CycloneDX
diff --git a/‎.github/dependabot.yml‎
Lines changed: 11 additions & 2 deletions b/‎.github/dependabot.yml‎
Lines changed: 11 additions & 2 deletions
diff --git a/‎.github/workflows/test_proto.yml‎
Lines changed: 28 additions & 0 deletions b/‎.github/workflows/test_proto.yml‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 1 deletion b/‎.gitignore‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎README.md‎
Lines changed: 2 additions & 2 deletions b/‎README.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎docgen/json/gen.sh‎
Lines changed: 4 additions & 3 deletions b/‎docgen/json/gen.sh‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎docgen/json/templates/cyclonedx/base.html‎
Lines changed: 6 additions & 4 deletions b/‎docgen/json/templates/cyclonedx/base.html‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎docgen/json/templates/cyclonedx/content.html‎
Lines changed: 70 additions & 68 deletions b/‎docgen/json/templates/cyclonedx/content.html‎
Lines changed: 70 additions & 68 deletions
diff --git a/‎docgen/json/templates/cyclonedx/schema_doc.js‎
Lines changed: 2 additions & 2 deletions b/‎docgen/json/templates/cyclonedx/schema_doc.js‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎docgen/json/templates/cyclonedx/schema_doc.min.js‎
Lines changed: 1 addition & 1 deletion b/‎docgen/json/templates/cyclonedx/schema_doc.min.js‎
Lines changed: 1 addition & 1 deletion
@@ -1,5 +1,4 @@
-# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
 version: 2
 updates:
   - package-ecosystem: 'github-actions'
@@ -12,3 +11,13 @@ updates:
       prefix: 'chore'   ## prefix maximum string length of 15
       include: 'scope'
     open-pull-requests-limit: 999
+  - package-ecosystem: 'docker'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+      day: 'saturday'
+    labels: [ 'dependencies' ]
+    commit-message:
+      prefix: 'chore'   ## prefix maximum string length of 15
+      include: 'scope'
+    open-pull-requests-limit: 999
@@ -0,0 +1,28 @@
+# docs: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
+
+name: CT ProtoBuf
+
+on:
+  push:
+    branches: ['master', 'main']
+  pull_request:
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+defaults:
+  run:
+    working-directory: tools/src/test/proto
+
+jobs:
+  test:
+    timeout-minutes: 30
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        # see https://github.com/actions/checkout
+        uses: actions/checkout@v4
+      - name: Run test
+        run: ./test.sh
@@ -1,2 +1,3 @@
 .idea/
-tools/target/
+.vscode/
+tools/target/
@@ -68,9 +68,9 @@ The officially supported media type for Protocol Buffer format is `application/x
 ## Related Work
 [SPDX (Software Package Data Exchange)][spdx-url] is a specification that provides low-level details of components, including all files, hashes, authors, and copyrights. SPDX also defines over 300 open source license IDs. CycloneDX builds on top of the work SPDX has accomplished with license IDs, but varies greatly in its approach towards building a software bill of material specification.
 
-[SWID (ISO/IEC 19770-2:2015)][swid-url] is used primarily to identify installed software and is the preferred format of the NVD. SWID tags are used in the National Vulnerability Database to describe vulnerable components. The CycloneDX specification compliments this work as CycloneDX documents can incorporate SWID tags and other high-level SWID metadata and optionally include entire SWID documents. Use of SWID tag ID's are useful in determining if a specific component has known vulnerabilities.
+[SWID (ISO/IEC 19770-2:2015)][swid-url] is used primarily to identify installed software and is the preferred format of the NVD. SWID tags are used in the National Vulnerability Database to describe vulnerable components. The CycloneDX specification complements this work as CycloneDX documents can incorporate SWID tags and other high-level SWID metadata and optionally include entire SWID documents. Use of SWID tag ID's are useful in determining if a specific component has known vulnerabilities.
 
-[CPE (Common Platform Enumeration)][cpe-url] is a specification that describes the vendor, name, and version for an application, operating system, or hardware device. CPE identifiers are used in the National Vulnerability Database to describe vulnerable components. The CycloneDX specification compliments this work as CycloneDX documents can easily be used to construct exact CPE identifiers that are useful in determining if a specific component has known vulnerabilities.
+[CPE (Common Platform Enumeration)][cpe-url] is a specification that describes the vendor, name, and version for an application, operating system, or hardware device. CPE identifiers are used in the National Vulnerability Database to describe vulnerable components. The CycloneDX specification complements this work as CycloneDX documents can easily be used to construct exact CPE identifiers that are useful in determining if a specific component has known vulnerabilities.
 
 ## Copyright & License
 
 
@@ -1,10 +1,10 @@
 #!/bin/bash
 rm -f -R docs
-mkdir -p docs/{1.2,1.3,1.4,1.5}
+mkdir -p docs/{1.2,1.3,1.4,1.5,1.6}
 
 # Check to see if generate-schema-doc is executable and is in the path. If not, install JSON Schema for Humans.
 if ! [ -x "$(command -v generate-schema-doc)" ]; then
-  pip3 install json-schema-for-humans==0.44.3
+  pip3 install json-schema-for-humans==0.47
 fi
 
 generate () {
@@ -27,4 +27,5 @@ generate () {
 generate 1.2
 generate 1.3
 generate 1.4
-generate 1.5
+generate 1.5
+generate 1.6
@@ -18,12 +18,12 @@
     <meta property="og:type" content="website" />
     <meta property="og:image" content="https://cyclonedx.org/theme/assets/images/CycloneDX-Twitter-Card.png" />
     <link rel="icon" href="https://cyclonedx.org/cyclonedx-icon.png" type="image/png"/>
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.0/css/bootstrap.min.css" integrity="sha512-P5MgMn1jBN01asBgU0z60Qk4QxiXo86+wlFahKrsQf37c9cro517WzVSPPV1tDKzhku2iJ2FVgL67wG03SGnNA==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/css/bootstrap.min.css" integrity="sha512-rt/SrQ4UNIaGfDyEXZtNcyWvQeOq0QLygHluFQcSjaGB04IxWhal71tKuzP6K8eYXYB6vJV4pHkXcmFGGQ1/0w==" crossorigin="anonymous" referrerpolicy="no-referrer" />
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css" integrity="sha512-SfTiTlX6kk+qitfevl/7LibUOeJWlt9rbyDn92a1DqWOw9vWG2MFoays0sgObmWazO5BQPiFucnnEAjpAB+/Sw==" crossorigin="anonymous" referrerpolicy="no-referrer" />
     <link rel="stylesheet" type="text/css" href="schema_doc.css">
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.js" integrity="sha512-HNbo1d4BaJjXh+/e6q4enTyezg5wiXvY3p/9Vzb20NIvkJghZxhzaXeffbdJuuZSxFhJP87ORPadwmU9aN3wSA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.0/js/bootstrap.min.js" integrity="sha512-XKa9Hemdy1Ui3KSGgJdgMyYlUg1gM+QhL6cnlyTe2qzMCYm4nAZ1PsVerQzTTXzonUR+dmswHqgJPuwCq1MaAg==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/markdown-it/12.2.0/markdown-it.min.js" integrity="sha512-cTQeM/op796Fp1ZUxfech8gSMLT/HvrXMkRGdGZGQnbwuq/obG0UtcL04eByVa99qJik7WlnlQOr5/Fw5B36aw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.slim.js" integrity="sha512-docBEeq28CCaXCXN7cINkyQs0pRszdQsVBFWUd+pLNlEk3LDlSDDtN7i1H+nTB8tshJPQHS0yu0GW9YGFd/CRg==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/js/bootstrap.min.js" integrity="sha512-7rusk8kGPFynZWu26OKbTeI+QPoYchtxsmPeBqkHIEXJxeun4yJ4ISYe7C6sz9wdxeE1Gk3VxsIWgCZTc+vX3g==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/markdown-it/13.0.2/markdown-it.min.js" integrity="sha512-ohlWmsCxOu0bph1om5eDL0jm/83eH09fvqLDhiEdiqfDeJbEvz4FSbeY0gLJSVJwQAp0laRhTXbUQG+ZUuifUQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
     <script src="schema_doc.min.js"></script>
 </head>
 <body class="blue" data-spy="scroll" data-target=".js-scrollspy" onload="anchorOnLoad();" id="root">
@@ -40,11 +40,13 @@
                     v${version} (JSON)
                 </a>
                 <ul class="dropdown-menu" aria-labelledby="navbarScrollingDropdown">
+                    <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.6/json/">v1.6 (JSON)</a></li>
                     <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.5/json/">v1.5 (JSON)</a></li>
                     <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.4/json/">v1.4 (JSON)</a></li>
                     <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.3/json/">v1.3 (JSON)</a></li>
                     <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.2/json/">v1.2 (JSON)</a></li>
                     <li><hr class="dropdown-divider"/></li>
+                    <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.6/xml/">v1.6 (XML)</a></li>
                     <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.5/xml/">v1.5 (XML)</a></li>
                     <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.4/xml/">v1.4 (XML)</a></li>
                     <li><a class="dropdown-item" href="https://cyclonedx.org/docs/1.3/xml/">v1.3 (XML)</a></li>
 
@@ -17,13 +17,17 @@
 
         {# Display type #}
         {%- if not schema is combining -%}
-            <span class="badge value-type">Type: {{ type_name }}</span>
+            <span class="badge badge-dark value-type">Type: {{ type_name }}</span>
+        {%- endif -%}
+
+        {%- if schema.format -%}
+            <span class="badge badge-info value-type">Format: {{ schema.format }}</span>
         {%- endif -%}
 
         {# Display default #}
         {%- set default_value = schema.default_value -%}
         {%- if default_value -%}
-            {{ " " }}<span class="badge default-value">Default: {{ default_value }}</span>
+            {{ " " }}<span class="badge badge-success default-value">Default: {{ default_value }}</span>
         {%- endif -%}
         <br/>
 
@@ -37,80 +41,78 @@
     {%- elif schema.refers_to -%}
         {{ content(schema.refers_to_merged, True) }}
     {%- else -%}
-        {# Handle having oneOf or allOf with only one condition #}
-        {%- if schema.kw_all_of and (schema.kw_all_of.array_items | length) == 1 -%}
-            {{ content(schema.kw_all_of.array_items[0]) }}
-        {%- elif schema.kw_any_of and (schema.kw_any_of.array_items | length) == 1 -%}
-            {{ content(schema.kw_any_of.array_items[0]) }}
-        {%- else -%}
-            {%- if schema.explicit_no_additional_properties -%}
-                {{ " " }}<span class="badge no-additional">No Additional Properties</span>
-            {%- endif -%}
-
-            {# Combining: allOf, anyOf, oneOf, not #}
-            {%- if schema.kw_all_of -%}
-                <div class="all-of-value" id="{{ schema.kw_all_of.html_id }}">{{ tabbed_section("allOf", schema.kw_all_of) }}</div>
-            {%- endif -%}
-            {%- if schema.kw_any_of -%}
-                <div class="any-of-value" id="{{ schema.kw_any_of.html_id }}">{{ tabbed_section("anyOf", schema.kw_any_of) }}</div>
-            {%- endif -%}
-            {%- if schema.kw_one_of -%}
-                <div class="one-of-value" id="{{ schema.kw_one_of.html_id }}">{{ tabbed_section("oneOf", schema.kw_one_of) }}</div>
-            {%- endif -%}
-            {%- if schema.kw_not -%}
-                {% include "section_not.html" %}
-            {%- endif -%}
-
-            {# Enum and const #}
-            {%- if schema.kw_enum -%}
-                <div class="enum-value" id="{{ schema.kw_enum.html_id }}">
-                <h4>Must be one of:</h4>
-                <ul class="list-group">
-                {%- for enum_choice in schema.kw_enum.array_items -%}
-                    <li class="list-group-item enum-item">{{ enum_choice.literal | python_to_json }}</li>
-                {%- endfor -%}
-                </ul>
-                </div>
-            {%- endif -%}
-            {%- if schema.kw_const -%}
-                <span class="const-value" id="{{ schema.kw_const.html_id }}">Specific value: <code>{{ schema.kw_const.raw | python_to_json }}</code></span>
-            {%- endif -%}
+        {%- if schema.explicit_no_additional_properties -%}
+            {{ " " }}<span class="badge badge-info no-additional">No Additional Properties</span>
+        {%- endif -%}
 
-            {# Pattern (Regular Expression) #}
-            {%- if schema.kw_pattern -%}
-                <span class="pattern-value" id="{{ schema.kw_pattern.html_id }}">Must match regular expression: <code>{{ schema.kw_pattern.literal | escape }}</code></span>
-            {%- endif -%}
+        {# Combining: allOf, anyOf, oneOf, not #}
+        {%- if schema.kw_all_of -%}
+            <div class="all-of-value" id="{{ schema.kw_all_of.html_id }}">{{ tabbed_section("allOf", schema.kw_all_of) }}</div>
+        {%- endif -%}
+        {%- if schema.kw_any_of -%}
+            <div class="any-of-value" id="{{ schema.kw_any_of.html_id }}">{{ tabbed_section("anyOf", schema.kw_any_of) }}</div>
+        {%- endif -%}
+        {%- if schema.kw_one_of -%}
+            <div class="one-of-value" id="{{ schema.kw_one_of.html_id }}">{{ tabbed_section("oneOf", schema.kw_one_of) }}</div>
+        {%- endif -%}
+        {%- if schema.kw_not -%}
+            {% include "section_not.html" %}
+        {%- endif -%}
 
-            {# Conditional subschema, or if-then-else section #}
-            {%- if schema.has_conditional -%}
-                {% include "section_conditional_subschema.html" %}
-            {%- endif -%}
+        {# Enum and const #}
+        {%- if schema.kw_enum -%}
+            <div class="enum-value" id="{{ schema.kw_enum.html_id }}">
+            <h4>Must be one of:</h4>
+            <ul class="list-group">
+            {%- for enum_choice in schema.kw_enum.array_items -%}
+                <li class="list-group-item enum-item">
+                    {%- if schema.kw_meta_enum -%}<strong>{%- endif -%}
+                    {{ enum_choice.literal | python_to_json }}
+                    {%- if schema.kw_meta_enum -%}</strong>
+                        : {{ (schema.enum_description(enum_choice.literal) | get_description_literal) }}
+                    {%- endif -%}
+                </li>
+            {%- endfor -%}
+            </ul>
+            </div>
+        {%- endif -%}
+        {%- if schema.kw_const -%}
+            <span class="const-value" id="{{ schema.kw_const.html_id }}">Specific value: <code>{{ schema.kw_const.raw | python_to_json }}</code></span>
+        {%- endif -%}
 
-            {# Required properties that are not defined under "properties". They will only be listed #}
-            {% include "section_undocumented_required_properties.html" %}
+        {# Pattern (Regular Expression) #}
+        {%- if schema.kw_pattern -%}
+            <span class="pattern-value" id="{{ schema.kw_pattern.html_id }}">Must match regular expression: <code>{{ schema.kw_pattern.literal | escape }}</code></span>
+        {%- endif -%}
 
-            {# Show the requested type(s) #}
-            {% include "badge_type.html" %}
+        {# Conditional subschema, or if-then-else section #}
+        {%- if schema.has_conditional -%}
+            {% include "section_conditional_subschema.html" %}
+        {%- endif -%}
 
-            {# Show array restrictions #}
-            {%- if type_name.startswith("array") -%}
-                {% include "section_array.html" %}
-            {%- endif -%}
+        {# Required properties that are not defined under "properties". They will only be listed #}
+        {% include "section_undocumented_required_properties.html" %}
 
-            {# Display examples #}
-            {%- set examples = schema.examples -%}
-            {%- if examples -%}
-                {% include "section_examples.html" %}
-            {%- endif -%}
+        {# Show the requested type(s) #}
+        {% include "badge_type.html" %}
 
-            {# Properties, pattern properties, additional properties #}
-            {%- for sub_property in schema.iterate_properties -%}
-                {# Custom modification to remove $ properties from documentation #}
-                {%- if not sub_property.property_display_name.startswith("$") -%}
-                    {% include "section_properties.html" %}
-                {%- endif -%}
-            {%- endfor -%}
+        {# Show array restrictions #}
+        {%- if type_name.startswith("array") -%}
+            {% include "section_array.html" %}
+        {%- endif -%}
 
+        {# Display examples #}
+        {%- set examples = schema.examples -%}
+        {%- if examples -%}
+            {% include "section_examples.html" %}
         {%- endif -%}
+
+        {# Properties, pattern properties, additional properties #}
+        {%- for sub_property in schema.iterate_properties -%}
+            {# Custom modification to remove $ properties from documentation #}
+            {%- if not sub_property.property_display_name.startswith("$") -%}
+                {% include "section_properties.html" %}
+            {%- endif -%}
+        {%- endfor -%}
     {%- endif -%}
 {%- endmacro -%}
@@ -19,7 +19,7 @@ function setAnchor(anchorLinkDestination) {
 
 function anchorOnLoad() {
     // Added to onload on body, checks if there is an anchor link and if so, expand
-    let linkTarget = window.location.hash.split("?")[0].split("&")[0];
+    let linkTarget = decodeURIComponent(window.location.hash.split("?")[0].split("&")[0]);
     if (linkTarget[0] === "#") {
         linkTarget = linkTarget.substr(1);
     }
@@ -37,7 +37,7 @@ function anchorLink(linkTarget) {
             if($( this ).hasClass("collapse")) {
                 $( this ).collapse("show");
             } else if ($( this ).hasClass("tab-pane")) {
-                // We have the pane and not the the tab itself, find the tab
+                // We have the pane and not the tab itself, find the tab
                 const tabToShow = $( "a[href='#" + $( this ).attr("id") + "']" );
                 if (tabToShow) {
                     tabToShow.tab("show");