Project

General

Profile

Haketilo Software Bill of Materials (browser extension) » History » Version 7

koszko, 02/23/2022 07:13 PM
generate SBoM from https://git.koszko.org/haketilo-hydrilla-sbom/

1 7 koszko
# Software Bill of Materials - Haketilo
2 1 koszko
3 7 koszko
[Software Bill of Materials (SBoM)](https://en.wikipedia.org/wiki/Software_bill_of_materials) lists external components used or included in a given software product.
4 1 koszko
5 7 koszko
You may also want to look at the [SBoM of Hydrilla](/projects/hydrilla/wiki/Hydrilla_Software_Bill_of_Materials) and [a concatenated plain text version](https://git.koszko.org/haketilo-hydrilla-sbom/plain/SBoM_haketilo-1.0_hydrilla-1.0.txt).
6 1 koszko
7 7 koszko
*Note: This SBoM corresponds to the upcoming Haketilo version 1.0.*
8 1 koszko
9
{{toc}}
10
11
## Incorporated code
12 3 koszko
Software parts that have been copied over to Haketilo source tree with only slight or no modification (code that has been mostly rewritten and non-software artworks are not mentioned here).
13 1 koszko
14
### js-sha256
15 7 koszko
| field        | value                                       |
16
|--------------|---------------------------------------------|
17
| name         | js-sha256                                   |
18
| version      | 0.9.0                                       |
19 1 koszko
| copyright    | 2014-2017 Chen, Yi-Cyuan `<`emn178@gmail.com`>` |
20 7 koszko
| license      | MIT (Expat)                                 |
21
| upstream url | https://github.com/emn178/js-sha256         |
22 1 koszko
23 7 koszko
This JavaScript implementation of SHA256 is included in the browser extension itself. It is used to derive nonces used internally by Haketilo. This library is only used in contexts where synchronous computation of SHA256 digest is required. In other cases (e.g. verification of integrity of downloaded files), the asynchronous crypto.subtle JavaScript API is used.
24 1 koszko
25
### Reset CSS
26
| field        | value                                      |
27 7 koszko
|--------------|--------------------------------------------|
28 1 koszko
| name         | Reset CSS                                  |
29
| version      | 2.0                                        |
30
| copyright    | 2008,2011 Eric A. Meyer                    |
31
| license      | public domain                              |
32
| upstream url | https://meyerweb.com/eric/tools/css/reset/ |
33
34 5 koszko
The CSS Reset style sheet is used on pages displayed by Haketilo.
35
36
### jsonschema (JavaScript library)
37 7 koszko
| field        | value                                                    |
38
|--------------|----------------------------------------------------------|
39
| name         | jsonschema                                               |
40
| version      | 1.4.0                                                    |
41 5 koszko
| copyright    | 2012-2021 Tom de Grunt `<`tom@degrunt.nl`>` and contributors |
42 7 koszko
| license      | MIT (Expat)                                              |
43
| upstream url | https://github.com/tdegrunt/jsonschema                   |
44 5 koszko
45
This library shall be used to validate external JSON documents (e.g. those downloaded from Hydrilla repository).
46 1 koszko
47
## External dependencies
48
49
### POSIX environment
50
Standard UNIX tools (sh, awk, etc.) are needed to **build** Haketilo. There's no known dependency on specific implementations of those (e.g. gawk should work just as well as nawk).
51
52
### Make
53
Make build system is an **optional requirement for building** Haketilo and a **strict requirement for running the test suite**. There's no known dependency on specific Make implementation.
54
55 2 koszko
### Python3
56
Python in at least version 3.7 is needed to run the automated test suite.
57
58
### Pytest
59 7 koszko
| field        | value                                            |
60
|--------------|--------------------------------------------------|
61
| name         | pytest                                           |
62
| version      | no known constraints (6.0.2 used in development) |
63
| copyright    | 2004-2021 Holger Krekel and others               |
64
| license      | MIT (Expat)                                      |
65
| upstream url | https://pytest.org                               |
66 2 koszko
67
Pytest library is used in automated tests of the extension.
68
69 1 koszko
### Selenium webdriver (Python)
70
| field        | value                                                                 |
71 7 koszko
|--------------|-----------------------------------------------------------------------|
72 1 koszko
| name         | selenium                                                              |
73 7 koszko
| version      | no known constraints (3.141.0 used in development)                    |
74 1 koszko
| copyright    | 2011-2021 Software Freedom Conservancy; 2004-2011 Selenium committers |
75
| license      | Apache-2.0                                                            |
76
| upstream url | https://www.selenium.dev/                                             |
77
78
Selenium Python library is used in automated tests of the extension.
79
80
### Web browser
81
A Firefox-derived web browser with at least version 60 **or** a Chromium-derived browser with at least version 90 (although older Chromium versions are likely to work as well) is needed to use the extensions.
82
83
In addition, a Firefox-derived web browser with at least version 60 is needed to run the automated test suite.
84
85
### geckodriver
86
| field        | value                                                                  |
87 7 koszko
|--------------|------------------------------------------------------------------------|
88 1 koszko
| name         | geckodriver                                                            |
89 7 koszko
| version      | no known constraints (0.30.0 used in development)                      |
90 1 koszko
| copyright    | ???                                                                    |
91
| license      | MPL-2.0                                                                |
92
| upstream url | https://firefox-source-docs.mozilla.org/testing/geckodriver/index.html |
93
94
Geckodriver compatible with the Firefox-derived browser used is needed to run the automated test suite.
95
96
### Inkscape
97 7 koszko
| field        | value                                             |
98
|--------------|---------------------------------------------------|
99
| name         | Inkscape                                          |
100
| version      | no known constraints (0.92.4 used in development) |
101
| copyright    | Inkscape Authors                                  |
102
| license      | GPL-3.0-only                                      |
103
| upstream url | https://inkscape.org/                             |
104 1 koszko
105
Inkscape is an optional build dependency used to generate png icons from an svg file.