License headers, OWASP etc...

CycloneDX · Sep 8, 2021 · 559b8d2 · 559b8d2
1 parent 5d907d5
commit 559b8d2
Show file tree

Hide file tree

Showing 18 changed files with 57 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,5 @@
 # Python Library for generating CycloneDX
 
-[![CircleCI](https://circleci.com/gh/sonatype-nexus-community/cyclonedx-python-lib.svg?style=shield)](https://circleci.com/gh/sonatype-nexus-community/cyclonedx-python-lib)
 ![GitHub Workflow Status](https://img.shields.io/github/workflow/status/sonatype-nexus-community/cyclonedx-python-lib/Python%20CI)
 ![Python Version Support](https://img.shields.io/badge/python-3.6+-blue)
 [![GitHub license](https://img.shields.io/github/license/sonatype-nexus-community/cyclonedx-python-lib)](https://github.com/sonatype-nexus-community/cyclonedx-python-lib/blob/main/LICENSE)
@@ -13,12 +12,15 @@
 This CycloneDX module for Python can generate valid CycloneDX bill-of-material document containing an aggregate of all
 project dependencies.
 
-This module is not designed for standalone use. If you're looking for a tool to run to generate CycloneDX software
+This module is not designed for standalone use. If you're looking for a CycloneDX tool to run to generate (SBOM) software
 bill-of-materials documents, why not checkout:
 
+- [cyclonedx-python](https://github.com/CycloneDX/cyclonedx-python)
+
+Additionally, the following tool can be used as well (and this library was written to help improve it)
 - [Jake](https://github.com/sonatype-nexus-community/jake)
 
-Or you can use this module yourself in your application to generate SBOMs.
+Additionally, you can use this module yourself in your application to programmatically generate SBOMs.
 
 CycloneDX is a lightweight BOM specification that is easily created, human-readable, and simple to parse.
 
@@ -172,16 +174,7 @@ _Note: We refer throughout using XPath, but the same is true for both XML and JS
 We endeavour to support all functionality for all [current actively supported Python versions](https://www.python.org/downloads/).
 However, some features may not be possible/present in older Python versions due to their lack of support.
 
-## The Fine Print
-
-Remember:
-
-It is worth noting that this is **NOT SUPPORTED** by Sonatype, and is a contribution of ours to the open source
-community (read: you!)
-
-* Use this contribution at the risk tolerance that you have
-* Do NOT file Sonatype support tickets related to `cyclonedx-python-lib` support in regard to this project
-* DO file issues here on GitHub, so that the community can pitch in
-
-Phew, that was easier than I thought. Last but not least of all - have fun!
+## Copyright & License
+CycloneDX Python Lib is Copyright (c) OWASP Foundation. All Rights Reserved.
 
+Permission to modify and redistribute is granted under the terms of the Apache 2.0 license.
diff --git a/cyclonedx/model/bom.py b/cyclonedx/model/bom.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import datetime
 from typing import List

diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from enum import Enum
 

diff --git a/cyclonedx/output/json.py b/cyclonedx/output/json.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import json
 

diff --git a/cyclonedx/output/schema.py b/cyclonedx/output/schema.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from abc import ABC
 

diff --git a/cyclonedx/output/xml.py b/cyclonedx/output/xml.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from xml.etree import ElementTree
 

diff --git a/cyclonedx/parser/environment.py b/cyclonedx/parser/environment.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import sys
 

diff --git a/cyclonedx/parser/requirements.py b/cyclonedx/parser/requirements.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import pkg_resources
 

diff --git a/setup.py b/setup.py
@@ -9,7 +9,7 @@
 setup(
     name='cyclonedx-python-lib',
     version=open(os.path.join(script_path, 'VERSION')).read(),
-    url="https://github.com/sonatype-nexus-community/cyclonedx-python-lib",
+    url="https://github.com/CycloneDX/cyclonedx-python-lib",
     author="Sonatype Community",
     author_email="[email protected]",
     description="A library for producing CycloneDX SBOM (Software Bill of Materials) files.",

diff --git a/tests/base.py b/tests/base.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import json
 import xml.etree.ElementTree

diff --git a/tests/test_bom.py b/tests/test_bom.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import os
 from unittest import TestCase

diff --git a/tests/test_component.py b/tests/test_component.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from unittest import TestCase
 

diff --git a/tests/test_e2e_environment.py b/tests/test_e2e_environment.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import json
 import os

diff --git a/tests/test_output_generic.py b/tests/test_output_generic.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from unittest import TestCase
 

diff --git a/tests/test_output_json.py b/tests/test_output_json.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from os.path import dirname, join
 

diff --git a/tests/test_output_xml.py b/tests/test_output_xml.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from os.path import dirname, join
 

diff --git a/tests/test_parser_environment.py b/tests/test_parser_environment.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 from unittest import TestCase
 

diff --git a/tests/test_parser_requirements.py b/tests/test_parser_requirements.py
@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+# This file is part of CycloneDX Python Lib
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,6 +15,7 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import os
 from unittest import TestCase