Haketilo Software Bill of Materials (browser extension) » History » Version 3
koszko, 12/28/2021 11:49 AM
explain that artworks are not included in the SBoM
1 | 1 | koszko | # Haketilo Software Bill of Materials |
---|---|---|---|
2 | |||
3 | [Software Bill of Materials (SBOM)](https://en.wikipedia.org/wiki/Software_bill_of_materials) lists external components used or included in a given software product. |
||
4 | |||
5 | You may also want to look at the [SBOM of Hydrilla](/projects/hydrilla/wiki/Hydrilla_Software_Bill_of_Materials). |
||
6 | |||
7 | *Note: This SBOM corresponds to the upcoming Haketilo version 1.0.* |
||
8 | |||
9 | {{toc}} |
||
10 | |||
11 | ## Incorporated code |
||
12 | 3 | koszko | Software parts that have been copied over to Haketilo source tree with only slight or no modification (code that has been mostly rewritten and non-software artworks are not mentioned here). |
13 | 1 | koszko | |
14 | ### js-sha256 |
||
15 | | field | value | |
||
16 | |--------------+-------------------------------------------------| |
||
17 | | name | js-sha256 | |
||
18 | | version | 0.9.0 | |
||
19 | | copyright | 2014-2017 Chen, Yi-Cyuan `<`emn178@gmail.com`>` | |
||
20 | | license | MIT (Expat) | |
||
21 | | upstream url | https://github.com/emn178/js-sha256 | |
||
22 | |||
23 | This javascript implementation of sha256 is included in the browser extension itself. It is used to compute the sha256 sums of files. Integrity verification of custom javascript downloaded from Hydrilla repository is based on sha256. |
||
24 | |||
25 | ### Reset CSS |
||
26 | | field | value | |
||
27 | |--------------+--------------------------------------------| |
||
28 | | name | Reset CSS | |
||
29 | | version | 2.0 | |
||
30 | | copyright | 2008,2011 Eric A. Meyer | |
||
31 | | license | public domain | |
||
32 | | upstream url | https://meyerweb.com/eric/tools/css/reset/ | |
||
33 | |||
34 | The CSS Reset style sheet is used on Haketilo's pages. |
||
35 | |||
36 | ## External dependencies |
||
37 | |||
38 | ### POSIX environment |
||
39 | Standard UNIX tools (sh, awk, etc.) are needed to **build** Haketilo. There's no known dependency on specific implementations of those (e.g. gawk should work just as well as nawk). |
||
40 | |||
41 | ### Make |
||
42 | Make build system is an **optional requirement for building** Haketilo and a **strict requirement for running the test suite**. There's no known dependency on specific Make implementation. |
||
43 | |||
44 | 2 | koszko | ### Python3 |
45 | Python in at least version 3.7 is needed to run the automated test suite. |
||
46 | |||
47 | ### Pytest |
||
48 | | field | value | |
||
49 | |--------------+------------------------------------| |
||
50 | | name | pytest | |
||
51 | | version | no known constraints (6.2.5 used) | |
||
52 | | copyright | 2004-2021 Holger Krekel and others | |
||
53 | | license | MIT (Expat) | |
||
54 | | upstream url | https://pytest.org | |
||
55 | |||
56 | Pytest library is used in automated tests of the extension. |
||
57 | |||
58 | 1 | koszko | ### Selenium webdriver (Python) |
59 | | field | value | |
||
60 | |--------------+-----------------------------------------------------------------------| |
||
61 | | name | selenium | |
||
62 | | version | no known constraints (3.141.0 used) | |
||
63 | | copyright | 2011-2021 Software Freedom Conservancy; 2004-2011 Selenium committers | |
||
64 | | license | Apache-2.0 | |
||
65 | | upstream url | https://www.selenium.dev/ | |
||
66 | |||
67 | Selenium Python library is used in automated tests of the extension. |
||
68 | |||
69 | ### Web browser |
||
70 | A Firefox-derived web browser with at least version 60 **or** a Chromium-derived browser with at least version 90 (although older Chromium versions are likely to work as well) is needed to use the extensions. |
||
71 | |||
72 | In addition, a Firefox-derived web browser with at least version 60 is needed to run the automated test suite. |
||
73 | |||
74 | ### geckodriver |
||
75 | | field | value | |
||
76 | |--------------+------------------------------------------------------------------------| |
||
77 | | name | geckodriver | |
||
78 | | version | no known constraints (0.30.0 used successfully) | |
||
79 | | copyright | ??? | |
||
80 | | license | MPL-2.0 | |
||
81 | | upstream url | https://firefox-source-docs.mozilla.org/testing/geckodriver/index.html | |
||
82 | |||
83 | Geckodriver compatible with the Firefox-derived browser used is needed to run the automated test suite. |
||
84 | |||
85 | ### Inkscape |
||
86 | | field | value | |
||
87 | |--------------+-------------------------------------------------| |
||
88 | | name | Inkscape | |
||
89 | | version | no known constraints (0.92.4 used successfully) | |
||
90 | | copyright | Inkscape Authors | |
||
91 | | license | GPL-3.0-only | |
||
92 | | upstream url | https://inkscape.org/ | |
||
93 | |||
94 | Inkscape is an optional build dependency used to generate png icons from an svg file. |