cdx:composer Namespace TaxonomyThis is the namespace for official CycloneDX properties related to the PHP Composer ecosystem.
The official rules and processes apply - see parent document.
| Namespace | Description |
|---|---|
cdx:composer:package |
Namespace for package specific properties. |
Boolean value are true or false; case sensitive.
cdx:composer:package Namespace Taxonomy| Property | Description |
|---|---|
cdx:composer:package:type |
The package type of the component. If the property is missing, then assume the value to be library. May appear once. |
cdx:composer:package:isDevRequirement |
Whether the package was flagged as “dev requirement”. Boolean value. If the property is missing, then assume the value to be false. May appear once. |
cdx:composer:package:sourceReference |
The repository reference of this package, e.g. master, 1.0.0 or a commit hash for git. Values may be applied to externalReferences of type vcs. Non-empty string value. May appear once. |
cdx:composer:package:distReference |
The reference of the distribution archive of this version, e.g. master, 1.0.0 or a commit hash for git. Values may be applied to externalReferences of type distribution. Non-empty string value. May appear once. |