Added external ref for citation

stevespringett · stevespringett · commit ddc4842f90fd · 2025-05-01T16:23:01.000-05:00
Signed-off-by: Steve Springett &lt;steve@springett.us&gt;
diff --git a/schema/bom-1.7.proto b/schema/bom-1.7.proto
@@ -322,6 +322,8 @@ enum ExternalReferenceType {
   EXTERNAL_REFERENCE_TYPE_RFC_9116 = 41;
   // Reference to release notes
   EXTERNAL_REFERENCE_TYPE_RELEASE_NOTES = 42;
+  // A reference to external citations applicable to the object identified by this BOM entry or the BOM itself. When used with a BOM-Link, this allows offloading citations into a separate CycloneDX BOM.
+  EXTERNAL_REFERENCE_TYPE_CITATION = 43;
 }
 
 enum HashAlg {
diff --git a/schema/bom-1.7.schema.json b/schema/bom-1.7.schema.json
@@ -1812,6 +1812,7 @@
             "electronic-signature",
             "digital-signature",
             "rfc-9116",
+            "citation",
             "other"
           ],
           "meta:enum": {
@@ -1857,6 +1858,7 @@
             "electronic-signature": "An e-signature is commonly a scanned representation of a written signature or a stylized script of the person's name.",
             "digital-signature": "A signature that leverages cryptography, typically public/private key pairs, which provides strong authenticity verification.",
             "rfc-9116": "Document that complies with [RFC 9116](https://www.ietf.org/rfc/rfc9116.html) (A File Format to Aid in Security Vulnerability Disclosure)",
+            "citation": "A reference to external citations applicable to the object identified by this BOM entry or the BOM itself. When used with a BOM-Link, this allows offloading citations into a separate CycloneDX BOM.",
             "other": "Use this if no other types accurately describe the purpose of the external reference."
           }
         },
diff --git a/schema/bom-1.7.xsd b/schema/bom-1.7.xsd
@@ -1578,6 +1578,11 @@ limitations under the License.
                     <xs:documentation>Document that complies with RFC-9116 (A File Format to Aid in Security Vulnerability Disclosure)</xs:documentation>
                 </xs:annotation>
             </xs:enumeration>
+            <xs:enumeration value="citation">
+                <xs:annotation>
+                    <xs:documentation>A reference to external citations applicable to the object identified by this BOM entry or the BOM itself. When used with a BOM-Link, this allows offloading citations into a separate CycloneDX BOM.</xs:documentation>
+                </xs:annotation>
+            </xs:enumeration>
             <xs:enumeration value="other">
                 <xs:annotation>
                     <xs:documentation>Use this if no other types accurately describe the purpose of the external reference</xs:documentation>

Original file line number	Diff line number	Diff line change
`@@ -322,6 +322,8 @@ enum ExternalReferenceType {`
`322`	`322`	`EXTERNAL_REFERENCE_TYPE_RFC_9116 = 41;`
`323`	`323`	`// Reference to release notes`
`324`	`324`	`EXTERNAL_REFERENCE_TYPE_RELEASE_NOTES = 42;`
	`325`	`+ // A reference to external citations applicable to the object identified by this BOM entry or the BOM itself. When used with a BOM-Link, this allows offloading citations into a separate CycloneDX BOM.`
	`326`	`+ EXTERNAL_REFERENCE_TYPE_CITATION = 43;`
`325`	`327`	`}`
`326`	`328`
`327`	`329`	`enum HashAlg {`