schema downloader & applied

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>

cyclonedx/__res/schema/.editorconfig

@@ -0,0 +1,10 @@
+
+# fix settings for files that are copied over, to keep them as is
+[*.SNAPSHOT.xsd]
+indent_size = 4
+indent_style = space
+trim_trailing_whitespace = false
+[*.SNAPSHOT.schema.json]
+indent_size = 2
+indent_style = space
+trim_trailing_whitespace = false

cyclonedx/__res/schema/.gitattributes

@@ -1,3 +1,6 @@
-*       linguist-generated
-*/*     linguist-generated
-**/*    linguist-generated
+# snapshots are vendored for offline use
+*.SNAPSHOT.*    linguist-vendored
+
+# specs are vendored for offline use
+*.xsd           linguist-vendored
+*.schema.json   linguist-vendored

cyclonedx/__res/schema/README.md

@@ -0,0 +1,30 @@
+# Resources: Schema files
+
+some schema for offline use as download via [script](../../tools/schema-downloader.py).
+original sources: <https://github.com/CycloneDX/specification/blob/1.4>
+
+Currently using version
+[ccbf7b5781ef534cd62616e3c4221004c7c82a66](https://github.com/CycloneDX/specification/commit/ccbf7b5781ef534cd62616e3c4221004c7c82a66)
+
+| file | note |
+|------|------|
+| [`bom-1.0.SNAPSHOT.xsd`](bom-1.0.SNAPSHOT.xsd) | applied changes: 1 |
+| [`bom-1.1.SNAPSHOT.xsd`](bom-1.1.SNAPSHOT.xsd) | applied changes: 1 |
+| [`bom-1.2.SNAPSHOT.xsd`](bom-1.2.SNAPSHOT.xsd) | applied changes: 1 |
+| [`bom-1.3.SNAPSHOT.xsd`](bom-1.3.SNAPSHOT.xsd) | applied changes: 1 |
+| [`bom-1.4.SNAPSHOT.xsd`](bom-1.4.SNAPSHOT.xsd) | applied changes: 1 |
+| [`bom-1.2.SNAPSHOT.schema.json`](bom-1.2.SNAPSHOT.schema.json) | applied changes: 2,3,4,5 |
+| [`bom-1.3.SNAPSHOT.schema.json`](bom-1.3.SNAPSHOT.schema.json) | applied changes: 2,3,4,5 |
+| [`bom-1.4.SNAPSHOT.schema.json`](bom-1.4.SNAPSHOT.schema.json) | applied changes: 2,3,4,5 |
+| [`bom-1.2-strict.SNAPSHOT.schema.json`](bom-1.2-strict.SNAPSHOT.schema.json) | applied changes: 2,3,4,5 |
+| [`bom-1.3-strict.SNAPSHOT.schema.json`](bom-1.3-strict.SNAPSHOT.schema.json) | applied changes: 2,3,4,5 |
+| [`spdx.SNAPSHOT.xsd`](spdx.SNAPSHOT.xsd) | |
+| [`spdx.SNAPSHOT.schema.json`](spdx.SNAPSHOT.schema.json) | |
+| [`jsf-0.82.SNAPSHOT.schema.json`](jsf-0.82.SNAPSHOT.schema.json) | |
+
+changes:
+1. `https?://cyclonedx.org/schema/spdx` was replaced with `spdx.SNAPSHOT.xsd`
+2. `spdx.schema.json` was replaced with `spdx.SNAPSHOT.schema.json`
+3. `jsf-0.82.schema.json` was replaced with `jsf-0.82.SNAPSHOT.schema.json`
+4. `properties.$schema.enum` was fixed to match `$id`
+5. `required.version` removed, as it is actually optional with default value

cyclonedx/__res/schema/bom-1.0.xsd → cyclonedx/__res/schema/bom-1.0.SNAPSHOT.xsd

@@ -7,9 +7,9 @@
            targetNamespace="http://cyclonedx.org/schema/bom/1.0"
            vc:minVersion="1.0"
            vc:maxVersion="1.1"
-           version="1.0">
+           version="1.0.1">
 
-    <xs:import namespace="http://cyclonedx.org/schema/spdx" schemaLocation="spdx.xsd"/>
+    <xs:import namespace="http://cyclonedx.org/schema/spdx" schemaLocation="spdx.SNAPSHOT.xsd"/>
 
     <xs:complexType name="component">
         <xs:sequence>

cyclonedx/__res/schema/bom-1.1.xsd → cyclonedx/__res/schema/bom-1.1.SNAPSHOT.xsd

@@ -24,7 +24,7 @@ limitations under the License.
            vc:maxVersion="1.1"
            version="1.1">
 
-    <xs:import namespace="http://cyclonedx.org/schema/spdx" schemaLocation="spdx.xsd"/>
+    <xs:import namespace="http://cyclonedx.org/schema/spdx" schemaLocation="spdx.SNAPSHOT.xsd"/>
 
     <xs:annotation>
         <xs:documentation>

cyclonedx/__res/schema/bom-1.2-strict.schema.json → cyclonedx/__res/schema/bom-1.2-strict.SNAPSHOT.schema.json

@@ -6,11 +6,16 @@
   "$comment" : "CycloneDX JSON schema is published under the terms of the Apache License 2.0.",
   "required": [
     "bomFormat",
-    "specVersion",
-    "version"
+    "specVersion"
   ],
   "additionalProperties": false,
   "properties": {
+    "$schema": {
+      "type": "string",
+      "enum": [
+        "http://cyclonedx.org/schema/bom-1.2a.schema.json"
+      ]
+    },
     "bomFormat": {
       "$id": "#/properties/bomFormat",
       "type": "string",
@@ -589,7 +594,7 @@
       "additionalProperties": false,
       "properties": {
         "id": {
-          "$ref": "spdx.schema.json",
+          "$ref": "spdx.SNAPSHOT.schema.json",
           "title": "License ID (SPDX)",
           "description": "A valid SPDX license ID",
           "examples": ["Apache-2.0"]

cyclonedx/__res/schema/bom-1.2.schema.json → cyclonedx/__res/schema/bom-1.2.SNAPSHOT.schema.json

@@ -6,8 +6,7 @@
   "$comment" : "CycloneDX JSON schema is published under the terms of the Apache License 2.0.",
   "required": [
     "bomFormat",
-    "specVersion",
-    "version"
+    "specVersion"
   ],
   "properties": {
     "bomFormat": {
@@ -577,7 +576,7 @@
       ],
       "properties": {
         "id": {
-          "$ref": "spdx.schema.json",
+          "$ref": "spdx.SNAPSHOT.schema.json",
           "title": "License ID (SPDX)",
           "description": "A valid SPDX license ID",
           "examples": ["Apache-2.0"]

cyclonedx/__res/schema/bom-1.2.xsd → cyclonedx/__res/schema/bom-1.2.SNAPSHOT.xsd

@@ -22,9 +22,9 @@ limitations under the License.
            targetNamespace="http://cyclonedx.org/schema/bom/1.2"
            vc:minVersion="1.0"
            vc:maxVersion="1.1"
-           version="1.2.1">
+           version="1.2">
 
-    <xs:import namespace="http://cyclonedx.org/schema/spdx" schemaLocation="spdx.xsd"/>
+    <xs:import namespace="http://cyclonedx.org/schema/spdx" schemaLocation="spdx.SNAPSHOT.xsd"/>
 
     <xs:annotation>
         <xs:documentation>
@@ -593,7 +593,7 @@ limitations under the License.
 
     <xs:simpleType name="mimeType">
         <xs:restriction base="xs:token">
-            <xs:pattern value="[-+a-z0-9.]+/[-+a-z0-9.]+"/>
+            <xs:pattern value="^[-+a-z0-9.]+/[-+a-z0-9.]+$"/>
         </xs:restriction>
     </xs:simpleType>
 
@@ -1415,4 +1415,4 @@ limitations under the License.
             <xs:field xpath="@bom-ref"/>
         </xs:unique>
     </xs:element>
-</xs:schema>
+</xs:schema>