Component pedigree is a way to document complex supply chain scenarios where components are created, distributed, modified, redistributed, combined with other components, etc. Pedigree supports viewing this complex chain from the beginning, the end, or anywhere in the middle. It also provides a way to document variants where the exact relation may not be known.

Generated

from message cyclonedx.v1_5.Pedigree

Hierarchy

Constructors

Properties

ancestors: cdx_15.Component[] = []

Describes zero or more components in which a component is derived from. This is commonly used to describe forks from existing projects where the forked version contains a ancestor node containing the original component it was forked from. For example, Component A is the original component. Component B is the component being used and documented in the BOM. However, Component B contains a pedigree node with a single ancestor documenting Component A - the original component from which Component B is derived from.

Generated

from field: repeated cyclonedx.v1_5.Component ancestors = 1;

commits: cdx_15.Commit[] = []

A list of zero or more commits which provide a trail describing how the component deviates from an ancestor, descendant, or variant.

Generated

from field: repeated cyclonedx.v1_5.Commit commits = 4;

descendants: cdx_15.Component[] = []

Descendants are the exact opposite of ancestors. This provides a way to document all forks (and their forks) of an original or root component.

Generated

from field: repeated cyclonedx.v1_5.Component descendants = 2;

notes?: string

Notes, observations, and other non-structured commentary describing the components pedigree.

Generated

from field: optional string notes = 6;

patches: cdx_15.Patch[] = []

A list of zero or more patches describing how the component deviates from an ancestor, descendant, or variant. Patches may be complimentary to commits or may be used in place of commits.

Generated

from field: repeated cyclonedx.v1_5.Patch patches = 5;

variants: cdx_15.Component[] = []

Variants describe relations where the relationship between the components are not known. For example, if Component A contains nearly identical code to Component B. They are both related, but it is unclear if one is derived from the other, or if they share a common ancestor.

Generated

from field: repeated cyclonedx.v1_5.Component variants = 3;

fields: FieldList = ...
runtime: ProtoRuntime = proto3
typeName: "cyclonedx.v1_5.Pedigree" = "cyclonedx.v1_5.Pedigree"

Methods

  • Create a deep copy.

    Returns cdx_15.Pedigree

  • Compare with a message of the same type.

    Parameters

    Returns boolean

  • Parse from binary data, merging fields.

    Repeated fields are appended. Map entries are added, overwriting existing keys.

    If a message field is already present, it will be merged with the new data.

    Parameters

    • bytes: Uint8Array
    • Optional options: Partial<BinaryReadOptions>

    Returns this

  • Parse a message from a JSON value.

    Parameters

    • jsonValue: JsonValue
    • Optional options: Partial<JsonReadOptions>

    Returns this

  • Parse a message from a JSON string.

    Parameters

    • jsonString: string
    • Optional options: Partial<JsonReadOptions>

    Returns this

  • Retrieve the MessageType of this message - a singleton that represents the protobuf message declaration and provides metadata for reflection- based operations.

    Returns MessageType<cdx_15.Pedigree>

  • Serialize the message to binary data.

    Parameters

    • Optional options: Partial<BinaryWriteOptions>

    Returns Uint8Array

  • Override for serialization behavior. This will be invoked when calling JSON.stringify on this message (i.e. JSON.stringify(msg)).

    Note that this will not serialize google.protobuf.Any with a packed message because the protobuf JSON format specifies that it needs to be unpacked, and this is only possible with a type registry to look up the message type. As a result, attempting to serialize a message with this type will throw an Error.

    This method is protected because you should not need to invoke it directly -- instead use JSON.stringify or toJsonString for stringified JSON. Alternatively, if actual JSON is desired, you should use toJson.

    Returns JsonValue

  • Serialize the message to a JSON value, a JavaScript value that can be passed to JSON.stringify().

    Parameters

    • Optional options: Partial<JsonWriteOptions>

    Returns JsonValue

  • Serialize the message to a JSON string.

    Parameters

    • Optional options: Partial<JsonWriteStringOptions>

    Returns string