You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- 【参考1】[SPDX Specification Version 3.0.1 relationshipType](https://spdx.github.io/spdx-spec/v3.0.1/model/Core/Vocabularies/RelationshipType/)分類
363
+
- コンポーネントの現在の状態を記述するもの
364
+
- ~を含む(構成される)
365
+
- contains: The from Element contains each to Element.
366
+
- expandsTo: The from archive expands out as an artifact described by each to Element.
367
+
- ~に依存する(を必要とする)
368
+
- dependsOn: The from Element depends on each to Element, during a LifecycleScopeType period.
369
+
- hasDynamicLink: The from Element dynamically links in each to Element, during a LifecycleScopeType period.
370
+
- hasOptionalDependency: The from Element optionally depends on each to Element, during a LifecycleScopeType period.
371
+
- hasProvidedDependency: The from Element has a dependency on each to Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period.
372
+
- hasStaticLink: The from Element statically links in each to Element, during a LifecycleScopeType period.
373
+
- invokedBy: The from Element was invoked by the to Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step).
374
+
- その他の状態
375
+
- hasConcludedLicense: The from SoftwareArtifact is concluded by the SPDX data creator to be governed by each to license.
376
+
- hasDeclaredLicense: The from SoftwareArtifact was discovered to actually contain each to license, for example as detected by use of automated tooling.
377
+
- hasDependencyManifest: The from Element has manifest files that contain dependency information in each to Element.
378
+
- hasDistributionArtifact: The from Element is distributed as an artifact in each to Element (e.g. an RPM or archive file).
379
+
- hasDocumentation: The from Element is documented by each to Element.
380
+
- hasMetadata: Every to Element is metadata about the from Element (from hasMetadata to).
381
+
- hasOptionalComponent: Every to Element is an optional component of the from Element (from - hasOptionalComponent to).
382
+
- hasPrerequisite: The from Element has a prerequisite on each to Element, during a LifecycleScopeType period.
383
+
- hasRequirement: The from Element has a requirement on each to Element, during a LifecycleScopeType period.
384
+
- hasSpecification: Every to Element is a specification for the from Element (from hasSpecification to), during a LifecycleScopeType period.
385
+
- コンポーネントの由来を記述するもの
386
+
- ~生成された(複製された、改変された、ビルドされた)
387
+
- amendedBy: The from Element is amended by each to Element.
388
+
- availableFrom: The from Element is available from the additional supplier described by each to Element.
389
+
- configures: The from Element is a configuration applied to each to Element, during a LifecycleScopeType period.
390
+
- coordinatedBy: The from Vulnerability is coordinatedBy the to Agent(s) (vendor, researcher, or consumer agent).
391
+
- copiedTo: The from Element has been copied to each to Element.
392
+
- delegatedTo: The from Agent is delegating an action to the Agent of the to Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the to invokedBy Relationship is being done on behalf of from).
393
+
- generates: The from Element generates each to Element.
394
+
- hasInput: The from Build has each to Element as an input, during a LifecycleScopeType period.
395
+
- hasOutput: The from Build element generates each to Element as an output, during a LifecycleScopeType period.
396
+
- hasVariant: Every to Element is a variant the from Element (from hasVariant to).
397
+
- packagedBy: Every to Element is a packaged instance of the from Element (from packagedBy to).
398
+
- patchedBy: Every to Element is a patch for the from Element (from patchedBy to).
399
+
- ~と加工された
400
+
- hasAddedFile: Every to Element is a file added to the from Element (from hasAddedFile to).
401
+
- hasDeletedFile: Every to Element is a file deleted from the from Element (from hasDeletedFile to).
402
+
- 生成・加工の環境
403
+
- hasHost: The from Build was run on the to Element during a LifecycleScopeType period (e.g. the host that the build runs on).
404
+
- hasTest: Every to Element is a test artifact for the from Element (from hasTest to), during a LifecycleScopeType period.
405
+
- hasTestCase: Every to Element is a test case for the from Element (from hasTestCase to).
406
+
- modifiedBy: The from Element is modified by each to Element.
407
+
- testedOn: The from Element has been tested on the to Element(s).
408
+
- trainedOn: The from Element has been trained on the to Element(s).
409
+
- usesTool: The from Element uses each to Element as a tool, during a LifecycleScopeType period.
410
+
- 脆弱性関連
411
+
- affects: The from Vulnerability affects each to Element. The use of the affects type is constrained to VexAffectedVulnAssessmentRelationship classed relationships.
412
+
- doesNotAffect: The from Vulnerability has no impact on each to Element. The use of the doesNotAffect is constrained to VexNotAffectedVulnAssessmentRelationship classed relationships.
413
+
- exploitCreatedBy: The from Vulnerability has had an exploit created against it by each to Agent.
414
+
- fixedBy: Designates a from Vulnerability has been fixed by the to Agent(s).
415
+
- fixedIn: A from Vulnerability has been fixed in each to Element. The use of the fixedIn type is constrained to VexFixedVulnAssessmentRelationship classed relationships.
416
+
- foundBy: Designates a from Vulnerability was originally discovered by the to Agent(s).
417
+
- hasAssessmentFor: Relates a from Vulnerability and each to Element with a security assessment. To be used with VulnAssessmentRelationship types.
418
+
- hasAssociatedVulnerability: Used to associate a from Artifact with each to Vulnerability.
419
+
- publishedBy: Designates a from Vulnerability was made available for public use or reference by each to Agent.
420
+
- reportedBy: Designates a from Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each to Agent.
421
+
- republishedBy: Designates a from Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each to Agent.
422
+
- underInvestigationFor: The from Vulnerability impact is being investigated for each to Element. The use of the underInvestigationFor type is constrained to VexUnderInvestigationVulnAssessmentRelationship classed relationships.
423
+
- 未分類
424
+
- ancestorOf: The from Element is an ancestor of each to Element.
425
+
- descendantOf: The from Element is a descendant of each to Element.
426
+
- describes: The from Element describes each to Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used.
427
+
- hasDataFile: The from Element treats each to Element as a data file. A data file is an artifact that stores data required or optional for the from Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: trainedOn, testedOn, hasTest, configures, hasInput, and hasOutput, respectively. This relationship does not imply dependency.
428
+
- hasEvidence: Every to Element is considered as evidence for the from Element (from hasEvidence to).
429
+
- hasExample: Every to Element is an example for the from Element (from hasExample to).
430
+
- other: Every to Element is related to the from Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless).
431
+
- serializedInArtifact: The from SpdxDocument can be found in a serialized form in each to Artifact.
0 commit comments