Swid-generator

Latest version: v1.1.0

Safety actively analyzes 685525 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 2

1.1.0

- [info] Python 3.4 no longer supported
- [info] Python 3.8 now supported
- [change] Python 3.8 dropped support of platform.dist(). Replaced by distro module

1.0.4

- [add] --evidence: Now multiple paths to directories or single files supported
- [add] --schema-location: Add xsi:schamaLocation attribute with schema URIs
- [add] --lang: Set value of xml:lang attribute

1.0.3

- [add] The parameters --os and --arch generate a SWID tag with this product info

1.0.2

- [add] The parameters --name and --version-string generate a SWID tag with this package info

1.0.1

- [info] Updated documentation

1.0.0

- [info] Python 2.6 no longer supported
- [info] Python Versions: 3.5, 3.6 now supported
- [info] swidGenerator now based on ISO IEC 19770-2 2015 and no longer on draft:
(Software Inventory Message and Attributes (SWIMA) for PA-TNC draft-coffin-sacm-nea-swid-patnc-03)
- [info] 'Guidelines for the Creation of Interoperable Software Identification (SWID) Tags' (NISTIR 8060) respected
- [info] For special encodings in stdout (e.g latin1, etc.), please add UTF-8 Compatibility
- [add] Additionally to the parameter '--pretty', a new parameter '--hierarchical' now available. This prints the SWID-Tag in
hierarchical format.
- [add] '--hash': e.g '--hash sha256,sha384,sha512' computes the hash-values of the file-content. One or more hash-algorithms can be passed.
- [add] '--package-file': e.g '--package-file /tmp/test.deb' generates the SWID-Tag based on the information of the package-file. Following packages
are supported: *.deb, *.rpm, *.pkg.tar.xz
- [add] '--pkcs12': e.g '--pkcs12 /path/to/cert.pfx' signs the SWID-Tag with the given certificate. The '--pkcs12-pwd <password>'-Argument is
needed for password-protected certificates.
- [add] '--evidence': e.g '--evidence /path/to/folder' generates the SWID-Tag based the File-/Directory-structure of the path. Possible Arguments
for the evidence-function added: '--name' sets name of SWID-Tag, '--version-string' sets Version of SWID-Tag, '--new-root' sets root of SWID-Tag.
- [change] TestEnvironment working with python standard mocking-framework, tests declared in TestCase-Classes and IntegrationTests based on
Docker added. This to test the whole swid_generator on each distribution (Debian, Redhat and ArchLinux)
- [info] PyTest Versions and dependencies changed to newest

Page 1 of 2

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.