Class: Package
The Software Package object describes details about a software package.
URI: ocsf:Package
classDiagram
class Package
click Package href "../Package/"
Object <|-- Package
click Object href "../Object/"
Package <|-- AffectedPackage
click AffectedPackage href "../AffectedPackage/"
Package : architecture
Package : cpe_name
Package : epoch
Package : hash
Package --> "0..1" Fingerprint : hash
click Fingerprint href "../Fingerprint/"
Package : license
Package : license_url
Package : name
Package : package_manager
Package : package_manager_url
Package : purl
Package : release
Package : src_url
Package : type
Package : type_id
Package --> "0..1 _recommended_" PackageTypeIdEnum : type_id
click PackageTypeIdEnum href "../PackageTypeIdEnum/"
Package : uid
Package : vendor_name
Package : version
Inheritance
- OcsfObject
- Object
- Package
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| architecture | 0..1 recommended String |
Architecture is a shorthand name describing the type of computer hardware the | direct |
| cpe_name | 0..1 String |
The Common Platform Enumeration (CPE) name as described by (<a target='_blank... | direct |
| epoch | 0..1 Integer |
The software package epoch | direct |
| hash | 0..1 Fingerprint |
Cryptographic hash to identify the binary instance of a software component | direct |
| license | 0..1 String |
The software license applied to this package | direct |
| license_url | 0..1 UrlT |
The URL pointing to the license applied on package or software | direct |
| name | 1 String |
The software package name | direct |
| package_manager | 0..1 String |
The software packager manager utilized to manage a package on a system, e | direct |
| package_manager_url | 0..1 UrlT |
The URL of the package or library at the package manager, or the specific URL | direct |
| purl | 0..1 String |
A purl is a URL string used to identify and locate a software package in a | direct |
| release | 0..1 String |
Release is the number of times a version of the software has been packaged | direct |
| src_url | 0..1 UrlT |
The link to the specific library or package such as within GitHub</code... |
direct |
| type | 0..1 String |
The type of software package, normalized to the caption of the | direct |
| type_id | 0..1 recommended PackageTypeIdEnum |
The type of software package | direct |
| uid | 0..1 String |
A unique identifier for the package or library reported by the source tool | direct |
| vendor_name | 0..1 String |
The name of the vendor who published the software package | direct |
| version | 1 String |
The software package version | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| Sbom | package | range | Package |
| Vulnerability | packages | range | Package |
| SoftwareInfo | package | range | Package |
In Subsets
Aliases
- Software Package
See Also
Notes
- D3FEND™ Ontology d3f:SoftwarePackage. — https://d3fend.mitre.org/dao/artifact/d3f:SoftwarePackage/
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Package |
| native | ocsf:Package |
LinkML Source
Direct
name: Package
description: The Software Package object describes details about a software package.
notes:
- 'D3FEND™ Ontology d3f:SoftwarePackage. —
https://d3fend.mitre.org/dao/artifact/d3f:SoftwarePackage/'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:SoftwarePackage/
aliases:
- Software Package
is_a: Object
slots:
- architecture
- cpe_name
- epoch
- hash
- license
- license_url
- name
- package_manager
- package_manager_url
- purl
- release
- src_url
- type
- type_id
- uid
- vendor_name
- version
slot_usage:
architecture:
name: architecture
recommended: true
hash:
name: hash
description: 'Cryptographic hash to identify the binary instance of a software
component.
This can include any component such file, package, or library.'
license:
name: license
description: The software license applied to this package.
name:
name: name
description: The software package name.
required: true
src_url:
name: src_url
description: 'The link to the specific library or package such as within <code>GitHub</code>,
this is different from the link to the package manager where the library or
package is hosted.'
type:
name: type
description: 'The type of software package, normalized to the caption of the
<code>type_id</code> value. In the case of ''Other'', it is defined by the
source.'
type_id:
name: type_id
description: The type of software package.
range: PackageTypeIdEnum
recommended: true
uid:
name: uid
description: 'A unique identifier for the package or library reported by the source
tool.
E.g., the <code>libId</code> within the <code>sbom</code> field of an OX
Security Issue or the SPDX <code>components.*.bom-ref</code>.'
vendor_name:
name: vendor_name
description: The name of the vendor who published the software package.
version:
name: version
description: The software package version.
required: true
Induced
name: Package
description: The Software Package object describes details about a software package.
notes:
- 'D3FEND™ Ontology d3f:SoftwarePackage. —
https://d3fend.mitre.org/dao/artifact/d3f:SoftwarePackage/'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:SoftwarePackage/
aliases:
- Software Package
is_a: Object
slot_usage:
architecture:
name: architecture
recommended: true
hash:
name: hash
description: 'Cryptographic hash to identify the binary instance of a software
component.
This can include any component such file, package, or library.'
license:
name: license
description: The software license applied to this package.
name:
name: name
description: The software package name.
required: true
src_url:
name: src_url
description: 'The link to the specific library or package such as within <code>GitHub</code>,
this is different from the link to the package manager where the library or
package is hosted.'
type:
name: type
description: 'The type of software package, normalized to the caption of the
<code>type_id</code> value. In the case of ''Other'', it is defined by the
source.'
type_id:
name: type_id
description: The type of software package.
range: PackageTypeIdEnum
recommended: true
uid:
name: uid
description: 'A unique identifier for the package or library reported by the source
tool.
E.g., the <code>libId</code> within the <code>sbom</code> field of an OX
Security Issue or the SPDX <code>components.*.bom-ref</code>.'
vendor_name:
name: vendor_name
description: The name of the vendor who published the software package.
version:
name: version
description: The software package version.
required: true
attributes:
architecture:
name: architecture
description: 'Architecture is a shorthand name describing the type of computer
hardware the
packaged software is meant to run on.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Architecture
rank: 1000
alias: architecture
owner: Package
domain_of:
- Package
range: string
recommended: true
cpe_name:
name: cpe_name
description: 'The Common Platform Enumeration (CPE) name as described by (<a target=''_blank''
href=''https://nvd.nist.gov/products/cpe''>NIST</a>) For example:
<code>cpe:/a:apple:safari:16.2</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- The product CPE identifier
rank: 1000
alias: cpe_name
owner: Package
domain_of:
- Os
- Package
- Product
range: string
epoch:
name: epoch
description: 'The software package epoch. Epoch is a way to define weighted dependencies
based on version numbers.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Epoch
rank: 1000
alias: epoch
owner: Package
domain_of:
- Package
range: integer
hash:
name: hash
description: 'Cryptographic hash to identify the binary instance of a software
component.
This can include any component such file, package, or library.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Hash
rank: 1000
alias: hash
owner: Package
domain_of:
- Package
- SoftwareComponent
- Container
range: Fingerprint
license:
name: license
description: The software license applied to this package.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Software License
rank: 1000
alias: license
owner: Package
domain_of:
- Package
- SoftwareComponent
range: string
license_url:
name: license_url
description: 'The URL pointing to the license applied on package or software.
This is
typically a <code>LICENSE.md</code> file within a repository.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Software License URL
rank: 1000
alias: license_url
owner: Package
domain_of:
- Package
range: UrlT
name:
name: name
description: The software package name.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Name
rank: 1000
alias: name
owner: Package
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- Parameter
- PrivilegeInfo
- San
- Scim
- Script
- ServicePrivilegeAnalysis
- SoftwareComponent
- Sso
- StartupItem
- ThreatActor
- Token
- Entity
- Resource
- Account
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- AutonomousSystem
- Campaign
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- ClassifierDetails
- Container
- D3fTactic
- D3fTechnique
- Database
- Databucket
- DomainContact
- Edge
- Endpoint
- Enrichment
- EnvironmentVariable
- Evidences
- Extension
- Feature
- File
- Graph
- Group
- HttpCookie
- HttpHeader
- Idp
- Image
- Job
- Kernel
- KeyValueObject
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metric
- Mitigation
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- ResourceDetails
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- FtpActivity
- RegValue
- WinResource
- WinService
- PrefetchQuery
range: string
required: true
package_manager:
name: package_manager
description: 'The software packager manager utilized to manage a package on a
system, e.g.
npm, yum, dpkg etc.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Package Manager
rank: 1000
alias: package_manager
owner: Package
domain_of:
- Package
range: string
package_manager_url:
name: package_manager_url
description: 'The URL of the package or library at the package manager, or the
specific URL
or URI of an internal package manager link such as <code>AWS
CodeArtifact</code> or <code>Artifactory</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Package Manager URL
rank: 1000
alias: package_manager_url
owner: Package
domain_of:
- Package
range: UrlT
purl:
name: purl
description: 'A purl is a URL string used to identify and locate a software package
in a
mostly universal and uniform way across programming languages, package
managers, packaging conventions, tools, APIs and databases.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Package URL
rank: 1000
alias: purl
owner: Package
domain_of:
- Package
- SoftwareComponent
range: string
release:
name: release
description: Release is the number of times a version of the software has been
packaged.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Software Release Details
rank: 1000
alias: release
owner: Package
domain_of:
- Package
range: string
src_url:
name: src_url
description: 'The link to the specific library or package such as within <code>GitHub</code>,
this is different from the link to the package manager where the library or
package is hosted.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Source URL
rank: 1000
alias: src_url
owner: Package
domain_of:
- Osint
- Package
- Ticket
- Advisory
- Cvss
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Enrichment
- FindingObject
- FindingInfo
- KbArticle
- Mitigation
- SubTechnique
- Tactic
- Technique
- IncidentProfile
- IncidentFinding
range: UrlT
type:
name: type
description: 'The type of software package, normalized to the caption of the
<code>type_id</code> value. In the case of ''Other'', it is defined by the
source.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type
rank: 1000
alias: type
owner: Package
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- ProgrammaticCredential
- RelatedEvent
- San
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Dns
- Resource
- Account
- Agent
- Analytic
- ApplicationObject
- AuthenticationToken
- ClassifierDetails
- Cve
- Database
- Databucket
- DiscoveryDetails
- DnsAnswer
- DomainContact
- EncryptionDetails
- Endpoint
- Enrichment
- File
- Graph
- Group
- Ja4Fingerprint
- Kernel
- ManagedEntity
- Metadata
- Module
- NetworkEndpoint
- NetworkInterface
- Node
- PeripheralDevice
- Policy
- Rule
- Scan
- Trait
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- WebResource
- Device
- DatastoreActivity
- FtpActivity
- RegValue
- WinResource
range: string
type_id:
name: type_id
annotations:
sibling:
tag: sibling
value: type
description: The type of software package.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type ID
rank: 1000
alias: type_id
owner: Package
domain_of:
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Account
- Agent
- Analytic
- AuthenticationToken
- Database
- Databucket
- DomainContact
- Endpoint
- File
- Ja4Fingerprint
- Kernel
- ManagedEntity
- NetworkEndpoint
- NetworkInterface
- PeripheralDevice
- Scan
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- Device
- DatastoreActivity
- RegValue
- WinResource
range: PackageTypeIdEnum
recommended: true
uid:
name: uid
description: 'A unique identifier for the package or library reported by the source
tool.
E.g., the <code>libId</code> within the <code>sbom</code> field of an OX
Security Issue or the SPDX <code>components.*.bom-ref</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: Package
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
vendor_name:
name: vendor_name
description: The name of the vendor who published the software package.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Vendor Name
rank: 1000
alias: vendor_name
owner: Package
domain_of:
- Osint
- Package
- Scim
- Sso
- Vulnerability
- Agent
- Cvss
- DeviceHwInfo
- GpuInfo
- PeripheralDevice
- Product
- Device
range: string
version:
name: version
description: The software package version.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Version
rank: 1000
alias: version
owner: Package
domain_of:
- Os
- Package
- RpcInterface
- Sbom
- Scim
- SoftwareComponent
- Tls
- Agent
- AiModel
- Analytic
- Api
- ApplicationObject
- Attack
- Certificate
- Check
- CisControl
- CisCsc
- Cvss
- D3fend
- Databucket
- Epss
- Extension
- Feature
- File
- HttpRequest
- Logger
- ManagedEntity
- Metadata
- Policy
- Product
- ResourceDetails
- Rule
- Service
- NtpActivity
range: string
required: true