType
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType
rdfs:comment"Categories of presence or absence."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship node206 -node206 [ shape=none, color=black label=<
VexAffectedVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship
rdfs:comment"Connects a vulnerability and an element designating the element as a product -affected by the vulnerability."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete node207 -node207 [ shape=none, color=black label=<
incomplete
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete
rdfs:comment"The relationship is known not to be exhaustive."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other node208 -node208 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other
rdfs:comment"A relationship has other specific context information necessary to capture that the above set of enumerations does not handle."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest node209 -node209 [ shape=none, color=black label=<
hasTest
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest
rdfs:comment"Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy node210 -node210 [ shape=none, color=black label=<
invokedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy
rdfs:comment"The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/probability node211 -node211 [ shape=none, color=black label=<
probability
https://spdx.org/rdf/3.0.1/terms/Security/probability
rdfs:comment"A probability score between 0 and 1 of a vulnerability being exploited."@en
> ] -# N0cbc1bd2d09641ac8c57b62b44548404 node212 -node212 [ shape=none, color=black label=<
N0cbc1bd2d09641ac8c57b62b44548404
N0cbc1bd2d09641ac8c57b62b44548404
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample node213 -node213 [ shape=none, color=black label=<
hasExample
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample
rdfs:comment"Every `to` Element is an example for the `from` Element (`from` hasExample `to`)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText node214 -node214 [ shape=none, color=black label=<
SimpleLicensingText
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText
rdfs:comment"A license or addition that is not listed on the SPDX License List."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green node215 -node215 [ shape=none, color=black label=<
green
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green
rdfs:comment"Dataset can be shared within a community of peers and partners."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration node216 -node216 [ shape=none, color=black label=<
registration
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration
rdfs:comment"the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn node217 -node217 [ shape=none, color=black label=<
fixedIn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn
rdfs:comment"(Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships."@en
> ] -# N116eda482e4e425b9d517b4425e4b035 node218 -node218 [ shape=none, color=black label=<
N116eda482e4e425b9d517b4425e4b035
N116eda482e4e425b9d517b4425e4b035
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension node219 -node219 [ shape=none, color=black label=<
extension
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension
rdfs:comment"the element follows the Extension profile specification"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType node220 -node220 [ shape=none, color=black label=<
ConfidentialityLevelType
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType
rdfs:comment"Categories of confidentiality level."@en
> ] -# N78bf09805a494d5690a53a1d41c823b9 node221 -node221 [ shape=none, color=black label=<
N78bf09805a494d5690a53a1d41c823b9
N78bf09805a494d5690a53a1d41c823b9
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition node222 -node222 [ shape=none, color=black label=<
LicenseAddition
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition
rdfs:comment"Abstract class for additional text intended to be added to a License, but + node603 -> node622 [ color=BLACK, label=< sh:path > ] ; + node832 -> node173 [ color=BLACK, label=< rdf:type > ] ; + node845 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node466 -> node684 [ color=BLACK, label=< sh:property > ] ; + node944 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node968 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node969 -> node827 [ color=BLACK, label=< rdf:first > ] ; + node516 -> node747 [ color=BLACK, label=< rdf:rest > ] ; + node192 -> node818 [ color=BLACK, label=< sh:property > ] ; + node669 -> node400 [ color=BLACK, label=< rdf:rest > ] ; + node209 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node665 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node400 -> node430 [ color=BLACK, label=< rdf:rest > ] ; + node152 -> node831 [ color=BLACK, label=< sh:property > ] ; + node72 -> node514 [ color=BLACK, label=< sh:property > ] ; + node970 -> node494 [ color=BLACK, label=< rdf:first > ] ; + node529 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node381 -> node815 [ color=BLACK, label=< sh:property > ] ; + node825 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node971 -> node717 [ color=BLACK, label=< rdf:first > ] ; + node972 -> node973 [ color=BLACK, label=< rdf:rest > ] ; + node194 -> node257 [ color=BLACK, label=< sh:property > ] ; + node957 -> node972 [ color=BLACK, label=< rdf:rest > ] ; + node102 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node755 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node528 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node684 -> node766 [ color=BLACK, label=< sh:path > ] ; + node574 -> node562 [ color=BLACK, label=< rdf:rest > ] ; + node267 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node536 -> node144 [ color=BLACK, label=< rdfs:range > ] ; + node431 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node545 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node447 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node388 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node172 -> node152 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node715 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node619 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node507 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node671 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node537 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node40 -> node37 [ color=BLACK, label=< sh:property > ] ; + node923 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node229 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node838 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node72 -> node591 [ color=BLACK, label=< sh:property > ] ; + node469 -> node309 [ color=BLACK, label=< rdf:first > ] ; + node169 -> node779 [ color=BLACK, label=< rdf:rest > ] ; + node887 -> node975 [ color=BLACK, label=< rdf:rest > ] ; + node824 -> node610 [ color=BLACK, label=< rdf:rest > ] ; + node157 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node11 -> node507 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node276 -> node191 [ color=BLACK, label=< sh:path > ] ; + node597 -> node607 [ color=BLACK, label=< rdf:first > ] ; + node924 -> node976 [ color=BLACK, label=< rdf:first > ] ; + node567 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node78 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node822 -> node666 [ color=BLACK, label=< rdf:rest > ] ; + node6 -> node650 [ color=BLACK, label=< rdf:first > ] ; + node135 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node506 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node82 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node546 -> node11 [ color=BLACK, label=< rdfs:range > ] ; + node977 -> node641 [ color=BLACK, label=< rdf:first > ] ; + node33 -> node654 [ color=BLACK, label=< sh:property > ] ; + node17 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node881 -> node299 [ color=BLACK, label=< sh:path > ] ; + node556 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node253 -> node477 [ color=BLACK, label=< sh:class > ] ; + node24 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node531 -> node341 [ color=BLACK, label=< sh:class > ] ; + node416 -> node627 [ color=BLACK, label=< sh:class > ] ; + node608 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node773 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node306 -> node222 [ color=BLACK, label=< sh:property > ] ; + node978 -> node46 [ color=BLACK, label=< rdf:first > ] ; + node520 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node42 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node63 -> node278 [ color=BLACK, label=< sh:property > ] ; + node979 -> node532 [ color=BLACK, label=< rdf:first > ] ; + node114 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node814 -> node22 [ color=BLACK, label=< rdfs:range > ] ; + node736 -> node927 [ color=BLACK, label=< sh:path > ] ; + node980 -> node805 [ color=BLACK, label=< rdf:first > ] ; + node337 -> node422 [ color=BLACK, label=< sh:path > ] ; + node4 -> node341 [ color=BLACK, label=< rdfs:range > ] ; + node199 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node981 -> node96 [ color=BLACK, label=< rdf:rest > ] ; + node800 -> node569 [ color=BLACK, label=< rdf:rest > ] ; + node291 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node334 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node882 -> node965 [ color=BLACK, label=< rdf:rest > ] ; + node784 -> node982 [ color=BLACK, label=< rdf:rest > ] ; + node757 -> node331 [ color=BLACK, label=< rdf:first > ] ; + node438 -> node874 [ color=BLACK, label=< rdf:first > ] ; + node3 -> node65 [ color=BLACK, label=< rdf:first > ] ; + node683 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node983 -> node773 [ color=BLACK, label=< rdf:first > ] ; + node374 -> node639 [ color=BLACK, label=< rdf:first > ] ; + node689 -> node75 [ color=BLACK, label=< sh:class > ] ; + node984 -> node543 [ color=BLACK, label=< rdf:rest > ] ; + node716 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node985 -> node395 [ color=BLACK, label=< rdf:rest > ] ; + node666 -> node545 [ color=BLACK, label=< rdf:first > ] ; + node482 -> node185 [ color=BLACK, label=< rdf:type > ] ; + node3 -> node761 [ color=BLACK, label=< rdf:rest > ] ; + node555 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node225 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node942 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node603 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node986 -> node987 [ color=BLACK, label=< rdf:rest > ] ; + node561 -> node719 [ color=BLACK, label=< sh:property > ] ; + node448 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node259 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node642 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node386 -> node17 [ color=BLACK, label=< rdf:type > ] ; + node98 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node620 -> node988 [ color=BLACK, label=< rdf:rest > ] ; + node275 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node410 -> node732 [ color=BLACK, label=< rdf:first > ] ; + node817 -> node454 [ color=BLACK, label=< sh:datatype > ] ; + node853 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node249 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node283 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node612 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node389 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node481 -> node989 [ color=BLACK, label=< rdf:rest > ] ; + node172 -> node227 [ color=BLACK, label=< sh:property > ] ; + node692 -> node990 [ color=BLACK, label=< rdf:first > ] ; + node72 -> node567 [ color=BLACK, label=< sh:property > ] ; + node433 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node255 -> node62 [ color=BLACK, label=< sh:class > ] ; + node619 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node509 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node316 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node695 -> node277 [ color=BLACK, label=< sh:property > ] ; + node821 -> node103 [ color=BLACK, label=< rdf:first > ] ; + node991 -> node784 [ color=BLACK, label=< rdf:rest > ] ; + node600 -> node542 [ color=BLACK, label=< rdfs:range > ] ; + node631 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node571 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node693 -> node992 [ color=BLACK, label=< rdf:rest > ] ; + node791 -> node636 [ color=BLACK, label=< rdfs:range > ] ; + node993 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node930 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node310 -> node477 [ color=BLACK, label=< rdfs:range > ] ; + node627 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node11 -> node734 [ color=BLACK, label=< sh:property > ] ; + node967 -> node554 [ color=BLACK, label=< rdf:first > ] ; + node995 -> node270 [ color=BLACK, label=< rdf:first > ] ; + node872 -> node382 [ color=BLACK, label=< sh:path > ] ; + node533 -> node860 [ color=BLACK, label=< sh:class > ] ; + node460 -> node697 [ color=BLACK, label=< rdf:rest > ] ; + node181 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node962 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node357 -> node216 [ color=BLACK, label=< rdf:first > ] ; + node129 -> node724 [ color=BLACK, label=< rdf:first > ] ; + node74 -> node412 [ color=BLACK, label=< sh:path > ] ; + node56 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node947 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node619 -> node235 [ color=BLACK, label=< sh:property > ] ; + node973 -> node781 [ color=BLACK, label=< rdf:first > ] ; + node880 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node689 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node705 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node996 -> node556 [ color=BLACK, label=< rdf:first > ] ; + node240 -> node788 [ color=BLACK, label=< sh:property > ] ; + node154 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node101 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node258 -> node611 [ color=BLACK, label=< sh:path > ] ; + node587 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node998 -> node207 [ color=BLACK, label=< rdf:rest > ] ; + node302 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node684 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node335 -> node184 [ color=BLACK, label=< sh:path > ] ; + node413 -> node924 [ color=BLACK, label=< rdf:rest > ] ; + node271 -> node311 [ color=BLACK, label=< rdf:first > ] ; + node677 -> node448 [ color=BLACK, label=< rdf:first > ] ; + node718 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node796 -> node653 [ color=BLACK, label=< rdf:type > ] ; + node230 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node944 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node594 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node77 -> node62 [ color=BLACK, label=< rdfs:range > ] ; + node11 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node137 -> node836 [ color=BLACK, label=< rdf:first > ] ; + node936 -> node958 [ color=BLACK, label=< rdf:first > ] ; + node148 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node863 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node242 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node626 -> node28 [ color=BLACK, label=< rdfs:range > ] ; + node693 -> node444 [ color=BLACK, label=< rdf:first > ] ; + node312 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node91 -> node155 [ color=BLACK, label=< sh:class > ] ; + node599 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node555 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node132 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node1000 -> node523 [ color=BLACK, label=< sh:class > ] ; + node960 -> node199 [ color=BLACK, label=< rdf:first > ] ; + node630 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node919 -> node746 [ color=BLACK, label=< rdf:rest > ] ; + node273 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node962 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node1001 -> node107 [ color=BLACK, label=< rdf:rest > ] ; + node83 -> node504 [ color=BLACK, label=< sh:path > ] ; + node640 -> node861 [ color=BLACK, label=< sh:path > ] ; + node1002 -> node325 [ color=BLACK, label=< rdf:first > ] ; + node641 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node488 -> node502 [ color=BLACK, label=< sh:path > ] ; + node538 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node807 -> node702 [ color=BLACK, label=< rdf:first > ] ; + node802 -> node182 [ color=BLACK, label=< rdf:first > ] ; + node999 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node373 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node845 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node120 -> node405 [ color=BLACK, label=< sh:property > ] ; + node167 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node17 -> node931 [ color=BLACK, label=< sh:property > ] ; + node995 -> node848 [ color=BLACK, label=< rdf:rest > ] ; + node259 -> node993 [ color=BLACK, label=< sh:path > ] ; + node429 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node149 -> node211 [ color=BLACK, label=< sh:class > ] ; + node671 -> node883 [ color=BLACK, label=< sh:path > ] ; + node935 -> node523 [ color=BLACK, label=< rdfs:range > ] ; + node339 -> node673 [ color=BLACK, label=< rdf:first > ] ; + node364 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node7 -> node1003 [ color=BLACK, label=< rdf:first > ] ; + node891 -> node362 [ color=BLACK, label=< sh:path > ] ; + node729 -> node739 [ color=BLACK, label=< rdf:rest > ] ; + node798 -> node904 [ color=BLACK, label=< sh:path > ] ; + node753 -> node322 [ color=BLACK, label=< rdf:rest > ] ; + node777 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node64 -> node298 [ color=BLACK, label=< sh:property > ] ; + node26 -> node985 [ color=BLACK, label=< rdf:rest > ] ; + node63 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node257 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node38 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node70 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node636 -> node873 [ color=BLACK, label=< sh:property > ] ; + node240 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node171 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node739 -> node951 [ color=BLACK, label=< rdf:first > ] ; + node194 -> node823 [ color=BLACK, label=< sh:property > ] ; + node769 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node47 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node82 -> node716 [ color=BLACK, label=< sh:property > ] ; + node323 -> node460 [ color=BLACK, label=< rdf:rest > ] ; + node372 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node783 -> node12 [ color=BLACK, label=< sh:property > ] ; + node72 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node495 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node95 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node872 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node17 -> node940 [ color=BLACK, label=< sh:property > ] ; + node603 -> node214 [ color=BLACK, label=< sh:class > ] ; + node274 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node148 -> node568 [ color=BLACK, label=< sh:property > ] ; + node418 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node889 -> node351 [ color=BLACK, label=< rdf:first > ] ; + node852 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node90 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node755 -> node593 [ color=BLACK, label=< sh:path > ] ; + node1004 -> node369 [ color=BLACK, label=< rdf:rest > ] ; + node72 -> node167 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node342 -> node425 [ color=BLACK, label=< sh:path > ] ; + node329 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node134 -> node88 [ color=BLACK, label=< sh:in > ] ; + node485 -> node404 [ color=BLACK, label=< sh:property > ] ; + node98 -> node135 [ color=BLACK, label=< rdf:type > ] ; + node197 -> node601 [ color=BLACK, label=< rdf:rest > ] ; + node296 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node526 -> node6 [ color=BLACK, label=< rdf:rest > ] ; + node71 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node369 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node178 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node394 -> node749 [ color=BLACK, label=< sh:path > ] ; + node105 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node72 -> node282 [ color=BLACK, label=< sh:property > ] ; + node820 -> node347 [ color=BLACK, label=< rdf:first > ] ; + node116 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node619 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node586 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node965 -> node292 [ color=BLACK, label=< rdf:first > ] ; + node755 -> node288 [ color=BLACK, label=< sh:class > ] ; + node64 -> node496 [ color=BLACK, label=< sh:property > ] ; + node594 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node805 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node663 -> node704 [ color=BLACK, label=< sh:path > ] ; + node829 -> node740 [ color=BLACK, label=< sh:path > ] ; + node655 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node598 -> node236 [ color=BLACK, label=< rdf:rest > ] ; + node759 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node970 -> node559 [ color=BLACK, label=< rdf:rest > ] ; + node534 -> node330 [ color=BLACK, label=< sh:path > ] ; + node151 -> node80 [ color=BLACK, label=< sh:class > ] ; + node331 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node761 -> node748 [ color=BLACK, label=< rdf:first > ] ; + node1005 -> node620 [ color=BLACK, label=< rdf:rest > ] ; + node208 -> node657 [ color=BLACK, label=< rdf:first > ] ; + node778 -> node144 [ color=BLACK, label=< rdfs:range > ] ; + node600 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node763 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node370 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node670 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node194 -> node224 [ color=BLACK, label=< sh:property > ] ; + node1006 -> node442 [ color=BLACK, label=< rdf:rest > ] ; + node359 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node353 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node702 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node10 -> node546 [ color=BLACK, label=< sh:path > ] ; + node724 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node790 -> node378 [ color=BLACK, label=< rdf:rest > ] ; + node856 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node144 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node267 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node490 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node336 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node49 -> node922 [ color=BLACK, label=< sh:path > ] ; + node306 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node709 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node588 -> node28 [ color=BLACK, label=< rdfs:range > ] ; + node63 -> node342 [ color=BLACK, label=< sh:property > ] ; + node707 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node582 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node874 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node411 -> node239 [ color=BLACK, label=< rdf:first > ] ; + node930 -> node477 [ color=BLACK, label=< rdfs:range > ] ; + node1001 -> node884 [ color=BLACK, label=< rdf:first > ] ; + node442 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node723 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node387 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node911 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node97 -> node983 [ color=BLACK, label=< rdf:rest > ] ; + node256 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node948 -> node1007 [ color=BLACK, label=< rdf:rest > ] ; + node699 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node676 -> node352 [ color=BLACK, label=< rdf:rest > ] ; + node339 -> node807 [ color=BLACK, label=< rdf:rest > ] ; + node645 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node577 -> node436 [ color=BLACK, label=< rdf:first > ] ; + node987 -> node312 [ color=BLACK, label=< rdf:first > ] ; + node293 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node25 -> node519 [ color=BLACK, label=< rdf:first > ] ; + node848 -> node711 [ color=BLACK, label=< rdf:rest > ] ; + node456 -> node723 [ color=BLACK, label=< rdf:first > ] ; + node44 -> node595 [ color=BLACK, label=< rdf:first > ] ; + node899 -> node201 [ color=BLACK, label=< sh:class > ] ; + node951 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node726 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node127 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node122 -> node345 [ color=BLACK, label=< rdf:first > ] ; + node175 -> node877 [ color=BLACK, label=< rdf:type > ] ; + node989 -> node279 [ color=BLACK, label=< rdf:first > ] ; + node1008 -> node377 [ color=BLACK, label=< rdf:rest > ] ; + node727 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node945 -> node509 [ color=BLACK, label=< sh:path > ] ; + node748 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node764 -> node148 [ color=BLACK, label=< rdfs:range > ] ; + node1009 -> node955 [ color=BLACK, label=< sh:path > ] ; + node747 -> node583 [ color=BLACK, label=< rdf:rest > ] ; + node141 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node831 -> node301 [ color=BLACK, label=< sh:path > ] ; + node458 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node668 -> node136 [ color=BLACK, label=< rdf:rest > ] ; + node660 -> node834 [ color=BLACK, label=< rdf:type > ] ; + node420 -> node555 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node103 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node1004 -> node553 [ color=BLACK, label=< rdf:first > ] ; + node759 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node893 -> node188 [ color=BLACK, label=< rdf:rest > ] ; + node195 -> node634 [ color=BLACK, label=< rdf:rest > ] ; + node510 -> node952 [ color=BLACK, label=< rdf:rest > ] ; + node1008 -> node23 [ color=BLACK, label=< rdf:first > ] ; + node540 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node355 -> node709 [ color=BLACK, label=< rdf:first > ] ; + node440 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node912 -> node1010 [ color=BLACK, label=< rdf:first > ] ; + node176 -> node473 [ color=BLACK, label=< rdf:first > ] ; + node507 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node649 -> node770 [ color=BLACK, label=< sh:path > ] ; + node487 -> node108 [ color=BLACK, label=< rdfs:range > ] ; + node42 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node64 -> node121 [ color=BLACK, label=< sh:property > ] ; + node386 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node33 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node396 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node11 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node259 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node265 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node679 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node898 -> node902 [ color=BLACK, label=< rdf:rest > ] ; + node755 -> node882 [ color=BLACK, label=< sh:in > ] ; + node194 -> node715 [ color=BLACK, label=< sh:property > ] ; + node566 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node11 -> node623 [ color=BLACK, label=< sh:property > ] ; + node432 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node623 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node166 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node144 -> node589 [ color=BLACK, label=< sh:property > ] ; + node789 -> node144 [ color=BLACK, label=< sh:class > ] ; + node908 -> node1011 [ color=BLACK, label=< rdf:rest > ] ; + node337 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node167 -> node829 [ color=BLACK, label=< sh:property > ] ; + node99 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node628 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node119 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node796 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node630 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node509 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node434 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node298 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node881 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node289 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node964 -> node554 [ color=BLACK, label=< rdf:first > ] ; + node929 -> node908 [ color=BLACK, label=< rdf:rest > ] ; + node40 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node228 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node510 -> node886 [ color=BLACK, label=< rdf:first > ] ; + node330 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node247 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node519 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node23 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node738 -> node627 [ color=BLACK, label=< sh:class > ] ; + node917 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node419 -> node728 [ color=BLACK, label=< sh:path > ] ; + node818 -> node407 [ color=BLACK, label=< sh:path > ] ; + node286 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node182 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node60 -> node343 [ color=BLACK, label=< sh:path > ] ; + node1012 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node80 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node627 -> node537 [ color=BLACK, label=< sh:property > ] ; + node1011 -> node493 [ color=BLACK, label=< rdf:rest > ] ; + node120 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node40 -> node113 [ color=BLACK, label=< sh:property > ] ; + node594 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node1013 -> node350 [ color=BLACK, label=< rdf:first > ] ; + node1003 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node1014 -> node171 [ color=BLACK, label=< rdf:first > ] ; + node334 -> node268 [ color=BLACK, label=< sh:property > ] ; + node1015 -> node969 [ color=BLACK, label=< rdf:rest > ] ; + node785 -> node211 [ color=BLACK, label=< rdfs:range > ] ; + node832 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node268 -> node826 [ color=BLACK, label=< sh:path > ] ; + node954 -> node557 [ color=BLACK, label=< rdf:first > ] ; + node961 -> node225 [ color=BLACK, label=< sh:path > ] ; + node552 -> node860 [ color=BLACK, label=< rdf:type > ] ; + node181 -> node735 [ color=BLACK, label=< sh:path > ] ; + node385 -> node515 [ color=BLACK, label=< rdf:first > ] ; + node861 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node215 -> node774 [ color=BLACK, label=< sh:path > ] ; + node764 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node124 -> node243 [ color=BLACK, label=< sh:property > ] ; + node7 -> node615 [ color=BLACK, label=< rdf:rest > ] ; + node819 -> node326 [ color=BLACK, label=< rdf:first > ] ; + node340 -> node857 [ color=BLACK, label=< sh:path > ] ; + node466 -> node194 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node823 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node579 -> node43 [ color=BLACK, label=< rdf:first > ] ; + node17 -> node726 [ color=BLACK, label=< sh:property > ] ; + node946 -> node84 [ color=BLACK, label=< rdf:rest > ] ; + node124 -> node157 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node975 -> node234 [ color=BLACK, label=< rdf:first > ] ; + node214 -> node276 [ color=BLACK, label=< sh:property > ] ; + node9 -> node33 [ color=BLACK, label=< rdfs:range > ] ; + node876 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node821 -> node1014 [ color=BLACK, label=< rdf:rest > ] ; + node615 -> node380 [ color=BLACK, label=< rdf:rest > ] ; + node808 -> node1008 [ color=BLACK, label=< rdf:rest > ] ; + node1002 -> node986 [ color=BLACK, label=< rdf:rest > ] ; + node92 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node80 -> node572 [ color=BLACK, label=< sh:property > ] ; + node282 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node1015 -> node1016 [ color=BLACK, label=< rdf:first > ] ; + node524 -> node787 [ color=BLACK, label=< sh:path > ] ; + node922 -> node834 [ color=BLACK, label=< rdfs:range > ] ; + node898 -> node95 [ color=BLACK, label=< rdf:first > ] ; + node523 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node734 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node1017 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node886 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node458 -> node495 [ color=BLACK, label=< sh:property > ] ; + node533 -> node878 [ color=BLACK, label=< sh:path > ] ; + node391 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node533 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node607 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node494 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node818 -> node144 [ color=BLACK, label=< sh:class > ] ; + node967 -> node1018 [ color=BLACK, label=< rdf:rest > ] ; + node811 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node402 -> node928 [ color=BLACK, label=< rdf:first > ] ; + node695 -> node801 [ color=BLACK, label=< sh:property > ] ; + node585 -> node653 [ color=BLACK, label=< rdf:type > ] ; + node147 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node490 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node360 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node632 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node862 -> node846 [ color=BLACK, label=< rdf:rest > ] ; + node969 -> node824 [ color=BLACK, label=< rdf:rest > ] ; + node32 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node981 -> node445 [ color=BLACK, label=< rdf:first > ] ; + node1018 -> node731 [ color=BLACK, label=< rdf:rest > ] ; + node1006 -> node685 [ color=BLACK, label=< rdf:first > ] ; + node237 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node998 -> node475 [ color=BLACK, label=< rdf:first > ] ; + node719 -> node627 [ color=BLACK, label=< sh:class > ] ; + node846 -> node373 [ color=BLACK, label=< rdf:first > ] ; + node393 -> node106 [ color=BLACK, label=< sh:path > ] ; + node14 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node845 -> node1009 [ color=BLACK, label=< sh:property > ] ; + node214 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node939 -> node694 [ color=BLACK, label=< sh:path > ] ; + node899 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node827 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node466 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node1019 -> node187 [ color=BLACK, label=< rdf:first > ] ; + node952 -> node925 [ color=BLACK, label=< rdf:rest > ] ; + node230 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node246 -> node1020 [ color=BLACK, label=< rdf:rest > ] ; + node75 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node918 -> node295 [ color=BLACK, label=< rdf:first > ] ; + node33 -> node263 [ color=BLACK, label=< sh:property > ] ; + node54 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node937 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node783 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node715 -> node17 [ color=BLACK, label=< sh:class > ] ; + node720 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node106 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node1005 -> node804 [ color=BLACK, label=< rdf:first > ] ; + node840 -> node46 [ color=BLACK, label=< rdf:first > ] ; + node966 -> node879 [ color=BLACK, label=< rdf:rest > ] ; + node295 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node1018 -> node570 [ color=BLACK, label=< rdf:first > ] ; + node242 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node673 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node213 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node789 -> node434 [ color=BLACK, label=< sh:path > ] ; + node148 -> node232 [ color=BLACK, label=< sh:property > ] ; + node282 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node408 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node931 -> node916 [ color=BLACK, label=< sh:path > ] ; + node220 -> node897 [ color=BLACK, label=< rdf:rest > ] ; + node608 -> node780 [ color=BLACK, label=< sh:property > ] ; + node507 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node845 -> node619 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node864 -> node415 [ color=BLACK, label=< rdf:first > ] ; + node328 -> node285 [ color=BLACK, label=< rdfs:range > ] ; + node501 -> node178 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node201 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node978 -> node125 [ color=BLACK, label=< rdf:rest > ] ; + node332 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node374 -> node978 [ color=BLACK, label=< rdf:rest > ] ; + node198 -> node341 [ color=BLACK, label=< rdf:type > ] ; + node1021 -> node325 [ color=BLACK, label=< rdf:first > ] ; + node710 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node720 -> node627 [ color=BLACK, label=< rdfs:range > ] ; + node157 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node409 -> node133 [ color=BLACK, label=< sh:class > ] ; + node621 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node872 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node680 -> node984 [ color=BLACK, label=< rdf:rest > ] ; + node246 -> node552 [ color=BLACK, label=< rdf:first > ] ; + node911 -> node104 [ color=BLACK, label=< rdf:first > ] ; + node488 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node73 -> node417 [ color=BLACK, label=< sh:in > ] ; + node916 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node675 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node314 -> node750 [ color=BLACK, label=< sh:path > ] ; + node891 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node149 -> node785 [ color=BLACK, label=< sh:path > ] ; + node491 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node516 -> node140 [ color=BLACK, label=< rdf:first > ] ; + node149 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node232 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node802 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node542 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node54 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node333 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node974 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node448 -> node57 [ color=BLACK, label=< rdf:type > ] ; + node806 -> node333 [ color=BLACK, label=< rdf:first > ] ; + node712 -> node440 [ color=BLACK, label=< rdf:first > ] ; + node149 -> node530 [ color=BLACK, label=< sh:in > ] ; + node137 -> node606 [ color=BLACK, label=< rdf:rest > ] ; + node909 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node951 -> node428 [ color=BLACK, label=< rdf:type > ] ; + node269 -> node32 [ color=BLACK, label=< sh:class > ] ; + node919 -> node364 [ color=BLACK, label=< rdf:first > ] ; + node0 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node837 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node467 -> node454 [ color=BLACK, label=< sh:datatype > ] ; + node239 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node811 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node300 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node502 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node816 -> node638 [ color=BLACK, label=< sh:in > ] ; + node779 -> node421 [ color=BLACK, label=< rdf:rest > ] ; + node843 -> node413 [ color=BLACK, label=< rdf:rest > ] ; + node50 -> node517 [ color=BLACK, label=< rdf:rest > ] ; + node74 -> node64 [ color=BLACK, label=< sh:class > ] ; + node253 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node547 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node321 -> node157 [ color=BLACK, label=< rdfs:range > ] ; + node873 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node1014 -> node875 [ color=BLACK, label=< rdf:rest > ] ; + node451 -> node250 [ color=BLACK, label=< rdf:first > ] ; + node511 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node861 -> node555 [ color=BLACK, label=< rdfs:range > ] ; + node303 -> node653 [ color=BLACK, label=< sh:class > ] ; + node698 -> node505 [ color=BLACK, label=< rdf:first > ] ; + node555 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node929 -> node119 [ color=BLACK, label=< rdf:first > ] ; + node954 -> node1019 [ color=BLACK, label=< rdf:rest > ] ; + node801 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node982 -> node551 [ color=BLACK, label=< rdf:first > ] ; + node87 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node835 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node261 -> node977 [ color=BLACK, label=< rdf:rest > ] ; + node230 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node513 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node678 -> node1022 [ color=BLACK, label=< rdf:rest > ] ; + node638 -> node840 [ color=BLACK, label=< rdf:rest > ] ; + node293 -> node28 [ color=BLACK, label=< sh:datatype > ] ; + node27 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node45 -> node913 [ color=BLACK, label=< rdf:rest > ] ; + node203 -> node433 [ color=BLACK, label=< rdf:first > ] ; + node128 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node567 -> node953 [ color=BLACK, label=< sh:path > ] ; + node743 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node112 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node485 -> node798 [ color=BLACK, label=< sh:property > ] ; + node869 -> node103 [ color=BLACK, label=< rdf:first > ] ; + node496 -> node555 [ color=BLACK, label=< sh:class > ] ; + node960 -> node862 [ color=BLACK, label=< rdf:rest > ] ; + node604 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node407 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node425 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node884 -> node135 [ color=BLACK, label=< rdf:type > ] ; + node590 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node541 -> node28 [ color=BLACK, label=< rdfs:range > ] ; + node623 -> node498 [ color=BLACK, label=< sh:path > ] ; + node360 -> node962 [ color=BLACK, label=< sh:property > ] ; + node1003 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node879 -> node970 [ color=BLACK, label=< rdf:rest > ] ; + node1023 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node841 -> node590 [ color=BLACK, label=< rdf:first > ] ; + node248 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node695 -> node961 [ color=BLACK, label=< sh:property > ] ; + node426 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node793 -> node946 [ color=BLACK, label=< rdf:rest > ] ; + node910 -> node792 [ color=BLACK, label=< sh:path > ] ; + node733 -> node354 [ color=BLACK, label=< sh:path > ] ; + node565 -> node887 [ color=BLACK, label=< rdf:rest > ] ; + node904 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node589 -> node576 [ color=BLACK, label=< sh:path > ] ; + node540 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node699 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node664 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node187 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node254 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node231 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node81 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node1024 -> node918 [ color=BLACK, label=< rdf:rest > ] ; + node334 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node979 -> node1004 [ color=BLACK, label=< rdf:rest > ] ; + node885 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node424 -> node296 [ color=BLACK, label=< rdf:first > ] ; + node80 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node801 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node170 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node301 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node727 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node411 -> node757 [ color=BLACK, label=< rdf:rest > ] ; + node817 -> node522 [ color=BLACK, label=< sh:path > ] ; + node219 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node515 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node726 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node472 -> node264 [ color=BLACK, label=< sh:in > ] ; + node291 -> node105 [ color=BLACK, label=< sh:path > ] ; + node338 -> node894 [ color=BLACK, label=< rdf:first > ] ; + node616 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node383 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node873 -> node294 [ color=BLACK, label=< sh:path > ] ; + node749 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node110 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node939 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node594 -> node789 [ color=BLACK, label=< sh:property > ] ; + node133 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node826 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node121 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node787 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node549 -> node482 [ color=BLACK, label=< rdf:first > ] ; + node680 -> node586 [ color=BLACK, label=< rdf:first > ] ; + node589 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node117 -> node147 [ color=BLACK, label=< sh:path > ] ; + node866 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node463 -> node957 [ color=BLACK, label=< rdf:rest > ] ; + node647 -> node639 [ color=BLACK, label=< rdf:first > ] ; + node222 -> node40 [ color=BLACK, label=< sh:class > ] ; + node237 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node172 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node192 -> node765 [ color=BLACK, label=< sh:property > ] ; + node959 -> node249 [ color=BLACK, label=< rdf:first > ] ; + node910 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node579 -> node1015 [ color=BLACK, label=< rdf:rest > ] ; + node744 -> node455 [ color=BLACK, label=< rdf:first > ] ; + node901 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node765 -> node561 [ color=BLACK, label=< sh:class > ] ; + node266 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node551 -> node877 [ color=BLACK, label=< rdf:type > ] ; + node956 -> node410 [ color=BLACK, label=< rdf:rest > ] ; + node479 -> node1005 [ color=BLACK, label=< rdf:rest > ] ; + node649 -> node830 [ color=BLACK, label=< sh:datatype > ] ; + node37 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node356 -> node653 [ color=BLACK, label=< rdf:type > ] ; + node113 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node945 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node489 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node691 -> node41 [ color=BLACK, label=< rdf:first > ] ; + node865 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node907 -> node456 [ color=BLACK, label=< rdf:rest > ] ; + node976 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node206 -> node877 [ color=BLACK, label=< rdf:type > ] ; + node281 -> node511 [ color=BLACK, label=< sh:path > ] ; + node33 -> node844 [ color=BLACK, label=< sh:property > ] ; + node1022 -> node344 [ color=BLACK, label=< rdf:rest > ] ; + node928 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node775 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node542 -> node500 [ color=BLACK, label=< sh:property > ] ; + node780 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node905 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node710 -> node308 [ color=BLACK, label=< sh:path > ] ; + node902 -> node599 [ color=BLACK, label=< rdf:first > ] ; + node250 -> node159 [ color=BLACK, label=< rdf:type > ] ; + node986 -> node475 [ color=BLACK, label=< rdf:first > ] ; + node780 -> node636 [ color=BLACK, label=< sh:class > ] ; + node671 -> node477 [ color=BLACK, label=< sh:class > ] ; + node997 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node157 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node405 -> node157 [ color=BLACK, label=< sh:class > ] ; + node917 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node649 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node842 -> node892 [ color=BLACK, label=< rdfs:range > ] ; + node797 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node982 -> node635 [ color=BLACK, label=< rdf:rest > ] ; + node1016 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node746 -> node855 [ color=BLACK, label=< rdf:rest > ] ; + node927 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node990 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node706 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node552 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node999 -> node834 [ color=BLACK, label=< rdf:type > ] ; + node628 -> node499 [ color=BLACK, label=< sh:path > ] ; + node938 -> node948 [ color=BLACK, label=< rdf:rest > ] ; + node63 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node974 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node273 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node595 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node707 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node240 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node932 -> node997 [ color=BLACK, label=< sh:path > ] ; + node953 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node43 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node483 -> node483 [ color=BLACK, label=< owl:versionIRI > ] ; + node989 -> node806 [ color=BLACK, label=< rdf:rest > ] ; + node643 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node392 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node192 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node572 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node485 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node703 -> node238 [ color=BLACK, label=< rdf:first > ] ; + node311 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node209 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node931 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node180 -> node194 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node971 -> node613 [ color=BLACK, label=< rdf:rest > ] ; + node437 -> node112 [ color=BLACK, label=< rdf:first > ] ; + node139 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node890 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node360 -> node1000 [ color=BLACK, label=< sh:property > ] ; + node239 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node1000 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node111 -> node868 [ color=BLACK, label=< rdf:rest > ] ; + node439 -> node1023 [ color=BLACK, label=< sh:path > ] ; + node521 -> node300 [ color=BLACK, label=< sh:path > ] ; + node554 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node1007 -> node528 [ color=BLACK, label=< rdf:first > ] ; + node310 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node518 -> node999 [ color=BLACK, label=< rdf:first > ] ; + node506 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node776 -> node428 [ color=BLACK, label=< rdfs:range > ] ; + node661 -> node111 [ color=BLACK, label=< rdf:rest > ] ; + node734 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node525 -> node825 [ color=BLACK, label=< rdf:first > ] ; + node222 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node829 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node977 -> node44 [ color=BLACK, label=< rdf:rest > ] ; + node72 -> node899 [ color=BLACK, label=< sh:property > ] ; + node10 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node258 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node94 -> node153 [ color=BLACK, label=< rdf:first > ] ; + node216 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node329 -> node194 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node800 -> node837 [ color=BLACK, label=< rdf:first > ] ; + node968 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node1010 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node804 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node238 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node994 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node191 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node40 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node877 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node70 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node272 -> node790 [ color=BLACK, label=< rdf:rest > ] ; + node961 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node523 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node136 -> node448 [ color=BLACK, label=< rdf:first > ] ; + node712 -> node598 [ color=BLACK, label=< rdf:rest > ] ; + node976 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node106 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node594 -> node876 [ color=BLACK, label=< sh:property > ] ; + node878 -> node860 [ color=BLACK, label=< rdfs:range > ] ; + node40 -> node512 [ color=BLACK, label=< sh:property > ] ; + node694 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node317 -> node56 [ color=BLACK, label=< rdf:type > ] ; + node377 -> node907 [ color=BLACK, label=< rdf:rest > ] ; + node213 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node491 -> node28 [ color=BLACK, label=< rdfs:range > ] ; + node963 -> node793 [ color=BLACK, label=< rdf:rest > ] ; + node955 -> node877 [ color=BLACK, label=< rdfs:range > ] ; + node303 -> node686 [ color=BLACK, label=< sh:path > ] ; + node53 -> node178 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node655 -> node1 [ color=BLACK, label=< rdfs:range > ] ; + node142 -> node157 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node255 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node11 -> node503 [ color=BLACK, label=< sh:property > ] ; + node468 -> node446 [ color=BLACK, label=< rdf:first > ] ; + node940 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node906 -> node724 [ color=BLACK, label=< rdf:first > ] ; + node997 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node713 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node561 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node602 -> node341 [ color=BLACK, label=< rdf:type > ] ; + node1009 -> node991 [ color=BLACK, label=< sh:in > ] ; + node636 -> node174 [ color=BLACK, label=< sh:property > ] ; + node975 -> node1012 [ color=BLACK, label=< rdf:rest > ] ; + node1012 -> node943 [ color=BLACK, label=< rdf:first > ] ; + node458 -> node472 [ color=BLACK, label=< sh:property > ] ; + node781 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node188 -> node195 [ color=BLACK, label=< rdf:rest > ] ; + node476 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node602 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node949 -> node866 [ color=BLACK, label=< rdf:first > ] ; + node771 -> node384 [ color=BLACK, label=< rdf:rest > ] ; + node657 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node745 -> node996 [ color=BLACK, label=< rdf:rest > ] ; + node803 -> node659 [ color=BLACK, label=< sh:path > ] ; + node616 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node223 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node654 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node636 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node422 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node560 -> node662 [ color=BLACK, label=< rdf:first > ] ; + node232 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node949 -> node864 [ color=BLACK, label=< rdf:rest > ] ; + node718 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node633 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node50 -> node660 [ color=BLACK, label=< rdf:first > ] ; + node696 -> node135 [ color=BLACK, label=< rdfs:range > ] ; + node674 -> node383 [ color=BLACK, label=< rdf:first > ] ; + node109 -> node860 [ color=BLACK, label=< rdf:type > ] ; + node568 -> node917 [ color=BLACK, label=< sh:path > ] ; + node740 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node306 -> node633 [ color=BLACK, label=< sh:property > ] ; + node913 -> node1021 [ color=BLACK, label=< rdf:rest > ] ; + node601 -> node1006 [ color=BLACK, label=< rdf:rest > ] ; + node20 -> node186 [ color=BLACK, label=< rdf:first > ] ; + node443 -> node341 [ color=BLACK, label=< rdf:type > ] ; + node972 -> node550 [ color=BLACK, label=< rdf:first > ] ; + node849 -> node481 [ color=BLACK, label=< rdf:rest > ] ; + node943 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node235 -> node22 [ color=BLACK, label=< sh:class > ] ; + node242 -> node82 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node392 -> node917 [ color=BLACK, label=< sh:path > ] ; + node306 -> node157 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node1024 -> node368 [ color=BLACK, label=< rdf:first > ] ; + node420 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node303 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node441 -> node428 [ color=BLACK, label=< sh:class > ] ; + node148 -> node1017 [ color=BLACK, label=< sh:property > ] ; + node1000 -> node935 [ color=BLACK, label=< sh:path > ] ; + node756 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node1019 -> node25 [ color=BLACK, label=< rdf:rest > ] ; + node174 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node419 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node968 -> node40 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node1009 -> node877 [ color=BLACK, label=< sh:class > ] ; + node148 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node760 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node696 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node990 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node903 -> node119 [ color=BLACK, label=< rdf:first > ] ; + node651 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node897 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node531 -> node4 [ color=BLACK, label=< sh:path > ] ; + node458 -> node194 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node980 -> node401 [ color=BLACK, label=< rdf:rest > ] ; + node71 -> node217 [ color=BLACK, label=< sh:path > ] ; + node318 -> node1001 [ color=BLACK, label=< rdf:rest > ] ; + node133 -> node755 [ color=BLACK, label=< sh:property > ] ; + node1025 -> node160 [ color=BLACK, label=< rdf:first > ] ; + node223 -> node40 [ color=BLACK, label=< rdfs:range > ] ; + node1026 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node596 -> node265 [ color=BLACK, label=< rdf:first > ] ; + node984 -> node641 [ color=BLACK, label=< rdf:first > ] ; + node900 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node1016 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node605 -> node0 [ color=BLACK, label=< sh:path > ] ; + node428 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node857 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node932 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node390 -> node271 [ color=BLACK, label=< rdf:rest > ] ; + node880 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node687 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node904 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node742 -> node561 [ color=BLACK, label=< rdfs:range > ] ; + node522 -> node454 [ color=BLACK, label=< rdfs:range > ] ; + node85 -> node56 [ color=BLACK, label=< rdf:type > ] ; + node1011 -> node880 [ color=BLACK, label=< rdf:first > ] ; + node485 -> node17 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node40 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node988 -> node21 [ color=BLACK, label=< rdf:first > ] ; + node130 -> node725 [ color=BLACK, label=< rdf:rest > ] ; + node243 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node622 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node346 -> node142 [ color=BLACK, label=< rdfs:range > ] ; + node659 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node633 -> node885 [ color=BLACK, label=< sh:path > ] ; + node120 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node168 -> node61 [ color=BLACK, label=< rdf:first > ] ; + node151 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node245 -> node859 [ color=BLACK, label=< rdf:first > ] ; + node356 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node337 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node1009 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node114 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node903 -> node966 [ color=BLACK, label=< rdf:rest > ] ; + node501 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node875 -> node981 [ color=BLACK, label=< rdf:rest > ] ; + node63 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node732 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node941 -> node427 [ color=BLACK, label=< rdf:first > ] ; + node397 -> node313 [ color=BLACK, label=< rdfs:range > ] ; + node646 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node240 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node287 -> node877 [ color=BLACK, label=< rdf:type > ] ; + node17 -> node492 [ color=BLACK, label=< sh:property > ] ; + node83 -> node971 [ color=BLACK, label=< sh:in > ] ; + node541 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node305 -> node51 [ color=BLACK, label=< rdf:rest > ] ; + node402 -> node964 [ color=BLACK, label=< rdf:rest > ] ; + node599 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node436 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node922 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node816 -> node477 [ color=BLACK, label=< sh:class > ] ; + node150 -> node452 [ color=BLACK, label=< sh:path > ] ; + node325 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node1020 -> node109 [ color=BLACK, label=< rdf:first > ] ; + node353 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node640 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node644 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node926 -> node29 [ color=BLACK, label=< rdf:first > ] ; + node958 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node594 -> node337 [ color=BLACK, label=< sh:property > ] ; + node716 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node1010 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node475 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node196 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node895 -> node168 [ color=BLACK, label=< rdf:rest > ] ; + node987 -> node656 [ color=BLACK, label=< rdf:rest > ] ; + node847 -> node69 [ color=BLACK, label=< rdf:rest > ] ; + node851 -> node811 [ color=BLACK, label=< rdf:first > ] ; + node695 -> node18 [ color=BLACK, label=< rdf:type > ] ; + node556 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node642 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node772 -> node877 [ color=BLACK, label=< rdf:type > ] ; + node280 -> node860 [ color=BLACK, label=< rdf:type > ] ; + node349 -> node577 [ color=BLACK, label=< rdf:rest > ] ; + node500 -> node313 [ color=BLACK, label=< sh:class > ] ; + node439 -> node963 [ color=BLACK, label=< sh:in > ] ; + node992 -> node741 [ color=BLACK, label=< rdf:rest > ] ; + node813 -> node1002 [ color=BLACK, label=< rdf:rest > ] ; + node283 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node910 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node594 -> node117 [ color=BLACK, label=< sh:property > ] ; + node914 -> node313 [ color=BLACK, label=< rdf:type > ] ; + node637 -> node708 [ color=BLACK, label=< rdf:rest > ] ; + node354 -> node5 [ color=BLACK, label=< rdf:type > ] ; + node934 -> node357 [ color=BLACK, label=< rdf:rest > ] ; + node895 -> node717 [ color=BLACK, label=< rdf:first > ] ; + node992 -> node974 [ color=BLACK, label=< rdf:first > ] ; + node521 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node441 -> node941 [ color=BLACK, label=< sh:in > ] ; + node214 -> node854 [ color=BLACK, label=< sh:property > ] ; + node89 -> node867 [ color=BLACK, label=< rdf:first > ] ; + node820 -> node390 [ color=BLACK, label=< rdf:rest > ] ; + node171 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node1013 -> node959 [ color=BLACK, label=< rdf:rest > ] ; + node973 -> node995 [ color=BLACK, label=< rdf:rest > ] ; + node774 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node497 -> node956 [ color=BLACK, label=< rdf:rest > ] ; + node305 -> node31 [ color=BLACK, label=< rdf:first > ] ; + node1017 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node472 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node297 -> node99 [ color=BLACK, label=< sh:path > ] ; + node192 -> node945 [ color=BLACK, label=< sh:property > ] ; + node993 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node138 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node605 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node342 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node217 -> node118 [ color=BLACK, label=< rdfs:range > ] ; + node380 -> node68 [ color=BLACK, label=< rdf:first > ] ; + node35 -> node118 [ color=BLACK, label=< sh:datatype > ] ; + node473 -> node201 [ color=BLACK, label=< rdf:type > ] ; + node792 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node90 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node594 -> node297 [ color=BLACK, label=< sh:property > ] ; + node983 -> node980 [ color=BLACK, label=< rdf:rest > ] ; + node932 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node64 -> node751 [ color=BLACK, label=< sh:property > ] ; + node894 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node783 -> node314 [ color=BLACK, label=< sh:property > ] ; + node459 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node144 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; + node584 -> node454 [ color=BLACK, label=< rdfs:range > ] ; + node492 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node439 -> node56 [ color=BLACK, label=< sh:class > ] ; + node745 -> node759 [ color=BLACK, label=< rdf:first > ] ; + node578 -> node646 [ color=BLACK, label=< rdf:first > ] ; + node467 -> node453 [ color=BLACK, label=< sh:path > ] ; + node379 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node652 -> node449 [ color=BLACK, label=< rdf:first > ] ; + node614 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node888 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node72 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node679 -> node17 [ color=BLACK, label=< rdfs:range > ] ; + node1022 -> node754 [ color=BLACK, label=< rdf:first > ] ; + node1025 -> node1024 [ color=BLACK, label=< rdf:rest > ] ; + node391 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node11 -> node254 [ color=BLACK, label=< sh:property > ] ; + node210 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node284 -> node893 [ color=BLACK, label=< sh:in > ] ; + node923 -> node155 [ color=BLACK, label=< rdf:type > ] ; + node876 -> node778 [ color=BLACK, label=< sh:path > ] ; + node376 -> node28 [ color=BLACK, label=< sh:datatype > ] ; + node480 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node329 -> node733 [ color=BLACK, label=< sh:property > ] ; + node549 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node178 -> node699 [ color=BLACK, label=< sh:property > ] ; + node1023 -> node56 [ color=BLACK, label=< rdfs:range > ] ; + node931 -> node39 [ color=BLACK, label=< sh:datatype > ] ; + node1021 -> node998 [ color=BLACK, label=< rdf:rest > ] ; + node8 -> node190 [ color=BLACK, label=< sh:nodeKind > ] ; + node996 -> node979 [ color=BLACK, label=< rdf:rest > ] ; + node444 -> node211 [ color=BLACK, label=< rdf:type > ] ; + node234 -> node653 [ color=BLACK, label=< rdf:type > ] ; + node794 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node815 -> node36 [ color=BLACK, label=< sh:nodeKind > ] ; + node313 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node682 -> node629 [ color=BLACK, label=< rdf:rest > ] ; + node985 -> node890 [ color=BLACK, label=< rdf:first > ] ; + node868 -> node874 [ color=BLACK, label=< rdf:first > ] ; + node194 -> node76 [ color=BLACK, label=< rdf:type > ] ; + node465 -> node133 [ color=BLACK, label=< rdfs:range > ] ; + node1007 -> node692 [ color=BLACK, label=< rdf:rest > ] ; + node130 -> node520 [ color=BLACK, label=< rdf:first > ] ; + node689 -> node582 [ color=BLACK, label=< sh:path > ] ; + node937 -> node22 [ color=BLACK, label=< rdf:type > ] ; + node1026 -> node280 [ color=BLACK, label=< rdf:first > ] ; + node988 -> node1013 [ color=BLACK, label=< rdf:rest > ] ; + node517 -> node809 [ color=BLACK, label=< rdf:first > ] ; + node991 -> node772 [ color=BLACK, label=< rdf:first > ] ; + node763 -> node994 [ color=BLACK, label=< sh:path > ] ; + node479 -> node937 [ color=BLACK, label=< rdf:first > ] ; + node786 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node485 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node709 -> node285 [ color=BLACK, label=< rdf:type > ] ; + node700 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node270 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node366 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node409 -> node465 [ color=BLACK, label=< sh:path > ] ; + node263 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node656 -> node123 [ color=BLACK, label=< rdf:rest > ] ; + node813 -> node914 [ color=BLACK, label=< rdf:first > ] ; + node153 -> node62 [ color=BLACK, label=< rdf:type > ] ; + node167 -> node82 [ color=BLACK, label=< rdfs:subClassOf > ] ; + node899 -> node843 [ color=BLACK, label=< sh:in > ] ; + node994 -> node39 [ color=BLACK, label=< rdfs:range > ] ; + node947 -> node16 [ color=BLACK, label=< rdf:type > ] ; + node613 -> node1025 [ color=BLACK, label=< rdf:rest > ] ; + node612 -> node13 [ color=BLACK, label=< sh:nodeKind > ] ; + node513 -> node81 [ color=BLACK, label=< sh:path > ] ; + node381 -> node58 [ color=BLACK, label=< rdf:type > ] ; + node867 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node1020 -> node1026 [ color=BLACK, label=< rdf:rest > ] ; + node751 -> node471 [ color=BLACK, label=< sh:path > ] ; + node316 -> node360 [ color=BLACK, label=< rdfs:range > ] ; + node1017 -> node865 [ color=BLACK, label=< sh:path > ] ; + node276 -> node1 [ color=BLACK, label=< sh:datatype > ] ; + node721 -> node155 [ color=BLACK, label=< rdfs:range > ] ; + node414 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node853 -> node135 [ color=BLACK, label=< rdf:type > ] ; + node639 -> node30 [ color=BLACK, label=< rdf:type > ] ; + node542 -> node34 [ color=BLACK, label=< sh:nodeKind > ] ; +# https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri node0 +node0 [ shape=none, color=black label=<
configSourceUri
https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri
rdfs:comment"Property that describes the URI of the build configuration source file."@en
> ] +# http://www.w3.org/2001/XMLSchema#anyURI node1 +node1 [ shape=none, color=black label=<
anyURI
http://www.w3.org/2001/XMLSchema#anyURI
> ] +# N7332900768394348a8c17a99ce7b52c2 node2 +node2 [ shape=none, color=black label=<
N7332900768394348a8c17a99ce7b52c2
N7332900768394348a8c17a99ce7b52c2
> ] +# Nde6eec5fc1714339b6f44b9698c7b614 node3 +node3 [ shape=none, color=black label=<
Nde6eec5fc1714339b6f44b9698c7b614
Nde6eec5fc1714339b6f44b9698c7b614
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/justificationType node4 +node4 [ shape=none, color=black label=<
justificationType
https://spdx.org/rdf/3.0.1/terms/Security/justificationType
rdfs:comment"Impact justification label to be used when linking a vulnerability to an element +representing a VEX product with a VexNotAffectedVulnAssessmentRelationship +relationship."@en
> ] +# http://www.w3.org/2002/07/owl#ObjectProperty node5 +node5 [ shape=none, color=black label=<
ObjectProperty
http://www.w3.org/2002/07/owl#ObjectProperty
> ] +# N561c5085ec074cc9b6a267f706eebc0c node6 +node6 [ shape=none, color=black label=<
N561c5085ec074cc9b6a267f706eebc0c
N561c5085ec074cc9b6a267f706eebc0c
> ] +# Ncabde97a6c3f4adc9b8823ee931e2b7d node7 +node7 [ shape=none, color=black label=<
Ncabde97a6c3f4adc9b8823ee931e2b7d
Ncabde97a6c3f4adc9b8823ee931e2b7d
> ] +# N2da5fb10013c416ba1a25392e71de30d node8 +node8 [ shape=none, color=black label=<
N2da5fb10013c416ba1a25392e71de30d
N2da5fb10013c416ba1a25392e71de30d
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/imports node9 +node9 [ shape=none, color=black label=<
imports
https://spdx.org/rdf/3.0.1/terms/Core/imports
rdfs:comment"Provides an ExternalMap of Element identifiers."@en
> ] +# N6d3932e4a46e43c6ab889e1be1f9eeb3 node10 +node10 [ shape=none, color=black label=<
N6d3932e4a46e43c6ab889e1be1f9eeb3
N6d3932e4a46e43c6ab889e1be1f9eeb3
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License node11 +node11 [ shape=none, color=black label=<
License
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License
rdfs:comment"Abstract class for the portion of an AnyLicenseInfo representing a license."@en
> ] +# Ne1d33d90a3364973ae59f5c549c0f264 node12 +node12 [ shape=none, color=black label=<
Ne1d33d90a3364973ae59f5c549c0f264
Ne1d33d90a3364973ae59f5c549c0f264
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# http://www.w3.org/ns/shacl#IRI node13 +node13 [ shape=none, color=black label=<
IRI
http://www.w3.org/ns/shacl#IRI
> ] +# Nc2e370e51ee546a1a816ebb1fed7db40 node14 +node14 [ shape=none, color=black label=<
Nc2e370e51ee546a1a816ebb1fed7db40
Nc2e370e51ee546a1a816ebb1fed7db40
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName node15 +node15 [ shape=none, color=black label=<
cdxPropName
https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName
rdfs:comment"A name used in a CdxExtension name-value pair."@en
> ] +# http://www.w3.org/2002/07/owl#DatatypeProperty node16 +node16 [ shape=none, color=black label=<
DatatypeProperty
http://www.w3.org/2002/07/owl#DatatypeProperty
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Element node17 +node17 [ shape=none, color=black label=<
Element
https://spdx.org/rdf/3.0.1/terms/Core/Element
rdfs:comment"Base domain class from which all other SPDX-3.0 domain classes derive."@en
> ] +# http://www.w3.org/ns/shacl#NodeShape node18 +node18 [ shape=none, color=black label=<
NodeShape
http://www.w3.org/ns/shacl#NodeShape
> ] +# Nf3ed9048b429481d91ff148d9ffa6f4a node19 +node19 [ shape=none, color=black label=<
Nf3ed9048b429481d91ff148d9ffa6f4a
Nf3ed9048b429481d91ff148d9ffa6f4a
> ] +# N08dc9597757146549a7688957e5b3f6e node20 +node20 [ shape=none, color=black label=<
N08dc9597757146549a7688957e5b3f6e
N08dc9597757146549a7688957e5b3f6e
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile node21 +node21 [ shape=none, color=black label=<
hasAddedFile
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile
rdfs:comment"Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType node22 +node22 [ shape=none, color=black label=<
RelationshipType
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType
rdfs:comment"Information about the relationship between two Elements."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy node23 +node23 [ shape=none, color=black label=<
publishedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy
rdfs:comment"(Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException node24 +node24 [ shape=none, color=black label=<
ListedLicenseException
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException
rdfs:comment"A license exception that is listed on the SPDX Exceptions list."@en
> ] +# N374b4dcd5d9044dcb168fa77a2cf5abd node25 +node25 [ shape=none, color=black label=<
N374b4dcd5d9044dcb168fa77a2cf5abd
N374b4dcd5d9044dcb168fa77a2cf5abd
> ] +# N18acf8c8cec34b98a4f73ee7b3043201 node26 +node26 [ shape=none, color=black label=<
N18acf8c8cec34b98a4f73ee7b3043201
N18acf8c8cec34b98a4f73ee7b3043201
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/exploited node27 +node27 [ shape=none, color=black label=<
exploited
https://spdx.org/rdf/3.0.1/terms/Security/exploited
rdfs:comment"Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog."@en
> ] +# http://www.w3.org/2001/XMLSchema#boolean node28 +node28 [ shape=none, color=black label=<
boolean
http://www.w3.org/2001/XMLSchema#boolean
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256 node29 +node29 [ shape=none, color=black label=<
blake2b256
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256
rdfs:comment"BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4."@en
> ] +# http://www.w3.org/2002/07/owl#NamedIndividual node30 +node30 [ shape=none, color=black label=<
NamedIndividual
http://www.w3.org/2002/07/owl#NamedIndividual
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour node31 +node31 [ shape=none, color=black label=<
kilowattHour
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour
rdfs:comment"Kilowatt-hour."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType node32 +node32 [ shape=none, color=black label=<
EnergyUnitType
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType
rdfs:comment"Specifies the unit of energy consumption."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap node33 +node33 [ shape=none, color=black label=<
ExternalMap
https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap
rdfs:comment"A map of Element identifiers that are used within a Document but defined external to that Document."@en
> ] +# http://www.w3.org/ns/shacl#BlankNode node34 +node34 [ shape=none, color=black label=<
BlankNode
http://www.w3.org/ns/shacl#BlankNode
> ] +# N7dba678f31df46c5a36c0ae8f797a90e node35 +node35 [ shape=none, color=black label=<
N7dba678f31df46c5a36c0ae8f797a90e
N7dba678f31df46c5a36c0ae8f797a90e
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# http://www.w3.org/ns/shacl#Literal node36 +node36 [ shape=none, color=black label=<
Literal
http://www.w3.org/ns/shacl#Literal
> ] +# Nc1f53db6da424caeb51ccff2d9e9a020 node37 +node37 [ shape=none, color=black label=<
Nc1f53db6da424caeb51ccff2d9e9a020
Nc1f53db6da424caeb51ccff2d9e9a020
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded node38 +node38 [ shape=none, color=black label=<
listVersionAdded
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded
rdfs:comment"Specifies the SPDX License List version in which this ListedLicense or +ListedLicenseException identifier was first added."@en
> ] +# http://www.w3.org/2001/XMLSchema#string node39 +node39 [ shape=none, color=black label=<
string
http://www.w3.org/2001/XMLSchema#string
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition node40 +node40 [ shape=none, color=black label=<
LicenseAddition
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition
rdfs:comment"Abstract class for additional text intended to be added to a License, but which is not itself a standalone License."@en
> ] -# N1fdc6c5defd94c51ba02b2852676de39 node223 -node223 [ shape=none, color=black label=<
N1fdc6c5defd94c51ba02b2852676de39
N1fdc6c5defd94c51ba02b2852676de39
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file node224 -node224 [ shape=none, color=black label=<
file
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file
rdfs:comment"the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build node225 -node225 [ shape=none, color=black label=<
build
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build
rdfs:comment"A relationship has specific context implications during an element's build phase, during development."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384 node226 -node226 [ shape=none, color=black label=<
sha3_384
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384
rdfs:comment"SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] -# N8b0c4aa4191e4650856d739c21111635 node227 -node227 [ shape=none, color=black label=<
N8b0c4aa4191e4650856d739c21111635
N8b0c4aa4191e4650856d739c21111635
sh:maxCount"1"^^xsd:integer
> ] -# http://www.w3.org/2001/XMLSchema#anyURI node228 -node228 [ shape=none, color=black label=<
anyURI
http://www.w3.org/2001/XMLSchema#anyURI
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship node229 -node229 [ shape=none, color=black label=<
VexNotAffectedVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship
rdfs:comment"Links a vulnerability and one or more elements designating the latter as products +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact node41 +node41 [ shape=none, color=black label=<
binaryArtifact
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact
rdfs:comment"A reference to binary artifacts related to a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Bundle node42 +node42 [ shape=none, color=black label=<
Bundle
https://spdx.org/rdf/3.0.1/terms/Core/Bundle
rdfs:comment"A collection of Elements that have a shared context."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice node43 +node43 [ shape=none, color=black label=<
eolNotice
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice
rdfs:comment"A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package."@en
> ] +# N99bda17eeef644f79fdf65f3d8566081 node44 +node44 [ shape=none, color=black label=<
N99bda17eeef644f79fdf65f3d8566081
N99bda17eeef644f79fdf65f3d8566081
> ] +# N70108cc8173941a9821e081c0b3987fb node45 +node45 [ shape=none, color=black label=<
N70108cc8173941a9821e081c0b3987fb
N70108cc8173941a9821e081c0b3987fb
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no node46 +node46 [ shape=none, color=black label=<
no
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no
rdfs:comment"Indicates absence of the field."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance node47 +node47 [ shape=none, color=black label=<
standardCompliance
https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance
rdfs:comment"Captures a standard that is being complied with."@en
> ] +# N10125ead4e864e63b561b0f44b7d79a0 node48 +node48 [ shape=none, color=black label=<
N10125ead4e864e63b561b0f44b7d79a0
N10125ead4e864e63b561b0f44b7d79a0
sh:maxCount"1"^^xsd:integer
> ] +# N6d1c716a912c45b98d2eeeef8c8fc9ae node49 +node49 [ shape=none, color=black label=<
N6d1c716a912c45b98d2eeeef8c8fc9ae
N6d1c716a912c45b98d2eeeef8c8fc9ae
sh:maxCount"1"^^xsd:integer
> ] +# Nd4c648a27cad47ba8422b6c988672d52 node50 +node50 [ shape=none, color=black label=<
Nd4c648a27cad47ba8422b6c988672d52
Nd4c648a27cad47ba8422b6c988672d52
> ] +# Na3c3c8ca991f46cf86fe76960785719f node51 +node51 [ shape=none, color=black label=<
Na3c3c8ca991f46cf86fe76960785719f
Na3c3c8ca991f46cf86fe76960785719f
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule node52 +node52 [ shape=none, color=black label=<
megajoule
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule
rdfs:comment"Megajoule."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship node53 +node53 [ shape=none, color=black label=<
VexNotAffectedVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship
rdfs:comment"Links a vulnerability and one or more elements designating the latter as products not affected by the vulnerability."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority node230 -node230 [ shape=none, color=black label=<
issuingAuthority
https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority
rdfs:comment"An entity that is authorized to issue identification credentials."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/createdBy node231 -node231 [ shape=none, color=black label=<
createdBy
https://spdx.org/rdf/3.0.1/terms/Core/createdBy
rdfs:comment"Identifies who or what created the Element."@en
> ] -# N4f9bf0019bd64042ae3a01272500c3ff node232 -node232 [ shape=none, color=black label=<
N4f9bf0019bd64042ae3a01272500c3ff
N4f9bf0019bd64042ae3a01272500c3ff
sh:maxCount"1"^^xsd:integer
> ] -# N6dc853b2913a44df81358ec1fdf52ab4 node233 -node233 [ shape=none, color=black label=<
N6dc853b2913a44df81358ec1fdf52ab4
N6dc853b2913a44df81358ec1fdf52ab4
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport node234 -node234 [ shape=none, color=black label=<
runtimeAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport
rdfs:comment"A reference to a runtime analysis report for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability node235 -node235 [ shape=none, color=black label=<
hasAssociatedVulnerability
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability
rdfs:comment"(Security) Used to associate a `from` Artifact with each `to` Vulnerability."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/NoneElement node236 -node236 [ shape=none, color=black label=<
NoneElement
https://spdx.org/rdf/3.0.1/terms/Core/NoneElement
rdfs:comment"An Individual Value for Element representing a set of Elements with -cardinality (number/count) of zero."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry node237 -node237 [ shape=none, color=black label=<
CdxPropertyEntry
https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry
rdfs:comment"A property name with an associated value."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo node238 -node238 [ shape=none, color=black label=<
IndividualLicensingInfo
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo
rdfs:comment"A concrete subclass of AnyLicenseInfo used by Individuals in the +# N5e02ee6be544496eaa697b59d1f414bf node54 +node54 [ shape=none, color=black label=<
N5e02ee6be544496eaa697b59d1f414bf
N5e02ee6be544496eaa697b59d1f414bf
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious node55 +node55 [ shape=none, color=black label=<
serious
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious
rdfs:comment"The highest level of risk posed by an AI system."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType node56 +node56 [ shape=none, color=black label=<
SafetyRiskAssessmentType
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType
rdfs:comment"Specifies the safety risk level."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType node57 +node57 [ shape=none, color=black label=<
CvssSeverityType
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType
rdfs:comment"Specifies the CVSS base, temporal, threat, or environmental severity type."@en
> ] +# http://www.w3.org/2002/07/owl#Class node58 +node58 [ shape=none, color=black label=<
Class
http://www.w3.org/2002/07/owl#Class
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation node59 +node59 [ shape=none, color=black label=<
downloadLocation
https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation
rdfs:comment"Identifies the download Uniform Resource Identifier for the package at the time +that the document was created."@en
> ] +# Nf3183abab4274e449d7ed0a8031a0024 node60 +node60 [ shape=none, color=black label=<
Nf3183abab4274e449d7ed0a8031a0024
Nf3183abab4274e449d7ed0a8031a0024
sh:maxCount"1"^^xsd:integer
sh:pattern"^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive node61 +node61 [ shape=none, color=black label=<
archive
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive
rdfs:comment"the Element is an archived collection of one or more files (.tar, .zip, etc)"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose node62 +node62 [ shape=none, color=black label=<
SoftwarePurpose
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose
rdfs:comment"Provides information about the primary purpose of an Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability node63 +node63 [ shape=none, color=black label=<
Vulnerability
https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability
rdfs:comment"Specifies a vulnerability and its associated information."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Artifact node64 +node64 [ shape=none, color=black label=<
Artifact
https://spdx.org/rdf/3.0.1/terms/Core/Artifact
rdfs:comment"A distinct article or unit within the digital domain."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor node65 +node65 [ shape=none, color=black label=<
underInvestigationFor
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor
rdfs:comment"(Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical node66 +node66 [ shape=none, color=black label=<
critical
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical
rdfs:comment"When a CVSS score is between 9.0 - 10.0"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory node67 +node67 [ shape=none, color=black label=<
releaseHistory
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory
rdfs:comment"A reference to a published list of releases for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport node68 +node68 [ shape=none, color=black label=<
vulnerabilityDisclosureReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport
rdfs:comment"A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final)."@en
> ] +# N1491cc48370c4198bbc8116eb9222549 node69 +node69 [ shape=none, color=black label=<
N1491cc48370c4198bbc8116eb9222549
N1491cc48370c4198bbc8116eb9222549
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest node70 +node70 [ shape=none, color=black label=<
hasDependencyManifest
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest
rdfs:comment"The `from` Element has manifest files that contain dependency information in each `to` Element."@en
> ] +# Ned2355a0564947a58327b6987b9642f1 node71 +node71 [ shape=none, color=black label=<
Ned2355a0564947a58327b6987b9642f1
Ned2355a0564947a58327b6987b9642f1
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage node72 +node72 [ shape=none, color=black label=<
DatasetPackage
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage
rdfs:comment"Specifies a data package and its associated information."@en
> ] +# Nd0fed502db934f74be77a11940c90b92 node73 +node73 [ shape=none, color=black label=<
Nd0fed502db934f74be77a11940c90b92
Nd0fed502db934f74be77a11940c90b92
sh:maxCount"1"^^xsd:integer
> ] +# Nac59286bbf2147e2ab90f6356b0d34a2 node74 +node74 [ shape=none, color=black label=<
Nac59286bbf2147e2ab90f6356b0d34a2
Nac59286bbf2147e2ab90f6356b0d34a2
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod node75 +node75 [ shape=none, color=black label=<
IntegrityMethod
https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod
rdfs:comment"Provides an independently reproducible mechanism that permits verification of a specific Element."@en
> ] +# http://spdx.invalid./AbstractClass node76 +node76 [ shape=none, color=black label=<
AbstractClass
http://spdx.invalid./AbstractClass
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose node77 +node77 [ shape=none, color=black label=<
additionalPurpose
https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose
rdfs:comment"Provides additional purpose information of the software artifact."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix node78 +node78 [ shape=none, color=black label=<
securityFix
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix
rdfs:comment"A reference to the patch or source code that fixes a vulnerability."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/lineRange node79 +node79 [ shape=none, color=black label=<
lineRange
https://spdx.org/rdf/3.0.1/terms/Software/lineRange
rdfs:comment"Defines the line range in the original host file that the snippet information +applies to."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange node80 +node80 [ shape=none, color=black label=<
PositiveIntegerRange
https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange
rdfs:comment"A tuple of two positive integers that define a range."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime node81 +node81 [ shape=none, color=black label=<
actionStatementTime
https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime
rdfs:comment"Records the time when a recommended action was communicated in a VEX statement +to mitigate a vulnerability."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact node82 +node82 [ shape=none, color=black label=<
SoftwareArtifact
https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact
rdfs:comment"A distinct article or unit related to Software."@en
> ] +# N4a8fb15298bb4222b4f414abfdf61d32 node83 +node83 [ shape=none, color=black label=<
N4a8fb15298bb4222b4f414abfdf61d32
N4a8fb15298bb4222b4f414abfdf61d32
sh:maxCount"1"^^xsd:integer
> ] +# Ndc1ede5207024d6dab232968ff535313 node84 +node84 [ shape=none, color=black label=<
Ndc1ede5207024d6dab232968ff535313
Ndc1ede5207024d6dab232968ff535313
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low node85 +node85 [ shape=none, color=black label=<
low
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low
rdfs:comment"Low/no risk is posed by an AI system."@en
> ] +# N3dc7fe4fa62e476fb3721f0fb2c0137b node86 +node86 [ shape=none, color=black label=<
N3dc7fe4fa62e476fb3721f0fb2c0137b
N3dc7fe4fa62e476fb3721f0fb2c0137b
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/to node87 +node87 [ shape=none, color=black label=<
to
https://spdx.org/rdf/3.0.1/terms/Core/to
rdfs:comment"References an Element on the right-hand side of a relationship."@en
> ] +# Nabef62833cf74c78ac0673bf6c766a6e node88 +node88 [ shape=none, color=black label=<
Nabef62833cf74c78ac0673bf6c766a6e
Nabef62833cf74c78ac0673bf6c766a6e
> ] +# N9fcb57467d024d85ba514aac58abd3f5 node89 +node89 [ shape=none, color=black label=<
N9fcb57467d024d85ba514aac58abd3f5
N9fcb57467d024d85ba514aac58abd3f5
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef node90 +node90 [ shape=none, color=black label=<
ExternalRef
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef
rdfs:comment"A reference to a resource outside the scope of SPDX-3.0 content related to an Element."@en
> ] +# Nc2d082d0db9145588f65a04c1abd42d6 node91 +node91 [ shape=none, color=black label=<
Nc2d082d0db9145588f65a04c1abd42d6
Nc2d082d0db9145588f65a04c1abd42d6
sh:maxCount"1"^^xsd:integer
> ] +# Na395f8f765534d0dbfe9b0bbc43d2543 node92 +node92 [ shape=none, color=black label=<
Na395f8f765534d0dbfe9b0bbc43d2543
Na395f8f765534d0dbfe9b0bbc43d2543
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# Na0acbe07b7fc4f0892c423dd46c1c271 node93 +node93 [ shape=none, color=black label=<
Na0acbe07b7fc4f0892c423dd46c1c271
Na0acbe07b7fc4f0892c423dd46c1c271
> ] +# Nd92f4b2cb66e40db978dce973a137c91 node94 +node94 [ shape=none, color=black label=<
Nd92f4b2cb66e40db978dce973a137c91
Nd92f4b2cb66e40db978dce973a137c91
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device node95 +node95 [ shape=none, color=black label=<
device
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device
rdfs:comment"the Element refers to a chipset, processor, or electronic board"@en
> ] +# N3c235fff044149b4aeb0550626107249 node96 +node96 [ shape=none, color=black label=<
N3c235fff044149b4aeb0550626107249
N3c235fff044149b4aeb0550626107249
> ] +# Nf8e3ed19da6c44869a5e56a7c654b2ba node97 +node97 [ shape=none, color=black label=<
Nf8e3ed19da6c44869a5e56a7c654b2ba
Nf8e3ed19da6c44869a5e56a7c654b2ba
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime node98 +node98 [ shape=none, color=black label=<
runtime
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime
rdfs:comment"SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime node99 +node99 [ shape=none, color=black label=<
buildEndTime
https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime
rdfs:comment"Property that describes the time at which a build stops."@en
> ] +# N51ccc8929d7945f9a4721caa1713d1b1 node100 +node100 [ shape=none, color=black label=<
N51ccc8929d7945f9a4721caa1713d1b1
N51ccc8929d7945f9a4721caa1713d1b1
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo node101 +node101 [ shape=none, color=black label=<
expandsTo
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo
rdfs:comment"The `from` archive expands out as an artifact described by each `to` Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy node102 +node102 [ shape=none, color=black label=<
fixedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy
rdfs:comment"(Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install node103 +node103 [ shape=none, color=black label=<
install
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install
rdfs:comment"the Element is used to install software on disk"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme node104 +node104 [ shape=none, color=black label=<
urlScheme
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme
rdfs:comment"[Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication node105 +node105 [ shape=none, color=black label=<
informationAboutApplication
https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication
rdfs:comment"Provides relevant information about the AI software, not including the model +description."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias node106 +node106 [ shape=none, color=black label=<
knownBias
https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias
rdfs:comment"Records the biases that the dataset is known to encompass."@en
> ] +# N1be241bb73904f168b6126c8709a203f node107 +node107 [ shape=none, color=black label=<
N1be241bb73904f168b6126c8709a203f
N1be241bb73904f168b6126c8709a203f
> ] +# https://spdx.org/rdf/3.0.1/terms/Extension/Extension node108 +node108 [ shape=none, color=black label=<
Extension
https://spdx.org/rdf/3.0.1/terms/Extension/Extension
rdfs:comment"A characterization of some aspect of an Element that is associated with the Element in a generalized fashion."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green node109 +node109 [ shape=none, color=black label=<
green
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green
rdfs:comment"Dataset can be shared within a community of peers and partners."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect node110 +node110 [ shape=none, color=black label=<
doesNotAffect
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect
rdfs:comment"(Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships."@en
> ] +# N7dde8777e92d451c82cb9908499ff389 node111 +node111 [ shape=none, color=black label=<
N7dde8777e92d451c82cb9908499ff389
N7dde8777e92d451c82cb9908499ff389
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware node112 +node112 [ shape=none, color=black label=<
firmware
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware
rdfs:comment"the Element provides low level control over a device's hardware"@en
> ] +# N71942c8e075a4203b2cde868d3a5871b node113 +node113 [ shape=none, color=black label=<
N71942c8e075a4203b2cde868d3a5871b
N71942c8e075a4203b2cde868d3a5871b
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy node114 +node114 [ shape=none, color=black label=<
obsoletedBy
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy
rdfs:comment"Specifies the licenseId that is preferred to be used in place of a deprecated +License or LicenseAddition."@en
> ] +# Ne01d20e60cc948e28cfa50b92bd7841f node115 +node115 [ shape=none, color=black label=<
Ne01d20e60cc948e28cfa50b92bd7841f
Ne01d20e60cc948e28cfa50b92bd7841f
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/vectorString node116 +node116 [ shape=none, color=black label=<
vectorString
https://spdx.org/rdf/3.0.1/terms/Security/vectorString
rdfs:comment"Specifies the CVSS vector string for a vulnerability."@en
> ] +# N880dbad4a2034d6da9b4e856b82f261d node117 +node117 [ shape=none, color=black label=<
N880dbad4a2034d6da9b4e856b82f261d
N880dbad4a2034d6da9b4e856b82f261d
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# http://www.w3.org/2001/XMLSchema#dateTimeStamp node118 +node118 [ shape=none, color=black label=<
dateTimeStamp
http://www.w3.org/2001/XMLSchema#dateTimeStamp
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver node119 +node119 [ shape=none, color=black label=<
deviceDriver
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver
rdfs:comment"Element represents software that controls hardware devices"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet node120 +node120 [ shape=none, color=black label=<
ConjunctiveLicenseSet
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet
rdfs:comment"Portion of an AnyLicenseInfo representing a set of licensing information +where all elements apply."@en
> ] +# Ndf158f9bc0b2416d8dcb8102841e1717 node121 +node121 [ shape=none, color=black label=<
Ndf158f9bc0b2416d8dcb8102841e1717
Ndf158f9bc0b2416d8dcb8102841e1717
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# Ned42cb7f225b47faa590460314090d64 node122 +node122 [ shape=none, color=black label=<
Ned42cb7f225b47faa590460314090d64
Ned42cb7f225b47faa590460314090d64
> ] +# http://www.w3.org/1999/02/22-rdf-syntax-ns#nil node123 +node123 [ shape=none, color=black label=<
nil
http://www.w3.org/1999/02/22-rdf-syntax-ns#nil
> ] +# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression node124 +node124 [ shape=none, color=black label=<
LicenseExpression
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression
rdfs:comment"An SPDX Element containing an SPDX license expression string."@en
> ] +# N2bb3f4e54e2b4f0dad139b2de471bc2a node125 +node125 [ shape=none, color=black label=<
N2bb3f4e54e2b4f0dad139b2de471bc2a
N2bb3f4e54e2b4f0dad139b2de471bc2a
> ] +# N73abd534ae4c48fb9342c97dd175e346 node126 +node126 [ shape=none, color=black label=<
N73abd534ae4c48fb9342c97dd175e346
N73abd534ae4c48fb9342c97dd175e346
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn node127 +node127 [ shape=none, color=black label=<
dependsOn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn
rdfs:comment"The `from` Element depends on each `to` Element, during a LifecycleScopeType period."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate node128 +node128 [ shape=none, color=black label=<
standardAdditionTemplate
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate
rdfs:comment"Identifies the full text of a LicenseAddition, in SPDX templating format."@en
> ] +# Nda41662105894fe8b8f4b2e744e55b88 node129 +node129 [ shape=none, color=black label=<
Nda41662105894fe8b8f4b2e744e55b88
Nda41662105894fe8b8f4b2e744e55b88
> ] +# N1295e8f6f8d147d7b578da37f4f53d46 node130 +node130 [ shape=none, color=black label=<
N1295e8f6f8d147d7b578da37f4f53d46
N1295e8f6f8d147d7b578da37f4f53d46
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software node131 +node131 [ shape=none, color=black label=<
software
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software
rdfs:comment"the element follows the Software profile specification"@en
> ] +# N35ee75b04f344ca4bbba4728b2d270ec node132 +node132 [ shape=none, color=black label=<
N35ee75b04f344ca4bbba4728b2d270ec
N35ee75b04f344ca4bbba4728b2d270ec
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier node133 +node133 [ shape=none, color=black label=<
ContentIdentifier
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier
rdfs:comment"A canonical, unique, immutable identifier"@en
> ] +# N55c584c9343b4cc5ac02eeb80187912e node134 +node134 [ shape=none, color=black label=<
N55c584c9343b4cc5ac02eeb80187912e
N55c584c9343b4cc5ac02eeb80187912e
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SbomType node135 +node135 [ shape=none, color=black label=<
SbomType
https://spdx.org/rdf/3.0.1/terms/Software/SbomType
rdfs:comment"Provides a set of values to be used to describe the common types of SBOMs that +tools may create."@en
> ] +# N7712665763024ec9b0bf78a2afdd00cb node136 +node136 [ shape=none, color=black label=<
N7712665763024ec9b0bf78a2afdd00cb
N7712665763024ec9b0bf78a2afdd00cb
> ] +# N7e36bce8dbf648e0ac8e213d75d77383 node137 +node137 [ shape=none, color=black label=<
N7e36bce8dbf648e0ac8e213d75d77383
N7e36bce8dbf648e0ac8e213d75d77383
> ] +# Nb83b2d1ed79d45d787de89329d26f047 node138 +node138 [ shape=none, color=black label=<
Nb83b2d1ed79d45d787de89329d26f047
Nb83b2d1ed79d45d787de89329d26f047
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment node139 +node139 [ shape=none, color=black label=<
vulnerabilityExploitabilityAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment
rdfs:comment"A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest node140 +node140 [ shape=none, color=black label=<
hasTest
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest
rdfs:comment"Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense node141 +node141 [ shape=none, color=black label=<
NoneLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense
rdfs:comment"An Individual Value for License where the SPDX data creator determines that no +license is present."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo node142 +node142 [ shape=none, color=black label=<
IndividualLicensingInfo
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo
rdfs:comment"A concrete subclass of AnyLicenseInfo used by Individuals in the ExpandedLicensing profile."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Artifact node239 -node239 [ shape=none, color=black label=<
Artifact
https://spdx.org/rdf/3.0.1/terms/Core/Artifact
rdfs:comment"A distinct article or unit within the digital domain."@en
> ] -# N6101362c86f043baaa41343ce81f16f4 node240 -node240 [ shape=none, color=black label=<
N6101362c86f043baaa41343ce81f16f4
N6101362c86f043baaa41343ce81f16f4
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/decisionType node241 -node241 [ shape=none, color=black label=<
decisionType
https://spdx.org/rdf/3.0.1/terms/Security/decisionType
rdfs:comment"Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence node242 -node242 [ shape=none, color=black label=<
hasEvidence
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence
rdfs:comment"(Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn node243 -node243 [ shape=none, color=black label=<
trainedOn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn
rdfs:comment"(AI, Dataset) The `from` Element has been trained on the `to` Element(s)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Bundle node244 -node244 [ shape=none, color=black label=<
Bundle
https://spdx.org/rdf/3.0.1/terms/Core/Bundle
rdfs:comment"A collection of Elements that have a shared context."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded node245 -node245 [ shape=none, color=black label=<
listVersionAdded
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded
rdfs:comment"Specifies the SPDX License List version in which this ListedLicense or -ListedLicenseException identifier was first added."@en
> ] -# http://spdx.invalid./AbstractClass node246 -node246 [ shape=none, color=black label=<
AbstractClass
http://spdx.invalid./AbstractClass
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion node247 -node247 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion
rdfs:comment"no assertion about the type of support is made. This is considered the default if no other support type is used."@en
> ] -# Nab6f275beca94f37818928c28b0f6b8f node248 -node248 [ shape=none, color=black label=<
Nab6f275beca94f37818928c28b0f6b8f
Nab6f275beca94f37818928c28b0f6b8f
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite node249 -node249 [ shape=none, color=black label=<
hasPrerequisite
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite
rdfs:comment"The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet node250 -node250 [ shape=none, color=black label=<
DisjunctiveLicenseSet
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet
rdfs:comment"Portion of an AnyLicenseInfo representing a set of licensing information where -only one of the elements applies."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo node251 -node251 [ shape=none, color=black label=<
AnyLicenseInfo
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo
rdfs:comment"Abstract class representing a license combination consisting of one or more +# https://spdx.org/rdf/3.0.1/terms/Dataset/sensor node143 +node143 [ shape=none, color=black label=<
sensor
https://spdx.org/rdf/3.0.1/terms/Dataset/sensor
rdfs:comment"Describes a sensor used for collecting the data."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry node144 +node144 [ shape=none, color=black label=<
DictionaryEntry
https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry
rdfs:comment"A key with an associated value."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/catalogType node145 +node145 [ shape=none, color=black label=<
catalogType
https://spdx.org/rdf/3.0.1/terms/Security/catalogType
rdfs:comment"Specifies the exploit catalog type."@en
> ] +# Nabdedbef29eb415c84c2cc88b86a8906 node146 +node146 [ shape=none, color=black label=<
Nabdedbef29eb415c84c2cc88b86a8906
Nabdedbef29eb415c84c2cc88b86a8906
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime node147 +node147 [ shape=none, color=black label=<
buildStartTime
https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime
rdfs:comment"Property describing the start time of a build."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier node148 +node148 [ shape=none, color=black label=<
ExternalIdentifier
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier
rdfs:comment"A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element."@en
> ] +# N1a75e41265b5479d81634e78ece917a0 node149 +node149 [ shape=none, color=black label=<
N1a75e41265b5479d81634e78ece917a0
N1a75e41265b5479d81634e78ece917a0
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Ndf4821f9740644fe9bc62a288322f630 node150 +node150 [ shape=none, color=black label=<
Ndf4821f9740644fe9bc62a288322f630
Ndf4821f9740644fe9bc62a288322f630
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N10470f6e495146e3b97f1775a5c8b35f node151 +node151 [ shape=none, color=black label=<
N10470f6e495146e3b97f1775a5c8b35f
N10470f6e495146e3b97f1775a5c8b35f
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection node152 +node152 [ shape=none, color=black label=<
ElementCollection
https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection
rdfs:comment"A collection of Elements, not necessarily with unifying context."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform node153 +node153 [ shape=none, color=black label=<
platform
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform
rdfs:comment"Element represents a runtime environment"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList node154 +node154 [ shape=none, color=black label=<
mailingList
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList
rdfs:comment"A reference to the mailing list used by the maintainer for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType node155 +node155 [ shape=none, color=black label=<
ExternalRefType
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType
rdfs:comment"Specifies the type of an external reference."@en
> ] +# N9d5ffd7f2e604801a117df3ae4173ca7 node156 +node156 [ shape=none, color=black label=<
N9d5ffd7f2e604801a117df3ae4173ca7
N9d5ffd7f2e604801a117df3ae4173ca7
sh:minCount"2"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo node157 +node157 [ shape=none, color=black label=<
AnyLicenseInfo
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo
rdfs:comment"Abstract class representing a license combination consisting of one or more licenses (optionally including additional text), which may be combined according to the [SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved node252 -node252 [ shape=none, color=black label=<
isOsiApproved
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved
rdfs:comment"Specifies whether the License is listed as approved by the -[Open Source Initiative (OSI)](https://opensource.org)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType node253 -node253 [ shape=none, color=black label=<
LifecycleScopeType
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType
rdfs:comment"Provide an enumerated set of lifecycle phases that can provide context to relationships."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy node254 -node254 [ shape=none, color=black label=<
modifiedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy
rdfs:comment"The `from` Element is modified by each `to` Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport node255 -node255 [ shape=none, color=black label=<
endOfSupport
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport
rdfs:comment"there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact node256 -node256 [ shape=none, color=black label=<
hasDistributionArtifact
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact
rdfs:comment"The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest node257 -node257 [ shape=none, color=black label=<
manifest
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest
rdfs:comment"the Element is a software manifest"@en
> ] -# N84d3f49b221445bfaa70109ced77c4f1 node258 -node258 [ shape=none, color=black label=<
N84d3f49b221445bfaa70109ced77c4f1
N84d3f49b221445bfaa70109ced77c4f1
> ] -# N334b85bcbf854f42ba18076586bb2864 node259 -node259 [ shape=none, color=black label=<
N334b85bcbf854f42ba18076586bb2864
N334b85bcbf854f42ba18076586bb2864
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability node260 -node260 [ shape=none, color=black label=<
Vulnerability
https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability
rdfs:comment"Specifies a vulnerability and its associated information."@en
> ] -# Nd012fb2188e44b94903b7efd0c8c53d0 node261 -node261 [ shape=none, color=black label=<
Nd012fb2188e44b94903b7efd0c8c53d0
Nd012fb2188e44b94903b7efd0c8c53d0
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation node262 -node262 [ shape=none, color=black label=<
secureSoftwareAttestation
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation
rdfs:comment"A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1 node263 -node263 [ shape=none, color=black label=<
sha1
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1
rdfs:comment"SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects node264 -node264 [ shape=none, color=black label=<
affects
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects
rdfs:comment"(Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/key node265 -node265 [ shape=none, color=black label=<
key
https://spdx.org/rdf/3.0.1/terms/Core/key
rdfs:comment"A key used in a generic key-value pair."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold node266 -node266 [ shape=none, color=black label=<
metricDecisionThreshold
https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold
rdfs:comment"Captures the threshold that was used for computation of a metric described in -the metric field."@en
> ] -# N744226dc018d4a72854a1dd60aea2406 node267 -node267 [ shape=none, color=black label=<
N744226dc018d4a72854a1dd60aea2406
N744226dc018d4a72854a1dd60aea2406
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware node268 -node268 [ shape=none, color=black label=<
firmware
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware
rdfs:comment"the Element provides low level control over a device's hardware"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre node269 -node269 [ shape=none, color=black label=<
isFsfLibre
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre
rdfs:comment"Specifies whether the License is listed as free by the -[Free Software Foundation (FSF)](https://fsf.org)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent node270 -node270 [ shape=none, color=black label=<
vulnerableCodeNotPresent
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent
rdfs:comment"The product is not affected because the code underlying the vulnerability is not present in the product."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset node271 -node271 [ shape=none, color=black label=<
dataset
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset
rdfs:comment"the element follows the Dataset profile specification"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform node272 -node272 [ shape=none, color=black label=<
platform
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform
rdfs:comment"Element represents a runtime environment"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose node273 -node273 [ shape=none, color=black label=<
SoftwarePurpose
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose
rdfs:comment"Provides information about the primary purpose of an Element."@en
> ] -# N5634e24be10248b99c623a52d66a1902 node274 -node274 [ shape=none, color=black label=<
N5634e24be10248b99c623a52d66a1902
N5634e24be10248b99c623a52d66a1902
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation node275 -node275 [ shape=none, color=black label=<
downloadLocation
https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation
rdfs:comment"Identifies the download Uniform Resource Identifier for the package at the time -that the document was created."@en
> ] -# N0c393a49d213438abf93f2408e9d435d node276 -node276 [ shape=none, color=black label=<
N0c393a49d213438abf93f2408e9d435d
N0c393a49d213438abf93f2408e9d435d
> ] -# Nd421b034abf34ac2b3af5f7d0e82a043 node277 -node277 [ shape=none, color=black label=<
Nd421b034abf34ac2b3af5f7d0e82a043
Nd421b034abf34ac2b3af5f7d0e82a043
> ] -# Nfe31c02b1509407b89ff9e91143f9810 node278 -node278 [ shape=none, color=black label=<
Nfe31c02b1509407b89ff9e91143f9810
Nfe31c02b1509407b89ff9e91143f9810
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Ncb477d2101a0490cbdb95bd60d0f26f8 node279 -node279 [ shape=none, color=black label=<
Ncb477d2101a0490cbdb95bd60d0f26f8
Ncb477d2101a0490cbdb95bd60d0f26f8
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate node280 -node280 [ shape=none, color=black label=<
standardAdditionTemplate
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate
rdfs:comment"Identifies the full text of a LicenseAddition, in SPDX templating format."@en
> ] -# Nab5e5d6d82fa4f66b973cd31d4e2d8bc node281 -node281 [ shape=none, color=black label=<
Nab5e5d6d82fa4f66b973cd31d4e2d8bc
Nab5e5d6d82fa4f66b973cd31d4e2d8bc
> ] -# N5fdc7811423e45fb9645e4be47135bb1 node282 -node282 [ shape=none, color=black label=<
N5fdc7811423e45fb9645e4be47135bb1
N5fdc7811423e45fb9645e4be47135bb1
> ] -# Nc9c6cf60f5ce4589a6f27153a06f0cc6 node283 -node283 [ shape=none, color=black label=<
Nc9c6cf60f5ce4589a6f27153a06f0cc6
Nc9c6cf60f5ce4589a6f27153a06f0cc6
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence node284 -node284 [ shape=none, color=black label=<
evidence
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence
rdfs:comment"the Element is the evidence that a specification or requirement has been fulfilled"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/parameters node285 -node285 [ shape=none, color=black label=<
parameters
https://spdx.org/rdf/3.0.1/terms/Build/parameters
rdfs:comment"Property describing the parameters used in an instance of a build."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/externalRefType node286 -node286 [ shape=none, color=black label=<
externalRefType
https://spdx.org/rdf/3.0.1/terms/Core/externalRefType
rdfs:comment"Specifies the type of the external reference."@en
> ] -# Nfcbe63fe7c8d4b1999c923c35effc3f3 node287 -node287 [ shape=none, color=black label=<
Nfcbe63fe7c8d4b1999c923c35effc3f3
Nfcbe63fe7c8d4b1999c923c35effc3f3
> ] -# N6cdb1eb2b5fa43faa135818c734b43f9 node288 -node288 [ shape=none, color=black label=<
N6cdb1eb2b5fa43faa135818c734b43f9
N6cdb1eb2b5fa43faa135818c734b43f9
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/releaseTime node289 -node289 [ shape=none, color=black label=<
releaseTime
https://spdx.org/rdf/3.0.1/terms/Core/releaseTime
rdfs:comment"Specifies the time an artifact was released."@en
> ] -# Ncac4bbea30294965ad436f87b6b3326a node290 -node290 [ shape=none, color=black label=<
Ncac4bbea30294965ad436f87b6b3326a
Ncac4bbea30294965ad436f87b6b3326a
> ] -# N76c7ce604bd541ff8fd39efa9b73f781 node291 -node291 [ shape=none, color=black label=<
N76c7ce604bd541ff8fd39efa9b73f781
N76c7ce604bd541ff8fd39efa9b73f781
> ] -# https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty node292 -node292 [ shape=none, color=black label=<
cdxProperty
https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty
rdfs:comment"Provides a map of a property names to a values."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense node293 -node293 [ shape=none, color=black label=<
NoAssertionLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense
rdfs:comment"An Individual Value for License when no assertion can be made about its actual -value."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion node294 -node294 [ shape=none, color=black label=<
NoAssertion
https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email node295 -node295 [ shape=none, color=black label=<
email
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email
rdfs:comment"Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3."@en
> ] -# N565fce870cc440eaa012d0dafe373899 node296 -node296 [ shape=none, color=black label=<
N565fce870cc440eaa012d0dafe373899
N565fce870cc440eaa012d0dafe373899
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver node297 -node297 [ shape=none, color=black label=<
deviceDriver
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver
rdfs:comment"Element represents software that controls hardware devices"@en
> ] -# N5f5d7f4bac414ebe8719af7f2fa7db8b node298 -node298 [ shape=none, color=black label=<
N5f5d7f4bac414ebe8719af7f2fa7db8b
N5f5d7f4bac414ebe8719af7f2fa7db8b
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata node299 -node299 [ shape=none, color=black label=<
hasMetadata
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata
rdfs:comment"Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`)."@en
> ] -# Ne77a7182a6554957a73e594d0661db8f node300 -node300 [ shape=none, color=black label=<
Ne77a7182a6554957a73e594d0661db8f
Ne77a7182a6554957a73e594d0661db8f
> ] -# N5fab6b99d6bb43039f6e6faaa00c0d73 node301 -node301 [ shape=none, color=black label=<
N5fab6b99d6bb43039f6e6faaa00c0d73
N5fab6b99d6bb43039f6e6faaa00c0d73
> ] -# N86db6b9e3e4549588e7618cf66a37a2e node302 -node302 [ shape=none, color=black label=<
N86db6b9e3e4549588e7618cf66a37a2e
N86db6b9e3e4549588e7618cf66a37a2e
> ] -# Na2c58ef58d4d4a2c800db0b91ec0c6db node303 -node303 [ shape=none, color=black label=<
Na2c58ef58d4d4a2c800db0b91ec0c6db
Na2c58ef58d4d4a2c800db0b91ec0c6db
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement node304 -node304 [ shape=none, color=black label=<
NoAssertionElement
https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement
rdfs:comment"An Individual Value for Element representing a set of Elements of unknown -identify or cardinality (number)."@en
> ] -# N44735d79516c449e9a93053e9780b63b node305 -node305 [ shape=none, color=black label=<
N44735d79516c449e9a93053e9780b63b
N44735d79516c449e9a93053e9780b63b
> ] -# N62a6c12d198e43fb9832df9d4a5b61b8 node306 -node306 [ shape=none, color=black label=<
N62a6c12d198e43fb9832df9d4a5b61b8
N62a6c12d198e43fb9832df9d4a5b61b8
> ] -# Nff697db08dba4dd1987d257b6432d7ab node307 -node307 [ shape=none, color=black label=<
Nff697db08dba4dd1987d257b6432d7ab
Nff697db08dba4dd1987d257b6432d7ab
sh:maxCount"1"^^xsd:integer
> ] -# Nf0d790f0eefc4485aa1b5abe1bfbe4b1 node308 -node308 [ shape=none, color=black label=<
Nf0d790f0eefc4485aa1b5abe1bfbe4b1
Nf0d790f0eefc4485aa1b5abe1bfbe4b1
> ] -# N83be1195a9ca4cf5b298506a28c8b1d6 node309 -node309 [ shape=none, color=black label=<
N83be1195a9ca4cf5b298506a28c8b1d6
N83be1195a9ca4cf5b298506a28c8b1d6
> ] -# N83d3310e90084ad180070e3555b75a7f node310 -node310 [ shape=none, color=black label=<
N83d3310e90084ad180070e3555b75a7f
N83d3310e90084ad180070e3555b75a7f
> ] -# N0e58f00dbc09474fb0aee1c5313fd2b8 node311 -node311 [ shape=none, color=black label=<
N0e58f00dbc09474fb0aee1c5313fd2b8
N0e58f00dbc09474fb0aee1c5313fd2b8
> ] -# N2f5fe835c85746c2855379fd28487240 node312 -node312 [ shape=none, color=black label=<
N2f5fe835c85746c2855379fd28487240
N2f5fe835c85746c2855379fd28487240
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/homePage node313 -node313 [ shape=none, color=black label=<
homePage
https://spdx.org/rdf/3.0.1/terms/Software/homePage
rdfs:comment"A place for the SPDX document creator to record a website that serves as the -package's home page."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/packageVersion node314 -node314 [ shape=none, color=black label=<
packageVersion
https://spdx.org/rdf/3.0.1/terms/Software/packageVersion
rdfs:comment"Identify the version of a package."@en
> ] -# Nf0eceecbfe034ddfbd2eb3e48ce8db2c node315 -node315 [ shape=none, color=black label=<
Nf0eceecbfe034ddfbd2eb3e48ce8db2c
Nf0eceecbfe034ddfbd2eb3e48ce8db2c
> ] -# N28c81a5f6ba04bc4b0ac3292ded44a22 node316 -node316 [ shape=none, color=black label=<
N28c81a5f6ba04bc4b0ac3292ded44a22
N28c81a5f6ba04bc4b0ac3292ded44a22
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo node317 -node317 [ shape=none, color=black label=<
expandsTo
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo
rdfs:comment"The `from` archive expands out as an artifact described by each `to` Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/Package node318 -node318 [ shape=none, color=black label=<
Package
https://spdx.org/rdf/3.0.1/terms/Software/Package
rdfs:comment"Refers to any unit of content that can be associated with a distribution of +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload node158 +node158 [ shape=none, color=black label=<
directDownload
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload
rdfs:comment"the dataset is publicly available and can be downloaded directly."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType node159 +node159 [ shape=none, color=black label=<
DatasetAvailabilityType
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType
rdfs:comment"Availability of dataset."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom node160 +node160 [ shape=none, color=black label=<
bom
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom
rdfs:comment"Element is a bill of materials"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport node161 +node161 [ shape=none, color=black label=<
runtimeAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport
rdfs:comment"A reference to a runtime analysis report for a package."@en
> ] +# Nfe6503efbfe64805b48f31d234f30373 node162 +node162 [ shape=none, color=black label=<
Nfe6503efbfe64805b48f31d234f30373
Nfe6503efbfe64805b48f31d234f30373
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nb511c6d707814f6190bf2e03e614e5b7 node163 +node163 [ shape=none, color=black label=<
Nb511c6d707814f6190bf2e03e614e5b7
Nb511c6d707814f6190bf2e03e614e5b7
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar node164 +node164 [ shape=none, color=black label=<
trackStar
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar
rdfs:comment"("Track*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines."@en
> ] +# N3522fd110e0b4eb49f781dbed9cb3727 node165 +node165 [ shape=none, color=black label=<
N3522fd110e0b4eb49f781dbed9cb3727
N3522fd110e0b4eb49f781dbed9cb3727
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy node166 +node166 [ shape=none, color=black label=<
exploitCreatedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy
rdfs:comment"(Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/Package node167 +node167 [ shape=none, color=black label=<
Package
https://spdx.org/rdf/3.0.1/terms/Software/Package
rdfs:comment"Refers to any unit of content that can be associated with a distribution of software."@en
> ] -# N78b768e9eeb7431ab83357f7160c65dc node319 -node319 [ shape=none, color=black label=<
N78b768e9eeb7431ab83357f7160c65dc
N78b768e9eeb7431ab83357f7160c65dc
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/fileKind node320 -node320 [ shape=none, color=black label=<
fileKind
https://spdx.org/rdf/3.0.1/terms/Software/fileKind
rdfs:comment"Describes if a given file is a directory or non-directory kind of file."@en
> ] -# N28d688f57d2847e3b7a5f824b81b6af5 node321 -node321 [ shape=none, color=black label=<
N28d688f57d2847e3b7a5f824b81b6af5
N28d688f57d2847e3b7a5f824b81b6af5
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing node322 -node322 [ shape=none, color=black label=<
simpleLicensing
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing
rdfs:comment"the element follows the simple Licensing profile specification"@en
> ] -# N8dcdbf01d4454fc482941850cee57fc8 node323 -node323 [ shape=none, color=black label=<
N8dcdbf01d4454fc482941850cee57fc8
N8dcdbf01d4454fc482941850cee57fc8
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest node324 -node324 [ shape=none, color=black label=<
hasDependencyManifest
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest
rdfs:comment"The `from` Element has manifest files that contain dependency information in each `to` Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2 node325 -node325 [ shape=none, color=black label=<
md2
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2
rdfs:comment"MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent node326 -node326 [ shape=none, color=black label=<
componentNotPresent
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent
rdfs:comment"The software is not affected because the vulnerable component is not in the product."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build node327 -node327 [ shape=none, color=black label=<
build
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build
rdfs:comment"the element follows the Build profile specification"@en
> ] -# N54e97d01c0cf4259a8f4b62c80cf7807 node328 -node328 [ shape=none, color=black label=<
N54e97d01c0cf4259a8f4b62c80cf7807
N54e97d01c0cf4259a8f4b62c80cf7807
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework node329 -node329 [ shape=none, color=black label=<
framework
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework
rdfs:comment"the Element is a software framework"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException node330 -node330 [ shape=none, color=black label=<
ListedLicenseException
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException
rdfs:comment"A license exception that is listed on the SPDX Exceptions list."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/vexVersion node331 -node331 [ shape=none, color=black label=<
vexVersion
https://spdx.org/rdf/3.0.1/terms/Security/vexVersion
rdfs:comment"Specifies the version of a VEX statement."@en
> ] -# N669f2fd20f5b4cb9853e67ecabd18948 node332 -node332 [ shape=none, color=black label=<
N669f2fd20f5b4cb9853e67ecabd18948
N669f2fd20f5b4cb9853e67ecabd18948
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose node333 -node333 [ shape=none, color=black label=<
additionalPurpose
https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose
rdfs:comment"Provides additional purpose information of the software artifact."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression node334 -node334 [ shape=none, color=black label=<
LicenseExpression
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression
rdfs:comment"An SPDX Element containing an SPDX license expression string."@en
> ] -# N7dcdebd1d5c84e5187eb22220b34df17 node335 -node335 [ shape=none, color=black label=<
N7dcdebd1d5c84e5187eb22220b34df17
N7dcdebd1d5c84e5187eb22220b34df17
> ] -# Ne9b8b84fda62460e886059d54ca2c7df node336 -node336 [ shape=none, color=black label=<
Ne9b8b84fda62460e886059d54ca2c7df
Ne9b8b84fda62460e886059d54ca2c7df
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule node337 -node337 [ shape=none, color=black label=<
megajoule
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule
rdfs:comment"Megajoule."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType node338 -node338 [ shape=none, color=black label=<
EnergyUnitType
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType
rdfs:comment"Specifies the unit of energy consumption."@en
> ] -# N4db069216eb14870b7a3e52864b8134e node339 -node339 [ shape=none, color=black label=<
N4db069216eb14870b7a3e52864b8134e
N4db069216eb14870b7a3e52864b8134e
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship node340 -node340 [ shape=none, color=black label=<
CvssV4VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship
rdfs:comment"Provides a CVSS version 4 assessment for a vulnerability."@en
> ] -# N29373aa4b58f46b79799267ef82a7560 node341 -node341 [ shape=none, color=black label=<
N29373aa4b58f46b79799267ef82a7560
N29373aa4b58f46b79799267ef82a7560
sh:maxCount"1"^^xsd:integer
> ] -# N3772d5d9a1964f14bbd082b9296a87ca node342 -node342 [ shape=none, color=black label=<
N3772d5d9a1964f14bbd082b9296a87ca
N3772d5d9a1964f14bbd082b9296a87ca
> ] -# N17b7339ad49e4c1a843218d3214322cb node343 -node343 [ shape=none, color=black label=<
N17b7339ad49e4c1a843218d3214322cb
N17b7339ad49e4c1a843218d3214322cb
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/createdUsing node344 -node344 [ shape=none, color=black label=<
createdUsing
https://spdx.org/rdf/3.0.1/terms/Core/createdUsing
rdfs:comment"Identifies the tooling that was used during the creation of the Element."@en
> ] -# N0926cffa7ff54b62914de82e6dda971b node345 -node345 [ shape=none, color=black label=<
N0926cffa7ff54b62914de82e6dda971b
N0926cffa7ff54b62914de82e6dda971b
sh:maxCount"1"^^xsd:integer
> ] -# N9180eda819614630ac733e37d7202f6b node346 -node346 [ shape=none, color=black label=<
N9180eda819614630ac733e37d7202f6b
N9180eda819614630ac733e37d7202f6b
> ] -# Nd3a99f6e93464028a928dde7ce234cc9 node347 -node347 [ shape=none, color=black label=<
Nd3a99f6e93464028a928dde7ce234cc9
Nd3a99f6e93464028a928dde7ce234cc9
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384 node348 -node348 [ shape=none, color=black label=<
blake2b384
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384
rdfs:comment"BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4."@en
> ] -# N34742e8c98864f1e8f8c103ca3a6fe2c node349 -node349 [ shape=none, color=black label=<
N34742e8c98864f1e8f8c103ca3a6fe2c
N34742e8c98864f1e8f8c103ca3a6fe2c
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation node350 -node350 [ shape=none, color=black label=<
altDownloadLocation
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation
rdfs:comment"A reference to an alternative download location."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file node351 -node351 [ shape=none, color=black label=<
file
https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file
rdfs:comment"The file represents a single file (default)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source node352 -node352 [ shape=none, color=black label=<
source
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source
rdfs:comment"SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video node353 -node353 [ shape=none, color=black label=<
video
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video
rdfs:comment"data is video based, such as a collection of movie clips featuring Tom Hanks."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption node354 -node354 [ shape=none, color=black label=<
EnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption
rdfs:comment"A class for describing the energy consumption incurred by an AI model in -different stages of its lifecycle."@en
> ] -# N7c210eac0a6a41fd808aa140eb323bf0 node355 -node355 [ shape=none, color=black label=<
N7c210eac0a6a41fd808aa140eb323bf0
N7c210eac0a6a41fd808aa140eb323bf0
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel node356 -node356 [ shape=none, color=black label=<
securityThreatModel
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel
rdfs:comment"A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package."@en
> ] -# N41c1f3f0e2cf4b5aa48fcd2a32c29c44 node357 -node357 [ shape=none, color=black label=<
N41c1f3f0e2cf4b5aa48fcd2a32c29c44
N41c1f3f0e2cf4b5aa48fcd2a32c29c44
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier node358 -node358 [ shape=none, color=black label=<
contentIdentifier
https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier
rdfs:comment"A canonical, unique, immutable identifier of the artifact content, that may be -used for verifying its identity and/or integrity."@en
> ] -# N7eb74701665643a5a1f447f33c3ae717 node359 -node359 [ shape=none, color=black label=<
N7eb74701665643a5a1f447f33c3ae717
N7eb74701665643a5a1f447f33c3ae717
sh:maxCount"1"^^xsd:integer
> ] -# N8e1b4b3a1c324948b956a65cff1991eb node360 -node360 [ shape=none, color=black label=<
N8e1b4b3a1c324948b956a65cff1991eb
N8e1b4b3a1c324948b956a65cff1991eb
> ] -# N1b1d9842374f40459f1138bb39a1d6fc node361 -node361 [ shape=none, color=black label=<
N1b1d9842374f40459f1138bb39a1d6fc
N1b1d9842374f40459f1138bb39a1d6fc
> ] -# N484af899fa234240b65127fcf67ced0c node362 -node362 [ shape=none, color=black label=<
N484af899fa234240b65127fcf67ced0c
N484af899fa234240b65127fcf67ced0c
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/Build node363 -node363 [ shape=none, color=black label=<
Build
https://spdx.org/rdf/3.0.1/terms/Build/Build
rdfs:comment"Class that describes a build instance of software/artifacts."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/locator node364 -node364 [ shape=none, color=black label=<
locator
https://spdx.org/rdf/3.0.1/terms/Security/locator
rdfs:comment"Provides the location of an exploit catalog."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/completeness node365 -node365 [ shape=none, color=black label=<
completeness
https://spdx.org/rdf/3.0.1/terms/Core/completeness
rdfs:comment"Provides information about the completeness of relationships."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness node366 -node366 [ shape=none, color=black label=<
RelationshipCompleteness
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness
rdfs:comment"Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness."@en
> ] -# N4246f7790aa34e7bbd7a1cfd52dd7de1 node367 -node367 [ shape=none, color=black label=<
N4246f7790aa34e7bbd7a1cfd52dd7de1
N4246f7790aa34e7bbd7a1cfd52dd7de1
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon node368 -node368 [ shape=none, color=black label=<
falcon
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon
rdfs:comment"[FALCON](https://falcon-sign.info/falcon.pdf)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile node369 -node369 [ shape=none, color=black label=<
snippetFromFile
https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile
rdfs:comment"Defines the original host file that the snippet information applies to."@en
> ] -# Ncdd27a40360244f4b93b3e89203f8c0a node370 -node370 [ shape=none, color=black label=<
Ncdd27a40360244f4b93b3e89203f8c0a
Ncdd27a40360244f4b93b3e89203f8c0a
sh:maxCount"1"^^xsd:integer
> ] -# N903271915e0b4795b368558aa7dbbe07 node371 -node371 [ shape=none, color=black label=<
N903271915e0b4795b368558aa7dbbe07
N903271915e0b4795b368558aa7dbbe07
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development node372 -node372 [ shape=none, color=black label=<
development
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development
rdfs:comment"A relationship has specific context implications during development phase of an element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining node373 -node373 [ shape=none, color=black label=<
informationAboutTraining
https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining
rdfs:comment"Describes relevant information about different steps of the training process."@en
> ] -# N04f697ec903c49cc828aebe7e77a1909 node374 -node374 [ shape=none, color=black label=<
N04f697ec903c49cc828aebe7e77a1909
N04f697ec903c49cc828aebe7e77a1909
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange node375 -node375 [ shape=none, color=black label=<
beginIntegerRange
https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange
rdfs:comment"Defines the beginning of a range."@en
> ] -# Nef10113630fe4db2805c74529b6a99a6 node376 -node376 [ shape=none, color=black label=<
Nef10113630fe4db2805c74529b6a99a6
Nef10113630fe4db2805c74529b6a99a6
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType node377 -node377 [ shape=none, color=black label=<
contentIdentifierType
https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType
rdfs:comment"Specifies the type of the content identifier."@en
> ] -# N8b4b53d57c734c4bbe376aa13316becd node378 -node378 [ shape=none, color=black label=<
N8b4b53d57c734c4bbe376aa13316becd
N8b4b53d57c734c4bbe376aa13316becd
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist node379 -node379 [ shape=none, color=black label=<
inlineMitigationsAlreadyExist
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist
rdfs:comment"Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability."@en
> ] -# N41f8c4dc332f4ba8abfce01a8cd1ac4c node380 -node380 [ shape=none, color=black label=<
N41f8c4dc332f4ba8abfce01a8cd1ac4c
N41f8c4dc332f4ba8abfce01a8cd1ac4c
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6 node381 -node381 [ shape=none, color=black label=<
md6
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6
rdfs:comment"[MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/comment node382 -node382 [ shape=none, color=black label=<
comment
https://spdx.org/rdf/3.0.1/terms/Core/comment
rdfs:comment"Provide consumers with comments by the creator of the Element about the -Element."@en
> ] -# Nd07ffbf925d6486790645bd4c847719f node383 -node383 [ shape=none, color=black label=<
Nd07ffbf925d6486790645bd4c847719f
Nd07ffbf925d6486790645bd4c847719f
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment node384 -node384 [ shape=none, color=black label=<
safetyRiskAssessment
https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment
rdfs:comment"Records the results of general safety risk assessment of the AI system."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter node385 -node385 [ shape=none, color=black label=<
hyperparameter
https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter
rdfs:comment"Records a hyperparameter used to build the AI model contained in the AI -package."@en
> ] -# Neaac18806c8647489cb1f5d8152f708f node386 -node386 [ shape=none, color=black label=<
Neaac18806c8647489cb1f5d8152f708f
Neaac18806c8647489cb1f5d8152f708f
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries node387 -node387 [ shape=none, color=black label=<
timeseries
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries
rdfs:comment"data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day."@en
> ] -# N4fbf642409604d859d9c7ca76883962b node388 -node388 [ shape=none, color=black label=<
N4fbf642409604d859d9c7ca76883962b
N4fbf642409604d859d9c7ca76883962b
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/annotationType node389 -node389 [ shape=none, color=black label=<
annotationType
https://spdx.org/rdf/3.0.1/terms/Core/annotationType
rdfs:comment"Describes the type of annotation."@en
> ] -# Ne70e070dc8f445749ce68966571f5298 node390 -node390 [ shape=none, color=black label=<
Ne70e070dc8f445749ce68966571f5298
Ne70e070dc8f445749ce68966571f5298
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime node391 -node391 [ shape=none, color=black label=<
runtime
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime
rdfs:comment"A relationship has specific context implications during the execution phase of an element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef node392 -node392 [ shape=none, color=black label=<
ExternalRef
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef
rdfs:comment"A reference to a resource outside the scope of SPDX-3.0 content related to an Element."@en
> ] -# http://www.w3.org/ns/shacl#BlankNode node393 -node393 [ shape=none, color=black label=<
BlankNode
http://www.w3.org/ns/shacl#BlankNode
> ] -# N478bfbbe09a443baa251310e476dfd7f node394 -node394 [ shape=none, color=black label=<
N478bfbbe09a443baa251310e476dfd7f
N478bfbbe09a443baa251310e476dfd7f
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement node395 -node395 [ shape=none, color=black label=<
hasRequirement
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement
rdfs:comment"The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period."@en
> ] -# Ne85032d295014314b08c577cf8aa88b4 node396 -node396 [ shape=none, color=black label=<
Ne85032d295014314b08c577cf8aa88b4
Ne85032d295014314b08c577cf8aa88b4
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint node397 -node397 [ shape=none, color=black label=<
configSourceEntrypoint
https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint
rdfs:comment"Property describes the invocation entrypoint of a build."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Tool node398 -node398 [ shape=none, color=black label=<
Tool
https://spdx.org/rdf/3.0.1/terms/Core/Tool
rdfs:comment"An element of hardware and/or software utilized to carry out a particular function."@en
> ] -# Nbdb110f48b124f83aac5a3ab4441d73d node399 -node399 [ shape=none, color=black label=<
Nbdb110f48b124f83aac5a3ab4441d73d
Nbdb110f48b124f83aac5a3ab4441d73d
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# Nf1855089ba2f4f58b832be03fa10a4d7 node400 -node400 [ shape=none, color=black label=<
Nf1855089ba2f4f58b832be03fa10a4d7
Nf1855089ba2f4f58b832be03fa10a4d7
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development node401 -node401 [ shape=none, color=black label=<
development
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development
rdfs:comment"the artifact is in active development and is not considered ready for formal support from the supplier."@en
> ] -# N2bd9ef96dc4246548aca3d6cc9d8aae5 node402 -node402 [ shape=none, color=black label=<
N2bd9ef96dc4246548aca3d6cc9d8aae5
N2bd9ef96dc4246548aca3d6cc9d8aae5
> ] -# http://www.w3.org/2001/XMLSchema#decimal node403 -node403 [ shape=none, color=black label=<
decimal
http://www.w3.org/2001/XMLSchema#decimal
> ] -# N3e8784fa6d9b4109ba73727c897eaec8 node404 -node404 [ shape=none, color=black label=<
N3e8784fa6d9b4109ba73727c897eaec8
N3e8784fa6d9b4109ba73727c897eaec8
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder node405 -node405 [ shape=none, color=black label=<
purchaseOrder
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder
rdfs:comment"A reference to a purchase order for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build node406 -node406 [ shape=none, color=black label=<
build
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build
rdfs:comment"SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test node407 -node407 [ shape=none, color=black label=<
test
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test
rdfs:comment"A relationship has specific context implications during an element's testing phase, during development."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Organization node408 -node408 [ shape=none, color=black label=<
Organization
https://spdx.org/rdf/3.0.1/terms/Core/Organization
rdfs:comment"A group of people who work together in an organized way for a shared purpose."@en
> ] -# N32d9051be9c1473a9c7536e37eaa71bd node409 -node409 [ shape=none, color=black label=<
N32d9051be9c1473a9c7536e37eaa71bd
N32d9051be9c1473a9c7536e37eaa71bd
> ] -# N186e9d5feca2423e9007bd5ab9cd55a5 node410 -node410 [ shape=none, color=black label=<
N186e9d5feca2423e9007bd5ab9cd55a5
N186e9d5feca2423e9007bd5ab9cd55a5
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime node411 -node411 [ shape=none, color=black label=<
runtime
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime
rdfs:comment"SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript node412 -node412 [ shape=none, color=black label=<
scrapingScript
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript
rdfs:comment"the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data."@en
> ] -# Ne60bc3e2c31848dda8c61a9eb0945ee1 node413 -node413 [ shape=none, color=black label=<
Ne60bc3e2c31848dda8c61a9eb0945ee1
Ne60bc3e2c31848dda8c61a9eb0945ee1
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/summary node414 -node414 [ shape=none, color=black label=<
summary
https://spdx.org/rdf/3.0.1/terms/Core/summary
rdfs:comment"A short description of an Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/impactStatement node415 -node415 [ shape=none, color=black label=<
impactStatement
https://spdx.org/rdf/3.0.1/terms/Security/impactStatement
rdfs:comment"Explains why a VEX product is not affected by a vulnerability. It is an +# N4a7438e6647446b99968fa0c7431c359 node168 +node168 [ shape=none, color=black label=<
N4a7438e6647446b99968fa0c7431c359
N4a7438e6647446b99968fa0c7431c359
> ] +# N8c4a1412c3a74a4d9316ae8a18c90046 node169 +node169 [ shape=none, color=black label=<
N8c4a1412c3a74a4d9316ae8a18c90046
N8c4a1412c3a74a4d9316ae8a18c90046
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other node170 +node170 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other
rdfs:comment"any hashing algorithm that does not exist in this list of entries"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library node171 +node171 [ shape=none, color=black label=<
library
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library
rdfs:comment"the Element is a software library"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument node172 +node172 [ shape=none, color=black label=<
SpdxDocument
https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument
rdfs:comment"A collection of SPDX Elements that could potentially be serialized."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType node173 +node173 [ shape=none, color=black label=<
ExploitCatalogType
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType
rdfs:comment"Specifies the exploit catalog type."@en
> ] +# Ndbb29c99db8943a693680a16ab5d0180 node174 +node174 [ shape=none, color=black label=<
Ndbb29c99db8943a693680a16ab5d0180
Ndbb29c99db8943a693680a16ab5d0180
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test node175 +node175 [ shape=none, color=black label=<
test
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test
rdfs:comment"A relationship has specific context implications during an element's testing phase, during development."@en
> ] +# Nd10a160a94754151bc74b709be2ae310 node176 +node176 [ shape=none, color=black label=<
Nd10a160a94754151bc74b709be2ae310
Nd10a160a94754151bc74b709be2ae310
> ] +# N7d96abb3c1354e2f82a3671209c48741 node177 +node177 [ shape=none, color=black label=<
N7d96abb3c1354e2f82a3671209c48741
N7d96abb3c1354e2f82a3671209c48741
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship node178 +node178 [ shape=none, color=black label=<
VexVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship
rdfs:comment"Asbtract ancestor class for all VEX relationships"@en
> ] +# N451ea824289c4488839f4d946a14d0b2 node179 +node179 [ shape=none, color=black label=<
N451ea824289c4488839f4d946a14d0b2
N451ea824289c4488839f4d946a14d0b2
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship node180 +node180 [ shape=none, color=black label=<
SsvcVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship
rdfs:comment"Provides an SSVC assessment for a vulnerability."@en
> ] +# N8a9c243009c147dab01cab1e2db924f2 node181 +node181 [ shape=none, color=black label=<
N8a9c243009c147dab01cab1e2db924f2
N8a9c243009c147dab01cab1e2db924f2
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test node182 +node182 [ shape=none, color=black label=<
test
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test
rdfs:comment"The Element is a test used to verify functionality on an software element"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes node183 +node183 [ shape=none, color=black label=<
describes
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes
rdfs:comment"The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/fileKind node184 +node184 [ shape=none, color=black label=<
fileKind
https://spdx.org/rdf/3.0.1/terms/Software/fileKind
rdfs:comment"Describes if a given file is a directory or non-directory kind of file."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/FileKindType node185 +node185 [ shape=none, color=black label=<
FileKindType
https://spdx.org/rdf/3.0.1/terms/Software/FileKindType
rdfs:comment"Enumeration of the different kinds of SPDX file."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem node186 +node186 [ shape=none, color=black label=<
operatingSystem
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem
rdfs:comment"the Element is an operating system"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite node187 +node187 [ shape=none, color=black label=<
hasPrerequisite
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite
rdfs:comment"The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period."@en
> ] +# N632c4009c03a41cf9b65c25c94805c0e node188 +node188 [ shape=none, color=black label=<
N632c4009c03a41cf9b65c25c94805c0e
N632c4009c03a41cf9b65c25c94805c0e
> ] +# N815748f99667432bb510575f48d4bfba node189 +node189 [ shape=none, color=black label=<
N815748f99667432bb510575f48d4bfba
N815748f99667432bb510575f48d4bfba
> ] +# http://www.w3.org/ns/shacl#BlankNodeOrIRI node190 +node190 [ shape=none, color=black label=<
BlankNodeOrIRI
http://www.w3.org/ns/shacl#BlankNodeOrIRI
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/namespace node191 +node191 [ shape=none, color=black label=<
namespace
https://spdx.org/rdf/3.0.1/terms/Core/namespace
rdfs:comment"Provides an unambiguous mechanism for conveying a URI fragment portion of an +ElementID."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/AIPackage node192 +node192 [ shape=none, color=black label=<
AIPackage
https://spdx.org/rdf/3.0.1/terms/AI/AIPackage
rdfs:comment"Specifies an AI package and its associated information."@en
> ] +# N3ee7dabe450446dc913682896f8819ce node193 +node193 [ shape=none, color=black label=<
N3ee7dabe450446dc913682896f8819ce
N3ee7dabe450446dc913682896f8819ce
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship node194 +node194 [ shape=none, color=black label=<
VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship
rdfs:comment"Abstract ancestor class for all vulnerability assessments"@en
> ] +# N0cf72f0341ae4db0b07dce3fb3daf17a node195 +node195 [ shape=none, color=black label=<
N0cf72f0341ae4db0b07dce3fb3daf17a
N0cf72f0341ae4db0b07dce3fb3daf17a
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing node196 +node196 [ shape=none, color=black label=<
simpleLicensing
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing
rdfs:comment"the element follows the simple Licensing profile specification"@en
> ] +# Nf1dab3d8674d48c3af1f91c792effbbc node197 +node197 [ shape=none, color=black label=<
Nf1dab3d8674d48c3af1f91c792effbbc
Nf1dab3d8674d48c3af1f91c792effbbc
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent node198 +node198 [ shape=none, color=black label=<
vulnerableCodeNotPresent
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent
rdfs:comment"The product is not affected because the code underlying the vulnerability is not present in the product."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense node199 +node199 [ shape=none, color=black label=<
hasConcludedLicense
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense
rdfs:comment"The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical node200 +node200 [ shape=none, color=black label=<
categorical
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical
rdfs:comment"data that is classified into a discrete number of categories, such as the eye color of a population of people."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType node201 +node201 [ shape=none, color=black label=<
DatasetType
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType
rdfs:comment"Enumeration of dataset types."@en
> ] +# N801b2014c6eb415c8f6571acf5c6c27d node202 +node202 [ shape=none, color=black label=<
N801b2014c6eb415c8f6571acf5c6c27d
N801b2014c6eb415c8f6571acf5c6c27d
> ] +# Nee6bde0da112403b8077598b9271dcb5 node203 +node203 [ shape=none, color=black label=<
Nee6bde0da112403b8077598b9271dcb5
Nee6bde0da112403b8077598b9271dcb5
> ] +# N0ab9f946fe6544449e7afcb6bc0d6c16 node204 +node204 [ shape=none, color=black label=<
N0ab9f946fe6544449e7afcb6bc0d6c16
N0ab9f946fe6544449e7afcb6bc0d6c16
> ] +# N2d21ec9976b0443bb9b144955b272b08 node205 +node205 [ shape=none, color=black label=<
N2d21ec9976b0443bb9b144955b272b08
N2d21ec9976b0443bb9b144955b272b08
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime node206 +node206 [ shape=none, color=black label=<
runtime
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime
rdfs:comment"A relationship has specific context implications during the execution phase of an element."@en
> ] +# N1dcfc5f9f9f1477d99d14fd1aeabbde4 node207 +node207 [ shape=none, color=black label=<
N1dcfc5f9f9f1477d99d14fd1aeabbde4
N1dcfc5f9f9f1477d99d14fd1aeabbde4
> ] +# N3d7923c6fb1c40d09bbf15cd6e94480e node208 +node208 [ shape=none, color=black label=<
N3d7923c6fb1c40d09bbf15cd6e94480e
N3d7923c6fb1c40d09bbf15cd6e94480e
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core node209 +node209 [ shape=none, color=black label=<
core
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core
rdfs:comment"the element follows the Core profile specification"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22 node210 +node210 [ shape=none, color=black label=<
cpe22
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22
rdfs:comment"[Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf)"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType node211 +node211 [ shape=none, color=black label=<
ExternalIdentifierType
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType
rdfs:comment"Specifies the type of an external identifier."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics node212 +node212 [ shape=none, color=black label=<
metrics
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics
rdfs:comment"A reference to metrics related to package such as OpenSSF scorecards."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/attributionText node213 +node213 [ shape=none, color=black label=<
attributionText
https://spdx.org/rdf/3.0.1/terms/Software/attributionText
rdfs:comment"Provides a place for the SPDX data creator to record acknowledgement text for +a software Package, File or Snippet."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap node214 +node214 [ shape=none, color=black label=<
NamespaceMap
https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap
rdfs:comment"A mapping between prefixes and namespace partial URIs."@en
> ] +# Nfb588a34216e4ba3a5486a50a6cda99c node215 +node215 [ shape=none, color=black label=<
Nfb588a34216e4ba3a5486a50a6cda99c
Nfb588a34216e4ba3a5486a50a6cda99c
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent node216 +node216 [ shape=none, color=black label=<
hasOptionalComponent
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent
rdfs:comment"Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime node217 +node217 [ shape=none, color=black label=<
modifiedTime
https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime
rdfs:comment"Specifies a time when a vulnerability assessment was modified"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest node218 +node218 [ shape=none, color=black label=<
manifest
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest
rdfs:comment"the Element is a software manifest"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom node219 +node219 [ shape=none, color=black label=<
availableFrom
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom
rdfs:comment"The `from` Element is available from the additional supplier described by each `to` Element."@en
> ] +# N062fa1704fce435f9d4e1b6403a867ba node220 +node220 [ shape=none, color=black label=<
N062fa1704fce435f9d4e1b6403a867ba
N062fa1704fce435f9d4e1b6403a867ba
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration node221 +node221 [ shape=none, color=black label=<
registration
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration
rdfs:comment"the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms."@en
> ] +# N7e2f3f1e551a4c508d530d365c9079c0 node222 +node222 [ shape=none, color=black label=<
N7e2f3f1e551a4c508d530d365c9079c0
N7e2f3f1e551a4c508d530d365c9079c0
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition node223 +node223 [ shape=none, color=black label=<
subjectAddition
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition
rdfs:comment"A LicenseAddition participating in a 'with addition' model."@en
> ] +# N842a0ff53b4041a6ba8d5c0f4fda8043 node224 +node224 [ shape=none, color=black label=<
N842a0ff53b4041a6ba8d5c0f4fda8043
N842a0ff53b4041a6ba8d5c0f4fda8043
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile node225 +node225 [ shape=none, color=black label=<
packageVerificationCodeExcludedFile
https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile
rdfs:comment"The relative file name of a file to be excluded from the +`PackageVerificationCode`."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport node226 +node226 [ shape=none, color=black label=<
qualityAssessmentReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport
rdfs:comment"A reference to a quality assessment for a package."@en
> ] +# N74840ef0158a43fc889aee92ca73bd7c node227 +node227 [ shape=none, color=black label=<
N74840ef0158a43fc889aee92ca73bd7c
N74840ef0158a43fc889aee92ca73bd7c
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium node228 +node228 [ shape=none, color=black label=<
crystalsDilithium
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium
rdfs:comment"[Dilithium](https://pq-crystals.org/dilithium/)"@en
> ] +# Nac1f08287b204cf8a3d7ba2fbf28eb68 node229 +node229 [ shape=none, color=black label=<
Nac1f08287b204cf8a3d7ba2fbf28eb68
Nac1f08287b204cf8a3d7ba2fbf28eb68
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText node230 +node230 [ shape=none, color=black label=<
SimpleLicensingText
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText
rdfs:comment"A license or addition that is not listed on the SPDX License List."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample node231 +node231 [ shape=none, color=black label=<
hasExample
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample
rdfs:comment"Every `to` Element is an example for the `from` Element (`from` hasExample `to`)."@en
> ] +# N379a06fc897245488a302350ec18256a node232 +node232 [ shape=none, color=black label=<
N379a06fc897245488a302350ec18256a
N379a06fc897245488a302350ec18256a
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority node233 +node233 [ shape=none, color=black label=<
issuingAuthority
https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority
rdfs:comment"An entity that is authorized to issue identification credentials."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport node234 +node234 [ shape=none, color=black label=<
noSupport
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport
rdfs:comment"there is no support for the artifact from the supplier, consumer assumes any support obligations."@en
> ] +# Ne389df3230e84eb8b1e02fc9fb63740f node235 +node235 [ shape=none, color=black label=<
Ne389df3230e84eb8b1e02fc9fb63740f
Ne389df3230e84eb8b1e02fc9fb63740f
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N6347eaf3c8434495b518c72245170c3e node236 +node236 [ shape=none, color=black label=<
N6347eaf3c8434495b518c72245170c3e
N6347eaf3c8434495b518c72245170c3e
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes node237 +node237 [ shape=none, color=black label=<
releaseNotes
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes
rdfs:comment"A reference to the release notes for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe node238 +node238 [ shape=none, color=black label=<
cwe
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe
rdfs:comment"[Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy node239 +node239 [ shape=none, color=black label=<
securityPolicy
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy
rdfs:comment"A reference to instructions for reporting newly discovered security vulnerabilities for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship node240 +node240 [ shape=none, color=black label=<
VexAffectedVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship
rdfs:comment"Connects a vulnerability and an element designating the element as a product +affected by the vulnerability."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric node241 +node241 [ shape=none, color=black label=<
numeric
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric
rdfs:comment"data consists only of numeric entries."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/Snippet node242 +node242 [ shape=none, color=black label=<
Snippet
https://spdx.org/rdf/3.0.1/terms/Software/Snippet
rdfs:comment"Describes a certain part of a file."@en
> ] +# N1f035e4b004d4057898be4620e39913d node243 +node243 [ shape=none, color=black label=<
N1f035e4b004d4057898be4620e39913d
N1f035e4b004d4057898be4620e39913d
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy node244 +node244 [ shape=none, color=black label=<
republishedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy
rdfs:comment"(Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent."@en
> ] +# Nf852bfadd3eb48729d926588a6830e3e node245 +node245 [ shape=none, color=black label=<
Nf852bfadd3eb48729d926588a6830e3e
Nf852bfadd3eb48729d926588a6830e3e
> ] +# N3bd4c4f366c6424d9f32d31b83ebc063 node246 +node246 [ shape=none, color=black label=<
N3bd4c4f366c6424d9f32d31b83ebc063
N3bd4c4f366c6424d9f32d31b83ebc063
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile node247 +node247 [ shape=none, color=black label=<
hasDeletedFile
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile
rdfs:comment"Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`)."@en
> ] +# Nc6de26abb1ae46efb761c016c4e14d6a node248 +node248 [ shape=none, color=black label=<
Nc6de26abb1ae46efb761c016c4e14d6a
Nc6de26abb1ae46efb761c016c4e14d6a
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability node249 +node249 [ shape=none, color=black label=<
hasAssociatedVulnerability
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability
rdfs:comment"(Security) Used to associate a `from` Artifact with each `to` Vulnerability."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query node250 +node250 [ shape=none, color=black label=<
query
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query
rdfs:comment"the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset."@en
> ] +# N5ac90990bba4417f8e6d70909de8fb3a node251 +node251 [ shape=none, color=black label=<
N5ac90990bba4417f8e6d70909de8fb3a
N5ac90990bba4417f8e6d70909de8fb3a
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review node252 +node252 [ shape=none, color=black label=<
review
https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review
rdfs:comment"Used when someone reviews the Element."@en
> ] +# N3d679ac7ae1e4257a9b688e330809ce1 node253 +node253 [ shape=none, color=black label=<
N3d679ac7ae1e4257a9b688e330809ce1
N3d679ac7ae1e4257a9b688e330809ce1
sh:maxCount"1"^^xsd:integer
> ] +# Nb0c3242710d240c8891589718c8fce51 node254 +node254 [ shape=none, color=black label=<
Nb0c3242710d240c8891589718c8fce51
Nb0c3242710d240c8891589718c8fce51
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N48e2cb56f0c84c3e9cc0c5a141d46a8a node255 +node255 [ shape=none, color=black label=<
N48e2cb56f0c84c3e9cc0c5a141d46a8a
N48e2cb56f0c84c3e9cc0c5a141d46a8a
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/impactStatement node256 +node256 [ shape=none, color=black label=<
impactStatement
https://spdx.org/rdf/3.0.1/terms/Security/impactStatement
rdfs:comment"Explains why a VEX product is not affected by a vulnerability. It is an alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable justification label."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText node416 -node416 [ shape=none, color=black label=<
additionText
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText
rdfs:comment"Identifies the full text of a LicenseAddition."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix node417 -node417 [ shape=none, color=black label=<
securityFix
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix
rdfs:comment"A reference to the patch or source code that fixes a vulnerability."@en
> ] -# Nca97ef5d4aa4445eb152ecdc80b3ae76 node418 -node418 [ shape=none, color=black label=<
Nca97ef5d4aa4445eb152ecdc80b3ae76
Nca97ef5d4aa4445eb152ecdc80b3ae76
sh:maxCount"1"^^xsd:integer
> ] -# Ndce6d62f299e416abf135fe5d2187c95 node419 -node419 [ shape=none, color=black label=<
Ndce6d62f299e416abf135fe5d2187c95
Ndce6d62f299e416abf135fe5d2187c95
> ] -# Nc9d36bf2e3d64cf2af1458f196df6340 node420 -node420 [ shape=none, color=black label=<
Nc9d36bf2e3d64cf2af1458f196df6340
Nc9d36bf2e3d64cf2af1458f196df6340
> ] -# Na81145214946470cb328f80520e931f3 node421 -node421 [ shape=none, color=black label=<
Na81145214946470cb328f80520e931f3
Na81145214946470cb328f80520e931f3
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N92808001663c40a2a9d3decf4fedfd4e node422 -node422 [ shape=none, color=black label=<
N92808001663c40a2a9d3decf4fedfd4e
N92808001663c40a2a9d3decf4fedfd4e
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed node423 -node423 [ shape=none, color=black label=<
analyzed
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed
rdfs:comment"SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition node424 -node424 [ shape=none, color=black label=<
subjectAddition
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition
rdfs:comment"A LicenseAddition participating in a 'with addition' model."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias node425 -node425 [ shape=none, color=black label=<
knownBias
https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias
rdfs:comment"Records the biases that the dataset is known to encompass."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend node426 -node426 [ shape=none, color=black label=<
attend
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend
rdfs:comment"The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel node427 -node427 [ shape=none, color=black label=<
confidentialityLevel
https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel
rdfs:comment"Describes the confidentiality level of the data points contained in the dataset."@en
> ] -# N07320754b65949c7997753c4b94ac718 node428 -node428 [ shape=none, color=black label=<
N07320754b65949c7997753c4b94ac718
N07320754b65949c7997753c4b94ac718
> ] -# N3d3d7a2714e642cbafded9198b5c181d node429 -node429 [ shape=none, color=black label=<
N3d3d7a2714e642cbafded9198b5c181d
N3d3d7a2714e642cbafded9198b5c181d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport node430 -node430 [ shape=none, color=black label=<
securityPenTestReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport
rdfs:comment"A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense node431 -node431 [ shape=none, color=black label=<
ExtendableLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense
rdfs:comment"Abstract class representing a License or an OrLaterOperator."@en
> ] -# N615d2648af424e00beabe06207744b36 node432 -node432 [ shape=none, color=black label=<
N615d2648af424e00beabe06207744b36
N615d2648af424e00beabe06207744b36
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design node433 -node433 [ shape=none, color=black label=<
design
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design
rdfs:comment"SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact."@en
> ] -# N4408438d1951499c810dd20736fc8f6d node434 -node434 [ shape=none, color=black label=<
N4408438d1951499c810dd20736fc8f6d
N4408438d1951499c810dd20736fc8f6d
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment node435 -node435 [ shape=none, color=black label=<
vulnerabilityExploitabilityAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment
rdfs:comment"A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf)."@en
> ] -# N2b6646f72e13477f8874e3729a9b439c node436 -node436 [ shape=none, color=black label=<
N2b6646f72e13477f8874e3729a9b439c
N2b6646f72e13477f8874e3729a9b439c
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap node437 -node437 [ shape=none, color=black label=<
namespaceMap
https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap
rdfs:comment"Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance."@en
> ] -# Nc516b57913944b54b1fc8a072dfa95c5 node438 -node438 [ shape=none, color=black label=<
Nc516b57913944b54b1fc8a072dfa95c5
Nc516b57913944b54b1fc8a072dfa95c5
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy node439 -node439 [ shape=none, color=black label=<
amendedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy
rdfs:comment"The `from` Element is amended by each `to` Element."@en
> ] -# Nda5fffc920f042f39a6aa88bdef855ac node440 -node440 [ shape=none, color=black label=<
Nda5fffc920f042f39a6aa88bdef855ac
Nda5fffc920f042f39a6aa88bdef855ac
> ] -# N81f2667c69564cd88a6a3a7af71151c6 node441 -node441 [ shape=none, color=black label=<
N81f2667c69564cd88a6a3a7af71151c6
N81f2667c69564cd88a6a3a7af71151c6
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion node442 -node442 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion
rdfs:comment"data type is not known."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport node443 -node443 [ shape=none, color=black label=<
qualityAssessmentReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport
rdfs:comment"A reference to a quality assessment for a package."@en
> ] -# Nb7d3e0cbf4274233b5f3454ee570c064 node444 -node444 [ shape=none, color=black label=<
Nb7d3e0cbf4274233b5f3454ee570c064
Nb7d3e0cbf4274233b5f3454ee570c064
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment node445 -node445 [ shape=none, color=black label=<
exportControlAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment
rdfs:comment"A reference to a export control assessment for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ node446 -node446 [ shape=none, color=black label=<
System Package Data Exchange (SPDX) Ontology
https://spdx.org/rdf/3.0.1/terms/
dcterms:abstract"This ontology defines the terms and relationships used in the SPDX specification to describe system packages"@en
dcterms:created"2024-04-05"^^xsd:date
dcterms:creator"SPDX Project"@en
dcterms:title"System Package Data Exchange (SPDX) Ontology"@en
omg-ann:copyright"Copyright (C) 2024 SPDX Project"@en
> ] -# N1601f2b12a4e4d4ba186e005a8c8e5a1 node447 -node447 [ shape=none, color=black label=<
N1601f2b12a4e4d4ba186e005a8c8e5a1
N1601f2b12a4e4d4ba186e005a8c8e5a1
sh:minCount"1"^^xsd:integer
> ] -# N70585d68abb4490c8ed6b3e6a6374b65 node448 -node448 [ shape=none, color=black label=<
N70585d68abb4490c8ed6b3e6a6374b65
N70585d68abb4490c8ed6b3e6a6374b65
> ] -# Ndd4c5999d0c24e96a17e61ebe13741a8 node449 -node449 [ shape=none, color=black label=<
Ndd4c5999d0c24e96a17e61ebe13741a8
Ndd4c5999d0c24e96a17e61ebe13741a8
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# N1e9c9814c7934330919d3e0f8e3a9be5 node450 -node450 [ shape=none, color=black label=<
N1e9c9814c7934330919d3e0f8e3a9be5
N1e9c9814c7934330919d3e0f8e3a9be5
> ] -# N83518d3976554fa1875ec1fbdb1a6358 node451 -node451 [ shape=none, color=black label=<
N83518d3976554fa1875ec1fbdb1a6358
N83518d3976554fa1875ec1fbdb1a6358
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai node452 -node452 [ shape=none, color=black label=<
ai
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai
rdfs:comment"the element follows the AI profile specification"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/statement node453 -node453 [ shape=none, color=black label=<
statement
https://spdx.org/rdf/3.0.1/terms/Core/statement
rdfs:comment"Commentary on an assertion that an annotator has made."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other node454 -node454 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other
rdfs:comment"Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship node455 -node455 [ shape=none, color=black label=<
VexVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship
rdfs:comment"Asbtract ancestor class for all VEX relationships"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship node456 -node456 [ shape=none, color=black label=<
VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship
rdfs:comment"Abstract ancestor class for all vulnerability assessments"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy node457 -node457 [ shape=none, color=black label=<
suppliedBy
https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy
rdfs:comment"Identifies who or what supplied the artifact or VulnAssessmentRelationship +# N0684f8b934134c0b8df45cd7f8ad8b99 node257 +node257 [ shape=none, color=black label=<
N0684f8b934134c0b8df45cd7f8ad8b99
N0684f8b934134c0b8df45cd7f8ad8b99
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# Nb713bc4d06a64dc4b4877da3c514b0ec node258 +node258 [ shape=none, color=black label=<
Nb713bc4d06a64dc4b4877da3c514b0ec
Nb713bc4d06a64dc4b4877da3c514b0ec
> ] +# Ndd5a0693c7254e01ba2b7b2adf1cd1bf node259 +node259 [ shape=none, color=black label=<
Ndd5a0693c7254e01ba2b7b2adf1cd1bf
Ndd5a0693c7254e01ba2b7b2adf1cd1bf
sh:maxCount"1"^^xsd:integer
> ] +# Nb0492bf683414fbb944d15c9f255c8e0 node260 +node260 [ shape=none, color=black label=<
Nb0492bf683414fbb944d15c9f255c8e0
Nb0492bf683414fbb944d15c9f255c8e0
> ] +# N628aed604a46498c85d5cb5b07c8d942 node261 +node261 [ shape=none, color=black label=<
N628aed604a46498c85d5cb5b07c8d942
N628aed604a46498c85d5cb5b07c8d942
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build node262 +node262 [ shape=none, color=black label=<
build
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build
rdfs:comment"the element follows the Build profile specification"@en
> ] +# Ne19de6ee400642a58e8310711673063c node263 +node263 [ shape=none, color=black label=<
Ne19de6ee400642a58e8310711673063c
Ne19de6ee400642a58e8310711673063c
sh:maxCount"1"^^xsd:integer
> ] +# N26e4bdd8d5a14548943cfd7d00ea2e77 node264 +node264 [ shape=none, color=black label=<
N26e4bdd8d5a14548943cfd7d00ea2e77
N26e4bdd8d5a14548943cfd7d00ea2e77
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384 node265 +node265 [ shape=none, color=black label=<
blake2b384
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384
rdfs:comment"BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy node266 +node266 [ shape=none, color=black label=<
reportedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy
rdfs:comment"(Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent."@en
> ] +# Nbcd4eb8dbb2f4deab03834c7a85bd9ea node267 +node267 [ shape=none, color=black label=<
Nbcd4eb8dbb2f4deab03834c7a85bd9ea
Nbcd4eb8dbb2f4deab03834c7a85bd9ea
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Na941d627c7724e98bcb0d347e988398f node268 +node268 [ shape=none, color=black label=<
Na941d627c7724e98bcb0d347e988398f
Na941d627c7724e98bcb0d347e988398f
sh:maxCount"1"^^xsd:integer
sh:pattern"^[^\/]+\/[^\/]+$"
> ] +# N9b6f79f37f2d4ff087b74968417e392b node269 +node269 [ shape=none, color=black label=<
N9b6f79f37f2d4ff087b74968417e392b
N9b6f79f37f2d4ff087b74968417e392b
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other node270 +node270 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other
rdfs:comment"Used when the type does not match any of the other options."@en
> ] +# N6efd5708e5e046d2ab120ec37d9f0eec node271 +node271 [ shape=none, color=black label=<
N6efd5708e5e046d2ab120ec37d9f0eec
N6efd5708e5e046d2ab120ec37d9f0eec
> ] +# N1856f3a15cc34f23b5944b3cf6cb16f5 node272 +node272 [ shape=none, color=black label=<
N1856f3a15cc34f23b5944b3cf6cb16f5
N1856f3a15cc34f23b5944b3cf6cb16f5
> ] +# N08101af227c147c7a3442c8dc35e7330 node273 +node273 [ shape=none, color=black label=<
N08101af227c147c7a3442c8dc35e7330
N08101af227c147c7a3442c8dc35e7330
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso node274 +node274 [ shape=none, color=black label=<
seeAlso
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso
rdfs:comment"Contains a URL where the License or LicenseAddition can be found in use."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/locationHint node275 +node275 [ shape=none, color=black label=<
locationHint
https://spdx.org/rdf/3.0.1/terms/Core/locationHint
rdfs:comment"Provides an indication of where to retrieve an external Element."@en
> ] +# Na9f424d5441f4582ac5c98b23db46e96 node276 +node276 [ shape=none, color=black label=<
Na9f424d5441f4582ac5c98b23db46e96
Na9f424d5441f4582ac5c98b23db46e96
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N16adf2da07b9401e9e3933804f081e1f node277 +node277 [ shape=none, color=black label=<
N16adf2da07b9401e9e3933804f081e1f
N16adf2da07b9401e9e3933804f081e1f
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nfef90442b8154fefbe5da36e6073d7e2 node278 +node278 [ shape=none, color=black label=<
Nfef90442b8154fefbe5da36e6073d7e2
Nfef90442b8154fefbe5da36e6073d7e2
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures node279 +node279 [ shape=none, color=black label=<
configures
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures
rdfs:comment"The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear node280 +node280 [ shape=none, color=black label=<
clear
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear
rdfs:comment"Dataset may be distributed freely, without restriction."@en
> ] +# N572e21a795934b14952d74a2f1735e4d node281 +node281 [ shape=none, color=black label=<
N572e21a795934b14952d74a2f1735e4d
N572e21a795934b14952d74a2f1735e4d
> ] +# N8828ae0192dc4a2592d48298e0e6ae49 node282 +node282 [ shape=none, color=black label=<
N8828ae0192dc4a2592d48298e0e6ae49
N8828ae0192dc4a2592d48298e0e6ae49
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing node283 +node283 [ shape=none, color=black label=<
dataPreprocessing
https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing
rdfs:comment"Describes the preprocessing steps that were applied to the raw data to create the given dataset."@en
> ] +# Nb5fd2e062b0e401abc2eb0323bf66a92 node284 +node284 [ shape=none, color=black label=<
Nb5fd2e062b0e401abc2eb0323bf66a92
Nb5fd2e062b0e401abc2eb0323bf66a92
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType node285 +node285 [ shape=none, color=black label=<
ProfileIdentifierType
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType
rdfs:comment"Enumeration of the valid profiles."@en
> ] +# Nce583394b69a407fb75f3a3c4455a0e9 node286 +node286 [ shape=none, color=black label=<
Nce583394b69a407fb75f3a3c4455a0e9
Nce583394b69a407fb75f3a3c4455a0e9
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other node287 +node287 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other
rdfs:comment"A relationship has other specific context information necessary to capture that the above set of enumerations does not handle."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType node288 +node288 [ shape=none, color=black label=<
ContentIdentifierType
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType
rdfs:comment"Specifies the type of a content identifier."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/originatedBy node289 +node289 [ shape=none, color=black label=<
originatedBy
https://spdx.org/rdf/3.0.1/terms/Core/originatedBy
rdfs:comment"Identifies from where or whom the Element originally came."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType node290 +node290 [ shape=none, color=black label=<
AnnotationType
https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType
rdfs:comment"Specifies the type of an annotation."@en
> ] +# Ndebe2feff7b547e18212c039b5ce1295 node291 +node291 [ shape=none, color=black label=<
Ndebe2feff7b547e18212c039b5ce1295
Ndebe2feff7b547e18212c039b5ce1295
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid node292 +node292 [ shape=none, color=black label=<
swhid
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid
rdfs:comment"SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`."@en
> ] +# N2382be528d524ac6a84951ba6a32f6ab node293 +node293 [ shape=none, color=black label=<
N2382be528d524ac6a84951ba6a32f6ab
N2382be528d524ac6a84951ba6a32f6ab
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue node294 +node294 [ shape=none, color=black label=<
cdxPropValue
https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue
rdfs:comment"A value used in a CdxExtension name-value pair."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container node295 +node295 [ shape=none, color=black label=<
container
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container
rdfs:comment"the Element is a container image which can be used by a container runtime application"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment node296 +node296 [ shape=none, color=black label=<
riskAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment
rdfs:comment"A reference to a risk assessment for a package."@en
> ] +# N78ceebe07fc842fe887e8a5ffcbcd720 node297 +node297 [ shape=none, color=black label=<
N78ceebe07fc842fe887e8a5ffcbcd720
N78ceebe07fc842fe887e8a5ffcbcd720
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# N22b178836b6e40bcbe8099a30293326c node298 +node298 [ shape=none, color=black label=<
N22b178836b6e40bcbe8099a30293326c
N22b178836b6e40bcbe8099a30293326c
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy node299 +node299 [ shape=none, color=black label=<
suppliedBy
https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy
rdfs:comment"Identifies who or what supplied the artifact or VulnAssessmentRelationship referenced by the Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/statusNotes node458 -node458 [ shape=none, color=black label=<
statusNotes
https://spdx.org/rdf/3.0.1/terms/Security/statusNotes
rdfs:comment"Conveys information about how VEX status was determined."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/assessedElement node459 -node459 [ shape=none, color=black label=<
assessedElement
https://spdx.org/rdf/3.0.1/terms/Security/assessedElement
rdfs:comment"Specifies an Element contained in a piece of software where a vulnerability was -found."@en
> ] -# N9d5e8eccc66c436c9a0345e9c3af8529 node460 -node460 [ shape=none, color=black label=<
N9d5e8eccc66c436c9a0345e9c3af8529
N9d5e8eccc66c436c9a0345e9c3af8529
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N30fdf1ba1e904227abdd99dd383e81cf node461 -node461 [ shape=none, color=black label=<
N30fdf1ba1e904227abdd99dd383e81cf
N30fdf1ba1e904227abdd99dd383e81cf
sh:maxCount"1"^^xsd:integer
sh:pattern"^[^\/]+\/[^\/]+$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/contentType node462 -node462 [ shape=none, color=black label=<
contentType
https://spdx.org/rdf/3.0.1/terms/Core/contentType
rdfs:comment"Provides information about the content type of an Element or a Property."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile node463 -node463 [ shape=none, color=black label=<
packageVerificationCodeExcludedFile
https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile
rdfs:comment"The relative file name of a file to be excluded from the -`PackageVerificationCode`."@en
> ] -# N259c79700998405598f3b265a84c9369 node464 -node464 [ shape=none, color=black label=<
N259c79700998405598f3b265a84c9369
N259c79700998405598f3b265a84c9369
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security node465 -node465 [ shape=none, color=black label=<
security
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security
rdfs:comment"the element follows the Security profile specification"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri node466 -node466 [ shape=none, color=black label=<
customIdToUri
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri
rdfs:comment"Maps a LicenseRef or AdditionRef string for a Custom License or a Custom -License Addition to its URI ID."@en
> ] -# N01464ca6dfa64274aff9adfbcfe2b42e node467 -node467 [ shape=none, color=black label=<
N01464ca6dfa64274aff9adfbcfe2b42e
N01464ca6dfa64274aff9adfbcfe2b42e
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs node468 -node468 [ shape=none, color=black label=<
hasInputs
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs
rdfs:comment"The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period."@en
> ] -# N610209a497064a358abfcdf02d34af27 node469 -node469 [ shape=none, color=black label=<
N610209a497064a358abfcdf02d34af27
N610209a497064a358abfcdf02d34af27
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed node470 -node470 [ shape=none, color=black label=<
anonymizationMethodUsed
https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed
rdfs:comment"Describes the anonymization methods used."@en
> ] -# Ncd1edc5d29a44c0bbad0eaecc768c508 node471 -node471 [ shape=none, color=black label=<
Ncd1edc5d29a44c0bbad0eaecc768c508
Ncd1edc5d29a44c0bbad0eaecc768c508
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/specVersion node472 -node472 [ shape=none, color=black label=<
specVersion
https://spdx.org/rdf/3.0.1/terms/Core/specVersion
rdfs:comment"Provides a reference number that can be used to understand how to parse and interpret an Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication node473 -node473 [ shape=none, color=black label=<
informationAboutApplication
https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication
rdfs:comment"Provides relevant information about the AI software, not including the model -description."@en
> ] -# Nfcd493ee83a5448ea5d2096f40a37c2c node474 -node474 [ shape=none, color=black label=<
Nfcd493ee83a5448ea5d2096f40a37c2c
Nfcd493ee83a5448ea5d2096f40a37c2c
> ] -# Nc831a349bd7c4cd38b5e76a95888d1fb node475 -node475 [ shape=none, color=black label=<
Nc831a349bd7c4cd38b5e76a95888d1fb
Nc831a349bd7c4cd38b5e76a95888d1fb
> ] -# N684418165733462bb3ed090ad45ebd17 node476 -node476 [ shape=none, color=black label=<
N684418165733462bb3ed090ad45ebd17
N684418165733462bb3ed090ad45ebd17
> ] -# Na14e801ee5504993834de9264a5a4314 node477 -node477 [ shape=none, color=black label=<
Na14e801ee5504993834de9264a5a4314
Na14e801ee5504993834de9264a5a4314
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship node478 -node478 [ shape=none, color=black label=<
CvssV2VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship
rdfs:comment"Provides a CVSS version 2.0 assessment for a vulnerability."@en
> ] -# Nb92dee53fe1d4dd18bbfaccacf744cb2 node479 -node479 [ shape=none, color=black label=<
Nb92dee53fe1d4dd18bbfaccacf744cb2
Nb92dee53fe1d4dd18bbfaccacf744cb2
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N50875da8eb7446d9a95b6457241bf247 node480 -node480 [ shape=none, color=black label=<
N50875da8eb7446d9a95b6457241bf247
N50875da8eb7446d9a95b6457241bf247
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia node481 -node481 [ shape=none, color=black label=<
socialMedia
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia
rdfs:comment"A reference to a social media channel for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile node482 -node482 [ shape=none, color=black label=<
hasDeletedFile
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile
rdfs:comment"Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains node483 -node483 [ shape=none, color=black label=<
contains
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains
rdfs:comment"The `from` Element contains each `to` Element."@en
> ] -# N971faeaad9fb4eab9cacd7361ff7a6e9 node484 -node484 [ shape=none, color=black label=<
N971faeaad9fb4eab9cacd7361ff7a6e9
N971faeaad9fb4eab9cacd7361ff7a6e9
> ] -# Nbc6cd5ddd97043a8ac58c1db4eb6e3e2 node485 -node485 [ shape=none, color=black label=<
Nbc6cd5ddd97043a8ac58c1db4eb6e3e2
Nbc6cd5ddd97043a8ac58c1db4eb6e3e2
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport node486 -node486 [ shape=none, color=black label=<
componentAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport
rdfs:comment"A reference to a Software Composition Analysis (SCA) report."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/attributionText node487 -node487 [ shape=none, color=black label=<
attributionText
https://spdx.org/rdf/3.0.1/terms/Software/attributionText
rdfs:comment"Provides a place for the SPDX data creator to record acknowledgement text for -a software Package, File or Snippet."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review node488 -node488 [ shape=none, color=black label=<
review
https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review
rdfs:comment"Used when someone reviews the Element."@en
> ] -# N518a3be6b8f341a68415958902bd4899 node489 -node489 [ shape=none, color=black label=<
N518a3be6b8f341a68415958902bd4899
N518a3be6b8f341a68415958902bd4899
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/value node490 -node490 [ shape=none, color=black label=<
value
https://spdx.org/rdf/3.0.1/terms/Core/value
rdfs:comment"A value used in a generic key-value pair."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module node491 -node491 [ shape=none, color=black label=<
module
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module
rdfs:comment"the Element is a module of a piece of software"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch node492 -node492 [ shape=none, color=black label=<
patch
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch
rdfs:comment"Element contains a set of changes to update, fix, or improve another Element"@en
> ] -# N443d7216c6a64f5a8574346bd9eb471e node493 -node493 [ shape=none, color=black label=<
N443d7216c6a64f5a8574346bd9eb471e
N443d7216c6a64f5a8574346bd9eb471e
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency node494 -node494 [ shape=none, color=black label=<
hasOptionalDependency
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency
rdfs:comment"The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship node495 -node495 [ shape=none, color=black label=<
SsvcVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship
rdfs:comment"Provides an SSVC assessment for a vulnerability."@en
> ] -# N631b6c9610c343928d56aba98602ce79 node496 -node496 [ shape=none, color=black label=<
N631b6c9610c343928d56aba98602ce79
N631b6c9610c343928d56aba98602ce79
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/energyUnit node497 -node497 [ shape=none, color=black label=<
energyUnit
https://spdx.org/rdf/3.0.1/terms/AI/energyUnit
rdfs:comment"Specifies the unit in which energy is measured."@en
> ] -# Na5ba2903b9c44319bea1cd36039dc168 node498 -node498 [ shape=none, color=black label=<
Na5ba2903b9c44319bea1cd36039dc168
Na5ba2903b9c44319bea1cd36039dc168
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation node499 -node499 [ shape=none, color=black label=<
useSensitivePersonalInformation
https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation
rdfs:comment"Records if sensitive personal information is used during model training or +# https://spdx.org/rdf/3.0.1/terms/Core/endTime node300 +node300 [ shape=none, color=black label=<
endTime
https://spdx.org/rdf/3.0.1/terms/Core/endTime
rdfs:comment"Specifies the time from which an element is no longer applicable / valid."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/element node301 +node301 [ shape=none, color=black label=<
element
https://spdx.org/rdf/3.0.1/terms/Core/element
rdfs:comment"Refers to one or more Elements that are part of an ElementCollection."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue node302 +node302 [ shape=none, color=black label=<
contentIdentifierValue
https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue
rdfs:comment"Specifies the value of the content identifier."@en
> ] +# N0a8d87003414460d9cc6e3958d2edd54 node303 +node303 [ shape=none, color=black label=<
N0a8d87003414460d9cc6e3958d2edd54
N0a8d87003414460d9cc6e3958d2edd54
> ] +# N62d8ffbf36f448799c2eacd534f5ba7f node304 +node304 [ shape=none, color=black label=<
N62d8ffbf36f448799c2eacd534f5ba7f
N62d8ffbf36f448799c2eacd534f5ba7f
> ] +# N06405922f13c4c7885025dfce2b9d011 node305 +node305 [ shape=none, color=black label=<
N06405922f13c4c7885025dfce2b9d011
N06405922f13c4c7885025dfce2b9d011
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator node306 +node306 [ shape=none, color=black label=<
WithAdditionOperator
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator
rdfs:comment"Portion of an AnyLicenseInfo representing a License which has additional +text applied to it."@en
> ] +# N823532744b8a4282a1e51155c1494e2a node307 +node307 [ shape=none, color=black label=<
N823532744b8a4282a1e51155c1494e2a
N823532744b8a4282a1e51155c1494e2a
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/homePage node308 +node308 [ shape=none, color=black label=<
homePage
https://spdx.org/rdf/3.0.1/terms/Software/homePage
rdfs:comment"A place for the SPDX document creator to record a website that serves as the +package's home page."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport node309 +node309 [ shape=none, color=black label=<
dynamicAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport
rdfs:comment"A reference to a dynamic analysis report for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation node310 +node310 [ shape=none, color=black label=<
useSensitivePersonalInformation
https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation
rdfs:comment"Records if sensitive personal information is used during model training or could be used during the inference."@en
> ] -# N8c7afb91230d460ca7bce4a139bca174 node500 -node500 [ shape=none, color=black label=<
N8c7afb91230d460ca7bce4a139bca174
N8c7afb91230d460ca7bce4a139bca174
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates node501 -node501 [ shape=none, color=black label=<
generates
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates
rdfs:comment"The `from` Element generates each `to` Element."@en
> ] -# Nca90d8f687d74fa095aa6615ca29e794 node502 -node502 [ shape=none, color=black label=<
Nca90d8f687d74fa095aa6615ca29e794
Nca90d8f687d74fa095aa6615ca29e794
> ] -# N965be298afc34fdf934955d440483ea1 node503 -node503 [ shape=none, color=black label=<
N965be298afc34fdf934955d440483ea1
N965be298afc34fdf934955d440483ea1
sh:maxCount"1"^^xsd:integer
> ] -# Ndc4083ebe3ec40369770e1961cf2f753 node504 -node504 [ shape=none, color=black label=<
Ndc4083ebe3ec40369770e1961cf2f753
Ndc4083ebe3ec40369770e1961cf2f753
> ] -# N5ae74eac10ae4b4abb0dcaba18ac8b8d node505 -node505 [ shape=none, color=black label=<
N5ae74eac10ae4b4abb0dcaba18ac8b8d
N5ae74eac10ae4b4abb0dcaba18ac8b8d
> ] -# N3e7ce482f31f451ebe33ed09454c16f0 node506 -node506 [ shape=none, color=black label=<
N3e7ce482f31f451ebe33ed09454c16f0
N3e7ce482f31f451ebe33ed09454c16f0
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation node507 -node507 [ shape=none, color=black label=<
hasDocumentation
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation
rdfs:comment"The `from` Element is documented by each `to` Element."@en
> ] -# N030c65d2c5cb40fca319786ae7c0a586 node508 -node508 [ shape=none, color=black label=<
N030c65d2c5cb40fca319786ae7c0a586
N030c65d2c5cb40fca319786ae7c0a586
sh:maxCount"1"^^xsd:integer
> ] -# N8a1113e414a64a18936c9ab803d99cb2 node509 -node509 [ shape=none, color=black label=<
N8a1113e414a64a18936c9ab803d99cb2
N8a1113e414a64a18936c9ab803d99cb2
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation node510 -node510 [ shape=none, color=black label=<
documentation
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation
rdfs:comment"Element is documentation"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition node511 -node511 [ shape=none, color=black label=<
CustomLicenseAddition
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition
rdfs:comment"A license addition that is not listed on the SPDX Exceptions List."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224 node512 -node512 [ shape=none, color=black label=<
sha3_224
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224
rdfs:comment"SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] -# N07aebca7c47e4a0aa690b05d0ad25ee7 node513 -node513 [ shape=none, color=black label=<
N07aebca7c47e4a0aa690b05d0ad25ee7
N07aebca7c47e4a0aa690b05d0ad25ee7
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime node514 -node514 [ shape=none, color=black label=<
buildEndTime
https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime
rdfs:comment"Property that describes the time at which a build stops."@en
> ] -# N3063c0fb37bd47228a4939226942f5ac node515 -node515 [ shape=none, color=black label=<
N3063c0fb37bd47228a4939226942f5ac
N3063c0fb37bd47228a4939226942f5ac
> ] -# N1757405396c64132981f2170c3de356b node516 -node516 [ shape=none, color=black label=<
N1757405396c64132981f2170c3de356b
N1757405396c64132981f2170c3de356b
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other node517 -node517 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other
rdfs:comment"Any other units of energy measurement."@en
> ] -# N06c64ad8ebf94e0d804efd268a5bd39c node518 -node518 [ shape=none, color=black label=<
N06c64ad8ebf94e0d804efd268a5bd39c
N06c64ad8ebf94e0d804efd268a5bd39c
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance node519 -node519 [ shape=none, color=black label=<
standardCompliance
https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance
rdfs:comment"Captures a standard that is being complied with."@en
> ] -# N1b3a8971fb0e4af18606d810e5cf4efe node520 -node520 [ shape=none, color=black label=<
N1b3a8971fb0e4af18606d810e5cf4efe
N1b3a8971fb0e4af18606d810e5cf4efe
> ] -# N25815750f1da4f648217de424b16d645 node521 -node521 [ shape=none, color=black label=<
N25815750f1da4f648217de424b16d645
N25815750f1da4f648217de424b16d645
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious node522 -node522 [ shape=none, color=black label=<
serious
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious
rdfs:comment"The highest level of risk posed by an AI system."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/publishedTime node523 -node523 [ shape=none, color=black label=<
publishedTime
https://spdx.org/rdf/3.0.1/terms/Security/publishedTime
rdfs:comment"Specifies the time when a vulnerability was published."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral node524 -node524 [ shape=none, color=black label=<
mavenCentral
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral
rdfs:comment"A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html)."@en
> ] -# N8408579fff994acd83e49c4d9b8d26ca node525 -node525 [ shape=none, color=black label=<
N8408579fff994acd83e49c4d9b8d26ca
N8408579fff994acd83e49c4d9b8d26ca
> ] -# N2fe59bf525fe43d88b11258c76d4c071 node526 -node526 [ shape=none, color=black label=<
N2fe59bf525fe43d88b11258c76d4c071
N2fe59bf525fe43d88b11258c76d4c071
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid node527 -node527 [ shape=none, color=black label=<
swid
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid
rdfs:comment"Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/endTime node528 -node528 [ shape=none, color=black label=<
endTime
https://spdx.org/rdf/3.0.1/terms/Core/endTime
rdfs:comment"Specifies the time from which an element is no longer applicable / valid."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType node529 -node529 [ shape=none, color=black label=<
externalIdentifierType
https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType
rdfs:comment"Specifies the type of the external identifier."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml node530 -node530 [ shape=none, color=black label=<
licenseXml
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml
rdfs:comment"Identifies all the text and metadata associated with a license in the license -XML format."@en
> ] -# Nf7de5fce6d09421e9dd11373930a6105 node531 -node531 [ shape=none, color=black label=<
Nf7de5fce6d09421e9dd11373930a6105
Nf7de5fce6d09421e9dd11373930a6105
> ] -# N22d9682fe531472f97e88af9c80848e3 node532 -node532 [ shape=none, color=black label=<
N22d9682fe531472f97e88af9c80848e3
N22d9682fe531472f97e88af9c80848e3
> ] -# Nab5e605b75014ba180e83188639eccea node533 -node533 [ shape=none, color=black label=<
Nab5e605b75014ba180e83188639eccea
Nab5e605b75014ba180e83188639eccea
> ] -# N3f177ddeac154360839cb3d45138313a node534 -node534 [ shape=none, color=black label=<
N3f177ddeac154360839cb3d45138313a
N3f177ddeac154360839cb3d45138313a
> ] -# N9fb1afec40b64b38b9feea754fdad929 node535 -node535 [ shape=none, color=black label=<
N9fb1afec40b64b38b9feea754fdad929
N9fb1afec40b64b38b9feea754fdad929
> ] -# N646981139ccf402aa6158151673359df node536 -node536 [ shape=none, color=black label=<
N646981139ccf402aa6158151673359df
N646981139ccf402aa6158151673359df
> ] -# N95be3331da044b68b149913e9b0a4565 node537 -node537 [ shape=none, color=black label=<
N95be3331da044b68b149913e9b0a4565
N95be3331da044b68b149913e9b0a4565
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support node538 -node538 [ shape=none, color=black label=<
support
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support
rdfs:comment"A reference to the software support channel or other support information for a package."@en
> ] -# N299a0c78f406464191a6a78f18bb81c3 node539 -node539 [ shape=none, color=black label=<
N299a0c78f406464191a6a78f18bb81c3
N299a0c78f406464191a6a78f18bb81c3
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense node540 -node540 [ shape=none, color=black label=<
hasDeclaredLicense
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense
rdfs:comment"The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy node541 -node541 [ shape=none, color=black label=<
fixedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy
rdfs:comment"(Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s)."@en
> ] -# N832f47c969e649a69a129e3cf4bbb373 node542 -node542 [ shape=none, color=black label=<
N832f47c969e649a69a129e3cf4bbb373
N832f47c969e649a69a129e3cf4bbb373
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed node543 -node543 [ shape=none, color=black label=<
deployed
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed
rdfs:comment"in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service."@en
> ] -# N6ccc707a7a9347759e9d0a0529e571d0 node544 -node544 [ shape=none, color=black label=<
N6ccc707a7a9347759e9d0a0529e571d0
N6ccc707a7a9347759e9d0a0529e571d0
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage node545 -node545 [ shape=none, color=black label=<
diskImage
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage
rdfs:comment"the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber node546 -node546 [ shape=none, color=black label=<
crystalsKyber
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber
rdfs:comment"[Kyber](https://pq-crystals.org/kyber/)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured node547 -node547 [ shape=none, color=black label=<
structured
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured
rdfs:comment"data is stored in tabular format or retrieved from a relational database."@en
> ] -# Na05235b544a241baa176d74f0e14f62f node548 -node548 [ shape=none, color=black label=<
Na05235b544a241baa176d74f0e14f62f
Na05235b544a241baa176d74f0e14f62f
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite node549 -node549 [ shape=none, color=black label=<
lite
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite
rdfs:comment"the element follows the Lite profile specification"@en
> ] -# N25b1014eebc5496a889fd4977576df36 node550 -node550 [ shape=none, color=black label=<
N25b1014eebc5496a889fd4977576df36
N25b1014eebc5496a889fd4977576df36
> ] -# Na9a2113d41ac473bbc42a8011821a741 node551 -node551 [ shape=none, color=black label=<
Na9a2113d41ac473bbc42a8011821a741
Na9a2113d41ac473bbc42a8011821a741
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text node552 -node552 [ shape=none, color=black label=<
text
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text
rdfs:comment"data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4 node553 -node553 [ shape=none, color=black label=<
md4
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4
rdfs:comment"MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy node554 -node554 [ shape=none, color=black label=<
obsoletedBy
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy
rdfs:comment"Specifies the licenseId that is preferred to be used in place of a deprecated -License or LicenseAddition."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid node555 -node555 [ shape=none, color=black label=<
swhid
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid
rdfs:comment"SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`."@en
> ] -# Nfe77e537d19a4bfab28de15ab4179b0b node556 -node556 [ shape=none, color=black label=<
Nfe77e537d19a4bfab28de15ab4179b0b
Nfe77e537d19a4bfab28de15ab4179b0b
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory node557 -node557 [ shape=none, color=black label=<
securityAdvisory
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory
rdfs:comment"A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries."@en
> ] -# N34ea6fb330ab4e1e86f9a02d12d4a397 node558 -node558 [ shape=none, color=black label=<
N34ea6fb330ab4e1e86f9a02d12d4a397
N34ea6fb330ab4e1e86f9a02d12d4a397
> ] -# Nf8cced1acac848eab35a51782beab12d node559 -node559 [ shape=none, color=black label=<
Nf8cced1acac848eab35a51782beab12d
Nf8cced1acac848eab35a51782beab12d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase node560 -node560 [ shape=none, color=black label=<
hasTestCase
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase
rdfs:comment"Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp node561 -node561 [ shape=none, color=black label=<
timestamp
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp
rdfs:comment"data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends."@en
> ] -# N6889a4a52a5b4a0197771a92586cd0c4 node562 -node562 [ shape=none, color=black label=<
N6889a4a52a5b4a0197771a92586cd0c4
N6889a4a52a5b4a0197771a92586cd0c4
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime node563 -node563 [ shape=none, color=black label=<
buildStartTime
https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime
rdfs:comment"Property describing the start time of a build."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn node564 -node564 [ shape=none, color=black label=<
dependsOn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn
rdfs:comment"The `from` Element depends on each `to` Element, during a LifecycleScopeType period."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower node565 -node565 [ shape=none, color=black label=<
bower
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower
rdfs:comment"A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224 node566 -node566 [ shape=none, color=black label=<
sha224
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224
rdfs:comment"SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874)."@en
> ] -# N7da2bbfd8a974b8c82c0b324bd112188 node567 -node567 [ shape=none, color=black label=<
N7da2bbfd8a974b8c82c0b324bd112188
N7da2bbfd8a974b8c82c0b324bd112188
> ] -# N5696c1074093424d9137a5acef470d35 node568 -node568 [ shape=none, color=black label=<
N5696c1074093424d9137a5acef470d35
N5696c1074093424d9137a5acef470d35
> ] -# N40c02679564247ae82ff66f88e054c11 node569 -node569 [ shape=none, color=black label=<
N40c02679564247ae82ff66f88e054c11
N40c02679564247ae82ff66f88e054c11
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport node570 -node570 [ shape=none, color=black label=<
limitedSupport
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport
rdfs:comment"the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/element node571 -node571 [ shape=none, color=black label=<
element
https://spdx.org/rdf/3.0.1/terms/Core/element
rdfs:comment"Refers to one or more Elements that are part of an ElementCollection."@en
> ] -# N4a645c5dafdf41f180187419d8fe5585 node572 -node572 [ shape=none, color=black label=<
N4a645c5dafdf41f180187419d8fe5585
N4a645c5dafdf41f180187419d8fe5585
sh:maxCount"1"^^xsd:integer
> ] -# Ne3f22212f3b04d0880ca3032e43d40bb node573 -node573 [ shape=none, color=black label=<
Ne3f22212f3b04d0880ca3032e43d40bb
Ne3f22212f3b04d0880ca3032e43d40bb
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader node574 -node574 [ shape=none, color=black label=<
standardLicenseHeader
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader
rdfs:comment"Provides a License author's preferred text to indicate that a file is covered -by the License."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core node575 -node575 [ shape=none, color=black label=<
core
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core
rdfs:comment"the element follows the Core profile specification"@en
> ] -# Nf1d81158133f44ddb651aec4904f5471 node576 -node576 [ shape=none, color=black label=<
Nf1d81158133f44ddb651aec4904f5471
Nf1d81158133f44ddb651aec4904f5471
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device node577 -node577 [ shape=none, color=black label=<
device
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device
rdfs:comment"the Element refers to a chipset, processor, or electronic board"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/domain node578 -node578 [ shape=none, color=black label=<
domain
https://spdx.org/rdf/3.0.1/terms/AI/domain
rdfs:comment"Captures the domain in which the AI package can be used."@en
> ] -# Nccd39cf35f504bbd860e5380151792ee node579 -node579 [ shape=none, color=black label=<
Nccd39cf35f504bbd860e5380151792ee
Nccd39cf35f504bbd860e5380151792ee
> ] -# N071b0c86fd754179a00c7a542aec3595 node580 -node580 [ shape=none, color=black label=<
N071b0c86fd754179a00c7a542aec3595
N071b0c86fd754179a00c7a542aec3595
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar node581 -node581 [ shape=none, color=black label=<
trackStar
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar
rdfs:comment"("Track*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType node582 -node582 [ shape=none, color=black label=<
SsvcDecisionType
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType
rdfs:comment"Specifies the SSVC decision type."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime node583 -node583 [ shape=none, color=black label=<
impactStatementTime
https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime
rdfs:comment"Timestamp of impact statement."@en
> ] -# N1e1be548741544429922d4a5404292bf node584 -node584 [ shape=none, color=black label=<
N1e1be548741544429922d4a5404292bf
N1e1be548741544429922d4a5404292bf
> ] -# Na0791cc39051424fa4c158671c2083ec node585 -node585 [ shape=none, color=black label=<
Na0791cc39051424fa4c158671c2083ec
Na0791cc39051424fa4c158671c2083ec
sh:maxCount"1"^^xsd:integer
> ] -# N9709db9244764f79800d1776575d22a2 node586 -node586 [ shape=none, color=black label=<
N9709db9244764f79800d1776575d22a2
N9709db9244764f79800d1776575d22a2
sh:maxCount"1"^^xsd:integer
> ] -# Ne1bb8c9315a24e92b210991c3e575aa9 node587 -node587 [ shape=none, color=black label=<
Ne1bb8c9315a24e92b210991c3e575aa9
Ne1bb8c9315a24e92b210991c3e575aa9
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport node588 -node588 [ shape=none, color=black label=<
dynamicAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport
rdfs:comment"A reference to a dynamic analysis report for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio node589 -node589 [ shape=none, color=black label=<
audio
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio
rdfs:comment"data is audio based, such as a collection of music from the 80s."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy node590 -node590 [ shape=none, color=black label=<
publishedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy
rdfs:comment"(Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent."@en
> ] -# Nc5be96bae3334bc698e54854b8f240ba node591 -node591 [ shape=none, color=black label=<
Nc5be96bae3334bc698e54854b8f240ba
Nc5be96bae3334bc698e54854b8f240ba
> ] -# N5c711d2c28ac4176a9567222021be00d node592 -node592 [ shape=none, color=black label=<
N5c711d2c28ac4176a9567222021be00d
N5c711d2c28ac4176a9567222021be00d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact node593 -node593 [ shape=none, color=black label=<
binaryArtifact
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact
rdfs:comment"A reference to binary artifacts related to a package."@en
> ] -# N8b36dfa49376412d8010f6538ab81c17 node594 -node594 [ shape=none, color=black label=<
N8b36dfa49376412d8010f6538ab81c17
N8b36dfa49376412d8010f6538ab81c17
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage node595 -node595 [ shape=none, color=black label=<
altWebPage
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage
rdfs:comment"A reference to an alternative web page."@en
> ] -# N35b8edad85534da48e3b0600d9a01348 node596 -node596 [ shape=none, color=black label=<
N35b8edad85534da48e3b0600d9a01348
N35b8edad85534da48e3b0600d9a01348
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing node597 -node597 [ shape=none, color=black label=<
dataPreprocessing
https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing
rdfs:comment"Describes the preprocessing steps that were applied to the raw data to create the given dataset."@en
> ] -# N1c9ce436902f4cb7a977dd6c3e3abb98 node598 -node598 [ shape=none, color=black label=<
N1c9ce436902f4cb7a977dd6c3e3abb98
N1c9ce436902f4cb7a977dd6c3e3abb98
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact node599 -node599 [ shape=none, color=black label=<
definingArtifact
https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact
rdfs:comment"Artifact representing a serialization instance of SPDX data containing the -definition of a particular Element."@en
> ] -# Nebed6c8ac40843759302612bcdf0f93a node600 -node600 [ shape=none, color=black label=<
Nebed6c8ac40843759302612bcdf0f93a
Nebed6c8ac40843759302612bcdf0f93a
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/justificationType node601 -node601 [ shape=none, color=black label=<
justificationType
https://spdx.org/rdf/3.0.1/terms/Security/justificationType
rdfs:comment"Impact justification label to be used when linking a vulnerability to an element -representing a VEX product with a VexNotAffectedVulnAssessmentRelationship -relationship."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest node602 -node602 [ shape=none, color=black label=<
configSourceDigest
https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest
rdfs:comment"Property that describes the digest of the build configuration file used to -invoke a build."@en
> ] -# N799aa21de28744afa648aa93b9d32abc node603 -node603 [ shape=none, color=black label=<
N799aa21de28744afa648aa93b9d32abc
N799aa21de28744afa648aa93b9d32abc
> ] -# N2f0b4c9eb75743ed8e50bebbbd5bdf55 node604 -node604 [ shape=none, color=black label=<
N2f0b4c9eb75743ed8e50bebbbd5bdf55
N2f0b4c9eb75743ed8e50bebbbd5bdf55
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N9a89f560d9b743d5a49d330f6d0f9e78 node605 -node605 [ shape=none, color=black label=<
N9a89f560d9b743d5a49d330f6d0f9e78
N9a89f560d9b743d5a49d330f6d0f9e78
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/locationHint node606 -node606 [ shape=none, color=black label=<
locationHint
https://spdx.org/rdf/3.0.1/terms/Core/locationHint
rdfs:comment"Provides an indication of where to retrieve an external Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/description node607 -node607 [ shape=none, color=black label=<
description
https://spdx.org/rdf/3.0.1/terms/Core/description
rdfs:comment"Provides a detailed description of the Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion node608 -node608 [ shape=none, color=black label=<
licenseListVersion
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion
rdfs:comment"The version of the SPDX License List used in the license expression."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage node609 -node609 [ shape=none, color=black label=<
filesystemImage
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage
rdfs:comment"the Element is a file system image that can be written to a disk (or virtual) partition"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing node610 -node610 [ shape=none, color=black label=<
expandedLicensing
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing
rdfs:comment"the element follows the expanded Licensing profile specification"@en
> ] -# N559d0433cce547e2bbce69a267c4e093 node611 -node611 [ shape=none, color=black label=<
N559d0433cce547e2bbce69a267c4e093
N559d0433cce547e2bbce69a267c4e093
> ] -# N3b8d4dc8e41944fb8b5f88b7eed53a6b node612 -node612 [ shape=none, color=black label=<
N3b8d4dc8e41944fb8b5f88b7eed53a6b
N3b8d4dc8e41944fb8b5f88b7eed53a6b
sh:minCount"2"^^xsd:integer
> ] -# N1ffefa99e7174ab483f5946da0df1768 node613 -node613 [ shape=none, color=black label=<
N1ffefa99e7174ab483f5946da0df1768
N1ffefa99e7174ab483f5946da0df1768
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Agent node614 -node614 [ shape=none, color=black label=<
Agent
https://spdx.org/rdf/3.0.1/terms/Core/Agent
rdfs:comment"Agent represents anything with the potential to act on a system."@en
> ] -# Nf4ee784b388443b682ca30b3c541c96b node615 -node615 [ shape=none, color=black label=<
Nf4ee784b388443b682ca30b3c541c96b
Nf4ee784b388443b682ca30b3c541c96b
> ] -# Na680bfbf49154ddfbb7bd4f29f0d294a node616 -node616 [ shape=none, color=black label=<
Na680bfbf49154ddfbb7bd4f29f0d294a
Na680bfbf49154ddfbb7bd4f29f0d294a
> ] -# N3955fc01445e4d8c8efdb548d6f3fe02 node617 -node617 [ shape=none, color=black label=<
N3955fc01445e4d8c8efdb548d6f3fe02
N3955fc01445e4d8c8efdb548d6f3fe02
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes node618 -node618 [ shape=none, color=black label=<
yes
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes
rdfs:comment"Indicates presence of the field."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/metric node619 -node619 [ shape=none, color=black label=<
metric
https://spdx.org/rdf/3.0.1/terms/AI/metric
rdfs:comment"Records the measurement of prediction quality of the AI model."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384 node620 -node620 [ shape=none, color=black label=<
sha384
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384
rdfs:comment"SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)."@en
> ] -# Ndda7d64d96df4301a88a12abd5ef8b09 node621 -node621 [ shape=none, color=black label=<
Ndda7d64d96df4301a88a12abd5ef8b09
Ndda7d64d96df4301a88a12abd5ef8b09
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId node622 -node622 [ shape=none, color=black label=<
isDeprecatedLicenseId
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId
rdfs:comment"Specifies whether a license or additional text identifier has been marked as -deprecated."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification node623 -node623 [ shape=none, color=black label=<
specification
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification
rdfs:comment"the Element is a plan, guideline or strategy how to create, perform or analyse an application"@en
> ] -# Nfd422f22f4e04c6b83976f65956d1175 node624 -node624 [ shape=none, color=black label=<
Nfd422f22f4e04c6b83976f65956d1175
Nfd422f22f4e04c6b83976f65956d1175
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding node625 -node625 [ shape=none, color=black label=<
funding
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding
rdfs:comment"A reference to funding information related to a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange node626 -node626 [ shape=none, color=black label=<
endIntegerRange
https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange
rdfs:comment"Defines the end of a range."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/environment node627 -node627 [ shape=none, color=black label=<
environment
https://spdx.org/rdf/3.0.1/terms/Build/environment
rdfs:comment"Property describing the session in which a build is invoked."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile node628 -node628 [ shape=none, color=black label=<
hasAddedFile
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile
rdfs:comment"Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion node629 -node629 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion
rdfs:comment"No assertion can be made about the completeness of the relationship."@en
> ] -# N32dc18aa1af0455ba3597422d68a9098 node630 -node630 [ shape=none, color=black label=<
N32dc18aa1af0455ba3597422d68a9098
N32dc18aa1af0455ba3597422d68a9098
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# N513267eb3c1c498f8f058234ee540d69 node631 -node631 [ shape=none, color=black label=<
N513267eb3c1c498f8f058234ee540d69
N513267eb3c1c498f8f058234ee540d69
> ] -# https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue node632 -node632 [ shape=none, color=black label=<
cdxPropValue
https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue
rdfs:comment"A value used in a CdxExtension name-value pair."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics node633 -node633 [ shape=none, color=black label=<
metrics
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics
rdfs:comment"A reference to metrics related to package such as OpenSSF scorecards."@en
> ] -# Na8f4d37cdcd2477a8d2e842f4c9fff5c node634 -node634 [ shape=none, color=black label=<
Na8f4d37cdcd2477a8d2e842f4c9fff5c
Na8f4d37cdcd2477a8d2e842f4c9fff5c
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/dataLicense node635 -node635 [ shape=none, color=black label=<
dataLicense
https://spdx.org/rdf/3.0.1/terms/Core/dataLicense
rdfs:comment"Provides the license under which the SPDX documentation of the Element can be +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence node311 +node311 [ shape=none, color=black label=<
hasEvidence
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence
rdfs:comment"(Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384 node312 +node312 [ shape=none, color=black label=<
sha3_384
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384
rdfs:comment"SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm node313 +node313 [ shape=none, color=black label=<
HashAlgorithm
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm
rdfs:comment"A mathematical algorithm that maps data of arbitrary size to a bit string."@en
> ] +# Ndbd3ba44962340668a10f2a6ba5d3701 node314 +node314 [ shape=none, color=black label=<
Ndbd3ba44962340668a10f2a6ba5d3701
Ndbd3ba44962340668a10f2a6ba5d3701
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N42906b07290442ba96f13877a585b4b9 node315 +node315 [ shape=none, color=black label=<
N42906b07290442ba96f13877a585b4b9
N42906b07290442ba96f13877a585b4b9
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/creationInfo node316 +node316 [ shape=none, color=black label=<
creationInfo
https://spdx.org/rdf/3.0.1/terms/Core/creationInfo
rdfs:comment"Provides information about the creation of the Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium node317 +node317 [ shape=none, color=black label=<
medium
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium
rdfs:comment"The third-highest level of risk posed by an AI system."@en
> ] +# N62c70f84068943cb994869a38ee84fe6 node318 +node318 [ shape=none, color=black label=<
N62c70f84068943cb994869a38ee84fe6
N62c70f84068943cb994869a38ee84fe6
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build node319 +node319 [ shape=none, color=black label=<
build
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build
rdfs:comment"SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/copyrightText node320 +node320 [ shape=none, color=black label=<
copyrightText
https://spdx.org/rdf/3.0.1/terms/Software/copyrightText
rdfs:comment"Identifies the text of one or more copyright notices for a software Package, +File or Snippet, if any."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/dataLicense node321 +node321 [ shape=none, color=black label=<
dataLicense
https://spdx.org/rdf/3.0.1/terms/Core/dataLicense
rdfs:comment"Provides the license under which the SPDX documentation of the Element can be used."@en
> ] -# N86dde2d004be4c38bef9ef0f5cad1463 node636 -node636 [ shape=none, color=black label=<
N86dde2d004be4c38bef9ef0f5cad1463
N86dde2d004be4c38bef9ef0f5cad1463
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl node637 -node637 [ shape=none, color=black label=<
packageUrl
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl
rdfs:comment"[package URL](https://github.com/package-url/purl-spec)"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf node638 -node638 [ shape=none, color=black label=<
ancestorOf
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf
rdfs:comment"The `from` Element is an ancestor of each `to` Element."@en
> ] -# Nd7e1fb39f2e24a2a9dd49b7e707e3461 node639 -node639 [ shape=none, color=black label=<
Nd7e1fb39f2e24a2a9dd49b7e707e3461
Nd7e1fb39f2e24a2a9dd49b7e707e3461
> ] -# N87a3e354acff4abb916c09e4698be4fe node640 -node640 [ shape=none, color=black label=<
N87a3e354acff4abb916c09e4698be4fe
N87a3e354acff4abb916c09e4698be4fe
> ] -# Ned924ef2d664487ca91df43b35ec5a1d node641 -node641 [ shape=none, color=black label=<
Ned924ef2d664487ca91df43b35ec5a1d
Ned924ef2d664487ca91df43b35ec5a1d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf node642 -node642 [ shape=none, color=black label=<
descendantOf
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf
rdfs:comment"The `from` Element is a descendant of each `to` Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/severity node643 -node643 [ shape=none, color=black label=<
severity
https://spdx.org/rdf/3.0.1/terms/Security/severity
rdfs:comment"Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType node644 -node644 [ shape=none, color=black label=<
CvssSeverityType
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType
rdfs:comment"Specifies the CVSS base, temporal, threat, or environmental severity type."@en
> ] -# N092f9ca82e63453eb80e5bf55e02f650 node645 -node645 [ shape=none, color=black label=<
N092f9ca82e63453eb80e5bf55e02f650
N092f9ca82e63453eb80e5bf55e02f650
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy node646 -node646 [ shape=none, color=black label=<
republishedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy
rdfs:comment"(Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument node647 -node647 [ shape=none, color=black label=<
SpdxDocument
https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument
rdfs:comment"A collection of SPDX Elements that could potentially be serialized."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType node648 -node648 [ shape=none, color=black label=<
datasetType
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType
rdfs:comment"Describes the type of the given dataset."@en
> ] -# N2a3519a8765c4e5fb3f34b20bedd5cda node649 -node649 [ shape=none, color=black label=<
N2a3519a8765c4e5fb3f34b20bedd5cda
N2a3519a8765c4e5fb3f34b20bedd5cda
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track node650 -node650 [ shape=none, color=black label=<
track
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track
rdfs:comment"The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other node651 -node651 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other
rdfs:comment"Other exploit catalogs"@en
> ] -# Nab73bcdc12e44136bdff21b9e133e8a8 node652 -node652 [ shape=none, color=black label=<
Nab73bcdc12e44136bdff21b9e133e8a8
Nab73bcdc12e44136bdff21b9e133e8a8
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/name node653 -node653 [ shape=none, color=black label=<
name
https://spdx.org/rdf/3.0.1/terms/Core/name
rdfs:comment"Identifies the name of an Element as designated by the creator."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport node654 -node654 [ shape=none, color=black label=<
vulnerabilityDisclosureReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport
rdfs:comment"A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber node655 -node655 [ shape=none, color=black label=<
amber
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber
rdfs:comment"Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis."@en
> ] -# N39278bdc71234063ae967de35185177c node656 -node656 [ shape=none, color=black label=<
N39278bdc71234063ae967de35185177c
N39278bdc71234063ae967de35185177c
> ] -# Nd7e16ef7f54644429ec6bfd9a8390fdf node657 -node657 [ shape=none, color=black label=<
Nd7e16ef7f54644429ec6bfd9a8390fdf
Nd7e16ef7f54644429ec6bfd9a8390fdf
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/context node658 -node658 [ shape=none, color=black label=<
context
https://spdx.org/rdf/3.0.1/terms/Core/context
rdfs:comment"Gives information about the circumstances or unifying properties +# N94093e478ee24e8e9c866ead1b84a1db node322 +node322 [ shape=none, color=black label=<
N94093e478ee24e8e9c866ead1b84a1db
N94093e478ee24e8e9c866ead1b84a1db
> ] +# Nff350762af154685b6b1b915e62ae573 node323 +node323 [ shape=none, color=black label=<
Nff350762af154685b6b1b915e62ae573
Nff350762af154685b6b1b915e62ae573
> ] +# N5984614686c943f492f1ad4162a56228 node324 +node324 [ shape=none, color=black label=<
N5984614686c943f492f1ad4162a56228
N5984614686c943f492f1ad4162a56228
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224 node325 +node325 [ shape=none, color=black label=<
sha3_224
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224
rdfs:comment"SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact node326 +node326 [ shape=none, color=black label=<
hasDistributionArtifact
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact
rdfs:comment"The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/hashValue node327 +node327 [ shape=none, color=black label=<
hashValue
https://spdx.org/rdf/3.0.1/terms/Core/hashValue
rdfs:comment"The result of applying a hash algorithm to an Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/profileConformance node328 +node328 [ shape=none, color=black label=<
profileConformance
https://spdx.org/rdf/3.0.1/terms/Core/profileConformance
rdfs:comment"Describes one a profile which the creator of this ElementCollection intends to +conform to."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship node329 +node329 [ shape=none, color=black label=<
CvssV3VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship
rdfs:comment"Provides a CVSS version 3 assessment for a vulnerability."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/key node330 +node330 [ shape=none, color=black label=<
key
https://spdx.org/rdf/3.0.1/terms/Core/key
rdfs:comment"A key used in a generic key-value pair."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel node331 +node331 [ shape=none, color=black label=<
securityThreatModel
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel
rdfs:comment"A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn node332 +node332 [ shape=none, color=black label=<
testedOn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn
rdfs:comment"(AI, Dataset) The `from` Element has been tested on the `to` Element(s)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains node333 +node333 [ shape=none, color=black label=<
contains
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains
rdfs:comment"The `from` Element contains each `to` Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/File node334 +node334 [ shape=none, color=black label=<
File
https://spdx.org/rdf/3.0.1/terms/Software/File
rdfs:comment"Refers to any object that stores content on a computer."@en
> ] +# N9ae188152c5946508b1c13a726d2999c node335 +node335 [ shape=none, color=black label=<
N9ae188152c5946508b1c13a726d2999c
N9ae188152c5946508b1c13a726d2999c
sh:maxCount"1"^^xsd:integer
> ] +# N490fbc89f4864b2e8d981461d1b22d74 node336 +node336 [ shape=none, color=black label=<
N490fbc89f4864b2e8d981461d1b22d74
N490fbc89f4864b2e8d981461d1b22d74
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N0e0a788f2b4f46c38d2707a5aa86aaa1 node337 +node337 [ shape=none, color=black label=<
N0e0a788f2b4f46c38d2707a5aa86aaa1
N0e0a788f2b4f46c38d2707a5aa86aaa1
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nf8216cbf411c40d2b03f3976dae98bcf node338 +node338 [ shape=none, color=black label=<
Nf8216cbf411c40d2b03f3976dae98bcf
Nf8216cbf411c40d2b03f3976dae98bcf
> ] +# N80d9cb38f9344beeb1b385a3121b6a98 node339 +node339 [ shape=none, color=black label=<
N80d9cb38f9344beeb1b385a3121b6a98
N80d9cb38f9344beeb1b385a3121b6a98
> ] +# Nafba000521b74f7b883b3501c31ce0f5 node340 +node340 [ shape=none, color=black label=<
Nafba000521b74f7b883b3501c31ce0f5
Nafba000521b74f7b883b3501c31ce0f5
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType node341 +node341 [ shape=none, color=black label=<
VexJustificationType
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType
rdfs:comment"Specifies the VEX justification type."@en
> ] +# Ne61da332ff1a4310b6f1745c30778c24 node342 +node342 [ shape=none, color=black label=<
Ne61da332ff1a4310b6f1745c30778c24
Ne61da332ff1a4310b6f1745c30778c24
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion node343 +node343 [ shape=none, color=black label=<
licenseListVersion
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion
rdfs:comment"The version of the SPDX License List used in the license expression."@en
> ] +# N0c87ec705151422bb070a6dd818bbf73 node344 +node344 [ shape=none, color=black label=<
N0c87ec705151422bb070a6dd818bbf73
N0c87ec705151422bb070a6dd818bbf73
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none node345 +node345 [ shape=none, color=black label=<
none
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none
rdfs:comment"When a CVSS score is 0.0"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense node346 +node346 [ shape=none, color=black label=<
NoAssertionLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense
rdfs:comment"An Individual Value for License when no assertion can be made about its actual +value."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation node347 +node347 [ shape=none, color=black label=<
hasDocumentation
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation
rdfs:comment"The `from` Element is documented by each `to` Element."@en
> ] +# N022b3cf344b64b0ea4b777f95ec71df4 node348 +node348 [ shape=none, color=black label=<
N022b3cf344b64b0ea4b777f95ec71df4
N022b3cf344b64b0ea4b777f95ec71df4
> ] +# N61fbd020faf849bdb9a806d3bdcadbcf node349 +node349 [ shape=none, color=black label=<
N61fbd020faf849bdb9a806d3bdcadbcf
N61fbd020faf849bdb9a806d3bdcadbcf
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor node350 +node350 [ shape=none, color=black label=<
hasAssessmentFor
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor
rdfs:comment"(Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf node351 +node351 [ shape=none, color=black label=<
descendantOf
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf
rdfs:comment"The `from` Element is a descendant of each `to` Element."@en
> ] +# N868311657de3455882fc764d5d4dbadc node352 +node352 [ shape=none, color=black label=<
N868311657de3455882fc764d5d4dbadc
N868311657de3455882fc764d5d4dbadc
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid node353 +node353 [ shape=none, color=black label=<
swid
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid
rdfs:comment"Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/severity node354 +node354 [ shape=none, color=black label=<
severity
https://spdx.org/rdf/3.0.1/terms/Security/severity
rdfs:comment"Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software."@en
> ] +# Nfc5b20eed9c8438ebcfd282cd41d627c node355 +node355 [ shape=none, color=black label=<
Nfc5b20eed9c8438ebcfd282cd41d627c
Nfc5b20eed9c8438ebcfd282cd41d627c
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development node356 +node356 [ shape=none, color=black label=<
development
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development
rdfs:comment"the artifact is in active development and is not considered ready for formal support from the supplier."@en
> ] +# Ne732043e3c7f4f8689d0b7a32b263855 node357 +node357 [ shape=none, color=black label=<
Ne732043e3c7f4f8689d0b7a32b263855
Ne732043e3c7f4f8689d0b7a32b263855
> ] +# N18bdcb3cbc9748fab621b46d1892f30c node358 +node358 [ shape=none, color=black label=<
N18bdcb3cbc9748fab621b46d1892f30c
N18bdcb3cbc9748fab621b46d1892f30c
> ] +# Nb9962febba924b32b7c202ec51c78a9f node359 +node359 [ shape=none, color=black label=<
Nb9962febba924b32b7c202ec51c78a9f
Nb9962febba924b32b7c202ec51c78a9f
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo node360 +node360 [ shape=none, color=black label=<
CreationInfo
https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo
rdfs:comment"Provides information about the creation of the Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta node361 +node361 [ shape=none, color=black label=<
buildMeta
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta
rdfs:comment"A reference build metadata related to a published package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/startTime node362 +node362 [ shape=none, color=black label=<
startTime
https://spdx.org/rdf/3.0.1/terms/Core/startTime
rdfs:comment"Specifies the time from which an element is applicable / valid."@en
> ] +# N2564c38f6faa4d36a806ce5b57b3b87d node363 +node363 [ shape=none, color=black label=<
N2564c38f6faa4d36a806ce5b57b3b87d
N2564c38f6faa4d36a806ce5b57b3b87d
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data node364 +node364 [ shape=none, color=black label=<
data
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data
rdfs:comment"Element is data"@en
> ] +# Na805cdc64a2e4c379bce6cdfa20b9cdf node365 +node365 [ shape=none, color=black label=<
Na805cdc64a2e4c379bce6cdfa20b9cdf
Na805cdc64a2e4c379bce6cdfa20b9cdf
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing node366 +node366 [ shape=none, color=black label=<
modelDataPreprocessing
https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing
rdfs:comment"Describes all the preprocessing steps applied to the training data before the +model training."@en
> ] +# N5bb4317082934fafa2ebba9f4b32dd64 node367 +node367 [ shape=none, color=black label=<
N5bb4317082934fafa2ebba9f4b32dd64
N5bb4317082934fafa2ebba9f4b32dd64
sh:maxCount"1"^^xsd:integer
sh:pattern"^[^\/]+\/[^\/]+$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration node368 +node368 [ shape=none, color=black label=<
configuration
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration
rdfs:comment"Element is configuration data"@en
> ] +# N5faf14a9398b451cbb060d76c2095397 node369 +node369 [ shape=none, color=black label=<
N5faf14a9398b451cbb060d76c2095397
N5faf14a9398b451cbb060d76c2095397
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video node370 +node370 [ shape=none, color=black label=<
video
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video
rdfs:comment"data is video based, such as a collection of movie clips featuring Tom Hanks."@en
> ] +# Nd7fa7b17dd0d44668c07a30a189e0295 node371 +node371 [ shape=none, color=black label=<
Nd7fa7b17dd0d44668c07a30a189e0295
Nd7fa7b17dd0d44668c07a30a189e0295
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other node372 +node372 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other
rdfs:comment"Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense node373 +node373 [ shape=none, color=black label=<
hasDeclaredLicense
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense
rdfs:comment"The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling."@en
> ] +# Ncc8b79ef7ac44559ae1dce02241f269a node374 +node374 [ shape=none, color=black label=<
Ncc8b79ef7ac44559ae1dce02241f269a
Ncc8b79ef7ac44559ae1dce02241f269a
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent node375 +node375 [ shape=none, color=black label=<
componentNotPresent
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent
rdfs:comment"The software is not affected because the vulnerable component is not in the product."@en
> ] +# N1e2fa0884ac541b2978d5990bb638394 node376 +node376 [ shape=none, color=black label=<
N1e2fa0884ac541b2978d5990bb638394
N1e2fa0884ac541b2978d5990bb638394
sh:maxCount"1"^^xsd:integer
> ] +# Nf1abe749dd014b0b8e8ba4cd1c84a881 node377 +node377 [ shape=none, color=black label=<
Nf1abe749dd014b0b8e8ba4cd1c84a881
Nf1abe749dd014b0b8e8ba4cd1c84a881
> ] +# N72e3052b478b40919f635b72b196c1ac node378 +node378 [ shape=none, color=black label=<
N72e3052b478b40919f635b72b196c1ac
N72e3052b478b40919f635b72b196c1ac
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs node379 +node379 [ shape=none, color=black label=<
hasInputs
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs
rdfs:comment"The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period."@en
> ] +# N9d0a95c98f7f47ef86259edcfec0fa0e node380 +node380 [ shape=none, color=black label=<
N9d0a95c98f7f47ef86259edcfec0fa0e
N9d0a95c98f7f47ef86259edcfec0fa0e
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense node381 +node381 [ shape=none, color=black label=<
ListedLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense
rdfs:comment"A license that is listed on the SPDX License List."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint node382 +node382 [ shape=none, color=black label=<
configSourceEntrypoint
https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint
rdfs:comment"Property describes the invocation entrypoint of a build."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3 node383 +node383 [ shape=none, color=black label=<
blake3
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3
rdfs:comment"[BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf)"@en
> ] +# N2505b61d41e347659fdaed534a40ea46 node384 +node384 [ shape=none, color=black label=<
N2505b61d41e347659fdaed534a40ea46
N2505b61d41e347659fdaed534a40ea46
> ] +# Nf6d44d539e0749dbb66b9710610f4715 node385 +node385 [ shape=none, color=black label=<
Nf6d44d539e0749dbb66b9710610f4715
Nf6d44d539e0749dbb66b9710610f4715
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/NoneElement node386 +node386 [ shape=none, color=black label=<
NoneElement
https://spdx.org/rdf/3.0.1/terms/Core/NoneElement
rdfs:comment"An Individual Value for Element representing a set of Elements with +cardinality (number/count) of zero."@en
> ] +# Ne46e39537aa14acbb681ae6b64bad82e node387 +node387 [ shape=none, color=black label=<
Ne46e39537aa14acbb681ae6b64bad82e
Ne46e39537aa14acbb681ae6b64bad82e
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/created node388 +node388 [ shape=none, color=black label=<
created
https://spdx.org/rdf/3.0.1/terms/Core/created
rdfs:comment"Identifies when the Element was originally created."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense node389 +node389 [ shape=none, color=black label=<
CustomLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense
rdfs:comment"A license that is not listed on the SPDX License List."@en
> ] +# N5b57825570504e6f8ca3f6adb4757fa6 node390 +node390 [ shape=none, color=black label=<
N5b57825570504e6f8ca3f6adb4757fa6
N5b57825570504e6f8ca3f6adb4757fa6
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink node391 +node391 [ shape=none, color=black label=<
hasDynamicLink
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink
rdfs:comment"The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period."@en
> ] +# N2271ff01e65c414e9230537e23a9bf7e node392 +node392 [ shape=none, color=black label=<
N2271ff01e65c414e9230537e23a9bf7e
N2271ff01e65c414e9230537e23a9bf7e
sh:maxCount"1"^^xsd:integer
> ] +# Nbdff20ab74d444e7923acfcfc93aa93f node393 +node393 [ shape=none, color=black label=<
Nbdff20ab74d444e7923acfcfc93aa93f
Nbdff20ab74d444e7923acfcfc93aa93f
> ] +# Na3d7a10bc4924cdd9739f272136881cc node394 +node394 [ shape=none, color=black label=<
Na3d7a10bc4924cdd9739f272136881cc
Na3d7a10bc4924cdd9739f272136881cc
> ] +# N8bd0e6dd6bc2417fa08569221bf003aa node395 +node395 [ shape=none, color=black label=<
N8bd0e6dd6bc2417fa08569221bf003aa
N8bd0e6dd6bc2417fa08569221bf003aa
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink node396 +node396 [ shape=none, color=black label=<
hasStaticLink
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink
rdfs:comment"The `from` Element statically links in each `to` Element, during a LifecycleScopeType period."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/algorithm node397 +node397 [ shape=none, color=black label=<
algorithm
https://spdx.org/rdf/3.0.1/terms/Core/algorithm
rdfs:comment"Specifies the algorithm used for calculating the hash value."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Licensing/None node398 +node398 [ shape=none, color=black label=<
None
https://spdx.org/rdf/3.0.1/terms/Licensing/None
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel node399 +node399 [ shape=none, color=black label=<
securityAdversaryModel
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel
rdfs:comment"A reference to the security adversary model for a package."@en
> ] +# N14994e880aa347d08d331da14982f817 node400 +node400 [ shape=none, color=black label=<
N14994e880aa347d08d331da14982f817
N14994e880aa347d08d331da14982f817
> ] +# N91053949fa1446dcb56ad4e9c584ccd8 node401 +node401 [ shape=none, color=black label=<
N91053949fa1446dcb56ad4e9c584ccd8
N91053949fa1446dcb56ad4e9c584ccd8
> ] +# N7e67db9fb2fd4e659debbd95ce331825 node402 +node402 [ shape=none, color=black label=<
N7e67db9fb2fd4e659debbd95ce331825
N7e67db9fb2fd4e659debbd95ce331825
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid node403 +node403 [ shape=none, color=black label=<
swhid
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid
rdfs:comment"SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`."@en
> ] +# N4b39c15ea8a54e4f8e723c9e810719e2 node404 +node404 [ shape=none, color=black label=<
N4b39c15ea8a54e4f8e723c9e810719e2
N4b39c15ea8a54e4f8e723c9e810719e2
sh:maxCount"1"^^xsd:integer
sh:pattern"^[^\/]+\/[^\/]+$"
> ] +# Nf86050f490cc405d9aae0bc0e8f0d0ed node405 +node405 [ shape=none, color=black label=<
Nf86050f490cc405d9aae0bc0e8f0d0ed
Nf86050f490cc405d9aae0bc0e8f0d0ed
sh:minCount"2"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member node406 +node406 [ shape=none, color=black label=<
member
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member
rdfs:comment"A license expression participating in a license set."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold node407 +node407 [ shape=none, color=black label=<
metricDecisionThreshold
https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold
rdfs:comment"Captures the threshold that was used for computation of a metric described in +the metric field."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant node408 +node408 [ shape=none, color=black label=<
hasVariant
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant
rdfs:comment"Every `to` Element is a variant the `from` Element (`from` hasVariant `to`)."@en
> ] +# Nf14ac93643714b5dacc00c9c104f8c03 node409 +node409 [ shape=none, color=black label=<
Nf14ac93643714b5dacc00c9c104f8c03
Nf14ac93643714b5dacc00c9c104f8c03
> ] +# Ncbe379161d694e1eb5e3790789bec500 node410 +node410 [ shape=none, color=black label=<
Ncbe379161d694e1eb5e3790789bec500
Ncbe379161d694e1eb5e3790789bec500
> ] +# N123c7d0baf924de2a11ad271c2d5e7dd node411 +node411 [ shape=none, color=black label=<
N123c7d0baf924de2a11ad271c2d5e7dd
N123c7d0baf924de2a11ad271c2d5e7dd
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact node412 +node412 [ shape=none, color=black label=<
definingArtifact
https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact
rdfs:comment"Artifact representing a serialization instance of SPDX data containing the +definition of a particular Element."@en
> ] +# N38ce5613e9b24f01bb9b9142867696ee node413 +node413 [ shape=none, color=black label=<
N38ce5613e9b24f01bb9b9142867696ee
N38ce5613e9b24f01bb9b9142867696ee
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport node414 +node414 [ shape=none, color=black label=<
componentAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport
rdfs:comment"A reference to a Software Composition Analysis (SCA) report."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy node415 +node415 [ shape=none, color=black label=<
amendedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy
rdfs:comment"The `from` Element is amended by each `to` Element."@en
> ] +# N7a2c2860f5654a40b36740eb2ce350ba node416 +node416 [ shape=none, color=black label=<
N7a2c2860f5654a40b36740eb2ce350ba
N7a2c2860f5654a40b36740eb2ce350ba
> ] +# N907195cb969b438d9a77b636044e24a2 node417 +node417 [ shape=none, color=black label=<
N907195cb969b438d9a77b636044e24a2
N907195cb969b438d9a77b636044e24a2
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough node418 +node418 [ shape=none, color=black label=<
clickthrough
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough
rdfs:comment"the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage."@en
> ] +# N04278d17456b4fea99b3634ca77514ef node419 +node419 [ shape=none, color=black label=<
N04278d17456b4fea99b3634ca77514ef
N04278d17456b4fea99b3634ca77514ef
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Person node420 +node420 [ shape=none, color=black label=<
Person
https://spdx.org/rdf/3.0.1/terms/Core/Person
rdfs:comment"An individual human being."@en
> ] +# N9c0dc5b8a76f43b1ae76d4ac178df9e0 node421 +node421 [ shape=none, color=black label=<
N9c0dc5b8a76f43b1ae76d4ac178df9e0
N9c0dc5b8a76f43b1ae76d4ac178df9e0
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/buildType node422 +node422 [ shape=none, color=black label=<
buildType
https://spdx.org/rdf/3.0.1/terms/Build/buildType
rdfs:comment"A buildType is a hint that is used to indicate the toolchain, platform, or +infrastructure that the build was invoked on."@en
> ] +# Ncecb52c4bd31485f9565ff6680b5f5d6 node423 +node423 [ shape=none, color=black label=<
Ncecb52c4bd31485f9565ff6680b5f5d6
Ncecb52c4bd31485f9565ff6680b5f5d6
> ] +# N0e994107b04d41b4a0c9e366758f9fc1 node424 +node424 [ shape=none, color=black label=<
N0e994107b04d41b4a0c9e366758f9fc1
N0e994107b04d41b4a0c9e366758f9fc1
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/publishedTime node425 +node425 [ shape=none, color=black label=<
publishedTime
https://spdx.org/rdf/3.0.1/terms/Security/publishedTime
rdfs:comment"Specifies the time when a vulnerability was published."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime node426 +node426 [ shape=none, color=black label=<
withdrawnTime
https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime
rdfs:comment"Specified the time and date when a vulnerability was withdrawn."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act node427 +node427 [ shape=none, color=black label=<
act
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act
rdfs:comment"The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType node428 +node428 [ shape=none, color=black label=<
SsvcDecisionType
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType
rdfs:comment"Specifies the SSVC decision type."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid node429 +node429 [ shape=none, color=black label=<
gitoid
https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid
rdfs:comment"Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document)."@en
> ] +# N6851cf9c4a6e45f99208e17747c15b99 node430 +node430 [ shape=none, color=black label=<
N6851cf9c4a6e45f99208e17747c15b99
N6851cf9c4a6e45f99208e17747c15b99
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem node431 +node431 [ shape=none, color=black label=<
buildSystem
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem
rdfs:comment"A reference build system used to create or publish the package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed node432 +node432 [ shape=none, color=black label=<
analyzed
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed
rdfs:comment"SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security node433 +node433 [ shape=none, color=black label=<
security
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security
rdfs:comment"the element follows the Security profile specification"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/parameters node434 +node434 [ shape=none, color=black label=<
parameters
https://spdx.org/rdf/3.0.1/terms/Build/parameters
rdfs:comment"Property describing the parameters used in an instance of a build."@en
> ] +# Nf3b165324db2454aa8fb66d630b6199f node435 +node435 [ shape=none, color=black label=<
Nf3b165324db2454aa8fb66d630b6199f
Nf3b165324db2454aa8fb66d630b6199f
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon node436 +node436 [ shape=none, color=black label=<
falcon
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon
rdfs:comment"[FALCON](https://falcon-sign.info/falcon.pdf)"@en
> ] +# N171ff09c78574a91b58226f11487e0c3 node437 +node437 [ shape=none, color=black label=<
N171ff09c78574a91b58226f11487e0c3
N171ff09c78574a91b58226f11487e0c3
> ] +# N85673943a43944dcafac559f76c35894 node438 +node438 [ shape=none, color=black label=<
N85673943a43944dcafac559f76c35894
N85673943a43944dcafac559f76c35894
> ] +# N75a6121ec61a486ebed97314ee9b2768 node439 +node439 [ shape=none, color=black label=<
N75a6121ec61a486ebed97314ee9b2768
N75a6121ec61a486ebed97314ee9b2768
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder node440 +node440 [ shape=none, color=black label=<
purchaseOrder
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder
rdfs:comment"A reference to a purchase order for a package."@en
> ] +# Na8e7b4016d884907ab60729cbcd8b543 node441 +node441 [ shape=none, color=black label=<
Na8e7b4016d884907ab60729cbcd8b543
Na8e7b4016d884907ab60729cbcd8b543
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Ne23f197d0be8423394c2705f8bd3ae88 node442 +node442 [ shape=none, color=black label=<
Ne23f197d0be8423394c2705f8bd3ae88
Ne23f197d0be8423394c2705f8bd3ae88
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist node443 +node443 [ shape=none, color=black label=<
inlineMitigationsAlreadyExist
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist
rdfs:comment"Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other node444 +node444 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other
rdfs:comment"Used when the type does not match any of the other options."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model node445 +node445 [ shape=none, color=black label=<
model
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model
rdfs:comment"the Element is a machine learning or artificial intelligence model"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation node446 +node446 [ shape=none, color=black label=<
documentation
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation
rdfs:comment"A reference to the documentation for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile node447 +node447 [ shape=none, color=black label=<
hasDataFile
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile
rdfs:comment"The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high node448 +node448 [ shape=none, color=black label=<
high
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high
rdfs:comment"When a CVSS score is between 7.0 - 8.9"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy node449 +node449 [ shape=none, color=black label=<
invokedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy
rdfs:comment"The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step)."@en
> ] +# Necdb047eb0ed499c8f816eb813b94a77 node450 +node450 [ shape=none, color=black label=<
Necdb047eb0ed499c8f816eb813b94a77
Necdb047eb0ed499c8f816eb813b94a77
> ] +# N01d5e79f81cf42cb898870685a9a0289 node451 +node451 [ shape=none, color=black label=<
N01d5e79f81cf42cb898870685a9a0289
N01d5e79f81cf42cb898870685a9a0289
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/from node452 +node452 [ shape=none, color=black label=<
from
https://spdx.org/rdf/3.0.1/terms/Core/from
rdfs:comment"References the Element on the left-hand side of a relationship."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/percentile node453 +node453 [ shape=none, color=black label=<
percentile
https://spdx.org/rdf/3.0.1/terms/Security/percentile
rdfs:comment"The percentile of the current probability score."@en
> ] +# http://www.w3.org/2001/XMLSchema#decimal node454 +node454 [ shape=none, color=black label=<
decimal
http://www.w3.org/2001/XMLSchema#decimal
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured node455 +node455 [ shape=none, color=black label=<
structured
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured
rdfs:comment"data is stored in tabular format or retrieved from a relational database."@en
> ] +# N4f9882d4733542e2a3665e29ce2a867a node456 +node456 [ shape=none, color=black label=<
N4f9882d4733542e2a3665e29ce2a867a
N4f9882d4733542e2a3665e29ce2a867a
> ] +# N277a6b420c534f2ebafaf4965e832511 node457 +node457 [ shape=none, color=black label=<
N277a6b420c534f2ebafaf4965e832511
N277a6b420c534f2ebafaf4965e832511
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship node458 +node458 [ shape=none, color=black label=<
CvssV4VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship
rdfs:comment"Provides a CVSS version 4 assessment for a vulnerability."@en
> ] +# Nf715beffb935446e9489e94221f85169 node459 +node459 [ shape=none, color=black label=<
Nf715beffb935446e9489e94221f85169
Nf715beffb935446e9489e94221f85169
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nb236f62cc3c0431783fcd5456e9cd5d5 node460 +node460 [ shape=none, color=black label=<
Nb236f62cc3c0431783fcd5456e9cd5d5
Nb236f62cc3c0431783fcd5456e9cd5d5
> ] +# N5c33c61e3a0544e1bf9cfadaa777ffe1 node461 +node461 [ shape=none, color=black label=<
N5c33c61e3a0544e1bf9cfadaa777ffe1
N5c33c61e3a0544e1bf9cfadaa777ffe1
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral node462 +node462 [ shape=none, color=black label=<
mavenCentral
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral
rdfs:comment"A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html)."@en
> ] +# N7f6316ac6a7a48e9baa203bbbf4629d5 node463 +node463 [ shape=none, color=black label=<
N7f6316ac6a7a48e9baa203bbbf4629d5
N7f6316ac6a7a48e9baa203bbbf4629d5
> ] +# N45b53dd571a2408d8c0dd49d0983f11b node464 +node464 [ shape=none, color=black label=<
N45b53dd571a2408d8c0dd49d0983f11b
N45b53dd571a2408d8c0dd49d0983f11b
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier node465 +node465 [ shape=none, color=black label=<
contentIdentifier
https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier
rdfs:comment"A canonical, unique, immutable identifier of the artifact content, that may be +used for verifying its identity and/or integrity."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship node466 +node466 [ shape=none, color=black label=<
EpssVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship
rdfs:comment"Provides an EPSS assessment for a vulnerability."@en
> ] +# N9ecb9fd1d45a4eb89c6be986162ce3b4 node467 +node467 [ shape=none, color=black label=<
N9ecb9fd1d45a4eb89c6be986162ce3b4
N9ecb9fd1d45a4eb89c6be986162ce3b4
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Na69d53a341064f589163a7ffafc8154f node468 +node468 [ shape=none, color=black label=<
Na69d53a341064f589163a7ffafc8154f
Na69d53a341064f589163a7ffafc8154f
> ] +# N50092cc95a8641d2a4e0c9dfc72fe048 node469 +node469 [ shape=none, color=black label=<
N50092cc95a8641d2a4e0c9dfc72fe048
N50092cc95a8641d2a4e0c9dfc72fe048
> ] +# N9f82179a3a59479684ab421ab57c2e87 node470 +node470 [ shape=none, color=black label=<
N9f82179a3a59479684ab421ab57c2e87
N9f82179a3a59479684ab421ab57c2e87
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/standardName node471 +node471 [ shape=none, color=black label=<
standardName
https://spdx.org/rdf/3.0.1/terms/Core/standardName
rdfs:comment"The name of a relevant standard that may apply to an artifact."@en
> ] +# N2fd8a49e348d4613967dccc0f8038951 node472 +node472 [ shape=none, color=black label=<
N2fd8a49e348d4613967dccc0f8038951
N2fd8a49e348d4613967dccc0f8038951
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other node473 +node473 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other
rdfs:comment"data is of a type not included in this list."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/context node474 +node474 [ shape=none, color=black label=<
context
https://spdx.org/rdf/3.0.1/terms/Core/context
rdfs:comment"Gives information about the circumstances or unifying properties that Elements of the bundle have been assembled under."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor node659 -node659 [ shape=none, color=black label=<
hasAssessmentFor
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor
rdfs:comment"(Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types."@en
> ] -# N298df94f657745ffb949f711238be0e8 node660 -node660 [ shape=none, color=black label=<
N298df94f657745ffb949f711238be0e8
N298df94f657745ffb949f711238be0e8
> ] -# N0807f09df31c4071bbc0e29ff7b0ff38 node661 -node661 [ shape=none, color=black label=<
N0807f09df31c4071bbc0e29ff7b0ff38
N0807f09df31c4071bbc0e29ff7b0ff38
> ] -# N27834ee5c3854f38bbfb49ddb5782d41 node662 -node662 [ shape=none, color=black label=<
N27834ee5c3854f38bbfb49ddb5782d41
N27834ee5c3854f38bbfb49ddb5782d41
> ] -# Nb94c5c1e4d0544c989c98bdbab01b0a1 node663 -node663 [ shape=none, color=black label=<
Nb94c5c1e4d0544c989c98bdbab01b0a1
Nb94c5c1e4d0544c989c98bdbab01b0a1
> ] -# N21759c3305554b1988787eb2f342e733 node664 -node664 [ shape=none, color=black label=<
N21759c3305554b1988787eb2f342e733
N21759c3305554b1988787eb2f342e733
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri node665 -node665 [ shape=none, color=black label=<
configSourceUri
https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri
rdfs:comment"Property that describes the URI of the build configuration source file."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/prefix node666 -node666 [ shape=none, color=black label=<
prefix
https://spdx.org/rdf/3.0.1/terms/Core/prefix
rdfs:comment"A substitute for a URI."@en
> ] -# N8b8cfedcc8624a3b92cd37bc623efdcb node667 -node667 [ shape=none, color=black label=<
N8b8cfedcc8624a3b92cd37bc623efdcb
N8b8cfedcc8624a3b92cd37bc623efdcb
> ] -# N24193a24692645d2bfbb7491788d9eb4 node668 -node668 [ shape=none, color=black label=<
N24193a24692645d2bfbb7491788d9eb4
N24193a24692645d2bfbb7491788d9eb4
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory node669 -node669 [ shape=none, color=black label=<
directory
https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory
rdfs:comment"The file represents a directory and all content stored in that directory."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/FileKindType node670 -node670 [ shape=none, color=black label=<
FileKindType
https://spdx.org/rdf/3.0.1/terms/Software/FileKindType
rdfs:comment"Enumeration of the different kinds of SPDX file."@en
> ] -# Nef0b784d0ffc4cda8aec4cc2447b2128 node671 -node671 [ shape=none, color=black label=<
Nef0b784d0ffc4cda8aec4cc2447b2128
Nef0b784d0ffc4cda8aec4cc2447b2128
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose node672 -node672 [ shape=none, color=black label=<
primaryPurpose
https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose
rdfs:comment"Provides information about the primary purpose of the software artifact."@en
> ] -# Na0de971abae243a8a2ce9d79abaabfd8 node673 -node673 [ shape=none, color=black label=<
Na0de971abae243a8a2ce9d79abaabfd8
Na0de971abae243a8a2ce9d79abaabfd8
> ] -# Nff30750e50d746c09fa5b7e6bb2e89f9 node674 -node674 [ shape=none, color=black label=<
Nff30750e50d746c09fa5b7e6bb2e89f9
Nff30750e50d746c09fa5b7e6bb2e89f9
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high node675 -node675 [ shape=none, color=black label=<
high
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high
rdfs:comment"When a CVSS score is between 7.0 - 8.9"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/exploited node676 -node676 [ shape=none, color=black label=<
exploited
https://spdx.org/rdf/3.0.1/terms/Security/exploited
rdfs:comment"Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog."@en
> ] -# Nfb0d104a609c4735b2ee447c3d1c50be node677 -node677 [ shape=none, color=black label=<
Nfb0d104a609c4735b2ee447c3d1c50be
Nfb0d104a609c4735b2ee447c3d1c50be
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Ncdb932d87e52477fa19dac950a2b5d43 node678 -node678 [ shape=none, color=black label=<
Ncdb932d87e52477fa19dac950a2b5d43
Ncdb932d87e52477fa19dac950a2b5d43
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Ne88f1a21fba3493196c21592f8b8c26f node679 -node679 [ shape=none, color=black label=<
Ne88f1a21fba3493196c21592f8b8c26f
Ne88f1a21fba3493196c21592f8b8c26f
> ] -# Nd2222db2ab984ecbb4c3c6e0fd640b50 node680 -node680 [ shape=none, color=black label=<
Nd2222db2ab984ecbb4c3c6e0fd640b50
Nd2222db2ab984ecbb4c3c6e0fd640b50
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512 node681 -node681 [ shape=none, color=black label=<
sha512
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512
rdfs:comment"SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)."@en
> ] -# Ndc1519ced55444c8aae4bd152f6fdec4 node682 -node682 [ shape=none, color=black label=<
Ndc1519ced55444c8aae4bd152f6fdec4
Ndc1519ced55444c8aae4bd152f6fdec4
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink node683 -node683 [ shape=none, color=black label=<
hasStaticLink
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink
rdfs:comment"The `from` Element statically links in each `to` Element, during a LifecycleScopeType period."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour node684 -node684 [ shape=none, color=black label=<
kilowattHour
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour
rdfs:comment"Kilowatt-hour."@en
> ] -# N4c7929e32fe54a379468d435b8ecf541 node685 -node685 [ shape=none, color=black label=<
N4c7929e32fe54a379468d435b8ecf541
N4c7929e32fe54a379468d435b8ecf541
> ] -# N166e531d403c499da8699e1cbafa83e2 node686 -node686 [ shape=none, color=black label=<
N166e531d403c499da8699e1cbafa83e2
N166e531d403c499da8699e1cbafa83e2
sh:maxCount"1"^^xsd:integer
> ] -# N594a38923791410cb8518614335d4b9a node687 -node687 [ shape=none, color=black label=<
N594a38923791410cb8518614335d4b9a
N594a38923791410cb8518614335d4b9a
> ] -# N8324a68d30624b2f8cc8e13a3ca6ae9d node688 -node688 [ shape=none, color=black label=<
N8324a68d30624b2f8cc8e13a3ca6ae9d
N8324a68d30624b2f8cc8e13a3ca6ae9d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode node689 -node689 [ shape=none, color=black label=<
PackageVerificationCode
https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode
rdfs:comment"An SPDX version 2.X compatible verification method for software packages."@en
> ] -# Nd117d3098b7e44f196651a7183d65ced node690 -node690 [ shape=none, color=black label=<
Nd117d3098b7e44f196651a7183d65ced
Nd117d3098b7e44f196651a7183d65ced
> ] -# N88de861d07be4d14825627788cbab077 node691 -node691 [ shape=none, color=black label=<
N88de861d07be4d14825627788cbab077
N88de861d07be4d14825627788cbab077
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize node692 -node692 [ shape=none, color=black label=<
datasetSize
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize
rdfs:comment"Captures the size of the dataset."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship node693 -node693 [ shape=none, color=black label=<
VexUnderInvestigationVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship
rdfs:comment"Designates elements as products where the impact of a vulnerability is being -investigated."@en
> ] -# N1a06df03be6044d9ad4f17be55c85eb1 node694 -node694 [ shape=none, color=black label=<
N1a06df03be6044d9ad4f17be55c85eb1
N1a06df03be6044d9ad4f17be55c85eb1
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical node695 -node695 [ shape=none, color=black label=<
categorical
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical
rdfs:comment"data that is classified into a discrete number of categories, such as the eye color of a population of people."@en
> ] -# N9c20cf7f874242109f6ae2b024d828b8 node696 -node696 [ shape=none, color=black label=<
N9c20cf7f874242109f6ae2b024d828b8
N9c20cf7f874242109f6ae2b024d828b8
sh:maxCount"1"^^xsd:integer
> ] -# N6b5afdf8606149bb83b25b55a2bd8e97 node697 -node697 [ shape=none, color=black label=<
N6b5afdf8606149bb83b25b55a2bd8e97
N6b5afdf8606149bb83b25b55a2bd8e97
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise node698 -node698 [ shape=none, color=black label=<
datasetNoise
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise
rdfs:comment"Describes potentially noisy elements of the dataset."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime node699 -node699 [ shape=none, color=black label=<
modifiedTime
https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime
rdfs:comment"Specifies a time when a vulnerability assessment was modified"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink node700 -node700 [ shape=none, color=black label=<
hasDynamicLink
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink
rdfs:comment"The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5 node701 -node701 [ shape=none, color=black label=<
md5
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5
rdfs:comment"MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent node702 -node702 [ shape=none, color=black label=<
SoftwareAgent
https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent
rdfs:comment"A software agent."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium node703 -node703 [ shape=none, color=black label=<
medium
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium
rdfs:comment"When a CVSS score is between 4.0 - 6.9"@en
> ] -# N1d50b9dfee094f649f30673a6e75d62a node704 -node704 [ shape=none, color=black label=<
N1d50b9dfee094f649f30673a6e75d62a
N1d50b9dfee094f649f30673a6e75d62a
> ] -# N6148ef06ba2b428e812c3dccadccaed4 node705 -node705 [ shape=none, color=black label=<
N6148ef06ba2b428e812c3dccadccaed4
N6148ef06ba2b428e812c3dccadccaed4
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption node706 -node706 [ shape=none, color=black label=<
energyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption
rdfs:comment"Indicates the amount of energy consumption incurred by an AI model."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed node707 -node707 [ shape=none, color=black label=<
deployed
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed
rdfs:comment"SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment."@en
> ] -# N9fd9a7d1f99d447f864ea771917eb2e7 node708 -node708 [ shape=none, color=black label=<
N9fd9a7d1f99d447f864ea771917eb2e7
N9fd9a7d1f99d447f864ea771917eb2e7
> ] -# N66ae98254e5d43a5ae09e2bef61a3235 node709 -node709 [ shape=none, color=black label=<
N66ae98254e5d43a5ae09e2bef61a3235
N66ae98254e5d43a5ae09e2bef61a3235
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme node710 -node710 [ shape=none, color=black label=<
urlScheme
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme
rdfs:comment"[Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource."@en
> ] -# Ncf37b000ab474fb29aadff9dc7a847dc node711 -node711 [ shape=none, color=black label=<
Ncf37b000ab474fb29aadff9dc7a847dc
Ncf37b000ab474fb29aadff9dc7a847dc
> ] -# Ne8185d464325453c962f95db717fffcc node712 -node712 [ shape=none, color=black label=<
Ne8185d464325453c962f95db717fffcc
Ne8185d464325453c962f95db717fffcc
> ] -# Nda74ed3ec3ef4a16b298570efe2daba2 node713 -node713 [ shape=none, color=black label=<
Nda74ed3ec3ef4a16b298570efe2daba2
Nda74ed3ec3ef4a16b298570efe2daba2
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/limitation node714 -node714 [ shape=none, color=black label=<
limitation
https://spdx.org/rdf/3.0.1/terms/AI/limitation
rdfs:comment"Captures a limitation of the AI software."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/Sbom node715 -node715 [ shape=none, color=black label=<
Sbom
https://spdx.org/rdf/3.0.1/terms/Software/Sbom
rdfs:comment"A collection of SPDX Elements describing a single package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory node716 -node716 [ shape=none, color=black label=<
releaseHistory
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory
rdfs:comment"A reference to a published list of releases for a package."@en
> ] -# N2549f9cdbc42474fa4b1eaae9598739b node717 -node717 [ shape=none, color=black label=<
N2549f9cdbc42474fa4b1eaae9598739b
N2549f9cdbc42474fa4b1eaae9598739b
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity node718 -node718 [ shape=none, color=black label=<
energyQuantity
https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity
rdfs:comment"Represents the energy quantity."@en
> ] -# N857e3278ee944087ab549481ef036773 node719 -node719 [ shape=none, color=black label=<
N857e3278ee944087ab549481ef036773
N857e3278ee944087ab549481ef036773
> ] -# Nfe9160eff69d446ebb0af65d58fa1a11 node720 -node720 [ shape=none, color=black label=<
Nfe9160eff69d446ebb0af65d58fa1a11
Nfe9160eff69d446ebb0af65d58fa1a11
> ] -# N68c07310306942e695925a1d682382ca node721 -node721 [ shape=none, color=black label=<
N68c07310306942e695925a1d682382ca
N68c07310306942e695925a1d682382ca
> ] -# N573aa271ea464f00ab313f89e2c77b1b node722 -node722 [ shape=none, color=black label=<
N573aa271ea464f00ab313f89e2c77b1b
N573aa271ea464f00ab313f89e2c77b1b
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256 node723 -node723 [ shape=none, color=black label=<
sha3_256
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256
rdfs:comment"SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] -# Na4f63770d7b64ef1908519feb3b3d33b node724 -node724 [ shape=none, color=black label=<
Na4f63770d7b64ef1908519feb3b3d33b
Na4f63770d7b64ef1908519feb3b3d33b
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data node725 -node725 [ shape=none, color=black label=<
data
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data
rdfs:comment"Element is data"@en
> ] -# N9535471470ab423d8247e678e9ab503e node726 -node726 [ shape=none, color=black label=<
N9535471470ab423d8247e678e9ab503e
N9535471470ab423d8247e678e9ab503e
sh:maxCount"1"^^xsd:integer
> ] -# N441f79d9f8f542f78938d685830e008c node727 -node727 [ shape=none, color=black label=<
N441f79d9f8f542f78938d685830e008c
N441f79d9f8f542f78938d685830e008c
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/percentile node728 -node728 [ shape=none, color=black label=<
percentile
https://spdx.org/rdf/3.0.1/terms/Security/percentile
rdfs:comment"The percentile of the current probability score."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker node729 -node729 [ shape=none, color=black label=<
issueTracker
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker
rdfs:comment"A reference to the issue tracker for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/extension node730 -node730 [ shape=none, color=black label=<
extension
https://spdx.org/rdf/3.0.1/terms/Core/extension
rdfs:comment"Specifies an Extension characterization of some aspect of an Element."@en
> ] -# N4aae3294054e4579b4c4509df4b82eb1 node731 -node731 [ shape=none, color=black label=<
N4aae3294054e4579b4c4509df4b82eb1
N4aae3294054e4579b4c4509df4b82eb1
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs node732 -node732 [ shape=none, color=black label=<
vcs
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs
rdfs:comment"A reference to a version control system related to a software artifact."@en
> ] -# N0bf2fa7a27cd4af8a326a813e10108ec node733 -node733 [ shape=none, color=black label=<
N0bf2fa7a27cd4af8a326a813e10108ec
N0bf2fa7a27cd4af8a326a813e10108ec
> ] -# N5693ed79fe9a4967a08dfe2ad8565e01 node734 -node734 [ shape=none, color=black label=<
N5693ed79fe9a4967a08dfe2ad8565e01
N5693ed79fe9a4967a08dfe2ad8565e01
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/catalogType node735 -node735 [ shape=none, color=black label=<
catalogType
https://spdx.org/rdf/3.0.1/terms/Security/catalogType
rdfs:comment"Specifies the exploit catalog type."@en
> ] -# N5b680eaa5bca49b58b582bd2e9113dbd node736 -node736 [ shape=none, color=black label=<
N5b680eaa5bca49b58b582bd2e9113dbd
N5b680eaa5bca49b58b582bd2e9113dbd
> ] -# N271aa2908dcd489f97d76c400f4ee7dc node737 -node737 [ shape=none, color=black label=<
N271aa2908dcd489f97d76c400f4ee7dc
N271aa2908dcd489f97d76c400f4ee7dc
> ] -# Nbc37969f9e2b4b91bfeecd6677004af4 node738 -node738 [ shape=none, color=black label=<
Nbc37969f9e2b4b91bfeecd6677004af4
Nbc37969f9e2b4b91bfeecd6677004af4
> ] -# Nd781f5e5ab7a44248bbafa44e088db68 node739 -node739 [ shape=none, color=black label=<
Nd781f5e5ab7a44248bbafa44e088db68
Nd781f5e5ab7a44248bbafa44e088db68
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/licenses/Community-Spec-1.0.html node740 -node740 [ shape=none, color=black label=<
Community-Spec-1.0.html
https://spdx.org/licenses/Community-Spec-1.0.html
> ] -# N8a15534475204de89ebdb421d12429f2 node741 -node741 [ shape=none, color=black label=<
N8a15534475204de89ebdb421d12429f2
N8a15534475204de89ebdb421d12429f2
> ] -# Nf21ca7cfbab04b31a06856bea73ccadb node742 -node742 [ shape=none, color=black label=<
Nf21ca7cfbab04b31a06856bea73ccadb
Nf21ca7cfbab04b31a06856bea73ccadb
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/supportLevel node743 -node743 [ shape=none, color=black label=<
supportLevel
https://spdx.org/rdf/3.0.1/terms/Core/supportLevel
rdfs:comment"Specifies the level of support associated with an artifact."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/algorithm node744 -node744 [ shape=none, color=black label=<
algorithm
https://spdx.org/rdf/3.0.1/terms/Core/algorithm
rdfs:comment"Specifies the algorithm used for calculating the hash value."@en
> ] -# Nb067e2613df54ae5998d2b8cce711bb1 node745 -node745 [ shape=none, color=black label=<
Nb067e2613df54ae5998d2b8cce711bb1
Nb067e2613df54ae5998d2b8cce711bb1
sh:maxCount"1"^^xsd:integer
> ] -# Na804764c8f054093995d7c1214e53832 node746 -node746 [ shape=none, color=black label=<
Na804764c8f054093995d7c1214e53832
Na804764c8f054093995d7c1214e53832
> ] -# N24d311412afd4972b5fb6c01213aaf44 node747 -node747 [ shape=none, color=black label=<
N24d311412afd4972b5fb6c01213aaf44
N24d311412afd4972b5fb6c01213aaf44
> ] -# Nbea7fc0d4bf848d08962f8c35fc767ba node748 -node748 [ shape=none, color=black label=<
Nbea7fc0d4bf848d08962f8c35fc767ba
Nbea7fc0d4bf848d08962f8c35fc767ba
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs node749 -node749 [ shape=none, color=black label=<
hasOutputs
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs
rdfs:comment"The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period."@en
> ] -# N594f34cd0a824b26a5fc939f60ac3246 node750 -node750 [ shape=none, color=black label=<
N594f34cd0a824b26a5fc939f60ac3246
N594f34cd0a824b26a5fc939f60ac3246
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/imports node751 -node751 [ shape=none, color=black label=<
imports
https://spdx.org/rdf/3.0.1/terms/Core/imports
rdfs:comment"Provides an ExternalMap of Element identifiers."@en
> ] -# N053c6f9408d64f8db4bee8079d69ecc4 node752 -node752 [ shape=none, color=black label=<
N053c6f9408d64f8db4bee8079d69ecc4
N053c6f9408d64f8db4bee8079d69ecc4
> ] -# N9ba364cbcb78445d99af38c37c250586 node753 -node753 [ shape=none, color=black label=<
N9ba364cbcb78445d99af38c37c250586
N9ba364cbcb78445d99af38c37c250586
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/sbomType node754 -node754 [ shape=none, color=black label=<
sbomType
https://spdx.org/rdf/3.0.1/terms/Software/sbomType
rdfs:comment"Provides information about the type of an SBOM."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy node755 -node755 [ shape=none, color=black label=<
exploitCreatedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy
rdfs:comment"(Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/sensor node756 -node756 [ shape=none, color=black label=<
sensor
https://spdx.org/rdf/3.0.1/terms/Dataset/sensor
rdfs:comment"Describes a sensor used for collecting the data."@en
> ] -# N2dc44b4ab6f94e049ac6f8b2634e7f83 node757 -node757 [ shape=none, color=black label=<
N2dc44b4ab6f94e049ac6f8b2634e7f83
N2dc44b4ab6f94e049ac6f8b2634e7f83
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent node758 -node758 [ shape=none, color=black label=<
hasOptionalComponent
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent
rdfs:comment"Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`)."@en
> ] -# Nf7116fd5f105424193ffeab05e57b9e7 node759 -node759 [ shape=none, color=black label=<
Nf7116fd5f105424193ffeab05e57b9e7
Nf7116fd5f105424193ffeab05e57b9e7
sh:maxCount"1"^^xsd:integer
> ] -# Nf3ff42ef7a004f929b2a2447d407a1e2 node760 -node760 [ shape=none, color=black label=<
Nf3ff42ef7a004f929b2a2447d407a1e2
Nf3ff42ef7a004f929b2a2447d407a1e2
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary node761 -node761 [ shape=none, color=black label=<
vulnerableCodeCannotBeControlledByAdversary
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary
rdfs:comment"The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect node762 -node762 [ shape=none, color=black label=<
doesNotAffect
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect
rdfs:comment"(Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap node763 -node763 [ shape=none, color=black label=<
NamespaceMap
https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap
rdfs:comment"A mapping between prefixes and namespace partial URIs."@en
> ] -# Nf571b4477a474f9ba6bc38e474ff4bc2 node764 -node764 [ shape=none, color=black label=<
Nf571b4477a474f9ba6bc38e474ff4bc2
Nf571b4477a474f9ba6bc38e474ff4bc2
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high node765 -node765 [ shape=none, color=black label=<
high
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high
rdfs:comment"The second-highest level of risk posed by an AI system."@en
> ] -# N5784bafb9ebb4bbc8cf90882472ead2e node766 -node766 [ shape=none, color=black label=<
N5784bafb9ebb4bbc8cf90882472ead2e
N5784bafb9ebb4bbc8cf90882472ead2e
> ] -# N8b9ac292c0eb403686a34ab60147a003 node767 -node767 [ shape=none, color=black label=<
N8b9ac292c0eb403686a34ab60147a003
N8b9ac292c0eb403686a34ab60147a003
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/actionStatement node768 -node768 [ shape=none, color=black label=<
actionStatement
https://spdx.org/rdf/3.0.1/terms/Security/actionStatement
rdfs:comment"Provides advise on how to mitigate or remediate a vulnerability when a VEX product -is affected by it."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice node769 -node769 [ shape=none, color=black label=<
eolNotice
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice
rdfs:comment"A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package."@en
> ] -# N59d332d8bb0340609c76af64e417285d node770 -node770 [ shape=none, color=black label=<
N59d332d8bb0340609c76af64e417285d
N59d332d8bb0340609c76af64e417285d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256 node771 -node771 [ shape=none, color=black label=<
blake2b256
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256
rdfs:comment"BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4."@en
> ] -# Ne23fdcd5bb344bb0b93e74dcd48f3415 node772 -node772 [ shape=none, color=black label=<
Ne23fdcd5bb344bb0b93e74dcd48f3415
Ne23fdcd5bb344bb0b93e74dcd48f3415
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes node773 -node773 [ shape=none, color=black label=<
releaseNotes
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes
rdfs:comment"A reference to the release notes for a package."@en
> ] -# Nd0f54e66847d460b99d715b8391d21c6 node774 -node774 [ shape=none, color=black label=<
Nd0f54e66847d460b99d715b8391d21c6
Nd0f54e66847d460b99d715b8391d21c6
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport node775 -node775 [ shape=none, color=black label=<
certificationReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport
rdfs:comment"A reference to a certification report for a package from an accredited/independent body."@en
> ] -# Nd7bd2f59aa0849428381e795157c443d node776 -node776 [ shape=none, color=black label=<
Nd7bd2f59aa0849428381e795157c443d
Nd7bd2f59aa0849428381e795157c443d
sh:minCount"1"^^xsd:integer
> ] -# Nbb5046097f214b9a8a19b08ba049ef39 node777 -node777 [ shape=none, color=black label=<
Nbb5046097f214b9a8a19b08ba049ef39
Nbb5046097f214b9a8a19b08ba049ef39
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport node778 -node778 [ shape=none, color=black label=<
staticAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport
rdfs:comment"A reference to a static analysis report for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no node779 -node779 [ shape=none, color=black label=<
no
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no
rdfs:comment"Indicates absence of the field."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso node780 -node780 [ shape=none, color=black label=<
seeAlso
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso
rdfs:comment"Contains a URL where the License or LicenseAddition can be found in use."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear node781 -node781 [ shape=none, color=black label=<
clear
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear
rdfs:comment"Dataset may be distributed freely, without restriction."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel node782 -node782 [ shape=none, color=black label=<
securityAdversaryModel
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel
rdfs:comment"A reference to the security adversary model for a package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act node783 -node783 [ shape=none, color=black label=<
act
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act
rdfs:comment"The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible."@en
> ] -# Nde27d170d5b445e08f2f7578b4794411 node784 -node784 [ shape=none, color=black label=<
Nde27d170d5b445e08f2f7578b4794411
Nde27d170d5b445e08f2f7578b4794411
> ] -# N873390b0750642ebabae85bc8440112b node785 -node785 [ shape=none, color=black label=<
N873390b0750642ebabae85bc8440112b
N873390b0750642ebabae85bc8440112b
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N46af972c39f14fc79ac9fe2141502e51 node786 -node786 [ shape=none, color=black label=<
N46af972c39f14fc79ac9fe2141502e51
N46af972c39f14fc79ac9fe2141502e51
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# N99b63d3f93db4aac8032206ead1e579a node787 -node787 [ shape=none, color=black label=<
N99b63d3f93db4aac8032206ead1e579a
N99b63d3f93db4aac8032206ead1e579a
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/rootElement node788 -node788 [ shape=none, color=black label=<
rootElement
https://spdx.org/rdf/3.0.1/terms/Core/rootElement
rdfs:comment"This property is used to denote the root Element(s) of a tree of elements contained in a BOM."@en
> ] -# N32c0c6925ba64ee2bd25e67c237ec52b node789 -node789 [ shape=none, color=black label=<
N32c0c6925ba64ee2bd25e67c237ec52b
N32c0c6925ba64ee2bd25e67c237ec52b
> ] -# http://www.w3.org/2001/XMLSchema#nonNegativeInteger node790 -node790 [ shape=none, color=black label=<
nonNegativeInteger
http://www.w3.org/2001/XMLSchema#nonNegativeInteger
> ] -# N51d71abc6664486dbaad0c0ebbe27c3c node791 -node791 [ shape=none, color=black label=<
N51d71abc6664486dbaad0c0ebbe27c3c
N51d71abc6664486dbaad0c0ebbe27c3c
> ] -# N43514ee2ad7041f3a2b042b420ecd545 node792 -node792 [ shape=none, color=black label=<
N43514ee2ad7041f3a2b042b420ecd545
N43514ee2ad7041f3a2b042b420ecd545
> ] -# Nf20a7c9286b24064a0695e1545debe86 node793 -node793 [ shape=none, color=black label=<
Nf20a7c9286b24064a0695e1545debe86
Nf20a7c9286b24064a0695e1545debe86
sh:maxCount"1"^^xsd:integer
sh:pattern"^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$"
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3 node794 -node794 [ shape=none, color=black label=<
blake3
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3
rdfs:comment"[BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf)"@en
> ] -# Na3120359e45649f4a079830802826302 node795 -node795 [ shape=none, color=black label=<
Na3120359e45649f4a079830802826302
Na3120359e45649f4a079830802826302
> ] -# N0650251630934629b3b7973585e71b80 node796 -node796 [ shape=none, color=black label=<
N0650251630934629b3b7973585e71b80
N0650251630934629b3b7973585e71b80
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical node797 -node797 [ shape=none, color=black label=<
critical
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical
rdfs:comment"When a CVSS score is between 9.0 - 10.0"@en
> ] -# N6614c874e0c34bd2b169f32bbe6daf6e node798 -node798 [ shape=none, color=black label=<
N6614c874e0c34bd2b169f32bbe6daf6e
N6614c874e0c34bd2b169f32bbe6daf6e
sh:maxCount"1"^^xsd:integer
> ] -# Na584150c8e154877a4905ea070e5acaf node799 -node799 [ shape=none, color=black label=<
Na584150c8e154877a4905ea070e5acaf
Na584150c8e154877a4905ea070e5acaf
> ] -# N9f1a516e72f2441fa1dbe08f3083c0a5 node800 -node800 [ shape=none, color=black label=<
N9f1a516e72f2441fa1dbe08f3083c0a5
N9f1a516e72f2441fa1dbe08f3083c0a5
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures node801 -node801 [ shape=none, color=black label=<
configures
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures
rdfs:comment"The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/locator node802 -node802 [ shape=none, color=black label=<
locator
https://spdx.org/rdf/3.0.1/terms/Core/locator
rdfs:comment"Provides the location of an external reference."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom node803 -node803 [ shape=none, color=black label=<
bom
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom
rdfs:comment"Element is a bill of materials"@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget node804 -node804 [ shape=none, color=black label=<
nuget
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget
rdfs:comment"A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org)."@en
> ] -# N5d54117b63e244dfb26d26c127bbe8b5 node805 -node805 [ shape=none, color=black label=<
N5d54117b63e244dfb26d26c127bbe8b5
N5d54117b63e244dfb26d26c127bbe8b5
> ] -# N7ff4746dd2994fe7b0e830152e7908b5 node806 -node806 [ shape=none, color=black label=<
N7ff4746dd2994fe7b0e830152e7908b5
N7ff4746dd2994fe7b0e830152e7908b5
> ] -# Nd3f41a76438348f089a23e52d3cb0593 node807 -node807 [ shape=none, color=black label=<
Nd3f41a76438348f089a23e52d3cb0593
Nd3f41a76438348f089a23e52d3cb0593
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship node808 -node808 [ shape=none, color=black label=<
VexFixedVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship
rdfs:comment"Links a vulnerability and elements representing products (in the VEX sense) where +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256 node475 +node475 [ shape=none, color=black label=<
sha3_256
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256
rdfs:comment"SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement node476 +node476 [ shape=none, color=black label=<
NoAssertionElement
https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement
rdfs:comment"An Individual Value for Element representing a set of Elements of unknown +identify or cardinality (number)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType node477 +node477 [ shape=none, color=black label=<
PresenceType
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType
rdfs:comment"Categories of presence or absence."@en
> ] +# N5055d1d4a52e4bbe8cfb9a1af8e2aab8 node478 +node478 [ shape=none, color=black label=<
N5055d1d4a52e4bbe8cfb9a1af8e2aab8
N5055d1d4a52e4bbe8cfb9a1af8e2aab8
> ] +# N6d139dcdca5e42918c6b4db04401cdbd node479 +node479 [ shape=none, color=black label=<
N6d139dcdca5e42918c6b4db04401cdbd
N6d139dcdca5e42918c6b4db04401cdbd
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost node480 +node480 [ shape=none, color=black label=<
hasHost
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost
rdfs:comment"The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on)."@en
> ] +# N520b701a82074cbe8fdbca52616994da node481 +node481 [ shape=none, color=black label=<
N520b701a82074cbe8fdbca52616994da
N520b701a82074cbe8fdbca52616994da
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory node482 +node482 [ shape=none, color=black label=<
directory
https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory
rdfs:comment"The file represents a directory and all content stored in that directory."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ node483 +node483 [ shape=none, color=black label=<
System Package Data Exchange (SPDX) Ontology
https://spdx.org/rdf/3.0.1/terms/
dcterms:abstract"This ontology defines the terms and relationships used in the SPDX specification to describe system packages"@en
dcterms:created"2024-04-05"^^xsd:date
dcterms:creator"SPDX Project"@en
dcterms:title"System Package Data Exchange (SPDX) Ontology"@en
omg-ann:copyright"Copyright (C) 2024 SPDX Project"@en
> ] +# http://www.w3.org/2002/07/owl#Ontology node484 +node484 [ shape=none, color=black label=<
Ontology
http://www.w3.org/2002/07/owl#Ontology
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Annotation node485 +node485 [ shape=none, color=black label=<
Annotation
https://spdx.org/rdf/3.0.1/terms/Core/Annotation
rdfs:comment"An assertion made in relation to one or more elements."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/identifier node486 +node486 [ shape=none, color=black label=<
identifier
https://spdx.org/rdf/3.0.1/terms/Core/identifier
rdfs:comment"Uniquely identifies an external element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/extension node487 +node487 [ shape=none, color=black label=<
extension
https://spdx.org/rdf/3.0.1/terms/Core/extension
rdfs:comment"Specifies an Extension characterization of some aspect of an Element."@en
> ] +# Na383bb53d0034891a0ff1f8d05f4118c node488 +node488 [ shape=none, color=black label=<
Na383bb53d0034891a0ff1f8d05f4118c
Na383bb53d0034891a0ff1f8d05f4118c
sh:maxCount"1"^^xsd:integer
> ] +# Nf5cc84c4f6b14fbdb33000f1db645100 node489 +node489 [ shape=none, color=black label=<
Nf5cc84c4f6b14fbdb33000f1db645100
Nf5cc84c4f6b14fbdb33000f1db645100
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther node490 +node490 [ shape=none, color=black label=<
securityOther
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther
rdfs:comment"Used when there is a security related identifier of unspecified type."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId node491 +node491 [ shape=none, color=black label=<
isDeprecatedAdditionId
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId
rdfs:comment"Specifies whether an additional text identifier has been marked as deprecated."@en
> ] +# N5a27bb4b030343b0ba3b1f5cc1f225ef node492 +node492 [ shape=none, color=black label=<
N5a27bb4b030343b0ba3b1f5cc1f225ef
N5a27bb4b030343b0ba3b1f5cc1f225ef
sh:maxCount"1"^^xsd:integer
> ] +# Naf2eb435312c4120bf09f934e8874fac node493 +node493 [ shape=none, color=black label=<
Naf2eb435312c4120bf09f934e8874fac
Naf2eb435312c4120bf09f934e8874fac
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable node494 +node494 [ shape=none, color=black label=<
executable
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable
rdfs:comment"Element is an Artifact that can be run on a computer"@en
> ] +# N47e842bb397e42b8b07961552884d36d node495 +node495 [ shape=none, color=black label=<
N47e842bb397e42b8b07961552884d36d
N47e842bb397e42b8b07961552884d36d
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nc6ad6f5e11c046b685ce09c86ab91092 node496 +node496 [ shape=none, color=black label=<
Nc6ad6f5e11c046b685ce09c86ab91092
Nc6ad6f5e11c046b685ce09c86ab91092
> ] +# N2b9eaad218ea484b9ad9df98d8f48460 node497 +node497 [ shape=none, color=black label=<
N2b9eaad218ea484b9ad9df98d8f48460
N2b9eaad218ea484b9ad9df98d8f48460
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate node498 +node498 [ shape=none, color=black label=<
standardLicenseTemplate
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate
rdfs:comment"Identifies the full text of a License, in SPDX templating format."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse node499 +node499 [ shape=none, color=black label=<
intendedUse
https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse
rdfs:comment"Describes what the given dataset should be used for."@en
> ] +# N0db21cdf4c384f56aafae6575d96629c node500 +node500 [ shape=none, color=black label=<
N0db21cdf4c384f56aafae6575d96629c
N0db21cdf4c384f56aafae6575d96629c
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship node501 +node501 [ shape=none, color=black label=<
VexFixedVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship
rdfs:comment"Links a vulnerability and elements representing products (in the VEX sense) where a fix has been applied and are no longer affected."@en
> ] -# Ndffff5e80ff94dcf820510c120175d5b node809 -node809 [ shape=none, color=black label=<
Ndffff5e80ff94dcf820510c120175d5b
Ndffff5e80ff94dcf820510c120175d5b
> ] -# N39c2103adbac45c3b9b024b71a833a93 node810 -node810 [ shape=none, color=black label=<
N39c2103adbac45c3b9b024b71a833a93
N39c2103adbac45c3b9b024b71a833a93
> ] -# N18b20436a2914b658bf4aa6cc39435c3 node811 -node811 [ shape=none, color=black label=<
N18b20436a2914b658bf4aa6cc39435c3
N18b20436a2914b658bf4aa6cc39435c3
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem node812 -node812 [ shape=none, color=black label=<
buildSystem
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem
rdfs:comment"A reference build system used to create or publish the package."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/vectorString node813 -node813 [ shape=none, color=black label=<
vectorString
https://spdx.org/rdf/3.0.1/terms/Security/vectorString
rdfs:comment"Specifies the CVSS vector string for a vulnerability."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact node814 -node814 [ shape=none, color=black label=<
SoftwareArtifact
https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact
rdfs:comment"A distinct article or unit related to Software."@en
> ] -# N9a85118e8515490e9088cb2b74cb053b node815 -node815 [ shape=none, color=black label=<
N9a85118e8515490e9088cb2b74cb053b
N9a85118e8515490e9088cb2b74cb053b
sh:maxCount"1"^^xsd:integer
> ] -# N5ad2469a63b3455d8cd323b577daea83 node816 -node816 [ shape=none, color=black label=<
N5ad2469a63b3455d8cd323b577daea83
N5ad2469a63b3455d8cd323b577daea83
> ] -# Nb0acda179f304d1794132f4600ad24f7 node817 -node817 [ shape=none, color=black label=<
Nb0acda179f304d1794132f4600ad24f7
Nb0acda179f304d1794132f4600ad24f7
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo node818 -node818 [ shape=none, color=black label=<
delegatedTo
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo
rdfs:comment"The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`)."@en
> ] -# N6c590ea598964c698036aef5063221f2 node819 -node819 [ shape=none, color=black label=<
N6c590ea598964c698036aef5063221f2
N6c590ea598964c698036aef5063221f2
> ] -# N2b524a50d3a4429db362c3036bccada0 node820 -node820 [ shape=none, color=black label=<
N2b524a50d3a4429db362c3036bccada0
N2b524a50d3a4429db362c3036bccada0
> ] -# N8638fce912554bc888eceff716d4003c node821 -node821 [ shape=none, color=black label=<
N8638fce912554bc888eceff716d4003c
N8638fce912554bc888eceff716d4003c
> ] -# N854d5eb85d86450eae3d152f84e9573b node822 -node822 [ shape=none, color=black label=<
N854d5eb85d86450eae3d152f84e9573b
N854d5eb85d86450eae3d152f84e9573b
> ] -# N30a67ffa3e1b4d09b5542d404f29404d node823 -node823 [ shape=none, color=black label=<
N30a67ffa3e1b4d09b5542d404f29404d
N30a67ffa3e1b4d09b5542d404f29404d
sh:maxCount"1"^^xsd:integer
sh:pattern"^[^\/]+\/[^\/]+$"
> ] -# Nd2bf5b5eeb234f4ba8ffdc50956bbc1e node824 -node824 [ shape=none, color=black label=<
Nd2bf5b5eeb234f4ba8ffdc50956bbc1e
Nd2bf5b5eeb234f4ba8ffdc50956bbc1e
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense node825 -node825 [ shape=none, color=black label=<
subjectExtendableLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense
rdfs:comment"A License participating in a 'with addition' model."@en
> ] -# Nde7a4dec723d4b4ab10c82d232dd9b0c node826 -node826 [ shape=none, color=black label=<
Nde7a4dec723d4b4ab10c82d232dd9b0c
Nde7a4dec723d4b4ab10c82d232dd9b0c
> ] -# N7e8d2471cf134c47b0e3a981db75430d node827 -node827 [ shape=none, color=black label=<
N7e8d2471cf134c47b0e3a981db75430d
N7e8d2471cf134c47b0e3a981db75430d
> ] -# N719b91fda0a5430b9278cc0d306756c8 node828 -node828 [ shape=none, color=black label=<
N719b91fda0a5430b9278cc0d306756c8
N719b91fda0a5430b9278cc0d306756c8
> ] -# N89cf6216e10b421ba89bdf72fc90b5ad node829 -node829 [ shape=none, color=black label=<
N89cf6216e10b421ba89bdf72fc90b5ad
N89cf6216e10b421ba89bdf72fc90b5ad
> ] -# Nf64ac0f57fa94c09ad8ae66e86ab1a4d node830 -node830 [ shape=none, color=black label=<
Nf64ac0f57fa94c09ad8ae66e86ab1a4d
Nf64ac0f57fa94c09ad8ae66e86ab1a4d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/startTime node831 -node831 [ shape=none, color=black label=<
startTime
https://spdx.org/rdf/3.0.1/terms/Core/startTime
rdfs:comment"Specifies the time from which an element is applicable / valid."@en
> ] -# N0a33dff438d6481cbaa9a09a1ef43350 node832 -node832 [ shape=none, color=black label=<
N0a33dff438d6481cbaa9a09a1ef43350
N0a33dff438d6481cbaa9a09a1ef43350
> ] -# N69e81687efc4491da08359864bdf84a5 node833 -node833 [ shape=none, color=black label=<
N69e81687efc4491da08359864bdf84a5
N69e81687efc4491da08359864bdf84a5
> ] -# N15f7e975b883478c9ea0290960c884ab node834 -node834 [ shape=none, color=black label=<
N15f7e975b883478c9ea0290960c884ab
N15f7e975b883478c9ea0290960c884ab
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism node835 -node835 [ shape=none, color=black label=<
datasetUpdateMechanism
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism
rdfs:comment"Describes a mechanism to update the dataset."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/builtTime node836 -node836 [ shape=none, color=black label=<
builtTime
https://spdx.org/rdf/3.0.1/terms/Core/builtTime
rdfs:comment"Specifies the time an artifact was built."@en
> ] -# Ne9db3edc0820424284490d16313a1d57 node837 -node837 [ shape=none, color=black label=<
Ne9db3edc0820424284490d16313a1d57
Ne9db3edc0820424284490d16313a1d57
sh:maxCount"1"^^xsd:integer
> ] -# N667b79cde3024a099b26aec91e22e4f3 node838 -node838 [ shape=none, color=black label=<
N667b79cde3024a099b26aec91e22e4f3
N667b79cde3024a099b26aec91e22e4f3
> ] -# http://www.w3.org/2002/07/owl#Ontology node839 -node839 [ shape=none, color=black label=<
Ontology
http://www.w3.org/2002/07/owl#Ontology
> ] -# N768a5b2b8dde48abbe2da80f0608b5fd node840 -node840 [ shape=none, color=black label=<
N768a5b2b8dde48abbe2da80f0608b5fd
N768a5b2b8dde48abbe2da80f0608b5fd
> ] -# Ncbd08839363c4e05982fdcdb82376b45 node841 -node841 [ shape=none, color=black label=<
Ncbd08839363c4e05982fdcdb82376b45
Ncbd08839363c4e05982fdcdb82376b45
> ] -# N0a98ed0bc3f34582b8601716b5fec024 node842 -node842 [ shape=none, color=black label=<
N0a98ed0bc3f34582b8601716b5fec024
N0a98ed0bc3f34582b8601716b5fec024
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata node843 -node843 [ shape=none, color=black label=<
productMetadata
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata
rdfs:comment"A reference to additional product metadata such as reference within organization's product catalog."@en
> ] -# Na81064f4b5264357b42a64e6ba8887d9 node844 -node844 [ shape=none, color=black label=<
Na81064f4b5264357b42a64e6ba8887d9
Na81064f4b5264357b42a64e6ba8887d9
sh:maxCount"1"^^xsd:integer
> ] -# N80f7ccc89b2645cf81600d9eafbe103f node845 -node845 [ shape=none, color=black label=<
N80f7ccc89b2645cf81600d9eafbe103f
N80f7ccc89b2645cf81600d9eafbe103f
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId node846 -node846 [ shape=none, color=black label=<
externalSpdxId
https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId
rdfs:comment"Identifies an external Element used within a Document but defined external to -that Document."@en
> ] -# N9cf1967100624a7b80aef435424429ea node847 -node847 [ shape=none, color=black label=<
N9cf1967100624a7b80aef435424429ea
N9cf1967100624a7b80aef435424429ea
> ] -# N6e39a5514eb24d15885b6368f2e55f76 node848 -node848 [ shape=none, color=black label=<
N6e39a5514eb24d15885b6368f2e55f76
N6e39a5514eb24d15885b6368f2e55f76
> ] -# N7e3e49314418418e921b3636bc6ee62d node849 -node849 [ shape=none, color=black label=<
N7e3e49314418418e921b3636bc6ee62d
N7e3e49314418418e921b3636bc6ee62d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier node850 -node850 [ shape=none, color=black label=<
externalIdentifier
https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier
rdfs:comment"Provides a reference to a resource outside the scope of SPDX-3.0 content -that uniquely identifies an Element."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator node851 -node851 [ shape=none, color=black label=<
identifierLocator
https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator
rdfs:comment"Provides the location for more information regarding an external identifier."@en
> ] -# Nb9f1e3ef7a544ac0928c9417b1a64230 node852 -node852 [ shape=none, color=black label=<
Nb9f1e3ef7a544ac0928c9417b1a64230
Nb9f1e3ef7a544ac0928c9417b1a64230
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library node853 -node853 [ shape=none, color=black label=<
library
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library
rdfs:comment"the Element is a software library"@en
> ] -# N250d067c16d145c4addd6a9f229481ef node854 -node854 [ shape=none, color=black label=<
N250d067c16d145c4addd6a9f229481ef
N250d067c16d145c4addd6a9f229481ef
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other node855 -node855 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other
rdfs:comment"Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element)."@en
> ] -# N725b84be183b48b28815dbc45ac1419c node856 -node856 [ shape=none, color=black label=<
N725b84be183b48b28815dbc45ac1419c
N725b84be183b48b28815dbc45ac1419c
> ] -# Nefed1b52d2f6496b97c0190b2c835855 node857 -node857 [ shape=none, color=black label=<
Nefed1b52d2f6496b97c0190b2c835855
Nefed1b52d2f6496b97c0190b2c835855
> ] -# Nd8b5d424743c4e8a8a72cfcc824c4c88 node858 -node858 [ shape=none, color=black label=<
Nd8b5d424743c4e8a8a72cfcc824c4c88
Nd8b5d424743c4e8a8a72cfcc824c4c88
> ] -# Nf34a94fae5974d8fa72cdd84a4af9521 node859 -node859 [ shape=none, color=black label=<
Nf34a94fae5974d8fa72cdd84a4af9521
Nf34a94fae5974d8fa72cdd84a4af9521
> ] -# Ne6d67acada684ad9b6c03d19c69f4316 node860 -node860 [ shape=none, color=black label=<
Ne6d67acada684ad9b6c03d19c69f4316
Ne6d67acada684ad9b6c03d19c69f4316
> ] -# N8e23f954716f40f48ad1fa23ac3d2e9c node861 -node861 [ shape=none, color=black label=<
N8e23f954716f40f48ad1fa23ac3d2e9c
N8e23f954716f40f48ad1fa23ac3d2e9c
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design node862 -node862 [ shape=none, color=black label=<
design
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design
rdfs:comment"A relationship has specific context implications during an element's design."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/Person node863 -node863 [ shape=none, color=black label=<
Person
https://spdx.org/rdf/3.0.1/terms/Core/Person
rdfs:comment"An individual human being."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense node864 -node864 [ shape=none, color=black label=<
CustomLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense
rdfs:comment"A license that is not listed on the SPDX License List."@en
> ] -# N83b025728c124c1d884a5f3da3056b6d node865 -node865 [ shape=none, color=black label=<
N83b025728c124c1d884a5f3da3056b6d
N83b025728c124c1d884a5f3da3056b6d
sh:maxCount"1"^^xsd:integer
> ] -# N2bea89e8b82e4f88b97b6e5969ebc4ea node866 -node866 [ shape=none, color=black label=<
N2bea89e8b82e4f88b97b6e5969ebc4ea
N2bea89e8b82e4f88b97b6e5969ebc4ea
> ] -# N901374d76fe44f7dabe2d0c11b3e81ff node867 -node867 [ shape=none, color=black label=<
N901374d76fe44f7dabe2d0c11b3e81ff
N901374d76fe44f7dabe2d0c11b3e81ff
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other node868 -node868 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other
rdfs:comment"Used when the type does not match any of the other options."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath node869 -node869 [ shape=none, color=black label=<
vulnerableCodeNotInExecutePath
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath
rdfs:comment"The affected code is not reachable through the execution of the code, including non-anticipated states of the product."@en
> ] -# Nf5e183b1110340de9cb3320d9b92bbe8 node870 -node870 [ shape=none, color=black label=<
Nf5e183b1110340de9cb3320d9b92bbe8
Nf5e183b1110340de9cb3320d9b92bbe8
> ] -# https://spdx.org/rdf/3.0.1/terms/Extension/Extension node871 -node871 [ shape=none, color=black label=<
Extension
https://spdx.org/rdf/3.0.1/terms/Extension/Extension
rdfs:comment"A characterization of some aspect of an Element that is associated with the Element in a generalized fashion."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/originatedBy node872 -node872 [ shape=none, color=black label=<
originatedBy
https://spdx.org/rdf/3.0.1/terms/Core/originatedBy
rdfs:comment"Identifies from where or whom the Element originally came."@en
> ] -# http://www.w3.org/2001/XMLSchema#positiveInteger node873 -node873 [ shape=none, color=black label=<
positiveInteger
http://www.w3.org/2001/XMLSchema#positiveInteger
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SbomType node874 -node874 [ shape=none, color=black label=<
SbomType
https://spdx.org/rdf/3.0.1/terms/Software/SbomType
rdfs:comment"Provides a set of values to be used to describe the common types of SBOMs that -tools may create."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/autonomyType node875 -node875 [ shape=none, color=black label=<
autonomyType
https://spdx.org/rdf/3.0.1/terms/AI/autonomyType
rdfs:comment"Indicates whether the system can perform a decision or action without human -involvement or guidance."@en
> ] -# N5ac9fd2451f54d37972a01b1f591c138 node876 -node876 [ shape=none, color=black label=<
N5ac9fd2451f54d37972a01b1f591c138
N5ac9fd2451f54d37972a01b1f591c138
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/from node877 -node877 [ shape=none, color=black label=<
from
https://spdx.org/rdf/3.0.1/terms/Core/from
rdfs:comment"References the Element on the left-hand side of a relationship."@en
> ] -# N3e641e7fa7754d9890cdcf3c98960cce node878 -node878 [ shape=none, color=black label=<
N3e641e7fa7754d9890cdcf3c98960cce
N3e641e7fa7754d9890cdcf3c98960cce
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/byteRange node879 -node879 [ shape=none, color=black label=<
byteRange
https://spdx.org/rdf/3.0.1/terms/Software/byteRange
rdfs:comment"Defines the byte range in the original host file that the snippet information -applies to."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/externalRef node880 -node880 [ shape=none, color=black label=<
externalRef
https://spdx.org/rdf/3.0.1/terms/Core/externalRef
rdfs:comment"Points to a resource outside the scope of the SPDX-3.0 content +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion node502 +node502 [ shape=none, color=black label=<
deprecatedVersion
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion
rdfs:comment"Specifies the SPDX License List version in which this license or exception +identifier was deprecated."@en
> ] +# N6540b79b59d04a4bbaeceb5b15959bd1 node503 +node503 [ shape=none, color=black label=<
N6540b79b59d04a4bbaeceb5b15959bd1
N6540b79b59d04a4bbaeceb5b15959bd1
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose node504 +node504 [ shape=none, color=black label=<
primaryPurpose
https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose
rdfs:comment"Provides information about the primary purpose of the software artifact."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file node505 +node505 [ shape=none, color=black label=<
file
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file
rdfs:comment"the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc)"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator node506 +node506 [ shape=none, color=black label=<
OrLaterOperator
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator
rdfs:comment"Portion of an AnyLicenseInfo representing this version, or any later version, +of the indicated License."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense node507 +node507 [ shape=none, color=black label=<
ExtendableLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense
rdfs:comment"Abstract class representing a License or an OrLaterOperator."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf node508 +node508 [ shape=none, color=black label=<
ancestorOf
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf
rdfs:comment"The `from` Element is an ancestor of each `to` Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/domain node509 +node509 [ shape=none, color=black label=<
domain
https://spdx.org/rdf/3.0.1/terms/AI/domain
rdfs:comment"Captures the domain in which the AI package can be used."@en
> ] +# N34c5112050d94b07ade9563e1b114e1d node510 +node510 [ shape=none, color=black label=<
N34c5112050d94b07ade9563e1b114e1d
N34c5112050d94b07ade9563e1b114e1d
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed node511 +node511 [ shape=none, color=black label=<
anonymizationMethodUsed
https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed
rdfs:comment"Describes the anonymization methods used."@en
> ] +# Nf2caaa3d7bb2485b958124c6dc4a473b node512 +node512 [ shape=none, color=black label=<
Nf2caaa3d7bb2485b958124c6dc4a473b
Nf2caaa3d7bb2485b958124c6dc4a473b
sh:maxCount"1"^^xsd:integer
> ] +# Na4bdfa6078a6493589d054f0581485d0 node513 +node513 [ shape=none, color=black label=<
Na4bdfa6078a6493589d054f0581485d0
Na4bdfa6078a6493589d054f0581485d0
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# N0f7aeed443954dbb99f22915269e1022 node514 +node514 [ shape=none, color=black label=<
N0f7aeed443954dbb99f22915269e1022
N0f7aeed443954dbb99f22915269e1022
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo node515 +node515 [ shape=none, color=black label=<
delegatedTo
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo
rdfs:comment"The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`)."@en
> ] +# N43a008e2fd3047aa8906a4cecac9abbf node516 +node516 [ shape=none, color=black label=<
N43a008e2fd3047aa8906a4cecac9abbf
N43a008e2fd3047aa8906a4cecac9abbf
> ] +# N465b7a728f01476680a5637280931045 node517 +node517 [ shape=none, color=black label=<
N465b7a728f01476680a5637280931045
N465b7a728f01476680a5637280931045
> ] +# N059a91fdd13a4587b0fe44b4120ba705 node518 +node518 [ shape=none, color=black label=<
N059a91fdd13a4587b0fe44b4120ba705
N059a91fdd13a4587b0fe44b4120ba705
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency node519 +node519 [ shape=none, color=black label=<
hasProvidedDependency
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency
rdfs:comment"The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5 node520 +node520 [ shape=none, color=black label=<
md5
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5
rdfs:comment"MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321)."@en
> ] +# N15290b212a884e9ba4ec419743e8ab8d node521 +node521 [ shape=none, color=black label=<
N15290b212a884e9ba4ec419743e8ab8d
N15290b212a884e9ba4ec419743e8ab8d
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/score node522 +node522 [ shape=none, color=black label=<
score
https://spdx.org/rdf/3.0.1/terms/Security/score
rdfs:comment"Provides a numerical (0-10) representation of the severity of a vulnerability."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Tool node523 +node523 [ shape=none, color=black label=<
Tool
https://spdx.org/rdf/3.0.1/terms/Core/Tool
rdfs:comment"An element of hardware and/or software utilized to carry out a particular function."@en
> ] +# N4920beead15b454a8ab28bb477e3f770 node524 +node524 [ shape=none, color=black label=<
N4920beead15b454a8ab28bb477e3f770
N4920beead15b454a8ab28bb477e3f770
> ] +# Nb78fa298e45149d9928fd7739dd4f637 node525 +node525 [ shape=none, color=black label=<
Nb78fa298e45149d9928fd7739dd4f637
Nb78fa298e45149d9928fd7739dd4f637
> ] +# Ne7485fc2d2314afaa7ccbde7b5a49105 node526 +node526 [ shape=none, color=black label=<
Ne7485fc2d2314afaa7ccbde7b5a49105
Ne7485fc2d2314afaa7ccbde7b5a49105
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/statusNotes node527 +node527 [ shape=none, color=black label=<
statusNotes
https://spdx.org/rdf/3.0.1/terms/Security/statusNotes
rdfs:comment"Conveys information about how VEX status was determined."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email node528 +node528 [ shape=none, color=black label=<
email
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email
rdfs:comment"Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module node529 +node529 [ shape=none, color=black label=<
module
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module
rdfs:comment"the Element is a module of a piece of software"@en
> ] +# N9d5528db2dd74fdd932db23bbf57e0a9 node530 +node530 [ shape=none, color=black label=<
N9d5528db2dd74fdd932db23bbf57e0a9
N9d5528db2dd74fdd932db23bbf57e0a9
> ] +# N1b5654647edc4983a971016877bdb294 node531 +node531 [ shape=none, color=black label=<
N1b5654647edc4983a971016877bdb294
N1b5654647edc4983a971016877bdb294
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries node532 +node532 [ shape=none, color=black label=<
timeseries
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries
rdfs:comment"data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day."@en
> ] +# N38af2a49869f44b58a3cc26f40e8fc6b node533 +node533 [ shape=none, color=black label=<
N38af2a49869f44b58a3cc26f40e8fc6b
N38af2a49869f44b58a3cc26f40e8fc6b
sh:maxCount"1"^^xsd:integer
> ] +# Na7b3c2d60c9f456a9e73937d1c3a21cd node534 +node534 [ shape=none, color=black label=<
Na7b3c2d60c9f456a9e73937d1c3a21cd
Na7b3c2d60c9f456a9e73937d1c3a21cd
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Organization node535 +node535 [ shape=none, color=black label=<
Organization
https://spdx.org/rdf/3.0.1/terms/Core/Organization
rdfs:comment"A group of people who work together in an organized way for a shared purpose."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter node536 +node536 [ shape=none, color=black label=<
hyperparameter
https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter
rdfs:comment"Records a hyperparameter used to build the AI model contained in the AI +package."@en
> ] +# N7b29c2ce18474e75812c59e976bd9113 node537 +node537 [ shape=none, color=black label=<
N7b29c2ce18474e75812c59e976bd9113
N7b29c2ce18474e75812c59e976bd9113
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N0b82640196e1446088909ff0c5a24210 node538 +node538 [ shape=none, color=black label=<
N0b82640196e1446088909ff0c5a24210
N0b82640196e1446088909ff0c5a24210
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other node539 +node539 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other
rdfs:comment"Any other units of energy measurement."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet node540 +node540 [ shape=none, color=black label=<
DisjunctiveLicenseSet
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet
rdfs:comment"Portion of an AnyLicenseInfo representing a set of licensing information where +only one of the elements applies."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId node541 +node541 [ shape=none, color=black label=<
isDeprecatedLicenseId
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId
rdfs:comment"Specifies whether a license or additional text identifier has been marked as +deprecated."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Hash node542 +node542 [ shape=none, color=black label=<
Hash
https://spdx.org/rdf/3.0.1/terms/Core/Hash
rdfs:comment"A mathematically calculated representation of a grouping of data."@en
> ] +# N87b26809d3c145e49f65ec7b9e444b3f node543 +node543 [ shape=none, color=black label=<
N87b26809d3c145e49f65ec7b9e444b3f
N87b26809d3c145e49f65ec7b9e444b3f
> ] +# N370edc447f55474eb84f0b34fff6830f node544 +node544 [ shape=none, color=black label=<
N370edc447f55474eb84f0b34fff6830f
N370edc447f55474eb84f0b34fff6830f
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation node545 +node545 [ shape=none, color=black label=<
secureSoftwareAttestation
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation
rdfs:comment"A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense node546 +node546 [ shape=none, color=black label=<
subjectLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense
rdfs:comment"A License participating in an 'or later' model."@en
> ] +# N15fc37bda13542f388e149f012b82b19 node547 +node547 [ shape=none, color=black label=<
N15fc37bda13542f388e149f012b82b19
N15fc37bda13542f388e149f012b82b19
> ] +# Ne58fb46ee0874d7ead6f3e20b76a50fc node548 +node548 [ shape=none, color=black label=<
Ne58fb46ee0874d7ead6f3e20b76a50fc
Ne58fb46ee0874d7ead6f3e20b76a50fc
> ] +# Nb55d1a9c1d8b4663aa4f100305d5ea11 node549 +node549 [ shape=none, color=black label=<
Nb55d1a9c1d8b4663aa4f100305d5ea11
Nb55d1a9c1d8b4663aa4f100305d5ea11
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget node550 +node550 [ shape=none, color=black label=<
nuget
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget
rdfs:comment"A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build node551 +node551 [ shape=none, color=black label=<
build
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build
rdfs:comment"A relationship has specific context implications during an element's build phase, during development."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber node552 +node552 [ shape=none, color=black label=<
amber
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber
rdfs:comment"Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp node553 +node553 [ shape=none, color=black label=<
timestamp
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp
rdfs:comment"data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source node554 +node554 [ shape=none, color=black label=<
source
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source
rdfs:comment"the Element is a single or a collection of source files"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Agent node555 +node555 [ shape=none, color=black label=<
Agent
https://spdx.org/rdf/3.0.1/terms/Core/Agent
rdfs:comment"Agent represents anything with the potential to act on a system."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text node556 +node556 [ shape=none, color=black label=<
text
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text
rdfs:comment"data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs node557 +node557 [ shape=none, color=black label=<
hasOutputs
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs
rdfs:comment"The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period."@en
> ] +# N1a76c1408bb74c33af0136f06b6e35a0 node558 +node558 [ shape=none, color=black label=<
N1a76c1408bb74c33af0136f06b6e35a0
N1a76c1408bb74c33af0136f06b6e35a0
> ] +# N0c12d3ce00164a05bd0e6d85d1651ed5 node559 +node559 [ shape=none, color=black label=<
N0c12d3ce00164a05bd0e6d85d1651ed5
N0c12d3ce00164a05bd0e6d85d1651ed5
> ] +# Nf362daf0521f4d399d91fb4379c7099b node560 +node560 [ shape=none, color=black label=<
Nf362daf0521f4d399d91fb4379c7099b
Nf362daf0521f4d399d91fb4379c7099b
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption node561 +node561 [ shape=none, color=black label=<
EnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption
rdfs:comment"A class for describing the energy consumption incurred by an AI model in +different stages of its lifecycle."@en
> ] +# Nd971b9cf58064263aa6764260ed1b468 node562 +node562 [ shape=none, color=black label=<
Nd971b9cf58064263aa6764260ed1b468
Nd971b9cf58064263aa6764260ed1b468
> ] +# N17291cf47810404fb155bb1234590691 node563 +node563 [ shape=none, color=black label=<
N17291cf47810404fb155bb1234590691
N17291cf47810404fb155bb1234590691
> ] +# N2a97bdb20a0f42ed8a4082b1c818018f node564 +node564 [ shape=none, color=black label=<
N2a97bdb20a0f42ed8a4082b1c818018f
N2a97bdb20a0f42ed8a4082b1c818018f
> ] +# Nf357064ae34e49d7927eadfec97dd5d0 node565 +node565 [ shape=none, color=black label=<
Nf357064ae34e49d7927eadfec97dd5d0
Nf357064ae34e49d7927eadfec97dd5d0
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency node566 +node566 [ shape=none, color=black label=<
hasOptionalDependency
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency
rdfs:comment"The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period."@en
> ] +# N2a1f0770eea04f939e7c0a0ad6f3f5c0 node567 +node567 [ shape=none, color=black label=<
N2a1f0770eea04f939e7c0a0ad6f3f5c0
N2a1f0770eea04f939e7c0a0ad6f3f5c0
sh:maxCount"1"^^xsd:integer
> ] +# N73eb7604b32546febc5ee84fa03f0812 node568 +node568 [ shape=none, color=black label=<
N73eb7604b32546febc5ee84fa03f0812
N73eb7604b32546febc5ee84fa03f0812
sh:maxCount"1"^^xsd:integer
> ] +# Nfbcebb4525404b1abb3f29ad4e5f7b9a node569 +node569 [ shape=none, color=black label=<
Nfbcebb4525404b1abb3f29ad4e5f7b9a
Nfbcebb4525404b1abb3f29ad4e5f7b9a
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification node570 +node570 [ shape=none, color=black label=<
specification
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification
rdfs:comment"the Element is a plan, guideline or strategy how to create, perform or analyse an application"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384 node571 +node571 [ shape=none, color=black label=<
sha384
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384
rdfs:comment"SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)."@en
> ] +# Nc1b9ba3e85a742a8945cf308e35ea867 node572 +node572 [ shape=none, color=black label=<
Nc1b9ba3e85a742a8945cf308e35ea867
Nc1b9ba3e85a742a8945cf308e35ea867
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange node573 +node573 [ shape=none, color=black label=<
beginIntegerRange
https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange
rdfs:comment"Defines the beginning of a range."@en
> ] +# N31878b66476d42c984a626c5d5143f76 node574 +node574 [ shape=none, color=black label=<
N31878b66476d42c984a626c5d5143f76
N31878b66476d42c984a626c5d5143f76
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat node575 +node575 [ shape=none, color=black label=<
chat
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat
rdfs:comment"A reference to the instant messaging system used by the maintainer for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/value node576 +node576 [ shape=none, color=black label=<
value
https://spdx.org/rdf/3.0.1/terms/Core/value
rdfs:comment"A value used in a generic key-value pair."@en
> ] +# N92d24ad770f64f7a8fd19498463040d9 node577 +node577 [ shape=none, color=black label=<
N92d24ad770f64f7a8fd19498463040d9
N92d24ad770f64f7a8fd19498463040d9
> ] +# Nade75b1b27f74da795c4e45780c79e7a node578 +node578 [ shape=none, color=black label=<
Nade75b1b27f74da795c4e45780c79e7a
Nade75b1b27f74da795c4e45780c79e7a
> ] +# N70eac285531147ddad1b62f4cdfd263d node579 +node579 [ shape=none, color=black label=<
N70eac285531147ddad1b62f4cdfd263d
N70eac285531147ddad1b62f4cdfd263d
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent node580 +node580 [ shape=none, color=black label=<
SoftwareAgent
https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent
rdfs:comment"A software agent."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/externalRef node581 +node581 [ shape=none, color=black label=<
externalRef
https://spdx.org/rdf/3.0.1/terms/Core/externalRef
rdfs:comment"Points to a resource outside the scope of the SPDX-3.0 content that provides additional characteristics of an Element."@en
> ] -# Nfda7e041d95e45b7a5fb1be530342925 node881 -node881 [ shape=none, color=black label=<
Nfda7e041d95e45b7a5fb1be530342925
Nfda7e041d95e45b7a5fb1be530342925
> ] -# Nec970a70a9e94c4e897d145299549155 node882 -node882 [ shape=none, color=black label=<
Nec970a70a9e94c4e897d145299549155
Nec970a70a9e94c4e897d145299549155
> ] -# https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension node883 -node883 [ shape=none, color=black label=<
CdxPropertiesExtension
https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension
rdfs:comment"A type of extension consisting of a list of name value pairs."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software node884 -node884 [ shape=none, color=black label=<
software
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software
rdfs:comment"the element follows the Software profile specification"@en
> ] -# N360e6a5c360d4993bec8455299e77563 node885 -node885 [ shape=none, color=black label=<
N360e6a5c360d4993bec8455299e77563
N360e6a5c360d4993bec8455299e77563
> ] -# N42a9bc5582fe4d569878641755d0a667 node886 -node886 [ shape=none, color=black label=<
N42a9bc5582fe4d569878641755d0a667
N42a9bc5582fe4d569878641755d0a667
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm node887 -node887 [ shape=none, color=black label=<
npm
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm
rdfs:comment"A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo node888 -node888 [ shape=none, color=black label=<
copiedTo
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo
rdfs:comment"The `from` Element has been copied to each `to` Element."@en
> ] -# N08a324396a604d6aa235c07900b34849 node889 -node889 [ shape=none, color=black label=<
N08a324396a604d6aa235c07900b34849
N08a324396a604d6aa235c07900b34849
> ] -# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression node890 -node890 [ shape=none, color=black label=<
licenseExpression
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression
rdfs:comment"A string in the license expression format."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue node891 -node891 [ shape=none, color=black label=<
contentIdentifierValue
https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue
rdfs:comment"Specifies the value of the content identifier."@en
> ] -# Nb81cb492cf2b4f25abd1cc97e32b092e node892 -node892 [ shape=none, color=black label=<
Nb81cb492cf2b4f25abd1cc97e32b092e
Nb81cb492cf2b4f25abd1cc97e32b092e
> ] -# N98ac37059aa144d395d823402aa09c39 node893 -node893 [ shape=none, color=black label=<
N98ac37059aa144d395d823402aa09c39
N98ac37059aa144d395d823402aa09c39
> ] -# Naa706582ecc2498781d6bc1f38408407 node894 -node894 [ shape=none, color=black label=<
Naa706582ecc2498781d6bc1f38408407
Naa706582ecc2498781d6bc1f38408407
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing node895 -node895 [ shape=none, color=black label=<
modelDataPreprocessing
https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing
rdfs:comment"Describes all the preprocessing steps applied to the training data before the -model training."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes node896 -node896 [ shape=none, color=black label=<
describes
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes
rdfs:comment"The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used."@en
> ] -# N717d253ffb8b47be963580b4d22763e0 node897 -node897 [ shape=none, color=black label=<
N717d253ffb8b47be963580b4d22763e0
N717d253ffb8b47be963580b4d22763e0
> ] -# N666386f3598f42688c709dbe2ad77349 node898 -node898 [ shape=none, color=black label=<
N666386f3598f42688c709dbe2ad77349
N666386f3598f42688c709dbe2ad77349
> ] -# Nec971d019a8b4af290e3707a3aebc5d2 node899 -node899 [ shape=none, color=black label=<
Nec971d019a8b4af290e3707a3aebc5d2
Nec971d019a8b4af290e3707a3aebc5d2
> ] -# N02cb6ee897094cfc87469d187fdedc3e node900 -node900 [ shape=none, color=black label=<
N02cb6ee897094cfc87469d187fdedc3e
N02cb6ee897094cfc87469d187fdedc3e
> ] -# N0f1b35c941504bb2b73f5ee80f962e35 node901 -node901 [ shape=none, color=black label=<
N0f1b35c941504bb2b73f5ee80f962e35
N0f1b35c941504bb2b73f5ee80f962e35
> ] -# Na13d2ca0d3e948e4b79022a79e928ce8 node902 -node902 [ shape=none, color=black label=<
Na13d2ca0d3e948e4b79022a79e928ce8
Na13d2ca0d3e948e4b79022a79e928ce8
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none node903 -node903 [ shape=none, color=black label=<
none
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none
rdfs:comment"When a CVSS score is 0.0"@en
> ] -# N27a935422748498fb0f433ec55a24901 node904 -node904 [ shape=none, color=black label=<
N27a935422748498fb0f433ec55a24901
N27a935422748498fb0f433ec55a24901
> ] -# Nabc7e70105744c5bac0fded7ca38ecce node905 -node905 [ shape=none, color=black label=<
Nabc7e70105744c5bac0fded7ca38ecce
Nabc7e70105744c5bac0fded7ca38ecce
> ] -# N60f780f3d32f4216a5c5a00d7b3978f0 node906 -node906 [ shape=none, color=black label=<
N60f780f3d32f4216a5c5a00d7b3978f0
N60f780f3d32f4216a5c5a00d7b3978f0
> ] -# Nb81fd02891e041f985add66f5e43f5ab node907 -node907 [ shape=none, color=black label=<
Nb81fd02891e041f985add66f5e43f5ab
Nb81fd02891e041f985add66f5e43f5ab
> ] -# N121cdf41235542e9b4c9bbe29eeef3ca node908 -node908 [ shape=none, color=black label=<
N121cdf41235542e9b4c9bbe29eeef3ca
N121cdf41235542e9b4c9bbe29eeef3ca
> ] -# N5b1e7d730e9642239024eb2c6f0745f4 node909 -node909 [ shape=none, color=black label=<
N5b1e7d730e9642239024eb2c6f0745f4
N5b1e7d730e9642239024eb2c6f0745f4
> ] -# N67796c4a56a14410a26e9f2ce1be68f1 node910 -node910 [ shape=none, color=black label=<
N67796c4a56a14410a26e9f2ce1be68f1
N67796c4a56a14410a26e9f2ce1be68f1
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/buildId node911 -node911 [ shape=none, color=black label=<
buildId
https://spdx.org/rdf/3.0.1/terms/Build/buildId
rdfs:comment"A buildId is a locally unique identifier used by a builder to identify a unique +# https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing node582 +node582 [ shape=none, color=black label=<
verifiedUsing
https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing
rdfs:comment"Provides an IntegrityMethod with which the integrity of an Element can be +asserted."@en
> ] +# N88dc7eadb48f4840a2178d5c909f6576 node583 +node583 [ shape=none, color=black label=<
N88dc7eadb48f4840a2178d5c909f6576
N88dc7eadb48f4840a2178d5c909f6576
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity node584 +node584 [ shape=none, color=black label=<
energyQuantity
https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity
rdfs:comment"Represents the energy quantity."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport node585 +node585 [ shape=none, color=black label=<
limitedSupport
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport
rdfs:comment"the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1 node586 +node586 [ shape=none, color=black label=<
sha1
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1
rdfs:comment"SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase node587 +node587 [ shape=none, color=black label=<
hasTestCase
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase
rdfs:comment"Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre node588 +node588 [ shape=none, color=black label=<
isFsfLibre
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre
rdfs:comment"Specifies whether the License is listed as free by the +[Free Software Foundation (FSF)](https://fsf.org)."@en
> ] +# Ncd2f1cc582e84bcd856b955b65a59076 node589 +node589 [ shape=none, color=black label=<
Ncd2f1cc582e84bcd856b955b65a59076
Ncd2f1cc582e84bcd856b955b65a59076
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion node590 +node590 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion
rdfs:comment"Makes no assertion about the field."@en
> ] +# N351fc53950de470daa9906852a56f066 node591 +node591 [ shape=none, color=black label=<
N351fc53950de470daa9906852a56f066
N351fc53950de470daa9906852a56f066
sh:maxCount"1"^^xsd:integer
> ] +# N29630ed4d4a04d1381b0fda3fd6e8c45 node592 +node592 [ shape=none, color=black label=<
N29630ed4d4a04d1381b0fda3fd6e8c45
N29630ed4d4a04d1381b0fda3fd6e8c45
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType node593 +node593 [ shape=none, color=black label=<
contentIdentifierType
https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType
rdfs:comment"Specifies the type of the content identifier."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/Build node594 +node594 [ shape=none, color=black label=<
Build
https://spdx.org/rdf/3.0.1/terms/Build/Build
rdfs:comment"Class that describes a build instance of software/artifacts."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256 node595 +node595 [ shape=none, color=black label=<
sha256
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256
rdfs:comment"SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)."@en
> ] +# Ne98cfea8569047e9bdf6a5339df0c458 node596 +node596 [ shape=none, color=black label=<
Ne98cfea8569047e9bdf6a5339df0c458
Ne98cfea8569047e9bdf6a5339df0c458
> ] +# Na83822b118d04776a5509b603a150824 node597 +node597 [ shape=none, color=black label=<
Na83822b118d04776a5509b603a150824
Na83822b118d04776a5509b603a150824
> ] +# Nc4faf517275f49fc84ef5c93394572a8 node598 +node598 [ shape=none, color=black label=<
Nc4faf517275f49fc84ef5c93394572a8
Nc4faf517275f49fc84ef5c93394572a8
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage node599 +node599 [ shape=none, color=black label=<
diskImage
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage
rdfs:comment"the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest node600 +node600 [ shape=none, color=black label=<
configSourceDigest
https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest
rdfs:comment"Property that describes the digest of the build configuration file used to +invoke a build."@en
> ] +# Nce4c35fe9c2e41ffa5decc69cecb994e node601 +node601 [ shape=none, color=black label=<
Nce4c35fe9c2e41ffa5decc69cecb994e
Nce4c35fe9c2e41ffa5decc69cecb994e
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary node602 +node602 [ shape=none, color=black label=<
vulnerableCodeCannotBeControlledByAdversary
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary
rdfs:comment"The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack."@en
> ] +# N7379d1cc718943e0a73d88e3ffed1bed node603 +node603 [ shape=none, color=black label=<
N7379d1cc718943e0a73d88e3ffed1bed
N7379d1cc718943e0a73d88e3ffed1bed
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml node604 +node604 [ shape=none, color=black label=<
licenseXml
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml
rdfs:comment"Identifies all the text and metadata associated with a license in the license +XML format."@en
> ] +# N74f69b212d0e48a48206fcdafc6e654b node605 +node605 [ shape=none, color=black label=<
N74f69b212d0e48a48206fcdafc6e654b
N74f69b212d0e48a48206fcdafc6e654b
> ] +# Na4907fdbebed440da8c2443a6325662d node606 +node606 [ shape=none, color=black label=<
Na4907fdbebed440da8c2443a6325662d
Na4907fdbebed440da8c2443a6325662d
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512 node607 +node607 [ shape=none, color=black label=<
blake2b512
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512
rdfs:comment"BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension node608 +node608 [ shape=none, color=black label=<
CdxPropertiesExtension
https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension
rdfs:comment"A type of extension consisting of a list of name value pairs."@en
> ] +# Ncbc20b1e6661409580e452a74c3b867b node609 +node609 [ shape=none, color=black label=<
Ncbc20b1e6661409580e452a74c3b867b
Ncbc20b1e6661409580e452a74c3b867b
> ] +# Ne3e1ca295cfa4aacb2fa0a1a494f9062 node610 +node610 [ shape=none, color=black label=<
Ne3e1ca295cfa4aacb2fa0a1a494f9062
Ne3e1ca295cfa4aacb2fa0a1a494f9062
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability node611 +node611 [ shape=none, color=black label=<
modelExplainability
https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability
rdfs:comment"Describes methods that can be used to explain the results from the AI model."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship node612 +node612 [ shape=none, color=black label=<
CvssV2VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship
rdfs:comment"Provides a CVSS version 2.0 assessment for a vulnerability."@en
> ] +# Ne4b1fcee371847c6883e0ca214b455d5 node613 +node613 [ shape=none, color=black label=<
Ne4b1fcee371847c6883e0ca214b455d5
Ne4b1fcee371847c6883e0ca214b455d5
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn node614 +node614 [ shape=none, color=black label=<
trainedOn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn
rdfs:comment"(AI, Dataset) The `from` Element has been trained on the `to` Element(s)."@en
> ] +# Nb2a3f28be60f4c3caedd83f4b9317f7b node615 +node615 [ shape=none, color=black label=<
Nb2a3f28be60f4c3caedd83f4b9317f7b
Nb2a3f28be60f4c3caedd83f4b9317f7b
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs node616 +node616 [ shape=none, color=black label=<
vcs
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs
rdfs:comment"A reference to a version control system related to a software artifact."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata node617 +node617 [ shape=none, color=black label=<
productMetadata
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata
rdfs:comment"A reference to additional product metadata such as reference within organization's product catalog."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/releaseTime node618 +node618 [ shape=none, color=black label=<
releaseTime
https://spdx.org/rdf/3.0.1/terms/Core/releaseTime
rdfs:comment"Specifies the time an artifact was released."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Relationship node619 +node619 [ shape=none, color=black label=<
Relationship
https://spdx.org/rdf/3.0.1/terms/Core/Relationship
rdfs:comment"Describes a relationship between one or more elements."@en
> ] +# N73da7714957e4a868c3fb6e837747452 node620 +node620 [ shape=none, color=black label=<
N73da7714957e4a868c3fb6e837747452
N73da7714957e4a868c3fb6e837747452
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates node621 +node621 [ shape=none, color=black label=<
generates
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates
rdfs:comment"The `from` Element generates each `to` Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap node622 +node622 [ shape=none, color=black label=<
namespaceMap
https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap
rdfs:comment"Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance."@en
> ] +# N6904cc4c685a47e88f2bb1aa528f6667 node623 +node623 [ shape=none, color=black label=<
N6904cc4c685a47e88f2bb1aa528f6667
N6904cc4c685a47e88f2bb1aa528f6667
sh:maxCount"1"^^xsd:integer
> ] +# N6dbad37b252745768648a879720dacc6 node624 +node624 [ shape=none, color=black label=<
N6dbad37b252745768648a879720dacc6
N6dbad37b252745768648a879720dacc6
> ] +# N5305ec8ebc394008ba07c97c8a76c53c node625 +node625 [ shape=none, color=black label=<
N5305ec8ebc394008ba07c97c8a76c53c
N5305ec8ebc394008ba07c97c8a76c53c
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved node626 +node626 [ shape=none, color=black label=<
isOsiApproved
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved
rdfs:comment"Specifies whether the License is listed as approved by the +[Open Source Initiative (OSI)](https://opensource.org)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription node627 +node627 [ shape=none, color=black label=<
EnergyConsumptionDescription
https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription
rdfs:comment"The class that helps note down the quantity of energy consumption and the unit +used for measurement."@en
> ] +# N467e0980f4e64463895dbb9bddad3763 node628 +node628 [ shape=none, color=black label=<
N467e0980f4e64463895dbb9bddad3763
N467e0980f4e64463895dbb9bddad3763
sh:maxCount"1"^^xsd:integer
> ] +# N2f5278547b8349b7a0a68d9e4780c82b node629 +node629 [ shape=none, color=black label=<
N2f5278547b8349b7a0a68d9e4780c82b
N2f5278547b8349b7a0a68d9e4780c82b
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/Sbom node630 +node630 [ shape=none, color=black label=<
Sbom
https://spdx.org/rdf/3.0.1/terms/Software/Sbom
rdfs:comment"A collection of SPDX Elements describing a single package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/Bom node631 +node631 [ shape=none, color=black label=<
Bom
https://spdx.org/rdf/3.0.1/terms/Core/Bom
rdfs:comment"A container for a grouping of SPDX-3.0 content characterizing details +(provenence, composition, licensing, etc.) about a product."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader node632 +node632 [ shape=none, color=black label=<
standardLicenseHeader
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader
rdfs:comment"Provides a License author's preferred text to indicate that a file is covered +by the License."@en
> ] +# Ncedebaaf5d1d4c7bb44b9bb1819ad770 node633 +node633 [ shape=none, color=black label=<
Ncedebaaf5d1d4c7bb44b9bb1819ad770
Ncedebaaf5d1d4c7bb44b9bb1819ad770
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nbf1453be8fcf420aa0fc2d33cb382c9b node634 +node634 [ shape=none, color=black label=<
Nbf1453be8fcf420aa0fc2d33cb382c9b
Nbf1453be8fcf420aa0fc2d33cb382c9b
> ] +# Nf13611e2729f4dd58155d82a9c69aeba node635 +node635 [ shape=none, color=black label=<
Nf13611e2729f4dd58155d82a9c69aeba
Nf13611e2729f4dd58155d82a9c69aeba
> ] +# https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry node636 +node636 [ shape=none, color=black label=<
CdxPropertyEntry
https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry
rdfs:comment"A property name with an associated value."@en
> ] +# Nf9375bc62e1f46838587f9efb859e1be node637 +node637 [ shape=none, color=black label=<
Nf9375bc62e1f46838587f9efb859e1be
Nf9375bc62e1f46838587f9efb859e1be
> ] +# Nf70f1da6e5ec46e081ef3ee307a4ec19 node638 +node638 [ shape=none, color=black label=<
Nf70f1da6e5ec46e081ef3ee307a4ec19
Nf70f1da6e5ec46e081ef3ee307a4ec19
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes node639 +node639 [ shape=none, color=black label=<
yes
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes
rdfs:comment"Indicates presence of the field."@en
> ] +# N5b72b47819a642febfd79bda5a4d1649 node640 +node640 [ shape=none, color=black label=<
N5b72b47819a642febfd79bda5a4d1649
N5b72b47819a642febfd79bda5a4d1649
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224 node641 +node641 [ shape=none, color=black label=<
sha224
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224
rdfs:comment"SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/locator node642 +node642 [ shape=none, color=black label=<
locator
https://spdx.org/rdf/3.0.1/terms/Core/locator
rdfs:comment"Provides the location of an external reference."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/name node643 +node643 [ shape=none, color=black label=<
name
https://spdx.org/rdf/3.0.1/terms/Core/name
rdfs:comment"Identifies the name of an Element as designated by the creator."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment node644 +node644 [ shape=none, color=black label=<
privacyAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment
rdfs:comment"A reference to a privacy assessment for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship node645 +node645 [ shape=none, color=black label=<
VexUnderInvestigationVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship
rdfs:comment"Designates elements as products where the impact of a vulnerability is being +investigated."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2 node646 +node646 [ shape=none, color=black label=<
md2
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2
rdfs:comment"MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/)."@en
> ] +# Ne602d9f16c8f4e428c51d6f509c777c8 node647 +node647 [ shape=none, color=black label=<
Ne602d9f16c8f4e428c51d6f509c777c8
Ne602d9f16c8f4e428c51d6f509c777c8
> ] +# N9c9cf5b1f5e743fb835de27d7d0abf33 node648 +node648 [ shape=none, color=black label=<
N9c9cf5b1f5e743fb835de27d7d0abf33
N9c9cf5b1f5e743fb835de27d7d0abf33
> ] +# N51c5e67e9e3c44a7a2d09904c01ccb8c node649 +node649 [ shape=none, color=black label=<
N51c5e67e9e3c44a7a2d09904c01ccb8c
N51c5e67e9e3c44a7a2d09904c01ccb8c
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport node650 +node650 [ shape=none, color=black label=<
staticAnalysisReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport
rdfs:comment"A reference to a static analysis report for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image node651 +node651 [ shape=none, color=black label=<
image
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image
rdfs:comment"data is a collection of images such as pictures of animals."@en
> ] +# Nf28528f8ef784fd28687c6c6eb8d16ad node652 +node652 [ shape=none, color=black label=<
Nf28528f8ef784fd28687c6c6eb8d16ad
Nf28528f8ef784fd28687c6c6eb8d16ad
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType node653 +node653 [ shape=none, color=black label=<
SupportType
https://spdx.org/rdf/3.0.1/terms/Core/SupportType
rdfs:comment"Indicates the type of support that is associated with an artifact."@en
> ] +# N9dc9e9c4e8ed4d52a6d725d5b5bac68f node654 +node654 [ shape=none, color=black label=<
N9dc9e9c4e8ed4d52a6d725d5b5bac68f
N9dc9e9c4e8ed4d52a6d725d5b5bac68f
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId node655 +node655 [ shape=none, color=black label=<
externalSpdxId
https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId
rdfs:comment"Identifies an external Element used within a Document but defined external to +that Document."@en
> ] +# N872061209aa54fc4bfee5eca8f1598c0 node656 +node656 [ shape=none, color=black label=<
N872061209aa54fc4bfee5eca8f1598c0
N872061209aa54fc4bfee5eca8f1598c0
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512 node657 +node657 [ shape=none, color=black label=<
sha3_512
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512
rdfs:comment"SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)."@en
> ] +# N8873dd55e9af4d719f588bc6cac100bd node658 +node658 [ shape=none, color=black label=<
N8873dd55e9af4d719f588bc6cac100bd
N8873dd55e9af4d719f588bc6cac100bd
> ] +# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText node659 +node659 [ shape=none, color=black label=<
licenseText
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText
rdfs:comment"Identifies the full text of a License or Addition."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete node660 +node660 [ shape=none, color=black label=<
incomplete
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete
rdfs:comment"The relationship is known not to be exhaustive."@en
> ] +# Nc529f8d4699b45089ce594e1972fce11 node661 +node661 [ shape=none, color=black label=<
Nc529f8d4699b45089ce594e1972fce11
Nc529f8d4699b45089ce594e1972fce11
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage node662 +node662 [ shape=none, color=black label=<
filesystemImage
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage
rdfs:comment"the Element is a file system image that can be written to a disk (or virtual) partition"@en
> ] +# Nbc40f5fa9a2e4706a588121af5216404 node663 +node663 [ shape=none, color=black label=<
Nbc40f5fa9a2e4706a588121af5216404
Nbc40f5fa9a2e4706a588121af5216404
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory node664 +node664 [ shape=none, color=black label=<
securityAdvisory
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory
rdfs:comment"A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries."@en
> ] +# N336df2c5fed744f389c80be05c46ebda node665 +node665 [ shape=none, color=black label=<
N336df2c5fed744f389c80be05c46ebda
N336df2c5fed744f389c80be05c46ebda
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N8d0da1d8c28045598438317ba038f3d1 node666 +node666 [ shape=none, color=black label=<
N8d0da1d8c28045598438317ba038f3d1
N8d0da1d8c28045598438317ba038f3d1
> ] +# N9923891dabb54113bbc6844ebe72ccf6 node667 +node667 [ shape=none, color=black label=<
N9923891dabb54113bbc6844ebe72ccf6
N9923891dabb54113bbc6844ebe72ccf6
> ] +# N23ce2352ce46491e87808f7e7ce7d808 node668 +node668 [ shape=none, color=black label=<
N23ce2352ce46491e87808f7e7ce7d808
N23ce2352ce46491e87808f7e7ce7d808
> ] +# Ne5864e7aa065442f8dc4bd6a08a571dd node669 +node669 [ shape=none, color=black label=<
Ne5864e7aa065442f8dc4bd6a08a571dd
Ne5864e7aa065442f8dc4bd6a08a571dd
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower node670 +node670 [ shape=none, color=black label=<
bower
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower
rdfs:comment"A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install)."@en
> ] +# N248947f4915d49bd9738d6ed96bfc273 node671 +node671 [ shape=none, color=black label=<
N248947f4915d49bd9738d6ed96bfc273
N248947f4915d49bd9738d6ed96bfc273
sh:maxCount"1"^^xsd:integer
> ] +# N98103c4f5bd344b0a245fe658ae5e295 node672 +node672 [ shape=none, color=black label=<
N98103c4f5bd344b0a245fe658ae5e295
N98103c4f5bd344b0a245fe658ae5e295
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other node673 +node673 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other
rdfs:comment"Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless)."@en
> ] +# N88eb5bb593a14b83b51b16dec42b19c3 node674 +node674 [ shape=none, color=black label=<
N88eb5bb593a14b83b51b16dec42b19c3
N88eb5bb593a14b83b51b16dec42b19c3
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber node675 +node675 [ shape=none, color=black label=<
crystalsKyber
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber
rdfs:comment"[Kyber](https://pq-crystals.org/kyber/)"@en
> ] +# Nbf5e176c2fbf4193851f6fa7ca6d1d9c node676 +node676 [ shape=none, color=black label=<
Nbf5e176c2fbf4193851f6fa7ca6d1d9c
Nbf5e176c2fbf4193851f6fa7ca6d1d9c
> ] +# N251338752efe4cad8db8a596e1e9c1cd node677 +node677 [ shape=none, color=black label=<
N251338752efe4cad8db8a596e1e9c1cd
N251338752efe4cad8db8a596e1e9c1cd
> ] +# N70ef7903b6a341e881e2b03da8a69ebb node678 +node678 [ shape=none, color=black label=<
N70ef7903b6a341e881e2b03da8a69ebb
N70ef7903b6a341e881e2b03da8a69ebb
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/assessedElement node679 +node679 [ shape=none, color=black label=<
assessedElement
https://spdx.org/rdf/3.0.1/terms/Security/assessedElement
rdfs:comment"Specifies an Element contained in a piece of software where a vulnerability was +found."@en
> ] +# Nd212064f114546ddafbca71d026926d3 node680 +node680 [ shape=none, color=black label=<
Nd212064f114546ddafbca71d026926d3
Nd212064f114546ddafbca71d026926d3
> ] +# N5d348ea88c064263b5919772499f5518 node681 +node681 [ shape=none, color=black label=<
N5d348ea88c064263b5919772499f5518
N5d348ea88c064263b5919772499f5518
> ] +# N74ea5a26488642759c2ae6dabbcb4b30 node682 +node682 [ shape=none, color=black label=<
N74ea5a26488642759c2ae6dabbcb4b30
N74ea5a26488642759c2ae6dabbcb4b30
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/buildId node683 +node683 [ shape=none, color=black label=<
buildId
https://spdx.org/rdf/3.0.1/terms/Build/buildId
rdfs:comment"A buildId is a locally unique identifier used by a builder to identify a unique instance of a build produced by it."@en
> ] -# N97ce06ca87fc4537a6c6dc92fde1c17d node912 -node912 [ shape=none, color=black label=<
N97ce06ca87fc4537a6c6dc92fde1c17d
N97ce06ca87fc4537a6c6dc92fde1c17d
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship node913 -node913 [ shape=none, color=black label=<
CvssV3VulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship
rdfs:comment"Provides a CVSS version 3 assessment for a vulnerability."@en
> ] -# Ne37634360824438e9687bf5a4ebdd6c9 node914 -node914 [ shape=none, color=black label=<
Ne37634360824438e9687bf5a4ebdd6c9
Ne37634360824438e9687bf5a4ebdd6c9
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy node915 -node915 [ shape=none, color=black label=<
securityPolicy
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy
rdfs:comment"A reference to instructions for reporting newly discovered security vulnerabilities for a package."@en
> ] -# N4dc58e80852844b8937c6416d987bc19 node916 -node916 [ shape=none, color=black label=<
N4dc58e80852844b8937c6416d987bc19
N4dc58e80852844b8937c6416d987bc19
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool node917 -node917 [ shape=none, color=black label=<
usesTool
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool
rdfs:comment"The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period."@en
> ] -# Nc2a062893f6c40bdb96f907cf9d6e100 node918 -node918 [ shape=none, color=black label=<
Nc2a062893f6c40bdb96f907cf9d6e100
Nc2a062893f6c40bdb96f907cf9d6e100
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact node919 -node919 [ shape=none, color=black label=<
serializedInArtifact
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact
rdfs:comment"The `from` SPDXDocument can be found in a serialized form in each `to` Artifact."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe node920 -node920 [ shape=none, color=black label=<
cwe
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe
rdfs:comment"[Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate node921 -node921 [ shape=none, color=black label=<
standardLicenseTemplate
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate
rdfs:comment"Identifies the full text of a License, in SPDX templating format."@en
> ] -# N1612ce262bb94aad9da0de452cce9d21 node922 -node922 [ shape=none, color=black label=<
N1612ce262bb94aad9da0de452cce9d21
N1612ce262bb94aad9da0de452cce9d21
> ] -# Ne421ef9db96a4dc4a49209909ebed6b5 node923 -node923 [ shape=none, color=black label=<
Ne421ef9db96a4dc4a49209909ebed6b5
Ne421ef9db96a4dc4a49209909ebed6b5
> ] -# N03bf4bb5023e461294f19846edbfce1a node924 -node924 [ shape=none, color=black label=<
N03bf4bb5023e461294f19846edbfce1a
N03bf4bb5023e461294f19846edbfce1a
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion node925 -node925 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion
rdfs:comment"Makes no assertion about the field."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/identifier node926 -node926 [ shape=none, color=black label=<
identifier
https://spdx.org/rdf/3.0.1/terms/Core/identifier
rdfs:comment"Uniquely identifies an external element."@en
> ] -# Ne72f7867464a44e6831b81028dab197e node927 -node927 [ shape=none, color=black label=<
Ne72f7867464a44e6831b81028dab197e
Ne72f7867464a44e6831b81028dab197e
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N706e6212060741af8eb9f1ca2de078a3 node928 -node928 [ shape=none, color=black label=<
N706e6212060741af8eb9f1ca2de078a3
N706e6212060741af8eb9f1ca2de078a3
> ] -# N2ca7c5aa8c4a45828074759163d3f76e node929 -node929 [ shape=none, color=black label=<
N2ca7c5aa8c4a45828074759163d3f76e
N2ca7c5aa8c4a45828074759163d3f76e
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption node930 -node930 [ shape=none, color=black label=<
inferenceEnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption
rdfs:comment"Specifies the amount of energy consumed during inference time by an AI model +# Na5161ef9d7e6498e9905abf6e5ebd576 node684 +node684 [ shape=none, color=black label=<
Na5161ef9d7e6498e9905abf6e5ebd576
Na5161ef9d7e6498e9905abf6e5ebd576
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath node685 +node685 [ shape=none, color=black label=<
vulnerableCodeNotInExecutePath
https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath
rdfs:comment"The affected code is not reachable through the execution of the code, including non-anticipated states of the product."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/supportLevel node686 +node686 [ shape=none, color=black label=<
supportLevel
https://spdx.org/rdf/3.0.1/terms/Core/supportLevel
rdfs:comment"Specifies the level of support associated with an artifact."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset node687 +node687 [ shape=none, color=black label=<
dataset
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset
rdfs:comment"the element follows the Dataset profile specification"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension node688 +node688 [ shape=none, color=black label=<
extension
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension
rdfs:comment"the element follows the Extension profile specification"@en
> ] +# N8ffd2e1ac7134951810767feb9a4ce2c node689 +node689 [ shape=none, color=black label=<
N8ffd2e1ac7134951810767feb9a4ce2c
N8ffd2e1ac7134951810767feb9a4ce2c
> ] +# N0ff848fe4a934f06ab3b60cd601ab3f6 node690 +node690 [ shape=none, color=black label=<
N0ff848fe4a934f06ab3b60cd601ab3f6
N0ff848fe4a934f06ab3b60cd601ab3f6
> ] +# N8014456947ea4194af95a832556e9331 node691 +node691 [ shape=none, color=black label=<
N8014456947ea4194af95a832556e9331
N8014456947ea4194af95a832556e9331
> ] +# Na3fbe70eb0e749389f7ec8e8b0d76034 node692 +node692 [ shape=none, color=black label=<
Na3fbe70eb0e749389f7ec8e8b0d76034
Na3fbe70eb0e749389f7ec8e8b0d76034
> ] +# Nda4d1b32fd4b4f5182c8cd90cc7c289a node693 +node693 [ shape=none, color=black label=<
Nda4d1b32fd4b4f5182c8cd90cc7c289a
Nda4d1b32fd4b4f5182c8cd90cc7c289a
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel node694 +node694 [ shape=none, color=black label=<
typeOfModel
https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel
rdfs:comment"Records the type of the model used in the AI software."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode node695 +node695 [ shape=none, color=black label=<
PackageVerificationCode
https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode
rdfs:comment"An SPDX version 2.X compatible verification method for software packages."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/sbomType node696 +node696 [ shape=none, color=black label=<
sbomType
https://spdx.org/rdf/3.0.1/terms/Software/sbomType
rdfs:comment"Provides information about the type of an SBOM."@en
> ] +# N1918c9e27e074bd49296e101bde97d3e node697 +node697 [ shape=none, color=black label=<
N1918c9e27e074bd49296e101bde97d3e
N1918c9e27e074bd49296e101bde97d3e
> ] +# N16f530bdc3974f09a4399aa96f51c712 node698 +node698 [ shape=none, color=black label=<
N16f530bdc3974f09a4399aa96f51c712
N16f530bdc3974f09a4399aa96f51c712
> ] +# Nf0b6d7a3fdab42ecbacc3356d4f8c5e5 node699 +node699 [ shape=none, color=black label=<
Nf0b6d7a3fdab42ecbacc3356d4f8c5e5
Nf0b6d7a3fdab42ecbacc3356d4f8c5e5
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/vexVersion node700 +node700 [ shape=none, color=black label=<
vexVersion
https://spdx.org/rdf/3.0.1/terms/Security/vexVersion
rdfs:comment"Specifies the version of a VEX statement."@en
> ] +# Ne5740b7e25234fcc9327b0bf41518ca8 node701 +node701 [ shape=none, color=black label=<
Ne5740b7e25234fcc9327b0bf41518ca8
Ne5740b7e25234fcc9327b0bf41518ca8
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy node702 +node702 [ shape=none, color=black label=<
packagedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy
rdfs:comment"Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`)."@en
> ] +# N61e78e640a3a47c9be4d39f8e15923df node703 +node703 [ shape=none, color=black label=<
N61e78e640a3a47c9be4d39f8e15923df
N61e78e640a3a47c9be4d39f8e15923df
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/subject node704 +node704 [ shape=none, color=black label=<
subject
https://spdx.org/rdf/3.0.1/terms/Core/subject
rdfs:comment"An Element an annotator has made an assertion about."@en
> ] +# N1743126065d7472d82b878d45ad2b2d0 node705 +node705 [ shape=none, color=black label=<
N1743126065d7472d82b878d45ad2b2d0
N1743126065d7472d82b878d45ad2b2d0
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development node706 +node706 [ shape=none, color=black label=<
development
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development
rdfs:comment"A relationship has specific context implications during development phase of an element."@en
> ] +# N81186afece6d4607afcce40e308d4f5b node707 +node707 [ shape=none, color=black label=<
N81186afece6d4607afcce40e308d4f5b
N81186afece6d4607afcce40e308d4f5b
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
sh:pattern"^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$"
> ] +# Nb84166c8270e409cba99dfe88b32f380 node708 +node708 [ shape=none, color=black label=<
Nb84166c8270e409cba99dfe88b32f380
Nb84166c8270e409cba99dfe88b32f380
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite node709 +node709 [ shape=none, color=black label=<
lite
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite
rdfs:comment"the element follows the Lite profile specification"@en
> ] +# Nad171165d7864f4389f367d7ed9b792a node710 +node710 [ shape=none, color=black label=<
Nad171165d7864f4389f367d7ed9b792a
Nad171165d7864f4389f367d7ed9b792a
sh:maxCount"1"^^xsd:integer
> ] +# N52fb4c3741ff4e159935343ce7df0a06 node711 +node711 [ shape=none, color=black label=<
N52fb4c3741ff4e159935343ce7df0a06
N52fb4c3741ff4e159935343ce7df0a06
> ] +# N9b0c3d72568344f3a6690fcd5fb388d4 node712 +node712 [ shape=none, color=black label=<
N9b0c3d72568344f3a6690fcd5fb388d4
N9b0c3d72568344f3a6690fcd5fb388d4
> ] +# N0fc23013b3cc4b2681ba6a1053edba17 node713 +node713 [ shape=none, color=black label=<
N0fc23013b3cc4b2681ba6a1053edba17
N0fc23013b3cc4b2681ba6a1053edba17
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact node714 +node714 [ shape=none, color=black label=<
sourceArtifact
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact
rdfs:comment"A reference to an artifact containing the sources for a package."@en
> ] +# Nde75eca3500749429ee9ce44943634c8 node715 +node715 [ shape=none, color=black label=<
Nde75eca3500749429ee9ce44943634c8
Nde75eca3500749429ee9ce44943634c8
sh:maxCount"1"^^xsd:integer
> ] +# N89f17e54b5ea46d4918dea4a3e272912 node716 +node716 [ shape=none, color=black label=<
N89f17e54b5ea46d4918dea4a3e272912
N89f17e54b5ea46d4918dea4a3e272912
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application node717 +node717 [ shape=none, color=black label=<
application
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application
rdfs:comment"the Element is a software application"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime node718 +node718 [ shape=none, color=black label=<
validUntilTime
https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime
rdfs:comment"Specifies until when the artifact can be used before its usage needs to be +reassessed."@en
> ] +# N89847ddad14a4277a5e2f5cbecb56fe6 node719 +node719 [ shape=none, color=black label=<
N89847ddad14a4277a5e2f5cbecb56fe6
N89847ddad14a4277a5e2f5cbecb56fe6
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption node720 +node720 [ shape=none, color=black label=<
inferenceEnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption
rdfs:comment"Specifies the amount of energy consumed during inference time by an AI model that is being used in the AI system."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22 node931 -node931 [ shape=none, color=black label=<
cpe22
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22
rdfs:comment"[Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf)"@en
> ] -# N299c3af0de37415b89253760ba86853a node932 -node932 [ shape=none, color=black label=<
N299c3af0de37415b89253760ba86853a
N299c3af0de37415b89253760ba86853a
> ] -# N873f6b08e7594d0cbc5bceb86705790b node933 -node933 [ shape=none, color=black label=<
N873f6b08e7594d0cbc5bceb86705790b
N873f6b08e7594d0cbc5bceb86705790b
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile node934 -node934 [ shape=none, color=black label=<
hasDataFile
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile
rdfs:comment"The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency."@en
> ] -# N21b83f3d459a4750b9d12668378d818d node935 -node935 [ shape=none, color=black label=<
N21b83f3d459a4750b9d12668378d818d
N21b83f3d459a4750b9d12668378d818d
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo node936 -node936 [ shape=none, color=black label=<
sourceInfo
https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo
rdfs:comment"Records any relevant background information or additional comments +# https://spdx.org/rdf/3.0.1/terms/Core/externalRefType node721 +node721 [ shape=none, color=black label=<
externalRefType
https://spdx.org/rdf/3.0.1/terms/Core/externalRefType
rdfs:comment"Specifies the type of the external reference."@en
> ] +# N7d4789b8e9f64c79882687122d488ef4 node722 +node722 [ shape=none, color=black label=<
N7d4789b8e9f64c79882687122d488ef4
N7d4789b8e9f64c79882687122d488ef4
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact node723 +node723 [ shape=none, color=black label=<
serializedInArtifact
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact
rdfs:comment"The `from` SPDXDocument can be found in a serialized form in each `to` Artifact."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4 node724 +node724 [ shape=none, color=black label=<
md4
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4
rdfs:comment"MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186)."@en
> ] +# Nd0dde1aeba7043bd8cdf2314d396ab64 node725 +node725 [ shape=none, color=black label=<
Nd0dde1aeba7043bd8cdf2314d396ab64
Nd0dde1aeba7043bd8cdf2314d396ab64
> ] +# N6c7f861a90944dbfa018da24c561367a node726 +node726 [ shape=none, color=black label=<
N6c7f861a90944dbfa018da24c561367a
N6c7f861a90944dbfa018da24c561367a
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/description node727 +node727 [ shape=none, color=black label=<
description
https://spdx.org/rdf/3.0.1/terms/Core/description
rdfs:comment"Provides a detailed description of the Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/annotationType node728 +node728 [ shape=none, color=black label=<
annotationType
https://spdx.org/rdf/3.0.1/terms/Core/annotationType
rdfs:comment"Describes the type of annotation."@en
> ] +# N333727979a2047cc9bfced3abe9a4763 node729 +node729 [ shape=none, color=black label=<
N333727979a2047cc9bfced3abe9a4763
N333727979a2047cc9bfced3abe9a4763
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend node730 +node730 [ shape=none, color=black label=<
attend
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend
rdfs:comment"The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines."@en
> ] +# Nd1640f5d687043d480cf0c592eadce69 node731 +node731 [ shape=none, color=black label=<
Nd1640f5d687043d480cf0c592eadce69
Nd1640f5d687043d480cf0c592eadce69
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport node732 +node732 [ shape=none, color=black label=<
securityPenTestReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport
rdfs:comment"A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package."@en
> ] +# N4f5b5682465144cf99bec6c92c23223a node733 +node733 [ shape=none, color=black label=<
N4f5b5682465144cf99bec6c92c23223a
N4f5b5682465144cf99bec6c92c23223a
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N4635d48bf767437a92c96826a974f745 node734 +node734 [ shape=none, color=black label=<
N4635d48bf767437a92c96826a974f745
N4635d48bf767437a92c96826a974f745
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/packageVersion node735 +node735 [ shape=none, color=black label=<
packageVersion
https://spdx.org/rdf/3.0.1/terms/Software/packageVersion
rdfs:comment"Identify the version of a package."@en
> ] +# N8c48049e5c644529bbab44a7b8509bbe node736 +node736 [ shape=none, color=black label=<
N8c48049e5c644529bbab44a7b8509bbe
N8c48049e5c644529bbab44a7b8509bbe
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy node737 +node737 [ shape=none, color=black label=<
coordinatedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy
rdfs:comment"(Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent)."@en
> ] +# Ndaf4a553cd704a4ca00c89207e63ef5e node738 +node738 [ shape=none, color=black label=<
Ndaf4a553cd704a4ca00c89207e63ef5e
Ndaf4a553cd704a4ca00c89207e63ef5e
> ] +# Nf8223dad739449eda4913b96f6edd14c node739 +node739 [ shape=none, color=black label=<
Nf8223dad739449eda4913b96f6edd14c
Nf8223dad739449eda4913b96f6edd14c
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo node740 +node740 [ shape=none, color=black label=<
sourceInfo
https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo
rdfs:comment"Records any relevant background information or additional comments about the origin of the package."@en
> ] -# Nef81e37cd08c4267ac162ba01aafbcc7 node937 -node937 [ shape=none, color=black label=<
Nef81e37cd08c4267ac162ba01aafbcc7
Nef81e37cd08c4267ac162ba01aafbcc7
> ] -# Nb9308a5e89c341688a2ccc326ed6aad1 node938 -node938 [ shape=none, color=black label=<
Nb9308a5e89c341688a2ccc326ed6aad1
Nb9308a5e89c341688a2ccc326ed6aad1
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection node939 -node939 [ shape=none, color=black label=<
ElementCollection
https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection
rdfs:comment"A collection of Elements, not necessarily with unifying context."@en
> ] -# N2ef016e0c1324ba6845c823a1ac7303a node940 -node940 [ shape=none, color=black label=<
N2ef016e0c1324ba6845c823a1ac7303a
N2ef016e0c1324ba6845c823a1ac7303a
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# Nb28be5a200e34576b739cfc968642dcf node941 -node941 [ shape=none, color=black label=<
Nb28be5a200e34576b739cfc968642dcf
Nb28be5a200e34576b739cfc968642dcf
> ] -# N11966f8a3807477f87e570908852f8f8 node942 -node942 [ shape=none, color=black label=<
N11966f8a3807477f87e570908852f8f8
N11966f8a3807477f87e570908852f8f8
> ] -# Nb18abd241b3c4181b9fa299d3166a464 node943 -node943 [ shape=none, color=black label=<
Nb18abd241b3c4181b9fa299d3166a464
Nb18abd241b3c4181b9fa299d3166a464
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph node944 -node944 [ shape=none, color=black label=<
graph
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph
rdfs:comment"data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/subject node945 -node945 [ shape=none, color=black label=<
subject
https://spdx.org/rdf/3.0.1/terms/Core/subject
rdfs:comment"An Element an annotator has made an assertion about."@en
> ] -# N5ea79254dec54e0ca07e0f4d0a3e827d node946 -node946 [ shape=none, color=black label=<
N5ea79254dec54e0ca07e0f4d0a3e827d
N5ea79254dec54e0ca07e0f4d0a3e827d
> ] -# N63aa1b7b8900470dbc68922bd3d93eb7 node947 -node947 [ shape=none, color=black label=<
N63aa1b7b8900470dbc68922bd3d93eb7
N63aa1b7b8900470dbc68922bd3d93eb7
> ] -# Necb650d00a8e4f1e8a35f124977e94d8 node948 -node948 [ shape=none, color=black label=<
Necb650d00a8e4f1e8a35f124977e94d8
Necb650d00a8e4f1e8a35f124977e94d8
sh:maxCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess node949 -node949 [ shape=none, color=black label=<
dataCollectionProcess
https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess
rdfs:comment"Describes how the dataset was collected."@en
> ] -# N3df0f602adb54cd98a706a4757565a55 node950 -node950 [ shape=none, color=black label=<
N3df0f602adb54cd98a706a4757565a55
N3df0f602adb54cd98a706a4757565a55
sh:minCount"2"^^xsd:integer
> ] -# Nac80c704ab2e44d5acbc5752cde50518 node951 -node951 [ shape=none, color=black label=<
Nac80c704ab2e44d5acbc5752cde50518
Nac80c704ab2e44d5acbc5752cde50518
> ] -# N2923dca407fa44579ef06102d32a36c1 node952 -node952 [ shape=none, color=black label=<
N2923dca407fa44579ef06102d32a36c1
N2923dca407fa44579ef06102d32a36c1
> ] -# N67be16c7f600421c843e03d417232d13 node953 -node953 [ shape=none, color=black label=<
N67be16c7f600421c843e03d417232d13
N67be16c7f600421c843e03d417232d13
> ] -# Nc283bf599507454fba2f0dd2d0b24e77 node954 -node954 [ shape=none, color=black label=<
Nc283bf599507454fba2f0dd2d0b24e77
Nc283bf599507454fba2f0dd2d0b24e77
> ] -# N6e0763415c9d4205b1b7bfa4175a2ffe node955 -node955 [ shape=none, color=black label=<
N6e0763415c9d4205b1b7bfa4175a2ffe
N6e0763415c9d4205b1b7bfa4175a2ffe
> ] -# N832c3474d0e945d9b4ac9798cccb21b1 node956 -node956 [ shape=none, color=black label=<
N832c3474d0e945d9b4ac9798cccb21b1
N832c3474d0e945d9b4ac9798cccb21b1
> ] -# N9971b029e66149008bbbf362a37508d3 node957 -node957 [ shape=none, color=black label=<
N9971b029e66149008bbbf362a37508d3
N9971b029e66149008bbbf362a37508d3
> ] -# N7fe9dd291cce4c73a2f9de0c9b4a0f66 node958 -node958 [ shape=none, color=black label=<
N7fe9dd291cce4c73a2f9de0c9b4a0f66
N7fe9dd291cce4c73a2f9de0c9b4a0f66
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# N7ab079c6a6cf4f06bfba60d8ff2aa7a3 node959 -node959 [ shape=none, color=black label=<
N7ab079c6a6cf4f06bfba60d8ff2aa7a3
N7ab079c6a6cf4f06bfba60d8ff2aa7a3
> ] -# Nf408c68ad32a4a3e8107ba7340245851 node960 -node960 [ shape=none, color=black label=<
Nf408c68ad32a4a3e8107ba7340245851
Nf408c68ad32a4a3e8107ba7340245851
> ] -# N29e83512b0af41a192e2bedecf23be21 node961 -node961 [ shape=none, color=black label=<
N29e83512b0af41a192e2bedecf23be21
N29e83512b0af41a192e2bedecf23be21
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse node962 -node962 [ shape=none, color=black label=<
intendedUse
https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse
rdfs:comment"Describes what the given dataset should be used for."@en
> ] -# N0a23a1d137c24f35b24dadc3ee1795ed node963 -node963 [ shape=none, color=black label=<
N0a23a1d137c24f35b24dadc3ee1795ed
N0a23a1d137c24f35b24dadc3ee1795ed
> ] -# Ne4dfea47d8f54651aed05ef492b37057 node964 -node964 [ shape=none, color=black label=<
Ne4dfea47d8f54651aed05ef492b37057
Ne4dfea47d8f54651aed05ef492b37057
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] -# Nc6b6e7faa396422999b02eb25fa0980e node965 -node965 [ shape=none, color=black label=<
Nc6b6e7faa396422999b02eb25fa0980e
Nc6b6e7faa396422999b02eb25fa0980e
sh:maxCount"1"^^xsd:integer
> ] -# N19ce2de05bb94cedb071475805a8d02a node966 -node966 [ shape=none, color=black label=<
N19ce2de05bb94cedb071475805a8d02a
N19ce2de05bb94cedb071475805a8d02a
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport node967 -node967 [ shape=none, color=black label=<
noSupport
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport
rdfs:comment"there is no support for the artifact from the supplier, consumer assumes any support obligations."@en
> ] -# N5cd590cceccb47b7b09488f0c2e4fe80 node968 -node968 [ shape=none, color=black label=<
N5cd590cceccb47b7b09488f0c2e4fe80
N5cd590cceccb47b7b09488f0c2e4fe80
> ] -# Ncbb59b778bfd456199128260652c51cf node969 -node969 [ shape=none, color=black label=<
Ncbb59b778bfd456199128260652c51cf
Ncbb59b778bfd456199128260652c51cf
> ] -# N912be7a36e034e2290e4ad756ed2cefc node970 -node970 [ shape=none, color=black label=<
N912be7a36e034e2290e4ad756ed2cefc
N912be7a36e034e2290e4ad756ed2cefc
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement node971 -node971 [ shape=none, color=black label=<
requirement
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement
rdfs:comment"the Element provides a requirement needed as input for another Element"@en
> ] -# N2326d31ca10a4b5e9b15ff60340d8543 node972 -node972 [ shape=none, color=black label=<
N2326d31ca10a4b5e9b15ff60340d8543
N2326d31ca10a4b5e9b15ff60340d8543
> ] -# N4eab5cc0e16f442194f98c02df6a7d23 node973 -node973 [ shape=none, color=black label=<
N4eab5cc0e16f442194f98c02df6a7d23
N4eab5cc0e16f442194f98c02df6a7d23
> ] -# N33bfcca1f1e744878439476213fff409 node974 -node974 [ shape=none, color=black label=<
N33bfcca1f1e744878439476213fff409
N33bfcca1f1e744878439476213fff409
> ] -# Naa452ea7cc03498fbe201d6d680d0b6c node975 -node975 [ shape=none, color=black label=<
Naa452ea7cc03498fbe201d6d680d0b6c
Naa452ea7cc03498fbe201d6d680d0b6c
> ] -# Ncba8b8b1dced46e3a644cdddf84ca7f2 node976 -node976 [ shape=none, color=black label=<
Ncba8b8b1dced46e3a644cdddf84ca7f2
Ncba8b8b1dced46e3a644cdddf84ca7f2
> ] -# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium node977 -node977 [ shape=none, color=black label=<
medium
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium
rdfs:comment"The third-highest level of risk posed by an AI system."@en
> ] -# N835126971d304c0c80e219049c7c7257 node978 -node978 [ shape=none, color=black label=<
N835126971d304c0c80e219049c7c7257
N835126971d304c0c80e219049c7c7257
> ] -# N86dd5fb9cb5c43ddac870a1f05db7493 node979 -node979 [ shape=none, color=black label=<
N86dd5fb9cb5c43ddac870a1f05db7493
N86dd5fb9cb5c43ddac870a1f05db7493
> ] -# N1e786aa5783b4a72bbf886f0baad8e4b node980 -node980 [ shape=none, color=black label=<
N1e786aa5783b4a72bbf886f0baad8e4b
N1e786aa5783b4a72bbf886f0baad8e4b
> ] -# N8929157c7efe42bc841dbfd89b99b11d node981 -node981 [ shape=none, color=black label=<
N8929157c7efe42bc841dbfd89b99b11d
N8929157c7efe42bc841dbfd89b99b11d
> ] -# N9bd556cfcd7e439395c598f9e0ceae74 node982 -node982 [ shape=none, color=black label=<
N9bd556cfcd7e439395c598f9e0ceae74
N9bd556cfcd7e439395c598f9e0ceae74
sh:maxCount"1"^^xsd:integer
> ] -# N1bf87eab41f14de88453b8f114b92632 node983 -node983 [ shape=none, color=black label=<
N1bf87eab41f14de88453b8f114b92632
N1bf87eab41f14de88453b8f114b92632
sh:maxCount"1"^^xsd:integer
> ] -# N8c243ee94a814217af6ec27f21bc89c0 node984 -node984 [ shape=none, color=black label=<
N8c243ee94a814217af6ec27f21bc89c0
N8c243ee94a814217af6ec27f21bc89c0
> ] -# N8f38ed38d4ed46da96956c9a548e9c09 node985 -node985 [ shape=none, color=black label=<
N8f38ed38d4ed46da96956c9a548e9c09
N8f38ed38d4ed46da96956c9a548e9c09
> ] -# https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime node986 -node986 [ shape=none, color=black label=<
actionStatementTime
https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime
rdfs:comment"Records the time when a recommended action was communicated in a VEX statement -to mitigate a vulnerability."@en
> ] -# N83ecfb02b95646de8f1caa9bcdca192d node987 -node987 [ shape=none, color=black label=<
N83ecfb02b95646de8f1caa9bcdca192d
N83ecfb02b95646de8f1caa9bcdca192d
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/namespace node988 -node988 [ shape=none, color=black label=<
namespace
https://spdx.org/rdf/3.0.1/terms/Core/namespace
rdfs:comment"Provides an unambiguous mechanism for conveying a URI fragment portion of an -ElementID."@en
> ] -# N9415a4ea8bc942dba892646c48f76727 node989 -node989 [ shape=none, color=black label=<
N9415a4ea8bc942dba892646c48f76727
N9415a4ea8bc942dba892646c48f76727
> ] -# N272d6f93801d43b0b4e7db804664cbe4 node990 -node990 [ shape=none, color=black label=<
N272d6f93801d43b0b4e7db804664cbe4
N272d6f93801d43b0b4e7db804664cbe4
> ] -# N383a8a7644f64c78b040430b8209ccdc node991 -node991 [ shape=none, color=black label=<
N383a8a7644f64c78b040430b8209ccdc
N383a8a7644f64c78b040430b8209ccdc
> ] -# Nad38e5d541204f17a508a156a4edd6bf node992 -node992 [ shape=none, color=black label=<
Nad38e5d541204f17a508a156a4edd6bf
Nad38e5d541204f17a508a156a4edd6bf
> ] -# N21fb35697a4647548c975149119a2e71 node993 -node993 [ shape=none, color=black label=<
N21fb35697a4647548c975149119a2e71
N21fb35697a4647548c975149119a2e71
> ] -# N02446933aee8493cbe55f2ec30de44b7 node994 -node994 [ shape=none, color=black label=<
N02446933aee8493cbe55f2ec30de44b7
N02446933aee8493cbe55f2ec30de44b7
> ] -# Nde350c5108664c448aebe424ca2c8f0a node995 -node995 [ shape=none, color=black label=<
Nde350c5108664c448aebe424ca2c8f0a
Nde350c5108664c448aebe424ca2c8f0a
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# Nf777ec270eed4c38863974ef7c69ab41 node996 -node996 [ shape=none, color=black label=<
Nf777ec270eed4c38863974ef7c69ab41
Nf777ec270eed4c38863974ef7c69ab41
> ] -# N035390747ab74a109683d62852cd91fa node997 -node997 [ shape=none, color=black label=<
N035390747ab74a109683d62852cd91fa
N035390747ab74a109683d62852cd91fa
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost node998 -node998 [ shape=none, color=black label=<
hasHost
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost
rdfs:comment"The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on)."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/copyrightText node999 -node999 [ shape=none, color=black label=<
copyrightText
https://spdx.org/rdf/3.0.1/terms/Software/copyrightText
rdfs:comment"Identifies the text of one or more copyright notices for a software Package, -File or Snippet, if any."@en
> ] -# N278d1a9653484758a8034e458d992988 node1000 -node1000 [ shape=none, color=black label=<
N278d1a9653484758a8034e458d992988
N278d1a9653484758a8034e458d992988
> ] -# N09154b7b70d74a068418ac85b07b0ca4 node1001 -node1001 [ shape=none, color=black label=<
N09154b7b70d74a068418ac85b07b0ca4
N09154b7b70d74a068418ac85b07b0ca4
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] -# https://spdx.org/rdf/3.0.1/terms/Build/buildType node1002 -node1002 [ shape=none, color=black label=<
buildType
https://spdx.org/rdf/3.0.1/terms/Build/buildType
rdfs:comment"A buildType is a hint that is used to indicate the toolchain, platform, or -infrastructure that the build was invoked on."@en
> ] -# N6a5fdc647d9841bc8b7987fba15e55b0 node1003 -node1003 [ shape=none, color=black label=<
N6a5fdc647d9841bc8b7987fba15e55b0
N6a5fdc647d9841bc8b7987fba15e55b0
> ] -# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test node1004 -node1004 [ shape=none, color=black label=<
test
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test
rdfs:comment"The Element is a test used to verify functionality on an software element"@en
> ] -# N642c0d72b41a4587b341f9aefad913d4 node1005 -node1005 [ shape=none, color=black label=<
N642c0d72b41a4587b341f9aefad913d4
N642c0d72b41a4587b341f9aefad913d4
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other node1006 -node1006 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other
rdfs:comment"Used when the type does not match any of the other options."@en
> ] -# N0450d539e3c34cd082fb6325d11d7aed node1007 -node1007 [ shape=none, color=black label=<
N0450d539e3c34cd082fb6325d11d7aed
N0450d539e3c34cd082fb6325d11d7aed
> ] -# Ndd3a58d99a404a72a9244d87f5bfb43c node1008 -node1008 [ shape=none, color=black label=<
Ndd3a58d99a404a72a9244d87f5bfb43c
Ndd3a58d99a404a72a9244d87f5bfb43c
> ] -# Ne50a1d414291443fa3cdd0b8813dbfa8 node1009 -node1009 [ shape=none, color=black label=<
Ne50a1d414291443fa3cdd0b8813dbfa8
Ne50a1d414291443fa3cdd0b8813dbfa8
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/scope node1010 -node1010 [ shape=none, color=black label=<
scope
https://spdx.org/rdf/3.0.1/terms/Core/scope
rdfs:comment"Capture the scope of information about a specific relationship between elements."@en
> ] -# Nd1cfd5641914493fb513e256f2feb70e node1011 -node1011 [ shape=none, color=black label=<
Nd1cfd5641914493fb513e256f2feb70e
Nd1cfd5641914493fb513e256f2feb70e
> ] -# N0f24991f1b9d4809b70cd74aa4637959 node1012 -node1012 [ shape=none, color=black label=<
N0f24991f1b9d4809b70cd74aa4637959
N0f24991f1b9d4809b70cd74aa4637959
> ] -# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText node1013 -node1013 [ shape=none, color=black label=<
licenseText
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText
rdfs:comment"Identifies the full text of a License or Addition."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing node1014 -node1014 [ shape=none, color=black label=<
verifiedUsing
https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing
rdfs:comment"Provides an IntegrityMethod with which the integrity of an Element can be -asserted."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability node1015 -node1015 [ shape=none, color=black label=<
datasetAvailability
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability
rdfs:comment"The field describes the availability of a dataset."@en
> ] -# N8f56f75d638d48318584b7d7d0dbd3ff node1016 -node1016 [ shape=none, color=black label=<
N8f56f75d638d48318584b7d7d0dbd3ff
N8f56f75d638d48318584b7d7d0dbd3ff
> ] -# N40d0ec204c1346ca8a23c053ec6589f9 node1017 -node1017 [ shape=none, color=black label=<
N40d0ec204c1346ca8a23c053ec6589f9
N40d0ec204c1346ca8a23c053ec6589f9
> ] -# Nbd2c7c6c9f3f411db7ab624da39d7151 node1018 -node1018 [ shape=none, color=black label=<
Nbd2c7c6c9f3f411db7ab624da39d7151
Nbd2c7c6c9f3f411db7ab624da39d7151
> ] -# https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName node1019 -node1019 [ shape=none, color=black label=<
cdxPropName
https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName
rdfs:comment"A name used in a CdxExtension name-value pair."@en
> ] -# https://spdx.org/rdf/3.0.1/terms/Licensing/None node1020 -node1020 [ shape=none, color=black label=<
None
https://spdx.org/rdf/3.0.1/terms/Licensing/None
> ] -# N6ec76b25494a4cc0b31c5bfa0f1b8742 node1021 -node1021 [ shape=none, color=black label=<
N6ec76b25494a4cc0b31c5bfa0f1b8742
N6ec76b25494a4cc0b31c5bfa0f1b8742
> ] -# Nb54f8f653ef049ed9512ae51ffc4e840 node1022 -node1022 [ shape=none, color=black label=<
Nb54f8f653ef049ed9512ae51ffc4e840
Nb54f8f653ef049ed9512ae51ffc4e840
> ] -# https://spdx.dev/specifications/ node1023 -node1023 [ shape=none, color=black label=<
https://spdx.dev/specifications/
https://spdx.dev/specifications/
> ] -# N7d6dbff07fe84a37bbbe806d49177653 node1024 -node1024 [ shape=none, color=black label=<
N7d6dbff07fe84a37bbbe806d49177653
N7d6dbff07fe84a37bbbe806d49177653
> ] -# Nb765aa5bff1348f4b703c9ca2652282e node1025 -node1025 [ shape=none, color=black label=<
Nb765aa5bff1348f4b703c9ca2652282e
Nb765aa5bff1348f4b703c9ca2652282e
> ] -# Nc19c5a1fd9a44a1db5832f945861fa8b node1026 -node1026 [ shape=none, color=black label=<
Nc19c5a1fd9a44a1db5832f945861fa8b
Nc19c5a1fd9a44a1db5832f945861fa8b
> ] +# N65e5f8d5a27f4d49afa1f3793a121f4f node741 +node741 [ shape=none, color=black label=<
N65e5f8d5a27f4d49afa1f3793a121f4f
N65e5f8d5a27f4d49afa1f3793a121f4f
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption node742 +node742 [ shape=none, color=black label=<
energyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption
rdfs:comment"Indicates the amount of energy consumption incurred by an AI model."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption node743 +node743 [ shape=none, color=black label=<
trainingEnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption
rdfs:comment"Specifies the amount of energy consumed when training the AI model that is +being used in the AI system."@en
> ] +# N9c4e00bfd75a4263a13056353958b062 node744 +node744 [ shape=none, color=black label=<
N9c4e00bfd75a4263a13056353958b062
N9c4e00bfd75a4263a13056353958b062
> ] +# Ncc60a34a1f304e998011da00d646b80f node745 +node745 [ shape=none, color=black label=<
Ncc60a34a1f304e998011da00d646b80f
Ncc60a34a1f304e998011da00d646b80f
> ] +# N1b5ce83f9deb4912900c0a78594ed1e9 node746 +node746 [ shape=none, color=black label=<
N1b5ce83f9deb4912900c0a78594ed1e9
N1b5ce83f9deb4912900c0a78594ed1e9
> ] +# N7acd4c01b380456885fb76b4eca5c3af node747 +node747 [ shape=none, color=black label=<
N7acd4c01b380456885fb76b4eca5c3af
N7acd4c01b380456885fb76b4eca5c3af
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool node748 +node748 [ shape=none, color=black label=<
usesTool
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool
rdfs:comment"The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/rootElement node749 +node749 [ shape=none, color=black label=<
rootElement
https://spdx.org/rdf/3.0.1/terms/Core/rootElement
rdfs:comment"This property is used to denote the root Element(s) of a tree of elements contained in a BOM."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/locator node750 +node750 [ shape=none, color=black label=<
locator
https://spdx.org/rdf/3.0.1/terms/Security/locator
rdfs:comment"Provides the location of an exploit catalog."@en
> ] +# N25a2c13491264e92bce59c7857b247b4 node751 +node751 [ shape=none, color=black label=<
N25a2c13491264e92bce59c7857b247b4
N25a2c13491264e92bce59c7857b247b4
> ] +# N68a99f38c5d14346a99eedf705afcb36 node752 +node752 [ shape=none, color=black label=<
N68a99f38c5d14346a99eedf705afcb36
N68a99f38c5d14346a99eedf705afcb36
> ] +# N51f5f71029e94c2f9e53b358c4b41dbf node753 +node753 [ shape=none, color=black label=<
N51f5f71029e94c2f9e53b358c4b41dbf
N51f5f71029e94c2f9e53b358c4b41dbf
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low node754 +node754 [ shape=none, color=black label=<
low
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low
rdfs:comment"When a CVSS score is between 0.1 - 3.9"@en
> ] +# Ncf66bd72d323420ab0e7641bf68c07d8 node755 +node755 [ shape=none, color=black label=<
Ncf66bd72d323420ab0e7641bf68c07d8
Ncf66bd72d323420ab0e7641bf68c07d8
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise node756 +node756 [ shape=none, color=black label=<
datasetNoise
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise
rdfs:comment"Describes potentially noisy elements of the dataset."@en
> ] +# N02e958478172456685d9938355f10b15 node757 +node757 [ shape=none, color=black label=<
N02e958478172456685d9938355f10b15
N02e958478172456685d9938355f10b15
> ] +# N1a7eb7862d0d4e9693faf7d59fa9a6d0 node758 +node758 [ shape=none, color=black label=<
N1a7eb7862d0d4e9693faf7d59fa9a6d0
N1a7eb7862d0d4e9693faf7d59fa9a6d0
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic node759 +node759 [ shape=none, color=black label=<
syntactic
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic
rdfs:comment"data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/actionStatement node760 +node760 [ shape=none, color=black label=<
actionStatement
https://spdx.org/rdf/3.0.1/terms/Security/actionStatement
rdfs:comment"Provides advise on how to mitigate or remediate a vulnerability when a VEX product +is affected by it."@en
> ] +# Ne08b18c45a8d46cca93f1eb31573d3f1 node761 +node761 [ shape=none, color=black label=<
Ne08b18c45a8d46cca93f1eb31573d3f1
Ne08b18c45a8d46cca93f1eb31573d3f1
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata node762 +node762 [ shape=none, color=black label=<
hasMetadata
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata
rdfs:comment"Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`)."@en
> ] +# N0c02837e965d42c58736040b4e58c8a9 node763 +node763 [ shape=none, color=black label=<
N0c02837e965d42c58736040b4e58c8a9
N0c02837e965d42c58736040b4e58c8a9
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier node764 +node764 [ shape=none, color=black label=<
externalIdentifier
https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier
rdfs:comment"Provides a reference to a resource outside the scope of SPDX-3.0 content +that uniquely identifies an Element."@en
> ] +# N841c14c6358842848fed53fbaf858bd2 node765 +node765 [ shape=none, color=black label=<
N841c14c6358842848fed53fbaf858bd2
N841c14c6358842848fed53fbaf858bd2
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/probability node766 +node766 [ shape=none, color=black label=<
probability
https://spdx.org/rdf/3.0.1/terms/Security/probability
rdfs:comment"A probability score between 0 and 1 of a vulnerability being exploited."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm node767 +node767 [ shape=none, color=black label=<
npm
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm
rdfs:comment"A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file node768 +node768 [ shape=none, color=black label=<
file
https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file
rdfs:comment"The file represents a single file (default)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript node769 +node769 [ shape=none, color=black label=<
scrapingScript
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript
rdfs:comment"the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange node770 +node770 [ shape=none, color=black label=<
endIntegerRange
https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange
rdfs:comment"Defines the end of a range."@en
> ] +# N716b691134a34a70b7bb805b9de8f52b node771 +node771 [ shape=none, color=black label=<
N716b691134a34a70b7bb805b9de8f52b
N716b691134a34a70b7bb805b9de8f52b
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design node772 +node772 [ shape=none, color=black label=<
design
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design
rdfs:comment"A relationship has specific context implications during an element's design."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other node773 +node773 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other
rdfs:comment"the Element doesn't fit into any of the other categories"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/limitation node774 +node774 [ shape=none, color=black label=<
limitation
https://spdx.org/rdf/3.0.1/terms/AI/limitation
rdfs:comment"Captures a limitation of the AI software."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker node775 +node775 [ shape=none, color=black label=<
issueTracker
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker
rdfs:comment"A reference to the issue tracker for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/decisionType node776 +node776 [ shape=none, color=black label=<
decisionType
https://spdx.org/rdf/3.0.1/terms/Security/decisionType
rdfs:comment"Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf)"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor node777 +node777 [ shape=none, color=black label=<
sensor
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor
rdfs:comment"data is recorded from a physical sensor, such as a thermometer reading or biometric device."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Build/environment node778 +node778 [ shape=none, color=black label=<
environment
https://spdx.org/rdf/3.0.1/terms/Build/environment
rdfs:comment"Property describing the session in which a build is invoked."@en
> ] +# N951490d29f754c7ab5757228182beb80 node779 +node779 [ shape=none, color=black label=<
N951490d29f754c7ab5757228182beb80
N951490d29f754c7ab5757228182beb80
> ] +# N1cd63ea7bc934a35b59fe2f77c813714 node780 +node780 [ shape=none, color=black label=<
N1cd63ea7bc934a35b59fe2f77c813714
N1cd63ea7bc934a35b59fe2f77c813714
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license node781 +node781 [ shape=none, color=black label=<
license
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license
rdfs:comment"A reference to additional license information related to an artifact."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/specVersion node782 +node782 [ shape=none, color=black label=<
specVersion
https://spdx.org/rdf/3.0.1/terms/Core/specVersion
rdfs:comment"Provides a reference number that can be used to understand how to parse and interpret an Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship node783 +node783 [ shape=none, color=black label=<
ExploitCatalogVulnAssessmentRelationship
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship
rdfs:comment"Provides an exploit assessment of a vulnerability."@en
> ] +# N9fe19a46e0f245628f738b16685493e5 node784 +node784 [ shape=none, color=black label=<
N9fe19a46e0f245628f738b16685493e5
N9fe19a46e0f245628f738b16685493e5
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType node785 +node785 [ shape=none, color=black label=<
externalIdentifierType
https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType
rdfs:comment"Specifies the type of the external identifier."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement node786 +node786 [ shape=none, color=black label=<
hasRequirement
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement
rdfs:comment"The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/metric node787 +node787 [ shape=none, color=black label=<
metric
https://spdx.org/rdf/3.0.1/terms/AI/metric
rdfs:comment"Records the measurement of prediction quality of the AI model."@en
> ] +# Nfbe7ee05ca204337b19effe39cfc9820 node788 +node788 [ shape=none, color=black label=<
Nfbe7ee05ca204337b19effe39cfc9820
Nfbe7ee05ca204337b19effe39cfc9820
sh:maxCount"1"^^xsd:integer
> ] +# N0d41a83f609c410d919c966118ebddd4 node789 +node789 [ shape=none, color=black label=<
N0d41a83f609c410d919c966118ebddd4
N0d41a83f609c410d919c966118ebddd4
> ] +# Nbb25b2e9db2a49c8a18874ff748c43e8 node790 +node790 [ shape=none, color=black label=<
Nbb25b2e9db2a49c8a18874ff748c43e8
Nbb25b2e9db2a49c8a18874ff748c43e8
> ] +# https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty node791 +node791 [ shape=none, color=black label=<
cdxProperty
https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty
rdfs:comment"Provides a map of a property names to a values."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining node792 +node792 [ shape=none, color=black label=<
informationAboutTraining
https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining
rdfs:comment"Describes relevant information about different steps of the training process."@en
> ] +# N875dd7c0e36e48aa877c64a29955a1f7 node793 +node793 [ shape=none, color=black label=<
N875dd7c0e36e48aa877c64a29955a1f7
N875dd7c0e36e48aa877c64a29955a1f7
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high node794 +node794 [ shape=none, color=black label=<
high
https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high
rdfs:comment"The second-highest level of risk posed by an AI system."@en
> ] +# Ne9d6ff5a739f489b9031c1dec63f26e2 node795 +node795 [ shape=none, color=black label=<
Ne9d6ff5a739f489b9031c1dec63f26e2
Ne9d6ff5a739f489b9031c1dec63f26e2
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed node796 +node796 [ shape=none, color=black label=<
deployed
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed
rdfs:comment"in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri node797 +node797 [ shape=none, color=black label=<
customIdToUri
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri
rdfs:comment"Maps a LicenseRef or AdditionRef string for a Custom License or a Custom +License Addition to its URI ID."@en
> ] +# Na7a5192e768d487b8c79ff79532349a7 node798 +node798 [ shape=none, color=black label=<
Na7a5192e768d487b8c79ff79532349a7
Na7a5192e768d487b8c79ff79532349a7
sh:maxCount"1"^^xsd:integer
> ] +# Nfdc7b8c4576c4cdf8a68283f9a326125 node799 +node799 [ shape=none, color=black label=<
Nfdc7b8c4576c4cdf8a68283f9a326125
Nfdc7b8c4576c4cdf8a68283f9a326125
> ] +# Nf36a3be4f16e422a9a93f87f5a61445b node800 +node800 [ shape=none, color=black label=<
Nf36a3be4f16e422a9a93f87f5a61445b
Nf36a3be4f16e422a9a93f87f5a61445b
> ] +# Neb1a74c2615b4ea8890ecdab161b56b1 node801 +node801 [ shape=none, color=black label=<
Neb1a74c2615b4ea8890ecdab161b56b1
Neb1a74c2615b4ea8890ecdab161b56b1
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nb0bc21970df54cb0a1d664c07431262e node802 +node802 [ shape=none, color=black label=<
Nb0bc21970df54cb0a1d664c07431262e
Nb0bc21970df54cb0a1d664c07431262e
> ] +# N0870ab209fd54ad8b09fb82588667649 node803 +node803 [ shape=none, color=black label=<
N0870ab209fd54ad8b09fb82588667649
N0870ab209fd54ad8b09fb82588667649
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy node804 +node804 [ shape=none, color=black label=<
foundBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy
rdfs:comment"(Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch node805 +node805 [ shape=none, color=black label=<
patch
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch
rdfs:comment"Element contains a set of changes to update, fix, or improve another Element"@en
> ] +# Na8dade5b2f1c4788a4b6eddc45a913ef node806 +node806 [ shape=none, color=black label=<
Na8dade5b2f1c4788a4b6eddc45a913ef
Na8dade5b2f1c4788a4b6eddc45a913ef
> ] +# N59f735f9d44c4af99d7fce8e5b77957b node807 +node807 [ shape=none, color=black label=<
N59f735f9d44c4af99d7fce8e5b77957b
N59f735f9d44c4af99d7fce8e5b77957b
> ] +# N751f162398894e96a551ee035ed8eb7e node808 +node808 [ shape=none, color=black label=<
N751f162398894e96a551ee035ed8eb7e
N751f162398894e96a551ee035ed8eb7e
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete node809 +node809 [ shape=none, color=black label=<
complete
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete
rdfs:comment"The relationship is known to be exhaustive."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport node810 +node810 [ shape=none, color=black label=<
endOfSupport
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport
rdfs:comment"there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion node811 +node811 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion
rdfs:comment"data type is not known."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage node812 +node812 [ shape=none, color=black label=<
altWebPage
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage
rdfs:comment"A reference to an alternative web page."@en
> ] +# N04ed842b66984a99ad2f88f0f1fc2551 node813 +node813 [ shape=none, color=black label=<
N04ed842b66984a99ad2f88f0f1fc2551
N04ed842b66984a99ad2f88f0f1fc2551
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/relationshipType node814 +node814 [ shape=none, color=black label=<
relationshipType
https://spdx.org/rdf/3.0.1/terms/Core/relationshipType
rdfs:comment"Information about the relationship between two Elements."@en
> ] +# Nc16563e2f9654cb582df41acab68eed6 node815 +node815 [ shape=none, color=black label=<
Nc16563e2f9654cb582df41acab68eed6
Nc16563e2f9654cb582df41acab68eed6
sh:maxCount"1"^^xsd:integer
> ] +# Nd94cf9e914b84a66b87cd7ddf21ffb19 node816 +node816 [ shape=none, color=black label=<
Nd94cf9e914b84a66b87cd7ddf21ffb19
Nd94cf9e914b84a66b87cd7ddf21ffb19
sh:maxCount"1"^^xsd:integer
> ] +# N95c98363c6ec49ac9b3ad6b7e56b1dd5 node817 +node817 [ shape=none, color=black label=<
N95c98363c6ec49ac9b3ad6b7e56b1dd5
N95c98363c6ec49ac9b3ad6b7e56b1dd5
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# N84fed28911b148108f7186d91c187cc3 node818 +node818 [ shape=none, color=black label=<
N84fed28911b148108f7186d91c187cc3
N84fed28911b148108f7186d91c187cc3
> ] +# N54c8d1f8a376421ebb0165453e0d8809 node819 +node819 [ shape=none, color=black label=<
N54c8d1f8a376421ebb0165453e0d8809
N54c8d1f8a376421ebb0165453e0d8809
> ] +# N15eb8f3aead948d1aeef62c8c285cb01 node820 +node820 [ shape=none, color=black label=<
N15eb8f3aead948d1aeef62c8c285cb01
N15eb8f3aead948d1aeef62c8c285cb01
> ] +# N7ecf8dacaea24891b82f1e15a59e9fab node821 +node821 [ shape=none, color=black label=<
N7ecf8dacaea24891b82f1e15a59e9fab
N7ecf8dacaea24891b82f1e15a59e9fab
> ] +# N1db8ab61dd144bdfacabbf030b2cbba8 node822 +node822 [ shape=none, color=black label=<
N1db8ab61dd144bdfacabbf030b2cbba8
N1db8ab61dd144bdfacabbf030b2cbba8
> ] +# N5f24716bf8884e029ddf0441758d775b node823 +node823 [ shape=none, color=black label=<
N5f24716bf8884e029ddf0441758d775b
N5f24716bf8884e029ddf0441758d775b
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# Nb3f207c171684d51bd335c2f0811f05c node824 +node824 [ shape=none, color=black label=<
Nb3f207c171684d51bd335c2f0811f05c
Nb3f207c171684d51bd335c2f0811f05c
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia node825 +node825 [ shape=none, color=black label=<
socialMedia
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia
rdfs:comment"A reference to a social media channel for a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/contentType node826 +node826 [ shape=none, color=black label=<
contentType
https://spdx.org/rdf/3.0.1/terms/Core/contentType
rdfs:comment"Provides information about the content type of an Element or a Property."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding node827 +node827 [ shape=none, color=black label=<
funding
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding
rdfs:comment"A reference to funding information related to a package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev node828 +node828 [ shape=none, color=black label=<
kev
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev
rdfs:comment"CISA's Known Exploited Vulnerability (KEV) Catalog"@en
> ] +# Nede7c1a745a744088619ab6a905cffaa node829 +node829 [ shape=none, color=black label=<
Nede7c1a745a744088619ab6a905cffaa
Nede7c1a745a744088619ab6a905cffaa
sh:maxCount"1"^^xsd:integer
> ] +# http://www.w3.org/2001/XMLSchema#positiveInteger node830 +node830 [ shape=none, color=black label=<
positiveInteger
http://www.w3.org/2001/XMLSchema#positiveInteger
> ] +# N777bb4d4448946ed98136523de58c443 node831 +node831 [ shape=none, color=black label=<
N777bb4d4448946ed98136523de58c443
N777bb4d4448946ed98136523de58c443
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other node832 +node832 [ shape=none, color=black label=<
other
https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other
rdfs:comment"Other exploit catalogs"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio node833 +node833 [ shape=none, color=black label=<
audio
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio
rdfs:comment"data is audio based, such as a collection of music from the 80s."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness node834 +node834 [ shape=none, color=black label=<
RelationshipCompleteness
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness
rdfs:comment"Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability node835 +node835 [ shape=none, color=black label=<
datasetAvailability
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability
rdfs:comment"The field describes the availability of a dataset."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium node836 +node836 [ shape=none, color=black label=<
medium
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium
rdfs:comment"When a CVSS score is between 4.0 - 6.9"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6 node837 +node837 [ shape=none, color=black label=<
md6
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6
rdfs:comment"[MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf)"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy node838 +node838 [ shape=none, color=black label=<
patchedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy
rdfs:comment"Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`)."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption node839 +node839 [ shape=none, color=black label=<
finetuningEnergyConsumption
https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption
rdfs:comment"Specifies the amount of energy consumed when finetuning the AI model that is +being used in the AI system."@en
> ] +# N7be10c0ebd704159ba3a043c971a0e82 node840 +node840 [ shape=none, color=black label=<
N7be10c0ebd704159ba3a043c971a0e82
N7be10c0ebd704159ba3a043c971a0e82
> ] +# Nc8ac429bf0a04c7182d18c6dc29bf349 node841 +node841 [ shape=none, color=black label=<
Nc8ac429bf0a04c7182d18c6dc29bf349
Nc8ac429bf0a04c7182d18c6dc29bf349
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize node842 +node842 [ shape=none, color=black label=<
datasetSize
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize
rdfs:comment"Captures the size of the dataset."@en
> ] +# N6caebfdcc6b1423e97ce472843b453cc node843 +node843 [ shape=none, color=black label=<
N6caebfdcc6b1423e97ce472843b453cc
N6caebfdcc6b1423e97ce472843b453cc
> ] +# Ne0bbfda8fc6e4019a6f18a8f1c3d968e node844 +node844 [ shape=none, color=black label=<
Ne0bbfda8fc6e4019a6f18a8f1c3d968e
Ne0bbfda8fc6e4019a6f18a8f1c3d968e
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship node845 +node845 [ shape=none, color=black label=<
LifecycleScopedRelationship
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship
rdfs:comment"Provide context for a relationship that occurs in the lifecycle."@en
> ] +# Nb45b255894e543caa33d9bcf1147d725 node846 +node846 [ shape=none, color=black label=<
Nb45b255894e543caa33d9bcf1147d725
Nb45b255894e543caa33d9bcf1147d725
> ] +# N1c2f91858f004837ac0c4c77fb5e8a7d node847 +node847 [ shape=none, color=black label=<
N1c2f91858f004837ac0c4c77fb5e8a7d
N1c2f91858f004837ac0c4c77fb5e8a7d
> ] +# Nf77c6739fd7c4aaab87150780b6d0dc7 node848 +node848 [ shape=none, color=black label=<
Nf77c6739fd7c4aaab87150780b6d0dc7
Nf77c6739fd7c4aaab87150780b6d0dc7
> ] +# Nb341a88ecad74aee99f915b854446b09 node849 +node849 [ shape=none, color=black label=<
Nb341a88ecad74aee99f915b854446b09
Nb341a88ecad74aee99f915b854446b09
> ] +# Nf08336803bae4aeeb9a8aca7c004484d node850 +node850 [ shape=none, color=black label=<
Nf08336803bae4aeeb9a8aca7c004484d
Nf08336803bae4aeeb9a8aca7c004484d
> ] +# N72fb3ffc80e24589b392b7a0d40c7e8e node851 +node851 [ shape=none, color=black label=<
N72fb3ffc80e24589b392b7a0d40c7e8e
N72fb3ffc80e24589b392b7a0d40c7e8e
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing node852 +node852 [ shape=none, color=black label=<
expandedLicensing
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing
rdfs:comment"the element follows the expanded Licensing profile specification"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design node853 +node853 [ shape=none, color=black label=<
design
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design
rdfs:comment"SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact."@en
> ] +# Ne928de00c75a45d78f286a9018ddead5 node854 +node854 [ shape=none, color=black label=<
Ne928de00c75a45d78f286a9018ddead5
Ne928de00c75a45d78f286a9018ddead5
sh:maxCount"1"^^xsd:integer
sh:minCount"1"^^xsd:integer
> ] +# Nea0b31a06911482492c8aef36cd8278f node855 +node855 [ shape=none, color=black label=<
Nea0b31a06911482492c8aef36cd8278f
Nea0b31a06911482492c8aef36cd8278f
> ] +# N528adefc2e304e29835e837cd2f09ded node856 +node856 [ shape=none, color=black label=<
N528adefc2e304e29835e837cd2f09ded
N528adefc2e304e29835e837cd2f09ded
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/packageUrl node857 +node857 [ shape=none, color=black label=<
packageUrl
https://spdx.org/rdf/3.0.1/terms/Software/packageUrl
rdfs:comment"Provides a place for the SPDX data creator to record the package URL string +(in accordance with the +[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) +for a software Package."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23 node858 +node858 [ shape=none, color=black label=<
cpe23
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23
rdfs:comment"[Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final)"@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red node859 +node859 [ shape=none, color=black label=<
red
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red
rdfs:comment"Data points in the dataset are highly confidential and can only be shared with named recipients."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType node860 +node860 [ shape=none, color=black label=<
ConfidentialityLevelType
https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType
rdfs:comment"Categories of confidentiality level."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/createdBy node861 +node861 [ shape=none, color=black label=<
createdBy
https://spdx.org/rdf/3.0.1/terms/Core/createdBy
rdfs:comment"Identifies who or what created the Element."@en
> ] +# Na6a89d6b7dc1489999904f10bd0d2b39 node862 +node862 [ shape=none, color=black label=<
Na6a89d6b7dc1489999904f10bd0d2b39
Na6a89d6b7dc1489999904f10bd0d2b39
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve node863 +node863 [ shape=none, color=black label=<
cve
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve
rdfs:comment"Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id)."@en
> ] +# N85c70ece9ad34583b90c0c2639eb4d7c node864 +node864 [ shape=none, color=black label=<
N85c70ece9ad34583b90c0c2639eb4d7c
N85c70ece9ad34583b90c0c2639eb4d7c
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator node865 +node865 [ shape=none, color=black label=<
identifierLocator
https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator
rdfs:comment"Provides the location for more information regarding an external identifier."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects node866 +node866 [ shape=none, color=black label=<
affects
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects
rdfs:comment"(Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source node867 +node867 [ shape=none, color=black label=<
source
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source
rdfs:comment"SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact."@en
> ] +# N5e4a3631dcc8479a9ef35cf68d42b464 node868 +node868 [ shape=none, color=black label=<
N5e4a3631dcc8479a9ef35cf68d42b464
N5e4a3631dcc8479a9ef35cf68d42b464
> ] +# N2a5378c49d2445ab932ad9f645b97d22 node869 +node869 [ shape=none, color=black label=<
N2a5378c49d2445ab932ad9f645b97d22
N2a5378c49d2445ab932ad9f645b97d22
> ] +# N543f972e50454cb7b9fb37bf2b655ba7 node870 +node870 [ shape=none, color=black label=<
N543f972e50454cb7b9fb37bf2b655ba7
N543f972e50454cb7b9fb37bf2b655ba7
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/energyUnit node871 +node871 [ shape=none, color=black label=<
energyUnit
https://spdx.org/rdf/3.0.1/terms/AI/energyUnit
rdfs:comment"Specifies the unit in which energy is measured."@en
> ] +# N279f5731efce43d2ad8bf0716454859e node872 +node872 [ shape=none, color=black label=<
N279f5731efce43d2ad8bf0716454859e
N279f5731efce43d2ad8bf0716454859e
> ] +# N8eb250a5d66b44b69fe07972c365f16e node873 +node873 [ shape=none, color=black label=<
N8eb250a5d66b44b69fe07972c365f16e
N8eb250a5d66b44b69fe07972c365f16e
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework node874 +node874 [ shape=none, color=black label=<
framework
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework
rdfs:comment"the Element is a software framework"@en
> ] +# N497aab663bcd4b378080716c852d3fb5 node875 +node875 [ shape=none, color=black label=<
N497aab663bcd4b378080716c852d3fb5
N497aab663bcd4b378080716c852d3fb5
> ] +# Nd5d43a7121a641c4836501c1746381cd node876 +node876 [ shape=none, color=black label=<
Nd5d43a7121a641c4836501c1746381cd
Nd5d43a7121a641c4836501c1746381cd
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType node877 +node877 [ shape=none, color=black label=<
LifecycleScopeType
https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType
rdfs:comment"Provide an enumerated set of lifecycle phases that can provide context to relationships."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel node878 +node878 [ shape=none, color=black label=<
confidentialityLevel
https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel
rdfs:comment"Describes the confidentiality level of the data points contained in the dataset."@en
> ] +# N1f95d1cd735d45aeb0af0464449cd755 node879 +node879 [ shape=none, color=black label=<
N1f95d1cd735d45aeb0af0464449cd755
N1f95d1cd735d45aeb0af0464449cd755
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence node880 +node880 [ shape=none, color=black label=<
evidence
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence
rdfs:comment"the Element is the evidence that a specification or requirement has been fulfilled"@en
> ] +# Nc0868e8824514f64aac0b765a84ec4f2 node881 +node881 [ shape=none, color=black label=<
Nc0868e8824514f64aac0b765a84ec4f2
Nc0868e8824514f64aac0b765a84ec4f2
sh:maxCount"1"^^xsd:integer
> ] +# N115e5ebcad2a43f09a5ab9989306b806 node882 +node882 [ shape=none, color=black label=<
N115e5ebcad2a43f09a5ab9989306b806
N115e5ebcad2a43f09a5ab9989306b806
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation node883 +node883 [ shape=none, color=black label=<
hasSensitivePersonalInformation
https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation
rdfs:comment"Describes if any sensitive personal information is present in the dataset."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed node884 +node884 [ shape=none, color=black label=<
deployed
https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed
rdfs:comment"SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense node885 +node885 [ shape=none, color=black label=<
subjectExtendableLicense
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense
rdfs:comment"A License participating in a 'with addition' model."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai node886 +node886 [ shape=none, color=black label=<
ai
https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai
rdfs:comment"the element follows the AI profile specification"@en
> ] +# N61f434c0941c44248768e7407dd3104b node887 +node887 [ shape=none, color=black label=<
N61f434c0941c44248768e7407dd3104b
N61f434c0941c44248768e7407dd3104b
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo node888 +node888 [ shape=none, color=black label=<
copiedTo
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo
rdfs:comment"The `from` Element has been copied to each `to` Element."@en
> ] +# N9845455196e64629a500b7d17b37ebb5 node889 +node889 [ shape=none, color=black label=<
N9845455196e64629a500b7d17b37ebb5
N9845455196e64629a500b7d17b37ebb5
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification node890 +node890 [ shape=none, color=black label=<
hasSpecification
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification
rdfs:comment"Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period."@en
> ] +# Nb4db7efa86384e16aa5b90c4d9ce6c58 node891 +node891 [ shape=none, color=black label=<
Nb4db7efa86384e16aa5b90c4d9ce6c58
Nb4db7efa86384e16aa5b90c4d9ce6c58
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# http://www.w3.org/2001/XMLSchema#nonNegativeInteger node892 +node892 [ shape=none, color=black label=<
nonNegativeInteger
http://www.w3.org/2001/XMLSchema#nonNegativeInteger
> ] +# N3f2556043b36407e84ee3ab934b0349a node893 +node893 [ shape=none, color=black label=<
N3f2556043b36407e84ee3ab934b0349a
N3f2556043b36407e84ee3ab934b0349a
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy node894 +node894 [ shape=none, color=black label=<
modifiedBy
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy
rdfs:comment"The `from` Element is modified by each `to` Element."@en
> ] +# Nad65a33eade646439bc411d664e9de09 node895 +node895 [ shape=none, color=black label=<
Nad65a33eade646439bc411d664e9de09
Nad65a33eade646439bc411d664e9de09
> ] +# Nf43dd14693b944929d0342fc0aeb9841 node896 +node896 [ shape=none, color=black label=<
Nf43dd14693b944929d0342fc0aeb9841
Nf43dd14693b944929d0342fc0aeb9841
> ] +# Nb5777a600c2c4ab6aa818a3c0412d8aa node897 +node897 [ shape=none, color=black label=<
Nb5777a600c2c4ab6aa818a3c0412d8aa
Nb5777a600c2c4ab6aa818a3c0412d8aa
> ] +# N665e5945290c49529d2fdc751c822ca1 node898 +node898 [ shape=none, color=black label=<
N665e5945290c49529d2fdc751c822ca1
N665e5945290c49529d2fdc751c822ca1
> ] +# Ne0cb841671954f96b8be1d3d9515c8e6 node899 +node899 [ shape=none, color=black label=<
Ne0cb841671954f96b8be1d3d9515c8e6
Ne0cb841671954f96b8be1d3d9515c8e6
sh:minCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType node900 +node900 [ shape=none, color=black label=<
datasetType
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType
rdfs:comment"Describes the type of the given dataset."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/prefix node901 +node901 [ shape=none, color=black label=<
prefix
https://spdx.org/rdf/3.0.1/terms/Core/prefix
rdfs:comment"A substitute for a URI."@en
> ] +# Na184ef193ff84cd59d2e887052b8b5c9 node902 +node902 [ shape=none, color=black label=<
Na184ef193ff84cd59d2e887052b8b5c9
Na184ef193ff84cd59d2e887052b8b5c9
> ] +# N913aa93aa03c46f3ba95b144b780855d node903 +node903 [ shape=none, color=black label=<
N913aa93aa03c46f3ba95b144b780855d
N913aa93aa03c46f3ba95b144b780855d
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/statement node904 +node904 [ shape=none, color=black label=<
statement
https://spdx.org/rdf/3.0.1/terms/Core/statement
rdfs:comment"Commentary on an assertion that an annotator has made."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile node905 +node905 [ shape=none, color=black label=<
snippetFromFile
https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile
rdfs:comment"Defines the original host file that the snippet information applies to."@en
> ] +# N700f37ab00514ab7afa2ca82dff798bb node906 +node906 [ shape=none, color=black label=<
N700f37ab00514ab7afa2ca82dff798bb
N700f37ab00514ab7afa2ca82dff798bb
> ] +# N7a45fae2fd304316b84af8bf3a8a166b node907 +node907 [ shape=none, color=black label=<
N7a45fae2fd304316b84af8bf3a8a166b
N7a45fae2fd304316b84af8bf3a8a166b
> ] +# N8278b15a15ce4035990796eb61490eb8 node908 +node908 [ shape=none, color=black label=<
N8278b15a15ce4035990796eb61490eb8
N8278b15a15ce4035990796eb61490eb8
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation node909 +node909 [ shape=none, color=black label=<
documentation
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation
rdfs:comment"Element is documentation"@en
> ] +# N7834e705028e429a80f5de85f6b54deb node910 +node910 [ shape=none, color=black label=<
N7834e705028e429a80f5de85f6b54deb
N7834e705028e429a80f5de85f6b54deb
sh:maxCount"1"^^xsd:integer
> ] +# Nc5e464b40d1044d6a3519e29bd73659e node911 +node911 [ shape=none, color=black label=<
Nc5e464b40d1044d6a3519e29bd73659e
Nc5e464b40d1044d6a3519e29bd73659e
> ] +# N932c7c2af26c49e084d57cb7ab0a5aaa node912 +node912 [ shape=none, color=black label=<
N932c7c2af26c49e084d57cb7ab0a5aaa
N932c7c2af26c49e084d57cb7ab0a5aaa
> ] +# N5d6cf388cf49407cad7bec4a0891cecd node913 +node913 [ shape=none, color=black label=<
N5d6cf388cf49407cad7bec4a0891cecd
N5d6cf388cf49407cad7bec4a0891cecd
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512 node914 +node914 [ shape=none, color=black label=<
sha512
https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512
rdfs:comment"SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)."@en
> ] +# https://spdx.org/licenses/Community-Spec-1.0.html node915 +node915 [ shape=none, color=black label=<
Community-Spec-1.0.html
https://spdx.org/licenses/Community-Spec-1.0.html
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/summary node916 +node916 [ shape=none, color=black label=<
summary
https://spdx.org/rdf/3.0.1/terms/Core/summary
rdfs:comment"A short description of an Element."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/comment node917 +node917 [ shape=none, color=black label=<
comment
https://spdx.org/rdf/3.0.1/terms/Core/comment
rdfs:comment"Provide consumers with comments by the creator of the Element about the +Element."@en
> ] +# Ne0ee486c8d9d4b03bc1277692c32f906 node918 +node918 [ shape=none, color=black label=<
Ne0ee486c8d9d4b03bc1277692c32f906
Ne0ee486c8d9d4b03bc1277692c32f906
> ] +# N9cdb48be2e494d1eb5832edac5bfabcc node919 +node919 [ shape=none, color=black label=<
N9cdb48be2e494d1eb5832edac5bfabcc
N9cdb48be2e494d1eb5832edac5bfabcc
> ] +# https://spdx.dev/specifications/ node920 +node920 [ shape=none, color=black label=<
https://spdx.dev/specifications/
https://spdx.dev/specifications/
> ] +# Nd572fade25a14e0786dadc2163719c60 node921 +node921 [ shape=none, color=black label=<
Nd572fade25a14e0786dadc2163719c60
Nd572fade25a14e0786dadc2163719c60
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/completeness node922 +node922 [ shape=none, color=black label=<
completeness
https://spdx.org/rdf/3.0.1/terms/Core/completeness
rdfs:comment"Provides information about the completeness of relationships."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport node923 +node923 [ shape=none, color=black label=<
certificationReport
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport
rdfs:comment"A reference to a certification report for a package from an accredited/independent body."@en
> ] +# N21fe42ed0dc442aa863a3de8cc0fc2cc node924 +node924 [ shape=none, color=black label=<
N21fe42ed0dc442aa863a3de8cc0fc2cc
N21fe42ed0dc442aa863a3de8cc0fc2cc
> ] +# Na63cd7a094ea4f058fc19c559fcdd049 node925 +node925 [ shape=none, color=black label=<
Na63cd7a094ea4f058fc19c559fcdd049
Na63cd7a094ea4f058fc19c559fcdd049
> ] +# N13cf8e7406894cb38f883a17c081cecb node926 +node926 [ shape=none, color=black label=<
N13cf8e7406894cb38f883a17c081cecb
N13cf8e7406894cb38f883a17c081cecb
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/byteRange node927 +node927 [ shape=none, color=black label=<
byteRange
https://spdx.org/rdf/3.0.1/terms/Software/byteRange
rdfs:comment"Defines the byte range in the original host file that the snippet information +applies to."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement node928 +node928 [ shape=none, color=black label=<
requirement
https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement
rdfs:comment"the Element provides a requirement needed as input for another Element"@en
> ] +# N7d6e7daa66744912a9c88023f019c6b8 node929 +node929 [ shape=none, color=black label=<
N7d6e7daa66744912a9c88023f019c6b8
N7d6e7daa66744912a9c88023f019c6b8
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/autonomyType node930 +node930 [ shape=none, color=black label=<
autonomyType
https://spdx.org/rdf/3.0.1/terms/AI/autonomyType
rdfs:comment"Indicates whether the system can perform a decision or action without human +involvement or guidance."@en
> ] +# N1ccc7e7cb38d49618d110b57fbaaa03c node931 +node931 [ shape=none, color=black label=<
N1ccc7e7cb38d49618d110b57fbaaa03c
N1ccc7e7cb38d49618d110b57fbaaa03c
sh:maxCount"1"^^xsd:integer
> ] +# Na430c1ce1b954683a1960888daacfcc3 node932 +node932 [ shape=none, color=black label=<
Na430c1ce1b954683a1960888daacfcc3
Na430c1ce1b954683a1960888daacfcc3
sh:maxCount"1"^^xsd:integer
sh:pattern"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$"
> ] +# https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion node933 +node933 [ shape=none, color=black label=<
NoAssertion
https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion
> ] +# Ne69426f40a8840b78c100bbd7dfc1be8 node934 +node934 [ shape=none, color=black label=<
Ne69426f40a8840b78c100bbd7dfc1be8
Ne69426f40a8840b78c100bbd7dfc1be8
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/createdUsing node935 +node935 [ shape=none, color=black label=<
createdUsing
https://spdx.org/rdf/3.0.1/terms/Core/createdUsing
rdfs:comment"Identifies the tooling that was used during the creation of the Element."@en
> ] +# Nf0386bafacfc42db83e12b3c334eb228 node936 +node936 [ shape=none, color=black label=<
Nf0386bafacfc42db83e12b3c334eb228
Nf0386bafacfc42db83e12b3c334eb228
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn node937 +node937 [ shape=none, color=black label=<
fixedIn
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn
rdfs:comment"(Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships."@en
> ] +# N4487da6250c34216a326cb7794e37ebf node938 +node938 [ shape=none, color=black label=<
N4487da6250c34216a326cb7794e37ebf
N4487da6250c34216a326cb7794e37ebf
> ] +# N4b3936de634f4ee880077bbc2910c7c8 node939 +node939 [ shape=none, color=black label=<
N4b3936de634f4ee880077bbc2910c7c8
N4b3936de634f4ee880077bbc2910c7c8
> ] +# N927bddef27754fc3a2bf4bab325a2bb2 node940 +node940 [ shape=none, color=black label=<
N927bddef27754fc3a2bf4bab325a2bb2
N927bddef27754fc3a2bf4bab325a2bb2
> ] +# Nbc2c821bcf9e4eee9771deb1c7eaa1c7 node941 +node941 [ shape=none, color=black label=<
Nbc2c821bcf9e4eee9771deb1c7eaa1c7
Nbc2c821bcf9e4eee9771deb1c7eaa1c7
> ] +# https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression node942 +node942 [ shape=none, color=black label=<
licenseExpression
https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression
rdfs:comment"A string in the license expression format."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion node943 +node943 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion
rdfs:comment"no assertion about the type of support is made. This is considered the default if no other support type is used."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther node944 +node944 [ shape=none, color=black label=<
securityOther
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther
rdfs:comment"A reference to related security information of unspecified type."@en
> ] +# N45d1d3a94b7645f6882c867934b92d18 node945 +node945 [ shape=none, color=black label=<
N45d1d3a94b7645f6882c867934b92d18
N45d1d3a94b7645f6882c867934b92d18
> ] +# N7e08f8bf10b04e429ff625d73551744f node946 +node946 [ shape=none, color=black label=<
N7e08f8bf10b04e429ff625d73551744f
N7e08f8bf10b04e429ff625d73551744f
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime node947 +node947 [ shape=none, color=black label=<
impactStatementTime
https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime
rdfs:comment"Timestamp of impact statement."@en
> ] +# Necc602d6d5a0483eb3231bd6a4d9f8b5 node948 +node948 [ shape=none, color=black label=<
Necc602d6d5a0483eb3231bd6a4d9f8b5
Necc602d6d5a0483eb3231bd6a4d9f8b5
> ] +# Na207ecd6db2b46638b78e757eae79090 node949 +node949 [ shape=none, color=black label=<
Na207ecd6db2b46638b78e757eae79090
Na207ecd6db2b46638b78e757eae79090
> ] +# Nac0b053b62134839a13938ec4b85cc80 node950 +node950 [ shape=none, color=black label=<
Nac0b053b62134839a13938ec4b85cc80
Nac0b053b62134839a13938ec4b85cc80
> ] +# https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track node951 +node951 [ shape=none, color=black label=<
track
https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track
rdfs:comment"The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines."@en
> ] +# Nbc4daf2afe124a18b375db103828215f node952 +node952 [ shape=none, color=black label=<
Nbc4daf2afe124a18b375db103828215f
Nbc4daf2afe124a18b375db103828215f
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess node953 +node953 [ shape=none, color=black label=<
dataCollectionProcess
https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess
rdfs:comment"Describes how the dataset was collected."@en
> ] +# Ne7af0eb912a644c3a4ac9262636d2be6 node954 +node954 [ shape=none, color=black label=<
Ne7af0eb912a644c3a4ac9262636d2be6
Ne7af0eb912a644c3a4ac9262636d2be6
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/scope node955 +node955 [ shape=none, color=black label=<
scope
https://spdx.org/rdf/3.0.1/terms/Core/scope
rdfs:comment"Capture the scope of information about a specific relationship between elements."@en
> ] +# Neb80ea61c9b0428093c9124e4ffdac71 node956 +node956 [ shape=none, color=black label=<
Neb80ea61c9b0428093c9124e4ffdac71
Neb80ea61c9b0428093c9124e4ffdac71
> ] +# Na0cc6061cd1d4b648f2653ad68cca6e6 node957 +node957 [ shape=none, color=black label=<
Na0cc6061cd1d4b648f2653ad68cca6e6
Na0cc6061cd1d4b648f2653ad68cca6e6
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support node958 +node958 [ shape=none, color=black label=<
support
https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support
rdfs:comment"the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support."@en
> ] +# N612ca351cb7c4f8599e70a1b34eb6b3a node959 +node959 [ shape=none, color=black label=<
N612ca351cb7c4f8599e70a1b34eb6b3a
N612ca351cb7c4f8599e70a1b34eb6b3a
> ] +# Ne5f37e09dfee4a2bbded49307c363f4f node960 +node960 [ shape=none, color=black label=<
Ne5f37e09dfee4a2bbded49307c363f4f
Ne5f37e09dfee4a2bbded49307c363f4f
> ] +# N458887b5c24f429f96910b8904c3ab1b node961 +node961 [ shape=none, color=black label=<
N458887b5c24f429f96910b8904c3ab1b
N458887b5c24f429f96910b8904c3ab1b
> ] +# N370f0a0806084c79bb384aaa5055934e node962 +node962 [ shape=none, color=black label=<
N370f0a0806084c79bb384aaa5055934e
N370f0a0806084c79bb384aaa5055934e
sh:maxCount"1"^^xsd:integer
> ] +# Nd3ba8e034c2e42679fd4415ee8fe2a3a node963 +node963 [ shape=none, color=black label=<
Nd3ba8e034c2e42679fd4415ee8fe2a3a
Nd3ba8e034c2e42679fd4415ee8fe2a3a
> ] +# Ncf8d24ba35a84bc3a517195b1c3c4a9a node964 +node964 [ shape=none, color=black label=<
Ncf8d24ba35a84bc3a517195b1c3c4a9a
Ncf8d24ba35a84bc3a517195b1c3c4a9a
> ] +# N8c95748755344c71b4d6aa2b8cb2e46d node965 +node965 [ shape=none, color=black label=<
N8c95748755344c71b4d6aa2b8cb2e46d
N8c95748755344c71b4d6aa2b8cb2e46d
> ] +# N6dbf59aebff34df2ab2fdfd40c2a44bf node966 +node966 [ shape=none, color=black label=<
N6dbf59aebff34df2ab2fdfd40c2a44bf
N6dbf59aebff34df2ab2fdfd40c2a44bf
> ] +# N404fd4979db04e05a8fe73b342ba70c8 node967 +node967 [ shape=none, color=black label=<
N404fd4979db04e05a8fe73b342ba70c8
N404fd4979db04e05a8fe73b342ba70c8
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition node968 +node968 [ shape=none, color=black label=<
CustomLicenseAddition
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition
rdfs:comment"A license addition that is not listed on the SPDX Exceptions List."@en
> ] +# Ne189a0a4177d4112aaebf50192411711 node969 +node969 [ shape=none, color=black label=<
Ne189a0a4177d4112aaebf50192411711
Ne189a0a4177d4112aaebf50192411711
> ] +# Nc836a18b829b4084a8cb3bc6f4978bf4 node970 +node970 [ shape=none, color=black label=<
Nc836a18b829b4084a8cb3bc6f4978bf4
Nc836a18b829b4084a8cb3bc6f4978bf4
> ] +# N3b552cc9140342feb0b1df9ef980ba86 node971 +node971 [ shape=none, color=black label=<
N3b552cc9140342feb0b1df9ef980ba86
N3b552cc9140342feb0b1df9ef980ba86
> ] +# Nbf7612edac804159afd31050c5f5723b node972 +node972 [ shape=none, color=black label=<
Nbf7612edac804159afd31050c5f5723b
Nbf7612edac804159afd31050c5f5723b
> ] +# N44bb9bd964174e8981eea65578cb1d15 node973 +node973 [ shape=none, color=black label=<
N44bb9bd964174e8981eea65578cb1d15
N44bb9bd964174e8981eea65578cb1d15
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl node974 +node974 [ shape=none, color=black label=<
packageUrl
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl
rdfs:comment"[package URL](https://github.com/package-url/purl-spec)"@en
> ] +# Na7939eed8cf14f7ba3e816ab8b03b1b4 node975 +node975 [ shape=none, color=black label=<
Na7939eed8cf14f7ba3e816ab8b03b1b4
Na7939eed8cf14f7ba3e816ab8b03b1b4
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph node976 +node976 [ shape=none, color=black label=<
graph
https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph
rdfs:comment"data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends."@en
> ] +# Nd7402a4e4f644aba8266087620eb5d09 node977 +node977 [ shape=none, color=black label=<
Nd7402a4e4f644aba8266087620eb5d09
Nd7402a4e4f644aba8266087620eb5d09
> ] +# N4e75b5401f9c455582bbb6bacf68bbe3 node978 +node978 [ shape=none, color=black label=<
N4e75b5401f9c455582bbb6bacf68bbe3
N4e75b5401f9c455582bbb6bacf68bbe3
> ] +# N5a321df7ff09444d80b427a5ffe40b01 node979 +node979 [ shape=none, color=black label=<
N5a321df7ff09444d80b427a5ffe40b01
N5a321df7ff09444d80b427a5ffe40b01
> ] +# N8351cb064ba94743bef545e573e7e31c node980 +node980 [ shape=none, color=black label=<
N8351cb064ba94743bef545e573e7e31c
N8351cb064ba94743bef545e573e7e31c
> ] +# N7ce010ddc007435f9d9fe3187740ad01 node981 +node981 [ shape=none, color=black label=<
N7ce010ddc007435f9d9fe3187740ad01
N7ce010ddc007435f9d9fe3187740ad01
> ] +# Ncbd961c1358b42cd8a9eb39a7e43c540 node982 +node982 [ shape=none, color=black label=<
Ncbd961c1358b42cd8a9eb39a7e43c540
Ncbd961c1358b42cd8a9eb39a7e43c540
> ] +# N94fe4b99ae1243bb8f39383e0afa5798 node983 +node983 [ shape=none, color=black label=<
N94fe4b99ae1243bb8f39383e0afa5798
N94fe4b99ae1243bb8f39383e0afa5798
> ] +# N39dc05b743024b929e08b5650a48447d node984 +node984 [ shape=none, color=black label=<
N39dc05b743024b929e08b5650a48447d
N39dc05b743024b929e08b5650a48447d
> ] +# Nf37bb8045d7f4c1a90162aec3ab69a22 node985 +node985 [ shape=none, color=black label=<
Nf37bb8045d7f4c1a90162aec3ab69a22
Nf37bb8045d7f4c1a90162aec3ab69a22
> ] +# Nbe9165ef403041658229bd25385acb05 node986 +node986 [ shape=none, color=black label=<
Nbe9165ef403041658229bd25385acb05
Nbe9165ef403041658229bd25385acb05
> ] +# N0982a5165c6c49e18411ac17b15c0526 node987 +node987 [ shape=none, color=black label=<
N0982a5165c6c49e18411ac17b15c0526
N0982a5165c6c49e18411ac17b15c0526
> ] +# N4e1500d941f346f7bd3d98d5f60b91b7 node988 +node988 [ shape=none, color=black label=<
N4e1500d941f346f7bd3d98d5f60b91b7
N4e1500d941f346f7bd3d98d5f60b91b7
> ] +# Ne38b05c1d1804c8b98feabba22e8b1f9 node989 +node989 [ shape=none, color=black label=<
Ne38b05c1d1804c8b98feabba22e8b1f9
Ne38b05c1d1804c8b98feabba22e8b1f9
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid node990 +node990 [ shape=none, color=black label=<
gitoid
https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid
rdfs:comment"[Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property."@en
> ] +# N042dd278f41c48cc95cf1285f05e6adf node991 +node991 [ shape=none, color=black label=<
N042dd278f41c48cc95cf1285f05e6adf
N042dd278f41c48cc95cf1285f05e6adf
> ] +# N23646bbb734e43bd8aa064846d590a8b node992 +node992 [ shape=none, color=black label=<
N23646bbb734e43bd8aa064846d590a8b
N23646bbb734e43bd8aa064846d590a8b
> ] +# https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism node993 +node993 [ shape=none, color=black label=<
datasetUpdateMechanism
https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism
rdfs:comment"Describes a mechanism to update the dataset."@en
> ] +# https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText node994 +node994 [ shape=none, color=black label=<
additionText
https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText
rdfs:comment"Identifies the full text of a LicenseAddition."@en
> ] +# N9ddca5522ed74630a76edf2364d8e3ce node995 +node995 [ shape=none, color=black label=<
N9ddca5522ed74630a76edf2364d8e3ce
N9ddca5522ed74630a76edf2364d8e3ce
> ] +# N019aed99b28849fcb8214a4a8ab8bef6 node996 +node996 [ shape=none, color=black label=<
N019aed99b28849fcb8214a4a8ab8bef6
N019aed99b28849fcb8214a4a8ab8bef6
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/builtTime node997 +node997 [ shape=none, color=black label=<
builtTime
https://spdx.org/rdf/3.0.1/terms/Core/builtTime
rdfs:comment"Specifies the time an artifact was built."@en
> ] +# N2d71476b855049dda19f623701568bc8 node998 +node998 [ shape=none, color=black label=<
N2d71476b855049dda19f623701568bc8
N2d71476b855049dda19f623701568bc8
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion node999 +node999 [ shape=none, color=black label=<
noAssertion
https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion
rdfs:comment"No assertion can be made about the completeness of the relationship."@en
> ] +# N455a384ce9cd4dc6a436d35c9165e0a6 node1000 +node1000 [ shape=none, color=black label=<
N455a384ce9cd4dc6a436d35c9165e0a6
N455a384ce9cd4dc6a436d35c9165e0a6
> ] +# N523a9398ce2e4810a900f0d77d570a27 node1001 +node1001 [ shape=none, color=black label=<
N523a9398ce2e4810a900f0d77d570a27
N523a9398ce2e4810a900f0d77d570a27
> ] +# Nbc6c0b3a0eb04a2ba09dff9cfcd7e4a2 node1002 +node1002 [ shape=none, color=black label=<
Nbc6c0b3a0eb04a2ba09dff9cfcd7e4a2
Nbc6c0b3a0eb04a2ba09dff9cfcd7e4a2
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support node1003 +node1003 [ shape=none, color=black label=<
support
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support
rdfs:comment"A reference to the software support channel or other support information for a package."@en
> ] +# Nd6f1546312224c1db07a27c4fef243c3 node1004 +node1004 [ shape=none, color=black label=<
Nd6f1546312224c1db07a27c4fef243c3
Nd6f1546312224c1db07a27c4fef243c3
> ] +# N4aed01f23eae4b6c8654653e1265cf5f node1005 +node1005 [ shape=none, color=black label=<
N4aed01f23eae4b6c8654653e1265cf5f
N4aed01f23eae4b6c8654653e1265cf5f
> ] +# N9f949027238b48d3a0cc0a61233b83ee node1006 +node1006 [ shape=none, color=black label=<
N9f949027238b48d3a0cc0a61233b83ee
N9f949027238b48d3a0cc0a61233b83ee
> ] +# N1762ccec220a442b800006d356c55ba2 node1007 +node1007 [ shape=none, color=black label=<
N1762ccec220a442b800006d356c55ba2
N1762ccec220a442b800006d356c55ba2
> ] +# N51076bf0cf9240b082c822c8cad8da38 node1008 +node1008 [ shape=none, color=black label=<
N51076bf0cf9240b082c822c8cad8da38
N51076bf0cf9240b082c822c8cad8da38
> ] +# N2c5c8f09a37549e88b3274c0b9264465 node1009 +node1009 [ shape=none, color=black label=<
N2c5c8f09a37549e88b3274c0b9264465
N2c5c8f09a37549e88b3274c0b9264465
sh:maxCount"1"^^xsd:integer
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation node1010 +node1010 [ shape=none, color=black label=<
altDownloadLocation
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation
rdfs:comment"A reference to an alternative download location."@en
> ] +# Nf8873e642ce74e8cb195a0009fae76a0 node1011 +node1011 [ shape=none, color=black label=<
Nf8873e642ce74e8cb195a0009fae76a0
Nf8873e642ce74e8cb195a0009fae76a0
> ] +# N4ee2c78733ca4fc2997def693047a204 node1012 +node1012 [ shape=none, color=black label=<
N4ee2c78733ca4fc2997def693047a204
N4ee2c78733ca4fc2997def693047a204
> ] +# Nb906ac1d97314a27afe5eebaaf034bf3 node1013 +node1013 [ shape=none, color=black label=<
Nb906ac1d97314a27afe5eebaaf034bf3
Nb906ac1d97314a27afe5eebaaf034bf3
> ] +# N8c4e7ea37a7b4b32b12ea438714fc284 node1014 +node1014 [ shape=none, color=black label=<
N8c4e7ea37a7b4b32b12ea438714fc284
N8c4e7ea37a7b4b32b12ea438714fc284
> ] +# Nac9a31756dcc4479828749fd7ea8c6c9 node1015 +node1015 [ shape=none, color=black label=<
Nac9a31756dcc4479828749fd7ea8c6c9
Nac9a31756dcc4479828749fd7ea8c6c9
> ] +# https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment node1016 +node1016 [ shape=none, color=black label=<
exportControlAssessment
https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment
rdfs:comment"A reference to a export control assessment for a package."@en
> ] +# N238482239d344520865a260114074cb8 node1017 +node1017 [ shape=none, color=black label=<
N238482239d344520865a260114074cb8
N238482239d344520865a260114074cb8
> ] +# Ne57c411f873a4c139536ab521a63eaae node1018 +node1018 [ shape=none, color=black label=<
Ne57c411f873a4c139536ab521a63eaae
Ne57c411f873a4c139536ab521a63eaae
> ] +# N3b937b1857e54e3eb0df9d432040e23a node1019 +node1019 [ shape=none, color=black label=<
N3b937b1857e54e3eb0df9d432040e23a
N3b937b1857e54e3eb0df9d432040e23a
> ] +# N83510acfee404a5c91553d2a1e794dd6 node1020 +node1020 [ shape=none, color=black label=<
N83510acfee404a5c91553d2a1e794dd6
N83510acfee404a5c91553d2a1e794dd6
> ] +# N82e966e2790a4dd4a26ad0c4c9fa2297 node1021 +node1021 [ shape=none, color=black label=<
N82e966e2790a4dd4a26ad0c4c9fa2297
N82e966e2790a4dd4a26ad0c4c9fa2297
> ] +# N8c621a174c4f44728e8de071b4c21b9f node1022 +node1022 [ shape=none, color=black label=<
N8c621a174c4f44728e8de071b4c21b9f
N8c621a174c4f44728e8de071b4c21b9f
> ] +# https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment node1023 +node1023 [ shape=none, color=black label=<
safetyRiskAssessment
https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment
rdfs:comment"Records the results of general safety risk assessment of the AI system."@en
> ] +# Nb63b33a457654afdb83f7dafd90f7b39 node1024 +node1024 [ shape=none, color=black label=<
Nb63b33a457654afdb83f7dafd90f7b39
Nb63b33a457654afdb83f7dafd90f7b39
> ] +# Nca85ea2a58fc40e882b2d3d325824ba9 node1025 +node1025 [ shape=none, color=black label=<
Nca85ea2a58fc40e882b2d3d325824ba9
Nca85ea2a58fc40e882b2d3d325824ba9
> ] +# Ne48f91499e9a4270a49ca5c2bb5c14e5 node1026 +node1026 [ shape=none, color=black label=<
Ne48f91499e9a4270a49ca5c2bb5c14e5
Ne48f91499e9a4270a49ca5c2bb5c14e5
> ] } diff --git a/v3.0.1-draft/model/spdx-model.json-ld b/v3.0.1-draft/model/spdx-model.json-ld index 88fd06d24a..1a175c61df 100644 --- a/v3.0.1-draft/model/spdx-model.json-ld +++ b/v3.0.1-draft/model/spdx-model.json-ld @@ -1,19 +1,108 @@ [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Snippet", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Indicates the type of support that is associated with an artifact." + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Records the time when a recommended action was communicated in a VEX statement\nto mitigate a vulnerability." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies the VEX justification type." + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "the Element is a single or a collection of source files" + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "source" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "The relative file name of a file to be excluded from the\n`PackageVerificationCode`." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies the unit of energy consumption." + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact", "@type": [ "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes a certain part of a file." + "@value": "A distinct article or unit within the digital domain." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -23,44 +112,51 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N3e641e7fa7754d9890cdcf3c98960cce" + "@id": "_:Nc6ad6f5e11c046b685ce09c86ab91092" + }, + { + "@id": "_:N22b178836b6e40bcbe8099a30293326c" + }, + { + "@id": "_:Na430c1ce1b954683a1960888daacfcc3" + }, + { + "@id": "_:Ndf158f9bc0b2416d8dcb8102841e1717" + }, + { + "@id": "_:N7dba678f31df46c5a36c0ae8f797a90e" }, { - "@id": "_:Nd1e380e08b9a4284b5f95c19ff5bba4d" + "@id": "_:N25a2c13491264e92bce59c7857b247b4" }, { - "@id": "_:Nd07ffbf925d6486790645bd4c847719f" + "@id": "_:N0a8d87003414460d9cc6e3958d2edd54" } ] }, { - "@id": "_:N3e641e7fa7754d9890cdcf3c98960cce", + "@id": "_:Nc6ad6f5e11c046b685ce09c86ab91092", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" } ] }, { - "@id": "_:Nd1e380e08b9a4284b5f95c19ff5bba4d", + "@id": "_:N22b178836b6e40bcbe8099a30293326c", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -70,20 +166,20 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" } ] }, { - "@id": "_:Nd07ffbf925d6486790645bd4c847719f", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:Na430c1ce1b954683a1960888daacfcc3", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/File" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -91,394 +187,282 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf)" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/assessedElement", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Ndf158f9bc0b2416d8dcb8102841e1717", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "Specifies an Element contained in a piece of software where a vulnerability was\nfound." + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Specifies the type of an external identifier." + "@id": "http://www.w3.org/ns/shacl#Literal" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "Specifies the exploit catalog type." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "@id": "_:N7dba678f31df46c5a36c0ae8f797a90e", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "A reference to additional license information related to an artifact." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "license" + "@id": "http://www.w3.org/ns/shacl#Literal" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "data type is not known." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@value": "noAssertion" + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "@id": "_:N25a2c13491264e92bce59c7857b247b4", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "hasTest" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/standardName" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N0a8d87003414460d9cc6e3958d2edd54", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "[package URL](https://github.com/package-url/purl-spec)" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#in": [ { - "@value": "packageUrl" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Identifies the full text of a License or Addition." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion" + } + ] } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/domain", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Captures the domain in which the AI package can be used." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locator", + "@id": "https://spdx.org/rdf/3.0.1/terms/", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#Ontology" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://purl.org/dc/terms/abstract": [ { "@language": "en", - "@value": "Provides the location of an external reference." + "@value": "This ontology defines the terms and relationships used in the SPDX specification to describe system packages" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://purl.org/dc/terms/created": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@type": "http://www.w3.org/2001/XMLSchema#date", + "@value": "2024-04-05" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Organization", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://purl.org/dc/terms/creator": [ { "@language": "en", - "@value": "A group of people who work together in an organized way for a shared purpose." + "@value": "SPDX Project" } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://purl.org/dc/terms/license": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" + "@id": "https://spdx.org/licenses/Community-Spec-1.0.html" } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://purl.org/dc/terms/references": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "https://spdx.dev/specifications/" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Package", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://purl.org/dc/terms/title": [ { "@language": "en", - "@value": "Refers to any unit of content that can be associated with a distribution of\nsoftware." + "@value": "System Package Data Exchange (SPDX) Ontology" } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact" + "@language": "en", + "@value": "System Package Data Exchange (SPDX) Ontology" } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2002/07/owl#versionIRI": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "https://spdx.org/rdf/3.0.1/terms/" } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nb0acda179f304d1794132f4600ad24f7" - }, - { - "@id": "_:N5634e24be10248b99c623a52d66a1902" - }, - { - "@id": "_:N8b0c4aa4191e4650856d739c21111635" - }, - { - "@id": "_:N43b5df2908794ef3b4a68fd39936375c" - }, + "https://www.omg.org/spec/Commons/AnnotationVocabulary/copyright": [ { - "@id": "_:N6614c874e0c34bd2b169f32bbe6daf6e" + "@language": "en", + "@value": "Copyright (C) 2024 SPDX Project" } ] }, { - "@id": "_:Nb0acda179f304d1794132f4600ad24f7", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" + "@value": "hasSpecification" } ] }, { - "@id": "_:N5634e24be10248b99c623a52d66a1902", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Identifies an external Element used within a Document but defined external to\nthat Document." } ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" - } - ] - }, - { - "@id": "_:N8b0c4aa4191e4650856d739c21111635", - "http://www.w3.org/ns/shacl#datatype": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" - } ] }, { - "@id": "_:N43b5df2908794ef3b4a68fd39936375c", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/homePage" + "@value": "eolNotice" } ] }, { - "@id": "_:N6614c874e0c34bd2b169f32bbe6daf6e", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "A concrete subclass of AnyLicenseInfo used by Individuals in the\nExpandedLicensing profile." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/created", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies when the Element was originally created." + "@value": "Specifies the time an artifact was released." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -488,48 +472,49 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Records the results of general safety risk assessment of the AI system." + "@value": "Provides information about the type of an SBOM." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Property describes the invocation entrypoint of a build." + "@value": "data is video based, such as a collection of movie clips featuring Tom Hanks." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "video" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifier", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/statement", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Uniquely identifies an external element." + "@value": "Commentary on an assertion that an annotator has made." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -539,207 +524,275 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A concrete subclass of AnyLicenseInfo used by Individuals in the\nExpandedLicensing profile." + "@value": "A relationship has specific context implications during an element's testing phase, during development." } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Identifies the download Uniform Resource Identifier for the package at the time\nthat the document was created." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Agent represents anything with the potential to act on a system." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Describes if a given file is a directory or non-directory kind of file." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" + "@value": "test" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies the tooling that was used during the creation of the Element." + "@value": "Identifies who or what created the Element." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Tool" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Element is an Artifact that can be run on a computer" + "@value": "A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "executable" + "@value": "securityAdvisory" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships." + "@value": "A relationship has specific context implications during an element's build phase, during development." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "doesNotAffect" + "@value": "build" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to the issue tracker for a package." + "@value": "the Element is an archived collection of one or more files (.tar, .zip, etc)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "issueTracker" + "@value": "archive" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef", "@type": [ "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Base domain class from which all other SPDX-3.0 domain classes derive." + "@value": "A reference to a resource outside the scope of SPDX-3.0 content related to an Element." } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Nab73bcdc12e44136bdff21b9e133e8a8" + "@id": "_:Nc2d082d0db9145588f65a04c1abd42d6" }, { - "@id": "_:N0650251630934629b3b7973585e71b80" + "@id": "_:N1a76c1408bb74c33af0136f06b6e35a0" }, { - "@id": "_:Nff697db08dba4dd1987d257b6432d7ab" + "@id": "_:N5bb4317082934fafa2ebba9f4b32dd64" }, { - "@id": "_:N229a18e960c942c6815157a7732961db" - }, - { - "@id": "_:Nfe77e537d19a4bfab28de15ab4179b0b" - }, - { - "@id": "_:N18b20436a2914b658bf4aa6cc39435c3" - }, - { - "@id": "_:N334b85bcbf854f42ba18076586bb2864" - }, - { - "@id": "_:N121cdf41235542e9b4c9bbe29eeef3ca" - }, - { - "@id": "_:N9415a4ea8bc942dba892646c48f76727" + "@id": "_:N2271ff01e65c414e9230537e23a9bf7e" } ] }, { - "@id": "_:Nab73bcdc12e44136bdff21b9e133e8a8", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:Nc2d082d0db9145588f65a04c1abd42d6", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + } + ], + "http://www.w3.org/ns/shacl#in": [ + { + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment" + } + ] } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -749,27 +802,22 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/name" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" } ] }, { - "@id": "_:N0650251630934629b3b7973585e71b80", + "@id": "_:N1a76c1408bb74c33af0136f06b6e35a0", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -777,12 +825,12 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/summary" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locator" } ] }, { - "@id": "_:Nff697db08dba4dd1987d257b6432d7ab", + "@id": "_:N5bb4317082934fafa2ebba9f4b32dd64", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -800,12 +848,17 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/description" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType" + } + ], + "http://www.w3.org/ns/shacl#pattern": [ + { + "@value": "^[^\\/]+\\/[^\\/]+$" } ] }, { - "@id": "_:N229a18e960c942c6815157a7732961db", + "@id": "_:N2271ff01e65c414e9230537e23a9bf7e", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -828,178 +881,255 @@ ] }, { - "@id": "_:Nfe77e537d19a4bfab28de15ab4179b0b", - "http://www.w3.org/ns/shacl#class": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" + "@language": "en", + "@value": "A reference to a social media channel for a package." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "socialMedia" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element." } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" + "@id": "_:N1a75e41265b5479d81634e78ece917a0" + }, + { + "@id": "_:N490fbc89f4864b2e8d981461d1b22d74" + }, + { + "@id": "_:N73eb7604b32546febc5ee84fa03f0812" + }, + { + "@id": "_:N238482239d344520865a260114074cb8" + }, + { + "@id": "_:N379a06fc897245488a302350ec18256a" } ] }, { - "@id": "_:N18b20436a2914b658bf4aa6cc39435c3", + "@id": "_:N1a75e41265b5479d81634e78ece917a0", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + } + ], + "http://www.w3.org/ns/shacl#in": [ + { + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme" + } + ] + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" } ] }, { - "@id": "_:N334b85bcbf854f42ba18076586bb2864", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:N490fbc89f4864b2e8d981461d1b22d74", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef" + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifier" } ] }, { - "@id": "_:N121cdf41235542e9b4c9bbe29eeef3ca", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:N73eb7604b32546febc5ee84fa03f0812", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" } ] }, { - "@id": "_:N9415a4ea8bc942dba892646c48f76727", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:N238482239d344520865a260114074cb8", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/extension" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N379a06fc897245488a302350ec18256a", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "Provides a place for the SPDX data creator to record the package URL string\n(in accordance with the\n[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst))\nfor a software Package." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "swid" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`." + "@value": "Element is configuration data" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "swhid" + "@value": "configuration" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is an archived collection of one or more files (.tar, .zip, etc)" + "@value": "Every `to` Element is an example for the `from` Element (`from` hasExample `to`)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "archive" + "@value": "hasExample" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -1007,33 +1137,25 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a CVSS version 4 assessment for a vulnerability." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" + "@value": "The class that helps note down the quantity of energy consumption and the unit\nused for measurement." } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N8c7afb91230d460ca7bce4a139bca174" - }, - { - "@id": "_:N565fce870cc440eaa012d0dafe373899" + "@id": "_:N7b29c2ce18474e75812c59e976bd9113" }, { - "@id": "_:Nfe31c02b1509407b89ff9e91143f9810" + "@id": "_:N9b6f79f37f2d4ff087b74968417e392b" } ] }, { - "@id": "_:N8c7afb91230d460ca7bce4a139bca174", + "@id": "_:N7b29c2ce18474e75812c59e976bd9113", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#decimal" @@ -1056,34 +1178,28 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" } ] }, { - "@id": "_:N565fce870cc440eaa012d0dafe373899", + "@id": "_:N9b6f79f37f2d4ff087b74968417e392b", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" } ], "http://www.w3.org/ns/shacl#in": [ { "@list": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other" } ] } @@ -1105,15 +1221,47 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "A map of Element identifiers that are used within a Document but defined external to that Document." + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#BlankNode" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:N9dc9e9c4e8ed4d52a6d725d5b5bac68f" + }, + { + "@id": "_:Ne0bbfda8fc6e4019a6f18a8f1c3d968e" + }, + { + "@id": "_:Ne19de6ee400642a58e8310711673063c" + }, + { + "@id": "_:Nac59286bbf2147e2ab90f6356b0d34a2" } ] }, { - "@id": "_:Nfe31c02b1509407b89ff9e91143f9810", + "@id": "_:N9dc9e9c4e8ed4d52a6d725d5b5bac68f", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -1133,150 +1281,192 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "@id": "_:Ne0bbfda8fc6e4019a6f18a8f1c3d968e", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "A reference to a dynamic analysis report for a package." + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "dynamicAnalysisReport" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/name", + "@id": "_:Ne19de6ee400642a58e8310711673063c", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint" + } + ] + }, + { + "@id": "_:Nac59286bbf2147e2ab90f6356b0d34a2", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies the name of an Element as designated by the creator." + "@value": "Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/name", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Captures the size of the dataset." + "@value": "Identifies the name of an Element as designated by the creator." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#nonNegativeInteger" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Designates elements as products where the impact of a vulnerability is being\ninvestigated." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" + "@value": "the Element is used to install software on disk" } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "install" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated." + "@value": "BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "blake2b512" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType", "@type": [ "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the CVSS base, temporal, threat, or environmental severity type." + "@value": "Categories of presence or absence." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides the license under which the SPDX documentation of the Element can be\nused." + "@value": "Describes methods that can be used to explain the results from the AI model." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the Software profile specification" + "@value": "Provides information about the content type of an Element or a Property." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "software" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/File", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -1284,33 +1474,105 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Refers to any object that stores content on a computer." + "@value": "An SPDX version 2.X compatible verification method for software packages." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N334c6e67c3924cb888dfa06b0a4bcf49" + "@id": "_:N16adf2da07b9401e9e3933804f081e1f" + }, + { + "@id": "_:Neb1a74c2615b4ea8890ecdab161b56b1" }, { - "@id": "_:N78b768e9eeb7431ab83357f7160c65dc" + "@id": "_:N458887b5c24f429f96910b8904c3ab1b" } ] }, { - "@id": "_:N334c6e67c3924cb888dfa06b0a4bcf49", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N16adf2da07b9401e9e3933804f081e1f", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + } + ], + "http://www.w3.org/ns/shacl#in": [ + { + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512" + } + ] } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -1318,77 +1580,70 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": 1 } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#pattern": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "^[^\\/]+\\/[^\\/]+$" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm" } ] }, { - "@id": "_:N78b768e9eeb7431ab83357f7160c65dc", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:Neb1a74c2615b4ea8890ecdab161b56b1", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory" - } - ] + "@value": 1 } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#minCount": [ { "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N458887b5c24f429f96910b8904c3ab1b", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "A reference to binary artifacts related to a package." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "binaryArtifact" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" @@ -1396,129 +1651,69 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)." + "@value": "BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "sha256" + "@value": "blake2b384" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A license exception that is listed on the SPDX Exceptions list." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" - } - ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N83b025728c124c1d884a5f3da3056b6d" - }, - { - "@id": "_:Nd5d3ec9436fc4813acba9ba43b532d73" - } - ] - }, - { - "@id": "_:N83b025728c124c1d884a5f3da3056b6d", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" - } - ] - }, - { - "@id": "_:Nd5d3ec9436fc4813acba9ba43b532d73", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": "Specifies the value of the content identifier." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate", + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies the full text of a License, in SPDX templating format." + "@value": "Property that describes the time at which a build stops." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "data consists only of numeric entries." + "@value": "A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "numeric" + "@value": "securityThreatModel" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/File", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -1526,12 +1721,12 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Portion of an AnyLicenseInfo representing this version, or any later version,\nof the indicated License." + "@value": "Refers to any object that stores content on a computer." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -1541,15 +1736,18 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Nfa6200b25f1f4064bcec07904bb825a6" + "@id": "_:Na941d627c7724e98bcb0d347e988398f" + }, + { + "@id": "_:N9ae188152c5946508b1c13a726d2999c" } ] }, { - "@id": "_:Nfa6200b25f1f4064bcec07904bb825a6", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:Na941d627c7724e98bcb0d347e988398f", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -1557,173 +1755,190 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": 1 + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" + "@value": "^[^\\/]+\\/[^\\/]+$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "@id": "_:N9ae188152c5946508b1c13a726d2999c", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#in": [ { - "@language": "en", - "@value": "data is audio based, such as a collection of music from the 80s." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "audio" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/imports", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Provides an ExternalMap of Element identifiers." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Records if sensitive personal information is used during model training or\ncould be used during the inference." + "@value": "Provides advise on how to mitigate or remediate a vulnerability when a VEX product\nis affected by it." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software." + "@value": "Element represents software that controls hardware devices" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + "@value": "deviceDriver" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license." + "@value": "the Element is a machine learning or artificial intelligence model" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasConcludedLicense" + "@value": "model" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The field describes the availability of a dataset." + "@value": "Provides an IntegrityMethod with which the integrity of an Element can be\nasserted." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Makes no assertion about the field." + "@value": "SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "noAssertion" + "@value": "design" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/assessedElement", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies an Element contained in a piece of software where a vulnerability was\nfound." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent." + "@value": "data that is classified into a discrete number of categories, such as the eye color of a population of people." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "publishedBy" + "@value": "categorical" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship", "@type": [ "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Asbtract ancestor class for all VEX relationships" + "@value": "Provides an EPSS assessment for a vulnerability." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ @@ -1738,18 +1953,18 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N6b5afdf8606149bb83b25b55a2bd8e97" + "@id": "_:Na5161ef9d7e6498e9905abf6e5ebd576" }, { - "@id": "_:N8b9ac292c0eb403686a34ab60147a003" + "@id": "_:N9ecb9fd1d45a4eb89c6be986162ce3b4" } ] }, { - "@id": "_:N6b5afdf8606149bb83b25b55a2bd8e97", + "@id": "_:Na5161ef9d7e6498e9905abf6e5ebd576", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#decimal" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -1757,6 +1972,11 @@ "@value": 1 } ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -1764,15 +1984,15 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/probability" } ] }, { - "@id": "_:N8b9ac292c0eb403686a34ab60147a003", + "@id": "_:N9ecb9fd1d45a4eb89c6be986162ce3b4", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#decimal" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -1780,6 +2000,11 @@ "@value": 1 } ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -1787,261 +2012,200 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/percentile" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/scope", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Capture the scope of information about a specific relationship between elements." + "@value": "[Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" + "@value": "gitoid" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Provides a place for the SPDX data creator to record acknowledgement text for\na software Package, File or Snippet." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file)." + "@value": "Indicates presence of the field." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasDistributionArtifact" + "@value": "yes" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Represents the energy quantity." + "@value": "A canonical, unique, immutable identifier" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "The version of the SPDX License List used in the license expression." + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "_:Ncf66bd72d323420ab0e7641bf68c07d8" + }, + { + "@id": "_:Nf5cc84c4f6b14fbdb33000f1db645100" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Ncf66bd72d323420ab0e7641bf68c07d8", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "Provides information about the creation of the Element." + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#in": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid" + } + ] } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "text" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Describes the confidentiality level of the data points contained in the dataset." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/", - "@type": [ - "http://www.w3.org/2002/07/owl#Ontology" - ], - "http://purl.org/dc/terms/abstract": [ - { - "@language": "en", - "@value": "This ontology defines the terms and relationships used in the SPDX specification to describe system packages" - } - ], - "http://purl.org/dc/terms/created": [ - { - "@type": "http://www.w3.org/2001/XMLSchema#date", - "@value": "2024-04-05" - } - ], - "http://purl.org/dc/terms/creator": [ - { - "@language": "en", - "@value": "SPDX Project" - } - ], - "http://purl.org/dc/terms/license": [ - { - "@id": "https://spdx.org/licenses/Community-Spec-1.0.html" - } - ], - "http://purl.org/dc/terms/references": [ + "@id": "_:Nf5cc84c4f6b14fbdb33000f1db645100", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.dev/specifications/" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ], - "http://purl.org/dc/terms/title": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "System Package Data Exchange (SPDX) Ontology" + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@language": "en", - "@value": "System Package Data Exchange (SPDX) Ontology" + "@value": 1 } ], - "http://www.w3.org/2002/07/owl#versionIRI": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "https://www.omg.org/spec/Commons/AnnotationVocabulary/copyright": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "Copyright (C) 2024 SPDX Project" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Used when there is a security related identifier of unspecified type." + "@value": "A reference to a quality assessment for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "securityOther" + "@value": "qualityAssessmentReport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "data is of a type not included in this list." + "@value": "The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "other" + "@value": "invokedBy" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/created", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries." + "@value": "Identifies when the Element was originally created." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "securityAdvisory" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -2049,257 +2213,183 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a quality assessment for a package." + "@value": "A reference to funding information related to a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "qualityAssessmentReport" + "@value": "funding" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/description", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a detailed description of the Element." + "@value": "The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "hasProvidedDependency" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource." + "@value": "the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "urlScheme" + "@value": "query" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Dataset can be shared within a community of peers and partners." + "@value": "Specifies a vulnerability and its associated information." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": "green" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "The file represents a single file (default)." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#property": [ { - "@value": "file" + "@id": "_:Ne61da332ff1a4310b6f1745c30778c24" + }, + { + "@id": "_:Ned2355a0564947a58327b6987b9642f1" + }, + { + "@id": "_:Nfef90442b8154fefbe5da36e6073d7e2" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/statement", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Ne61da332ff1a4310b6f1745c30778c24", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "Commentary on an assertion that an annotator has made." + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metric", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Records the measurement of prediction quality of the AI model." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + "@id": "http://www.w3.org/ns/shacl#Literal" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "Records the type of the model used in the AI software." + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/summary", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "A short description of an Element." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "@id": "_:Ned2355a0564947a58327b6987b9642f1", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Element is a bill of materials" + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "bom" + "@id": "http://www.w3.org/ns/shacl#Literal" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack." + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@value": "vulnerableCodeCannotBeControlledByAdversary" + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "@id": "_:Nfef90442b8154fefbe5da36e6073d7e2", + "http://www.w3.org/ns/shacl#datatype": [ { - "@value": "hasDataFile" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "[FALCON](https://falcon-sign.info/falcon.pdf)" + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "falcon" + "@id": "http://www.w3.org/ns/shacl#Literal" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "A canonical, unique, immutable identifier of the artifact content, that may be\nused for verifying its identity and/or integrity." + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier" + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent", "@type": [ "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A license that is not listed on the SPDX License List." + "@value": "Agent represents anything with the potential to act on a system." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -2309,7 +2399,7 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" @@ -2317,53 +2407,53 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the artifact is in active development and is not considered ready for formal support from the supplier." + "@value": "there is no support for the artifact from the supplier, consumer assumes any support obligations." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "development" + "@value": "noSupport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Used when the type does not match any of the other options." + "@value": "[Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "other" + "@value": "cwe" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[Dilithium](https://pq-crystals.org/dilithium/)" + "@value": "The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "crystalsDilithium" + "@value": "delegatedTo" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -2371,83 +2461,85 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to the instant messaging system used by the maintainer for a package." + "@value": "A reference to a export control assessment for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "chat" + "@value": "exportControlAssessment" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A relationship has specific context implications during an element's design." + "@value": "[BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "design" + "@value": "blake3" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Maps a LicenseRef or AdditionRef string for a Custom License or a Custom\nLicense Addition to its URI ID." + "@value": "[Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + "@value": "urlScheme" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Element contains a set of changes to update, fix, or improve another Element" + "@value": "SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "patch" + "@value": "sha3_384" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact", "@type": [ "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A collection of SPDX Elements that could potentially be serialized." + "@value": "A distinct article or unit related to Software." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -2457,235 +2549,310 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N84d3f49b221445bfaa70109ced77c4f1" + "@id": "_:N4a8fb15298bb4222b4f414abfdf61d32" }, { - "@id": "_:Ncd1edc5d29a44c0bbad0eaecc768c508" + "@id": "_:N48e2cb56f0c84c3e9cc0c5a141d46a8a" }, { - "@id": "_:N594f34cd0a824b26a5fc939f60ac3246" - } - ] - }, - { - "@id": "_:N84d3f49b221445bfaa70109ced77c4f1", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/imports" - } - ] - }, - { - "@id": "_:Ncd1edc5d29a44c0bbad0eaecc768c508", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "@id": "_:N42906b07290442ba96f13877a585b4b9" + }, { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" - } - ], - "http://www.w3.org/ns/shacl#path": [ + "@id": "_:N89f17e54b5ea46d4918dea4a3e272912" + }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" + "@id": "_:Nf14ac93643714b5dacc00c9c104f8c03" } ] }, { - "@id": "_:N594f34cd0a824b26a5fc939f60ac3246", + "@id": "_:N4a8fb15298bb4222b4f414abfdf61d32", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "the Element is a machine learning or artificial intelligence model" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#in": [ { - "@value": "model" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "The `from` archive expands out as an artifact described by each `to` Element." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "expandsTo" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Specifies the level of support associated with an artifact." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N48e2cb56f0c84c3e9cc0c5a141d46a8a", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "Every `to` Element is a variant the `from` Element (`from` hasVariant `to`)." + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#in": [ { - "@value": "hasVariant" + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test" + } + ] } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "A value used in a CdxExtension name-value pair." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Sbom", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N42906b07290442ba96f13877a585b4b9", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "A collection of SPDX Elements describing a single package." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bom" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#property": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:Ne88f1a21fba3493196c21592f8b8c26f" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" } ] }, { - "@id": "_:Ne88f1a21fba3493196c21592f8b8c26f", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:N89f17e54b5ea46d4918dea4a3e272912", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed" - } - ] + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText" + } + ] + }, + { + "@id": "_:Nf14ac93643714b5dacc00c9c104f8c03", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -2693,197 +2860,199 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to funding information related to a package." + "@value": "A reference to an alternative web page." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "funding" + "@value": "altWebPage" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes the anonymization methods used." + "@value": "The affected code is not reachable through the execution of the code, including non-anticipated states of the product." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "vulnerableCodeNotInExecutePath" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bom", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A container for a grouping of SPDX-3.0 content characterizing details\n(provenence, composition, licensing, etc.) about a product." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle" + "@value": "Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`)." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "hasOptionalComponent" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/Element" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/)." + "@value": "An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number)." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "cwe" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/2002/07/owl#sameAs": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element statically links in each `to` Element, during a LifecycleScopeType period." + "@value": "the element follows the Software profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasStaticLink" + "@value": "software" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the Core profile specification" + "@value": "A relationship has specific context implications during the execution phase of an element." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "core" + "@value": "runtime" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "When a CVSS score is 0.0" + "@value": "Specifies whether the License is listed as free by the\n[Free Software Foundation (FSF)](https://fsf.org)." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "none" + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies whether a license or additional text identifier has been marked as\ndeprecated." + "@value": "(AI, Dataset) The `from` Element has been trained on the `to` Element(s)." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" + "@value": "trainedOn" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bom", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A buildType is a hint that is used to indicate the toolchain, platform, or\ninfrastructure that the build was invoked on." + "@value": "A container for a grouping of SPDX-3.0 content characterizing details\n(provenence, composition, licensing, etc.) about a product." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Element is configuration data" - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "configuration" + "@value": "Specifies the exploit catalog type." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Captures a standard that is being complied with." + "@value": "A relationship has specific context implications during an element's design." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "design" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Hash", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Package", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -2891,102 +3060,42 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A mathematically calculated representation of a grouping of data." + "@value": "Refers to any unit of content that can be associated with a distribution of\nsoftware." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Nf00b81ad7ca44af6b4e61198049f4bae" + "@id": "_:N8a9c243009c147dab01cab1e2db924f2" + }, + { + "@id": "_:Ne01d20e60cc948e28cfa50b92bd7841f" + }, + { + "@id": "_:Nafba000521b74f7b883b3501c31ce0f5" + }, + { + "@id": "_:Nad171165d7864f4389f367d7ed9b792a" }, { - "@id": "_:Ncc2ce3cb0a1c40df9da785a3a532ce96" + "@id": "_:Nede7c1a745a744088619ab6a905cffaa" } ] }, { - "@id": "_:Nf00b81ad7ca44af6b4e61198049f4bae", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" - } - ], - "http://www.w3.org/ns/shacl#in": [ + "@id": "_:N8a9c243009c147dab01cab1e2db924f2", + "http://www.w3.org/ns/shacl#datatype": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512" - } - ] + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -2994,27 +3103,22 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion" } ] }, { - "@id": "_:Ncc2ce3cb0a1c40df9da785a3a532ce96", + "@id": "_:Ne01d20e60cc948e28cfa50b92bd7841f", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -3022,7 +3126,25 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation" + } + ] + }, + { + "@id": "_:Nafba000521b74f7b883b3501c31ce0f5", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ { "@value": 1 } @@ -3034,137 +3156,159 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "@id": "_:Nad171165d7864f4389f367d7ed9b792a", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "A reference to an alternative download location." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "altDownloadLocation" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/homePage" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "@id": "_:Nede7c1a745a744088619ab6a905cffaa", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "eolNotice" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property." + "@value": "Provides the license under which the SPDX documentation of the Element can be\nused." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "gitoid" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step)." + "@value": "A license that is listed on the SPDX License List." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": "invokedBy" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Describes relevant information about different steps of the training process." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "_:Nc6de26abb1ae46efb761c016c4e14d6a" + }, + { + "@id": "_:Nc16563e2f9654cb582df41acab68eed6" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "@id": "_:Nc6de26abb1ae46efb761c016c4e14d6a", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Provides a set of values to be used to describe the common types of SBOMs that\ntools may create." + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "@id": "_:Nc16563e2f9654cb582df41acab68eed6", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Describes one a profile which the creator of this ElementCollection intends to\nconform to." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/locator", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides the location of an exploit catalog." + "@value": "Provides an indication of where to retrieve an external Element." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -3174,350 +3318,870 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes a relationship between one or more elements." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": "The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "hasDynamicLink" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N01bedce58ff844339283349897b23b39" - }, - { - "@id": "_:N9f1a516e72f2441fa1dbe08f3083c0a5" - }, - { - "@id": "_:Nd18adf36cbf54423b6154234d5f25535" - }, - { - "@id": "_:N4f9bf0019bd64042ae3a01272500c3ff" - }, - { - "@id": "_:N3955fc01445e4d8c8efdb548d6f3fe02" - }, + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "_:Nc652d63861a94e258b52ef0606636b7e" + "@language": "en", + "@value": "Specifies the safety risk level." } ] }, { - "@id": "_:N01bedce58ff844339283349897b23b39", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`)." } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "hasAddedFile" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/from" + "@value": "mavenCentral" } ] }, { - "@id": "_:N9f1a516e72f2441fa1dbe08f3083c0a5", - "http://www.w3.org/ns/shacl#class": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@language": "en", + "@value": "any hashing algorithm that does not exist in this list of entries" } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "other" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "The `from` Element generates each `to` Element." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/to" + "@value": "generates" } ] }, { - "@id": "_:Nd18adf36cbf54423b6154234d5f25535", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Describes the anonymization methods used." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies the type of the external identifier." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Defines the original host file that the snippet information applies to." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/File" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "A reference to metrics related to package such as OpenSSF scorecards." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "metrics" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Provides a reference number that can be used to understand how to parse and interpret an Element." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespace", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Provides an unambiguous mechanism for conveying a URI fragment portion of an\nElementID." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Records any relevant background information or additional comments\nabout the origin of the package." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Explains why a VEX product is not affected by a vulnerability. It is an\nalternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable\njustification label." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/imports", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Provides an ExternalMap of Element identifiers." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "The result of applying a hash algorithm to an Element." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "The `from` Element is documented by each `to` Element." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "hasDocumentation" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifier", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Uniquely identifies an external element." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "deployed" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Categories of confidentiality level." + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "The `from` Element is amended by each `to` Element." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "amendedBy" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "A reference to a privacy assessment for a package." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "privacyAssessment" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Element is data" } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn" - }, + "@value": "data" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "swhid" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "The third-highest level of risk posed by an AI system." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "medium" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`)." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "hasDeletedFile" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Element is an Artifact that can be run on a computer" + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "executable" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Information about the relationship between two Elements." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Annotation", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "An assertion made in relation to one or more elements." + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:N04278d17456b4fea99b3634ca77514ef" + }, + { + "@id": "_:N4b39c15ea8a54e4f8e723c9e810719e2" + }, + { + "@id": "_:Na7a5192e768d487b8c79ff79532349a7" + }, + { + "@id": "_:Nbc40f5fa9a2e4706a588121af5216404" + } + ] + }, + { + "@id": "_:N04278d17456b4fea99b3634ca77514ef", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" + } + ], + "http://www.w3.org/ns/shacl#in": [ + { + "@list": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review" } ] } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType" + } + ] + }, + { + "@id": "_:N4b39c15ea8a54e4f8e723c9e810719e2", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType" + } + ], + "http://www.w3.org/ns/shacl#pattern": [ + { + "@value": "^[^\\/]+\\/[^\\/]+$" + } + ] + }, + { + "@id": "_:Na7a5192e768d487b8c79ff79532349a7", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/statement" + } + ] + }, + { + "@id": "_:Nbc40f5fa9a2e4706a588121af5216404", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/subject" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies the type of the content identifier." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/Build", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Class that describes a build instance of software/artifacts." + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:N0e0a788f2b4f46c38d2707a5aa86aaa1" + }, + { + "@id": "_:Nac1f08287b204cf8a3d7ba2fbf28eb68" + }, + { + "@id": "_:N279f5731efce43d2ad8bf0716454859e" + }, + { + "@id": "_:N74f69b212d0e48a48206fcdafc6e654b" + }, + { + "@id": "_:N815748f99667432bb510575f48d4bfba" + }, + { + "@id": "_:N0d41a83f609c410d919c966118ebddd4" + }, + { + "@id": "_:N880dbad4a2034d6da9b4e856b82f261d" + }, + { + "@id": "_:N78ceebe07fc842fe887e8a5ffcbcd720" + }, + { + "@id": "_:Nd5d43a7121a641c4836501c1746381cd" + } + ] + }, + { + "@id": "_:N0e0a788f2b4f46c38d2707a5aa86aaa1", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildType" + } + ] + }, + { + "@id": "_:Nac1f08287b204cf8a3d7ba2fbf28eb68", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": 1 + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildId" + } + ] + }, + { + "@id": "_:N279f5731efce43d2ad8bf0716454859e", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" + } + ] + }, + { + "@id": "_:N74f69b212d0e48a48206fcdafc6e654b", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" } ] }, { - "@id": "_:N4f9bf0019bd64042ae3a01272500c3ff", + "@id": "_:N815748f99667432bb510575f48d4bfba", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Hash" } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion" - } - ] + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" + } + ] + }, + { + "@id": "_:N0d41a83f609c410d919c966118ebddd4", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/completeness" + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/parameters" } ] }, { - "@id": "_:N3955fc01445e4d8c8efdb548d6f3fe02", + "@id": "_:N880dbad4a2034d6da9b4e856b82f261d", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" @@ -3535,7 +4199,7 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/startTime" + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" } ], "http://www.w3.org/ns/shacl#pattern": [ @@ -3545,7 +4209,7 @@ ] }, { - "@id": "_:Nc652d63861a94e258b52ef0606636b7e", + "@id": "_:N78ceebe07fc842fe887e8a5ffcbcd720", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" @@ -3563,7 +4227,7 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endTime" + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" } ], "http://www.w3.org/ns/shacl#pattern": [ @@ -3573,154 +4237,156 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "(Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "affects" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Tool", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Nd5d43a7121a641c4836501c1746381cd", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "An element of hardware and/or software utilized to carry out a particular function." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/environment" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Hash", "@type": [ "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Abstract class for the portion of an AnyLicenseInfo representing a license." + "@value": "A mathematically calculated representation of a grouping of data." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N27252e69a03245368441034ac3cc5c9a" - }, - { - "@id": "_:N6c9a5745db4045c692aebffdbbe7577e" - }, - { - "@id": "_:N9c20cf7f874242109f6ae2b024d828b8" - }, - { - "@id": "_:N832f47c969e649a69a129e3cf4bbb373" - }, - { - "@id": "_:Naa63031a8cfb4caab4f384ab084f19b5" - }, - { - "@id": "_:N965be298afc34fdf934955d440483ea1" - }, - { - "@id": "_:N3772d5d9a1964f14bbd082b9296a87ca" - }, - { - "@id": "_:N4fbf642409604d859d9c7ca76883962b" + "@id": "_:N0db21cdf4c384f56aafae6575d96629c" }, { - "@id": "_:N9bd556cfcd7e439395c598f9e0ceae74" + "@id": "_:N336df2c5fed744f389c80be05c46ebda" } ] }, { - "@id": "_:N27252e69a03245368441034ac3cc5c9a", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N0db21cdf4c384f56aafae6575d96629c", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#in": [ { - "@value": 1 + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512" + } + ] } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#maxCount": [ { "@value": 1 } ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" - } - ] - }, - { - "@id": "_:N6c9a5745db4045c692aebffdbbe7577e", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#minCount": [ { "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm" } ] }, { - "@id": "_:N9c20cf7f874242109f6ae2b024d828b8", + "@id": "_:N336df2c5fed744f389c80be05c46ebda", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -3728,25 +4394,7 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" - } - ] - }, - { - "@id": "_:N832f47c969e649a69a129e3cf4bbb373", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#minCount": [ { "@value": 1 } @@ -3758,146 +4406,190 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue" } ] }, { - "@id": "_:Naa63031a8cfb4caab4f384ab084f19b5", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "The relationship is known not to be exhaustive." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "incomplete" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/prefix", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A substitute for a URI." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:N965be298afc34fdf934955d440483ea1", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "Provides a numerical (0-10) representation of the severity of a vulnerability." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": 1 + "@id": "http://www.w3.org/2001/XMLSchema#decimal" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "data consists only of numeric entries." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" + "@value": "numeric" } ] }, { - "@id": "_:N3772d5d9a1964f14bbd082b9296a87ca", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" + "@value": "describes" } ] }, { - "@id": "_:N4fbf642409604d859d9c7ca76883962b", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "Makes no assertion about the field." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "noAssertion" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" + "@value": "track" } ] }, { - "@id": "_:N9bd556cfcd7e439395c598f9e0ceae74", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "hasOutputs" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/limitation", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Captures a limitation of the AI software." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the type of the external identifier." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "@value": "Specifies the type of an external identifier." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes a mechanism to update the dataset." + "@value": "Describes all the preprocessing steps applied to the training data before the\nmodel training." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -3907,312 +4599,297 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a privacy assessment for a package." + "@value": "data is stored in tabular format or retrieved from a relational database." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "privacyAssessment" + "@value": "structured" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element is amended by each `to` Element." + "@value": "An entity that is authorized to issue identification credentials." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "amendedBy" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "exploitCreatedBy" + "@value": "Provides information about the primary purpose of an Element." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to the release notes for a package." + "@value": "The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "releaseNotes" + "@value": "hasInputs" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/sensor", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes a sensor used for collecting the data." + "@value": "SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + "@value": "source" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "No assertion can be made about the completeness of the relationship." + "@value": "the Element refers to a chipset, processor, or electronic board" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "noAssertion" + "@value": "device" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/exploited", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog." + "@value": "Used when there is a security related identifier of unspecified type." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" + "@value": "securityOther" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to an artifact containing the sources for a package." + "@value": "Identifies from where or whom the Element originally came." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "sourceArtifact" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/Element" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security) Used to associate a `from` Artifact with each `to` Vulnerability." + "@value": "An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "hasAssociatedVulnerability" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/2002/07/owl#sameAs": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`)." + "@value": "SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "packagedBy" + "@value": "sha384" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Indicates absence of the field." + "@value": "Indicates whether the system can perform a decision or action without human\ninvolvement or guidance." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "no" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Contains a URL where the License or LicenseAddition can be found in use." + "@value": "The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@value": "configures" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator", + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides the location for more information regarding an external identifier." + "@value": "Property describes the invocation entrypoint of a build." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType", "@type": [ "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the safety risk level." + "@value": "Specifies the SSVC decision type." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Links a vulnerability and one or more elements designating the latter as products\nnot affected by the vulnerability." + "@value": "SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874)." } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" + "@value": "sha224" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nbd26c14b29914edcb6b1af22a23596cf" - }, - { - "@id": "_:Ne9db3edc0820424284490d16313a1d57" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:Ne1e293c61fa94dd783956b433df71aac" + "@value": "attend" } ] }, { - "@id": "_:Nbd26c14b29914edcb6b1af22a23596cf", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist" - } - ] + "@language": "en", + "@value": "A license exception that is listed on the SPDX Exceptions list." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -4220,14 +4897,17 @@ "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/justificationType" + "@id": "_:Na383bb53d0034891a0ff1f8d05f4118c" + }, + { + "@id": "_:N543f972e50454cb7b9fb37bf2b655ba7" } ] }, { - "@id": "_:Ne9db3edc0820424284490d16313a1d57", + "@id": "_:Na383bb53d0034891a0ff1f8d05f4118c", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -4245,15 +4925,15 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" } ] }, { - "@id": "_:Ne1e293c61fa94dd783956b433df71aac", + "@id": "_:N543f972e50454cb7b9fb37bf2b655ba7", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -4268,440 +4948,457 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ - { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[Kyber](https://pq-crystals.org/kyber/)" + "@value": "the element follows the Build profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "crystalsKyber" + "@value": "build" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a export control assessment for a package." + "@value": "MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "exportControlAssessment" + "@value": "md2" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" + "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage." + "@value": "A relationship has specific context implications during development phase of an element." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "clickthrough" + "@value": "development" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/value", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/element", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A value used in a generic key-value pair." + "@value": "Refers to one or more Elements that are part of an ElementCollection." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A relationship has specific context implications during development phase of an element." + "@value": "Provides a CVSS version 4 assessment for a vulnerability." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": "development" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Specifies the licenseId that is preferred to be used in place of a deprecated\nLicense or LicenseAddition." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "_:Nf715beffb935446e9489e94221f85169" + }, + { + "@id": "_:N2fd8a49e348d4613967dccc0f8038951" + }, + { + "@id": "_:N47e842bb397e42b8b07961552884d36d" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "@id": "_:Nf715beffb935446e9489e94221f85169", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#decimal" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "blake2b256" + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "@id": "_:N2fd8a49e348d4613967dccc0f8038951", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#in": [ { - "@language": "en", - "@value": "Provides a reference number that can be used to understand how to parse and interpret an Element." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" + "@id": "_:N47e842bb397e42b8b07961552884d36d", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "A relationship has specific context implications during the execution phase of an element." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "runtime" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174)." + "@value": "Conveys information about how VEX status was determined." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "sha1" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The file represents a directory and all content stored in that directory." + "@value": "data is recorded from a physical sensor, such as a thermometer reading or biometric device." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "directory" + "@value": "sensor" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`)." + "@value": "the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "delegatedTo" + "@value": "file" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies from where or whom the Element originally came." + "@value": "A license expression participating in a license set." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." + "@value": "the Element is the evidence that a specification or requirement has been fulfilled" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "sha3_384" + "@value": "evidence" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Defines the original host file that the snippet information applies to." + "@value": "The file represents a directory and all content stored in that directory." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/File" + "@value": "directory" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A license expression participating in a license set." + "@value": "Records if sensitive personal information is used during model training or\ncould be used during the inference." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes the type of annotation." + "@value": "SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" + "@value": "sha3_512" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element doesn't fit into any of the other categories" + "@value": "Provides information about the creation of the Element." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "other" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#property": [ { - "@language": "en", - "@value": "Enumeration of dataset types." - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N81186afece6d4607afcce40e308d4f5b" + }, { - "@language": "en", - "@value": "Indicates the type of support that is associated with an artifact." + "@id": "_:N370f0a0806084c79bb384aaa5055934e" + }, + { + "@id": "_:Ne46e39537aa14acbb681ae6b64bad82e" + }, + { + "@id": "_:N5b72b47819a642febfd79bda5a4d1649" + }, + { + "@id": "_:N455a384ce9cd4dc6a436d35c9165e0a6" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N81186afece6d4607afcce40e308d4f5b", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "Specifies the type of the external reference." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@language": "en", - "@value": "A reference build metadata related to a published package." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "buildMeta" + "@id": "http://www.w3.org/ns/shacl#Literal" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "the Element is a plan, guideline or strategy how to create, perform or analyse an application" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@value": "specification" + "@value": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "@id": "_:N370f0a0806084c79bb384aaa5055934e", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "The class that helps note down the quantity of energy consumption and the unit\nused for measurement." + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N9d5e8eccc66c436c9a0345e9c3af8529" - }, + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:N8a1113e414a64a18936c9ab803d99cb2" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" } ] }, { - "@id": "_:N9d5e8eccc66c436c9a0345e9c3af8529", + "@id": "_:Ne46e39537aa14acbb681ae6b64bad82e", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -4721,525 +5418,570 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/created" + } + ], + "http://www.w3.org/ns/shacl#pattern": [ + { + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "_:N8a1113e414a64a18936c9ab803d99cb2", + "@id": "_:N5b72b47819a642febfd79bda5a4d1649", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other" - } - ] + "@value": 1 } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": 1 + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy" + } + ] + }, + { + "@id": "_:N455a384ce9cd4dc6a436d35c9165e0a6", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Tool" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file)." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "hasDistributionArtifact" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/subject", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "An Element an annotator has made an assertion about." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the Dataset profile specification" + "@value": "Describes a mechanism to update the dataset." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "dataset" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Every `to` Element is an example for the `from` Element (`from` hasExample `to`)." + "@value": "Records the type of the model used in the AI software." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "hasExample" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A software agent." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" + "@value": "(Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "doesNotAffect" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period." + "@value": "The file represents a single file (default)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasSpecification" + "@value": "file" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the unit of energy consumption." + "@value": "Specifies the level of support associated with an artifact." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element depends on each `to` Element, during a LifecycleScopeType period." + "@value": "the Element is a module of a piece of software" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "dependsOn" + "@value": "module" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact." + "@value": "A relationship has other specific context information necessary to capture that the above set of enumerations does not handle." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "endOfSupport" + "@value": "other" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the Security profile specification" + "@value": "When a CVSS score is 0.0" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "security" + "@value": "none" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Indicates presence of the field." + "@value": "The `from` Element contains each `to` Element." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "yes" + "@value": "contains" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the unit in which energy is measured." + "@value": "Specifies the exploit catalog type." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provide an enumerated set of lifecycle phases that can provide context to relationships." + "@value": "Megajoule." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "megajoule" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf)" + "@value": "Defines the byte range in the original host file that the snippet information\napplies to." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "cpe22" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/key", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Kilowatt-hour." + "@value": "A key used in a generic key-value pair." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "kilowattHour" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespace", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides an unambiguous mechanism for conveying a URI fragment portion of an\nElementID." + "@value": "Describes potentially noisy elements of the dataset." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Property that describes the digest of the build configuration file used to\ninvoke a build." + "@value": "The field describes the availability of a dataset." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Hash" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf)" + "@value": "(\"Track*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "md6" + "@value": "trackStar" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to metrics related to package such as OpenSSF scorecards." + "@value": "(Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "metrics" + "@value": "reportedBy" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Artifact representing a serialization instance of SPDX data containing the\ndefinition of a particular Element." + "@value": "Specifies the type of the external reference." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A name used in a CdxExtension name-value pair." + "@value": "An Individual Value for License when no assertion can be made about its actual\nvalue." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" + } + ], + "http://www.w3.org/2002/07/owl#sameAs": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/subject", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "An Element an annotator has made an assertion about." + "@value": "Kilowatt-hour." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": "kilowattHour" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Information about the relationship between two Elements." + "@value": "Provides the location for more information regarding an external identifier." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the type of an external reference." + "@value": "Specifies whether the License is listed as approved by the\n[Open Source Initiative (OSI)](https://opensource.org)." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "An Individual Value for License when no assertion can be made about its actual\nvalue." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" + "@value": "(AI, Dataset) The `from` Element has been tested on the `to` Element(s)." } ], - "http://www.w3.org/2002/07/owl#sameAs": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Licensing/NoAssertion" + "@value": "testedOn" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to the documentation for a package." + "@value": "Provides a place for the SPDX data creator to record acknowledgement text for\na software Package, File or Snippet." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "documentation" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "CISA's Known Exploited Vulnerability (KEV) Catalog" + "@value": "Identifies all the text and metadata associated with a license in the license\nXML format." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "kev" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period." + "@value": "the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasOutputs" + "@value": "limitedSupport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element refers to a chipset, processor, or electronic board" + "@value": "Property that describes the URI of the build configuration source file." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "device" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -5247,12 +5989,12 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides an exploit assessment of a vulnerability." + "@value": "Portion of an AnyLicenseInfo representing a set of licensing information\nwhere all elements apply." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -5262,43 +6004,20 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N4408438d1951499c810dd20736fc8f6d" - }, - { - "@id": "_:N50ee43d48bfa48a7a1ed11d8f1a142be" - }, - { - "@id": "_:N09154b7b70d74a068418ac85b07b0ca4" + "@id": "_:Nf86050f490cc405d9aae0bc0e8f0d0ed" } ] }, { - "@id": "_:N4408438d1951499c810dd20736fc8f6d", + "@id": "_:Nf86050f490cc405d9aae0bc0e8f0d0ed", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" - } - ], - "http://www.w3.org/ns/shacl#in": [ - { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other" - } - ] - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], "http://www.w3.org/ns/shacl#minCount": [ { - "@value": 1 + "@value": 2 } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -5308,43 +6027,43 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" } ] }, { - "@id": "_:N50ee43d48bfa48a7a1ed11d8f1a142be", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "A license or addition that is not listed on the SPDX License List." } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/exploited" + "@id": "_:N0870ab209fd54ad8b09fb82588667649" } ] }, { - "@id": "_:N09154b7b70d74a068418ac85b07b0ca4", + "@id": "_:N0870ab209fd54ad8b09fb82588667649", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -5364,214 +6083,150 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/locator" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "A mathematical algorithm that maps data of arbitrary size to a bit string." + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html)." + "@value": "the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "mavenCentral" + "@value": "scrapingScript" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the AI profile specification" + "@value": "[Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "ai" + "@value": "cpe23" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A map of Element identifiers that are used within a Document but defined external to that Document." - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNode" - } - ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Ncd59883a81b9406da696982287f14697" - }, - { - "@id": "_:N29e83512b0af41a192e2bedecf23be21" - }, - { - "@id": "_:N9709db9244764f79800d1776575d22a2" - }, - { - "@id": "_:N1c9ce436902f4cb7a977dd6c3e3abb98" - } - ] - }, - { - "@id": "_:Ncd59883a81b9406da696982287f14697", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": "Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId" + "@value": "amber" } ] }, { - "@id": "_:N29e83512b0af41a192e2bedecf23be21", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "Specifies the time an artifact was built." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "_:N9709db9244764f79800d1776575d22a2", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A reference to additional license information related to an artifact." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint" + "@value": "license" } ] }, { - "@id": "_:N1c9ce436902f4cb7a977dd6c3e3abb98", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "A reference to a risk assessment for a package." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact" + "@value": "riskAssessment" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms." + "@value": "A reference build system used to create or publish the package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "registration" + "@value": "buildSystem" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Links a vulnerability and elements representing products (in the VEX sense) where\na fix has been applied and are no longer affected." + "@value": "Abstract class representing a License or an OrLaterOperator." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -5581,25 +6236,25 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`)." + "@value": "A reference to an alternative download location." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasDeletedFile" + "@value": "altDownloadLocation" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" @@ -5607,75 +6262,69 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period." + "@value": "Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasDynamicLink" + "@value": "hasTest" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the CVSS vector string for a vulnerability." + "@value": "Describes the type of annotation." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The relationship is known not to be exhaustive." + "@value": "the Element is a software library" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "incomplete" + "@value": "library" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Abstract class representing a license combination consisting of one or more\nlicenses (optionally including additional text), which may be combined\naccording to the\n[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md)." + "@value": "This property is used to denote the root Element(s) of a tree of elements contained in a BOM." } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" - } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" @@ -5683,34 +6332,34 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element is modified by each `to` Element." + "@value": "(Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "modifiedBy" + "@value": "fixedBy" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose", + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides information about the primary purpose of the software artifact." + "@value": "Provides a map of a property names to a values." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" @@ -5718,81 +6367,86 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is a file system image that can be written to a disk (or virtual) partition" + "@value": "Element represents a runtime environment" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "filesystemImage" + "@value": "platform" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Defines the beginning of a range." + "@value": "Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a risk assessment for a package." + "@value": "Provide consumers with comments by the creator of the Element about the\nElement." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "riskAssessment" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship", "@type": [ "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A tuple of two positive integers that define a range." + "@value": "Asbtract ancestor class for all VEX relationships" + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N04f697ec903c49cc828aebe7e77a1909" + "@id": "_:Nf0b6d7a3fdab42ecbacc3356d4f8c5e5" }, { - "@id": "_:N7724b5cdf9c84e5dbb77919f50fafab2" + "@id": "_:N451ea824289c4488839f4d946a14d0b2" } ] }, { - "@id": "_:N04f697ec903c49cc828aebe7e77a1909", + "@id": "_:Nf0b6d7a3fdab42ecbacc3356d4f8c5e5", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -5800,7 +6454,25 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vexVersion" + } + ] + }, + { + "@id": "_:N451ea824289c4488839f4d946a14d0b2", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ { "@value": 1 } @@ -5812,64 +6484,75 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes" } ] }, { - "@id": "_:N7724b5cdf9c84e5dbb77919f50fafab2", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/fileKind", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" + "@language": "en", + "@value": "Describes if a given file is a directory or non-directory kind of file." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "A software agent." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a numerical (0-10) representation of the severity of a vulnerability." + "@value": "Captures the size of the dataset." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" + "@id": "http://www.w3.org/2001/XMLSchema#nonNegativeInteger" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/value", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The result of applying a hash algorithm to an Element." + "@value": "A value used in a generic key-value pair." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -5879,13 +6562,24 @@ ] }, { - "@id": "http://spdx.invalid./AbstractClass", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Provides a License author's preferred text to indicate that a file is covered\nby the License." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -5893,35 +6587,34 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a static analysis report for a package." + "@value": "A reference to the instant messaging system used by the maintainer for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "staticAnalysisReport" + "@value": "chat" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A characterization of some aspect of an Element that is associated with the Element in a generalized fashion." + "@value": "Captures a standard that is being complied with." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -5929,12 +6622,12 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Portion of an AnyLicenseInfo representing a License which has additional\ntext applied to it." + "@value": "A collection of SPDX Elements that could potentially be serialized." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -5944,477 +6637,397 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N4aae3294054e4579b4c4509df4b82eb1" + "@id": "_:N2da5fb10013c416ba1a25392e71de30d" + }, + { + "@id": "_:N7379d1cc718943e0a73d88e3ffed1bed" }, { - "@id": "_:Ncdb932d87e52477fa19dac950a2b5d43" + "@id": "_:N74840ef0158a43fc889aee92ca73bd7c" } ] }, { - "@id": "_:N4aae3294054e4579b4c4509df4b82eb1", + "@id": "_:N2da5fb10013c416ba1a25392e71de30d", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/imports" } ] }, { - "@id": "_:Ncdb932d87e52477fa19dac950a2b5d43", + "@id": "_:N7379d1cc718943e0a73d88e3ffed1bed", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "A reference to a version control system related to a software artifact." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "vcs" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "(Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "hasAssessmentFor" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N74840ef0158a43fc889aee92ca73bd7c", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "Specifies the value of the content identifier." + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Specifies the VEX justification type." + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/dataLicense" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is a container image which can be used by a container runtime application" + "@value": "Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "container" + "@value": "swid" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies whether the License is listed as approved by the\n[Open Source Initiative (OSI)](https://opensource.org)." + "@value": "Records the biases that the dataset is known to encompass." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes if any sensitive personal information is present in the dataset." + "@value": "Abstract class for the portion of an AnyLicenseInfo representing a license." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "A License participating in a 'with addition' model." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" + "@id": "_:Nb0c3242710d240c8891589718c8fce51" + }, + { + "@id": "_:N6540b79b59d04a4bbaeceb5b15959bd1" + }, + { + "@id": "_:N29630ed4d4a04d1381b0fda3fd6e8c45" + }, + { + "@id": "_:N10125ead4e864e63b561b0f44b7d79a0" + }, + { + "@id": "_:N9f82179a3a59479684ab421ab57c2e87" + }, + { + "@id": "_:Nabdedbef29eb415c84c2cc88b86a8906" + }, + { + "@id": "_:N08101af227c147c7a3442c8dc35e7330" + }, + { + "@id": "_:N4635d48bf767437a92c96826a974f745" + }, + { + "@id": "_:N6904cc4c685a47e88f2bb1aa528f6667" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "@id": "_:Nb0c3242710d240c8891589718c8fce51", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "A reference to a runtime analysis report for a package." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "runtimeAnalysisReport" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "amber" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N6540b79b59d04a4bbaeceb5b15959bd1", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "Provides an IntegrityMethod with which the integrity of an Element can be\nasserted." + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Identifies who or what created the Element." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N29630ed4d4a04d1381b0fda3fd6e8c45", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321)." + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "md5" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "data is stored in tabular format or retrieved from a relational database." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "structured" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N10125ead4e864e63b561b0f44b7d79a0", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "The `from` Element has manifest files that contain dependency information in each `to` Element." + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "hasDependencyManifest" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Specifies whether an additional text identifier has been marked as deprecated." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "@id": "_:N9f82179a3a59479684ab421ab57c2e87", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Provides relevant information about the AI software, not including the model\ndescription." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "@id": "_:Nabdedbef29eb415c84c2cc88b86a8906", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "email" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "@id": "_:N08101af227c147c7a3442c8dc35e7330", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "deployed" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "@id": "_:N4635d48bf767437a92c96826a974f745", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless)." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "other" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N6904cc4c685a47e88f2bb1aa528f6667", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "A License participating in an 'or later' model." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Other exploit catalogs" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "other" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period." + "@value": "the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasProvidedDependency" + "@value": "diskImage" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The relative file name of a file to be excluded from the\n`PackageVerificationCode`." + "@value": "Describes the preprocessing steps that were applied to the raw data to create the given dataset." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -6424,219 +7037,183 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies the full text of a LicenseAddition, in SPDX templating format." + "@value": "Specifies whether a license or additional text identifier has been marked as\ndeprecated." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the amount of energy consumed when training the AI model that is\nbeing used in the AI system." + "@value": "A tuple of two positive integers that define a range." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#property": [ { - "@language": "en", - "@value": "A reference to additional product metadata such as reference within organization's product catalog." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "@id": "_:Nc1b9ba3e85a742a8945cf308e35ea867" + }, { - "@value": "productMetadata" + "@id": "_:N51c5e67e9e3c44a7a2d09904c01ccb8c" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Nc1b9ba3e85a742a8945cf308e35ea867", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "Specifies a time when a vulnerability assessment was modified" + "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@language": "en", - "@value": "Points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef" + "@id": "http://www.w3.org/ns/shacl#Literal" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "Provides information about the primary purpose of an Element." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "@id": "_:N51c5e67e9e3c44a7a2d09904c01ccb8c", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Used when the type does not match any of the other options." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "other" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "the dataset is publicly available and can be downloaded directly." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "directDownload" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element." + "@value": "Identifies the tooling that was used during the creation of the Element." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Tool" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/justificationType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Element is data" + "@value": "Impact justification label to be used when linking a vulnerability to an element\nrepresenting a VEX product with a VexNotAffectedVulnAssessmentRelationship\nrelationship." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "data" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageUrl", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies the text of one or more copyright notices for a software Package,\nFile or Snippet, if any." + "@value": "Provides a place for the SPDX data creator to record the package URL string\n(in accordance with the\n[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst))\nfor a software Package." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies all the text and metadata associated with a license in the license\nXML format." + "@value": "[FALCON](https://falcon-sign.info/falcon.pdf)" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "falcon" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry", "@type": [ "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides an independently reproducible mechanism that permits verification of a specific Element." + "@value": "A key with an associated value." } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -6646,98 +7223,43 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N01464ca6dfa64274aff9adfbcfe2b42e" - } - ] - }, - { - "@id": "_:N01464ca6dfa64274aff9adfbcfe2b42e", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "the Element is a software application" - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "@id": "_:Na7b3c2d60c9f456a9e73937d1c3a21cd" + }, { - "@value": "application" + "@id": "_:Ncd2f1cc582e84bcd856b955b65a59076" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vexVersion", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Specifies the version of a VEX statement." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "@id": "_:Na7b3c2d60c9f456a9e73937d1c3a21cd", + "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "A license or addition that is not listed on the SPDX License List." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#property": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:N8b36dfa49376412d8010f6538ab81c17" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/key" } ] }, { - "@id": "_:N8b36dfa49376412d8010f6538ab81c17", + "@id": "_:Ncd2f1cc582e84bcd856b955b65a59076", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -6748,11 +7270,6 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -6760,30 +7277,29 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/value" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent." + "@value": "Defines the beginning of a range." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "reportedBy" + "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" @@ -6791,200 +7307,160 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874)." + "@value": "SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "sha224" + "@value": "sha512" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" + "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Low/no risk is posed by an AI system." + "@value": "When a CVSS score is between 4.0 - 6.9" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "low" + "@value": "medium" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes what the given dataset should be used for." + "@value": "SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "runtime" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(AI, Dataset) The `from` Element has been tested on the `to` Element(s)." + "@value": "the Element is a software application" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "testedOn" + "@value": "application" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provide consumers with comments by the creator of the Element about the\nElement." + "@value": "The `from` archive expands out as an artifact described by each `to` Element." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "expandsTo" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A key with an associated value." - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@value": "Used when the type does not match any of the other options." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nfb0d104a609c4735b2ee447c3d1c50be" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:N4a645c5dafdf41f180187419d8fe5585" + "@value": "other" } ] }, { - "@id": "_:Nfb0d104a609c4735b2ee447c3d1c50be", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/context", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under." } ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/key" - } - ] - }, - { - "@id": "_:N4a645c5dafdf41f180187419d8fe5585", - "http://www.w3.org/ns/shacl#datatype": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/value" - } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A relationship has specific context implications during an element's testing phase, during development." + "@value": "the element follows the Core profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "test" + "@value": "core" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "there is no support for the artifact from the supplier, consumer assumes any support obligations." + "@value": "Used when the type does not match any of the other options." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "noSupport" + "@value": "other" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -6992,35 +7468,34 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf)." + "@value": "A reference to a published list of releases for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "vulnerabilityExploitabilityAssessment" + "@value": "releaseHistory" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/startTime", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability." + "@value": "Specifies the time from which an element is applicable / valid." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "inlineMitigationsAlreadyExist" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -7028,303 +7503,473 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A class for describing the energy consumption incurred by an AI model in\ndifferent stages of its lifecycle." + "@value": "Links a vulnerability and one or more elements designating the latter as products\nnot affected by the vulnerability." + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N971faeaad9fb4eab9cacd7361ff7a6e9" + "@id": "_:N1b5654647edc4983a971016877bdb294" }, { - "@id": "_:N7c210eac0a6a41fd808aa140eb323bf0" + "@id": "_:N5e02ee6be544496eaa697b59d1f414bf" }, { - "@id": "_:N6ec76b25494a4cc0b31c5bfa0f1b8742" + "@id": "_:Na395f8f765534d0dbfe9b0bbc43d2543" } ] }, { - "@id": "_:N971faeaad9fb4eab9cacd7361ff7a6e9", + "@id": "_:N1b5654647edc4983a971016877bdb294", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" + } + ], + "http://www.w3.org/ns/shacl#in": [ + { + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist" + } + ] + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/justificationType" + } + ] + }, + { + "@id": "_:N5e02ee6be544496eaa697b59d1f414bf", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement" + } + ] + }, + { + "@id": "_:Na395f8f765534d0dbfe9b0bbc43d2543", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime" + } + ], + "http://www.w3.org/ns/shacl#pattern": [ + { + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } ] }, { - "@id": "_:N7c210eac0a6a41fd808aa140eb323bf0", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" + "@value": "npm" } ] }, { - "@id": "_:N6ec76b25494a4cc0b31c5bfa0f1b8742", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" + "@value": "secureSoftwareAttestation" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/key", + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildType", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A key used in a generic key-value pair." + "@value": "A buildType is a hint that is used to indicate the toolchain, platform, or\ninfrastructure that the build was invoked on." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." + "@value": "A reference to binary artifacts related to a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "sha3_224" + "@value": "binaryArtifact" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/from", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies the type of an annotation." + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/sensor", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "References the Element on the left-hand side of a relationship." + "@value": "Describes a sensor used for collecting the data." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact." + "@value": "the element follows the Dataset profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "source" + "@value": "dataset" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specified the time and date when a vulnerability was withdrawn." + "@value": "The `from` Element is an ancestor of each `to` Element." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@value": "ancestorOf" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is a software library" + "@value": "Provides relevant information about the AI software, not including the model\ndescription." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "library" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection", "@type": [ "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "An SPDX version 2.X compatible verification method for software packages." + "@value": "A collection of Elements, not necessarily with unifying context." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Na5ba2903b9c44319bea1cd36039dc168" + "@id": "_:N777bb4d4448946ed98136523de58c443" }, { - "@id": "_:N873390b0750642ebabae85bc8440112b" + "@id": "_:Na3d7a10bc4924cdd9739f272136881cc" }, { - "@id": "_:N1757405396c64132981f2170c3de356b" + "@id": "_:Nb5fd2e062b0e401abc2eb0323bf66a92" } ] }, { - "@id": "_:Na5ba2903b9c44319bea1cd36039dc168", + "@id": "_:N777bb4d4448946ed98136523de58c443", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/element" + } + ] + }, + { + "@id": "_:Na3d7a10bc4924cdd9739f272136881cc", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement" + } + ] + }, + { + "@id": "_:Nb5fd2e062b0e401abc2eb0323bf66a92", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" } ], "http://www.w3.org/ns/shacl#in": [ { "@list": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite" } ] } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "(Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "republishedBy" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "the Element doesn't fit into any of the other categories" + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "other" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "The `from` Element is modified by each `to` Element." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "modifiedBy" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Provides a CVSS version 2.0 assessment for a vulnerability." } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -7332,17 +7977,20 @@ "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm" + "@id": "_:N95c98363c6ec49ac9b3ad6b7e56b1dd5" + }, + { + "@id": "_:Nbcd4eb8dbb2f4deab03834c7a85bd9ea" } ] }, { - "@id": "_:N873390b0750642ebabae85bc8440112b", + "@id": "_:N95c98363c6ec49ac9b3ad6b7e56b1dd5", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#decimal" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -7362,17 +8010,27 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/hashValue" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score" } ] }, { - "@id": "_:N1757405396c64132981f2170c3de356b", + "@id": "_:Nbcd4eb8dbb2f4deab03834c7a85bd9ea", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" } ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -7380,161 +8038,194 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to related security information of unspecified type." + "@value": "Dataset can be shared within a community of peers and partners." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "securityOther" + "@value": "green" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." + "@value": "Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf)" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "sha3_512" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json)." + "@value": "[Dilithium](https://pq-crystals.org/dilithium/)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "npm" + "@value": "crystalsDilithium" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the Extension profile specification" + "@value": "Indicates the amount of energy consumption incurred by an AI model." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "extension" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes", + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used." + "@value": "A property name with an associated value." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "describes" + "@id": "http://www.w3.org/ns/shacl#BlankNode" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:Ndbb29c99db8943a693680a16ab5d0180" + }, + { + "@id": "_:N8eb250a5d66b44b69fe07972c365f16e" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass" + "@id": "_:Ndbb29c99db8943a693680a16ab5d0180", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Abstract class representing a License or an OrLaterOperator." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel", + "@id": "_:N8eb250a5d66b44b69fe07972c365f16e", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package." + "@value": "Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "securityThreatModel" + "@value": "other" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/summary", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "When a CVSS score is between 9.0 - 10.0" + "@value": "A short description of an Element." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "critical" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -7542,25 +8233,30 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A mapping between prefixes and namespace partial URIs." + "@value": "Connects a vulnerability and an element designating the element as a product\naffected by the vulnerability." + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N7a31f4fb5ef44278bf709330ae6eae53" + "@id": "_:Nfbe7ee05ca204337b19effe39cfc9820" }, { - "@id": "_:Na81145214946470cb328f80520e931f3" + "@id": "_:Na4bdfa6078a6493589d054f0581485d0" } ] }, { - "@id": "_:N7a31f4fb5ef44278bf709330ae6eae53", + "@id": "_:Nfbe7ee05ca204337b19effe39cfc9820", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -7571,11 +8267,6 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -7583,471 +8274,392 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/prefix" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" } ] }, { - "@id": "_:Na81145214946470cb328f80520e931f3", + "@id": "_:Na4bdfa6078a6493589d054f0581485d0", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": 1 + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/ns/shacl#pattern": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/completeness", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespace" + "@language": "en", + "@value": "Provides information about the completeness of relationships." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element is a descendant of each `to` Element." + "@value": "Other exploit catalogs" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "descendantOf" + "@value": "other" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Enumeration of the different kinds of SPDX file." + "@value": "[Kyber](https://pq-crystals.org/kyber/)" + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "crystalsKyber" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Specifies whether an additional text identifier has been marked as deprecated." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#boolean" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines." + "@value": "[Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "attend" + "@value": "cpe22" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a published list of releases for a package." + "@value": "Element contains a set of changes to update, fix, or improve another Element" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "releaseHistory" + "@value": "patch" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing", + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes the preprocessing steps that were applied to the raw data to create the given dataset." + "@value": "A characterization of some aspect of an Element that is associated with the Element in a generalized fashion." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locationHint", + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides an indication of where to retrieve an external Element." + "@value": "Maps a LicenseRef or AdditionRef string for a Custom License or a Custom\nLicense Addition to its URI ID." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix", + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to the patch or source code that fixes a vulnerability." + "@value": "A value used in a CdxExtension name-value pair." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "securityFix" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Any other units of energy measurement." + "@value": "Identifies the text of one or more copyright notices for a software Package,\nFile or Snippet, if any." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "other" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/standardName", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the time an artifact was released." + "@value": "The name of a relevant standard that may apply to an artifact." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s)." + "@value": "the Element provides a requirement needed as input for another Element" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "fixedBy" + "@value": "requirement" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition", "@type": [ "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the type of a content identifier." + "@value": "A license addition that is not listed on the SPDX Exceptions List." + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a resource outside the scope of SPDX-3.0 content related to an Element." - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@value": "Dataset may be distributed freely, without restriction." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nda74ed3ec3ef4a16b298570efe2daba2" - }, - { - "@id": "_:N383a8a7644f64c78b040430b8209ccdc" - }, - { - "@id": "_:N30a67ffa3e1b4d09b5542d404f29404d" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:Nb5273969c5d14e4099642493bef7d0f6" + "@value": "clear" } ] }, { - "@id": "_:Nda74ed3ec3ef4a16b298570efe2daba2", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment" - } - ] + "@language": "en", + "@value": "SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "sha256" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "Records a hyperparameter used to build the AI model contained in the AI\npackage." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRefType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ] }, { - "@id": "_:N383a8a7644f64c78b040430b8209ccdc", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "Represents the energy quantity." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/2001/XMLSchema#decimal" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locator" + "@language": "en", + "@value": "Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`)." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "hasTestCase" } ] }, { - "@id": "_:N30a67ffa3e1b4d09b5542d404f29404d", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "Provides a CVSS version 3 assessment for a vulnerability." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ + "@id": "_:Nfe6503efbfe64805b48f31d234f30373" + }, { - "@value": "^[^\\/]+\\/[^\\/]+$" + "@id": "_:N4f5b5682465144cf99bec6c92c23223a" + }, + { + "@id": "_:Nc2e370e51ee546a1a816ebb1fed7db40" } ] }, { - "@id": "_:Nb5273969c5d14e4099642493bef7d0f6", + "@id": "_:Nfe6503efbfe64805b48f31d234f30373", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#decimal" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -8055,6 +8667,11 @@ "@value": 1 } ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -8062,302 +8679,303 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" + "@id": "_:N4f5b5682465144cf99bec6c92c23223a", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#in": [ { - "@language": "en", - "@value": "The software is not affected because the vulnerable component is not in the product." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "componentNotPresent" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@language": "en", - "@value": "(Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s)." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "foundBy" + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "@id": "_:Nc2e370e51ee546a1a816ebb1fed7db40", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "The `from` Element is an ancestor of each `to` Element." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "ancestorOf" + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Used when someone reviews the Element." + "@value": "[MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "review" + "@value": "md6" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." + "@value": "the element follows the AI profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "sha3_256" + "@value": "ai" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install)." + "@value": "the Element is a file system image that can be written to a disk (or virtual) partition" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "bower" + "@value": "filesystemImage" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Portion of an AnyLicenseInfo representing a set of licensing information\nwhere all elements apply." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "The relationship is known to be exhaustive." } ], - "http://www.w3.org/ns/shacl#property": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:N3df0f602adb54cd98a706a4757565a55" + "@value": "complete" } ] }, { - "@id": "_:N3df0f602adb54cd98a706a4757565a55", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 2 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "Data points in the dataset are highly confidential and can only be shared with named recipients." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" + "@value": "red" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period." + "@value": "Contains a URL where the License or LicenseAddition can be found in use." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "hasInputs" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "timestamp" + "@value": "Availability of dataset." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The Element is a test used to verify functionality on an software element" + "@value": "the dataset is publicly available and can be downloaded directly." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "test" + "@value": "directDownload" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime", + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Records the time when a recommended action was communicated in a VEX statement\nto mitigate a vulnerability." + "@value": "Abstract class representing a license combination consisting of one or more\nlicenses (optionally including additional text), which may be combined\naccording to the\n[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md)." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange", + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Defines the line range in the original host file that the snippet information\napplies to." + "@value": "The version of the SPDX License List used in the license expression." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "securityPenTestReport" + "@value": "A mathematical algorithm that maps data of arbitrary size to a bit string." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact." + "@value": "Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "design" + "@value": "gitoid" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatement", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Explains why a VEX product is not affected by a vulnerability. It is an\nalternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable\njustification label." + "@value": "Describes what the given dataset should be used for." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -8367,14 +8985,14 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endTime", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the time from which an element is no longer applicable / valid." + "@value": "Specifies a time when a vulnerability assessment was modified" } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -8384,76 +9002,71 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the amount of energy consumed during inference time by an AI model\nthat is being used in the AI system." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" + "@value": "Specifies the type of a content identifier." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endTime", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the SPDX License List version in which this ListedLicense or\nListedLicenseException identifier was first added." + "@value": "Specifies the time from which an element is no longer applicable / valid." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "no assertion about the type of support is made. This is considered the default if no other support type is used." + "@value": "the Element provides low level control over a device's hardware" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "noAssertion" + "@value": "firmware" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/publishedTime", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies whether the License is listed as free by the\n[Free Software Foundation (FSF)](https://fsf.org)." + "@value": "Specifies the time when a vulnerability was published." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -8461,567 +9074,422 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to instructions for reporting newly discovered security vulnerabilities for a package." + "@value": "A reference to a dynamic analysis report for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "securityPolicy" + "@value": "dynamicAnalysisReport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A relationship has specific context implications during an element's build phase, during development." + "@value": "(Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "build" + "@value": "fixedIn" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the type of an annotation." + "@value": "A reference to a purchase order for a package." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "purchaseOrder" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A distinct article or unit related to Software." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "A reference to a static analysis report for a package." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nb067e2613df54ae5998d2b8cce711bb1" - }, - { - "@id": "_:N669f2fd20f5b4cb9853e67ecabd18948" - }, - { - "@id": "_:N9a85118e8515490e9088cb2b74cb053b" - }, - { - "@id": "_:N0c393a49d213438abf93f2408e9d435d" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:N41c1f3f0e2cf4b5aa48fcd2a32c29c44" + "@value": "staticAnalysisReport" } ] }, { - "@id": "_:Nb067e2613df54ae5998d2b8cce711bb1", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test" - } - ] + "@language": "en", + "@value": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "swhid" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "(Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose" + "@value": "foundBy" } ] }, { - "@id": "_:N669f2fd20f5b4cb9853e67ecabd18948", - "http://www.w3.org/ns/shacl#class": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "@language": "en", + "@value": "The `from` SPDXDocument can be found in a serialized form in each `to` Artifact." } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test" - } - ] + "@value": "serializedInArtifact" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "Identifies the full text of a LicenseAddition, in SPDX templating format." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:N9a85118e8515490e9088cb2b74cb053b", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/scope", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "Capture the scope of information about a specific relationship between elements." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "When a CVSS score is between 0.1 - 3.9" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/copyrightText" + "@value": "low" } ] }, { - "@id": "_:N0c393a49d213438abf93f2408e9d435d", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Specifies the algorithm used for calculating the hash value." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/attributionText" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" } ] }, { - "@id": "_:N41c1f3f0e2cf4b5aa48fcd2a32c29c44", - "http://www.w3.org/ns/shacl#class": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier" + "@language": "en", + "@value": "Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`)." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@value": "hasMetadata" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier" + "@language": "en", + "@value": "Provide an enumerated set of lifecycle phases that can provide context to relationships." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/justificationType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Impact justification label to be used when linking a vulnerability to an element\nrepresenting a VEX product with a VexNotAffectedVulnAssessmentRelationship\nrelationship." + "@value": "Provides information about the primary purpose of the software artifact." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period." + "@value": "Specifies the amount of energy consumed when finetuning the AI model that is\nbeing used in the AI system." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "hasPrerequisite" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Captures the threshold that was used for computation of a metric described in\nthe metric field." + "@value": "Describes if any sensitive personal information is present in the dataset." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support." + "@value": "A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "support" + "@value": "securityPenTestReport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "An entity that is authorized to issue identification credentials." + "@value": "there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "endOfSupport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a purchase order for a package." + "@value": "the element follows the Lite profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "purchaseOrder" + "@value": "lite" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to the software support channel or other support information for a package." + "@value": "the element follows the Extension profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "support" + "@value": "extension" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM." + "@value": "A LicenseAddition participating in a 'with addition' model." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "analyzed" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Timestamp of impact statement." + "@value": "The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@value": "hasDataFile" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Defines the byte range in the original host file that the snippet information\napplies to." + "@value": "Designates elements as products where the impact of a vulnerability is being\ninvestigated." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs." + "@value": "The product is not affected because the code underlying the vulnerability is not present in the product." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "build" + "@value": "vulnerableCodeNotPresent" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/AIPackage", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -9029,12 +9497,12 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies an AI package and its associated information." + "@value": "Portion of an AnyLicenseInfo representing this version, or any later version,\nof the indicated License." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Package" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -9044,75 +9512,23 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N9e5ea3c1605c4c2580cb346739f79bb3" - }, - { - "@id": "_:N2bd9ef96dc4246548aca3d6cc9d8aae5" - }, - { - "@id": "_:Ne23fdcd5bb344bb0b93e74dcd48f3415" - }, - { - "@id": "_:N259c79700998405598f3b265a84c9369" - }, - { - "@id": "_:Nbb5046097f214b9a8a19b08ba049ef39" - }, - { - "@id": "_:Na0791cc39051424fa4c158671c2083ec" - }, - { - "@id": "_:N250d067c16d145c4addd6a9f229481ef" - }, - { - "@id": "_:N86dde2d004be4c38bef9ef0f5cad1463" - }, - { - "@id": "_:Nb785ed25d4024ef185b91a84abd92a98" - }, - { - "@id": "_:N615d2648af424e00beabe06207744b36" - }, - { - "@id": "_:N7ab079c6a6cf4f06bfba60d8ff2aa7a3" - }, - { - "@id": "_:Nc6b6e7faa396422999b02eb25fa0980e" - }, - { - "@id": "_:N06c64ad8ebf94e0d804efd268a5bd39c" - }, - { - "@id": "_:N8e1b4b3a1c324948b956a65cff1991eb" - }, - { - "@id": "_:Necb650d00a8e4f1e8a35f124977e94d8" + "@id": "_:N6d3932e4a46e43c6ab889e1be1f9eeb3" } ] }, { - "@id": "_:N9e5ea3c1605c4c2580cb346739f79bb3", + "@id": "_:N6d3932e4a46e43c6ab889e1be1f9eeb3", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion" - } - ] + "@value": 1 } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#minCount": [ { "@value": 1 } @@ -9124,117 +9540,126 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense" } ] }, { - "@id": "_:N2bd9ef96dc4246548aca3d6cc9d8aae5", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/domain" + "@value": "email" } ] }, { - "@id": "_:Ne23fdcd5bb344bb0b93e74dcd48f3415", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" } ] }, { - "@id": "_:N259c79700998405598f3b265a84c9369", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "A string in the license expression format." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:Nbb5046097f214b9a8a19b08ba049ef39", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/to", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "References an Element on the right-hand side of a relationship." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A License participating in a 'with addition' model." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" } ] }, { - "@id": "_:Na0791cc39051424fa4c158671c2083ec", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "A collection of Elements that have a shared context." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" + "@id": "_:N5305ec8ebc394008ba07c97c8a76c53c" } ] }, { - "@id": "_:N250d067c16d145c4addd6a9f229481ef", + "@id": "_:N5305ec8ebc394008ba07c97c8a76c53c", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -9252,379 +9677,549 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/limitation" - } - ] - }, - { - "@id": "_:N86dde2d004be4c38bef9ef0f5cad1463", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metric" - } - ] - }, - { - "@id": "_:Nb785ed25d4024ef185b91a84abd92a98", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/context" } ] }, { - "@id": "_:N615d2648af424e00beabe06207744b36", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" + "@value": "hasDeclaredLicense" } ] }, { - "@id": "_:N7ab079c6a6cf4f06bfba60d8ff2aa7a3", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Provides information about the creation of the Element." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" } ] }, { - "@id": "_:Nc6b6e7faa396422999b02eb25fa0980e", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low" - } - ] + "@language": "en", + "@value": "The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "hasPrerequisite" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "A reference to a version control system related to a software artifact." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" + "@value": "vcs" } ] }, { - "@id": "_:N06c64ad8ebf94e0d804efd268a5bd39c", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" + "@value": "md5" } ] }, { - "@id": "_:N8e1b4b3a1c324948b956a65cff1991eb", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Identify the version of a package." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:Necb650d00a8e4f1e8a35f124977e94d8", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion" - } - ] + "@language": "en", + "@value": "Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`)." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "patchedBy" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "the element follows the expanded Licensing profile specification" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" + "@value": "expandedLicensing" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A license that is listed on the SPDX License List." + "@value": "The highest level of risk posed by an AI system." } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" + "@value": "serious" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "A reference to instructions for reporting newly discovered security vulnerabilities for a package." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nd37b14c41ee74a409251c039c2410877" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:N0563aa63f65c47c8b4174e7081458902" + "@value": "securityPolicy" } ] }, { - "@id": "_:Nd37b14c41ee74a409251c039c2410877", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "A type of extension consisting of a list of name value pairs." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion" + "@id": "_:N1cd63ea7bc934a35b59fe2f77c813714" } ] }, { - "@id": "_:N0563aa63f65c47c8b4174e7081458902", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N1cd63ea7bc934a35b59fe2f77c813714", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#minCount": [ { "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded" + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling." + "@value": "CISA's Known Exploited Vulnerability (KEV) Catalog" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasDeclaredLicense" + "@value": "kev" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`)." + "@value": "Describes a relationship between one or more elements." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": "patchedBy" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:Ndf4821f9740644fe9bc62a288322f630" + }, + { + "@id": "_:N3dc7fe4fa62e476fb3721f0fb2c0137b" + }, + { + "@id": "_:Ne389df3230e84eb8b1e02fc9fb63740f" + }, + { + "@id": "_:N6d1c716a912c45b98d2eeeef8c8fc9ae" + }, + { + "@id": "_:Nb4db7efa86384e16aa5b90c4d9ce6c58" + }, + { + "@id": "_:N15290b212a884e9ba4ec419743e8ab8d" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" + "@id": "_:Ndf4821f9740644fe9bc62a288322f630", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ { - "@value": "query" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/from" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N3dc7fe4fa62e476fb3721f0fb2c0137b", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "The highest level of risk posed by an AI system." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "serious" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "A reference to the security adversary model for a package." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "securityAdversaryModel" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/to" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "@id": "_:Ne389df3230e84eb8b1e02fc9fb63740f", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#in": [ { - "@language": "en", - "@value": "Specifies a vulnerability and its associated information." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInputs" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutputs" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact" + "@value": 1 + } + ], + "http://www.w3.org/ns/shacl#minCount": [ + { + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -9632,23 +10227,32 @@ "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N265a8e048b0b4ca990c968b6c2e33bb7" - }, - { - "@id": "_:Ndd4c5999d0c24e96a17e61ebe13741a8" - }, + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:N9d882705a80d42e997d7752d345d5ead" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/relationshipType" } ] }, { - "@id": "_:N265a8e048b0b4ca990c968b6c2e33bb7", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N6d1c716a912c45b98d2eeeef8c8fc9ae", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" + } + ], + "http://www.w3.org/ns/shacl#in": [ + { + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion" + } + ] } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -9658,22 +10262,17 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/publishedTime" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ - { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/completeness" } ] }, { - "@id": "_:Ndd4c5999d0c24e96a17e61ebe13741a8", + "@id": "_:Nb4db7efa86384e16aa5b90c4d9ce6c58", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" @@ -9691,7 +10290,7 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/startTime" } ], "http://www.w3.org/ns/shacl#pattern": [ @@ -9701,7 +10300,7 @@ ] }, { - "@id": "_:N9d882705a80d42e997d7752d345d5ead", + "@id": "_:N15290b212a884e9ba4ec419743e8ab8d", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" @@ -9719,7 +10318,7 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endTime" } ], "http://www.w3.org/ns/shacl#pattern": [ @@ -9729,168 +10328,135 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a certification report for a package from an accredited/independent body." + "@value": "Points to a resource outside the scope of the SPDX-3.0 content\nthat provides additional characteristics of an Element." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "certificationReport" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "blake2b512" + "@value": "Enumeration of dataset types." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides information about the content type of an Element or a Property." + "@value": "Records the results of general safety risk assessment of the AI system." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final)" + "@value": "Describes relevant information about different steps of the training process." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "cpe23" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/environment", + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Property describing the session in which a build is invoked." + "@value": "An SPDX Element containing an SPDX license expression string." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#property": [ { - "@value": "limitedSupport" + "@id": "_:N1f035e4b004d4057898be4620e39913d" + }, + { + "@id": "_:Nf3183abab4274e449d7ed0a8031a0024" + }, + { + "@id": "_:N15fc37bda13542f388e149f012b82b19" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "@id": "_:N1f035e4b004d4057898be4620e39913d", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Provide context for a relationship that occurs in the lifecycle." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#property": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:Nca97ef5d4aa4445eb152ecdc80b3ae76" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" } ] }, { - "@id": "_:Nca97ef5d4aa4445eb152ecdc80b3ae76", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" - } - ], - "http://www.w3.org/ns/shacl#in": [ + "@id": "_:Nf3183abab4274e449d7ed0a8031a0024", + "http://www.w3.org/ns/shacl#datatype": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other" - } - ] + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -9900,181 +10466,164 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/scope" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" + } + ], + "http://www.w3.org/ns/shacl#pattern": [ + { + "@value": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "@id": "_:N15fc37bda13542f388e149f012b82b19", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance." + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/locator", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent)." + "@value": "Provides the location of an exploit catalog." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "coordinatedBy" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A property name with an associated value." - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@value": "No assertion can be made about the completeness of the relationship." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N7fe9dd291cce4c73a2f9de0c9b4a0f66" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:N4246f7790aa34e7bbd7a1cfd52dd7de1" + "@value": "noAssertion" } ] }, { - "@id": "_:N7fe9dd291cce4c73a2f9de0c9b4a0f66", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A reference to a Software Composition Analysis (SCA) report." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName" + "@value": "componentAnalysisReport" } ] }, { - "@id": "_:N4246f7790aa34e7bbd7a1cfd52dd7de1", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A reference build metadata related to a published package." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue" + "@value": "buildMeta" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/homePage", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A place for the SPDX document creator to record a website that serves as the\npackage's home page." + "@value": "The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@value": "usesTool" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A LicenseAddition participating in a 'with addition' model." + "@value": "SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" + "@value": "deployed" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is a module of a piece of software" + "@value": "Defines the line range in the original host file that the snippet information\napplies to." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "module" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" @@ -10082,25 +10631,26 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(AI, Dataset) The `from` Element has been trained on the `to` Element(s)." + "@value": "(Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "trainedOn" + "@value": "coordinatedBy" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Annotation", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition", "@type": [ "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "An assertion made in relation to one or more elements." + "@value": "Abstract class for additional text intended to be added to a License, but\nwhich is not itself a standalone License." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ @@ -10115,36 +10665,30 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Nf74455b40487401bacf0b5a805cd676b" + "@id": "_:N0c02837e965d42c58736040b4e58c8a9" + }, + { + "@id": "_:N1e2fa0884ac541b2978d5990bb638394" + }, + { + "@id": "_:Nf2caaa3d7bb2485b958124c6dc4a473b" }, { - "@id": "_:N30fdf1ba1e904227abdd99dd383e81cf" + "@id": "_:N71942c8e075a4203b2cde868d3a5871b" }, { - "@id": "_:N186e9d5feca2423e9007bd5ab9cd55a5" + "@id": "_:N801b2014c6eb415c8f6571acf5c6c27d" }, { - "@id": "_:Nb43e5f1bb1bc4610a45d4ba2e90cdc20" + "@id": "_:Nc1f53db6da424caeb51ccff2d9e9a020" } ] }, { - "@id": "_:Nf74455b40487401bacf0b5a805cd676b", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" - } - ], - "http://www.w3.org/ns/shacl#in": [ + "@id": "_:N0c02837e965d42c58736040b4e58c8a9", + "http://www.w3.org/ns/shacl#datatype": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review" - } - ] + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -10159,20 +10703,20 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/annotationType" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" } ] }, { - "@id": "_:N30fdf1ba1e904227abdd99dd383e81cf", + "@id": "_:N1e2fa0884ac541b2978d5990bb638394", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -10187,17 +10731,12 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/contentType" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ - { - "@value": "^[^\\/]+\\/[^\\/]+$" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" } ] }, { - "@id": "_:N186e9d5feca2423e9007bd5ab9cd55a5", + "@id": "_:Nf2caaa3d7bb2485b958124c6dc4a473b", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -10215,15 +10754,15 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/statement" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" } ] }, { - "@id": "_:Nb43e5f1bb1bc4610a45d4ba2e90cdc20", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:N71942c8e075a4203b2cde868d3a5871b", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -10231,279 +10770,186 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/subject" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Data points in the dataset are highly confidential and can only be shared with named recipients." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "red" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "the Element is the evidence that a specification or requirement has been fulfilled" - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "@id": "_:N801b2014c6eb415c8f6571acf5c6c27d", + "http://www.w3.org/ns/shacl#datatype": [ { - "@value": "evidence" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "the Element is used to install software on disk" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "install" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/extension", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Nc1f53db6da424caeb51ccff2d9e9a020", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "Specifies an Extension characterization of some aspect of an Element." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/standardName", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "The name of a relevant standard that may apply to an artifact." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "When a CVSS score is between 4.0 - 6.9" + "@value": "BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "medium" + "@value": "blake2b256" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The third-highest level of risk posed by an AI system." + "@value": "A class for describing the energy consumption incurred by an AI model in\ndifferent stages of its lifecycle." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "medium" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#property": [ { - "@language": "en", - "@value": "data is video based, such as a collection of movie clips featuring Tom Hanks." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "@id": "_:Ndaf4a553cd704a4ca00c89207e63ef5e" + }, { - "@value": "video" + "@id": "_:N89847ddad14a4277a5e2f5cbecb56fe6" + }, + { + "@id": "_:N7a2c2860f5654a40b36740eb2ce350ba" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Specifies until when the artifact can be used before its usage needs to be\nreassessed." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "@id": "_:Ndaf4a553cd704a4ca00c89207e63ef5e", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element)." + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "other" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "@id": "_:N89847ddad14a4277a5e2f5cbecb56fe6", + "http://www.w3.org/ns/shacl#class": [ { - "@value": "sha512" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Property that describes the time at which a build stops." + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption" } ] }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + { + "@id": "_:N7a2c2860f5654a40b36740eb2ce350ba", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form)." + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "secureSoftwareAttestation" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period." + "@value": "[package URL](https://github.com/package-url/purl-spec)" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "usesTool" + "@value": "packageUrl" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/prefix", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/locator", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A substitute for a URI." + "@value": "Provides the location of an external reference." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -10513,54 +10959,54 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose", "@type": [ "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides information about the type of an SBOM." + "@value": "Provides additional purpose information of the software artifact." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/limitation", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Captures a limitation of the AI software." + "@value": "Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to the mailing list used by the maintainer for a package." + "@value": "no assertion about the type of support is made. This is considered the default if no other support type is used." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "mailingList" + "@value": "noAssertion" } ] }, @@ -10582,25 +11028,29 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Tool", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The relationship is known to be exhaustive." + "@value": "An element of hardware and/or software utilized to carry out a particular function." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": "complete" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -10608,737 +11058,626 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to an alternative web page." + "@value": "A reference to an artifact containing the sources for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "altWebPage" + "@value": "sourceArtifact" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/to", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "References an Element on the right-hand side of a relationship." + "@value": "Identifies the download Uniform Resource Identifier for the package at the time\nthat the document was created." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "An SPDX Element containing an SPDX license expression string." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" - } - ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N47f2fa3f4eb14cce8d2004886e665359" - }, - { - "@id": "_:Nf20a7c9286b24064a0695e1545debe86" - }, - { - "@id": "_:Nf694f7ed838143b0be5c702ce1972914" - } - ] - }, - { - "@id": "_:N47f2fa3f4eb14cce8d2004886e665359", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression" - } - ] - }, - { - "@id": "_:Nf20a7c9286b24064a0695e1545debe86", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ - { - "@value": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" - } - ] - }, - { - "@id": "_:Nf694f7ed838143b0be5c702ce1972914", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@value": "The `from` Element is available from the additional supplier described by each `to` Element." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri" + "@value": "availableFrom" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes the type of the given dataset." + "@value": "Provides an SSVC assessment for a vulnerability." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "The `from` Element is documented by each `to` Element." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#property": [ { - "@value": "hasDocumentation" + "@id": "_:Na8e7b4016d884907ab60729cbcd8b543" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/parameters", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Na8e7b4016d884907ab60729cbcd8b543", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "Property describing the parameters used in an instance of a build." + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#in": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar" + } + ] } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "The `from` Element generates each `to` Element." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "generates" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Element represents a runtime environment" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "platform" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period." + "@value": "Provides a reference to a resource outside the scope of SPDX-3.0 content\nthat uniquely identifies an Element." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "hasOptionalDependency" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Enumeration of the valid profiles." + "@value": "Provides an exploit assessment of a vulnerability." } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@language": "en", - "@value": "Records a hyperparameter used to build the AI model contained in the AI\npackage." + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:Ne1d33d90a3364973ae59f5c549c0f264" + }, + { + "@id": "_:N2382be528d524ac6a84951ba6a32f6ab" + }, + { + "@id": "_:Ndbd3ba44962340668a10f2a6ba5d3701" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" + "@id": "_:Ne1d33d90a3364973ae59f5c549c0f264", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#in": [ { - "@language": "en", - "@value": "(\"Track*\" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "trackStar" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/algorithm", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@language": "en", - "@value": "Specifies the algorithm used for calculating the hash value." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/catalogType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "@id": "_:N2382be528d524ac6a84951ba6a32f6ab", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#boolean" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Specifies the time an artifact was built." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "A string in the license expression format." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/exploited" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "@id": "_:Ndbd3ba44962340668a10f2a6ba5d3701", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/)." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "md2" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234)." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "sha384" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/locator" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element contains each `to` Element." + "@value": "The Element is a test used to verify functionality on an software element" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "contains" + "@value": "test" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "When a CVSS score is between 7.0 - 8.9" - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "high" + "@value": "Information about the relationship between two Elements." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/Build", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Class that describes a build instance of software/artifacts." + "@value": "Links a vulnerability and elements representing products (in the VEX sense) where\na fix has been applied and are no longer affected." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#IRI" } - ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Ne2fe08f0ccdd49a79063c89a48aac770" - }, - { - "@id": "_:Na81064f4b5264357b42a64e6ba8887d9" - }, - { - "@id": "_:Ne85032d295014314b08c577cf8aa88b4" - }, - { - "@id": "_:N21759c3305554b1988787eb2f342e733" - }, - { - "@id": "_:N4c7929e32fe54a379468d435b8ecf541" - }, - { - "@id": "_:Nffc423768dab473b8dc162ee1e3fa4ef" - }, - { - "@id": "_:N2ef016e0c1324ba6845c823a1ac7303a" - }, - { - "@id": "_:N96e8d9fef23a46b7ac5c6cc061e4121a" - }, - { - "@id": "_:N5b680eaa5bca49b58b582bd2e9113dbd" - } ] }, { - "@id": "_:Ne2fe08f0ccdd49a79063c89a48aac770", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@language": "en", + "@value": "The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "hasConcludedLicense" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "An Individual Value for License where the SPDX data creator determines that no\nlicense is present." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2002/07/owl#sameAs": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Licensing/None" } ] }, { - "@id": "_:Na81064f4b5264357b42a64e6ba8887d9", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildId" + "@value": "other" } ] }, { - "@id": "_:Ne85032d295014314b08c577cf8aa88b4", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint" + "@value": "packagedBy" } ] }, { - "@id": "_:N21759c3305554b1988787eb2f342e733", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Used when someone reviews the Element." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri" + "@value": "review" } ] }, { - "@id": "_:N4c7929e32fe54a379468d435b8ecf541", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Hash" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "Element is documentation" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest" + "@value": "documentation" } ] }, { - "@id": "_:Nffc423768dab473b8dc162ee1e3fa4ef", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/environment", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "Property describing the session in which a build is invoked." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/parameters" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ] }, { - "@id": "_:N2ef016e0c1324ba6845c823a1ac7303a", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "Every `to` Element is a variant the `from` Element (`from` hasVariant `to`)." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": "hasVariant" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime" + "@language": "en", + "@value": "A reference to additional product metadata such as reference within organization's product catalog." } ], - "http://www.w3.org/ns/shacl#pattern": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + "@value": "productMetadata" } ] }, { - "@id": "_:N96e8d9fef23a46b7ac5c6cc061e4121a", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": "sha3_224" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime" + "@language": "en", + "@value": "A reference to the security adversary model for a package." } ], - "http://www.w3.org/ns/shacl#pattern": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + "@value": "securityAdversaryModel" } ] }, { - "@id": "_:N5b680eaa5bca49b58b582bd2e9113dbd", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "Captures the threshold that was used for computation of a metric described in\nthe metric field." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/environment" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metric", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Records any relevant background information or additional comments\nabout the origin of the package." + "@value": "Records the measurement of prediction quality of the AI model." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document)." + "@value": "SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "gitoid" + "@value": "build" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/element", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Refers to one or more Elements that are part of an ElementCollection." + "@value": "Provides a set of values to be used to describe the common types of SBOMs that\ntools may create." + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "the artifact is in active development and is not considered ready for formal support from the supplier." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": "development" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/homePage", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible." + "@value": "A place for the SPDX document creator to record a website that serves as the\npackage's home page." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "act" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" @@ -11346,90 +11685,88 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element is available from the additional supplier described by each `to` Element." + "@value": "The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "availableFrom" + "@value": "hasHost" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies who or what supplied the artifact or VulnAssessmentRelationship\nreferenced by the Element." + "@value": "The `from` Element is a descendant of each `to` Element." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" + "@value": "descendantOf" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Person", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A collection of Elements, not necessarily with unifying context." + "@value": "An individual human being." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#IRI" } - ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N8929157c7efe42bc841dbfd89b99b11d" - }, - { - "@id": "_:Nefed1b52d2f6496b97c0190b2c835855" - }, - { - "@id": "_:N67796c4a56a14410a26e9f2ce1be68f1" - } ] }, { - "@id": "_:N8929157c7efe42bc841dbfd89b99b11d", - "http://www.w3.org/ns/shacl#class": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@language": "en", + "@value": "When a CVSS score is between 7.0 - 8.9" } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "high" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Sbom", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/element" + "@language": "en", + "@value": "A collection of SPDX Elements describing a single package." } - ] - }, - { - "@id": "_:Nefed1b52d2f6496b97c0190b2c835855", - "http://www.w3.org/ns/shacl#class": [ + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bom" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -11437,51 +11774,39 @@ "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement" + "@id": "_:N55c584c9343b4cc5ac02eeb80187912e" } ] }, { - "@id": "_:N67796c4a56a14410a26e9f2ce1be68f1", + "@id": "_:N55c584c9343b4cc5ac02eeb80187912e", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" } ], "http://www.w3.org/ns/shacl#in": [ { "@list": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed" } ] } @@ -11493,12 +11818,12 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/sbomType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" @@ -11506,374 +11831,355 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on)." + "@value": "(Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasHost" + "@value": "underInvestigationFor" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies the full text of a LicenseAddition." + "@value": "Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id)." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "cve" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides an EPSS assessment for a vulnerability." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "the Element is a software manifest" } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nb59ef1dc77cc42edbf207f77d9ba0183" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:Ncb477d2101a0490cbdb95bd60d0f26f8" + "@value": "manifest" } ] }, { - "@id": "_:Nb59ef1dc77cc42edbf207f77d9ba0183", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildId", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A buildId is a locally unique identifier used by a builder to identify a unique\ninstance of a build produced by it." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/probability" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:Ncb477d2101a0490cbdb95bd60d0f26f8", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/percentile" + "@value": "hasOptionalDependency" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data." + "@value": "data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "scrapingScript" + "@value": "timeseries" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4." + "@value": "Identifies the full text of a License, in SPDX templating format." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "blake2b384" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a map of a property names to a values." + "@value": "The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry" + "@value": "hasRequirement" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a social media channel for a package." + "@value": "(Security) Used to associate a `from` Artifact with each `to` Vulnerability." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "socialMedia" + "@value": "hasAssociatedVulnerability" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the Lite profile specification" - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "lite" + "@value": "Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange", + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Defines the end of a range." + "@value": "Property that describes the digest of the build configuration file used to\ninvoke a build." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Hash" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph", + "@id": "http://spdx.invalid./AbstractClass", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends." + "@value": "The `from` Element depends on each `to` Element, during a LifecycleScopeType period." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "graph" + "@value": "dependsOn" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies the exploit catalog type." + "@value": "Specifies the SPDX License List version in which this license or exception\nidentifier was deprecated." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc)" + "@value": "data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "file" + "@value": "text" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A canonical, unique, immutable identifier" - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@value": "the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nef10113630fe4db2805c74529b6a99a6" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:N116eda482e4e425b9d517b4425e4b035" + "@value": "support" } ] }, { - "@id": "_:Nef10113630fe4db2805c74529b6a99a6", - "http://www.w3.org/ns/shacl#class": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" + "@language": "en", + "@value": "A reference to the software support channel or other support information for a package." } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid" - } - ] + "@value": "support" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "data is a collection of images such as pictures of animals." } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "image" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "(Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType" + "@value": "affects" } ] }, { - "@id": "_:N116eda482e4e425b9d517b4425e4b035", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "A reference to the release notes for a package." } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "releaseNotes" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "The `from` Element statically links in each `to` Element, during a LifecycleScopeType period." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue" + "@value": "hasStaticLink" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -11881,77 +12187,68 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides information about the creation of the Element." + "@value": "Specifies a data package and its associated information." + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Package" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Nf7f6bc4271d04cee8faee878d57ac02a" + "@id": "_:N572e21a795934b14952d74a2f1735e4d" }, { - "@id": "_:N9535471470ab423d8247e678e9ab503e" + "@id": "_:N38af2a49869f44b58a3cc26f40e8fc6b" }, { - "@id": "_:N95be3331da044b68b149913e9b0a4565" + "@id": "_:N2a1f0770eea04f939e7c0a0ad6f3f5c0" }, { - "@id": "_:N1601f2b12a4e4d4ba186e005a8c8e5a1" + "@id": "_:N8828ae0192dc4a2592d48298e0e6ae49" }, { - "@id": "_:N17b7339ad49e4c1a843218d3214322cb" - } - ] - }, - { - "@id": "_:Nf7f6bc4271d04cee8faee878d57ac02a", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:Nd0fed502db934f74be77a11940c90b92" + }, { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ + "@id": "_:N351fc53950de470daa9906852a56f066" + }, { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ + "@id": "_:N528adefc2e304e29835e837cd2f09ded" + }, { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "@id": "_:Ne0cb841671954f96b8be1d3d9515c8e6" + }, { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ + "@id": "_:Ndd5a0693c7254e01ba2b7b2adf1cd1bf" + }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/specVersion" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ + "@id": "_:N248947f4915d49bd9738d6ed96bfc273" + }, { - "@value": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" + "@id": "_:N467e0980f4e64463895dbb9bddad3763" + }, + { + "@id": "_:Nbdff20ab74d444e7923acfcfc93aa93f" + }, + { + "@id": "_:N0f7aeed443954dbb99f22915269e1022" } ] }, { - "@id": "_:N9535471470ab423d8247e678e9ab503e", + "@id": "_:N572e21a795934b14952d74a2f1735e4d", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -11959,224 +12256,240 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" } ] }, { - "@id": "_:N95be3331da044b68b149913e9b0a4565", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N38af2a49869f44b58a3cc26f40e8fc6b", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#in": [ { - "@value": 1 + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear" + } + ] } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#maxCount": [ { "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/created" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ - { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" } ] }, { - "@id": "_:N1601f2b12a4e4d4ba186e005a8c8e5a1", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:N2a1f0770eea04f939e7c0a0ad6f3f5c0", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#maxCount": [ { "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdBy" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" } ] }, { - "@id": "_:N17b7339ad49e4c1a843218d3214322cb", - "http://www.w3.org/ns/shacl#class": [ + "@id": "_:N8828ae0192dc4a2592d48298e0e6ae49", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Tool" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/createdUsing" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/publishedTime", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Specifies the time when a vulnerability was published." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final)." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "@id": "_:Nd0fed502db934f74be77a11940c90b92", + "http://www.w3.org/ns/shacl#class": [ { - "@value": "vulnerabilityDisclosureReport" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#in": [ { - "@language": "en", - "@value": "Property that describes the URI of the build configuration source file." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`)." + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "hasOptionalComponent" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N351fc53950de470daa9906852a56f066", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "The `from` SPDXDocument can be found in a serialized form in each `to` Artifact." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "serializedInArtifact" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Element represents software that controls hardware devices" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "deviceDriver" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "@id": "_:N528adefc2e304e29835e837cd2f09ded", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#nonNegativeInteger" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "any hashing algorithm that does not exist in this list of entries" + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": "other" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", - "http://www.w3.org/ns/shacl#NodeShape" + "@id": "_:Ne0cb841671954f96b8be1d3d9515c8e6", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#in": [ { - "@language": "en", - "@value": "Abstract class for additional text intended to be added to a License, but\nwhich is not itself a standalone License." + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video" + } + ] } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -12184,29 +12497,14 @@ "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N84b4909b82594347beb7e02ebfe2bf3d" - }, - { - "@id": "_:N97ce06ca87fc4537a6c6dc92fde1c17d" - }, - { - "@id": "_:Ncdd27a40360244f4b93b3e89203f8c0a" - }, - { - "@id": "_:N29373aa4b58f46b79799267ef82a7560" - }, - { - "@id": "_:N07aebca7c47e4a0aa690b05d0ad25ee7" - }, + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:N1fdc6c5defd94c51ba02b2852676de39" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" } ] }, { - "@id": "_:N84b4909b82594347beb7e02ebfe2bf3d", + "@id": "_:Ndd5a0693c7254e01ba2b7b2adf1cd1bf", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -12217,11 +12515,6 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -12229,15 +12522,30 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" } ] }, { - "@id": "_:N97ce06ca87fc4537a6c6dc92fde1c17d", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N248947f4915d49bd9738d6ed96bfc273", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#boolean" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + } + ], + "http://www.w3.org/ns/shacl#in": [ + { + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion" + } + ] } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -12247,17 +12555,17 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" } ] }, { - "@id": "_:Ncdd27a40360244f4b93b3e89203f8c0a", + "@id": "_:N467e0980f4e64463895dbb9bddad3763", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -12275,93 +12583,158 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" } ] }, { - "@id": "_:N29373aa4b58f46b79799267ef82a7560", + "@id": "_:Nbdff20ab74d444e7923acfcfc93aa93f", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@value": 1 + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" + } + ] + }, + { + "@id": "_:N0f7aeed443954dbb99f22915269e1022", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" } ] }, { - "@id": "_:N07aebca7c47e4a0aa690b05d0ad25ee7", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/profileConformance", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@language": "en", + "@value": "Describes one a profile which the creator of this ElementCollection intends to\nconform to." + } + ], + "http://www.w3.org/2000/01/rdf-schema#range": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Portion of an AnyLicenseInfo representing a set of licensing information where\nonly one of the elements applies." + } + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso" + "@id": "_:N9d5ffd7f2e604801a117df3ae4173ca7" } ] }, { - "@id": "_:N1fdc6c5defd94c51ba02b2852676de39", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N9d5ffd7f2e604801a117df3ae4173ca7", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": 1 + "@value": 2 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" + } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", + "http://www.w3.org/ns/shacl#NodeShape" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ + { + "@language": "en", + "@value": "Provides an independently reproducible mechanism that permits verification of a specific Element." + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#BlankNode" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:N35ee75b04f344ca4bbba4728b2d270ec" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N35ee75b04f344ca4bbba4728b2d270ec", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "A license addition that is not listed on the SPDX Exceptions List." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" } ] }, @@ -12390,24 +12763,24 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Nd012fb2188e44b94903b7efd0c8c53d0" + "@id": "_:Nde75eca3500749429ee9ce44943634c8" }, { - "@id": "_:N32dc18aa1af0455ba3597422d68a9098" + "@id": "_:N842a0ff53b4041a6ba8d5c0f4fda8043" }, { - "@id": "_:N1ffefa99e7174ab483f5946da0df1768" + "@id": "_:Nc0868e8824514f64aac0b765a84ec4f2" }, { - "@id": "_:Ne4dfea47d8f54651aed05ef492b37057" + "@id": "_:N0684f8b934134c0b8df45cd7f8ad8b99" }, { - "@id": "_:N99b63d3f93db4aac8032206ead1e579a" + "@id": "_:N5f24716bf8884e029ddf0441758d775b" } ] }, { - "@id": "_:Nd012fb2188e44b94903b7efd0c8c53d0", + "@id": "_:Nde75eca3500749429ee9ce44943634c8", "http://www.w3.org/ns/shacl#class": [ { "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" @@ -12430,7 +12803,7 @@ ] }, { - "@id": "_:N32dc18aa1af0455ba3597422d68a9098", + "@id": "_:N842a0ff53b4041a6ba8d5c0f4fda8043", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" @@ -12458,7 +12831,7 @@ ] }, { - "@id": "_:N1ffefa99e7174ab483f5946da0df1768", + "@id": "_:Nc0868e8824514f64aac0b765a84ec4f2", "http://www.w3.org/ns/shacl#class": [ { "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" @@ -12481,7 +12854,7 @@ ] }, { - "@id": "_:Ne4dfea47d8f54651aed05ef492b37057", + "@id": "_:N0684f8b934134c0b8df45cd7f8ad8b99", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" @@ -12509,7 +12882,7 @@ ] }, { - "@id": "_:N99b63d3f93db4aac8032206ead1e579a", + "@id": "_:N5f24716bf8884e029ddf0441758d775b", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" @@ -12537,164 +12910,92 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`)." + "@value": "Describes the type of the given dataset." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "hasEvidence" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a CVSS version 3 assessment for a vulnerability." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "Defines the end of a range." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Na8f4d37cdcd2477a8d2e842f4c9fff5c" - }, - { - "@id": "_:Ne72f7867464a44e6831b81028dab197e" - }, + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "_:Nde350c5108664c448aebe424ca2c8f0a" + "@id": "http://www.w3.org/2001/XMLSchema#positiveInteger" } ] }, { - "@id": "_:Na8f4d37cdcd2477a8d2e842f4c9fff5c", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Identifies the full text of a LicenseAddition." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:Ne72f7867464a44e6831b81028dab197e", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" - } - ], - "http://www.w3.org/ns/shacl#in": [ - { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none" - } - ] - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "Specifies the amount of energy consumed when training the AI model that is\nbeing used in the AI system." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/severity" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" } ] }, { - "@id": "_:Nde350c5108664c448aebe424ca2c8f0a", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A License participating in an 'or later' model." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -12702,12 +13003,12 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Connects a vulnerability and an element designating the element as a product\naffected by the vulnerability." + "@value": "Portion of an AnyLicenseInfo representing a License which has additional\ntext applied to it." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship" + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -12717,171 +13018,71 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N1bf87eab41f14de88453b8f114b92632" + "@id": "_:N7e2f3f1e551a4c508d530d365c9079c0" }, { - "@id": "_:N46af972c39f14fc79ac9fe2141502e51" - } - ] - }, - { - "@id": "_:N1bf87eab41f14de88453b8f114b92632", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement" - } - ] - }, - { - "@id": "_:N46af972c39f14fc79ac9fe2141502e51", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ - { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "data that is classified into a discrete number of categories, such as the eye color of a population of people." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "categorical" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/percentile", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "The percentile of the current probability score." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Specifies the type of the content identifier." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType" + "@id": "_:Ncedebaaf5d1d4c7bb44b9bb1819ad770" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "@id": "_:N7e2f3f1e551a4c508d530d365c9079c0", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "the Element is an operating system" + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "operatingSystem" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "When a CVSS score is between 0.1 - 3.9" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "low" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Person", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "@id": "_:Ncedebaaf5d1d4c7bb44b9bb1819ad770", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "An individual human being." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#IRI" } + ], + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense" + } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -12889,101 +13090,98 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a Software Composition Analysis (SCA) report." + "@value": "A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "componentAnalysisReport" + "@value": "vulnerabilityExploitabilityAssessment" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/rootElement", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "This property is used to denote the root Element(s) of a tree of elements contained in a BOM." + "@value": "MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186)." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": "md4" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element has been copied to each `to` Element." + "@value": "A reference to the mailing list used by the maintainer for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "copiedTo" + "@value": "mailingList" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element provides a requirement needed as input for another Element" + "@value": "SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "requirement" + "@value": "sha1" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" + "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "[BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf)" + "@value": "SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a \"3rd party\" SBOM." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "blake3" + "@value": "analyzed" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Bundle", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element", "@type": [ "http://www.w3.org/2002/07/owl#Class", + "http://spdx.invalid./AbstractClass", "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A collection of Elements that have a shared context." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection" + "@value": "Base domain class from which all other SPDX-3.0 domain classes derive." } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -12993,12 +13191,36 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:Nd7e16ef7f54644429ec6bfd9a8390fdf" + "@id": "_:N5984614686c943f492f1ad4162a56228" + }, + { + "@id": "_:N1ccc7e7cb38d49618d110b57fbaaa03c" + }, + { + "@id": "_:N6c7f861a90944dbfa018da24c561367a" + }, + { + "@id": "_:N5a27bb4b030343b0ba3b1f5cc1f225ef" + }, + { + "@id": "_:Nb9962febba924b32b7c202ec51c78a9f" + }, + { + "@id": "_:N8ffd2e1ac7134951810767feb9a4ce2c" + }, + { + "@id": "_:Nf43dd14693b944929d0342fc0aeb9841" + }, + { + "@id": "_:N927bddef27754fc3a2bf4bab325a2bb2" + }, + { + "@id": "_:N1743126065d7472d82b878d45ad2b2d0" } ] }, { - "@id": "_:Nd7e16ef7f54644429ec6bfd9a8390fdf", + "@id": "_:N5984614686c943f492f1ad4162a56228", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -13016,302 +13238,268 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/context" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/name" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N1ccc7e7cb38d49618d110b57fbaaa03c", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186)." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "md4" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/startTime", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Specifies the time from which an element is applicable / valid." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/summary" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "@id": "_:N6c7f861a90944dbfa018da24c561367a", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "Information about the relationship between two Elements." + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Provides additional purpose information of the software artifact." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/description" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N5a27bb4b030343b0ba3b1f5cc1f225ef", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "(Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@value": "underInvestigationFor" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`)." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "hasAddedFile" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "@id": "_:Nb9962febba924b32b7c202ec51c78a9f", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "data is recorded from a physical sensor, such as a thermometer reading or biometric device." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@value": "sensor" + "@value": 1 } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period." + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "configures" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/creationInfo" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "@id": "_:N8ffd2e1ac7134951810767feb9a4ce2c", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + } + ], + "http://www.w3.org/ns/shacl#path": [ { - "@language": "en", - "@value": "Specifies the SSVC decision type." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" + "@id": "_:Nf43dd14693b944929d0342fc0aeb9841", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Megajoule." + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "megajoule" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalRef" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "@id": "_:N927bddef27754fc3a2bf4bab325a2bb2", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "the element follows the expanded Licensing profile specification" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "expandedLicensing" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "@id": "_:N1743126065d7472d82b878d45ad2b2d0", + "http://www.w3.org/ns/shacl#class": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "the Element is a single or a collection of source files" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "source" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/extension" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SbomType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an \"Instrumented\" or \"Dynamic\" SBOM." + "@value": "Specified the time and date when a vulnerability was withdrawn." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "runtime" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/extension", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a License author's preferred text to indicate that a file is covered\nby the License." + "@value": "Specifies an Extension characterization of some aspect of an Element." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Dataset may be distributed freely, without restriction." + "@value": "Timestamp of impact statement." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "clear" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element provides low level control over a device's hardware" + "@value": "data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "firmware" + "@value": "graph" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes methods that can be used to explain the results from the AI model." + "@value": "(Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "hasAssessmentFor" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" @@ -13319,12 +13507,12 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing." + "@value": "data is of a type not included in this list." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "syntactic" + "@value": "other" } ] }, @@ -13346,210 +13534,201 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/packageVersion", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identify the version of a package." + "@value": "A reference to the documentation for a package." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "documentation" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Specifies a data package and its associated information." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Package" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@value": "The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nab5e605b75014ba180e83188639eccea" - }, - { - "@id": "_:N0926cffa7ff54b62914de82e6dda971b" - }, - { - "@id": "_:N166e531d403c499da8699e1cbafa83e2" - }, - { - "@id": "_:Nae5d16b4cf8f4e5b89a5360b7ba27110" - }, - { - "@id": "_:Nd781f5e5ab7a44248bbafa44e088db68" - }, - { - "@id": "_:N030c65d2c5cb40fca319786ae7c0a586" - }, - { - "@id": "_:N78bf09805a494d5690a53a1d41c823b9" - }, - { - "@id": "_:N16ffe6992555405d94430b740912d3f1" - }, - { - "@id": "_:N1a06df03be6044d9ad4f17be55c85eb1" - }, - { - "@id": "_:N1b79db887aba439b84c4d953b6b6292d" - }, - { - "@id": "_:Nc516b57913944b54b1fc8a072dfa95c5" - }, - { - "@id": "_:N4db069216eb14870b7a3e52864b8134e" - }, + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "_:Nacd7399b876d498ebecec321036204f4" + "@value": "vulnerableCodeCannotBeControlledByAdversary" } ] }, { - "@id": "_:Nab5e605b75014ba180e83188639eccea", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the \"install\" section of [Bower API documentation](https://bower.io/docs/api/#install)." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed" + "@value": "bower" } ] }, { - "@id": "_:N0926cffa7ff54b62914de82e6dda971b", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear" - } - ] + "@language": "en", + "@value": "the Element is a software framework" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "framework" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "the Element is a plan, guideline or strategy how to create, perform or analyse an application" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel" + "@value": "specification" } ] }, { - "@id": "_:N166e531d403c499da8699e1cbafa83e2", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org)." } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": "nuget" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/AIPackage", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess" + "@language": "en", + "@value": "Specifies an AI package and its associated information." } - ] - }, - { - "@id": "_:Nae5d16b4cf8f4e5b89a5360b7ba27110", - "http://www.w3.org/ns/shacl#datatype": [ + ], + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Package" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing" + "@id": "_:Nd94cf9e914b84a66b87cd7ddf21ffb19" + }, + { + "@id": "_:N45d1d3a94b7645f6882c867934b92d18" + }, + { + "@id": "_:N841c14c6358842848fed53fbaf858bd2" + }, + { + "@id": "_:N0fc23013b3cc4b2681ba6a1053edba17" + }, + { + "@id": "_:Ndebe2feff7b547e18212c039b5ce1295" + }, + { + "@id": "_:N7834e705028e429a80f5de85f6b54deb" + }, + { + "@id": "_:Nfb588a34216e4ba3a5486a50a6cda99c" + }, + { + "@id": "_:N4920beead15b454a8ab28bb477e3f770" + }, + { + "@id": "_:N84fed28911b148108f7186d91c187cc3" + }, + { + "@id": "_:Na805cdc64a2e4c379bce6cdfa20b9cdf" + }, + { + "@id": "_:Nb713bc4d06a64dc4b4877da3c514b0ec" + }, + { + "@id": "_:N75a6121ec61a486ebed97314ee9b2768" + }, + { + "@id": "_:Ne5740b7e25234fcc9327b0bf41518ca8" + }, + { + "@id": "_:N4b3936de634f4ee880077bbc2910c7c8" + }, + { + "@id": "_:N3d679ac7ae1e4257a9b688e330809ce1" } ] }, { - "@id": "_:Nd781f5e5ab7a44248bbafa44e088db68", + "@id": "_:Nd94cf9e914b84a66b87cd7ddf21ffb19", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" } ], "http://www.w3.org/ns/shacl#in": [ { "@list": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion" } ] } @@ -13566,22 +13745,17 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType" } ] }, { - "@id": "_:N030c65d2c5cb40fca319786ae7c0a586", + "@id": "_:N45d1d3a94b7645f6882c867934b92d18", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" } ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#Literal" @@ -13589,15 +13763,15 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/domain" } ] }, { - "@id": "_:N78bf09805a494d5690a53a1d41c823b9", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N841c14c6358842848fed53fbaf858bd2", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#nonNegativeInteger" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -13607,88 +13781,35 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption" } ] }, { - "@id": "_:N16ffe6992555405d94430b740912d3f1", + "@id": "_:N0fc23013b3cc4b2681ba6a1053edba17", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" - } - ], - "http://www.w3.org/ns/shacl#in": [ - { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video" - } - ] - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter" } ] }, { - "@id": "_:N1a06df03be6044d9ad4f17be55c85eb1", + "@id": "_:Ndebe2feff7b547e18212c039b5ce1295", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -13706,30 +13827,15 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication" } ] }, { - "@id": "_:N1b79db887aba439b84c4d953b6b6292d", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" - } - ], - "http://www.w3.org/ns/shacl#in": [ + "@id": "_:N7834e705028e429a80f5de85f6b54deb", + "http://www.w3.org/ns/shacl#datatype": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion" - } - ] + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -13739,17 +13845,17 @@ ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining" } ] }, { - "@id": "_:Nc516b57913944b54b1fc8a072dfa95c5", + "@id": "_:Nfb588a34216e4ba3a5486a50a6cda99c", "http://www.w3.org/ns/shacl#datatype": [ { "@id": "http://www.w3.org/2001/XMLSchema#string" @@ -13767,30 +13873,30 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/limitation" } ] }, { - "@id": "_:N4db069216eb14870b7a3e52864b8134e", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "_:N4920beead15b454a8ab28bb477e3f770", + "http://www.w3.org/ns/shacl#class": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metric" } ] }, { - "@id": "_:Nacd7399b876d498ebecec321036204f4", + "@id": "_:N84fed28911b148108f7186d91c187cc3", "http://www.w3.org/ns/shacl#class": [ { "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" @@ -13801,253 +13907,143 @@ "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/sensor" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "The product is not affected because the code underlying the vulnerability is not present in the product." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "vulnerableCodeNotPresent" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption", - "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Specifies the amount of energy consumed when finetuning the AI model that is\nbeing used in the AI system." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id)." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "cve" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc." - } - ], - "http://www.w3.org/2000/01/rdf-schema#label": [ - { - "@value": "diskImage" - } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/context", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ - { - "@language": "en", - "@value": "Gives information about the circumstances or unifying properties\nthat Elements of the bundle have been assembled under." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" + "@id": "_:Na805cdc64a2e4c379bce6cdfa20b9cdf", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "The affected code is not reachable through the execution of the code, including non-anticipated states of the product." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "vulnerableCodeNotInExecutePath" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "@id": "_:Nb713bc4d06a64dc4b4877da3c514b0ec", + "http://www.w3.org/ns/shacl#datatype": [ + { + "@id": "http://www.w3.org/2001/XMLSchema#string" + } ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@language": "en", - "@value": "Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`)." + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "hasMetadata" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/statusNotes", - "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N75a6121ec61a486ebed97314ee9b2768", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "Conveys information about how VEX status was determined." + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#in": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low" + } + ] } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/Element" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@language": "en", - "@value": "An Individual Value for Element representing a set of Elements of unknown\nidentify or cardinality (number)." + "@value": 1 } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "http://www.w3.org/ns/shacl#IRI" } ], - "http://www.w3.org/2002/07/owl#sameAs": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:Ne5740b7e25234fcc9327b0bf41518ca8", + "http://www.w3.org/ns/shacl#datatype": [ { - "@language": "en", - "@value": "A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element." + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:N2f0b4c9eb75743ed8e50bebbbd5bdf55" - }, + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:N543d63687b8b48a6940b62df555fb341" - }, + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance" + } + ] + }, + { + "@id": "_:N4b3936de634f4ee880077bbc2910c7c8", + "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "_:Nf7116fd5f105424193ffeab05e57b9e7" - }, + "@id": "http://www.w3.org/2001/XMLSchema#string" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "_:Nc9d36bf2e3d64cf2af1458f196df6340" - }, + "@id": "http://www.w3.org/ns/shacl#Literal" + } + ], + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:N7eb74701665643a5a1f447f33c3ae717" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel" } ] }, { - "@id": "_:N2f0b4c9eb75743ed8e50bebbbd5bdf55", + "@id": "_:N3d679ac7ae1e4257a9b688e330809ce1", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" } ], "http://www.w3.org/ns/shacl#in": [ { "@list": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no" }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion" } ] } @@ -14057,11 +14053,6 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } - ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#IRI" @@ -14069,199 +14060,258 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation" } ] }, { - "@id": "_:N543d63687b8b48a6940b62df555fb341", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "Enumeration of the valid profiles." } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "(Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent." } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "publishedBy" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "the element follows the simple Licensing profile specification" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifier" + "@value": "simpleLicensing" } ] }, { - "@id": "_:Nf7116fd5f105424193ffeab05e57b9e7", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "Element is a bill of materials" } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "bom" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/comment" + "@value": "inlineMitigationsAlreadyExist" } ] }, { - "@id": "_:Nc9d36bf2e3d64cf2af1458f196df6340", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A reference to a certification report for a package from an accredited/independent body." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator" + "@value": "certificationReport" } ] }, { - "@id": "_:N7eb74701665643a5a1f447f33c3ae717", - "http://www.w3.org/ns/shacl#datatype": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@language": "en", + "@value": "The `from` Element has manifest files that contain dependency information in each `to` Element." } ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "hasDependencyManifest" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vexVersion", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "Specifies the version of a VEX statement." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service." + "@value": "A reference to a runtime analysis report for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "deployed" + "@value": "runtimeAnalysisReport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" + "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org)." + "@value": "the element follows the Security profile specification" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "nuget" + "@value": "security" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" + "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The second-highest level of risk posed by an AI system." + "@value": "When a CVSS score is between 9.0 - 10.0" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "high" + "@value": "critical" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/completeness", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides information about the completeness of relationships." + "@value": "Specifies the type of an external reference." } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness" + "@language": "en", + "@value": "(Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "exploitCreatedBy" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Identifies an external Element used within a Document but defined external to\nthat Document." + "@value": "the Element is a container image which can be used by a container runtime application" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#anyURI" + "@value": "container" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/actionStatement", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/domain", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides advise on how to mitigate or remediate a vulnerability when a VEX product\nis affected by it." + "@value": "Captures the domain in which the AI package can be used." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -14271,7 +14321,7 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship", "@type": [ "http://www.w3.org/2002/07/owl#Class", "http://www.w3.org/ns/shacl#NodeShape" @@ -14279,12 +14329,12 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Portion of an AnyLicenseInfo representing a set of licensing information where\nonly one of the elements applies." + "@value": "Provide context for a relationship that occurs in the lifecycle." } ], "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Relationship" } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -14294,20 +14344,44 @@ ], "http://www.w3.org/ns/shacl#property": [ { - "@id": "_:N3b8d4dc8e41944fb8b5f88b7eed53a6b" + "@id": "_:N2c5c8f09a37549e88b3274c0b9264465" } ] }, { - "@id": "_:N3b8d4dc8e41944fb8b5f88b7eed53a6b", + "@id": "_:N2c5c8f09a37549e88b3274c0b9264465", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/ns/shacl#in": [ { - "@value": 2 + "@list": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime" + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other" + } + ] + } + ], + "http://www.w3.org/ns/shacl#maxCount": [ + { + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -14317,78 +14391,72 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/scope" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/autonomyType", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Indicates whether the system can perform a decision or action without human\ninvolvement or guidance." + "@value": "Any other units of energy measurement." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" + "@value": "other" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/exploited", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Categories of presence or absence." + "@value": "Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog." } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType", - "@type": [ - "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@language": "en", - "@value": "Availability of dataset." + "@id": "http://www.w3.org/2001/XMLSchema#boolean" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships." + "@value": "Indicates absence of the field." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "fixedIn" + "@value": "no" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes all the preprocessing steps applied to the training data before the\nmodel training." + "@value": "Specifies the CVSS vector string for a vulnerability." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -14398,174 +14466,155 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "An Individual Value for License where the SPDX data creator determines that no\nlicense is present." - } - ], - "http://www.w3.org/2000/01/rdf-schema#range": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo" - } - ], - "http://www.w3.org/2002/07/owl#sameAs": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Licensing/None" + "@value": "Specifies the CVSS base, temporal, threat, or environmental severity type." } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`)." + "@value": "data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "hasTestCase" + "@value": "timestamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is a software manifest" + "@value": "the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "manifest" + "@value": "registration" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "(Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent." + "@value": "Specifies the amount of energy consumed during inference time by an AI model\nthat is being used in the AI system." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "republishedBy" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/Snippet", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period." + "@value": "Describes a certain part of a file." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": "hasRequirement" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" + } + ], + "http://www.w3.org/ns/shacl#property": [ + { + "@id": "_:N8c48049e5c644529bbab44a7b8509bbe" + }, + { + "@id": "_:N10470f6e495146e3b97f1775a5c8b35f" + }, + { + "@id": "_:N823532744b8a4282a1e51155c1494e2a" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", - "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/Element" - ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "@id": "_:N8c48049e5c644529bbab44a7b8509bbe", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "An Individual Value for Element representing a set of Elements with\ncardinality (number/count) of zero." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@value": 1 } ], - "http://www.w3.org/2002/07/owl#sameAs": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } - ] - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship", - "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/2000/01/rdf-schema#comment": [ + "http://www.w3.org/ns/shacl#path": [ + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/byteRange" + } + ] + }, + { + "@id": "_:N10470f6e495146e3b97f1775a5c8b35f", + "http://www.w3.org/ns/shacl#class": [ { - "@language": "en", - "@value": "Provides an SSVC assessment for a vulnerability." + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange" } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/ns/shacl#maxCount": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" } ], - "http://www.w3.org/ns/shacl#property": [ + "http://www.w3.org/ns/shacl#path": [ { - "@id": "_:Nb9308a5e89c341688a2ccc326ed6aad1" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/lineRange" } ] }, { - "@id": "_:Nb9308a5e89c341688a2ccc326ed6aad1", + "@id": "_:N823532744b8a4282a1e51155c1494e2a", "http://www.w3.org/ns/shacl#class": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" - } - ], - "http://www.w3.org/ns/shacl#in": [ - { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar" - } - ] + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/File" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -14585,12 +14634,12 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/decisionType" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" @@ -14598,224 +14647,241 @@ "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A reference build system used to create or publish the package." + "@value": "A reference to the issue tracker for a package." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "buildSystem" + "@value": "issueTracker" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", + "@id": "https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the Element is a software framework" + "@value": "Identifies the full text of a License or Addition." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "framework" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "data is a collection of images such as pictures of animals." + "@value": "The `from` Element has been copied to each `to` Element." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "image" + "@value": "copiedTo" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build", + "@id": "https://spdx.org/rdf/3.0.1/terms/Build/parameters", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the Build profile specification" + "@value": "Property describing the parameters used in an instance of a build." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@value": "build" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness." + "@value": "data type is not known." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "noAssertion" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid", + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense", "@type": [ - "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType" + "http://www.w3.org/2002/07/owl#Class" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`." + "@value": "A license that is not listed on the SPDX License List." } ], - "http://www.w3.org/2000/01/rdf-schema#label": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@value": "swhid" + "@id": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License" + } + ], + "http://www.w3.org/ns/shacl#nodeKind": [ + { + "@id": "http://www.w3.org/ns/shacl#IRI" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport", "@type": [ - "http://www.w3.org/2002/07/owl#Class" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Categories of confidentiality level." + "@value": "A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final)." + } + ], + "http://www.w3.org/2000/01/rdf-schema#label": [ + { + "@value": "vulnerabilityDisclosureReport" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime", "@type": [ - "http://www.w3.org/2002/07/owl#ObjectProperty" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Indicates the amount of energy consumption incurred by an AI model." + "@value": "Specifies until when the artifact can be used before its usage needs to be\nreassessed." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption" + "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" + "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines." + "@value": "(Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "track" + "@value": "hasEvidence" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Build/buildId", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A buildId is a locally unique identifier used by a builder to identify a unique\ninstance of a build produced by it." + "@value": "The software is not affected because the vulnerable component is not in the product." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "componentNotPresent" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes how the dataset was collected." + "@value": "A reference to related security information of unspecified type." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "securityOther" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix", "@type": [ - "http://www.w3.org/2002/07/owl#DatatypeProperty" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Records the biases that the dataset is known to encompass." + "@value": "A reference to the patch or source code that fixes a vulnerability." } ], - "http://www.w3.org/2000/01/rdf-schema#range": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": "securityFix" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries", + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" + "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day." + "@value": "the Element is an operating system" } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "timeseries" + "@value": "operatingSystem" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess", "@type": [ "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Describes potentially noisy elements of the dataset." + "@value": "Describes how the dataset was collected." } ], "http://www.w3.org/2000/01/rdf-schema#range": [ @@ -14825,144 +14891,123 @@ ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A relationship has other specific context information necessary to capture that the above set of enumerations does not handle." + "@value": "data is audio based, such as a collection of music from the 80s." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "other" + "@value": "audio" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Artifact", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/energyUnit", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://spdx.invalid./AbstractClass", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#ObjectProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A distinct article or unit within the digital domain." + "@value": "Specifies the unit in which energy is measured." } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "Describes the confidentiality level of the data points contained in the dataset." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Na05235b544a241baa176d74f0e14f62f" - }, - { - "@id": "_:N181a56b746e04042b562daa597b9d293" - }, - { - "@id": "_:Nbdb110f48b124f83aac5a3ab4441d73d" - }, - { - "@id": "_:N6cdb1eb2b5fa43faa135818c734b43f9" - }, - { - "@id": "_:N6101362c86f043baaa41343ce81f16f4" - }, - { - "@id": "_:Ne60bc3e2c31848dda8c61a9eb0945ee1" - }, + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "_:Nf21ca7cfbab04b31a06856bea73ccadb" + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType" } ] }, { - "@id": "_:Na05235b544a241baa176d74f0e14f62f", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/description", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "Provides a detailed description of the Element." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/originatedBy" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:N181a56b746e04042b562daa597b9d293", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "Low/no risk is posed by an AI system." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy" + "@value": "low" } ] }, { - "@id": "_:Nbdb110f48b124f83aac5a3ab4441d73d", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap", + "@type": [ + "http://www.w3.org/2002/07/owl#Class", + "http://www.w3.org/ns/shacl#NodeShape" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "A mapping between prefixes and namespace partial URIs." } ], "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@id": "http://www.w3.org/ns/shacl#BlankNode" } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#property": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/builtTime" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ + "@id": "_:Ne928de00c75a45d78f286a9018ddead5" + }, { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + "@id": "_:Na9f424d5441f4582ac5c98b23db46e96" } ] }, { - "@id": "_:N6cdb1eb2b5fa43faa135818c734b43f9", + "@id": "_:Ne928de00c75a45d78f286a9018ddead5", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -14970,27 +15015,27 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@value": 1 } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/ns/shacl#nodeKind": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/releaseTime" + "@id": "http://www.w3.org/ns/shacl#Literal" } ], - "http://www.w3.org/ns/shacl#pattern": [ + "http://www.w3.org/ns/shacl#path": [ { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/prefix" } ] }, { - "@id": "_:N6101362c86f043baaa41343ce81f16f4", + "@id": "_:Na9f424d5441f4582ac5c98b23db46e96", "http://www.w3.org/ns/shacl#datatype": [ { - "@id": "http://www.w3.org/2001/XMLSchema#dateTimeStamp" + "@id": "http://www.w3.org/2001/XMLSchema#anyURI" } ], "http://www.w3.org/ns/shacl#maxCount": [ @@ -14998,27 +15043,9 @@ "@value": 1 } ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#Literal" - } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime" - } - ], - "http://www.w3.org/ns/shacl#pattern": [ - { - "@value": "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" - } - ] - }, - { - "@id": "_:Ne60bc3e2c31848dda8c61a9eb0945ee1", - "http://www.w3.org/ns/shacl#datatype": [ + "http://www.w3.org/ns/shacl#minCount": [ { - "@id": "http://www.w3.org/2001/XMLSchema#string" + "@value": 1 } ], "http://www.w3.org/ns/shacl#nodeKind": [ @@ -15028,226 +15055,199 @@ ], "http://www.w3.org/ns/shacl#path": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/standardName" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/namespace" } ] }, { - "@id": "_:Nf21ca7cfbab04b31a06856bea73ccadb", - "http://www.w3.org/ns/shacl#class": [ + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Organization", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" + ], + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType" + "@language": "en", + "@value": "A group of people who work together in an organized way for a shared purpose." } ], - "http://www.w3.org/ns/shacl#in": [ + "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ { - "@list": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport" - }, - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion" - } - ] + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Agent" } ], "http://www.w3.org/ns/shacl#nodeKind": [ { "@id": "http://www.w3.org/ns/shacl#IRI" } - ], - "http://www.w3.org/ns/shacl#path": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/supportLevel" - } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing", + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType" + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "the element follows the simple Licensing profile specification" + "@value": "data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "simpleLicensing" + "@value": "syntactic" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension", + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/percentile", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "A type of extension consisting of a list of name value pairs." - } - ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/Extension" - } - ], - "http://www.w3.org/ns/shacl#nodeKind": [ - { - "@id": "http://www.w3.org/ns/shacl#BlankNode" + "@value": "The percentile of the current probability score." } ], - "http://www.w3.org/ns/shacl#property": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "_:Nd7bd2f59aa0849428381e795157c443d" + "@id": "http://www.w3.org/2001/XMLSchema#decimal" } ] }, { - "@id": "_:Nd7bd2f59aa0849428381e795157c443d", - "http://www.w3.org/ns/shacl#class": [ - { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry" - } - ], - "http://www.w3.org/ns/shacl#minCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#BlankNodeOrIRI" + "@language": "en", + "@value": "the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty" + "@value": "clickthrough" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", "@type": [ "http://www.w3.org/2002/07/owl#NamedIndividual", - "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose" + "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Element is documentation" + "@value": "SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final)." } ], "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": "documentation" + "@value": "sha3_256" } ] }, { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship", + "@id": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", "@type": [ - "http://www.w3.org/2002/07/owl#Class", - "http://www.w3.org/ns/shacl#NodeShape" + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType" ], "http://www.w3.org/2000/01/rdf-schema#comment": [ { "@language": "en", - "@value": "Provides a CVSS version 2.0 assessment for a vulnerability." + "@value": "The second-highest level of risk posed by an AI system." } ], - "http://www.w3.org/2000/01/rdf-schema#subClassOf": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship" + "@value": "high" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#IRI" + "@language": "en", + "@value": "A name used in a CdxExtension name-value pair." } ], - "http://www.w3.org/ns/shacl#property": [ - { - "@id": "_:Nb92dee53fe1d4dd18bbfaccacf744cb2" - }, + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "_:N92808001663c40a2a9d3decf4fedfd4e" + "@id": "http://www.w3.org/2001/XMLSchema#string" } ] }, { - "@id": "_:Nb92dee53fe1d4dd18bbfaccacf744cb2", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#decimal" - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", + "@type": [ + "http://www.w3.org/2002/07/owl#NamedIndividual", + "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType" ], - "http://www.w3.org/ns/shacl#maxCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible." } ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#label": [ { - "@value": 1 + "@value": "act" } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier", + "@type": [ + "http://www.w3.org/2002/07/owl#DatatypeProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "A canonical, unique, immutable identifier of the artifact content, that may be\nused for verifying its identity and/or integrity." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/score" + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier" } ] }, { - "@id": "_:N92808001663c40a2a9d3decf4fedfd4e", - "http://www.w3.org/ns/shacl#datatype": [ - { - "@id": "http://www.w3.org/2001/XMLSchema#string" - } - ], - "http://www.w3.org/ns/shacl#maxCount": [ - { - "@value": 1 - } + "@id": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType", + "@type": [ + "http://www.w3.org/2002/07/owl#Class" ], - "http://www.w3.org/ns/shacl#minCount": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@value": 1 + "@language": "en", + "@value": "Enumeration of the different kinds of SPDX file." } + ] + }, + { + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/from", + "@type": [ + "http://www.w3.org/2002/07/owl#ObjectProperty" ], - "http://www.w3.org/ns/shacl#nodeKind": [ + "http://www.w3.org/2000/01/rdf-schema#comment": [ { - "@id": "http://www.w3.org/ns/shacl#Literal" + "@language": "en", + "@value": "References the Element on the left-hand side of a relationship." } ], - "http://www.w3.org/ns/shacl#path": [ + "http://www.w3.org/2000/01/rdf-schema#range": [ { - "@id": "https://spdx.org/rdf/3.0.1/terms/Security/vectorString" + "@id": "https://spdx.org/rdf/3.0.1/terms/Core/Element" } ] } diff --git a/v3.0.1-draft/model/spdx-model.pretty-xml b/v3.0.1-draft/model/spdx-model.pretty-xml index 85a8938b1d..bf9d96d70b 100644 --- a/v3.0.1-draft/model/spdx-model.pretty-xml +++ b/v3.0.1-draft/model/spdx-model.pretty-xml @@ -1,71 +1,26 @@ - - - An assertion made in relation to one or more elements. - - - - - - - - - - - - 1 - 1 - - - - - - ^[^\/]+\/[^\/]+$ - - - 1 - - - - - - - - 1 - - - - - - - - 1 - 1 - - - - + - A license that is listed on the SPDX License List. - + A license exception that is listed on the SPDX Exceptions list. + - + @@ -73,7 +28,7 @@ - + @@ -81,154 +36,74 @@ - + - Provides an exploit assessment of a vulnerability. - + Links a vulnerability and one or more elements designating the latter as products +not affected by the vulnerability. + - - - + + + - - + + + + + - 1 1 - - - + + + - 1 1 - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + - 1 - 1 - - - - - - Provide context for a relationship that occurs in the lifecycle. - - - - - - - - - - - - - - - 1 - - - Portion of an AnyLicenseInfo representing a set of licensing information -where all elements apply. - - - - - - - - 2 - - - - + - Provides an EPSS assessment for a vulnerability. - + Specifies a vulnerability and its associated information. + - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + - 1 1 - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + - 1 - 1 - - - - - - Portion of an AnyLicenseInfo representing this version, or any later version, -of the indicated License. - - - - - - - - 1 - 1 - - - - - - An Individual Value for License where the SPDX data creator determines that no -license is present. - - - - - - Describes a certain part of a file. - - - - - - - - 1 - - - - - - - 1 - - - - - 1 + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + 1 @@ -239,14 +114,14 @@ license is present. - + - + @@ -260,7 +135,7 @@ license is present. - + @@ -268,14 +143,14 @@ license is present. - + - + @@ -290,7 +165,7 @@ license is present. - + @@ -298,7 +173,7 @@ license is present. - + @@ -306,7 +181,7 @@ license is present. - + @@ -330,7 +205,7 @@ license is present. - + @@ -338,7 +213,7 @@ license is present. - + @@ -351,7 +226,7 @@ license is present. - + @@ -359,114 +234,216 @@ license is present. - + - + - + - Specifies an AI package and its associated information. - + Portion of an AnyLicenseInfo representing a set of licensing information +where all elements apply. + - - - + + + - - - - - - 1 + 2 + + + + An SPDX Element containing an SPDX license expression string. + + - - + + + 1 + 1 - - - - + + + ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ + + 1 - - + + + + + + An Individual Value for License where the SPDX data creator determines that no +license is present. + + + + + + A collection of SPDX Elements that could potentially be serialized. + + - - - - - 1 + + + + - - - - - 1 + + + + - - - - - 1 + + + + + 1 + + + + + + Provides an SSVC assessment for a vulnerability. + + + + + + + + + + + + + + 1 + 1 + + + + + + Specifies an AI package and its associated information. + + + + + + + + + + + + + 1 + + + + + + + + + + + + + + + 1 + + + + + + + + + + + + + + + 1 + + + + + + + + 1 + + + + + + + + 1 - + - + - + - + - + @@ -480,21 +457,21 @@ license is present. - + - + - + @@ -507,26 +484,16 @@ license is present. - + - Portion of an AnyLicenseInfo representing a License which has additional -text applied to it. - + A license or addition that is not listed on the SPDX License List. + - - - - - 1 - 1 - - - - - - - + + + + 1 1 @@ -539,7 +506,7 @@ affected by the vulnerability. - + @@ -547,7 +514,7 @@ affected by the vulnerability. - + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ @@ -555,111 +522,98 @@ affected by the vulnerability. - - - A license or addition that is not listed on the SPDX License List. - - - - - - - - 1 - 1 - - - - + - Links a vulnerability and one or more elements designating the latter as products -not affected by the vulnerability. - + Describes a certain part of a file. + - - - - - - - - - - - + + + + 1 - - - - + + + + 1 - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - + + + + + 1 1 - - - An Individual Value for Element representing a set of Elements with -cardinality (number/count) of zero. - - - - + - Portion of an AnyLicenseInfo representing a set of licensing information where -only one of the elements applies. + Portion of an AnyLicenseInfo representing a License which has additional +text applied to it. - - - + + + - 2 + 1 + 1 + + + + + + + + 1 + 1 - + - Specifies a vulnerability and its associated information. - + Provides a CVSS version 3 assessment for a vulnerability. + - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + 1 1 - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - + + + + + + + + + + + + 1 1 - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + 1 1 @@ -671,20 +625,13 @@ value. - - - An Individual Value for Element representing a set of Elements of unknown -identify or cardinality (number). - - - - + - A license exception that is listed on the SPDX Exceptions list. - + A license that is listed on the SPDX License List. + - + @@ -692,7 +639,7 @@ identify or cardinality (number). - + @@ -700,45 +647,71 @@ identify or cardinality (number). - + + + An Individual Value for Element representing a set of Elements with +cardinality (number/count) of zero. + + + + + A license that is not listed on the SPDX License List. + + + + + An individual human being. + + + + - An SPDX Element containing an SPDX license expression string. - + Provides a CVSS version 4 assessment for a vulnerability. + - - - + + + 1 1 - - - ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ - - + + + + + + + + + + + + 1 1 - - - - + + + + + 1 + 1 - + - Provides a CVSS version 4 assessment for a vulnerability. + Provides an EPSS assessment for a vulnerability. - - + + 1 @@ -746,38 +719,132 @@ identify or cardinality (number). - - - + + + + + 1 + 1 + + + + + + An Individual Value for Element representing a set of Elements of unknown +identify or cardinality (number). + + + + + + System Package Data Exchange (SPDX) Ontology + This ontology defines the terms and relationships used in the SPDX specification to describe system packages + 2024-04-05 + SPDX Project + + + System Package Data Exchange (SPDX) Ontology + Copyright (C) 2024 SPDX Project + + + + An assertion made in relation to one or more elements. + + + + + + - - - - - + + 1 1 - - + + + ^[^\/]+\/[^\/]+$ + + + 1 + + + + + + 1 + + + + + + + + 1 + 1 + + + + + Links a vulnerability and elements representing products (in the VEX sense) where +a fix has been applied and are no longer affected. + + + + + + Portion of an AnyLicenseInfo representing this version, or any later version, +of the indicated License. + + + + + + + 1 1 + + A group of people who work together in an organized way for a shared purpose. + + + + + + Portion of an AnyLicenseInfo representing a set of licensing information where +only one of the elements applies. + + + + + + + + 2 + + + + + A software agent. + + + Class that describes a build instance of software/artifacts. - + @@ -786,7 +853,7 @@ identify or cardinality (number). - + @@ -794,35 +861,35 @@ identify or cardinality (number). - + - + - + - + - + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ @@ -831,7 +898,7 @@ identify or cardinality (number). - + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ @@ -840,36 +907,34 @@ identify or cardinality (number). - + - - A group of people who work together in an organized way for a shared purpose. - - + + + A type of extension consisting of a list of name value pairs. + + + + + + + + 1 + + - - - System Package Data Exchange (SPDX) Ontology - This ontology defines the terms and relationships used in the SPDX specification to describe system packages - 2024-04-05 - SPDX Project - - - System Package Data Exchange (SPDX) Ontology - Copyright (C) 2024 SPDX Project - Provides a CVSS version 2.0 assessment for a vulnerability. - + @@ -878,7 +943,7 @@ identify or cardinality (number). - + @@ -887,59 +952,32 @@ identify or cardinality (number). - + - Provides an SSVC assessment for a vulnerability. - + A collection of SPDX Elements describing a single package. + - - - + + + - - - - + + + + + + - 1 - 1 - - A license addition that is not listed on the SPDX Exceptions List. - - - - - - A collection of SPDX Elements that could potentially be serialized. - + + Designates elements as products where the impact of a vulnerability is being +investigated. + - - - - - - - - - - - - - - - - - - - - 1 - - @@ -947,7 +985,7 @@ identify or cardinality (number). - + @@ -979,7 +1017,7 @@ identify or cardinality (number). - + @@ -988,136 +1026,122 @@ identify or cardinality (number). - + - - Designates elements as products where the impact of a vulnerability is being -investigated. - - - - - A software agent. - - - - + - A collection of SPDX Elements describing a single package. - + Provides an exploit assessment of a vulnerability. + - - - + + + - - - - - - + + + 1 + 1 - - - Links a vulnerability and elements representing products (in the VEX sense) where -a fix has been applied and are no longer affected. - - - - - An individual human being. - - - - - A license that is not listed on the SPDX License List. - - - - - - A type of extension consisting of a list of name value pairs. - - - - - - + + + + 1 + 1 - - - - Provides a CVSS version 3 assessment for a vulnerability. - - - - - + + + 1 1 + + + + Provide context for a relationship that occurs in the lifecycle. + + - - - + + + - - - - - + + + + + + - 1 + 1 + + + + + A license addition that is not listed on the SPDX Exceptions List. + + + + + Property that describes the URI of the build configuration source file. + + + + Impact justification label to be used when linking a vulnerability to an element +representing a VEX product with a VexNotAffectedVulnAssessmentRelationship +relationship. + + + + A name used in a CdxExtension name-value pair. + + + + + + Base domain class from which all other SPDX-3.0 domain classes derive. + + + + + + 1 - - + + - 1 1 - - - - clickthrough - the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. - - - - Provides information about the creation of the Element. - - - - ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ + + - 1 1 - + @@ -1125,86 +1149,135 @@ a fix has been applied and are no longer affected. - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - + + + + 1 1 - - - - - 1 + + + + - - - - + + + + + + + + + + + + + + + + + + - - Records the type of the model used in the AI software. - + + + hasAddedFile + Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). + + + + publishedBy + (Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. + + + Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + - - - other - the Element doesn't fit into any of the other categories + + + blake2b256 + BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - - - configuration - Element is configuration data + + + kilowattHour + Kilowatt-hour. - - + - Abstract class for the portion of an AnyLicenseInfo representing a license. - - + A map of Element identifiers that are used within a Document but defined external to that Document. + - - - + + + 1 1 - - - + + + + + + + + + + 1 - - - + + + + + 1 + + + + + Specifies the SPDX License List version in which this ListedLicense or +ListedLicenseException identifier was first added. + + + + + + Abstract class for additional text intended to be added to a License, but +which is not itself a standalone License. + + + + + + + 1 1 - - + + 1 - + @@ -1212,7 +1285,7 @@ a fix has been applied and are no longer affected. - + @@ -1220,266 +1293,309 @@ a fix has been applied and are no longer affected. - + - - + + 1 + + + + binaryArtifact + A reference to binary artifacts related to a package. + + + + A collection of Elements that have a shared context. + + - - + + 1 - - - support - the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. + + + eolNotice + A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. - - Specifies the type of an annotation. - - - Describes methods that can be used to explain the results from the AI model. + + + no + Indicates absence of the field. + + + Captures a standard that is being complied with. - - - sensor - data is recorded from a physical sensor, such as a thermometer reading or biometric device. + + + serious + The highest level of risk posed by an AI system. - - - kev - CISA's Known Exploited Vulnerability (KEV) Catalog - - - Specifies the amount of energy consumed when finetuning the AI model that is -being used in the AI system. - - - - Indicates the type of support that is associated with an artifact. + + Specifies the CVSS base, temporal, threat, or environmental severity type. - - A license expression participating in a license set. - - - - - sourceArtifact - A reference to an artifact containing the sources for a package. + + Identifies the download Uniform Resource Identifier for the package at the time +that the document was created. + + + + + archive + the Element is an archived collection of one or more files (.tar, .zip, etc) - - - directDownload - the dataset is publicly available and can be downloaded directly. + + + underInvestigationFor + (Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. - + + + critical + When a CVSS score is between 9.0 - 10.0 + + - documentation - A reference to the documentation for a package. + releaseHistory + A reference to a published list of releases for a package. - - Provides information about the creation of the Element. - - - - - application - the Element is a software application + + + vulnerabilityDisclosureReport + A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). - + + - Describes a relationship between one or more elements. - - + Provides an independently reproducible mechanism that permits verification of a specific Element. + - - - - - 1 + + + + 1 + + + Provides additional purpose information of the software artifact. + + + + + securityFix + A reference to the patch or source code that fixes a vulnerability. + + + Defines the line range in the original host file that the snippet information +applies to. + + + + Records the time when a recommended action was communicated in a VEX statement +to mitigate a vulnerability. + + + + + + A distinct article or unit related to Software. + + - - - - - 1 - - - - - - + + + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - 1 1 - - - + + + - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - 1 - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + 1 - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + - 1 + + + + + + + - - - swhid - SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. - - - - blake2b512 - BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - - - - cpe23 - [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) - - - - syntactic - data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. - - + - A canonical, unique, immutable identifier - + A reference to a resource outside the scope of SPDX-3.0 content related to an Element. - - - + + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - 1 1 - - - + + + + + + + + + + ^[^\/]+\/[^\/]+$ + - 1 1 - - - - - Provides an independently reproducible mechanism that permits verification of a specific Element. - - + @@ -1487,76 +1603,128 @@ being used in the AI system. - - - low - Low/no risk is posed by an AI system. + + + device + the Element refers to a chipset, processor, or electronic board - + + + runtime + SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. + + + Property that describes the time at which a build stops. + + + + + fixedBy + (Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s). + + + + install + the Element is used to install software on disk + + + + urlScheme + [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. + + + Provides relevant information about the AI software, not including the model +description. + + + + Records the biases that the dataset is known to encompass. + + + + + A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. + + + + + green + Dataset can be shared within a community of peers and partners. + + + + doesNotAffect + (Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. + + + Specifies the CVSS vector string for a vulnerability. + + + + + deviceDriver + Element represents software that controls hardware devices + + + Identifies the full text of a LicenseAddition, in SPDX templating format. + + + + + software + the element follows the Software profile specification + + - A tuple of two positive integers that define a range. + A canonical, unique, immutable identifier + - - - - + + + + + + + + 1 1 - - - + + + 1 1 - - - privacyAssessment - A reference to a privacy assessment for a package. + + + hasTest + Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. - - Information about the relationship between two Elements. - + + Describes a sensor used for collecting the data. + - - The name of a relevant standard that may apply to an artifact. - + + Specifies the exploit catalog type. + + + + Property describing the start time of a build. + - - A mathematical algorithm that maps data of arbitrary size to a bit string. - - - - other - any hashing algorithm that does not exist in this list of entries - - - - image - data is a collection of images such as pictures of animals. - - - - other - data is of a type not included in this list. - - - - buildMeta - A reference build metadata related to a published package. - A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. - + @@ -1578,7 +1746,7 @@ being used in the AI system. - + @@ -1587,7 +1755,7 @@ being used in the AI system. - + @@ -1595,14 +1763,14 @@ being used in the AI system. - + - + @@ -1610,465 +1778,235 @@ being used in the AI system. - + + - Refers to any object that stores content on a computer. - + A collection of Elements, not necessarily with unifying context. + - - - ^[^\/]+\/[^\/]+$ - - - 1 + + + + - - - + + + - - - - - 1 + + + + + + + + + + + + + + + + + + + - - Specified the time and date when a vulnerability was withdrawn. - - - - - securityOther - Used when there is a security related identifier of unspecified type. + + + platform + Element represents a runtime environment - - Specifies whether an additional text identifier has been marked as deprecated. - - - - Provides a place for the SPDX data creator to record the package URL string -(in accordance with the -[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) -for a software Package. - - - - Specifies until when the artifact can be used before its usage needs to be -reassessed. - - - - Specifies the VEX justification type. - - - References an Element on the right-hand side of a relationship. - - - - - numeric - data consists only of numeric entries. + + + mailingList + A reference to the mailing list used by the maintainer for a package. - - Specifies the amount of energy consumed when training the AI model that is -being used in the AI system. - - - - - testedOn - (AI, Dataset) The `from` Element has been tested on the `to` Element(s). + + + directDownload + the dataset is publicly available and can be downloaded directly. - - - hasVariant - Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). + + + bom + Element is a bill of materials - + + + runtimeAnalysisReport + A reference to a runtime analysis report for a package. + + - A mathematically calculated representation of a grouping of data. - - + Refers to any unit of content that can be associated with a distribution of +software. + + - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1 + + + + 1 - - - + + + - 1 1 - - - Defines the line range in the original host file that the snippet information -applies to. - - - - - A key with an associated value. - - - - + + + - 1 1 - - + + + + + 1 + + + + + 1 - - - complete - The relationship is known to be exhaustive. - - - - cve - Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). - - - Describes if any sensitive personal information is present in the dataset. - - - - - container - the Element is a container image which can be used by a container runtime application + + + other + any hashing algorithm that does not exist in this list of entries - + - install - the Element is used to install software on disk - - - - packagedBy - Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). - - - - availableFrom - The `from` Element is available from the additional supplier described by each `to` Element. - - - - reportedBy - (Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. - - - Identifies when the Element was originally created. - - - - - patchedBy - Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). - - - - gitoid - [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property. + library + the Element is a software library - - - hasProvidedDependency - The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. + + + test + A relationship has specific context implications during an element's testing phase, during development. - + + - A map of Element identifiers that are used within a Document but defined external to that Document. - + Asbtract ancestor class for all VEX relationships + + - - - + + + - 1 1 - - - - - - - - - - + + + 1 - - - - - - 1 - - - - - securityOther - A reference to related security information of unspecified type. - - - - crystalsDilithium - [Dilithium](https://pq-crystals.org/dilithium/) - - - Describes one a profile which the creator of this ElementCollection intends to -conform to. - - - - Provides a numerical (0-10) representation of the severity of a vulnerability. - - - - - sha256 - SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). - - - - gitoid - Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document). - - - A container for a grouping of SPDX-3.0 content characterizing details -(provenence, composition, licensing, etc.) about a product. - - - - - - chat - A reference to the instant messaging system used by the maintainer for a package. - - - - incomplete - The relationship is known not to be exhaustive. - - - - other - A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. - - - - hasTest - Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. + + + test + The Element is a test used to verify functionality on an software element - + - invokedBy - The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). - - - A probability score between 0 and 1 of a vulnerability being exploited. - - - - - green - Dataset can be shared within a community of peers and partners. + describes + The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. - - - registration - the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. + + Describes if a given file is a directory or non-directory kind of file. + + + + + operatingSystem + the Element is an operating system - + - fixedIn - (Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. - - - - extension - the element follows the Extension profile specification - - - - red - Data points in the dataset are highly confidential and can only be shared with named recipients. + hasPrerequisite + The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. - - Specifies the SPDX License List version in which this license or exception -identifier was deprecated. - + + Provides an unambiguous mechanism for conveying a URI fragment portion of an +ElementID. + - + - Abstract class for additional text intended to be added to a License, but -which is not itself a standalone License. - + Abstract ancestor class for all vulnerability assessments + - - - - - 1 - 1 - - - - - - - - 1 - - - - - - - + + + + 1 - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + 1 - - - - - - - - - - - + + + + 1 - - - - file - the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc) - - - - build - A relationship has specific context implications during an element's build phase, during development. - - - - sha3_384 - SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - - - An entity that is authorized to issue identification credentials. - - - - Identifies who or what created the Element. - - - - - runtimeAnalysisReport - A reference to a runtime analysis report for a package. - - - - hasAssociatedVulnerability - (Security) Used to associate a `from` Artifact with each `to` Vulnerability. - - - - A property name with an associated value. - - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + - 1 1 - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + 1 - - A concrete subclass of AnyLicenseInfo used by Individuals in the -ExpandedLicensing profile. - - - @@ -2076,14 +2014,14 @@ ExpandedLicensing profile. - + - + @@ -2091,7 +2029,7 @@ ExpandedLicensing profile. - + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ @@ -2100,7 +2038,7 @@ ExpandedLicensing profile. - + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ @@ -2109,7 +2047,7 @@ ExpandedLicensing profile. - + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ @@ -2118,14 +2056,14 @@ ExpandedLicensing profile. - + - + @@ -2141,2207 +2079,2265 @@ ExpandedLicensing profile. - - Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) - - - + - hasEvidence - (Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). + hasConcludedLicense + The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license. - - - trainedOn - (AI, Dataset) The `from` Element has been trained on the `to` Element(s). + + + categorical + data that is classified into a discrete number of categories, such as the eye color of a population of people. - + + Enumeration of the different kinds of SPDX file. + + + + core + the element follows the Core profile specification + + + + cpe22 + [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) + + + + metrics + A reference to metrics related to package such as OpenSSF scorecards. + + + Provides a place for the SPDX data creator to record acknowledgement text for +a software Package, File or Snippet. + + + - A collection of Elements that have a shared context. - - + A mapping between prefixes and namespace partial URIs. + - - + + + 1 1 - - - Specifies the SPDX License List version in which this ListedLicense or -ListedLicenseException identifier was first added. + + + + + + 1 + 1 + + + + + + hasOptionalComponent + Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). + + + Specifies a time when a vulnerability assessment was modified + + + + + manifest + the Element is a software manifest + + + + availableFrom + The `from` Element is available from the additional supplier described by each `to` Element. + + + The relative file name of a file to be excluded from the +`PackageVerificationCode`. - - + + + qualityAssessmentReport + A reference to a quality assessment for a package. + + + + crystalsDilithium + [Dilithium](https://pq-crystals.org/dilithium/) + + + + hasExample + Every `to` Element is an example for the `from` Element (`from` hasExample `to`). + + - noAssertion - no assertion about the type of support is made. This is considered the default if no other support type is used. + noSupport + there is no support for the artifact from the supplier, consumer assumes any support obligations. - + - mailingList - A reference to the mailing list used by the maintainer for a package. + cwe + [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). - - Specifies whether the License is listed as approved by the -[Open Source Initiative (OSI)](https://opensource.org). - - - - Provide an enumerated set of lifecycle phases that can provide context to relationships. + + A concrete subclass of AnyLicenseInfo used by Individuals in the +ExpandedLicensing profile. + + - - - modifiedBy - The `from` Element is modified by each `to` Element. + + + securityPolicy + A reference to instructions for reporting newly discovered security vulnerabilities for a package. - - - endOfSupport - there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. + + + numeric + data consists only of numeric entries. - + - hasDistributionArtifact - The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file). + republishedBy + (Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. - - - manifest - the Element is a software manifest + + + hasDeletedFile + Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). - - - secureSoftwareAttestation - A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). + + + runtime + A relationship has specific context implications during the execution phase of an element. - - - sha1 - SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174). + + + hasAssociatedVulnerability + (Security) Used to associate a `from` Artifact with each `to` Vulnerability. - + + + query + the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. + + - affects - (Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. + exploitCreatedBy + (Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent. - - A key used in a generic key-value pair. + + Explains why a VEX product is not affected by a vulnerability. It is an +alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable +justification label. - - Captures the threshold that was used for computation of a metric described in -the metric field. - - - - Specifies whether the License is listed as free by the -[Free Software Foundation (FSF)](https://fsf.org). - - - - - vulnerableCodeNotPresent - The product is not affected because the code underlying the vulnerability is not present in the product. + + + megajoule + Megajoule. - - - dataset - the element follows the Dataset profile specification + + + blake2b384 + BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - - The result of applying a hash algorithm to an Element. - - - - - platform - Element represents a runtime environment + + + reportedBy + (Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. - - Identifies the full text of a LicenseAddition, in SPDX templating format. - - - - - evidence - the Element is the evidence that a specification or requirement has been fulfilled + + + other + Used when the type does not match any of the other options. - - Property describing the parameters used in an instance of a build. - - - - Specifies the type of the external reference. - - - - Provides a map of a property names to a values. - + + + configures + The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. + + + + clear + Dataset may be distributed freely, without restriction. + + + Specifies the type of a content identifier. + + + Identifies from where or whom the Element originally came. + - - Specifies the time an artifact was released. - - - - - email - Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3. + + + review + Used when someone reviews the Element. - + + + swhid + SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. + + + A value used in a CdxExtension name-value pair. + + + - deviceDriver - Element represents software that controls hardware devices + container + the Element is a container image which can be used by a container runtime application - - - hasConcludedLicense - The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license. + + + riskAssessment + A reference to a risk assessment for a package. - - Identify the version of a package. - + + Specifies the time from which an element is no longer applicable / valid. + - + + Refers to one or more Elements that are part of an ElementCollection. + + + + Specifies the value of the content identifier. + + + + Information about the relationship between two Elements. + + + A place for the SPDX document creator to record a website that serves as the +package's home page. + + + + + dynamicAnalysisReport + A reference to a dynamic analysis report for a package. + + + + hasEvidence + (Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). + + + + sha3_384 + SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + + + Provides information about the creation of the Element. + + + + + medium + The third-highest level of risk posed by an AI system. + + + Identifies the text of one or more copyright notices for a software Package, +File or Snippet, if any. + + + + Provides the license under which the SPDX documentation of the Element can be +used. + + + + + sha3_224 + SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + + + + hasDistributionArtifact + The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file). + + + The result of applying a hash algorithm to an Element. + + + + Describes one a profile which the creator of this ElementCollection intends to +conform to. + + + + Provides information about the primary purpose of an Element. + + + A key used in a generic key-value pair. + + + + + securityThreatModel + A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. + + + + testedOn + (AI, Dataset) The `from` Element has been tested on the `to` Element(s). + + + + contains + The `from` Element contains each `to` Element. + + - Refers to any unit of content that can be associated with a distribution of -software. + Refers to any object that stores content on a computer. - - + + + ^[^\/]+\/[^\/]+$ 1 - - - + + + + + + + + + 1 + + + + + Specifies the VEX justification type. + + + The version of the SPDX License List used in the license expression. + + + + + hasDocumentation + The `from` Element is documented by each `to` Element. + + + + + Abstract class for the portion of an AnyLicenseInfo representing a license. + + + + + + + 1 1 - - - + + + 1 - - + + + + + 1 + + + + + + + + 1 + + + + + + + + 1 + + + + + + + + 1 + + + + + + + + + + + + 1 - - + + 1 - - - simpleLicensing - the element follows the simple Licensing profile specification + + + hasAssessmentFor + (Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types. - - - md2 - MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/). + + + descendantOf + The `from` Element is a descendant of each `to` Element. + + + Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. + + + + + development + the artifact is in active development and is not considered ready for formal support from the supplier. + + + + buildMeta + A reference build metadata related to a published package. + + + Specifies the time from which an element is applicable / valid. + + + + + configuration + Element is configuration data + + + + hasDeclaredLicense + The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. componentNotPresent The software is not affected because the vulnerable component is not in the product. - - - build - the element follows the Build profile specification - - - Specifies the version of a VEX statement. + + Property describes the invocation entrypoint of a build. - - - megajoule - Megajoule. - - + - blake2b384 - BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - - - - file - The file represents a single file (default). + blake3 + [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) - - - source - SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. + + + securityAdversaryModel + A reference to the security adversary model for a package. - - - video - data is video based, such as a collection of movie clips featuring Tom Hanks. - - - - A class for describing the energy consumption incurred by an AI model in -different stages of its lifecycle. - - - - - - - - - - - - - - - - - - - - - - + + Availability of dataset. - - - securityThreatModel - A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. - - - Provides the location of an exploit catalog. + + Contains a URL where the License or LicenseAddition can be found in use. - - Provides information about the completeness of relationships. - - - - - falcon - [FALCON](https://falcon-sign.info/falcon.pdf) + + + swhid + SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. - - Defines the original host file that the snippet information applies to. - - - - Describes relevant information about different steps of the training process. + + Describes all the preprocessing steps applied to the training data before the +model training. - - - inlineMitigationsAlreadyExist - Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. - - - - md6 - [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) - - - Records the results of general safety risk assessment of the AI system. - - - - Records a hyperparameter used to build the AI model contained in the AI -package. + + Captures the threshold that was used for computation of a metric described in +the metric field. - - - timeseries - data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. + + + hasVariant + Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). - - Describes the type of annotation. - + + Artifact representing a serialization instance of SPDX data containing the +definition of a particular Element. + - - - runtime - A relationship has specific context implications during the execution phase of an element. - - - - A reference to a resource outside the scope of SPDX-3.0 content related to an Element. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1 - - - - - - - - - - - - - ^[^\/]+\/[^\/]+$ - - - 1 - - - - - - - - 1 - - - - - An element of hardware and/or software utilized to carry out a particular function. - - - - - - build - SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. + + + componentAnalysisReport + A reference to a Software Composition Analysis (SCA) report. - - - test - A relationship has specific context implications during an element's testing phase, during development. + + + amendedBy + The `from` Element is amended by each `to` Element. - - - runtime - SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. + + + vulnerableCodeNotPresent + The product is not affected because the code underlying the vulnerability is not present in the product. - - - scrapingScript - the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. + + + firmware + the Element provides low level control over a device's hardware - - A short description of an Element. - - - - Explains why a VEX product is not affected by a vulnerability. It is an -alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable -justification label. - - - - Identifies the full text of a LicenseAddition. - + + A buildType is a hint that is used to indicate the toolchain, platform, or +infrastructure that the build was invoked on. + - - - securityFix - A reference to the patch or source code that fixes a vulnerability. + + + act + The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. + + + + gitoid + Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document). analyzed SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM. - - - foundBy - (Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). + + + security + the element follows the Security profile specification - - A LicenseAddition participating in a 'with addition' model. - - - - Records the biases that the dataset is known to encompass. - - - - - attend - The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. - - + + Property describing the parameters used in an instance of a build. + + + - securityPenTestReport - A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. + purchaseOrder + A reference to a purchase order for a package. - - - Abstract class representing a License or an OrLaterOperator. - - - - - - design - SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. + + + other + Used when the type does not match any of the other options. - - - hasDependencyManifest - The `from` Element has manifest files that contain dependency information in each `to` Element. + + + model + the Element is a machine learning or artificial intelligence model - + - vulnerabilityExploitabilityAssessment - A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). + documentation + A reference to the documentation for a package. - - Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - - - + - amendedBy - The `from` Element is amended by each `to` Element. + hasDataFile + The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency. - + + + high + When a CVSS score is between 7.0 - 8.9 + + - hasPrerequisite - The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. + invokedBy + The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). - + + References the Element on the left-hand side of a relationship. + + + + The percentile of the current probability score. + + + - noAssertion - data type is not known. + structured + data is stored in tabular format or retrieved from a relational database. - - - qualityAssessmentReport - A reference to a quality assessment for a package. + + Specifies the type of an annotation. + + + A canonical, unique, immutable identifier of the artifact content, that may be +used for verifying its identity and/or integrity. + + + + The name of a relevant standard that may apply to an artifact. + + + + + other + data is of a type not included in this list. - - - exportControlAssessment - A reference to a export control assessment for a package. + + Gives information about the circumstances or unifying properties +that Elements of the bundle have been assembled under. + + + + + sha3_256 + SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - - - hasRequirement - The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. + + + low + Low/no risk is posed by an AI system. - - Specifies the exploit catalog type. + + Categories of presence or absence. - - Commentary on an assertion that an annotator has made. + + + hasHost + The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). + + + + directory + The file represents a directory and all content stored in that directory. + + + Uniquely identifies an external element. - - - other - Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless). + + Specifies an Extension characterization of some aspect of an Element. + + + + + securityOther + Used when there is a security related identifier of unspecified type. - - - - Asbtract ancestor class for all VEX relationships - - - - - - - - 1 - - - - - - - - 1 - - - - - Identifies who or what supplied the artifact or VulnAssessmentRelationship -referenced by the Element. - + + Identifies the full text of a License, in SPDX templating format. + + + + Describes what the given dataset should be used for. + + + + Specifies the algorithm used for calculating the hash value. + - - Conveys information about how VEX status was determined. + + Specifies the SPDX License List version in which this license or exception +identifier was deprecated. - - Specifies an Element contained in a piece of software where a vulnerability was -found. - + + Provides information about the primary purpose of the software artifact. + - - The relative file name of a file to be excluded from the -`PackageVerificationCode`. + + + file + the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc) + + + + ancestorOf + The `from` Element is an ancestor of each `to` Element. + + + Captures the domain in which the AI package can be used. - - - security - the element follows the Security profile specification + + Describes the anonymization methods used. + + + + + delegatedTo + The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). - - - - Abstract ancestor class for all vulnerability assessments - + + + hasProvidedDependency + The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. + + + + md5 + MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321). + + + Provides a numerical (0-10) representation of the severity of a vulnerability. + + + + An element of hardware and/or software utilized to carry out a particular function. + + + + + trackStar + ("Track*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines. + + + Conveys information about how VEX status was determined. + + + + + email + Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3. + + + + timeseries + data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. + + + + dependsOn + The `from` Element depends on each `to` Element, during a LifecycleScopeType period. + + + Records a hyperparameter used to build the AI model contained in the AI +package. + + + + Specifies the type of an external identifier. + + + Provides an indication of where to retrieve an external Element. + + + + Specifies whether a license or additional text identifier has been marked as +deprecated. + + + + + A mathematically calculated representation of a grouping of data. + + - - - - - 1 - - - - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + 1 1 - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 - - - - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + 1 1 - - Maps a LicenseRef or AdditionRef string for a Custom License or a Custom -License Addition to its URI ID. - + + + secureSoftwareAttestation + A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). + + + A License participating in an 'or later' model. + - - Identifies the download Uniform Resource Identifier for the package at the time -that the document was created. - - - - - low - When a CVSS score is between 0.1 - 3.9 + + + nuget + A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org). - - - hasInputs - The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period. + + + build + A relationship has specific context implications during an element's build phase, during development. - - Describes the anonymization methods used. - - - - Provides a reference number that can be used to understand how to parse and interpret an Element. - - - - Provides relevant information about the AI software, not including the model -description. - - - - - socialMedia - A reference to a social media channel for a package. + + + amber + Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. - + + + timestamp + data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. + + + + source + the Element is a single or a collection of source files + + - hasDeletedFile - Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). + hasStaticLink + The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. - + + + text + data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. + + - contains - The `from` Element contains each `to` Element. + hasOutputs + The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. - + + + A class for describing the energy consumption incurred by an AI model in +different stages of its lifecycle. + + + + + + + + + + + + + + + + + + + + + + + + - review - Used when someone reviews the Element. + other + Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element). + + + + hasOptionalDependency + The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. + + + + specification + the Element is a plan, guideline or strategy how to create, perform or analyse an application + + + + sha384 + SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). A value used in a generic key-value pair. - - - module - the Element is a module of a piece of software + + Points to a resource outside the scope of the SPDX-3.0 content +that provides additional characteristics of an Element. + + + + Provides an IntegrityMethod with which the integrity of an Element can be +asserted. + + + + + limitedSupport + the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. - - - patch - Element contains a set of changes to update, fix, or improve another Element + + + sha1 + SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174). - + - hasOptionalDependency - The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. + hasTestCase + Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). - - Specifies the unit in which energy is measured. - + + Specifies whether the License is listed as free by the +[Free Software Foundation (FSF)](https://fsf.org). + + + + Specifies the type of the content identifier. + - - - query - the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. + + Represents the energy quantity. + + + + + diskImage + the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. - - Records if sensitive personal information is used during model training or -could be used during the inference. - + + Property that describes the digest of the build configuration file used to +invoke a build. + - - Provides information about the primary purpose of an Element. - - - - componentAnalysisReport - A reference to a Software Composition Analysis (SCA) report. - - - - generates - The `from` Element generates each `to` Element. - - - - documentation - Element is documentation + + + registration + the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. - + - sha3_224 - SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - - - Property that describes the time at which a build stops. - - - - - other - Any other units of energy measurement. + blake2b512 + BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - - Specifies the time when a vulnerability was published. - - - + - mavenCentral - A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html). + vulnerabilityExploitabilityAssessment + A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). - - Specifies the time from which an element is no longer applicable / valid. - - - - Specifies the type of the external identifier. - - - - Identifies all the text and metadata associated with a license in the license -XML format. + + Describes methods that can be used to explain the results from the AI model. - - - support - A reference to the software support channel or other support information for a package. - - + - fixedBy - (Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s). - - - Property describes the invocation entrypoint of a build. - - - - - deployed - in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. - - - - crystalsKyber - [Kyber](https://pq-crystals.org/kyber/) - - - - structured - data is stored in tabular format or retrieved from a relational database. - - - - lite - the element follows the Lite profile specification - - - - development - A relationship has specific context implications during development phase of an element. + hasInputs + The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period. - - - md4 - MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186). + + + trainedOn + (AI, Dataset) The `from` Element has been trained on the `to` Element(s). - - Specifies the licenseId that is preferred to be used in place of a deprecated -License or LicenseAddition. - - - - - swhid - SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. + + + productMetadata + A reference to additional product metadata such as reference within organization's product catalog. - - + - Base domain class from which all other SPDX-3.0 domain classes derive. + Describes a relationship between one or more elements. + - - - - + + + + + 1 1 - - - - + + + + + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1 1 - - - - + + + + + + + + + 1 - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + 1 - - - - - 1 + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + 1 + + + Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + + + + + The class that helps note down the quantity of energy consumption and the unit +used for measurement. + - - - - - - - - - - - - - - - - - - + + + + + 1 + 1 - - - - + + + + + + + + + + 1 + 1 - - - securityAdvisory - A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. - - - - hasTestCase - Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). - - - - timestamp - data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. - - - Property describing the start time of a build. - - - - - dependsOn - The `from` Element depends on each `to` Element, during a LifecycleScopeType period. - - - - bower - A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). - - - - sha224 - SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874). - - - - limitedSupport - the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. - - - Refers to one or more Elements that are part of an ElementCollection. - - Provides a License author's preferred text to indicate that a file is covered by the License. - - - core - the element follows the Core profile specification - - - - device - the Element refers to a chipset, processor, or electronic board - - - - trackStar - ("Track*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines. - - - - executable - Element is an Artifact that can be run on a computer - - - - audio - data is audio based, such as a collection of music from the 80s. - - - - publishedBy - (Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. - - - - binaryArtifact - A reference to binary artifacts related to a package. - - - - altWebPage - A reference to an alternative web page. - - - Describes the preprocessing steps that were applied to the raw data to create the given dataset. - - - - - ai - the element follows the AI profile specification - - - Artifact representing a serialization instance of SPDX data containing the -definition of a particular Element. - - - - Impact justification label to be used when linking a vulnerability to an element -representing a VEX product with a VexNotAffectedVulnAssessmentRelationship -relationship. - - - - - expandsTo - The `from` archive expands out as an artifact described by each `to` Element. - - - Property that describes the digest of the build configuration file used to -invoke a build. - - - - Provides an indication of where to retrieve an external Element. - - - - Provides a detailed description of the Element. - - - - The version of the SPDX License List used in the license expression. - - - - - filesystemImage - the Element is a file system image that can be written to a disk (or virtual) partition - - - - expandedLicensing - the element follows the expanded Licensing profile specification - - - - hasExample - Every `to` Element is an example for the `from` Element (`from` hasExample `to`). - - - - yes - Indicates presence of the field. - - - Records the measurement of prediction quality of the AI model. - - - - Specifies whether a license or additional text identifier has been marked as -deprecated. - - - - - specification - the Element is a plan, guideline or strategy how to create, perform or analyse an application - - - Property describing the session in which a build is invoked. - - - - - hasAddedFile - Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). - - - - noAssertion - No assertion can be made about the completeness of the relationship. - - - A value used in a CdxExtension name-value pair. - - - - - metrics - A reference to metrics related to package such as OpenSSF scorecards. - - - Provides the license under which the SPDX documentation of the Element can be -used. - - - - - packageUrl - [package URL](https://github.com/package-url/purl-spec) - - - - ancestorOf - The `from` Element is an ancestor of each `to` Element. - - - Categories of confidentiality level. - - - - descendantOf - The `from` Element is a descendant of each `to` Element. - - - Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - - - - Describes the type of the given dataset. - - - - - other - Other exploit catalogs - - - - vulnerabilityDisclosureReport - A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). - - - - amber - Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. - - - - hasAssessmentFor - (Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types. - - - A substitute for a URI. - - - - - directory - The file represents a directory and all content stored in that directory. - - - Provides information about the primary purpose of the software artifact. - - - - - underInvestigationFor - (Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. - - - - high - When a CVSS score is between 7.0 - 8.9 - - - Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - - - - - Abstract class representing a license combination consisting of one or more -licenses (optionally including additional text), which may be combined -according to the -[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md). - - + + + A property name with an associated value. + + + + + + + 1 + 1 + + + + + + + + 1 + + - - - archive - the Element is an archived collection of one or more files (.tar, .zip, etc) - - - - sha512 - SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). - - - - kilowattHour - Kilowatt-hour. - - - Captures the size of the dataset. - - - - - development - the artifact is in active development and is not considered ready for formal support from the supplier. - - - - categorical - data that is classified into a discrete number of categories, such as the eye color of a population of people. - - - Specifies the type of the content identifier. - - - - Describes potentially noisy elements of the dataset. - - - - - hasDynamicLink - The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. - - - - md5 - MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321). - - - - swid - Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3. - - - - medium - When a CVSS score is between 4.0 - 6.9 - - - Indicates the amount of energy consumption incurred by an AI model. - - - - - funding - A reference to funding information related to a package. - - - - deployed - SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. - - - - hasSpecification - Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. - - - Captures a standard that is being complied with. - - - - - urlScheme - [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. - - - Describes the confidentiality level of the data points contained in the dataset. - - - - Captures a limitation of the AI software. - - - - Agent represents anything with the potential to act on a system. - - + + + Provides information about the creation of the Element. + + + + + ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ + + + 1 + 1 + + + + + + + + 1 + + + + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 + 1 + + + + + + + + 1 + + + + + + + + + - - - releaseHistory - A reference to a published list of releases for a package. + + + sha224 + SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874). - - Specifies a time when a vulnerability assessment was modified - - - - Represents the energy quantity. - + + Identifies the name of an Element as designated by the creator. + - + - riskAssessment - A reference to a risk assessment for a package. + privacyAssessment + A reference to a privacy assessment for a package. - + - sha3_256 - SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + md2 + MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/). - - The percentile of the current probability score. - + + + A tuple of two positive integers that define a range. + + + + + + + 1 + 1 + + + + + + + + 1 + 1 + + + + + Specifies the time when a vulnerability was published. + - + - issueTracker - A reference to the issue tracker for a package. + staticAnalysisReport + A reference to a static analysis report for a package. - - Specifies an Extension characterization of some aspect of an Element. - - - - - vcs - A reference to a version control system related to a software artifact. + + + image + data is a collection of images such as pictures of animals. - - Provides a place for the SPDX data creator to record acknowledgement text for -a software Package, File or Snippet. + + Indicates the type of support that is associated with an artifact. + + + Identifies the full text of a License or Addition. - - Specifies the type of a content identifier. + + + incomplete + The relationship is known not to be exhaustive. + + + + build + the element follows the Build profile specification + + + + securityAdvisory + A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. + + + + other + Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless). + + + + crystalsKyber + [Kyber](https://pq-crystals.org/kyber/) + + + Specifies the type of an external reference. - - Specifies the algorithm used for calculating the hash value. - + + Specifies an Element contained in a piece of software where a vulnerability was +found. + - - - hasOutputs - The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. + + A buildId is a locally unique identifier used by a builder to identify a unique +instance of a build produced by it. + + + + + vulnerableCodeNotInExecutePath + The affected code is not reachable through the execution of the code, including non-anticipated states of the product. - - Provides information about the type of an SBOM. - + + Specifies the level of support associated with an artifact. + - + + + chat + A reference to the instant messaging system used by the maintainer for a package. + + - exploitCreatedBy - (Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent. + generates + The `from` Element generates each `to` Element. - - Describes a sensor used for collecting the data. - - - - - source - the Element is a single or a collection of source files + + + dataset + the element follows the Dataset profile specification - + - diskImage - the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. - - - - doesNotAffect - (Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. + filesystemImage + the Element is a file system image that can be written to a disk (or virtual) partition - - - purchaseOrder - A reference to a purchase order for a package. + + + extension + the element follows the Extension profile specification - - Provides advise on how to mitigate or remediate a vulnerability when a VEX product -is affected by it. + + Records the type of the model used in the AI software. - - - eolNotice - A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. + + + packagedBy + Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). - - - releaseNotes - A reference to the release notes for a package. + + An Element an annotator has made an assertion about. + + + + A container for a grouping of SPDX-3.0 content characterizing details +(provenence, composition, licensing, etc.) about a product. + + + + + + development + A relationship has specific context implications during development phase of an element. - - - certificationReport - A reference to a certification report for a package from an accredited/independent body. + + + lite + the element follows the Lite profile specification - + + + inlineMitigationsAlreadyExist + Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. + + + Identifies who or what supplied the artifact or VulnAssessmentRelationship +referenced by the Element. + + + - staticAnalysisReport - A reference to a static analysis report for a package. + sourceArtifact + A reference to an artifact containing the sources for a package. - - - no - Indicates absence of the field. + + + application + the Element is a software application - - Contains a URL where the License or LicenseAddition can be found in use. - + + Specifies until when the artifact can be used before its usage needs to be +reassessed. + - - - clear - Dataset may be distributed freely, without restriction. - - - - securityAdversaryModel - A reference to the security adversary model for a package. + + + serializedInArtifact + The `from` SPDXDocument can be found in a serialized form in each `to` Artifact. - - - act - The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. + + + hasDynamicLink + The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. - - - license - A reference to additional license information related to an artifact. + + + simpleLicensing + the element follows the simple Licensing profile specification - - This property is used to denote the root Element(s) of a tree of elements contained in a BOM. - - - + - blake3 - [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) + md4 + MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186). - - Information about the relationship between two Elements. - - - - critical - When a CVSS score is between 9.0 - 10.0 + + Describes the type of annotation. + + + + + securityPenTestReport + A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. - + + Identify the version of a package. + + + - configures - The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. + coordinatedBy + (Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). - - Provides the location of an external reference. + + Records any relevant background information or additional comments +about the origin of the package. - + + Indicates the amount of energy consumption incurred by an AI model. + + + + + vulnerableCodeCannotBeControlledByAdversary + The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. + + + Specifies the amount of energy consumed when training the AI model that is +being used in the AI system. + + + - bom - Element is a bill of materials + executable + Element is an Artifact that can be run on a computer - - - nuget - A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org). + + + usesTool + The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. - + - model - the Element is a machine learning or artificial intelligence model + module + the Element is a module of a piece of software - - - framework - the Element is a software framework + + This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + + + + Provides the location of an exploit catalog. + + + + + low + When a CVSS score is between 0.1 - 3.9 - - - buildSystem - A reference build system used to create or publish the package. + + Describes potentially noisy elements of the dataset. + + + + + syntactic + data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. - - - high - The second-highest level of risk posed by an AI system. + + Provides advise on how to mitigate or remediate a vulnerability when a VEX product +is affected by it. + + + + + hasMetadata + Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). - - + + Records if sensitive personal information is used during model training or +could be used during the inference. + + + + Provides a reference to a resource outside the scope of SPDX-3.0 content +that uniquely identifies an Element. + + + - A distinct article or unit related to Software. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + A key with an associated value. + - - + + + 1 1 - - + + - - - - - - - + 1 - - - delegatedTo - The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). - - - Provides an ExternalMap of Element identifiers. - - - - A License participating in a 'with addition' model. - - - - - republishedBy - (Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. + + + other + A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. - - - data - Element is data + + Specifies the exploit catalog type. + + + A probability score between 0 and 1 of a vulnerability being exploited. + + + + + yes + Indicates presence of the field. - - Specifies the time from which an element is applicable / valid. + + + falcon + [FALCON](https://falcon-sign.info/falcon.pdf) + + + Specifies the time an artifact was released. - - - sha384 - SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). + + + npm + A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json). - + - productMetadata - A reference to additional product metadata such as reference within organization's product catalog. + bower + A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). + + + + file + The file represents a single file (default). + + + + scrapingScript + the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. + + + Defines the end of a range. + + + + + design + A relationship has specific context implications during an element's design. + + + References an Element on the right-hand side of a relationship. + + + + + sha3_512 + SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + + + + other + the Element doesn't fit into any of the other categories + + + Captures a limitation of the AI software. + + + + + clickthrough + the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. Identifies an external Element used within a Document but defined external to that Document. - - Provides additional purpose information of the software artifact. - + + + issueTracker + A reference to the issue tracker for a package. + + + + sensor + data is recorded from a physical sensor, such as a thermometer reading or biometric device. + + + Property describing the session in which a build is invoked. + - - Provides a reference to a resource outside the scope of SPDX-3.0 content -that uniquely identifies an Element. - + + + noAssertion + Makes no assertion about the field. + + + + sha256 + SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). + + + + license + A reference to additional license information related to an artifact. + + + + other + Any other units of energy measurement. + + + Specifies the type of the external identifier. + - - Provides the location for more information regarding an external identifier. - - - - Specifies the time an artifact was built. - - - - - operatingSystem - the Element is an operating system + + + hasRequirement + The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. - - Captures the domain in which the AI package can be used. + + Records the measurement of prediction quality of the AI model. + + + + A license expression participating in a license set. + + + + Provides a map of a property names to a values. + + + + Describes relevant information about different steps of the training process. - - - other - Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element). + + + video + data is video based, such as a collection of movie clips featuring Tom Hanks. - + + Enumeration of the valid profiles. + + - library - the Element is a software library + data + Element is data - - - design - A relationship has specific context implications during an element's design. + + + attend + The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. - - - vulnerableCodeNotInExecutePath - The affected code is not reachable through the execution of the code, including non-anticipated states of the product. + + + deployed + in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. - - - A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. - - - - Identifies from where or whom the Element originally came. - + + Provides information about the type of an SBOM. + - - Identifies the tooling that was used during the creation of the Element. - + + + foundBy + (Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). + + + Specifies the type of the external reference. + - - Indicates whether the system can perform a decision or action without human -involvement or guidance. - + + + patch + Element contains a set of changes to update, fix, or improve another Element + + + + complete + The relationship is known to be exhaustive. + + + + endOfSupport + there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. + + + + noAssertion + data type is not known. + + + A LicenseAddition participating in a 'with addition' model. + - + + + socialMedia + A reference to a social media channel for a package. + + + + funding + A reference to funding information related to a package. + + + + kev + CISA's Known Exploited Vulnerability (KEV) Catalog + + + Provides a reference number that can be used to understand how to parse and interpret an Element. + + + + Defines the beginning of a range. + + + + + other + Other exploit catalogs + + - text - data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. + audio + data is audio based, such as a collection of music from the 80s. - - References the Element on the left-hand side of a relationship. - - - - Points to a resource outside the scope of the SPDX-3.0 content -that provides additional characteristics of an Element. - + + Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. + + + The field describes the availability of a dataset. + - - - track - The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. + + + medium + When a CVSS score is between 4.0 - 6.9 - + - blake2b256 - BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. + md6 + [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) - + + + patchedBy + Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). + + + + none + When a CVSS score is 0.0 + + + Captures the size of the dataset. + + + - software - the element follows the Software profile specification + expandedLicensing + the element follows the expanded Licensing profile specification - - Property that describes the URI of the build configuration source file. + + Provides a place for the SPDX data creator to record the package URL string +(in accordance with the +[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) +for a software Package. - - - vulnerableCodeCannotBeControlledByAdversary - The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. + + + cpe23 + [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) - - - npm - A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json). + + + red + Data points in the dataset are highly confidential and can only be shared with named recipients. - - - copiedTo - The `from` Element has been copied to each `to` Element. + + Identifies who or what created the Element. + + + + + cve + Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). - - Gives information about the circumstances or unifying properties -that Elements of the bundle have been assembled under. + + An entity that is authorized to issue identification credentials. - - - The class that helps note down the quantity of energy consumption and the unit -used for measurement. - - - - - - - 1 - 1 - - - - - - - - - - - - - 1 - 1 - - - - - Specifies the value of the content identifier. + + Provides the location for more information regarding an external identifier. - - Describes all the preprocessing steps applied to the training data before the -model training. - - - + - describes - The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. + affects + (Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. - - - A mapping between prefixes and namespace partial URIs. - - - - - - - 1 - 1 - - - - - - - - 1 - 1 - - + + + source + SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. + + + Specifies the unit in which energy is measured. + + + + + framework + the Element is a software framework + + + Provide an enumerated set of lifecycle phases that can provide context to relationships. - - Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. + + + Abstract class representing a license combination consisting of one or more +licenses (optionally including additional text), which may be combined +according to the +[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md). + + - + + Describes the confidentiality level of the data points contained in the dataset. + + + + + Provides an ExternalMap of Element identifiers. + + + + Describes if any sensitive personal information is present in the dataset. + + + - hasStaticLink - The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. + expandsTo + The `from` archive expands out as an artifact described by each `to` Element. - - Provides a set of values to be used to describe the common types of SBOMs that -tools may create. + + + deployed + SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. + + + A License participating in a 'with addition' model. + + + + + Abstract class representing a License or an OrLaterOperator. + + - - - altDownloadLocation - A reference to an alternative download location. + + + ai + the element follows the AI profile specification - - A buildId is a locally unique identifier used by a builder to identify a unique -instance of a build produced by it. - - - + + + hasSpecification + Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. + + + + modifiedBy + The `from` Element is modified by each `to` Element. + + - securityPolicy - A reference to instructions for reporting newly discovered security vulnerabilities for a package. + mavenCentral + A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html). - + + Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) + + + - serializedInArtifact - The `from` SPDXDocument can be found in a serialized form in each `to` Artifact. + copiedTo + The `from` Element has been copied to each `to` Element. - + + + hasDependencyManifest + The `from` Element has manifest files that contain dependency information in each `to` Element. + + + Commentary on an assertion that an annotator has made. + + + + Identifies when the Element was originally created. + + + - cwe - [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). + altWebPage + A reference to an alternative web page. - - Identifies the full text of a License, in SPDX templating format. + + A short description of an Element. - - Specifies the amount of energy consumed during inference time by an AI model -that is being used in the AI system. - + + Specifies the safety risk level. + + + Defines the original host file that the snippet information applies to. + - - Records any relevant background information or additional comments -about the origin of the package. + + Information about the relationship between two Elements. + + + + Provides information about the completeness of relationships. + + + + Provides information about the content type of an Element or a Property. - - - - A collection of Elements, not necessarily with unifying context. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - other - Used when the type does not match any of the other options. + + Defines the byte range in the original host file that the snippet information +applies to. + + + + + requirement + the Element provides a requirement needed as input for another Element - - - hasDeclaredLicense - The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. + + + build + SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. - - A canonical, unique, immutable identifier of the artifact content, that may be -used for verifying its identity and/or integrity. - + + + buildSystem + A reference build system used to create or publish the package. + + + + releaseNotes + A reference to the release notes for a package. + + + + high + The second-highest level of risk posed by an AI system. + + + Identifies all the text and metadata associated with a license in the license +XML format. + - - An Element an annotator has made an assertion about. - + + + evidence + the Element is the evidence that a specification or requirement has been fulfilled + + + Identifies the tooling that was used during the creation of the Element. + - + - coordinatedBy - (Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). + fixedIn + (Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. - - Specifies the SSVC decision type. - - - Specifies the level of support associated with an artifact. - + + Maps a LicenseRef or AdditionRef string for a Custom License or a Custom +License Addition to its URI ID. + - - - cpe22 - [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) + + + documentation + Element is documentation + + Describes the type of the given dataset. + + A string in the license expression format. - - - hasOptionalComponent - Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). + + + noAssertion + no assertion about the type of support is made. This is considered the default if no other support type is used. - - - hasDocumentation - The `from` Element is documented by each `to` Element. + + A substitute for a URI. + + + + + securityOther + A reference to related security information of unspecified type. - + - dynamicAnalysisReport - A reference to a dynamic analysis report for a package. + certificationReport + A reference to a certification report for a package from an accredited/independent body. - - - hasDataFile - The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency. + + + sha512 + SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). - - Describes what the given dataset should be used for. - - - - Defines the end of a range. - - - - Describes a mechanism to update the dataset. + + + track + The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. + + + Categories of confidentiality level. + + + Describes how the dataset was collected. - - - firmware - the Element provides low level control over a device's hardware + + Capture the scope of information about a specific relationship between elements. + + + + + support + the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. + + + Specifies the amount of energy consumed when finetuning the AI model that is +being used in the AI system. + + + + + design + SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. - - Specifies the CVSS vector string for a vulnerability. + + Specifies whether the License is listed as approved by the +[Open Source Initiative (OSI)](https://opensource.org). + + + + Specified the time and date when a vulnerability was withdrawn. + + + + Provides a detailed description of the Element. - - - none - When a CVSS score is 0.0 - - - - requirement - the Element provides a requirement needed as input for another Element + + + vcs + A reference to a version control system related to a software artifact. - - Identifies the name of an Element as designated by the creator. + + Specifies the version of a VEX statement. - - - medium - The third-highest level of risk posed by an AI system. + + + packageUrl + [package URL](https://github.com/package-url/purl-spec) - - Specifies the CVSS base, temporal, threat, or environmental severity type. + + Provides a set of values to be used to describe the common types of SBOMs that +tools may create. - - A License participating in an 'or later' model. - - - - - noSupport - there is no support for the artifact from the supplier, consumer assumes any support obligations. - - - Uniquely identifies an external element. + + Specifies the licenseId that is preferred to be used in place of a deprecated +License or LicenseAddition. - - - noAssertion - Makes no assertion about the field. - - - Enumeration of the valid profiles. - - - Specifies the safety risk level. + + Agent represents anything with the potential to act on a system. + + - - A place for the SPDX document creator to record a website that serves as the -package's home page. - + + Provides the location of an external reference. + - - Categories of presence or absence. - - - Provides an unambiguous mechanism for conveying a URI fragment portion of an -ElementID. - + + Describes the preprocessing steps that were applied to the raw data to create the given dataset. + - - Specifies the type of an external reference. - - - - hasHost - The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). - - - - hasMetadata - Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). - - - Specifies the type of an external identifier. + + A mathematical algorithm that maps data of arbitrary size to a bit string. - - Identifies the text of one or more copyright notices for a software Package, -File or Snippet, if any. + + Describes a mechanism to update the dataset. - - Provides information about the content type of an Element or a Property. + + Indicates whether the system can perform a decision or action without human +involvement or guidance. + + + + Identifies the full text of a LicenseAddition. - - Specifies the exploit catalog type. - + + Specifies the amount of energy consumed during inference time by an AI model +that is being used in the AI system. + - - Records the time when a recommended action was communicated in a VEX statement -to mitigate a vulnerability. + + Timestamp of impact statement. - - - test - The Element is a test used to verify functionality on an software element - - - Defines the byte range in the original host file that the snippet information -applies to. - - - - Defines the beginning of a range. - + + Specifies the time an artifact was built. + - - - other - Used when the type does not match any of the other options. + + + noAssertion + No assertion can be made about the completeness of the relationship. - - Describes if a given file is a directory or non-directory kind of file. - - - - - sha3_512 - SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + + + graph + data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. - - A buildType is a hint that is used to indicate the toolchain, platform, or -infrastructure that the build was invoked on. - - - - Describes how the dataset was collected. - - - - - serious - The highest level of risk posed by an AI system. + + Enumeration of dataset types. + + + + swid + Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3. + + + + support + A reference to the software support channel or other support information for a package. + + + + altDownloadLocation + A reference to an alternative download location. Provide consumers with comments by the creator of the Element about the Element. - - - usesTool - The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. - - - Capture the scope of information about a specific relationship between elements. - - - - Identifies the full text of a License or Addition. - - - - Enumeration of the different kinds of SPDX file. - - - The field describes the availability of a dataset. - - - - A name used in a CdxExtension name-value pair. - - - - Provides an IntegrityMethod with which the integrity of an Element can be -asserted. - - - - - graph - data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. + + + gitoid + [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property. Specifies the unit of energy consumption. - - Enumeration of dataset types. - - - Timestamp of impact statement. - + + Specifies whether an additional text identifier has been marked as deprecated. + - - Availability of dataset. + + Specifies the SSVC decision type. - - - - + + Records the results of general safety risk assessment of the AI system. + + + + + exportControlAssessment + A reference to a export control assessment for a package. + diff --git a/v3.0.1-draft/model/spdx-model.ttl b/v3.0.1-draft/model/spdx-model.ttl index 4e9414931a..57658d96b4 100644 --- a/v3.0.1-draft/model/spdx-model.ttl +++ b/v3.0.1-draft/model/spdx-model.ttl @@ -12,127 +12,127 @@ rdfs:comment "Specifies an AI package and its associated information."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; + sh:property [ sh:class ; sh:nodeKind sh:BlankNodeOrIRI ; sh:path ], + [ sh:class ; + sh:in ( ) ; + sh:maxCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ], [ sh:datatype xsd:string ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:datatype xsd:string ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:string ; - sh:nodeKind sh:Literal ; - sh:path ], [ sh:class ; sh:nodeKind sh:BlankNodeOrIRI ; sh:path ], [ sh:datatype xsd:string ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:class ; - sh:in ( ) ; + [ sh:class ; + sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], + [ sh:class ; + sh:maxCount 1 ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ], [ sh:class ; sh:nodeKind sh:BlankNodeOrIRI ; sh:path ], [ sh:datatype xsd:string ; - sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; - sh:in ( ) ; - sh:maxCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], - [ sh:class ; - sh:maxCount 1 ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], + sh:path ], + [ sh:datatype xsd:string ; + sh:nodeKind sh:Literal ; + sh:path ], [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:datatype xsd:string ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "Class that describes a build instance of software/artifacts."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:anyURI ; + sh:property [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ], + [ sh:datatype xsd:anyURI ; + sh:maxCount 1 ; + sh:minCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:datatype xsd:string ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:datatype xsd:anyURI ; sh:nodeKind sh:Literal ; sh:path ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], [ sh:class ; sh:nodeKind sh:BlankNodeOrIRI ; sh:path ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:datatype xsd:anyURI ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:string ; - sh:nodeKind sh:Literal ; - sh:path ], [ sh:class ; sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "An assertion made in relation to one or more elements."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; + sh:property [ sh:class ; + sh:in ( ) ; sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], + sh:minCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ; sh:pattern "^[^\\/]+\\/[^\\/]+$" ], - [ sh:class ; + [ sh:datatype xsd:string ; sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], - [ sh:class ; - sh:in ( ) ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:class ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; @@ -155,20 +155,20 @@ rdfs:comment "An SPDX version 2.X compatible verification method for software packages."@en ; rdfs:subClassOf ; sh:nodeKind sh:BlankNode ; - sh:property [ sh:datatype xsd:string ; + sh:property [ sh:class ; + sh:in ( ) ; + sh:maxCount 1 ; + sh:minCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ], + [ sh:datatype xsd:string ; sh:nodeKind sh:Literal ; sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; - sh:in ( ) ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ] . a owl:Class ; rdfs:comment "An individual human being."@en ; @@ -185,52 +185,47 @@ rdfs:comment "A collection of SPDX Elements that could potentially be serialized."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:class ; - sh:maxCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], - [ sh:class ; + sh:property [ sh:class ; sh:nodeKind sh:BlankNodeOrIRI ; sh:path ], [ sh:class ; sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ] . + sh:path ], + [ sh:class ; + sh:maxCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "Specifies a data package and its associated information."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; - sh:in ( ) ; + sh:property [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ], + [ sh:class ; + sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:class ; - sh:in ( ) ; - sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; - sh:in ( ) ; + sh:path ], + [ sh:class ; + sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; + sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:nonNegativeInteger ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; @@ -238,21 +233,26 @@ [ sh:datatype xsd:string ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], [ sh:datatype xsd:string ; sh:nodeKind sh:Literal ; sh:path ], [ sh:datatype xsd:string ; - sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:class ; + sh:in ( ) ; + sh:minCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ] . a owl:Class, sh:NodeShape ; @@ -308,11 +308,11 @@ only one of the elements applies."""@en ; sh:property [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:NamedIndividual, ; @@ -372,38 +372,38 @@ text applied to it."""@en ; rdfs:comment "Provides a CVSS version 2.0 assessment for a vulnerability."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; + sh:property [ sh:datatype xsd:decimal ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:decimal ; + sh:path ], + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "Provides a CVSS version 3 assessment for a vulnerability."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:decimal ; + sh:property [ sh:class ; + sh:in ( ) ; sh:maxCount 1 ; sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], + sh:nodeKind sh:IRI ; + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:class ; - sh:in ( ) ; + [ sh:datatype xsd:decimal ; sh:maxCount 1 ; sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ] . + sh:nodeKind sh:Literal ; + sh:path ] . a owl:Class, sh:NodeShape ; @@ -416,16 +416,16 @@ text applied to it."""@en ; sh:minCount 1 ; sh:nodeKind sh:IRI ; sh:path ], - [ sh:datatype xsd:decimal ; + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:string ; + sh:path ], + [ sh:datatype xsd:decimal ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; @@ -436,19 +436,24 @@ text applied to it."""@en ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:decimal ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "Provides an exploit assessment of a vulnerability."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:anyURI ; + sh:property [ sh:datatype xsd:boolean ; + sh:maxCount 1 ; + sh:minCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:datatype xsd:anyURI ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; @@ -458,12 +463,7 @@ text applied to it."""@en ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:IRI ; - sh:path ], - [ sh:datatype xsd:boolean ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; @@ -483,14 +483,14 @@ text applied to it."""@en ; affected by the vulnerability."""@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:dateTimeStamp ; + sh:property [ sh:datatype xsd:dateTimeStamp ; sh:nodeKind sh:Literal ; sh:path ; - sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ] . + sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ] . a owl:Class ; rdfs:comment """Links a vulnerability and elements representing products (in the VEX sense) where @@ -509,15 +509,15 @@ not affected by the vulnerability."""@en ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; sh:path ], - [ sh:datatype xsd:dateTimeStamp ; + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; - sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], - [ sh:datatype xsd:string ; + sh:path ], + [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ; + sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ] . a owl:Class ; rdfs:comment """Designates elements as products where the impact of a vulnerability is being @@ -538,12 +538,12 @@ investigated."""@en ; [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ] . a owl:Class, @@ -551,7 +551,10 @@ investigated."""@en ; rdfs:comment "An SPDX Element containing an SPDX license expression string."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; + sh:property [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ], + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; @@ -560,10 +563,7 @@ investigated."""@en ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ; - sh:pattern "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ] . + sh:pattern "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" ] . a owl:Class, sh:NodeShape ; @@ -594,7 +594,7 @@ investigated."""@en ; sh:property [ sh:class ; sh:maxCount 1 ; sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], + sh:path ], [ sh:class ; sh:maxCount 1 ; sh:minCount 1 ; @@ -603,7 +603,7 @@ investigated."""@en ; [ sh:class ; sh:maxCount 1 ; sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ] . + sh:path ] . spdx: a owl:Ontology ; rdfs:label "System Package Data Exchange (SPDX) Ontology"@en ; @@ -2245,29 +2245,29 @@ different stages of its lifecycle."""@en ; sh:NodeShape ; rdfs:comment "Provides information about the creation of the Element."@en ; sh:nodeKind sh:BlankNode ; - sh:property [ sh:class ; - sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], + sh:property [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ], [ sh:class ; sh:nodeKind sh:IRI ; sh:path ], + [ sh:class ; + sh:minCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; + sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ; + sh:pattern "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; sh:path ; - sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], - [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ; - sh:pattern "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" ] . + sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ] . a , owl:Class, @@ -2275,16 +2275,16 @@ different stages of its lifecycle."""@en ; rdfs:comment "A collection of Elements, not necessarily with unifying context."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:class ; - sh:in ( ) ; - sh:nodeKind sh:IRI ; - sh:path ], - [ sh:class ; + sh:property [ sh:class ; sh:nodeKind sh:IRI ; sh:path ], [ sh:class ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ], + [ sh:class ; + sh:in ( ) ; + sh:nodeKind sh:IRI ; + sh:path ] . a owl:Class, sh:NodeShape ; @@ -2296,18 +2296,18 @@ different stages of its lifecycle."""@en ; sh:minCount 1 ; sh:nodeKind sh:IRI ; sh:path ], - [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:minCount 1 ; + [ sh:datatype xsd:anyURI ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:datatype xsd:anyURI ; + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; @@ -2317,7 +2317,12 @@ different stages of its lifecycle."""@en ; sh:NodeShape ; rdfs:comment "A map of Element identifiers that are used within a Document but defined external to that Document."@en ; sh:nodeKind sh:BlankNode ; - sh:property [ sh:class ; + sh:property [ sh:datatype xsd:anyURI ; + sh:maxCount 1 ; + sh:minCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:class ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; sh:path ], @@ -2327,29 +2332,24 @@ different stages of its lifecycle."""@en ; [ sh:datatype xsd:anyURI ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:anyURI ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "A reference to a resource outside the scope of SPDX-3.0 content related to an Element."@en ; sh:nodeKind sh:BlankNode ; sh:property [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ; - sh:pattern "^[^\\/]+\\/[^\\/]+$" ], - [ sh:datatype xsd:string ; sh:nodeKind sh:Literal ; sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ; + sh:pattern "^[^\\/]+\\/[^\\/]+$" ], [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; @@ -2361,17 +2361,17 @@ different stages of its lifecycle."""@en ; rdfs:comment "A mathematically calculated representation of a grouping of data."@en ; rdfs:subClassOf ; sh:nodeKind sh:BlankNode ; - sh:property [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; + sh:property [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:minCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ] . a owl:NamedIndividual, ; @@ -2482,46 +2482,46 @@ different stages of its lifecycle."""@en ; sh:NodeShape ; rdfs:comment "A mapping between prefixes and namespace partial URIs."@en ; sh:nodeKind sh:BlankNode ; - sh:property [ sh:datatype xsd:string ; + sh:property [ sh:datatype xsd:anyURI ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:anyURI ; + sh:path ], + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "Describes a relationship between one or more elements."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:class ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], - [ sh:datatype xsd:dateTimeStamp ; + sh:property [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], + [ sh:class ; + sh:minCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ], [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; sh:path ], - [ sh:class ; - sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], + [ sh:class ; + sh:maxCount 1 ; + sh:minCount 1 ; + sh:nodeKind sh:IRI ; + sh:path ], [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; @@ -2644,33 +2644,33 @@ License or LicenseAddition."""@en ; rdfs:comment "A canonical, unique, immutable identifier"@en ; rdfs:subClassOf ; sh:nodeKind sh:BlankNode ; - sh:property [ sh:datatype xsd:anyURI ; - sh:maxCount 1 ; - sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; + sh:property [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ], + [ sh:datatype xsd:anyURI ; + sh:maxCount 1 ; + sh:minCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ] . a owl:Class, sh:NodeShape ; rdfs:comment "Refers to any object that stores content on a computer."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ; - sh:pattern "^[^\\/]+\\/[^\\/]+$" ], - [ sh:class ; + sh:property [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ; + sh:pattern "^[^\\/]+\\/[^\\/]+$" ] . a owl:Class, sh:NodeShape ; @@ -2678,26 +2678,26 @@ License or LicenseAddition."""@en ; software."""@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:anyURI ; + sh:property [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:anyURI ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:string ; + sh:path ], + [ sh:datatype xsd:anyURI ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:anyURI ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:NamedIndividual, ; @@ -2883,24 +2883,24 @@ software."""@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; sh:property [ sh:datatype xsd:string ; + sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], + sh:path ], [ sh:class ; sh:in ( ) ; sh:nodeKind sh:IRI ; sh:path ], - [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], [ sh:class ; sh:in ( ) ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ], + [ sh:datatype xsd:string ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ] . a owl:Class ; rdfs:comment "Specifies the type of an annotation."@en . @@ -2911,10 +2911,17 @@ software."""@en ; rdfs:comment "A distinct article or unit within the digital domain."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:class ; + sh:property [ sh:class ; + sh:in ( ) ; + sh:nodeKind sh:IRI ; + sh:path ], + [ sh:class ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; sh:path ], + [ sh:datatype xsd:string ; + sh:nodeKind sh:Literal ; + sh:path ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; @@ -2923,7 +2930,7 @@ software."""@en ; [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], [ sh:class ; sh:nodeKind sh:IRI ; @@ -2931,15 +2938,8 @@ software."""@en ; [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; - sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], - [ sh:datatype xsd:string ; - sh:nodeKind sh:Literal ; - sh:path ], - [ sh:class ; - sh:in ( ) ; - sh:nodeKind sh:IRI ; - sh:path ] . + sh:path ; + sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ] . a owl:Class, sh:NodeShape ; @@ -2949,12 +2949,12 @@ software."""@en ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:positiveInteger ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a , owl:Class ; @@ -2974,14 +2974,17 @@ ExpandedLicensing profile."""@en ; rdfs:comment "Abstract class for the portion of an AnyLicenseInfo representing a license."@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; + sh:property [ sh:datatype xsd:anyURI ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:datatype xsd:boolean ; sh:maxCount 1 ; - sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:anyURI ; + sh:path ], + [ sh:datatype xsd:boolean ; + sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; @@ -2990,26 +2993,23 @@ ExpandedLicensing profile."""@en ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:datatype xsd:boolean ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:boolean ; + sh:path ], + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; + sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a , owl:Class, @@ -3018,26 +3018,26 @@ ExpandedLicensing profile."""@en ; which is not itself a standalone License."""@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:anyURI ; + sh:property [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:string ; + sh:path ], + [ sh:datatype xsd:boolean ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:minCount 1 ; + [ sh:datatype xsd:anyURI ; sh:nodeKind sh:Literal ; - sh:path ], - [ sh:datatype xsd:boolean ; + sh:path ], + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; @@ -3055,11 +3055,11 @@ which is not itself a standalone License."""@en ; sh:property [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class ; rdfs:comment "Specifies the type of a content identifier."@en . @@ -3083,17 +3083,17 @@ Element."""@en ; rdfs:comment """The class that helps note down the quantity of energy consumption and the unit used for measurement."""@en ; sh:nodeKind sh:BlankNode ; - sh:property [ sh:class ; - sh:in ( ) ; + sh:property [ sh:datatype xsd:decimal ; sh:maxCount 1 ; sh:minCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], - [ sh:datatype xsd:decimal ; + sh:nodeKind sh:Literal ; + sh:path ], + [ sh:class ; + sh:in ( ) ; sh:maxCount 1 ; sh:minCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ] . + sh:nodeKind sh:IRI ; + sh:path ] . a owl:Class ; rdfs:comment "Specifies the safety risk level."@en . @@ -3126,29 +3126,29 @@ used for measurement."""@en ; rdfs:comment "Abstract ancestor class for all vulnerability assessments"@en ; rdfs:subClassOf ; sh:nodeKind sh:IRI ; - sh:property [ sh:class ; + sh:property [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; - sh:nodeKind sh:IRI ; - sh:path ], + sh:nodeKind sh:Literal ; + sh:path ; + sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], [ sh:datatype xsd:dateTimeStamp ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ; + sh:path ; sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ], - [ sh:class ; + [ sh:class ; sh:maxCount 1 ; sh:nodeKind sh:IRI ; - sh:path ], - [ sh:datatype xsd:dateTimeStamp ; + sh:path ], + [ sh:class ; sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ; - sh:pattern "^\\d\\d\\d\\d-\\d\\d-\\d\\dT\\d\\d:\\d\\d:\\d\\dZ$" ] . + sh:nodeKind sh:IRI ; + sh:path ] . a owl:Class ; rdfs:comment "Provide an enumerated set of lifecycle phases that can provide context to relationships."@en . @@ -3194,13 +3194,13 @@ according to the sh:nodeKind sh:BlankNode ; sh:property [ sh:datatype xsd:string ; sh:maxCount 1 ; + sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; - sh:minCount 1 ; sh:nodeKind sh:Literal ; - sh:path ] . + sh:path ] . a owl:Class ; rdfs:comment "Enumeration of dataset types."@en . @@ -3213,39 +3213,39 @@ according to the sh:NodeShape ; rdfs:comment "Base domain class from which all other SPDX-3.0 domain classes derive."@en ; sh:nodeKind sh:IRI ; - sh:property [ sh:datatype xsd:string ; + sh:property [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ], + [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], + [ sh:datatype xsd:string ; + sh:maxCount 1 ; + sh:nodeKind sh:Literal ; + sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; sh:path ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], - [ sh:class ; - sh:nodeKind sh:BlankNodeOrIRI ; - sh:path ], [ sh:datatype xsd:string ; sh:maxCount 1 ; sh:nodeKind sh:Literal ; - sh:path ], + sh:path ], + [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ], + [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ], [ sh:class ; sh:maxCount 1 ; sh:minCount 1 ; sh:nodeKind sh:BlankNodeOrIRI ; sh:path ], - [ sh:datatype xsd:string ; - sh:maxCount 1 ; - sh:nodeKind sh:Literal ; - sh:path ] . + [ sh:class ; + sh:nodeKind sh:BlankNodeOrIRI ; + sh:path ] . a owl:Class ; rdfs:comment "Provides information about the primary purpose of an Element."@en . diff --git a/v3.0.1-draft/model/spdx-model.xml b/v3.0.1-draft/model/spdx-model.xml index ee390a2e0e..cc0636e148 100644 --- a/v3.0.1-draft/model/spdx-model.xml +++ b/v3.0.1-draft/model/spdx-model.xml @@ -7,344 +7,320 @@ xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:sh="http://www.w3.org/ns/shacl#" > - - - - - 1 + + Property that describes the URI of the build configuration source file. + + - - - - clickthrough - the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. + + + - - - - Provides information about the creation of the Element. - - - - - - + + Impact justification label to be used when linking a vulnerability to an element +representing a VEX product with a VexNotAffectedVulnAssessmentRelationship +relationship. + + - - Records the type of the model used in the AI software. - - + + + - - - - other - the Element doesn't fit into any of the other categories + + + + - - - - + + + + + 1 1 - - - + + + + + + 1 + 1 - - + + + 1 + 1 - - - - configuration - Element is configuration data - - - - - An assertion made in relation to one or more elements. - - - - - - - - - - - - - - + + A name used in a CdxExtension name-value pair. + + - + - Abstract class for the portion of an AnyLicenseInfo representing a license. - + Base domain class from which all other SPDX-3.0 domain classes derive. - - - - - - - - - + + + + + + + + + + + + + - + - - support - the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. + + hasAddedFile + Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). - - - Specifies the type of an annotation. + + + + publishedBy + (Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. - + - A license that is listed on the SPDX License List. - + A license exception that is listed on the SPDX Exceptions list. + - - + + - - Describes methods that can be used to explain the results from the AI model. - - + + + - - - + + Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. + + - + - - sensor - data is recorded from a physical sensor, such as a thermometer reading or biometric device. + + blake2b256 + BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - - - - - 1 - 1 + + + + kilowattHour + Kilowatt-hour. - - - - + + + + A map of Element identifiers that are used within a Document but defined external to that Document. + + + + + - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + - 1 1 - - + + - 1 1 - - - - kev - CISA's Known Exploited Vulnerability (KEV) Catalog - - - Specifies the amount of energy consumed when finetuning the AI model that is -being used in the AI system. - - + + Specifies the SPDX License List version in which this ListedLicense or +ListedLicenseException identifier was first added. + + - + - Indicates the type of support that is associated with an artifact. - - - - - - 1 - - - - - - - - - - - - + + + Abstract class for additional text intended to be added to a License, but +which is not itself a standalone License. + - - 1 - - - - - - - - - - - - + + + + + + - - A license expression participating in a license set. - - + + + + binaryArtifact + A reference to binary artifacts related to a package. - + - Provides an exploit assessment of a vulnerability. - + A collection of Elements that have a shared context. + - - - + - + - sourceArtifact - A reference to an artifact containing the sources for a package. + eolNotice + A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. - - - - directDownload - the dataset is publicly available and can be downloaded directly. + + + - + - - documentation - A reference to the documentation for a package. - - - - - - - Provides information about the creation of the Element. - - + + no + Indicates absence of the field. - - - - application - the Element is a software application + + Captures a standard that is being complied with. + + - - - + + + + + 1 - - - + + + + 1 - - - - - 1 + + + - + - Describes a relationship between one or more elements. - + Links a vulnerability and one or more elements designating the latter as products +not affected by the vulnerability. + - - - - - - - - - - + + + - + - - swhid - SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. + + serious + The highest level of risk posed by an AI system. - - - + + + Specifies the CVSS base, temporal, threat, or environmental severity type. + + + Identifies the download Uniform Resource Identifier for the package at the time +that the document was created. + + + + + + ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ + - 1 1 - + - - blake2b512 - BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. + + archive + the Element is an archived collection of one or more files (.tar, .zip, etc) - + + + + Specifies a vulnerability and its associated information. + + + + + + + - - cpe23 - [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) + + underInvestigationFor + (Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. - - - - - 1 - 1 + + + + critical + When a CVSS score is between 9.0 - 10.0 - - + + + + releaseHistory + A reference to a published list of releases for a package. + + + + + vulnerabilityDisclosureReport + A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). + + + + + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ 1 - - - - syntactic - data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. - - + - A canonical, unique, immutable identifier - - - - - - - - + Specifies a data package and its associated information. + + + + + + + + + + + + + + + @@ -352,766 +328,831 @@ being used in the AI system. Provides an independently reproducible mechanism that permits verification of a specific Element. - + - + + Provides additional purpose information of the software artifact. + + + + - - low - Low/no risk is posed by an AI system. + + securityFix + A reference to the patch or source code that fixes a vulnerability. - - - - A tuple of two positive integers that define a range. - - - + + Defines the line range in the original host file that the snippet information +applies to. + + - + + Records the time when a recommended action was communicated in a VEX statement +to mitigate a vulnerability. + + + + + - Provide context for a relationship that occurs in the lifecycle. - + A distinct article or unit related to Software. + - - - - - - privacyAssessment - A reference to a privacy assessment for a package. + + + + + - - Information about the relationship between two Elements. - - + + + - - - + + + - 1 - - The name of a relevant standard that may apply to an artifact. - - + + + - + - A mathematical algorithm that maps data of arbitrary size to a bit string. + + A reference to a resource outside the scope of SPDX-3.0 content related to an Element. + + + + + - - + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ 1 - - - - - - 1 - 1 + + + - - - - Portion of an AnyLicenseInfo representing a set of licensing information -where all elements apply. - - - + + + + device + the Element refers to a chipset, processor, or electronic board - - - - - 1 - 1 + + + - + - - other - any hashing algorithm that does not exist in this list of entries + + runtime + SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. - - - + + Property that describes the time at which a build stops. + + - + + + + + - - image - data is a collection of images such as pictures of animals. + + fixedBy + (Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s). - + - - other - data is of a type not included in this list. + + install + the Element is used to install software on disk - - - + + + + urlScheme + [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. - - - + + Provides relevant information about the AI software, not including the model +description. + + - - - - buildMeta - A reference build metadata related to a published package. + + Records the biases that the dataset is known to encompass. + + - + + + + + - - A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. + + A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. - - - - - - - - - - - 1 - 1 - - - - Refers to any object that stores content on a computer. - - - - - - - Specified the time and date when a vulnerability was withdrawn. - - + + + + green + Dataset can be shared within a community of peers and partners. - + - - securityOther - Used when there is a security related identifier of unspecified type. + + doesNotAffect + (Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. - - Specifies whether an additional text identifier has been marked as deprecated. - - + + + - - Provides a place for the SPDX data creator to record the package URL string -(in accordance with the -[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) -for a software Package. - - + + + + + 1 - - - - - - 1 + + + + 1 - - Specifies until when the artifact can be used before its usage needs to be -reassessed. + + Specifies the CVSS vector string for a vulnerability. - + - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 - - - + + + + deviceDriver + Element represents software that controls hardware devices - + - Specifies the VEX justification type. + + Portion of an AnyLicenseInfo representing a set of licensing information +where all elements apply. + + + - - References an Element on the right-hand side of a relationship. - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 - - - - numeric - data consists only of numeric entries. + + + - - Specifies the amount of energy consumed when training the AI model that is -being used in the AI system. - - + + + + An SPDX Element containing an SPDX license expression string. + + + + + - - + + - - - - testedOn - (AI, Dataset) The `from` Element has been tested on the `to` Element(s). + + + - + + Identifies the full text of a LicenseAddition, in SPDX templating format. + + + + + + + + - - hasVariant - Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). + + software + the element follows the Software profile specification - + - A mathematically calculated representation of a grouping of data. + A canonical, unique, immutable identifier - - + + - - Defines the line range in the original host file that the snippet information -applies to. - - + + + + + - - - - - 1 - 1 + + + - - - - A key with an associated value. - - - + + + - - + + + + hasTest + Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. + + + + + An Individual Value for License where the SPDX data creator determines that no +license is present. + + + + + Describes a sensor used for collecting the data. + + + + + Specifies the exploit catalog type. + + + + + 1 - + + Property describing the start time of a build. + + + + - Provides an EPSS assessment for a vulnerability. - - - - + A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element. + + + + + + - - - - complete - The relationship is known to be exhaustive. + + + + + 1 + 1 - - - - + + + + 1 - + + - Portion of an AnyLicenseInfo representing this version, or any later version, -of the indicated License. - + A collection of Elements, not necessarily with unifying context. + - + + + - + - - cve - Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). - - - - + + platform + Element represents a runtime environment - - - + + + + mailingList + A reference to the mailing list used by the maintainer for a package. - - Describes if any sensitive personal information is present in the dataset. - - + + + + + 2 - + - - container - the Element is a container image which can be used by a container runtime application + + directDownload + the dataset is publicly available and can be downloaded directly. - + - install - the Element is used to install software on disk + bom + Element is a bill of materials - + - - packagedBy - Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). + + runtimeAnalysisReport + A reference to a runtime analysis report for a package. - - - + + + 1 1 - + + + + + + + + + + + + Refers to any unit of content that can be associated with a distribution of +software. + + + + + + + + + + + + + - - availableFrom - The `from` Element is available from the additional supplier described by each `to` Element. + + other + any hashing algorithm that does not exist in this list of entries - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + library + the Element is a software library + + + + + A collection of SPDX Elements that could potentially be serialized. + + + + + + + + + 1 - - - - - + + + + 1 1 - - - - - + - - reportedBy - (Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. + + test + A relationship has specific context implications during an element's testing phase, during development. - - Identifies when the Element was originally created. - - + + + - - - + + + + + Asbtract ancestor class for all VEX relationships + + + + - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 + + + + Provides an SSVC assessment for a vulnerability. + + + - + - - An Individual Value for License where the SPDX data creator determines that no -license is present. - - + + test + The Element is a test used to verify functionality on an software element - + - patchedBy - Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). + describes + The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. - + + Describes if a given file is a directory or non-directory kind of file. + + + + - - gitoid - [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property. + + operatingSystem + the Element is an operating system - + - hasProvidedDependency - The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. + hasPrerequisite + The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. - - - - - 1 - 1 + + + - - - + + + + - + + Provides an unambiguous mechanism for conveying a URI fragment portion of an +ElementID. + + + + - Describes a certain part of a file. - + Specifies an AI package and its associated information. + - - - + + + + + + + + + + + + + + + + + + + - + + - A map of Element identifiers that are used within a Document but defined external to that Document. - - - - - + Abstract ancestor class for all vulnerability assessments + + + + + + + - + + - Specifies a data package and its associated information. - + A distinct article or unit within the digital domain. + - - - - - - - - - - - - - - - - - - - 1 + + + + + + + + + + + - - - + + + - + - - securityOther - A reference to related security information of unspecified type. - - - - - + + hasConcludedLicense + The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license. - + - - crystalsDilithium - [Dilithium](https://pq-crystals.org/dilithium/) + + categorical + data that is classified into a discrete number of categories, such as the eye color of a population of people. - - - + + + + - - - - Specifies an AI package and its associated information. - - - - - - - - - - - - - - - - - + + + - - Describes one a profile which the creator of this ElementCollection intends to -conform to. - - + + + - - Provides a numerical (0-10) representation of the severity of a vulnerability. - - + + + - + + + Enumeration of the different kinds of SPDX file. + + - - sha256 - SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). + + core + the element follows the Core profile specification - + - - gitoid - Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document). + + cpe22 + [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) - - - A container for a grouping of SPDX-3.0 content characterizing details -(provenence, composition, licensing, etc.) about a product. - - + + + + metrics + A reference to metrics related to package such as OpenSSF scorecards. - - - - + + Provides a place for the SPDX data creator to record acknowledgement text for +a software Package, File or Snippet. + + - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + A mapping between prefixes and namespace partial URIs. + + + + + + + 1 - - - - Portion of an AnyLicenseInfo representing a License which has additional -text applied to it. - - - - + + + + hasOptionalComponent + Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). - + + Specifies a time when a vulnerability assessment was modified + + + + - - chat - A reference to the instant messaging system used by the maintainer for a package. + + manifest + the Element is a software manifest - - - + + + + availableFrom + The `from` Element is available from the additional supplier described by each `to` Element. + + + + + + + + - + 1 1 - - - - Connects a vulnerability and an element designating the element as a product -affected by the vulnerability. - - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 - - - - incomplete - The relationship is known not to be exhaustive. + + The relative file name of a file to be excluded from the +`PackageVerificationCode`. + + - + - - other - A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. + + qualityAssessmentReport + A reference to a quality assessment for a package. - - - - hasTest - Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period. + + + + + 1 - + - - invokedBy - The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). - - - A probability score between 0 and 1 of a vulnerability being exploited. - - + + crystalsDilithium + [Dilithium](https://pq-crystals.org/dilithium/) - - - + + + - 1 1 - - - - A license or addition that is not listed on the SPDX License List. - + - + - - green - Dataset can be shared within a community of peers and partners. + + hasExample + Every `to` Element is an example for the `from` Element (`from` hasExample `to`). - - - - registration - the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. + + + + + 1 - + - - fixedIn - (Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. + + noSupport + there is no support for the artifact from the supplier, consumer assumes any support obligations. - - - - + + + + + 1 1 - - - - extension - the element follows the Extension profile specification + + + - + - - red - Data points in the dataset are highly confidential and can only be shared with named recipients. - - - Specifies the SPDX License List version in which this license or exception -identifier was deprecated. - - + + cwe + [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). - + - - - Abstract class for additional text intended to be added to a License, but -which is not itself a standalone License. - + A concrete subclass of AnyLicenseInfo used by Individuals in the +ExpandedLicensing profile. + - - - - - - - + - - file - the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc) + + securityPolicy + A reference to instructions for reporting newly discovered security vulnerabilities for a package. - - - - build - A relationship has specific context implications during an element's build phase, during development. + + + + Connects a vulnerability and an element designating the element as a product +affected by the vulnerability. + + + + - + - - sha3_384 - SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - - - - - - 1 + + numeric + data consists only of numeric entries. - + - Links a vulnerability and one or more elements designating the latter as products -not affected by the vulnerability. - + Describes a certain part of a file. + - - - + + + - - - - + + + + 1 1 - - An entity that is authorized to issue identification credentials. - - + + + + republishedBy + (Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. - - Identifies who or what created the Element. - - + + + - - - - - - 1 + + + + hasDeletedFile + Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). - + - - runtimeAnalysisReport - A reference to a runtime analysis report for a package. + + runtime + A relationship has specific context implications during the execution phase of an element. + + + + + + 1 @@ -1119,2205 +1160,2145 @@ not affected by the vulnerability. hasAssociatedVulnerability (Security) Used to associate a `from` Artifact with each `to` Vulnerability. - + - - An Individual Value for Element representing a set of Elements with -cardinality (number/count) of zero. - - + + query + the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. - - - - A property name with an associated value. - - - + + + - - - A concrete subclass of AnyLicenseInfo used by Individuals in the -ExpandedLicensing profile. - + + + + + 1 - - - - - A distinct article or unit within the digital domain. - - - - - - - - - - - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + 1 1 - - Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) - - - - - - - hasEvidence - (Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). + + + + + - + - trainedOn - (AI, Dataset) The `from` Element has been trained on the `to` Element(s). - - - - - A collection of Elements that have a shared context. - - - + exploitCreatedBy + (Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent. - - Specifies the SPDX License List version in which this ListedLicense or -ListedLicenseException identifier was first added. + + Explains why a VEX product is not affected by a vulnerability. It is an +alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable +justification label. - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 - + - - noAssertion - no assertion about the type of support is made. This is considered the default if no other support type is used. - - - - - - - - - Portion of an AnyLicenseInfo representing a set of licensing information where -only one of the elements applies. - - - + + megajoule + Megajoule. - - - - mailingList - A reference to the mailing list used by the maintainer for a package. + + + - - Specifies whether the License is listed as approved by the -[Open Source Initiative (OSI)](https://opensource.org). - - + + + - - - Provide an enumerated set of lifecycle phases that can provide context to relationships. + + + + + 1 - - - - modifiedBy - The `from` Element is modified by each `to` Element. + + + - + - - endOfSupport - there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. + + blake2b384 + BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - + - hasDistributionArtifact - The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file). - - - - - manifest - the Element is a software manifest - - - - - + reportedBy + (Security) Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent. - - - - + + + + + 1 + 1 - - - - Specifies a vulnerability and its associated information. - - - - - + + + ^[^\/]+\/[^\/]+$ + + + 1 - - - + + + + + 1 1 - + - secureSoftwareAttestation - A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). - - - - - sha1 - SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174). - - - - - affects - (Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. + other + Used when the type does not match any of the other options. - - A key used in a generic key-value pair. - - + + + - - Captures the threshold that was used for computation of a metric described in -the metric field. - - + + + + - - - + + + + + 1 + 1 - - Specifies whether the License is listed as free by the -[Free Software Foundation (FSF)](https://fsf.org). - - + + + + + + 1 + 1 - - - - vulnerableCodeNotPresent - The product is not affected because the code underlying the vulnerability is not present in the product. + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 - + - - dataset - the element follows the Dataset profile specification - - - The result of applying a hash algorithm to an Element. - - + + configures + The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. - + - - platform - Element represents a runtime environment + + clear + Dataset may be distributed freely, without restriction. - - - + + + - 1 - - + + - - - + + + + + - - + + + + + + + Specifies the type of a content identifier. + + + Identifies from where or whom the Element originally came. + + + + + + + review + Used when someone reviews the Element. + + + - 1 1 - - - + + + + swhid + SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and in the case of filess they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. + + + + 1 1 - - Identifies the full text of a LicenseAddition, in SPDX templating format. + + A value used in a CdxExtension name-value pair. - - - - - - - - - + - evidence - the Element is the evidence that a specification or requirement has been fulfilled - - - Property describing the parameters used in an instance of a build. - - + container + the Element is a container image which can be used by a container runtime application - - Specifies the type of the external reference. - - + + + + riskAssessment + A reference to a risk assessment for a package. - - + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ 1 - - - + + + + + 1 - - Provides a map of a property names to a values. - - + + Specifies the time from which an element is no longer applicable / valid. + + - - - - An Individual Value for License when no assertion can be made about its actual -value. - - + + Refers to one or more Elements that are part of an ElementCollection. + + - - Specifies the time an artifact was released. + + Specifies the value of the content identifier. - + - - - - email - Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3. + + + Information about the relationship between two Elements. - - - + + + - - 1 - 1 + - - - - deviceDriver - Element represents software that controls hardware devices + + + + Portion of an AnyLicenseInfo representing a License which has additional +text applied to it. + + + + - - - + + + + + 1 + 1 - - - + + A place for the SPDX document creator to record a website that serves as the +package's home page. + + - - - + + + + dynamicAnalysisReport + A reference to a dynamic analysis report for a package. - - - + + + + hasEvidence + (Dataset) Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`). - + - - An Individual Value for Element representing a set of Elements of unknown -identify or cardinality (number). - - + + sha3_384 + SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - - - + + + + + 1 + 1 - - + + 1 - - - - - - - - - - - + + Provides information about the creation of the Element. + + - + - - hasConcludedLicense - The `from` Software Artifact is concluded by the SPDX data creator to be governed by each `to` license. + + medium + The third-highest level of risk posed by an AI system. - - Identify the version of a package. + + + + + + Identifies the text of one or more copyright notices for a software Package, +File or Snippet, if any. - - - - - - - - - - - - Refers to any unit of content that can be associated with a distribution of -software. - - - - - - - - - - - - - - 1 - - - - - - - - - simpleLicensing - the element follows the simple Licensing profile specification + + Provides the license under which the SPDX documentation of the Element can be +used. + + - - - + + + - + - md2 - MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/). + sha3_224 + SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - + - - componentNotPresent - The software is not affected because the vulnerable component is not in the product. + + hasDistributionArtifact + The `from` Element is distributed as an artifact in each Element `to` (e.g. an RPM or archive file). - - - - build - the element follows the Build profile specification + + The result of applying a hash algorithm to an Element. + + - - - + + Describes one a profile which the creator of this ElementCollection intends to +conform to. + + - + + + Provides information about the primary purpose of an Element. + + - A license exception that is listed on the SPDX Exceptions list. - + Provides a CVSS version 3 assessment for a vulnerability. + - - + + + - - Specifies the version of a VEX statement. + + A key used in a generic key-value pair. - - - - - - - - - - An SPDX Element containing an SPDX license expression string. - - - - - - - - - + + + + securityThreatModel + A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. - + - - megajoule - Megajoule. + + testedOn + (AI, Dataset) The `from` Element has been tested on the `to` Element(s). - - - - + + + + contains + The `from` Element contains each `to` Element. - + - Provides a CVSS version 4 assessment for a vulnerability. - + Refers to any object that stores content on a computer. + - - - + + - - - + + + + 1 1 - - + + + + + + + 1 - - - - + + + Specifies the VEX justification type. - - - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + 1 - - - - - - - - blake2b384 - BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. + + The version of the SPDX License List used in the license expression. + + - - - + + + - + - - file - The file represents a single file (default). + + An Individual Value for License when no assertion can be made about its actual +value. + + - + - - source - SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. + + hasDocumentation + The `from` Element is documented by each `to` Element. - - - - video - data is video based, such as a collection of movie clips featuring Tom Hanks. + + + - + + - A class for describing the energy consumption incurred by an AI model in -different stages of its lifecycle. - - - - + Abstract class for the portion of an AnyLicenseInfo representing a license. + + + + + + + + + + + - + - - securityThreatModel - A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package. - - - - - - - - - - - - - - - - - - - Class that describes a build instance of software/artifacts. - - - - - - - - - - - + + hasAssessmentFor + (Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types. - - Provides the location of an exploit catalog. - - + + + + descendantOf + The `from` Element is a descendant of each `to` Element. - - Provides information about the completeness of relationships. + + + + + + Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - + - - - - - 1 + + + - + - - falcon - [FALCON](https://falcon-sign.info/falcon.pdf) + + development + the artifact is in active development and is not considered ready for formal support from the supplier. - - Defines the original host file that the snippet information applies to. - - + + + - - - - + + + + + 1 1 - - - + + + + buildMeta + A reference build metadata related to a published package. - - Describes relevant information about different steps of the training process. + + Specifies the time from which an element is applicable / valid. - + - - - + + + + + + + - 1 - 1 - - - - - - 1 + + + ^[^\/]+\/[^\/]+$ + + 1 - - - - - + - - inlineMitigationsAlreadyExist - Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. + + configuration + Element is configuration data - - - + + + - - - - md6 - [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) + + + - - - - - 1 - 1 + + + + hasDeclaredLicense + The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. - - Records the results of general safety risk assessment of the AI system. - - + + + + componentNotPresent + The software is not affected because the vulnerable component is not in the product. - - Records a hyperparameter used to build the AI model contained in the AI -package. - - + + + - - - + + + - - - - timeseries - data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. + + + - - + + 1 - - Describes the type of annotation. - - + + + + A license that is listed on the SPDX License List. + + + + - - - + + Property describes the invocation entrypoint of a build. + + - + - - runtime - A relationship has specific context implications during the execution phase of an element. + + blake3 + [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) - - - - A reference to a resource outside the scope of SPDX-3.0 content related to an Element. - - - - - + + + - - - + + + + An Individual Value for Element representing a set of Elements with +cardinality (number/count) of zero. + + - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + 1 + 1 - + - An element of hardware and/or software utilized to carry out a particular function. - + A license that is not listed on the SPDX License List. + - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + + + + 1 - - - + + + + - - - + + + + - - - - build - SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. + + + - + - - test - A relationship has specific context implications during an element's testing phase, during development. + + securityAdversaryModel + A reference to the security adversary model for a package. - + - A group of people who work together in an organized way for a shared purpose. - - + Availability of dataset. - - - + + Contains a URL where the License or LicenseAddition can be found in use. + + - - - - - 1 + + + - - - - runtime - SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM. + + + - + - - scrapingScript - the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. + + swhid + SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. - - + + + ^[^\/]+\/[^\/]+$ - - - - A short description of an Element. - - - - - - - - - - Explains why a VEX product is not affected by a vulnerability. It is an -alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable -justification label. - - + + 1 - - Identifies the full text of a LicenseAddition. + + Describes all the preprocessing steps applied to the training data before the +model training. - - - - securityFix - A reference to the patch or source code that fixes a vulnerability. - - - - + + + - - 1 + 2 - - - - + + Captures the threshold that was used for computation of a metric described in +the metric field. + + - - - - - 1 - 1 + + + + hasVariant + Every `to` Element is a variant the `from` Element (`from` hasVariant `to`). - - - + + + - 1 1 - - - - analyzed - SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM. + + + + - - - - foundBy - (Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). + + + - - A LicenseAddition participating in a 'with addition' model. + + Artifact representing a serialization instance of SPDX data containing the +definition of a particular Element. - + - - Records the biases that the dataset is known to encompass. - - + + + - + - - attend - The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. + + componentAnalysisReport + A reference to a Software Composition Analysis (SCA) report. - - - - - 1 + + + + amendedBy + The `from` Element is amended by each `to` Element. - - - + + + + - - - - securityPenTestReport - A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. + + + - - - - Abstract class representing a License or an OrLaterOperator. - - + + + + vulnerableCodeNotPresent + The product is not affected because the code underlying the vulnerability is not present in the product. - + - - design - SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. + + firmware + the Element provides low level control over a device's hardware - - - + + + - + 1 1 - - - - hasDependencyManifest - The `from` Element has manifest files that contain dependency information in each `to` Element. + + + An individual human being. + + - - - - vulnerabilityExploitabilityAssessment - A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). + + + - - - + + A buildType is a hint that is used to indicate the toolchain, platform, or +infrastructure that the build was invoked on. + + - - Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. - - + + + - - - - - 1 + + + + act + The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. - - - - - 1 + + + - + - - amendedBy - The `from` Element is amended by each `to` Element. + + gitoid + Gitoid stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects) and a gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document). - - - - hasPrerequisite - The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period. + + + - - - + + + + analyzed + SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM. - + - - noAssertion - data type is not known. + + security + the element follows the Security profile specification - + + Property describing the parameters used in an instance of a build. + + + + + + + + + + + + + + + + + 1 + + - qualityAssessmentReport - A reference to a quality assessment for a package. + purchaseOrder + A reference to a purchase order for a package. - - + + - + - - exportControlAssessment - A reference to a export control assessment for a package. - - - - - System Package Data Exchange (SPDX) Ontology - This ontology defines the terms and relationships used in the SPDX specification to describe system packages - 2024-04-05 - SPDX Project - - - System Package Data Exchange (SPDX) Ontology - Copyright (C) 2024 SPDX Project + + other + Used when the type does not match any of the other options. - - - - - 1 + + + + model + the Element is a machine learning or artificial intelligence model - - - + + + + documentation + A reference to the documentation for a package. - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 + + + + hasDataFile + The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency. - - - + + + + high + When a CVSS score is between 7.0 - 8.9 - + - hasRequirement - The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. + invokedBy + The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step). - - - Specifies the exploit catalog type. + + + - - - + + References the Element on the left-hand side of a relationship. + + - - Commentary on an assertion that an annotator has made. + + The percentile of the current probability score. - + - + - - other - Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless). + + structured + data is stored in tabular format or retrieved from a relational database. - + + + + + - - Asbtract ancestor class for all VEX relationships + Provides a CVSS version 4 assessment for a vulnerability. - - - - - Identifies who or what supplied the artifact or VulnAssessmentRelationship -referenced by the Element. - - + + + - - Conveys information about how VEX status was determined. - - + + + - - Specifies an Element contained in a piece of software where a vulnerability was -found. - - + + + - - - - - 1 - 1 + + + Specifies the type of an annotation. - - - ^[^\/]+\/[^\/]+$ - - - 1 + + + - - The relative file name of a file to be excluded from the -`PackageVerificationCode`. + + A canonical, unique, immutable identifier of the artifact content, that may be +used for verifying its identity and/or integrity. - - - - - - - - - - - security - the element follows the Security profile specification + - + - - Abstract ancestor class for all vulnerability assessments - + Provides an EPSS assessment for a vulnerability. + - - - - - + + - - Maps a LicenseRef or AdditionRef string for a Custom License or a Custom -License Addition to its URI ID. - - + + + - - Identifies the download Uniform Resource Identifier for the package at the time -that the document was created. + + The name of a relevant standard that may apply to an artifact. - - - - - - low - When a CVSS score is between 0.1 - 3.9 + - - - - + + + + + + 1 1 - + - - hasInputs - The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period. - - - - - - - Describes the anonymization methods used. - - - - - - - + + other + data is of a type not included in this list. - - Provides a reference number that can be used to understand how to parse and interpret an Element. + + Gives information about the circumstances or unifying properties +that Elements of the bundle have been assembled under. - - Provides relevant information about the AI software, not including the model -description. - - + + + + sha3_256 + SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - - - + + + + An Individual Value for Element representing a set of Elements of unknown +identify or cardinality (number). + + - - - + + + + low + Low/no risk is posed by an AI system. - + - - Provides a CVSS version 2.0 assessment for a vulnerability. - - - - - - - - - socialMedia - A reference to a social media channel for a package. + Categories of presence or absence. - - - - hasDeletedFile - Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`). + + + - + - contains - The `from` Element contains each `to` Element. - - - - - + hasHost + The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). - - - + + + - + - - review - Used when someone reviews the Element. + + directory + The file represents a directory and all content stored in that directory. - - - + + + + System Package Data Exchange (SPDX) Ontology + This ontology defines the terms and relationships used in the SPDX specification to describe system packages + 2024-04-05 + SPDX Project + + + System Package Data Exchange (SPDX) Ontology + Copyright (C) 2024 SPDX Project - - A value used in a generic key-value pair. + + + + An assertion made in relation to one or more elements. + + + + + + + + + Uniquely identifies an external element. - - - - module - the Element is a module of a piece of software + + Specifies an Extension characterization of some aspect of an Element. + + - + + + + + 1 + + - - patch - Element contains a set of changes to update, fix, or improve another Element + + securityOther + Used when there is a security related identifier of unspecified type. - - - + + + - - - - hasOptionalDependency - The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. + + + + + 1 - - - - Provides an SSVC assessment for a vulnerability. - + + + + + + + + + 1 + 1 + + + + - - - - + + + - - Specifies the unit in which energy is measured. - - + + Identifies the full text of a License, in SPDX templating format. + + - - - - query - the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset. + + Describes what the given dataset should be used for. + + - + - + 1 1 - - Records if sensitive personal information is used during model training or -could be used during the inference. + + Specifies the algorithm used for calculating the hash value. - + - + - Provides information about the primary purpose of an Element. + Links a vulnerability and elements representing products (in the VEX sense) where +a fix has been applied and are no longer affected. + + - + + Specifies the SPDX License List version in which this license or exception +identifier was deprecated. + + + + + + + + 1 + + + Provides information about the primary purpose of the software artifact. + + + + - - componentAnalysisReport - A reference to a Software Composition Analysis (SCA) report. + + file + the Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc) - + + + + Portion of an AnyLicenseInfo representing this version, or any later version, +of the indicated License. + + + + + - generates - The `from` Element generates each `to` Element. + ancestorOf + The `from` Element is an ancestor of each `to` Element. - - + + Captures the domain in which the AI package can be used. + + + + + Describes the anonymization methods used. + + + + + 1 - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + - 1 - 1 - - - + + + + - - - + + + + delegatedTo + The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). - - - - - - 1 - 1 + + + - + - - documentation - Element is documentation - - - - A license addition that is not listed on the SPDX Exceptions List. - - + + hasProvidedDependency + The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period. - + - sha3_224 - SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + md5 + MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321). - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + 1 - - Property that describes the time at which a build stops. + + Provides a numerical (0-10) representation of the severity of a vulnerability. - + - - - + + + An element of hardware and/or software utilized to carry out a particular function. + + - - - - + + + - + - - other - Any other units of energy measurement. + + trackStar + ("Track*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines. - - - - + + Conveys information about how VEX status was determined. + + - - - + + + + email + Email address, as defined in [RFC 3696](https://www.rfc-editor.org/info/rfc3986) Section 3. - - - + + + - - Specifies the time when a vulnerability was published. - - + + + + timeseries + data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day. - - - + + + - 1 + 1 - + - - mavenCentral - A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html). - - - - + + dependsOn + The `from` Element depends on each `to` Element, during a LifecycleScopeType period. - - - + + + + + 1 + 1 - - Specifies the time from which an element is no longer applicable / valid. - - + + + A group of people who work together in an organized way for a shared purpose. + + - - Specifies the type of the external identifier. + + Records a hyperparameter used to build the AI model contained in the AI +package. - - - - Identifies all the text and metadata associated with a license in the license -XML format. - - - - - - - - - - - - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - + + + + + 1 1 - - - - support - A reference to the software support channel or other support information for a package. + + + Specifies the type of an external identifier. - - - + + + - - - - fixedBy - (Security) Designates a `from` Vulnerability has been fixed by the `to` Agent(s). + + Provides an indication of where to retrieve an external Element. + + - - - - - 1 + + + + Portion of an AnyLicenseInfo representing a set of licensing information where +only one of the elements applies. + + + - - Property describes the invocation entrypoint of a build. + + Specifies whether a license or additional text identifier has been marked as +deprecated. - + - - - - deployed - in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. + + + + A mathematically calculated representation of a grouping of data. + + + + - - - + + + - + - - crystalsKyber - [Kyber](https://pq-crystals.org/kyber/) + + secureSoftwareAttestation + A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form). - - - - structured - data is stored in tabular format or retrieved from a relational database. + + A License participating in an 'or later' model. + + - + + + + + - - lite - the element follows the Lite profile specification + + nuget + A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org). - + - development - A relationship has specific context implications during development phase of an element. + build + A relationship has specific context implications during an element's build phase, during development. - - - + + + + amber + Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. - - - + + + + timestamp + data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. - + - - md4 - MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186). + + source + the Element is a single or a collection of source files - - Specifies the licenseId that is preferred to be used in place of a deprecated -License or LicenseAddition. - - + + + + hasStaticLink + The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. - + - - swhid - SoftWare Hash IDentifier, persistent intrinsic identifiers for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The syntax of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) and they typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`. + + text + data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. - - - - - 1 + + + + + 1 - + + + + hasOutputs + The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. + + + + + + - - Base domain class from which all other SPDX-3.0 domain classes derive. - - - - - - - - - - + A class for describing the energy consumption incurred by an AI model in +different stages of its lifecycle. + + + + - + - - securityAdvisory - A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. + + other + Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element). - - - + + + - - - - hasTestCase - Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). + + + - + - - timestamp - data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends. + + hasOptionalDependency + The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period. - - - + + + + + 1 - - Property describing the start time of a build. - - + + + + + 1 - - - - dependsOn - The `from` Element depends on each `to` Element, during a LifecycleScopeType period. + + + - + - - bower - A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). + + specification + the Element is a plan, guideline or strategy how to create, perform or analyse an application - + - sha224 - SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874). + sha384 + SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). - - - + + + + + 1 + 1 - - - + + + - - - + + A value used in a generic key-value pair. + + + + + + + + + + + + + + A software agent. + + + + + Points to a resource outside the scope of the SPDX-3.0 content +that provides additional characteristics of an Element. + + + + + Provides an IntegrityMethod with which the integrity of an Element can be +asserted. + + + + + + - - limitedSupport - the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. + + limitedSupport + the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support. + + + + + sha1 + SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://www.rfc-editor.org/info/rfc3174). + + + + + hasTestCase + Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`). - - Refers to one or more Elements that are part of an ElementCollection. - - + + Specifies whether the License is listed as free by the +[Free Software Foundation (FSF)](https://fsf.org). + + - + 1 - - Provides a License author's preferred text to indicate that a file is covered -by the License. + + + + + 1 + + + + + + 1 + + + Specifies the type of the content identifier. + + + + + + + Class that describes a build instance of software/artifacts. + + + + + + + + + + + + + + Represents the energy quantity. - + - - - - core - the element follows the Core profile specification + + + - - - + + + - + - device - the Element refers to a chipset, processor, or electronic board - - - - - + diskImage + the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. - - - + + Property that describes the digest of the build configuration file used to +invoke a build. + + - + - - trackStar - ("Track*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track* vulnerabilities within standard update timelines. + + registration + the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms. - - - + + + - - - - + + + + + 1 - - - - executable - Element is an Artifact that can be run on a computer - - - + + 1 - - - - - 1 - - - - - - - - - audio - data is audio based, such as a collection of music from the 80s. + + + - + - - publishedBy - (Security) Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent. - - - - + + blake2b512 + BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. - + - binaryArtifact - A reference to binary artifacts related to a package. + vulnerabilityExploitabilityAssessment + A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf). - - - - altWebPage - A reference to an alternative web page. + + + + A type of extension consisting of a list of name value pairs. + + + - - - + + + - - Describes the preprocessing steps that were applied to the raw data to create the given dataset. + + + + + + Describes methods that can be used to explain the results from the AI model. - - - + + + + Provides a CVSS version 2.0 assessment for a vulnerability. + - 1 + + - - - + + + - + - - ai - the element follows the AI profile specification - - - Artifact representing a serialization instance of SPDX data containing the -definition of a particular Element. - - - - - Impact justification label to be used when linking a vulnerability to an element -representing a VEX product with a VexNotAffectedVulnAssessmentRelationship -relationship. - - + + hasInputs + The `from` Build has each `to` Elements as an input, during a LifecycleScopeType period. - + - expandsTo - The `from` archive expands out as an artifact described by each `to` Element. + trainedOn + (AI, Dataset) The `from` Element has been trained on the `to` Element(s). - - Property that describes the digest of the build configuration file used to -invoke a build. - - + + + - - - + + + - - - ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ + + + + productMetadata + A reference to additional product metadata such as reference within organization's product catalog. + + + - 1 1 - + + + + Describes a relationship between one or more elements. + + + + + + + + + + - + 1 1 - - Provides an indication of where to retrieve an external Element. - - + + + - - - + + Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance. + + - - Provides a detailed description of the Element. - - + + + + + 1 - - The version of the SPDX License List used in the license expression. - - + + + + + 1 - - - - filesystemImage - the Element is a file system image that can be written to a disk (or virtual) partition + + + + The class that helps note down the quantity of energy consumption and the unit +used for measurement. + + + - - - - expandedLicensing - the element follows the expanded Licensing profile specification + + + + + 1 - - - + + + - - - + + + + A collection of SPDX Elements describing a single package. + - 2 + - - - + + Provides a License author's preferred text to indicate that a file is covered +by the License. + + + + + + + 1 1 - - - + + + - - - - hasExample - Every `to` Element is an example for the `from` Element (`from` hasExample `to`). + + + - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 + + + + A property name with an associated value. + + + - - - - yes - Indicates presence of the field. + + + - - Records the measurement of prediction quality of the AI model. - - + + + - - Specifies whether a license or additional text identifier has been marked as -deprecated. - - + + + + Provides information about the creation of the Element. + + + + + + - + - - specification - the Element is a plan, guideline or strategy how to create, perform or analyse an application + + sha224 + SHA-2 with a digest length of 224, as defined in [RFC 3874](https://www.rfc-editor.org/info/rfc3874). - - - + + + + - - Property describing the session in which a build is invoked. - - + + Identifies the name of an Element as designated by the creator. + + - + - - hasAddedFile - Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`). + + privacyAssessment + A reference to a privacy assessment for a package. - + + + Designates elements as products where the impact of a vulnerability is being +investigated. + + + + - - noAssertion - No assertion can be made about the completeness of the relationship. + + md2 + MD2 message-digest algorithm, as defined in [RFC 1319](https://www.rfc-editor.org/info/rfc1319/). - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 + + + - - - + + + + A tuple of two positive integers that define a range. + + + - - A value used in a CdxExtension name-value pair. + + Specifies the time when a vulnerability was published. - - - - - - - 1 + - + - metrics - A reference to metrics related to package such as OpenSSF scorecards. + staticAnalysisReport + A reference to a static analysis report for a package. - - - + + + + image + data is a collection of images such as pictures of animals. + + + + Indicates the type of support that is associated with an artifact. + + + + 1 1 - - Provides the license under which the SPDX documentation of the Element can be -used. - - + + + - - - - + + + - - - - packageUrl - [package URL](https://github.com/package-url/purl-spec) + + Identifies the full text of a License or Addition. + + - + - - ancestorOf - The `from` Element is an ancestor of each `to` Element. - - - - - - - - - - - - Categories of confidentiality level. + + incomplete + The relationship is known not to be exhaustive. - + - - descendantOf - The `from` Element is a descendant of each `to` Element. + + build + the element follows the Build profile specification - - Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software. - - + + + - - - + + + + - - - - A collection of SPDX Elements that could potentially be serialized. - + + + - - - - - - Describes the type of the given dataset. - - - - - - + 1 + 1 - + - - other - Other exploit catalogs + + securityAdvisory + A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries. - - + + + 1 1 - - - - vulnerabilityDisclosureReport - A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final). + + + - - - - amber - Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis. + + + - - - + + + - - - - - 1 + + + - + - hasAssessmentFor - (Security) Relates a `from` Vulnerability and each `to` Element(s) with a security assessment. To be used with `VulnAssessmentRelationship` types. + other + Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationhip types (this relationship is directionless). + + + + + + + 1 + 1 + + + + + + + + + crystalsKyber + [Kyber](https://pq-crystals.org/kyber/) - - - + + + - - - + + + - - - + + + Specifies the type of an external reference. - - - + + Specifies an Element contained in a piece of software where a vulnerability was +found. + + - - - + + + - - A substitute for a URI. + + + + + + + + + + A buildId is a locally unique identifier used by a builder to identify a unique +instance of a build produced by it. - - - + + + + + 1 + 1 - - - - directory - The file represents a directory and all content stored in that directory. + + + + + 1 + 1 - - - + + + + vulnerableCodeNotInExecutePath + The affected code is not reachable through the execution of the code, including non-anticipated states of the product. - - Provides information about the primary purpose of the software artifact. + + Specifies the level of support associated with an artifact. - + - - - + + + + chat + A reference to the instant messaging system used by the maintainer for a package. - + - underInvestigationFor - (Security/VEX) The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships. + generates + The `from` Element generates each `to` Element. - + - - high - When a CVSS score is between 7.0 - 8.9 - - - Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog. - - - - - - - Abstract class representing a license combination consisting of one or more -licenses (optionally including additional text), which may be combined -according to the -[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md). - - + + dataset + the element follows the Dataset profile specification - + - archive - the Element is an archived collection of one or more files (.tar, .zip, etc) - - - - - - 1 - 1 - - - - - - + filesystemImage + the Element is a file system image that can be written to a disk (or virtual) partition - + - - sha512 - SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). - - - - + + extension + the element follows the Extension profile specification - - - - kilowattHour - Kilowatt-hour. + + + - - - - - 1 + + + - - - + + Records the type of the model used in the AI software. + + @@ -3325,420 +3306,360 @@ according to the An SPDX version 2.X compatible verification method for software packages. - - - - - - - - - - Captures the size of the dataset. - - - - - - - - 1 - 1 + + + - - - Designates elements as products where the impact of a vulnerability is being -investigated. - - + + + - - - - development - the artifact is in active development and is not considered ready for formal support from the supplier. + + + - - + + 1 - + - - categorical - data that is classified into a discrete number of categories, such as the eye color of a population of people. - - - - - - 1 + + packagedBy + Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`). - - - - - 1 + + + - - Specifies the type of the content identifier. + + An Element an annotator has made an assertion about. - - - - Describes potentially noisy elements of the dataset. - - - - - - - hasDynamicLink - The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. + - - - - md5 - MD5 message-digest algorithm, as defined in [RFC 1321](https://www.rfc-editor.org/info/rfc1321). + + + + + 1 + 1 - + - A software agent. - + A container for a grouping of SPDX-3.0 content characterizing details +(provenence, composition, licensing, etc.) about a product. + - - - - swid - Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3. + + + + - + - - medium - When a CVSS score is between 4.0 - 6.9 - - - - - - - - - - - Indicates the amount of energy consumption incurred by an AI model. - - + + development + A relationship has specific context implications during development phase of an element. - - - - funding - A reference to funding information related to a package. + + + - - - - deployed - SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. + + + + + 1 + 1 - + - - hasSpecification - Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. + + lite + the element follows the Lite profile specification - - - + + + - - Captures a standard that is being complied with. - - + + + + - - - - urlScheme - [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource. + + + + - - - + + + + inlineMitigationsAlreadyExist + Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability. - - Describes the confidentiality level of the data points contained in the dataset. + + Identifies who or what supplied the artifact or VulnAssessmentRelationship +referenced by the Element. - + - - - + + + + sourceArtifact + A reference to an artifact containing the sources for a package. - - - + + + - 1 - - Captures a limitation of the AI software. - - - - - - Agent represents anything with the potential to act on a system. - - - - - - - A collection of SPDX Elements describing a single package. - - - + + + + - + - - releaseHistory - A reference to a published list of releases for a package. + + application + the Element is a software application - - Specifies a time when a vulnerability assessment was modified + + Specifies until when the artifact can be used before its usage needs to be +reassessed. - - - + + + + - - Represents the energy quantity. - - + + + - - - + + + + + 1 - - - + + + + serializedInArtifact + The `from` SPDXDocument can be found in a serialized form in each `to` Artifact. - - - - + + + - + - - riskAssessment - A reference to a risk assessment for a package. + + hasDynamicLink + The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period. - - - + + + - - - + + + + simpleLicensing + the element follows the simple Licensing profile specification - + - sha3_256 - SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + md4 + MD4 message-digest algorithm, as defined in [RFC 1186](https://www.rfc-editor.org/info/rfc1186). - - - + + + - - + + 1 - - - + + Describes the type of annotation. + + - - The percentile of the current probability score. - - + + + - + + + + + - issueTracker - A reference to the issue tracker for a package. - - - Specifies an Extension characterization of some aspect of an Element. - - + securityPenTestReport + A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package. - - - + + + + 1 1 - - - - vcs - A reference to a version control system related to a software artifact. + + + + + 1 - - Provides a place for the SPDX data creator to record acknowledgement text for -a software Package, File or Snippet. + + Identify the version of a package. - - - + + + + + 1 - - - Specifies the type of a content identifier. + + + + coordinatedBy + (Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). - - - + + + - - - + + + - - - + + Records any relevant background information or additional comments +about the origin of the package. + + - - - - - + + + - - Specifies the algorithm used for calculating the hash value. + + Indicates the amount of energy consumption incurred by an AI model. - + - - - - - - 1 + + + + vulnerableCodeCannotBeControlledByAdversary + The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. - - - + + Specifies the amount of energy consumed when training the AI model that is +being used in the AI system. + + - - - + + + - - - + + + - + - - hasOutputs - The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period. - - - - - - 1 + + executable + Element is an Artifact that can be run on a computer - - - + + + - - Provides information about the type of an SBOM. - - + + + - + - exploitCreatedBy - (Security) The `from` Vulnerability has had an exploit created against it by each `to` Agent. - - - Describes a sensor used for collecting the data. - - + usesTool + The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. - + - source - the Element is a single or a collection of source files + module + the Element is a module of a piece of software - - - + + This property is used to denote the root Element(s) of a tree of elements contained in a BOM. + + - - - - diskImage - the Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc. + + Provides the location of an exploit catalog. + + - - + + - 1 - - - + + + - + - - doesNotAffect - (Security/VEX) The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships. + + low + When a CVSS score is between 0.1 - 3.9 - - - + + + + + + 1 + 1 - - - - purchaseOrder - A reference to a purchase order for a package. + + Describes potentially noisy elements of the dataset. + + - - - - - 1 + + + + + + + + syntactic + data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing. Provides advise on how to mitigate or remediate a vulnerability when a VEX product @@ -3746,318 +3667,298 @@ is affected by it. - + + + + + - - eolNotice - A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package. + + hasMetadata + Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). - - - + + Records if sensitive personal information is used during model training or +could be used during the inference. + + - - - - + + + + + 1 1 - - - - releaseNotes - A reference to the release notes for a package. + + Provides a reference to a resource outside the scope of SPDX-3.0 content +that uniquely identifies an Element. + + - - - + + + + - - - + + + + A key with an associated value. + + + - + - - certificationReport - A reference to a certification report for a package from an accredited/independent body. + + other + A relationship has other specific context information necessary to capture that the above set of enumerations does not handle. - - - + + + Specifies the exploit catalog type. + + + + - 1 + 1 - - - - staticAnalysisReport - A reference to a static analysis report for a package. + + A probability score between 0 and 1 of a vulnerability being exploited. + + - + - no - Indicates absence of the field. - - - Contains a URL where the License or LicenseAddition can be found in use. - - + yes + Indicates presence of the field. - + - - clear - Dataset may be distributed freely, without restriction. + + falcon + [FALCON](https://falcon-sign.info/falcon.pdf) - - - - securityAdversaryModel - A reference to the security adversary model for a package. + + Specifies the time an artifact was released. + + - + - - act - The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible. - - - - - - 1 - 1 - - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 - - - - - - 1 - 1 + + npm + A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json). - + - license - A reference to additional license information related to an artifact. - - - This property is used to denote the root Element(s) of a tree of elements contained in a BOM. - - - - - - - - - - - - - - - - - - ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ - - - 1 + bower + A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install). - + - - blake3 - [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf) + + file + The file represents a single file (default). - - - + + + + scrapingScript + the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data. - - - + + Defines the end of a range. + + - - - Information about the relationship between two Elements. + + + - + - - critical - When a CVSS score is between 9.0 - 10.0 + + design + A relationship has specific context implications during an element's design. - - - - + + + + + 1 - - - - - - - - - 1 + + References an Element on the right-hand side of a relationship. + + - + - - configures - The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period. + + sha3_512 + SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). - - Provides the location of an external reference. + + + + other + the Element doesn't fit into any of the other categories + + + Captures a limitation of the AI software. - + - - bom - Element is a bill of materials + + clickthrough + the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage. - + + Identifies an external Element used within a Document but defined external to +that Document. + + + + - nuget - A reference to a NuGet package. The package locator format, looks like `package/version`, is defined in [NuGet documentation](https://docs.nuget.org). + issueTracker + A reference to the issue tracker for a package. - + - - model - the Element is a machine learning or artificial intelligence model + + sensor + data is recorded from a physical sensor, such as a thermometer reading or biometric device. - - - + + Property describing the session in which a build is invoked. + + - - - - - 1 + + + - - - Links a vulnerability and elements representing products (in the VEX sense) where -a fix has been applied and are no longer affected. - - + + + + noAssertion + Makes no assertion about the field. - - - + + + + sha256 + SHA-2 with a digest length of 256, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). - - - + + + + 1 - - - - framework - the Element is a software framework - - + - buildSystem - A reference build system used to create or publish the package. + license + A reference to additional license information related to an artifact. - + - - high - The second-highest level of risk posed by an AI system. + + other + Any other units of energy measurement. - - - + + + - - + + + ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ 1 1 - + - - A distinct article or unit related to Software. - + Provides an exploit assessment of a vulnerability. + - - - - - + + + - - - + + + - - - - - 1 + + Specifies the type of the external identifier. + + - + - delegatedTo - The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`). - - - - - - - - + hasRequirement + The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period. - - Provides an ExternalMap of Element identifiers. + + Records the measurement of prediction quality of the AI model. - + - - A License participating in a 'with addition' model. + + A license expression participating in a license set. - + - - - + + + + + 1 - - - + + + + - + + + + + + Provides a map of a property names to a values. + + + + + Describes relevant information about different steps of the training process. + + + + - - republishedBy - (Security) Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent. + + video + data is video based, such as a collection of movie clips featuring Tom Hanks. + + + + Enumeration of the valid profiles. @@ -4065,1510 +3966,1609 @@ a fix has been applied and are no longer affected. data Element is data - - - + + + - - Specifies the time from which an element is applicable / valid. - - + + + + attend + The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines. - - - + + + - - - + + + + deployed + in addition to being supported by the supplier, the software is known to have been deployed and is in use. For a software as a service provider, this implies the software is now available as a service. - - - + + + + + 1 - - + + + + + + + 1 1 - - - + + Provides information about the type of an SBOM. + + - - - + + + + foundBy + (Security) Designates a `from` Vulnerability was originally discovered by the `to` Agent(s). - + + Specifies the type of the external reference. + + + + - - sha384 - SHA-2 with a digest length of 384, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). + + patch + Element contains a set of changes to update, fix, or improve another Element - - - + + + - - - + + + + + + 1 - + + + + + - - productMetadata - A reference to additional product metadata such as reference within organization's product catalog. + + complete + The relationship is known to be exhaustive. + + + + + endOfSupport + there is a defined end of support for the artifact from the supplier. This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact. + + + + + noAssertion + data type is not known. - - - + + + 1 - - - ^[^\/]+\/[^\/]+$ + + 1 - - - - - - Identifies an external Element used within a Document but defined external to -that Document. - - - - - - + + + + + 1 + 1 - - - + + A LicenseAddition participating in a 'with addition' model. + + - - - + + + + - - Provides additional purpose information of the software artifact. - - + + + - - Provides a reference to a resource outside the scope of SPDX-3.0 content -that uniquely identifies an Element. - - + + + + + 1 + 1 - - Provides the location for more information regarding an external identifier. - - + + + - - Specifies the time an artifact was built. - - + + + - - - ^[^\/]+\/[^\/]+$ + + + 1 1 - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 - + + + + + - - operatingSystem - the Element is an operating system + + socialMedia + A reference to a social media channel for a package. - - - + + + + funding + A reference to funding information related to a package. - - + + + + + + + + kev + CISA's Known Exploited Vulnerability (KEV) Catalog + + + 1 - - Captures the domain in which the AI package can be used. + + Provides a reference number that can be used to understand how to parse and interpret an Element. - - - - other - Used to store extra information about an Element which is not part of a Review (e.g. extra information provided during the creation of the Element). - - - - - library - the Element is a software library + + Defines the beginning of a range. + + - - + + - - - - - - - - - - - - - - - + + + + other + Other exploit catalogs - + - - design - A relationship has specific context implications during an element's design. + + audio + data is audio based, such as a collection of music from the 80s. - + - An individual human being. - - + Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. - - - + + The field describes the availability of a dataset. + + - - - A license that is not listed on the SPDX License List. - + + + - - - - - + 1 - - - - - - - - - + - - vulnerableCodeNotInExecutePath - The affected code is not reachable through the execution of the code, including non-anticipated states of the product. - - - - + + medium + When a CVSS score is between 4.0 - 6.9 - - - + + + + md6 + [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf) - - - - A characterization of some aspect of an Element that is associated with the Element in a generalized fashion. - + + + + patchedBy + Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`). - - Identifies from where or whom the Element originally came. - - + + + + none + When a CVSS score is 0.0 - - Identifies the tooling that was used during the creation of the Element. - - + + + - - Indicates whether the system can perform a decision or action without human -involvement or guidance. - - + + + - - - - text - data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript. + + Captures the size of the dataset. + + - - References the Element on the left-hand side of a relationship. - - + + + - - - - + + + + 1 - - - - - - Points to a resource outside the scope of the SPDX-3.0 content -that provides additional characteristics of an Element. - - + + + + - - - + + + + Provide context for a relationship that occurs in the lifecycle. + + + - - - - track - The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. + + + - - - - blake2b256 - BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://www.rfc-editor.org/info/rfc7693) Section 4. + + + - - - + + + - - - - A type of extension consisting of a list of name value pairs. - - - + + + - + + + + + - software - the element follows the Software profile specification + expandedLicensing + the element follows the expanded Licensing profile specification - - Property that describes the URI of the build configuration source file. + + + + + 1 + 1 + + + + + + + Provides a place for the SPDX data creator to record the package URL string +(in accordance with the +[package URL spec](https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst)) +for a software Package. - - - + + + - + - - vulnerableCodeCannotBeControlledByAdversary - The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack. - - - - + + cpe23 + [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final) - + - - npm - A reference to an npm package. The package locator format, looks like `package@version`, is defined in [npm Docs](https://docs.npmjs.com/cli/v10/configuring-npm/package-json). + + red + Data points in the dataset are highly confidential and can only be shared with named recipients. - + + Identifies who or what created the Element. + + + + + + + + - - copiedTo - The `from` Element has been copied to each `to` Element. + + cve + Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id). - - Gives information about the circumstances or unifying properties -that Elements of the bundle have been assembled under. + + An entity that is authorized to issue identification credentials. - - - - The class that helps note down the quantity of energy consumption and the unit -used for measurement. - - - + + + - - Specifies the value of the content identifier. + + Provides the location for more information regarding an external identifier. - - + + + + affects + (Security/VEX) The `from` vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships. + + + + + source + SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. + + + + + + + + + + + + + + + 1 - - - - - - - + + Specifies the unit in which energy is measured. + + - - - + + + + + 1 - - Describes all the preprocessing steps applied to the training data before the -model training. - - + + + + + 1 - + - - describes - The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used. - - - - + + framework + the Element is a software framework - - - + + + - - - + + + + - - - + + + Provide an enumerated set of lifecycle phases that can provide context to relationships. - + - - A mapping between prefixes and namespace partial URIs. - - - + + Abstract class representing a license combination consisting of one or more +licenses (optionally including additional text), which may be combined +according to the +[SPDX license expression syntax](../../../annexes/SPDX-license-expressions.md). + + - - - + + + - - - + + Describes the confidentiality level of the data points contained in the dataset. + + - - - + + + - + + + + + - Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness. - - - + + + - - - + + Provides an ExternalMap of Element identifiers. + + - - - + + + - + + + + + 1 + + + + + + + Describes if any sensitive personal information is present in the dataset. + + + + - hasStaticLink - The `from` Element statically links in each `to` Element, during a LifecycleScopeType period. + expandsTo + The `from` archive expands out as an artifact described by each `to` Element. - + + + + deployed + SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. + + + A License participating in a 'with addition' model. + + + + - Provides a set of values to be used to describe the common types of SBOMs that -tools may create. + + Abstract class representing a License or an OrLaterOperator. + + + + + + + + + + + ai + the element follows the AI profile specification + + + + + + + + + + + + + + + + + hasSpecification + Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period. + + + + + + + 1 + + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 + + + + + + 1 - - - + + + - - - + + + + modifiedBy + The `from` Element is modified by each `to` Element. + + + + - - - + + + - + - altDownloadLocation - A reference to an alternative download location. - - - - + mavenCentral + A reference to a Maven repository artifact. The artifact locator format, looks like `groupId:artifactId[:version]`, is defined in [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html). - - + + - + 1 - - - + + + - + + 1 - - A buildId is a locally unique identifier used by a builder to identify a unique -instance of a build produced by it. - - + + Provide the enumeration of possible decisions in the Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree [https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf](https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf) + + - - - + + + - - - - Provides a CVSS version 3 assessment for a vulnerability. - - - - - + + + + copiedTo + The `from` Element has been copied to each `to` Element. - - - + + + + hasDependencyManifest + The `from` Element has manifest files that contain dependency information in each `to` Element. - - + + + 1 - - - - securityPolicy - A reference to instructions for reporting newly discovered security vulnerabilities for a package. + + Commentary on an assertion that an annotator has made. + + - - - + + + - - - + + Identifies when the Element was originally created. + + - - - + + + - - - - serializedInArtifact - The `from` SPDXDocument can be found in a serialized form in each `to` Artifact. + + + - + - cwe - [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/). - - - - - + altWebPage + A reference to an alternative web page. - - Identifies the full text of a License, in SPDX templating format. - - + + + - - - + + + - - - + + + 1 - - - + + + - - - + + A short description of an Element. + + - - - + + + Specifies the safety risk level. - - Specifies the amount of energy consumed during inference time by an AI model -that is being used in the AI system. - - + + + - - - + + + + + 1 + 1 - - - + + Defines the original host file that the snippet information applies to. + + - - - + + Information about the relationship between two Elements. + + - - - + + + - - - - - - 1 - 1 + + + - - Records any relevant background information or additional comments -about the origin of the package. + + Provides information about the completeness of relationships. + + + + + Provides information about the content type of an Element or a Property. - - - - - A collection of Elements, not necessarily with unifying context. - - - - - - - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 + + + - - - + + + - - - - other - Used when the type does not match any of the other options. + + Defines the byte range in the original host file that the snippet information +applies to. + + - - - + + + - + - - hasDeclaredLicense - The `from` Software Artifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling. - - - A canonical, unique, immutable identifier of the artifact content, that may be -used for verifying its identity and/or integrity. - - + + requirement + the Element provides a requirement needed as input for another Element - - - + + + - - - + + + + build + SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. - - An Element an annotator has made an assertion about. - - + + + - - - + + + - - - + + + + buildSystem + A reference build system used to create or publish the package. - - - - - + + + + 1 - + - - coordinatedBy - (Security) The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent). + + releaseNotes + A reference to the release notes for a package. - - - + + + + high + The second-highest level of risk posed by an AI system. - - - Specifies the SSVC decision type. + + + - - - - - 2 + + + + + + Identifies all the text and metadata associated with a license in the license +XML format. + + - - - + + + + evidence + the Element is the evidence that a specification or requirement has been fulfilled - - Specifies the level of support associated with an artifact. + + + + + + Identifies the tooling that was used during the creation of the Element. - + - - - + + + - + - - cpe22 - [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf) + + fixedIn + (Security/VEX) A `from` Vulnerability has been fixed in each of the `to` Element(s). The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships. - - - + + + - - - + + Maps a LicenseRef or AdditionRef string for a Custom License or a Custom +License Addition to its URI ID. + + - - - + + + - - - - - - 1 - 1 + + + - - A string in the license expression format. - - + + + - - + + - 1 - - - - - - - - - hasOptionalComponent - Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`). - - - + + + - - - + + + - - - - hasDocumentation - The `from` Element is documented by each `to` Element. + + + + - - - + + + - - - + + + - - - - dynamicAnalysisReport - A reference to a dynamic analysis report for a package. + + + - - - + + + - + - - hasDataFile - The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInputs`, and `hasOutputs`, respectively. This relationship does not imply dependency. + + documentation + Element is documentation - - - + + + - - - - + + Describes the type of the given dataset. + + - - - + + + - - Describes what the given dataset should be used for. + + A string in the license expression format. - - Defines the end of a range. - - - - - - - - - - - - - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - - 1 - - - - + + + + noAssertion + no assertion about the type of support is made. This is considered the default if no other support type is used. - - - - - - 1 + + + - - Describes a mechanism to update the dataset. + + A substitute for a URI. - - - + + + + securityOther + A reference to related security information of unspecified type. - - + + - 1 - 1 - - - - - - - - - + - - firmware - the Element provides low level control over a device's hardware + + certificationReport + A reference to a certification report for a package from an accredited/independent body. - - - + + + - - Specifies the CVSS vector string for a vulnerability. - - + + + - + - - none - When a CVSS score is 0.0 + + sha512 + SHA-2 with a digest length of 512, as defined in [RFC 6234](https://www.rfc-editor.org/info/rfc6234). - - - + + + - + - - requirement - the Element provides a requirement needed as input for another Element - - - - - - - - - - - - + + track + The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines. - - - + + + Categories of confidentiality level. - - - + + + - - Identifies the name of an Element as designated by the creator. + + Describes how the dataset was collected. - - - - - - - - medium - The third-highest level of risk posed by an AI system. + + + - - - + + + + + 1 - - - Specifies the CVSS base, temporal, threat, or environmental severity type. + + + + - - A License participating in an 'or later' model. + + Capture the scope of information about a specific relationship between elements. - + - - - + + + - + + + + + - noSupport - there is no support for the artifact from the supplier, consumer assumes any support obligations. + support + the artifact has been released, and is supported from the supplier. There is a validUntilDate that can provide additional information about the duration of support. - - - + + + - - - - + + Specifies the amount of energy consumed when finetuning the AI model that is +being used in the AI system. + + - - - + + + + design + SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact. - - + + - 1 - - - + + + - - Uniquely identifies an external element. + + Specifies whether the License is listed as approved by the +[Open Source Initiative (OSI)](https://opensource.org). - + - - + + + + + + 1 - - - + + + - - - + + Specified the time and date when a vulnerability was withdrawn. + + - + + Provides a detailed description of the Element. + + + + + + + + + + + + - - noAssertion - Makes no assertion about the field. + + vcs + A reference to a version control system related to a software artifact. - - + + Specifies the version of a VEX statement. + + + + + - - - ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ - - + + + - - - + + + + - - - + + + A license addition that is not listed on the SPDX Exceptions List. + + - - - - - 1 + + + - - - - + + + - - - + + + - - - Enumeration of the valid profiles. + + + - + + + + + + + + packageUrl + [package URL](https://github.com/package-url/purl-spec) + + - Specifies the safety risk level. + Provides a set of values to be used to describe the common types of SBOMs that +tools may create. - - A place for the SPDX document creator to record a website that serves as the -package's home page. - - + + + - - - - - 1 + + + - - - + + + - - - Categories of presence or absence. + + Specifies the licenseId that is preferred to be used in place of a deprecated +License or LicenseAddition. + + - - - + + + - - - - - 1 - 1 + + + - - - + + + - - - + + + - - Provides an unambiguous mechanism for conveying a URI fragment portion of an -ElementID. - - + + + - - - + + + - - - Specifies the type of an external reference. + + + + - - - - hasHost - The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on). + + + - - - - hasMetadata - Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`). + + + - + - Specifies the type of an external identifier. + Agent represents anything with the potential to act on a system. + + - - Identifies the text of one or more copyright notices for a software Package, -File or Snippet, if any. + + + + + + Provides the location of an external reference. - - - + + Describes the preprocessing steps that were applied to the raw data to create the given dataset. + + - - - + + + A mathematical algorithm that maps data of arbitrary size to a bit string. - - - - - 1 - 1 + + + - - - + + + - - - + + + - - - - - 1 - 1 + + Describes a mechanism to update the dataset. + + - - Provides information about the content type of an Element or a Property. + + Indicates whether the system can perform a decision or action without human +involvement or guidance. + + + + + Identifies the full text of a LicenseAddition. - - Specifies the exploit catalog type. + + Specifies the amount of energy consumed during inference time by an AI model +that is being used in the AI system. - + - - - + + + - - Records the time when a recommended action was communicated in a VEX statement -to mitigate a vulnerability. + + + + + + + + + + + Timestamp of impact statement. - - - - test - The Element is a test used to verify functionality on an software element + + + - - Defines the byte range in the original host file that the snippet information -applies to. + + + + + + Specifies the time an artifact was built. - + - - - + + + - - - + + + - - Defines the beginning of a range. - - + + + + noAssertion + No assertion can be made about the completeness of the relationship. + + + + + + + + + + + + + - - - - other - Used when the type does not match any of the other options. + + + - - - + + + - - Describes if a given file is a directory or non-directory kind of file. - - + + + + graph + data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. - - + + - - - - - - - + + + - - - + + + - - - + + + - - - - sha3_512 - SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final). + + + - - A buildType is a hint that is used to indicate the toolchain, platform, or -infrastructure that the build was invoked on. - - + + + - - Describes how the dataset was collected. - - + + + Enumeration of dataset types. - - - + + + - + - - serious - The highest level of risk posed by an AI system. + + swid + Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://www.rfc-editor.org/info/rfc9393) Section 2.3. - - - - + + + + support + A reference to the software support channel or other support information for a package. - - Provide consumers with comments by the creator of the Element about the -Element. - - + + + - - + + - - - - usesTool - The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period. + + + - - - + + + - - Capture the scope of information about a specific relationship between elements. - - + + + - - - + + + + + + 1 - - - + + + - - - + + + - - - + + + + altDownloadLocation + A reference to an alternative download location. - - - + + + - - Identifies the full text of a License or Addition. + + Provide consumers with comments by the creator of the Element about the +Element. - - - Enumeration of the different kinds of SPDX file. + + + - - - + + + - - - + + + - - The field describes the availability of a dataset. - - + + + - - - + + + - - - + + + - - - + + + - - - + + + - - - + + + + - - - + + + + gitoid + [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid>), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent the software [Artifact ID](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-id) or the [OmniBOR Identifier](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-identifier) for the software artifact's associated [OmniBOR Document](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#omnibor-document); this ambiguity exists because the OmniBOR Document is itself an artifact, and the gitoid of that artifact is its valid identifier. Omnibor is a minimalistic schema to describe software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/main/spec/SPEC.md#artifact-dependency-graph-adg). Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's ContentIdentifier property. Gitoids calculated on the OmniBOR Document (OmniBOR Identifiers) should be recorded in the SPDX 3.0 Element's ExternalIdentifier property. - - - + + + - - - - + + + Specifies the unit of energy consumption. - - A name used in a CdxExtension name-value pair. - - + + + - - - - + + + - - - + + + - - - - - - 1 + + + - - - + + + - - - + + Specifies whether an additional text identifier has been marked as deprecated. + + - - Provides an IntegrityMethod with which the integrity of an Element can be -asserted. - - + + + - - - + + + - - - - graph - data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends. + + + - - - - + + + Specifies the SSVC decision type. - - - + + Records the results of general safety risk assessment of the AI system. + + - - - + + + - - + + - - - Specifies the unit of energy consumption. - - - - + + + - - - Enumeration of dataset types. + + + - - - + + + + exportControlAssessment + A reference to a export control assessment for a package. - - - + + + ^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$ + + + 1 - - - + + + - - - + + + - - - + + + - - - + + + - - Timestamp of impact statement. - - + + + - - + + - - - + + + - - - + + + - - - + + + - - - Availability of dataset. + + + - - - + + + - - - + + + + + + + diff --git a/v3.0.1-draft/sitemap.xml b/v3.0.1-draft/sitemap.xml index 4f624b5abd..8366a19fb3 100644 --- a/v3.0.1-draft/sitemap.xml +++ b/v3.0.1-draft/sitemap.xml @@ -2,1437 +2,1437 @@ https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/bibliography/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/introduction/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/normative-references/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/scope/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/serializations/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/terms-and-definitions/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/RDF-object-model-and-identifier-syntax/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/SPDX-Lite/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/SPDX-license-expressions/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/cross-reference/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/diffs-from-previous-editions/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/getting-started/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/including-security-information-in-SPDX/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/license-matching-guidelines-and-templates/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/pkg-url-specification/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/using-SPDX-short-identifiers-in-source-files/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/annexes/using-SPDX-to-comply-with-industry-guidance/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/licenses/CC-BY-3.0/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/licenses/Community-Spec-1.0/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/AI/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Classes/AIPackage/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Classes/EnergyConsumption/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Classes/EnergyConsumptionDescription/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/autonomyType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/domain/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/energyConsumption/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/energyQuantity/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/energyUnit/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/finetuningEnergyConsumption/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/hyperparameter/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/inferenceEnergyConsumption/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/informationAboutApplication/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/informationAboutTraining/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/limitation/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/metric/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/metricDecisionThreshold/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/modelDataPreprocessing/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/modelExplainability/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/safetyRiskAssessment/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/standardCompliance/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/trainingEnergyConsumption/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/typeOfModel/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Properties/useSensitivePersonalInformation/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Vocabularies/EnergyUnitType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/AI/Vocabularies/SafetyRiskAssessmentType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Build/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Classes/Build/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/buildEndTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/buildId/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/buildStartTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/buildType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/configSourceDigest/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/configSourceEntrypoint/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/configSourceUri/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/environment/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Build/Properties/parameters/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Core/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Agent/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Annotation/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Artifact/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Bom/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Bundle/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/CreationInfo/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/DictionaryEntry/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Element/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/ElementCollection/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/ExternalIdentifier/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/ExternalMap/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/ExternalRef/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Hash/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/IntegrityMethod/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/LifecycleScopedRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/NamespaceMap/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Organization/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/PackageVerificationCode/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Person/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/PositiveIntegerRange/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Relationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/SoftwareAgent/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/SpdxDocument/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Classes/Tool/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Datatypes/DateTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Datatypes/MediaType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Datatypes/SemVer/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Individuals/NoAssertionElement/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Individuals/NoneElement/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/algorithm/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/annotationType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/beginIntegerRange/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/builtTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/comment/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/completeness/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/contentType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/context/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/created/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/createdBy/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/createdUsing/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/creationInfo/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/dataLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/definingArtifact/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/description/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/element/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/endIntegerRange/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/endTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/extension/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/externalIdentifier/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/externalIdentifierType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/externalRef/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/externalRefType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/externalSpdxId/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/from/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/hashValue/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/identifier/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/identifierLocator/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/imports/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/issuingAuthority/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/key/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/locationHint/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/locator/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/name/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/namespace/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/namespaceMap/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/originatedBy/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/packageVerificationCodeExcludedFile/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/prefix/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/profileConformance/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/relationshipType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/releaseTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/rootElement/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/scope/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/spdxId/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/specVersion/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/standardName/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/startTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/statement/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/subject/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/summary/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/suppliedBy/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/supportLevel/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/to/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/validUntilTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/value/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Properties/verifiedUsing/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/AnnotationType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/ExternalIdentifierType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/ExternalRefType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/HashAlgorithm/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/LifecycleScopeType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/PresenceType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/ProfileIdentifierType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/RelationshipCompleteness/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/RelationshipType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Core/Vocabularies/SupportType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Dataset/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Classes/DatasetPackage/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/anonymizationMethodUsed/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/confidentialityLevel/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/dataCollectionProcess/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/dataPreprocessing/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/datasetAvailability/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/datasetNoise/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/datasetSize/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/datasetType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/datasetUpdateMechanism/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/hasSensitivePersonalInformation/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/intendedUse/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/knownBias/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Properties/sensor/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Vocabularies/ConfidentialityLevelType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Vocabularies/DatasetAvailabilityType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Dataset/Vocabularies/DatasetType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/ExpandedLicensing/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/ConjunctiveLicenseSet/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/CustomLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/CustomLicenseAddition/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/DisjunctiveLicenseSet/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/ExtendableLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/IndividualLicensingInfo/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/License/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/LicenseAddition/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/ListedLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/ListedLicenseException/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/OrLaterOperator/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Classes/WithAdditionOperator/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Individuals/NoAssertionLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Individuals/NoneLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/additionText/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/deprecatedVersion/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/isDeprecatedAdditionId/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/isDeprecatedLicenseId/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/isFsfLibre/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/isOsiApproved/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/licenseXml/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/listVersionAdded/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/member/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/obsoletedBy/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/seeAlso/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/standardAdditionTemplate/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/standardLicenseHeader/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/standardLicenseTemplate/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/subjectAddition/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/subjectExtendableLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/ExpandedLicensing/Properties/subjectLicense/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Extension/Extension/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Extension/Classes/CdxPropertiesExtension/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Extension/Classes/CdxPropertyEntry/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Extension/Classes/Extension/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Extension/Properties/cdxPropName/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Extension/Properties/cdxPropValue/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Extension/Properties/cdxProperty/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Licensing/Licensing/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Lite/Lite/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Security/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/CvssV2VulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/CvssV3VulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/CvssV4VulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/EpssVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/ExploitCatalogVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/SsvcVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/VexAffectedVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/VexFixedVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/VexNotAffectedVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/VexUnderInvestigationVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/VexVulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/VulnAssessmentRelationship/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Classes/Vulnerability/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/actionStatement/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/actionStatementTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/assessedElement/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/catalogType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/decisionType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/exploited/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/impactStatement/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/impactStatementTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/justificationType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/locator/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/modifiedTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/percentile/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/probability/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/publishedTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/score/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/severity/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/statusNotes/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/vectorString/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/vexVersion/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Properties/withdrawnTime/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Vocabularies/CvssSeverityType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Vocabularies/ExploitCatalogType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Vocabularies/SsvcDecisionType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Security/Vocabularies/VexJustificationType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/SimpleLicensing/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/Classes/AnyLicenseInfo/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/Classes/LicenseExpression/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/Classes/SimpleLicensingText/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/Properties/customIdToUri/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/Properties/licenseExpression/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/Properties/licenseListVersion/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/SimpleLicensing/Properties/licenseText/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Software/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Classes/ContentIdentifier/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Classes/File/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Classes/Package/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Classes/Sbom/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Classes/Snippet/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Classes/SoftwareArtifact/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/additionalPurpose/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/attributionText/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/byteRange/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/contentIdentifier/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/contentIdentifierType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/contentIdentifierValue/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/copyrightText/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/downloadLocation/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/fileKind/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/homePage/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/lineRange/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/packageUrl/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/packageVersion/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/primaryPurpose/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/sbomType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/snippetFromFile/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Properties/sourceInfo/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Vocabularies/ContentIdentifierType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Vocabularies/FileKindType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Vocabularies/SbomType/ - 2024-08-06 + 2024-08-07 daily https://spdx.github.io/spdx-spec/v3.0.1-draft/latest/model/Software/Vocabularies/SoftwarePurpose/ - 2024-08-06 + 2024-08-07 daily \ No newline at end of file diff --git a/v3.0.1-draft/sitemap.xml.gz b/v3.0.1-draft/sitemap.xml.gz index 5cd2f7bb1f..5fbdc4ee30 100644 Binary files a/v3.0.1-draft/sitemap.xml.gz and b/v3.0.1-draft/sitemap.xml.gz differ