NAME

SBOM::CycloneDX::License - Specifies the details and attributes related to a software license

SYNOPSIS

# SPDX license

$license = SBOM::CycloneDX::License->new(
    id => 'Apache-2.0'
);

# or

$license = SBOM::CycloneDX::License->new('MIT');


# Non-SPDX license

$license = SBOM::CycloneDX::License->new(
    name => 'Acme Software License'
);

DESCRIPTION

SBOM::CycloneDX::License specifies the details and attributes related to a software license.

It can either include a valid SPDX license identifier or a named license, along with additional properties such as license acknowledgment, comprehensive commercial licensing information, and the full text of the license.

METHODS

SBOM::CycloneDX::License inherits all methods from SBOM::CycloneDX::Base and implements the following new ones.

SBOM::CycloneDX::License->new( $id | %PARAMS )

Properties:

bom_ref, An optional identifier which can be used to reference the license elsewhere in the BOM. Every bom-ref must be unique within the BOM.

Value SHOULD not start with the BOM-Link intro urn:cdx: to avoid conflicts with BOM-Links.
id, A valid SPDX license identifier. If specified, this value must be one of the enumeration of valid SPDX license identifiers defined in SBOM::CycloneDX::Enum SPDX_LICENSES.
expression, A tuple of exactly one SPDX License Expression.

Refer to https://spdx.org/specifications for syntax requirements.
name, The name of the license. This may include the name of a commercial or proprietary license or an open source license that may not be defined by SPDX.
acknowledgement,
text, An optional way to include the textual content of a license. See SBOM::CycloneDX::Attachment
url, The URL to the license file. If 1 is provided, the license URL is automatically generated.
licensing, Declared licenses and concluded licenses represent two different stages in the licensing process within software development. Declared licenses refer to the initial intention of the software authors regarding the licensing terms under which their code is released. On the other hand, concluded licenses are the result of a comprehensive analysis of the project's codebase to identify and confirm the actual licenses of the components used, which may differ from the initially declared licenses. While declared licenses provide an upfront indication of the licensing intentions, concluded licenses offer a more thorough understanding of the actual licensing within a project, facilitating proper compliance and risk management. Observed licenses are defined in $bom-evidence->licenses>. Observed licenses form the evidence necessary to substantiate a concluded license.

See SBOM::CycloneDX::License::Licensing
properties, Provides the ability to document properties in a name-value store. This provides flexibility to include data not officially supported in the standard without having to use additional namespaces or create extensions. Unlike key-value stores, properties support duplicate names, each potentially having different values. Property names of interest to the general public are encouraged to be registered in the CycloneDX Property Taxonomy. Formal registration is optional. See SBOM::CycloneDX::Property

$license->bom_ref

$license->id

# SPDX license

$license = SBOM::CycloneDX::License->new(
    id => 'Apache-2.0'
);

# or

$license = SBOM::CycloneDX::License->new('MIT');

$license->name

$license->acknowledgement

$license->text

$license->text(SBOM::CycloneDX::Attachment(file => '/path/LICENSE.md'));

$license->url

$license->expression

$license->licensing

$license->licensing->alt_ids(['acme', 'acme-license']);


$licensing = SBOM::CycloneDX::License::Licensing->new(
    alt_ids        => ['acme', 'acme-license'],
    purchase_order => 'PO-12345',
    license_types  => ['appliance'],
);

$license->licensing($licensing);

$license->properties

$license->properties->add(SBOM::CycloneDX::Property->new(name => 'foo', value => 'bar'));

SUPPORT

Bugs / Feature Requests

Please report any bugs or feature requests through the issue tracker at https://github.com/giterlizzi/perl-SBOM-CycloneDX/issues. You will be notified automatically of any progress on your issue.

Source Code

This is open source software. The code repository is available for public review and contribution under the terms of the license.

https://github.com/giterlizzi/perl-SBOM-CycloneDX

git clone https://github.com/giterlizzi/perl-SBOM-CycloneDX.git

AUTHOR

Giuseppe Di Terlizzi <gdt@cpan.org>

LICENSE AND COPYRIGHT

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install SBOM::CycloneDX, copy and paste the appropriate command in to your terminal.

cpanm

cpanm SBOM::CycloneDX

CPAN shell

perl -MCPAN -e shell
install SBOM::CycloneDX

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)