cyclonedx.model.impact_analysis =============================== .. py:module:: cyclonedx.model.impact_analysis .. autoapi-nested-parse:: This set of classes represents the data about Impact Analysis. Impact Analysis is new for CycloneDX schema version 1. .. note:: See the CycloneDX Schema extension definition https://cyclonedx.org/docs/1.6 Classes ------- .. autoapisummary:: cyclonedx.model.impact_analysis.ImpactAnalysisAffectedStatus cyclonedx.model.impact_analysis.ImpactAnalysisJustification cyclonedx.model.impact_analysis.ImpactAnalysisResponse cyclonedx.model.impact_analysis.ImpactAnalysisState Module Contents --------------- .. py:class:: ImpactAnalysisAffectedStatus Bases: :py:obj:`str`, :py:obj:`enum.Enum` Enum object that defines the permissible impact analysis affected states. The vulnerability status of a given version or range of versions of a product. The statuses 'affected' and 'unaffected' indicate that the version is affected or unaffected by the vulnerability. The status 'unknown' indicates that it is unknown or unspecified whether the given version is affected. There can be many reasons for an 'unknown' status, including that an investigation has not been undertaken or that a vendor has not disclosed the status. .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/xml/#type_impactAnalysisAffectedStatusType .. py:attribute:: AFFECTED :value: 'affected' .. py:attribute:: UNAFFECTED :value: 'unaffected' .. py:attribute:: UNKNOWN :value: 'unknown' .. py:class:: ImpactAnalysisJustification Bases: :py:obj:`str`, :py:obj:`enum.Enum` Enum object that defines the rationale of why the impact analysis state was asserted. .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/xml/#type_impactAnalysisJustificationType .. py:attribute:: CODE_NOT_PRESENT :value: 'code_not_present' .. py:attribute:: CODE_NOT_REACHABLE :value: 'code_not_reachable' .. py:attribute:: PROTECTED_AT_PERIMITER :value: 'protected_at_perimeter' .. py:attribute:: PROTECTED_AT_RUNTIME :value: 'protected_at_runtime' .. py:attribute:: PROTECTED_BY_COMPILER :value: 'protected_by_compiler' .. py:attribute:: PROTECTED_BY_MITIGATING_CONTROL :value: 'protected_by_mitigating_control' .. py:attribute:: REQUIRES_CONFIGURATION :value: 'requires_configuration' .. py:attribute:: REQUIRES_DEPENDENCY :value: 'requires_dependency' .. py:attribute:: REQUIRES_ENVIRONMENT :value: 'requires_environment' .. py:class:: ImpactAnalysisResponse Bases: :py:obj:`str`, :py:obj:`enum.Enum` Enum object that defines the valid rationales as to why the impact analysis state was asserted. .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/xml/#type_impactAnalysisResponsesType .. py:attribute:: CAN_NOT_FIX :value: 'can_not_fix' .. py:attribute:: ROLLBACK :value: 'rollback' .. py:attribute:: UPDATE :value: 'update' .. py:attribute:: WILL_NOT_FIX :value: 'will_not_fix' .. py:attribute:: WORKAROUND_AVAILABLE :value: 'workaround_available' .. py:class:: ImpactAnalysisState Bases: :py:obj:`str`, :py:obj:`enum.Enum` Enum object that defines the permissible impact analysis states. .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.7/xml/#type_impactAnalysisStateType .. py:attribute:: RESOLVED :value: 'resolved' .. py:attribute:: RESOLVED_WITH_PEDIGREE :value: 'resolved_with_pedigree' .. py:attribute:: EXPLOITABLE :value: 'exploitable' .. py:attribute:: IN_TRIAGE :value: 'in_triage' .. py:attribute:: FALSE_POSITIVE :value: 'false_positive' .. py:attribute:: NOT_AFFECTED :value: 'not_affected'