diff --git a/cyclonedx/exception/model.py b/cyclonedx/exception/model.py index 05633e24..61998489 100644 --- a/cyclonedx/exception/model.py +++ b/cyclonedx/exception/model.py @@ -63,7 +63,6 @@ class NoPropertiesProvidedException(CycloneDxModelException): """ Raised when attempting to construct a model class and providing NO values (where all properites are defined as Optional, but at least one is required). - """ pass diff --git a/cyclonedx/exception/serialization.py b/cyclonedx/exception/serialization.py new file mode 100644 index 00000000..565b36c8 --- /dev/null +++ b/cyclonedx/exception/serialization.py @@ -0,0 +1,50 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +""" +Exceptions relating to specific conditions that occur when (de)serializing/(de)normalizing CycloneDX BOM. +""" + +from . import CycloneDxException + + +class CycloneDxSerializationException(CycloneDxException): + """ + Base exception that covers all exceptions that may be thrown during model serializing/normalizing. + """ + pass + + +class CycloneDxDeserializationException(CycloneDxException): + """ + Base exception that covers all exceptions that may be thrown during model deserializing/denormalizing. + """ + pass + + +class SerializationOfUnsupportedComponentTypeException(CycloneDxSerializationException): + """ + Raised when attempting serializing/normalizing a :py:class:`cyclonedx.model.component.Component` + to a :py:class:`cyclonedx.schema.schema.BaseSchemaVersion` + which does not support that :py:class:`cyclonedx.model.component.ComponentType` + . + """ + + +class SerializationOfUnexpectedValueException(CycloneDxSerializationException, ValueError): + """ + Raised when attempting serializing/normalizing a type that is not expected there. + """ diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py index 2ae4569b..4181c789 100644 --- a/cyclonedx/model/__init__.py +++ b/cyclonedx/model/__init__.py @@ -13,12 +13,22 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) OWASP Foundation. All Rights Reserved. +""" +Uniform set of models to represent objects within a CycloneDX software bill-of-materials. + +You can either create a `cyclonedx.model.bom.Bom` yourself programmatically, or generate a `cyclonedx.model.bom.Bom` +from a `cyclonedx.parser.BaseParser` implementation. +""" + import re from datetime import datetime, timezone from enum import Enum from hashlib import sha1 from itertools import zip_longest -from typing import Any, Iterable, Optional, Tuple, TypeVar +from json import loads as json_loads +from typing import Any, Dict, FrozenSet, Generator, Iterable, List, Optional, Tuple, Type, TypeVar +from warnings import warn +from xml.etree.ElementTree import Element as XmlElement # nosec B405 import serializable from sortedcontainers import SortedSet @@ -30,14 +40,15 @@ NoPropertiesProvidedException, UnknownHashTypeException, ) -from ..schema.schema import SchemaVersion1Dot3, SchemaVersion1Dot4, SchemaVersion1Dot5 - -""" -Uniform set of models to represent objects within a CycloneDX software bill-of-materials. - -You can either create a `cyclonedx.model.bom.Bom` yourself programmatically, or generate a `cyclonedx.model.bom.Bom` -from a `cyclonedx.parser.BaseParser` implementation. -""" +from ..exception.serialization import CycloneDxDeserializationException, SerializationOfUnexpectedValueException +from ..schema.schema import ( + SchemaVersion1Dot0, + SchemaVersion1Dot1, + SchemaVersion1Dot2, + SchemaVersion1Dot3, + SchemaVersion1Dot4, + SchemaVersion1Dot5, +) def get_now_utc() -> datetime: @@ -95,6 +106,7 @@ def __gt__(self, other: Any) -> bool: return False +@serializable.serializable_enum class DataFlow(str, Enum): """ This is our internal representation of the dataFlowType simple type within the CycloneDX standard. @@ -169,6 +181,12 @@ def __eq__(self, other: object) -> bool: return hash(other) == hash(self) return False + def __lt__(self, other: object) -> bool: + if isinstance(other, DataClassification): + return ComparableTuple((self.flow, self.classification)) < \ + ComparableTuple((other.flow, other.classification)) + return NotImplemented + def __hash__(self) -> int: return hash((self.flow, self.classification)) @@ -176,6 +194,7 @@ def __repr__(self) -> str: return f'' +@serializable.serializable_enum class Encoding(str, Enum): """ This is our internal representation of the encoding simple type within the CycloneDX standard. @@ -270,6 +289,7 @@ def __repr__(self) -> str: return f'' +@serializable.serializable_enum class HashAlgorithm(str, Enum): """ This is our internal representation of the hashAlg simple type within the CycloneDX standard. @@ -277,7 +297,7 @@ class HashAlgorithm(str, Enum): .. note:: See the CycloneDX Schema: https://cyclonedx.org/docs/1.3/#type_hashAlg """ - + # see `_HashTypeRepositorySerializationHelper.__CASES` for view/case map BLAKE2B_256 = 'BLAKE2b-256' # Only supported in >= 1.2 BLAKE2B_384 = 'BLAKE2b-384' # Only supported in >= 1.2 BLAKE2B_512 = 'BLAKE2b-512' # Only supported in >= 1.2 @@ -292,6 +312,86 @@ class HashAlgorithm(str, Enum): SHA3_512 = 'SHA3-512' +class _HashTypeRepositorySerializationHelper(serializable.helpers.BaseHelper): + """ THIS CLASS IS NON-PUBLIC API """ + + __CASES: Dict[Type[serializable.ViewType], FrozenSet[HashAlgorithm]] = dict() + __CASES[SchemaVersion1Dot0] = frozenset({ + HashAlgorithm.MD5, + HashAlgorithm.SHA_1, + HashAlgorithm.SHA_256, + HashAlgorithm.SHA_384, + HashAlgorithm.SHA_512, + HashAlgorithm.SHA3_256, + HashAlgorithm.SHA3_512, + }) + __CASES[SchemaVersion1Dot1] = __CASES[SchemaVersion1Dot0] + __CASES[SchemaVersion1Dot2] = __CASES[SchemaVersion1Dot1] | { + HashAlgorithm.BLAKE2B_256, + HashAlgorithm.BLAKE2B_384, + HashAlgorithm.BLAKE2B_512, + HashAlgorithm.BLAKE3, + HashAlgorithm.SHA3_384, + } + __CASES[SchemaVersion1Dot3] = __CASES[SchemaVersion1Dot2] + __CASES[SchemaVersion1Dot4] = __CASES[SchemaVersion1Dot3] + __CASES[SchemaVersion1Dot5] = __CASES[SchemaVersion1Dot4] + + @classmethod + def __prep(cls, hts: Iterable['HashType'], view: Type[serializable.ViewType]) -> Generator['HashType', None, None]: + cases = cls.__CASES.get(view, ()) + for ht in hts: + if ht.alg in cases: + yield ht + else: + warn(f'serialization omitted due to unsupported HashAlgorithm: {ht!r}', + category=UserWarning, stacklevel=0) + + @classmethod + def json_normalize(cls, o: Iterable['HashType'], *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> List[Any]: + assert view is not None + return [ + json_loads( + ht.as_json( # type:ignore[attr-defined] + view_=view) + ) for ht in cls.__prep(o, view) + ] + + @classmethod + def xml_normalize(cls, o: Iterable['HashType'], *, + element_name: str, + view: Optional[Type[serializable.ViewType]], + xmlns: Optional[str], + **__: Any) -> XmlElement: + assert view is not None + elem = XmlElement(element_name) + elem.extend( + ht.as_xml( # type:ignore[attr-defined] + view_=view, as_string=False, element_name='hash', xmlns=xmlns + ) for ht in cls.__prep(o, view) + ) + return elem + + @classmethod + def json_denormalize(cls, o: Any, + **__: Any) -> List['HashType']: + return [ + HashType.from_json( # type:ignore[attr-defined] + ht) for ht in o + ] + + @classmethod + def xml_denormalize(cls, o: 'XmlElement', *, + default_ns: Optional[str], + **__: Any) -> List['HashType']: + return [ + HashType.from_xml( # type:ignore[attr-defined] + ht, default_ns) for ht in o + ] + + @serializable.serializable_class class HashType: """ @@ -390,6 +490,7 @@ def __repr__(self) -> str: return f'' +@serializable.serializable_enum class ExternalReferenceType(str, Enum): """ Enum object that defines the permissible 'types' for an External Reference according to the CycloneDX schema. @@ -397,9 +498,9 @@ class ExternalReferenceType(str, Enum): .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.3/#type_externalReferenceType """ - + # see `_ExternalReferenceSerializationHelper.__CASES` for view/case map ADVERSARY_MODEL = 'adversary-model' # Only supported in >= 1.5 - ADVISORIES = 'advisories' + ADVISORIES = 'advisories' # ? ATTESTATION = 'attestation' # Only supported in >= 1.5 BOM = 'bom' BUILD_META = 'build-meta' @@ -422,7 +523,6 @@ class ExternalReferenceType(str, Enum): MAILING_LIST = 'mailing-list' MATURITY_REPORT = 'maturity-report' # Only supported in >= 1.5 MODEL_CARD = 'model-card' # Only supported in >= 1.5 - OTHER = 'other' PENTEST_REPORT = 'pentest-report' # Only supported in >= 1.5 POAM = 'poam' # Only supported in >= 1.5 QUALITY_METRICS = 'quality-metrics' # Only supported in >= 1.5 @@ -438,6 +538,87 @@ class ExternalReferenceType(str, Enum): VCS = 'vcs' VULNERABILITY_ASSERTION = 'vulnerability-assertion' # Only supported in >= 1.5 WEBSITE = 'website' + # -- + OTHER = 'other' + + +class _ExternalReferenceSerializationHelper(serializable.helpers.BaseHelper): + """ THIS CLASS IS NON-PUBLIC API """ + + __CASES: Dict[Type[serializable.ViewType], FrozenSet[ExternalReferenceType]] = dict() + __CASES[SchemaVersion1Dot1] = frozenset({ + ExternalReferenceType.VCS, + ExternalReferenceType.ISSUE_TRACKER, + ExternalReferenceType.WEBSITE, + ExternalReferenceType.ADVISORIES, + ExternalReferenceType.BOM, + ExternalReferenceType.MAILING_LIST, + ExternalReferenceType.SOCIAL, + ExternalReferenceType.CHAT, + ExternalReferenceType.DOCUMENTATION, + ExternalReferenceType.SUPPORT, + ExternalReferenceType.DISTRIBUTION, + ExternalReferenceType.LICENSE, + ExternalReferenceType.BUILD_META, + ExternalReferenceType.BUILD_SYSTEM, + ExternalReferenceType.OTHER, + }) + __CASES[SchemaVersion1Dot2] = __CASES[SchemaVersion1Dot1] + __CASES[SchemaVersion1Dot3] = __CASES[SchemaVersion1Dot2] + __CASES[SchemaVersion1Dot4] = __CASES[SchemaVersion1Dot3] | { + ExternalReferenceType.RELEASE_NOTES + } + __CASES[SchemaVersion1Dot5] = __CASES[SchemaVersion1Dot4] | { + ExternalReferenceType.DISTRIBUTION_INTAKE, + ExternalReferenceType.SECURITY_CONTACT, + ExternalReferenceType.MODEL_CARD, + ExternalReferenceType.LOG, + ExternalReferenceType.CONFIGURATION, + ExternalReferenceType.EVIDENCE, + ExternalReferenceType.FORMULATION, + ExternalReferenceType.ATTESTATION, + ExternalReferenceType.THREAT_MODEL, + ExternalReferenceType.ADVERSARY_MODEL, + ExternalReferenceType.RISK_ASSESSMENT, + ExternalReferenceType.VULNERABILITY_ASSERTION, + ExternalReferenceType.EXPLOITABILITY_STATEMENT, + ExternalReferenceType.PENTEST_REPORT, + ExternalReferenceType.STATIC_ANALYSIS_REPORT, + ExternalReferenceType.DYNAMIC_ANALYSIS_REPORT, + ExternalReferenceType.RUNTIME_ANALYSIS_REPORT, + ExternalReferenceType.COMPONENT_ANALYSIS_REPORT, + ExternalReferenceType.MATURITY_REPORT, + ExternalReferenceType.CERTIFICATION_REPORT, + ExternalReferenceType.QUALITY_METRICS, + ExternalReferenceType.CODIFIED_INFRASTRUCTURE, + ExternalReferenceType.POAM, + } + + @classmethod + def __normalize(cls, extref: ExternalReferenceType, view: Type[serializable.ViewType]) -> str: + return ( + extref + if extref in cls.__CASES.get(view, ()) + else ExternalReferenceType.OTHER + ).value + + @classmethod + def json_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> str: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def xml_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> str: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def deserialize(cls, o: Any) -> ExternalReferenceType: + return ExternalReferenceType(o) @serializable.serializable_class @@ -461,25 +642,6 @@ def __init__(self, uri: str) -> None: ) self._uri = uri - @property - @serializable.json_name('.') - @serializable.xml_name('.') - def uri(self) -> str: - return self._uri - - @classmethod - def serialize(cls, o: Any) -> str: - if isinstance(o, XsUri): - return str(o) - raise ValueError(f'Attempt to serialize a non-XsUri: {o.__class__}') - - @classmethod - def deserialize(cls, o: Any) -> 'XsUri': - try: - return XsUri(uri=str(o)) - except ValueError: - raise ValueError(f'XsUri string supplied ({o}) does not parse!') - def __eq__(self, other: Any) -> bool: if isinstance(other, XsUri): return hash(other) == hash(self) @@ -499,6 +661,28 @@ def __repr__(self) -> str: def __str__(self) -> str: return self._uri + @property + @serializable.json_name('.') + @serializable.xml_name('.') + def uri(self) -> str: + return self._uri + + @classmethod + def serialize(cls, o: Any) -> str: + if isinstance(o, XsUri): + return str(o) + raise SerializationOfUnexpectedValueException( + f'Attempt to serialize a non-XsUri: {o!r}') + + @classmethod + def deserialize(cls, o: Any) -> 'XsUri': + try: + return XsUri(uri=str(o)) + except ValueError as err: + raise CycloneDxDeserializationException( + f'XsUri string supplied does not parse: {o!r}' + ) from err + @serializable.serializable_class class ExternalReference: @@ -547,6 +731,7 @@ def comment(self, comment: Optional[str]) -> None: self._comment = comment @property + @serializable.type_mapping(_ExternalReferenceSerializationHelper) @serializable.xml_attribute() def type(self) -> ExternalReferenceType: """ @@ -568,7 +753,7 @@ def type(self, type: ExternalReferenceType) -> None: @serializable.view(SchemaVersion1Dot3) @serializable.view(SchemaVersion1Dot4) @serializable.view(SchemaVersion1Dot5) - @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'hash') + @serializable.type_mapping(_HashTypeRepositorySerializationHelper) def hashes(self) -> 'SortedSet[HashType]': """ The hashes of the external reference (if applicable). @@ -1065,7 +1250,7 @@ def version(self, version: Optional[str]) -> None: self._version = version @property - @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'hash') + @serializable.type_mapping(_HashTypeRepositorySerializationHelper) @serializable.xml_sequence(4) def hashes(self) -> 'SortedSet[HashType]': """ diff --git a/cyclonedx/model/bom.py b/cyclonedx/model/bom.py index 3e7e0762..aa12eb10 100644 --- a/cyclonedx/model/bom.py +++ b/cyclonedx/model/bom.py @@ -16,11 +16,11 @@ # Copyright (c) OWASP Foundation. All Rights Reserved. -import warnings from datetime import datetime from itertools import chain from typing import TYPE_CHECKING, Generator, Iterable, Optional, Union from uuid import UUID, uuid4 +from warnings import warn import serializable from sortedcontainers import SortedSet @@ -598,7 +598,7 @@ def validate(self) -> bool: dependency_diff = dependency_bom_refs - component_bom_refs if len(dependency_diff) > 0: raise UnknownComponentDependencyException( - f'One or more Components have Dependency references to Components/Services that are not known in this ' + 'One or more Components have Dependency references to Components/Services that are not known in this ' f'BOM. They are: {dependency_diff}') # 2. if root component is set: dependencies should exist for the Component this BOM is describing @@ -606,10 +606,10 @@ def validate(self) -> bool: lambda d: d.ref == self.metadata.component.bom_ref and len(d.dependencies) > 0, # type: ignore[union-attr] self.dependencies )): - warnings.warn( + warn( f'The Component this BOM is describing {self.metadata.component.purl} has no defined dependencies ' - f'which means the Dependency Graph is incomplete - you should add direct dependencies to this ' - f'"root" Component to complete the Dependency Graph data.', + 'which means the Dependency Graph is incomplete - you should add direct dependencies to this ' + '"root" Component to complete the Dependency Graph data.', category=UserWarning, stacklevel=1 ) diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index e8445f7c..943561d1 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -18,7 +18,7 @@ from enum import Enum from os.path import exists -from typing import Any, Iterable, Optional, Set, Union +from typing import Any, Dict, FrozenSet, Iterable, Optional, Set, Type, Union # See https://github.com/package-url/packageurl-python/issues/65 import serializable @@ -26,6 +26,7 @@ from sortedcontainers import SortedSet from ..exception.model import NoPropertiesProvidedException +from ..exception.serialization import SerializationOfUnsupportedComponentTypeException from ..schema.schema import ( SchemaVersion1Dot0, SchemaVersion1Dot1, @@ -46,6 +47,7 @@ OrganizationalEntity, Property, XsUri, + _HashTypeRepositorySerializationHelper, sha1sum, ) from .bom_ref import BomRef @@ -270,6 +272,7 @@ def __repr__(self) -> str: return f'' +@serializable.serializable_enum class ComponentScope(str, Enum): """ Enum object that defines the permissable 'scopes' for a Component according to the CycloneDX schema. @@ -277,11 +280,54 @@ class ComponentScope(str, Enum): .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.3/#type_scope """ + # see `_ComponentScopeSerializationHelper.__CASES` for view/case map REQUIRED = 'required' OPTIONAL = 'optional' - EXCLUDED = 'excluded' - - + EXCLUDED = 'excluded' # Only supported in >= 1.1 + + +class _ComponentScopeSerializationHelper(serializable.helpers.BaseHelper): + """ THIS CLASS IS NON-PUBLIC API """ + + __CASES: Dict[Type[serializable.ViewType], FrozenSet[ComponentScope]] = dict() + __CASES[SchemaVersion1Dot0] = frozenset({ + ComponentScope.REQUIRED, + ComponentScope.OPTIONAL, + }) + __CASES[SchemaVersion1Dot1] = __CASES[SchemaVersion1Dot0] | { + ComponentScope.EXCLUDED, + } + __CASES[SchemaVersion1Dot2] = __CASES[SchemaVersion1Dot1] + __CASES[SchemaVersion1Dot3] = __CASES[SchemaVersion1Dot2] + __CASES[SchemaVersion1Dot4] = __CASES[SchemaVersion1Dot3] + __CASES[SchemaVersion1Dot5] = __CASES[SchemaVersion1Dot4] + + @classmethod + def __normalize(cls, cs: ComponentScope, view: Type[serializable.ViewType]) -> Optional[str]: + return cs.value \ + if cs in cls.__CASES.get(view, ()) \ + else None + + @classmethod + def json_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> Optional[str]: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def xml_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> Optional[str]: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def deserialize(cls, o: Any) -> ComponentScope: + return ComponentScope(o) + + +@serializable.serializable_enum class ComponentType(str, Enum): """ Enum object that defines the permissible 'types' for a Component according to the CycloneDX schema. @@ -289,6 +335,7 @@ class ComponentType(str, Enum): .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.3/#type_classification """ + # see `_ComponentTypeSerializationHelper.__CASES` for view/case map APPLICATION = 'application' CONTAINER = 'container' # Only supported in >= 1.2 DATA = 'data' # Only supported in >= 1.5 @@ -303,6 +350,58 @@ class ComponentType(str, Enum): PLATFORM = 'platform' # Only supported in >= 1.5 +class _ComponentTypeSerializationHelper(serializable.helpers.BaseHelper): + """ THIS CLASS IS NON-PUBLIC API """ + + __CASES: Dict[Type[serializable.ViewType], FrozenSet[ComponentType]] = dict() + __CASES[SchemaVersion1Dot0] = frozenset({ + ComponentType.APPLICATION, + ComponentType.DEVICE, + ComponentType.FRAMEWORK, + ComponentType.LIBRARY, + ComponentType.OPERATING_SYSTEM, + }) + __CASES[SchemaVersion1Dot1] = __CASES[SchemaVersion1Dot0] | { + ComponentType.FILE, + } + __CASES[SchemaVersion1Dot2] = __CASES[SchemaVersion1Dot1] | { + ComponentType.CONTAINER, + ComponentType.FIRMWARE, + } + __CASES[SchemaVersion1Dot3] = __CASES[SchemaVersion1Dot2] + __CASES[SchemaVersion1Dot4] = __CASES[SchemaVersion1Dot3] + __CASES[SchemaVersion1Dot5] = __CASES[SchemaVersion1Dot4] | { + ComponentType.DATA, + ComponentType.DEVICE_DRIVER, + ComponentType.MACHINE_LEARNING_MODEL, + ComponentType.PLATFORM, + } + + @classmethod + def __normalize(cls, ct: ComponentType, view: Type[serializable.ViewType]) -> Optional[str]: + if ct in cls.__CASES.get(view, ()): + return ct.value + raise SerializationOfUnsupportedComponentTypeException(f'unsupported {ct!r} for view {view!r}') + + @classmethod + def json_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> Optional[str]: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def xml_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> Optional[str]: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def deserialize(cls, o: Any) -> ComponentType: + return ComponentType(o) + + class Diff: """ Our internal representation of the `diffType` complex type. @@ -365,6 +464,7 @@ def __repr__(self) -> str: return f'' +@serializable.serializable_enum class PatchClassification(str, Enum): """ Enum object that defines the permissible `patchClassification`s. @@ -832,6 +932,7 @@ def __init__(self, *, self.release_notes = release_notes @property + @serializable.type_mapping(_ComponentTypeSerializationHelper) @serializable.xml_attribute() def type(self) -> ComponentType: """ @@ -1016,6 +1117,7 @@ def description(self, description: Optional[str]) -> None: self._description = description @property + @serializable.type_mapping(_ComponentScopeSerializationHelper) @serializable.xml_sequence(8) def scope(self) -> Optional[ComponentScope]: """ @@ -1033,7 +1135,7 @@ def scope(self, scope: Optional[ComponentScope]) -> None: self._scope = scope @property - @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'hash') + @serializable.type_mapping(_HashTypeRepositorySerializationHelper) @serializable.xml_sequence(9) def hashes(self) -> 'SortedSet[HashType]': """ diff --git a/cyclonedx/model/issue.py b/cyclonedx/model/issue.py index 03709b4f..6efb8323 100644 --- a/cyclonedx/model/issue.py +++ b/cyclonedx/model/issue.py @@ -23,6 +23,7 @@ from . import ComparableTuple, XsUri +@serializable.serializable_enum class IssueClassification(str, Enum): """ This is our internal representation of the enum `issueClassification`. diff --git a/cyclonedx/model/license.py b/cyclonedx/model/license.py index 59569c3d..b28e1161 100644 --- a/cyclonedx/model/license.py +++ b/cyclonedx/model/license.py @@ -15,8 +15,14 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) OWASP Foundation. All Rights Reserved. -import warnings + +""" +License related things +""" + + from typing import TYPE_CHECKING, Any, Optional, Union +from warnings import warn import serializable from sortedcontainers import SortedSet @@ -24,10 +30,6 @@ from ..exception.model import MutuallyExclusivePropertiesException from . import AttachedText, ComparableTuple, XsUri -""" -License related things -""" - @serializable.serializable_class(name='license') class DisjunctiveLicense: @@ -44,7 +46,7 @@ def __init__(self, *, id: Optional[str] = None, name: Optional[str] = None, if not id and not name: raise MutuallyExclusivePropertiesException('Either `id` or `name` MUST be supplied') if id and name: - warnings.warn( + warn( 'Both `id` and `name` have been supplied - `name` will be ignored!', category=RuntimeWarning, stacklevel=1 ) diff --git a/cyclonedx/model/vulnerability.py b/cyclonedx/model/vulnerability.py index 3a8f68a5..cddccb64 100644 --- a/cyclonedx/model/vulnerability.py +++ b/cyclonedx/model/vulnerability.py @@ -20,12 +20,13 @@ from datetime import datetime from decimal import Decimal from enum import Enum -from typing import Any, Iterable, Optional, Tuple, Union +from typing import Any, Dict, FrozenSet, Iterable, Optional, Tuple, Type, Union import serializable from sortedcontainers import SortedSet from ..exception.model import MutuallyExclusivePropertiesException, NoPropertiesProvidedException +from ..schema.schema import SchemaVersion1Dot4, SchemaVersion1Dot5 from ..serialization import BomRefHelper from . import ComparableTuple, OrganizationalContact, OrganizationalEntity, Property, Tool, XsUri from .bom_ref import BomRef @@ -494,19 +495,24 @@ def __repr__(self) -> str: return f'' +@serializable.serializable_enum class VulnerabilityScoreSource(str, Enum): """ Enum object that defines the permissible source types for a Vulnerability's score. .. note:: See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.4/#type_scoreSourceType + + .. note:: + No explicit carry-over from the former schema extension: + https://github.com/CycloneDX/specification/blob/master/schema/ext/vulnerability-1.0.xsd """ + # see `_VulnerabilityScoreSourceSerializationHelper.__CASES` for view/case map CVSS_V2 = 'CVSSv2' CVSS_V3 = 'CVSSv3' CVSS_V3_1 = 'CVSSv31' CVSS_V4 = 'CVSSv4' # Only supported in >= 1.5 OWASP = 'OWASP' # Name change in 1.4 - OPEN_FAIR = 'Open FAIR' # Only < 1.4 SSVC = 'SSVC' # Only supported in >= 1.5 OTHER = 'other' @@ -566,6 +572,50 @@ def get_value_pre_1_4(self) -> str: return self.value # type: ignore +class _VulnerabilityScoreSourceSerializationHelper(serializable.helpers.BaseHelper): + """ THIS CLASS IS NON-PUBLIC API """ + + __CASES: Dict[Type[serializable.ViewType], FrozenSet[VulnerabilityScoreSource]] = dict() + __CASES[SchemaVersion1Dot4] = frozenset({ + VulnerabilityScoreSource.CVSS_V2, + VulnerabilityScoreSource.CVSS_V3, + VulnerabilityScoreSource.CVSS_V3_1, + VulnerabilityScoreSource.OWASP, + VulnerabilityScoreSource.OTHER, + }) + __CASES[SchemaVersion1Dot5] = __CASES[SchemaVersion1Dot4] | { + VulnerabilityScoreSource.CVSS_V4, + VulnerabilityScoreSource.SSVC + } + + @classmethod + def __normalize(cls, vss: VulnerabilityScoreSource, view: Type[serializable.ViewType]) -> str: + return ( + vss + if vss in cls.__CASES.get(view, ()) + else VulnerabilityScoreSource.OTHER + ).value + + @classmethod + def json_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> str: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def xml_normalize(cls, o: Any, *, + view: Optional[Type[serializable.ViewType]], + **__: Any) -> str: + assert view is not None + return cls.__normalize(o, view) + + @classmethod + def deserialize(cls, o: Any) -> VulnerabilityScoreSource: + return VulnerabilityScoreSource(o) + + +@serializable.serializable_enum class VulnerabilitySeverity(str, Enum): """ Class that defines the permissible severities for a Vulnerability. @@ -693,6 +743,7 @@ def severity(self, severity: Optional[VulnerabilitySeverity]) -> None: self._severity = severity @property + @serializable.type_mapping(_VulnerabilityScoreSourceSerializationHelper) @serializable.xml_sequence(4) def method(self) -> Optional[VulnerabilityScoreSource]: """ diff --git a/cyclonedx/schema/_res/__init__.py b/cyclonedx/schema/_res/__init__.py index 43a23520..123e76dd 100644 --- a/cyclonedx/schema/_res/__init__.py +++ b/cyclonedx/schema/_res/__init__.py @@ -48,8 +48,8 @@ BOM_JSON_STRICT: Dict[SchemaVersion, Optional[str]] = { # >= v1.4 is already strict - no special file here - SchemaVersion.V1_5: join(__DIR, 'bom-1.5.SNAPSHOT.schema.json'), - SchemaVersion.V1_4: join(__DIR, 'bom-1.4.SNAPSHOT.schema.json'), + SchemaVersion.V1_5: BOM_JSON[SchemaVersion.V1_5], + SchemaVersion.V1_4: BOM_JSON[SchemaVersion.V1_4], # <= 1.3 need special files SchemaVersion.V1_3: join(__DIR, 'bom-1.3-strict.SNAPSHOT.schema.json'), SchemaVersion.V1_2: join(__DIR, 'bom-1.2-strict.SNAPSHOT.schema.json'), diff --git a/cyclonedx/schema/schema.py b/cyclonedx/schema/schema.py index f6c3adf7..78ae62bb 100644 --- a/cyclonedx/schema/schema.py +++ b/cyclonedx/schema/schema.py @@ -20,7 +20,7 @@ from serializable import ViewType -from ..schema import SchemaVersion +from . import SchemaVersion class BaseSchemaVersion(ABC, ViewType): diff --git a/cyclonedx/serialization/__init__.py b/cyclonedx/serialization/__init__.py index 720ee94d..645c2ea9 100644 --- a/cyclonedx/serialization/__init__.py +++ b/cyclonedx/serialization/__init__.py @@ -27,6 +27,7 @@ from packageurl import PackageURL from serializable.helpers import BaseHelper +from ..exception.serialization import CycloneDxDeserializationException, SerializationOfUnexpectedValueException from ..model.bom_ref import BomRef from ..model.license import DisjunctiveLicense, LicenseExpression, LicenseRepository @@ -40,15 +41,17 @@ class BomRefHelper(BaseHelper): def serialize(cls, o: Any) -> str: if isinstance(o, BomRef): return o.value - - raise ValueError(f'Attempt to serialize a non-BomRef: {o.__class__}') + raise SerializationOfUnexpectedValueException( + f'Attempt to serialize a non-BomRef: {o!r}') @classmethod def deserialize(cls, o: Any) -> BomRef: try: return BomRef(value=str(o)) - except ValueError: - raise ValueError(f'BomRef string supplied ({o}) does not parse!') + except ValueError as err: + raise CycloneDxDeserializationException( + f'BomRef string supplied does not parse: {o!r}' + ) from err class PackageUrl(BaseHelper): @@ -57,15 +60,17 @@ class PackageUrl(BaseHelper): def serialize(cls, o: Any, ) -> str: if isinstance(o, PackageURL): return str(o.to_string()) - - raise ValueError(f'Attempt to serialize a non-PackageURL: {o.__class__}') + raise SerializationOfUnexpectedValueException( + f'Attempt to serialize a non-PackageURL: {o!r}') @classmethod def deserialize(cls, o: Any) -> PackageURL: try: return PackageURL.from_string(purl=str(o)) - except ValueError: - raise ValueError(f'PURL string supplied ({o}) does not parse!') + except ValueError as err: + raise CycloneDxDeserializationException( + f'PURL string supplied does not parse: {o!r}' + ) from err class UrnUuidHelper(BaseHelper): @@ -74,15 +79,17 @@ class UrnUuidHelper(BaseHelper): def serialize(cls, o: Any) -> str: if isinstance(o, UUID): return o.urn - - raise ValueError(f'Attempt to serialize a non-UUID: {o.__class__}') + raise SerializationOfUnexpectedValueException( + f'Attempt to serialize a non-UUID: {o!r}') @classmethod def deserialize(cls, o: Any) -> UUID: try: return UUID(str(o)) - except ValueError: - raise ValueError(f'UUID string supplied ({o}) does not parse!') + except ValueError as err: + raise CycloneDxDeserializationException( + f'UUID string supplied does not parse: {o!r}' + ) from err class LicenseRepositoryHelper(BaseHelper): @@ -98,8 +105,14 @@ def json_normalize(cls, o: LicenseRepository, *, # see https://github.com/CycloneDX/specification/pull/205 # but models need to allow it for backwards compatibility with JSON CDX < 1.5 return [{'expression': str(expression.value)}] - return [{'license': json_loads(li.as_json( # type:ignore[union-attr] - view_=view))} for li in o] + return [ + {'license': json_loads( + li.as_json( # type:ignore[attr-defined] + view_=view) + )} + for li in o + if isinstance(li, DisjunctiveLicense) + ] @classmethod def json_denormalize(cls, o: List[Dict[str, Any]], @@ -111,6 +124,8 @@ def json_denormalize(cls, o: List[Dict[str, Any]], li['license'])) elif 'expression' in li: repo.add(LicenseExpression(li['expression'])) + else: + raise CycloneDxDeserializationException(f'unexpected: {li!r}') return repo @classmethod @@ -128,11 +143,14 @@ def xml_normalize(cls, o: LicenseRepository, *, # see https://github.com/CycloneDX/specification/pull/205 # but models need to allow it for backwards compatibility with JSON CDX < 1.5 elem.append(expression.as_xml( # type:ignore[attr-defined] - view, as_string=False, element_name='expression', xmlns=xmlns)) + view_=view, as_string=False, element_name='expression', xmlns=xmlns)) else: - for li in o: - elem.append(li.as_xml( # type:ignore[union-attr] - view, as_string=False, element_name='license', xmlns=xmlns)) + elem.extend( + li.as_xml( # type:ignore[attr-defined] + view_=view, as_string=False, element_name='license', xmlns=xmlns) + for li in o + if isinstance(li, DisjunctiveLicense) + ) return elem @classmethod @@ -148,4 +166,6 @@ def xml_denormalize(cls, o: Element, elif tag == 'expression': repo.add(LicenseExpression.from_xml( # type:ignore[attr-defined] li, default_ns)) + else: + raise CycloneDxDeserializationException(f'unexpected: {li!r}') return repo diff --git a/pyproject.toml b/pyproject.toml index b87ff6dc..3ec17f64 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -69,7 +69,7 @@ keywords = [ # ATTENTION: keep `deps.lowest.r` file in sync python = "^3.8" packageurl-python = ">= 0.11" -py-serializable = "^0.15" +py-serializable = "^0.16" sortedcontainers = "^2.4.0" license-expression = "^30" jsonschema = { version = "^4.18", extras=['format'], optional=true } diff --git a/tests/_data/snapshots/enum_ComponentScope-1.0.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.0.xml.bin new file mode 100644 index 00000000..9c5f72b5 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.0.xml.bin @@ -0,0 +1,22 @@ + + + + + dummy-EXCLUDED + + false + + + dummy-OPTIONAL + + optional + false + + + dummy-REQUIRED + + required + false + + + diff --git a/tests/_data/snapshots/enum_ComponentScope-1.1.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.1.xml.bin new file mode 100644 index 00000000..810b8976 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.1.xml.bin @@ -0,0 +1,20 @@ + + + + + dummy-EXCLUDED + + excluded + + + dummy-OPTIONAL + + optional + + + dummy-REQUIRED + + required + + + diff --git a/tests/_data/snapshots/enum_ComponentScope-1.2.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.2.json.bin new file mode 100644 index 00000000..e81616a8 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.2.json.bin @@ -0,0 +1,51 @@ +{ + "components": [ + { + "bom-ref": "scoped-EXCLUDED", + "name": "dummy-EXCLUDED", + "scope": "excluded", + "type": "library", + "version": "" + }, + { + "bom-ref": "scoped-OPTIONAL", + "name": "dummy-OPTIONAL", + "scope": "optional", + "type": "library", + "version": "" + }, + { + "bom-ref": "scoped-REQUIRED", + "name": "dummy-REQUIRED", + "scope": "required", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "scoped-EXCLUDED" + }, + { + "ref": "scoped-OPTIONAL" + }, + { + "ref": "scoped-REQUIRED" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentScope-1.2.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.2.xml.bin new file mode 100644 index 00000000..746d6865 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.2.xml.bin @@ -0,0 +1,35 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy-EXCLUDED + + excluded + + + dummy-OPTIONAL + + optional + + + dummy-REQUIRED + + required + + + + + + + + diff --git a/tests/_data/snapshots/enum_ComponentScope-1.3.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.3.json.bin new file mode 100644 index 00000000..0a89875c --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.3.json.bin @@ -0,0 +1,51 @@ +{ + "components": [ + { + "bom-ref": "scoped-EXCLUDED", + "name": "dummy-EXCLUDED", + "scope": "excluded", + "type": "library", + "version": "" + }, + { + "bom-ref": "scoped-OPTIONAL", + "name": "dummy-OPTIONAL", + "scope": "optional", + "type": "library", + "version": "" + }, + { + "bom-ref": "scoped-REQUIRED", + "name": "dummy-REQUIRED", + "scope": "required", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "scoped-EXCLUDED" + }, + { + "ref": "scoped-OPTIONAL" + }, + { + "ref": "scoped-REQUIRED" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentScope-1.3.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.3.xml.bin new file mode 100644 index 00000000..d5b28fe8 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.3.xml.bin @@ -0,0 +1,35 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy-EXCLUDED + + excluded + + + dummy-OPTIONAL + + optional + + + dummy-REQUIRED + + required + + + + + + + + diff --git a/tests/_data/snapshots/enum_ComponentScope-1.4.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.4.json.bin new file mode 100644 index 00000000..c2bfdb04 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.4.json.bin @@ -0,0 +1,82 @@ +{ + "components": [ + { + "bom-ref": "scoped-EXCLUDED", + "name": "dummy-EXCLUDED", + "scope": "excluded", + "type": "library" + }, + { + "bom-ref": "scoped-OPTIONAL", + "name": "dummy-OPTIONAL", + "scope": "optional", + "type": "library" + }, + { + "bom-ref": "scoped-REQUIRED", + "name": "dummy-REQUIRED", + "scope": "required", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "scoped-EXCLUDED" + }, + { + "ref": "scoped-OPTIONAL" + }, + { + "ref": "scoped-REQUIRED" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentScope-1.4.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.4.xml.bin new file mode 100644 index 00000000..b9621f48 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.4.xml.bin @@ -0,0 +1,58 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy-EXCLUDED + excluded + + + dummy-OPTIONAL + optional + + + dummy-REQUIRED + required + + + + + + + + diff --git a/tests/_data/snapshots/enum_ComponentScope-1.5.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.5.json.bin new file mode 100644 index 00000000..1ae5f22b --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.5.json.bin @@ -0,0 +1,82 @@ +{ + "components": [ + { + "bom-ref": "scoped-EXCLUDED", + "name": "dummy-EXCLUDED", + "scope": "excluded", + "type": "library" + }, + { + "bom-ref": "scoped-OPTIONAL", + "name": "dummy-OPTIONAL", + "scope": "optional", + "type": "library" + }, + { + "bom-ref": "scoped-REQUIRED", + "name": "dummy-REQUIRED", + "scope": "required", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "scoped-EXCLUDED" + }, + { + "ref": "scoped-OPTIONAL" + }, + { + "ref": "scoped-REQUIRED" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentScope-1.5.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.5.xml.bin new file mode 100644 index 00000000..00cb0e9e --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentScope-1.5.xml.bin @@ -0,0 +1,58 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy-EXCLUDED + excluded + + + dummy-OPTIONAL + optional + + + dummy-REQUIRED + required + + + + + + + + diff --git a/tests/_data/snapshots/enum_ComponentType-1.0.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.0.xml.bin new file mode 100644 index 00000000..028faecd --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.0.xml.bin @@ -0,0 +1,30 @@ + + + + + dummy APPLICATION + + false + + + dummy DEVICE + + false + + + dummy FRAMEWORK + + false + + + dummy LIBRARY + + false + + + dummy OPERATING_SYSTEM + + false + + + diff --git a/tests/_data/snapshots/enum_ComponentType-1.1.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.1.xml.bin new file mode 100644 index 00000000..95ad11e5 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.1.xml.bin @@ -0,0 +1,29 @@ + + + + + dummy APPLICATION + + + + dummy DEVICE + + + + dummy FILE + + + + dummy FRAMEWORK + + + + dummy LIBRARY + + + + dummy OPERATING_SYSTEM + + + + diff --git a/tests/_data/snapshots/enum_ComponentType-1.2.json.bin b/tests/_data/snapshots/enum_ComponentType-1.2.json.bin new file mode 100644 index 00000000..502ff22d --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.2.json.bin @@ -0,0 +1,93 @@ +{ + "components": [ + { + "bom-ref": "typed-APPLICATION", + "name": "dummy APPLICATION", + "type": "application", + "version": "" + }, + { + "bom-ref": "typed-CONTAINER", + "name": "dummy CONTAINER", + "type": "container", + "version": "" + }, + { + "bom-ref": "typed-DEVICE", + "name": "dummy DEVICE", + "type": "device", + "version": "" + }, + { + "bom-ref": "typed-FILE", + "name": "dummy FILE", + "type": "file", + "version": "" + }, + { + "bom-ref": "typed-FIRMWARE", + "name": "dummy FIRMWARE", + "type": "firmware", + "version": "" + }, + { + "bom-ref": "typed-FRAMEWORK", + "name": "dummy FRAMEWORK", + "type": "framework", + "version": "" + }, + { + "bom-ref": "typed-LIBRARY", + "name": "dummy LIBRARY", + "type": "library", + "version": "" + }, + { + "bom-ref": "typed-OPERATING_SYSTEM", + "name": "dummy OPERATING_SYSTEM", + "type": "operating-system", + "version": "" + } + ], + "dependencies": [ + { + "ref": "typed-APPLICATION" + }, + { + "ref": "typed-CONTAINER" + }, + { + "ref": "typed-DEVICE" + }, + { + "ref": "typed-FILE" + }, + { + "ref": "typed-FIRMWARE" + }, + { + "ref": "typed-FRAMEWORK" + }, + { + "ref": "typed-LIBRARY" + }, + { + "ref": "typed-OPERATING_SYSTEM" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentType-1.2.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.2.xml.bin new file mode 100644 index 00000000..9fdafcd1 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.2.xml.bin @@ -0,0 +1,57 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy APPLICATION + + + + dummy CONTAINER + + + + dummy DEVICE + + + + dummy FILE + + + + dummy FIRMWARE + + + + dummy FRAMEWORK + + + + dummy LIBRARY + + + + dummy OPERATING_SYSTEM + + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_ComponentType-1.3.json.bin b/tests/_data/snapshots/enum_ComponentType-1.3.json.bin new file mode 100644 index 00000000..db9f274d --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.3.json.bin @@ -0,0 +1,93 @@ +{ + "components": [ + { + "bom-ref": "typed-APPLICATION", + "name": "dummy APPLICATION", + "type": "application", + "version": "" + }, + { + "bom-ref": "typed-CONTAINER", + "name": "dummy CONTAINER", + "type": "container", + "version": "" + }, + { + "bom-ref": "typed-DEVICE", + "name": "dummy DEVICE", + "type": "device", + "version": "" + }, + { + "bom-ref": "typed-FILE", + "name": "dummy FILE", + "type": "file", + "version": "" + }, + { + "bom-ref": "typed-FIRMWARE", + "name": "dummy FIRMWARE", + "type": "firmware", + "version": "" + }, + { + "bom-ref": "typed-FRAMEWORK", + "name": "dummy FRAMEWORK", + "type": "framework", + "version": "" + }, + { + "bom-ref": "typed-LIBRARY", + "name": "dummy LIBRARY", + "type": "library", + "version": "" + }, + { + "bom-ref": "typed-OPERATING_SYSTEM", + "name": "dummy OPERATING_SYSTEM", + "type": "operating-system", + "version": "" + } + ], + "dependencies": [ + { + "ref": "typed-APPLICATION" + }, + { + "ref": "typed-CONTAINER" + }, + { + "ref": "typed-DEVICE" + }, + { + "ref": "typed-FILE" + }, + { + "ref": "typed-FIRMWARE" + }, + { + "ref": "typed-FRAMEWORK" + }, + { + "ref": "typed-LIBRARY" + }, + { + "ref": "typed-OPERATING_SYSTEM" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentType-1.3.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.3.xml.bin new file mode 100644 index 00000000..2fff94ea --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.3.xml.bin @@ -0,0 +1,57 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy APPLICATION + + + + dummy CONTAINER + + + + dummy DEVICE + + + + dummy FILE + + + + dummy FIRMWARE + + + + dummy FRAMEWORK + + + + dummy LIBRARY + + + + dummy OPERATING_SYSTEM + + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_ComponentType-1.4.json.bin b/tests/_data/snapshots/enum_ComponentType-1.4.json.bin new file mode 100644 index 00000000..e3049751 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.4.json.bin @@ -0,0 +1,119 @@ +{ + "components": [ + { + "bom-ref": "typed-APPLICATION", + "name": "dummy APPLICATION", + "type": "application" + }, + { + "bom-ref": "typed-CONTAINER", + "name": "dummy CONTAINER", + "type": "container" + }, + { + "bom-ref": "typed-DEVICE", + "name": "dummy DEVICE", + "type": "device" + }, + { + "bom-ref": "typed-FILE", + "name": "dummy FILE", + "type": "file" + }, + { + "bom-ref": "typed-FIRMWARE", + "name": "dummy FIRMWARE", + "type": "firmware" + }, + { + "bom-ref": "typed-FRAMEWORK", + "name": "dummy FRAMEWORK", + "type": "framework" + }, + { + "bom-ref": "typed-LIBRARY", + "name": "dummy LIBRARY", + "type": "library" + }, + { + "bom-ref": "typed-OPERATING_SYSTEM", + "name": "dummy OPERATING_SYSTEM", + "type": "operating-system" + } + ], + "dependencies": [ + { + "ref": "typed-APPLICATION" + }, + { + "ref": "typed-CONTAINER" + }, + { + "ref": "typed-DEVICE" + }, + { + "ref": "typed-FILE" + }, + { + "ref": "typed-FIRMWARE" + }, + { + "ref": "typed-FRAMEWORK" + }, + { + "ref": "typed-LIBRARY" + }, + { + "ref": "typed-OPERATING_SYSTEM" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentType-1.4.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.4.xml.bin new file mode 100644 index 00000000..751ba6a7 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.4.xml.bin @@ -0,0 +1,75 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy APPLICATION + + + dummy CONTAINER + + + dummy DEVICE + + + dummy FILE + + + dummy FIRMWARE + + + dummy FRAMEWORK + + + dummy LIBRARY + + + dummy OPERATING_SYSTEM + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_ComponentType-1.5.json.bin b/tests/_data/snapshots/enum_ComponentType-1.5.json.bin new file mode 100644 index 00000000..823b2eb9 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.5.json.bin @@ -0,0 +1,151 @@ +{ + "components": [ + { + "bom-ref": "typed-APPLICATION", + "name": "dummy APPLICATION", + "type": "application" + }, + { + "bom-ref": "typed-CONTAINER", + "name": "dummy CONTAINER", + "type": "container" + }, + { + "bom-ref": "typed-DATA", + "name": "dummy DATA", + "type": "data" + }, + { + "bom-ref": "typed-DEVICE", + "name": "dummy DEVICE", + "type": "device" + }, + { + "bom-ref": "typed-DEVICE_DRIVER", + "name": "dummy DEVICE_DRIVER", + "type": "device-driver" + }, + { + "bom-ref": "typed-FILE", + "name": "dummy FILE", + "type": "file" + }, + { + "bom-ref": "typed-FIRMWARE", + "name": "dummy FIRMWARE", + "type": "firmware" + }, + { + "bom-ref": "typed-FRAMEWORK", + "name": "dummy FRAMEWORK", + "type": "framework" + }, + { + "bom-ref": "typed-LIBRARY", + "name": "dummy LIBRARY", + "type": "library" + }, + { + "bom-ref": "typed-MACHINE_LEARNING_MODEL", + "name": "dummy MACHINE_LEARNING_MODEL", + "type": "machine-learning-model" + }, + { + "bom-ref": "typed-OPERATING_SYSTEM", + "name": "dummy OPERATING_SYSTEM", + "type": "operating-system" + }, + { + "bom-ref": "typed-PLATFORM", + "name": "dummy PLATFORM", + "type": "platform" + } + ], + "dependencies": [ + { + "ref": "typed-APPLICATION" + }, + { + "ref": "typed-CONTAINER" + }, + { + "ref": "typed-DATA" + }, + { + "ref": "typed-DEVICE" + }, + { + "ref": "typed-DEVICE_DRIVER" + }, + { + "ref": "typed-FILE" + }, + { + "ref": "typed-FIRMWARE" + }, + { + "ref": "typed-FRAMEWORK" + }, + { + "ref": "typed-LIBRARY" + }, + { + "ref": "typed-MACHINE_LEARNING_MODEL" + }, + { + "ref": "typed-OPERATING_SYSTEM" + }, + { + "ref": "typed-PLATFORM" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ComponentType-1.5.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.5.xml.bin new file mode 100644 index 00000000..82fd6dd7 --- /dev/null +++ b/tests/_data/snapshots/enum_ComponentType-1.5.xml.bin @@ -0,0 +1,91 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy APPLICATION + + + dummy CONTAINER + + + dummy DATA + + + dummy DEVICE + + + dummy DEVICE_DRIVER + + + dummy FILE + + + dummy FIRMWARE + + + dummy FRAMEWORK + + + dummy LIBRARY + + + dummy MACHINE_LEARNING_MODEL + + + dummy OPERATING_SYSTEM + + + dummy PLATFORM + + + + + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_DataFlow-1.0.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_DataFlow-1.1.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_DataFlow-1.2.json.bin b/tests/_data/snapshots/enum_DataFlow-1.2.json.bin new file mode 100644 index 00000000..cc0b7a87 --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.2.json.bin @@ -0,0 +1,46 @@ +{ + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "services": [ + { + "bom-ref": "dummy", + "data": [ + { + "classification": "BI_DIRECTIONAL", + "flow": "bi-directional" + }, + { + "classification": "INBOUND", + "flow": "inbound" + }, + { + "classification": "OUTBOUND", + "flow": "outbound" + }, + { + "classification": "UNKNOWN", + "flow": "unknown" + } + ], + "name": "dummy" + } + ], + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_DataFlow-1.2.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.2.xml.bin new file mode 100644 index 00000000..8d57f63a --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.2.xml.bin @@ -0,0 +1,27 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + BI_DIRECTIONAL + INBOUND + OUTBOUND + UNKNOWN + + + + + + + diff --git a/tests/_data/snapshots/enum_DataFlow-1.3.json.bin b/tests/_data/snapshots/enum_DataFlow-1.3.json.bin new file mode 100644 index 00000000..a4ee0e50 --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.3.json.bin @@ -0,0 +1,46 @@ +{ + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "services": [ + { + "bom-ref": "dummy", + "data": [ + { + "classification": "BI_DIRECTIONAL", + "flow": "bi-directional" + }, + { + "classification": "INBOUND", + "flow": "inbound" + }, + { + "classification": "OUTBOUND", + "flow": "outbound" + }, + { + "classification": "UNKNOWN", + "flow": "unknown" + } + ], + "name": "dummy" + } + ], + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_DataFlow-1.3.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.3.xml.bin new file mode 100644 index 00000000..434f3c81 --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.3.xml.bin @@ -0,0 +1,27 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + BI_DIRECTIONAL + INBOUND + OUTBOUND + UNKNOWN + + + + + + + diff --git a/tests/_data/snapshots/enum_DataFlow-1.4.json.bin b/tests/_data/snapshots/enum_DataFlow-1.4.json.bin new file mode 100644 index 00000000..b2a3d94a --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.4.json.bin @@ -0,0 +1,80 @@ +{ + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "services": [ + { + "bom-ref": "dummy", + "data": [ + { + "classification": "BI_DIRECTIONAL", + "flow": "bi-directional" + }, + { + "classification": "INBOUND", + "flow": "inbound" + }, + { + "classification": "OUTBOUND", + "flow": "outbound" + }, + { + "classification": "UNKNOWN", + "flow": "unknown" + } + ], + "name": "dummy" + } + ], + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_DataFlow-1.4.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.4.xml.bin new file mode 100644 index 00000000..ebc96f50 --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.4.xml.bin @@ -0,0 +1,53 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + BI_DIRECTIONAL + INBOUND + OUTBOUND + UNKNOWN + + + + + + + diff --git a/tests/_data/snapshots/enum_DataFlow-1.5.json.bin b/tests/_data/snapshots/enum_DataFlow-1.5.json.bin new file mode 100644 index 00000000..92e50851 --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.5.json.bin @@ -0,0 +1,80 @@ +{ + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "services": [ + { + "bom-ref": "dummy", + "data": [ + { + "classification": "BI_DIRECTIONAL", + "flow": "bi-directional" + }, + { + "classification": "INBOUND", + "flow": "inbound" + }, + { + "classification": "OUTBOUND", + "flow": "outbound" + }, + { + "classification": "UNKNOWN", + "flow": "unknown" + } + ], + "name": "dummy" + } + ], + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_DataFlow-1.5.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.5.xml.bin new file mode 100644 index 00000000..1c595ad0 --- /dev/null +++ b/tests/_data/snapshots/enum_DataFlow-1.5.xml.bin @@ -0,0 +1,53 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + BI_DIRECTIONAL + INBOUND + OUTBOUND + UNKNOWN + + + + + + + diff --git a/tests/_data/snapshots/enum_Encoding-1.0.xml.bin b/tests/_data/snapshots/enum_Encoding-1.0.xml.bin new file mode 100644 index 00000000..068b881e --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.0.xml.bin @@ -0,0 +1,10 @@ + + + + + dummy + + false + + + diff --git a/tests/_data/snapshots/enum_Encoding-1.1.xml.bin b/tests/_data/snapshots/enum_Encoding-1.1.xml.bin new file mode 100644 index 00000000..66b78cb9 --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.1.xml.bin @@ -0,0 +1,15 @@ + + + + + dummy + + + + att.encoding: BASE_64 + att.encoding: BASE_64 + + + + + diff --git a/tests/_data/snapshots/enum_Encoding-1.2.json.bin b/tests/_data/snapshots/enum_Encoding-1.2.json.bin new file mode 100644 index 00000000..1bd83f88 --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.2.json.bin @@ -0,0 +1,42 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "licenses": [ + { + "license": { + "name": "att.encoding: BASE_64", + "text": { + "content": "att.encoding: BASE_64", + "contentType": "text/plain", + "encoding": "base64" + } + } + } + ], + "name": "dummy", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_Encoding-1.2.xml.bin b/tests/_data/snapshots/enum_Encoding-1.2.xml.bin new file mode 100644 index 00000000..b0744af6 --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.2.xml.bin @@ -0,0 +1,28 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + att.encoding: BASE_64 + att.encoding: BASE_64 + + + + + + + + diff --git a/tests/_data/snapshots/enum_Encoding-1.3.json.bin b/tests/_data/snapshots/enum_Encoding-1.3.json.bin new file mode 100644 index 00000000..2ff182dc --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.3.json.bin @@ -0,0 +1,42 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "licenses": [ + { + "license": { + "name": "att.encoding: BASE_64", + "text": { + "content": "att.encoding: BASE_64", + "contentType": "text/plain", + "encoding": "base64" + } + } + } + ], + "name": "dummy", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_Encoding-1.3.xml.bin b/tests/_data/snapshots/enum_Encoding-1.3.xml.bin new file mode 100644 index 00000000..cc349445 --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.3.xml.bin @@ -0,0 +1,28 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + att.encoding: BASE_64 + att.encoding: BASE_64 + + + + + + + + diff --git a/tests/_data/snapshots/enum_Encoding-1.4.json.bin b/tests/_data/snapshots/enum_Encoding-1.4.json.bin new file mode 100644 index 00000000..7d33faac --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.4.json.bin @@ -0,0 +1,75 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "licenses": [ + { + "license": { + "name": "att.encoding: BASE_64", + "text": { + "content": "att.encoding: BASE_64", + "contentType": "text/plain", + "encoding": "base64" + } + } + } + ], + "name": "dummy", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_Encoding-1.4.xml.bin b/tests/_data/snapshots/enum_Encoding-1.4.xml.bin new file mode 100644 index 00000000..6fc9579d --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.4.xml.bin @@ -0,0 +1,53 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + att.encoding: BASE_64 + att.encoding: BASE_64 + + + + + + + + diff --git a/tests/_data/snapshots/enum_Encoding-1.5.json.bin b/tests/_data/snapshots/enum_Encoding-1.5.json.bin new file mode 100644 index 00000000..62199fbf --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.5.json.bin @@ -0,0 +1,75 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "licenses": [ + { + "license": { + "name": "att.encoding: BASE_64", + "text": { + "content": "att.encoding: BASE_64", + "contentType": "text/plain", + "encoding": "base64" + } + } + } + ], + "name": "dummy", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_Encoding-1.5.xml.bin b/tests/_data/snapshots/enum_Encoding-1.5.xml.bin new file mode 100644 index 00000000..a1dc28dd --- /dev/null +++ b/tests/_data/snapshots/enum_Encoding-1.5.xml.bin @@ -0,0 +1,53 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + att.encoding: BASE_64 + att.encoding: BASE_64 + + + + + + + + diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.0.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.0.xml.bin new file mode 100644 index 00000000..068b881e --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.0.xml.bin @@ -0,0 +1,10 @@ + + + + + dummy + + false + + + diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.1.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.1.xml.bin new file mode 100644 index 00000000..afdf773b --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.1.xml.bin @@ -0,0 +1,128 @@ + + + + + dummy + + + + tests/ADVERSARY_MODEL + + + tests/ADVISORIES + + + tests/ATTESTATION + + + tests/BOM + + + tests/BUILD_META + + + tests/BUILD_SYSTEM + + + tests/CERTIFICATION_REPORT + + + tests/CHAT + + + tests/CODIFIED_INFRASTRUCTURE + + + tests/COMPONENT_ANALYSIS_REPORT + + + tests/CONFIGURATION + + + tests/DISTRIBUTION + + + tests/DISTRIBUTION_INTAKE + + + tests/DOCUMENTATION + + + tests/DYNAMIC_ANALYSIS_REPORT + + + tests/EVIDENCE + + + tests/EXPLOITABILITY_STATEMENT + + + tests/FORMULATION + + + tests/ISSUE_TRACKER + + + tests/LICENSE + + + tests/LOG + + + tests/MAILING_LIST + + + tests/MATURITY_REPORT + + + tests/MODEL_CARD + + + tests/OTHER + + + tests/PENTEST_REPORT + + + tests/POAM + + + tests/QUALITY_METRICS + + + tests/RELEASE_NOTES + + + tests/RISK_ASSESSMENT + + + tests/RUNTIME_ANALYSIS_REPORT + + + tests/SECURITY_CONTACT + + + tests/SOCIAL + + + tests/STATIC_ANALYSIS_REPORT + + + tests/SUPPORT + + + tests/THREAT_MODEL + + + tests/SCM + + + tests/VULNERABILITY_ASSERTION + + + tests/WEBSITE + + + + + diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.2.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.json.bin new file mode 100644 index 00000000..5acdca64 --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.json.bin @@ -0,0 +1,188 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "externalReferences": [ + { + "type": "other", + "url": "tests/ADVERSARY_MODEL" + }, + { + "type": "advisories", + "url": "tests/ADVISORIES" + }, + { + "type": "other", + "url": "tests/ATTESTATION" + }, + { + "type": "bom", + "url": "tests/BOM" + }, + { + "type": "build-meta", + "url": "tests/BUILD_META" + }, + { + "type": "build-system", + "url": "tests/BUILD_SYSTEM" + }, + { + "type": "other", + "url": "tests/CERTIFICATION_REPORT" + }, + { + "type": "chat", + "url": "tests/CHAT" + }, + { + "type": "other", + "url": "tests/CODIFIED_INFRASTRUCTURE" + }, + { + "type": "other", + "url": "tests/COMPONENT_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/CONFIGURATION" + }, + { + "type": "distribution", + "url": "tests/DISTRIBUTION" + }, + { + "type": "other", + "url": "tests/DISTRIBUTION_INTAKE" + }, + { + "type": "documentation", + "url": "tests/DOCUMENTATION" + }, + { + "type": "other", + "url": "tests/DYNAMIC_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/EVIDENCE" + }, + { + "type": "other", + "url": "tests/EXPLOITABILITY_STATEMENT" + }, + { + "type": "other", + "url": "tests/FORMULATION" + }, + { + "type": "issue-tracker", + "url": "tests/ISSUE_TRACKER" + }, + { + "type": "license", + "url": "tests/LICENSE" + }, + { + "type": "other", + "url": "tests/LOG" + }, + { + "type": "mailing-list", + "url": "tests/MAILING_LIST" + }, + { + "type": "other", + "url": "tests/MATURITY_REPORT" + }, + { + "type": "other", + "url": "tests/MODEL_CARD" + }, + { + "type": "other", + "url": "tests/OTHER" + }, + { + "type": "other", + "url": "tests/PENTEST_REPORT" + }, + { + "type": "other", + "url": "tests/POAM" + }, + { + "type": "other", + "url": "tests/QUALITY_METRICS" + }, + { + "type": "other", + "url": "tests/RELEASE_NOTES" + }, + { + "type": "other", + "url": "tests/RISK_ASSESSMENT" + }, + { + "type": "other", + "url": "tests/RUNTIME_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/SECURITY_CONTACT" + }, + { + "type": "social", + "url": "tests/SOCIAL" + }, + { + "type": "other", + "url": "tests/STATIC_ANALYSIS_REPORT" + }, + { + "type": "support", + "url": "tests/SUPPORT" + }, + { + "type": "other", + "url": "tests/THREAT_MODEL" + }, + { + "type": "vcs", + "url": "tests/SCM" + }, + { + "type": "other", + "url": "tests/VULNERABILITY_ASSERTION" + }, + { + "type": "website", + "url": "tests/WEBSITE" + } + ], + "name": "dummy", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.2.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.xml.bin new file mode 100644 index 00000000..0b49cb8d --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.xml.bin @@ -0,0 +1,141 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + tests/ADVERSARY_MODEL + + + tests/ADVISORIES + + + tests/ATTESTATION + + + tests/BOM + + + tests/BUILD_META + + + tests/BUILD_SYSTEM + + + tests/CERTIFICATION_REPORT + + + tests/CHAT + + + tests/CODIFIED_INFRASTRUCTURE + + + tests/COMPONENT_ANALYSIS_REPORT + + + tests/CONFIGURATION + + + tests/DISTRIBUTION + + + tests/DISTRIBUTION_INTAKE + + + tests/DOCUMENTATION + + + tests/DYNAMIC_ANALYSIS_REPORT + + + tests/EVIDENCE + + + tests/EXPLOITABILITY_STATEMENT + + + tests/FORMULATION + + + tests/ISSUE_TRACKER + + + tests/LICENSE + + + tests/LOG + + + tests/MAILING_LIST + + + tests/MATURITY_REPORT + + + tests/MODEL_CARD + + + tests/OTHER + + + tests/PENTEST_REPORT + + + tests/POAM + + + tests/QUALITY_METRICS + + + tests/RELEASE_NOTES + + + tests/RISK_ASSESSMENT + + + tests/RUNTIME_ANALYSIS_REPORT + + + tests/SECURITY_CONTACT + + + tests/SOCIAL + + + tests/STATIC_ANALYSIS_REPORT + + + tests/SUPPORT + + + tests/THREAT_MODEL + + + tests/SCM + + + tests/VULNERABILITY_ASSERTION + + + tests/WEBSITE + + + + + + + + diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.3.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.json.bin new file mode 100644 index 00000000..527e1216 --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.json.bin @@ -0,0 +1,188 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "externalReferences": [ + { + "type": "other", + "url": "tests/ADVERSARY_MODEL" + }, + { + "type": "advisories", + "url": "tests/ADVISORIES" + }, + { + "type": "other", + "url": "tests/ATTESTATION" + }, + { + "type": "bom", + "url": "tests/BOM" + }, + { + "type": "build-meta", + "url": "tests/BUILD_META" + }, + { + "type": "build-system", + "url": "tests/BUILD_SYSTEM" + }, + { + "type": "other", + "url": "tests/CERTIFICATION_REPORT" + }, + { + "type": "chat", + "url": "tests/CHAT" + }, + { + "type": "other", + "url": "tests/CODIFIED_INFRASTRUCTURE" + }, + { + "type": "other", + "url": "tests/COMPONENT_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/CONFIGURATION" + }, + { + "type": "distribution", + "url": "tests/DISTRIBUTION" + }, + { + "type": "other", + "url": "tests/DISTRIBUTION_INTAKE" + }, + { + "type": "documentation", + "url": "tests/DOCUMENTATION" + }, + { + "type": "other", + "url": "tests/DYNAMIC_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/EVIDENCE" + }, + { + "type": "other", + "url": "tests/EXPLOITABILITY_STATEMENT" + }, + { + "type": "other", + "url": "tests/FORMULATION" + }, + { + "type": "issue-tracker", + "url": "tests/ISSUE_TRACKER" + }, + { + "type": "license", + "url": "tests/LICENSE" + }, + { + "type": "other", + "url": "tests/LOG" + }, + { + "type": "mailing-list", + "url": "tests/MAILING_LIST" + }, + { + "type": "other", + "url": "tests/MATURITY_REPORT" + }, + { + "type": "other", + "url": "tests/MODEL_CARD" + }, + { + "type": "other", + "url": "tests/OTHER" + }, + { + "type": "other", + "url": "tests/PENTEST_REPORT" + }, + { + "type": "other", + "url": "tests/POAM" + }, + { + "type": "other", + "url": "tests/QUALITY_METRICS" + }, + { + "type": "other", + "url": "tests/RELEASE_NOTES" + }, + { + "type": "other", + "url": "tests/RISK_ASSESSMENT" + }, + { + "type": "other", + "url": "tests/RUNTIME_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/SECURITY_CONTACT" + }, + { + "type": "social", + "url": "tests/SOCIAL" + }, + { + "type": "other", + "url": "tests/STATIC_ANALYSIS_REPORT" + }, + { + "type": "support", + "url": "tests/SUPPORT" + }, + { + "type": "other", + "url": "tests/THREAT_MODEL" + }, + { + "type": "vcs", + "url": "tests/SCM" + }, + { + "type": "other", + "url": "tests/VULNERABILITY_ASSERTION" + }, + { + "type": "website", + "url": "tests/WEBSITE" + } + ], + "name": "dummy", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.3.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.xml.bin new file mode 100644 index 00000000..5d40d9c9 --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.xml.bin @@ -0,0 +1,141 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + tests/ADVERSARY_MODEL + + + tests/ADVISORIES + + + tests/ATTESTATION + + + tests/BOM + + + tests/BUILD_META + + + tests/BUILD_SYSTEM + + + tests/CERTIFICATION_REPORT + + + tests/CHAT + + + tests/CODIFIED_INFRASTRUCTURE + + + tests/COMPONENT_ANALYSIS_REPORT + + + tests/CONFIGURATION + + + tests/DISTRIBUTION + + + tests/DISTRIBUTION_INTAKE + + + tests/DOCUMENTATION + + + tests/DYNAMIC_ANALYSIS_REPORT + + + tests/EVIDENCE + + + tests/EXPLOITABILITY_STATEMENT + + + tests/FORMULATION + + + tests/ISSUE_TRACKER + + + tests/LICENSE + + + tests/LOG + + + tests/MAILING_LIST + + + tests/MATURITY_REPORT + + + tests/MODEL_CARD + + + tests/OTHER + + + tests/PENTEST_REPORT + + + tests/POAM + + + tests/QUALITY_METRICS + + + tests/RELEASE_NOTES + + + tests/RISK_ASSESSMENT + + + tests/RUNTIME_ANALYSIS_REPORT + + + tests/SECURITY_CONTACT + + + tests/SOCIAL + + + tests/STATIC_ANALYSIS_REPORT + + + tests/SUPPORT + + + tests/THREAT_MODEL + + + tests/SCM + + + tests/VULNERABILITY_ASSERTION + + + tests/WEBSITE + + + + + + + + diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.4.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.json.bin new file mode 100644 index 00000000..e905005d --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.json.bin @@ -0,0 +1,221 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "externalReferences": [ + { + "type": "other", + "url": "tests/ADVERSARY_MODEL" + }, + { + "type": "advisories", + "url": "tests/ADVISORIES" + }, + { + "type": "other", + "url": "tests/ATTESTATION" + }, + { + "type": "bom", + "url": "tests/BOM" + }, + { + "type": "build-meta", + "url": "tests/BUILD_META" + }, + { + "type": "build-system", + "url": "tests/BUILD_SYSTEM" + }, + { + "type": "other", + "url": "tests/CERTIFICATION_REPORT" + }, + { + "type": "chat", + "url": "tests/CHAT" + }, + { + "type": "other", + "url": "tests/CODIFIED_INFRASTRUCTURE" + }, + { + "type": "other", + "url": "tests/COMPONENT_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/CONFIGURATION" + }, + { + "type": "distribution", + "url": "tests/DISTRIBUTION" + }, + { + "type": "other", + "url": "tests/DISTRIBUTION_INTAKE" + }, + { + "type": "documentation", + "url": "tests/DOCUMENTATION" + }, + { + "type": "other", + "url": "tests/DYNAMIC_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/EVIDENCE" + }, + { + "type": "other", + "url": "tests/EXPLOITABILITY_STATEMENT" + }, + { + "type": "other", + "url": "tests/FORMULATION" + }, + { + "type": "issue-tracker", + "url": "tests/ISSUE_TRACKER" + }, + { + "type": "license", + "url": "tests/LICENSE" + }, + { + "type": "other", + "url": "tests/LOG" + }, + { + "type": "mailing-list", + "url": "tests/MAILING_LIST" + }, + { + "type": "other", + "url": "tests/MATURITY_REPORT" + }, + { + "type": "other", + "url": "tests/MODEL_CARD" + }, + { + "type": "other", + "url": "tests/OTHER" + }, + { + "type": "other", + "url": "tests/PENTEST_REPORT" + }, + { + "type": "other", + "url": "tests/POAM" + }, + { + "type": "other", + "url": "tests/QUALITY_METRICS" + }, + { + "type": "release-notes", + "url": "tests/RELEASE_NOTES" + }, + { + "type": "other", + "url": "tests/RISK_ASSESSMENT" + }, + { + "type": "other", + "url": "tests/RUNTIME_ANALYSIS_REPORT" + }, + { + "type": "other", + "url": "tests/SECURITY_CONTACT" + }, + { + "type": "social", + "url": "tests/SOCIAL" + }, + { + "type": "other", + "url": "tests/STATIC_ANALYSIS_REPORT" + }, + { + "type": "support", + "url": "tests/SUPPORT" + }, + { + "type": "other", + "url": "tests/THREAT_MODEL" + }, + { + "type": "vcs", + "url": "tests/SCM" + }, + { + "type": "other", + "url": "tests/VULNERABILITY_ASSERTION" + }, + { + "type": "website", + "url": "tests/WEBSITE" + } + ], + "name": "dummy", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.4.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.xml.bin new file mode 100644 index 00000000..7dd5dede --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.xml.bin @@ -0,0 +1,166 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + tests/ADVERSARY_MODEL + + + tests/ADVISORIES + + + tests/ATTESTATION + + + tests/BOM + + + tests/BUILD_META + + + tests/BUILD_SYSTEM + + + tests/CERTIFICATION_REPORT + + + tests/CHAT + + + tests/CODIFIED_INFRASTRUCTURE + + + tests/COMPONENT_ANALYSIS_REPORT + + + tests/CONFIGURATION + + + tests/DISTRIBUTION + + + tests/DISTRIBUTION_INTAKE + + + tests/DOCUMENTATION + + + tests/DYNAMIC_ANALYSIS_REPORT + + + tests/EVIDENCE + + + tests/EXPLOITABILITY_STATEMENT + + + tests/FORMULATION + + + tests/ISSUE_TRACKER + + + tests/LICENSE + + + tests/LOG + + + tests/MAILING_LIST + + + tests/MATURITY_REPORT + + + tests/MODEL_CARD + + + tests/OTHER + + + tests/PENTEST_REPORT + + + tests/POAM + + + tests/QUALITY_METRICS + + + tests/RELEASE_NOTES + + + tests/RISK_ASSESSMENT + + + tests/RUNTIME_ANALYSIS_REPORT + + + tests/SECURITY_CONTACT + + + tests/SOCIAL + + + tests/STATIC_ANALYSIS_REPORT + + + tests/SUPPORT + + + tests/THREAT_MODEL + + + tests/SCM + + + tests/VULNERABILITY_ASSERTION + + + tests/WEBSITE + + + + + + + + diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.5.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.json.bin new file mode 100644 index 00000000..6f9ab467 --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.json.bin @@ -0,0 +1,221 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "externalReferences": [ + { + "type": "adversary-model", + "url": "tests/ADVERSARY_MODEL" + }, + { + "type": "advisories", + "url": "tests/ADVISORIES" + }, + { + "type": "attestation", + "url": "tests/ATTESTATION" + }, + { + "type": "bom", + "url": "tests/BOM" + }, + { + "type": "build-meta", + "url": "tests/BUILD_META" + }, + { + "type": "build-system", + "url": "tests/BUILD_SYSTEM" + }, + { + "type": "certification-report", + "url": "tests/CERTIFICATION_REPORT" + }, + { + "type": "chat", + "url": "tests/CHAT" + }, + { + "type": "codified-infrastructure", + "url": "tests/CODIFIED_INFRASTRUCTURE" + }, + { + "type": "component-analysis-report", + "url": "tests/COMPONENT_ANALYSIS_REPORT" + }, + { + "type": "configuration", + "url": "tests/CONFIGURATION" + }, + { + "type": "distribution", + "url": "tests/DISTRIBUTION" + }, + { + "type": "distribution-intake", + "url": "tests/DISTRIBUTION_INTAKE" + }, + { + "type": "documentation", + "url": "tests/DOCUMENTATION" + }, + { + "type": "dynamic-analysis-report", + "url": "tests/DYNAMIC_ANALYSIS_REPORT" + }, + { + "type": "evidence", + "url": "tests/EVIDENCE" + }, + { + "type": "exploitability-statement", + "url": "tests/EXPLOITABILITY_STATEMENT" + }, + { + "type": "formulation", + "url": "tests/FORMULATION" + }, + { + "type": "issue-tracker", + "url": "tests/ISSUE_TRACKER" + }, + { + "type": "license", + "url": "tests/LICENSE" + }, + { + "type": "log", + "url": "tests/LOG" + }, + { + "type": "mailing-list", + "url": "tests/MAILING_LIST" + }, + { + "type": "maturity-report", + "url": "tests/MATURITY_REPORT" + }, + { + "type": "model-card", + "url": "tests/MODEL_CARD" + }, + { + "type": "other", + "url": "tests/OTHER" + }, + { + "type": "pentest-report", + "url": "tests/PENTEST_REPORT" + }, + { + "type": "poam", + "url": "tests/POAM" + }, + { + "type": "quality-metrics", + "url": "tests/QUALITY_METRICS" + }, + { + "type": "release-notes", + "url": "tests/RELEASE_NOTES" + }, + { + "type": "risk-assessment", + "url": "tests/RISK_ASSESSMENT" + }, + { + "type": "runtime-analysis-report", + "url": "tests/RUNTIME_ANALYSIS_REPORT" + }, + { + "type": "security-contact", + "url": "tests/SECURITY_CONTACT" + }, + { + "type": "social", + "url": "tests/SOCIAL" + }, + { + "type": "static-analysis-report", + "url": "tests/STATIC_ANALYSIS_REPORT" + }, + { + "type": "support", + "url": "tests/SUPPORT" + }, + { + "type": "threat-model", + "url": "tests/THREAT_MODEL" + }, + { + "type": "vcs", + "url": "tests/SCM" + }, + { + "type": "vulnerability-assertion", + "url": "tests/VULNERABILITY_ASSERTION" + }, + { + "type": "website", + "url": "tests/WEBSITE" + } + ], + "name": "dummy", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.5.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.xml.bin new file mode 100644 index 00000000..ca43d2e8 --- /dev/null +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.xml.bin @@ -0,0 +1,166 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + tests/ADVERSARY_MODEL + + + tests/ADVISORIES + + + tests/ATTESTATION + + + tests/BOM + + + tests/BUILD_META + + + tests/BUILD_SYSTEM + + + tests/CERTIFICATION_REPORT + + + tests/CHAT + + + tests/CODIFIED_INFRASTRUCTURE + + + tests/COMPONENT_ANALYSIS_REPORT + + + tests/CONFIGURATION + + + tests/DISTRIBUTION + + + tests/DISTRIBUTION_INTAKE + + + tests/DOCUMENTATION + + + tests/DYNAMIC_ANALYSIS_REPORT + + + tests/EVIDENCE + + + tests/EXPLOITABILITY_STATEMENT + + + tests/FORMULATION + + + tests/ISSUE_TRACKER + + + tests/LICENSE + + + tests/LOG + + + tests/MAILING_LIST + + + tests/MATURITY_REPORT + + + tests/MODEL_CARD + + + tests/OTHER + + + tests/PENTEST_REPORT + + + tests/POAM + + + tests/QUALITY_METRICS + + + tests/RELEASE_NOTES + + + tests/RISK_ASSESSMENT + + + tests/RUNTIME_ANALYSIS_REPORT + + + tests/SECURITY_CONTACT + + + tests/SOCIAL + + + tests/STATIC_ANALYSIS_REPORT + + + tests/SUPPORT + + + tests/THREAT_MODEL + + + tests/SCM + + + tests/VULNERABILITY_ASSERTION + + + tests/WEBSITE + + + + + + + + diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.0.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.0.xml.bin new file mode 100644 index 00000000..43e7e997 --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.0.xml.bin @@ -0,0 +1,19 @@ + + + + + dummy + + + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + + false + + + diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.1.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.1.xml.bin new file mode 100644 index 00000000..333a3380 --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.1.xml.bin @@ -0,0 +1,18 @@ + + + + + dummy + + + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + + + + diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.2.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.2.json.bin new file mode 100644 index 00000000..676688fc --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.2.json.bin @@ -0,0 +1,80 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "hashes": [ + { + "alg": "BLAKE2b-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE3", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "MD5", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-1", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + } + ], + "name": "dummy", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.2.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.2.xml.bin new file mode 100644 index 00000000..598aa3bd --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.2.xml.bin @@ -0,0 +1,36 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + + + + + + + diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.3.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.3.json.bin new file mode 100644 index 00000000..feef702e --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.3.json.bin @@ -0,0 +1,80 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "hashes": [ + { + "alg": "BLAKE2b-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE3", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "MD5", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-1", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + } + ], + "name": "dummy", + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.3.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.3.xml.bin new file mode 100644 index 00000000..df81eb25 --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.3.xml.bin @@ -0,0 +1,36 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + + + + + + + diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.4.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.4.json.bin new file mode 100644 index 00000000..3f6e1978 --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.4.json.bin @@ -0,0 +1,113 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "hashes": [ + { + "alg": "BLAKE2b-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE3", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "MD5", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-1", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + } + ], + "name": "dummy", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.4.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.4.xml.bin new file mode 100644 index 00000000..19975680 --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.4.xml.bin @@ -0,0 +1,61 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + + + + + + + diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.5.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.5.json.bin new file mode 100644 index 00000000..7f2a4b01 --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.5.json.bin @@ -0,0 +1,113 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "hashes": [ + { + "alg": "BLAKE2b-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE2b-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "BLAKE3", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "MD5", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-1", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-256", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-384", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + }, + { + "alg": "SHA3-512", + "content": "ae2b1fca515949e5d54fb22b8ed95575" + } + ], + "name": "dummy", + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.5.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.5.xml.bin new file mode 100644 index 00000000..219ba7bd --- /dev/null +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.5.xml.bin @@ -0,0 +1,61 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + ae2b1fca515949e5d54fb22b8ed95575 + + + + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.0.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.1.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.json.bin new file mode 100644 index 00000000..1165e037 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.xml.bin new file mode 100644 index 00000000..bc36ede0 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.json.bin new file mode 100644 index 00000000..bc1a579f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.xml.bin new file mode 100644 index 00000000..1ebd391f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.json.bin new file mode 100644 index 00000000..2c46385d --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.json.bin @@ -0,0 +1,76 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "affects": [ + { + "ref": "urn:cdx:bom23/1#comp42", + "versions": [ + { + "status": "affected", + "version": "1.33.7+AFFECTED" + }, + { + "status": "unaffected", + "version": "1.33.7+UNAFFECTED" + }, + { + "status": "unknown", + "version": "1.33.7+UNKNOWN" + } + ] + } + ], + "bom-ref": "dummy", + "id": "dummy" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.xml.bin new file mode 100644 index 00000000..d77127c3 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.xml.bin @@ -0,0 +1,63 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + urn:cdx:bom23/1#comp42 + + + 1.33.7+AFFECTED + affected + + + 1.33.7+UNAFFECTED + unaffected + + + 1.33.7+UNKNOWN + unknown + + + + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.json.bin new file mode 100644 index 00000000..27801778 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.json.bin @@ -0,0 +1,76 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "affects": [ + { + "ref": "urn:cdx:bom23/1#comp42", + "versions": [ + { + "status": "affected", + "version": "1.33.7+AFFECTED" + }, + { + "status": "unaffected", + "version": "1.33.7+UNAFFECTED" + }, + { + "status": "unknown", + "version": "1.33.7+UNKNOWN" + } + ] + } + ], + "bom-ref": "dummy", + "id": "dummy" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.xml.bin new file mode 100644 index 00000000..3997fd6f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.xml.bin @@ -0,0 +1,63 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + urn:cdx:bom23/1#comp42 + + + 1.33.7+AFFECTED + affected + + + 1.33.7+UNAFFECTED + unaffected + + + 1.33.7+UNKNOWN + unknown + + + + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.0.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.1.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.json.bin new file mode 100644 index 00000000..1165e037 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.xml.bin new file mode 100644 index 00000000..bc36ede0 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.json.bin new file mode 100644 index 00000000..bc1a579f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.xml.bin new file mode 100644 index 00000000..1ebd391f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.json.bin new file mode 100644 index 00000000..01ad7978 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.json.bin @@ -0,0 +1,116 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "analysis": { + "justification": "code_not_present" + }, + "bom-ref": "vuln-with-CODE_NOT_PRESENT", + "id": "vuln-with-CODE_NOT_PRESENT" + }, + { + "analysis": { + "justification": "code_not_reachable" + }, + "bom-ref": "vuln-with-CODE_NOT_REACHABLE", + "id": "vuln-with-CODE_NOT_REACHABLE" + }, + { + "analysis": { + "justification": "protected_at_perimeter" + }, + "bom-ref": "vuln-with-PROTECTED_AT_PERIMITER", + "id": "vuln-with-PROTECTED_AT_PERIMITER" + }, + { + "analysis": { + "justification": "protected_at_runtime" + }, + "bom-ref": "vuln-with-PROTECTED_AT_RUNTIME", + "id": "vuln-with-PROTECTED_AT_RUNTIME" + }, + { + "analysis": { + "justification": "protected_by_compiler" + }, + "bom-ref": "vuln-with-PROTECTED_BY_COMPILER", + "id": "vuln-with-PROTECTED_BY_COMPILER" + }, + { + "analysis": { + "justification": "protected_by_mitigating_control" + }, + "bom-ref": "vuln-with-PROTECTED_BY_MITIGATING_CONTROL", + "id": "vuln-with-PROTECTED_BY_MITIGATING_CONTROL" + }, + { + "analysis": { + "justification": "requires_configuration" + }, + "bom-ref": "vuln-with-REQUIRES_CONFIGURATION", + "id": "vuln-with-REQUIRES_CONFIGURATION" + }, + { + "analysis": { + "justification": "requires_dependency" + }, + "bom-ref": "vuln-with-REQUIRES_DEPENDENCY", + "id": "vuln-with-REQUIRES_DEPENDENCY" + }, + { + "analysis": { + "justification": "requires_environment" + }, + "bom-ref": "vuln-with-REQUIRES_ENVIRONMENT", + "id": "vuln-with-REQUIRES_ENVIRONMENT" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.xml.bin new file mode 100644 index 00000000..ff782f19 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.xml.bin @@ -0,0 +1,95 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + vuln-with-CODE_NOT_PRESENT + + code_not_present + + + + vuln-with-CODE_NOT_REACHABLE + + code_not_reachable + + + + vuln-with-PROTECTED_AT_PERIMITER + + protected_at_perimeter + + + + vuln-with-PROTECTED_AT_RUNTIME + + protected_at_runtime + + + + vuln-with-PROTECTED_BY_COMPILER + + protected_by_compiler + + + + vuln-with-PROTECTED_BY_MITIGATING_CONTROL + + protected_by_mitigating_control + + + + vuln-with-REQUIRES_CONFIGURATION + + requires_configuration + + + + vuln-with-REQUIRES_DEPENDENCY + + requires_dependency + + + + vuln-with-REQUIRES_ENVIRONMENT + + requires_environment + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.json.bin new file mode 100644 index 00000000..1d9d033c --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.json.bin @@ -0,0 +1,116 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "analysis": { + "justification": "code_not_present" + }, + "bom-ref": "vuln-with-CODE_NOT_PRESENT", + "id": "vuln-with-CODE_NOT_PRESENT" + }, + { + "analysis": { + "justification": "code_not_reachable" + }, + "bom-ref": "vuln-with-CODE_NOT_REACHABLE", + "id": "vuln-with-CODE_NOT_REACHABLE" + }, + { + "analysis": { + "justification": "protected_at_perimeter" + }, + "bom-ref": "vuln-with-PROTECTED_AT_PERIMITER", + "id": "vuln-with-PROTECTED_AT_PERIMITER" + }, + { + "analysis": { + "justification": "protected_at_runtime" + }, + "bom-ref": "vuln-with-PROTECTED_AT_RUNTIME", + "id": "vuln-with-PROTECTED_AT_RUNTIME" + }, + { + "analysis": { + "justification": "protected_by_compiler" + }, + "bom-ref": "vuln-with-PROTECTED_BY_COMPILER", + "id": "vuln-with-PROTECTED_BY_COMPILER" + }, + { + "analysis": { + "justification": "protected_by_mitigating_control" + }, + "bom-ref": "vuln-with-PROTECTED_BY_MITIGATING_CONTROL", + "id": "vuln-with-PROTECTED_BY_MITIGATING_CONTROL" + }, + { + "analysis": { + "justification": "requires_configuration" + }, + "bom-ref": "vuln-with-REQUIRES_CONFIGURATION", + "id": "vuln-with-REQUIRES_CONFIGURATION" + }, + { + "analysis": { + "justification": "requires_dependency" + }, + "bom-ref": "vuln-with-REQUIRES_DEPENDENCY", + "id": "vuln-with-REQUIRES_DEPENDENCY" + }, + { + "analysis": { + "justification": "requires_environment" + }, + "bom-ref": "vuln-with-REQUIRES_ENVIRONMENT", + "id": "vuln-with-REQUIRES_ENVIRONMENT" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.xml.bin new file mode 100644 index 00000000..a904a0f8 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.xml.bin @@ -0,0 +1,95 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + vuln-with-CODE_NOT_PRESENT + + code_not_present + + + + vuln-with-CODE_NOT_REACHABLE + + code_not_reachable + + + + vuln-with-PROTECTED_AT_PERIMITER + + protected_at_perimeter + + + + vuln-with-PROTECTED_AT_RUNTIME + + protected_at_runtime + + + + vuln-with-PROTECTED_BY_COMPILER + + protected_by_compiler + + + + vuln-with-PROTECTED_BY_MITIGATING_CONTROL + + protected_by_mitigating_control + + + + vuln-with-REQUIRES_CONFIGURATION + + requires_configuration + + + + vuln-with-REQUIRES_DEPENDENCY + + requires_dependency + + + + vuln-with-REQUIRES_ENVIRONMENT + + requires_environment + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.0.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.1.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.json.bin new file mode 100644 index 00000000..1165e037 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.xml.bin new file mode 100644 index 00000000..bc36ede0 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.json.bin new file mode 100644 index 00000000..bc1a579f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.xml.bin new file mode 100644 index 00000000..1ebd391f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.json.bin new file mode 100644 index 00000000..2eb942a0 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.json.bin @@ -0,0 +1,66 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "analysis": { + "response": [ + "can_not_fix", + "rollback", + "update", + "will_not_fix", + "workaround_available" + ] + }, + "bom-ref": "dummy", + "id": "dummy" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.xml.bin new file mode 100644 index 00000000..4c23116c --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.xml.bin @@ -0,0 +1,53 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + can_not_fix + rollback + update + will_not_fix + workaround_available + + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.json.bin new file mode 100644 index 00000000..7669e03b --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.json.bin @@ -0,0 +1,66 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "analysis": { + "response": [ + "can_not_fix", + "rollback", + "update", + "will_not_fix", + "workaround_available" + ] + }, + "bom-ref": "dummy", + "id": "dummy" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.xml.bin new file mode 100644 index 00000000..4f497a06 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.xml.bin @@ -0,0 +1,53 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + can_not_fix + rollback + update + will_not_fix + workaround_available + + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.0.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.1.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.json.bin new file mode 100644 index 00000000..1165e037 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.xml.bin new file mode 100644 index 00000000..bc36ede0 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.json.bin new file mode 100644 index 00000000..bc1a579f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.xml.bin new file mode 100644 index 00000000..1ebd391f --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.json.bin new file mode 100644 index 00000000..a29f5164 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.json.bin @@ -0,0 +1,95 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "analysis": { + "state": "exploitable" + }, + "bom-ref": "vuln-wit-state-EXPLOITABLE", + "id": "vuln-wit-state-EXPLOITABLE" + }, + { + "analysis": { + "state": "false_positive" + }, + "bom-ref": "vuln-wit-state-FALSE_POSITIVE", + "id": "vuln-wit-state-FALSE_POSITIVE" + }, + { + "analysis": { + "state": "in_triage" + }, + "bom-ref": "vuln-wit-state-IN_TRIAGE", + "id": "vuln-wit-state-IN_TRIAGE" + }, + { + "analysis": { + "state": "not_affected" + }, + "bom-ref": "vuln-wit-state-NOT_AFFECTED", + "id": "vuln-wit-state-NOT_AFFECTED" + }, + { + "analysis": { + "state": "resolved" + }, + "bom-ref": "vuln-wit-state-RESOLVED", + "id": "vuln-wit-state-RESOLVED" + }, + { + "analysis": { + "state": "resolved_with_pedigree" + }, + "bom-ref": "vuln-wit-state-RESOLVED_WITH_PEDIGREE", + "id": "vuln-wit-state-RESOLVED_WITH_PEDIGREE" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.xml.bin new file mode 100644 index 00000000..8381c7c3 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.xml.bin @@ -0,0 +1,77 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + vuln-wit-state-EXPLOITABLE + + exploitable + + + + vuln-wit-state-FALSE_POSITIVE + + false_positive + + + + vuln-wit-state-IN_TRIAGE + + in_triage + + + + vuln-wit-state-NOT_AFFECTED + + not_affected + + + + vuln-wit-state-RESOLVED + + resolved + + + + vuln-wit-state-RESOLVED_WITH_PEDIGREE + + resolved_with_pedigree + + + + diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.json.bin new file mode 100644 index 00000000..7c1492a3 --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.json.bin @@ -0,0 +1,95 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "analysis": { + "state": "exploitable" + }, + "bom-ref": "vuln-wit-state-EXPLOITABLE", + "id": "vuln-wit-state-EXPLOITABLE" + }, + { + "analysis": { + "state": "false_positive" + }, + "bom-ref": "vuln-wit-state-FALSE_POSITIVE", + "id": "vuln-wit-state-FALSE_POSITIVE" + }, + { + "analysis": { + "state": "in_triage" + }, + "bom-ref": "vuln-wit-state-IN_TRIAGE", + "id": "vuln-wit-state-IN_TRIAGE" + }, + { + "analysis": { + "state": "not_affected" + }, + "bom-ref": "vuln-wit-state-NOT_AFFECTED", + "id": "vuln-wit-state-NOT_AFFECTED" + }, + { + "analysis": { + "state": "resolved" + }, + "bom-ref": "vuln-wit-state-RESOLVED", + "id": "vuln-wit-state-RESOLVED" + }, + { + "analysis": { + "state": "resolved_with_pedigree" + }, + "bom-ref": "vuln-wit-state-RESOLVED_WITH_PEDIGREE", + "id": "vuln-wit-state-RESOLVED_WITH_PEDIGREE" + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.xml.bin new file mode 100644 index 00000000..336bb97b --- /dev/null +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.xml.bin @@ -0,0 +1,77 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + vuln-wit-state-EXPLOITABLE + + exploitable + + + + vuln-wit-state-FALSE_POSITIVE + + false_positive + + + + vuln-wit-state-IN_TRIAGE + + in_triage + + + + vuln-wit-state-NOT_AFFECTED + + not_affected + + + + vuln-wit-state-RESOLVED + + resolved + + + + vuln-wit-state-RESOLVED_WITH_PEDIGREE + + resolved_with_pedigree + + + + diff --git a/tests/_data/snapshots/enum_IssueClassification-1.0.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.0.xml.bin new file mode 100644 index 00000000..068b881e --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.0.xml.bin @@ -0,0 +1,10 @@ + + + + + dummy + + false + + + diff --git a/tests/_data/snapshots/enum_IssueClassification-1.1.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.1.xml.bin new file mode 100644 index 00000000..4eeb006c --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.1.xml.bin @@ -0,0 +1,10 @@ + + + + + dummy + + + + + diff --git a/tests/_data/snapshots/enum_IssueClassification-1.2.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.2.json.bin new file mode 100644 index 00000000..68199f61 --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.2.json.bin @@ -0,0 +1,51 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "resolves": [ + { + "id": "issue-DEFECT", + "type": "defect" + }, + { + "id": "issue-ENHANCEMENT", + "type": "enhancement" + }, + { + "id": "issue-SECURITY", + "type": "security" + } + ], + "type": "backport" + } + ] + }, + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_IssueClassification-1.2.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.2.xml.bin new file mode 100644 index 00000000..60c4b014 --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.2.xml.bin @@ -0,0 +1,39 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + + + + issue-DEFECT + + + issue-ENHANCEMENT + + + issue-SECURITY + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_IssueClassification-1.3.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.3.json.bin new file mode 100644 index 00000000..f395fcc3 --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.3.json.bin @@ -0,0 +1,51 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "resolves": [ + { + "id": "issue-DEFECT", + "type": "defect" + }, + { + "id": "issue-ENHANCEMENT", + "type": "enhancement" + }, + { + "id": "issue-SECURITY", + "type": "security" + } + ], + "type": "backport" + } + ] + }, + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_IssueClassification-1.3.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.3.xml.bin new file mode 100644 index 00000000..2ad56112 --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.3.xml.bin @@ -0,0 +1,39 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + + + + issue-DEFECT + + + issue-ENHANCEMENT + + + issue-SECURITY + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_IssueClassification-1.4.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.4.json.bin new file mode 100644 index 00000000..6ef1294b --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.4.json.bin @@ -0,0 +1,84 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "resolves": [ + { + "id": "issue-DEFECT", + "type": "defect" + }, + { + "id": "issue-ENHANCEMENT", + "type": "enhancement" + }, + { + "id": "issue-SECURITY", + "type": "security" + } + ], + "type": "backport" + } + ] + }, + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_IssueClassification-1.4.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.4.xml.bin new file mode 100644 index 00000000..51e549ff --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.4.xml.bin @@ -0,0 +1,64 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + + + + issue-DEFECT + + + issue-ENHANCEMENT + + + issue-SECURITY + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_IssueClassification-1.5.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.5.json.bin new file mode 100644 index 00000000..1cd8949b --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.5.json.bin @@ -0,0 +1,84 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "resolves": [ + { + "id": "issue-DEFECT", + "type": "defect" + }, + { + "id": "issue-ENHANCEMENT", + "type": "enhancement" + }, + { + "id": "issue-SECURITY", + "type": "security" + } + ], + "type": "backport" + } + ] + }, + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_IssueClassification-1.5.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.5.xml.bin new file mode 100644 index 00000000..99324a7d --- /dev/null +++ b/tests/_data/snapshots/enum_IssueClassification-1.5.xml.bin @@ -0,0 +1,64 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + + + + issue-DEFECT + + + issue-ENHANCEMENT + + + issue-SECURITY + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_PatchClassification-1.0.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.0.xml.bin new file mode 100644 index 00000000..068b881e --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.0.xml.bin @@ -0,0 +1,10 @@ + + + + + dummy + + false + + + diff --git a/tests/_data/snapshots/enum_PatchClassification-1.1.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.1.xml.bin new file mode 100644 index 00000000..4eeb006c --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.1.xml.bin @@ -0,0 +1,10 @@ + + + + + dummy + + + + + diff --git a/tests/_data/snapshots/enum_PatchClassification-1.2.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.2.json.bin new file mode 100644 index 00000000..c53033f9 --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.2.json.bin @@ -0,0 +1,46 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "type": "backport" + }, + { + "type": "cherry-pick" + }, + { + "type": "monkey" + }, + { + "type": "unofficial" + } + ] + }, + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_PatchClassification-1.2.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.2.xml.bin new file mode 100644 index 00000000..c8d05cef --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.2.xml.bin @@ -0,0 +1,30 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_PatchClassification-1.3.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.3.json.bin new file mode 100644 index 00000000..ac18529a --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.3.json.bin @@ -0,0 +1,46 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "type": "backport" + }, + { + "type": "cherry-pick" + }, + { + "type": "monkey" + }, + { + "type": "unofficial" + } + ] + }, + "type": "library", + "version": "" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_PatchClassification-1.3.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.3.xml.bin new file mode 100644 index 00000000..adcc029a --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.3.xml.bin @@ -0,0 +1,30 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + + + dummy + + + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_PatchClassification-1.4.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.4.json.bin new file mode 100644 index 00000000..9a4ab330 --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.4.json.bin @@ -0,0 +1,79 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "type": "backport" + }, + { + "type": "cherry-pick" + }, + { + "type": "monkey" + }, + { + "type": "unofficial" + } + ] + }, + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_PatchClassification-1.4.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.4.xml.bin new file mode 100644 index 00000000..43f6406d --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.4.xml.bin @@ -0,0 +1,55 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_PatchClassification-1.5.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.5.json.bin new file mode 100644 index 00000000..71463382 --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.5.json.bin @@ -0,0 +1,79 @@ +{ + "components": [ + { + "bom-ref": "dummy", + "name": "dummy", + "pedigree": { + "patches": [ + { + "type": "backport" + }, + { + "type": "cherry-pick" + }, + { + "type": "monkey" + }, + { + "type": "unofficial" + } + ] + }, + "type": "library" + } + ], + "dependencies": [ + { + "ref": "dummy" + } + ], + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_PatchClassification-1.5.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.5.xml.bin new file mode 100644 index 00000000..5fcc6ab8 --- /dev/null +++ b/tests/_data/snapshots/enum_PatchClassification-1.5.xml.bin @@ -0,0 +1,55 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + + + + + + + + + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.0.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.1.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.json.bin new file mode 100644 index 00000000..1165e037 --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.xml.bin new file mode 100644 index 00000000..bc36ede0 --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.json.bin new file mode 100644 index 00000000..bc1a579f --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.xml.bin new file mode 100644 index 00000000..1ebd391f --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.json.bin new file mode 100644 index 00000000..e2662069 --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.json.bin @@ -0,0 +1,80 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "bom-ref": "dummy", + "id": "dummy", + "ratings": [ + { + "method": "CVSSv2" + }, + { + "method": "CVSSv3" + }, + { + "method": "CVSSv31" + }, + { + "method": "other" + }, + { + "method": "OWASP" + }, + { + "method": "other" + }, + { + "method": "other" + } + ] + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.xml.bin new file mode 100644 index 00000000..f3854c0d --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.xml.bin @@ -0,0 +1,67 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + CVSSv2 + + + CVSSv3 + + + CVSSv31 + + + other + + + OWASP + + + other + + + other + + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.json.bin new file mode 100644 index 00000000..cc05811f --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.json.bin @@ -0,0 +1,80 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "bom-ref": "dummy", + "id": "dummy", + "ratings": [ + { + "method": "CVSSv2" + }, + { + "method": "CVSSv3" + }, + { + "method": "CVSSv31" + }, + { + "method": "CVSSv4" + }, + { + "method": "OWASP" + }, + { + "method": "SSVC" + }, + { + "method": "other" + } + ] + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.xml.bin new file mode 100644 index 00000000..b2bec3ac --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.xml.bin @@ -0,0 +1,67 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + CVSSv2 + + + CVSSv3 + + + CVSSv31 + + + CVSSv4 + + + OWASP + + + SSVC + + + other + + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.0.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.1.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.json.bin new file mode 100644 index 00000000..1165e037 --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.xml.bin new file mode 100644 index 00000000..bc36ede0 --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.json.bin new file mode 100644 index 00000000..bc1a579f --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.json.bin @@ -0,0 +1,17 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.xml.bin new file mode 100644 index 00000000..1ebd391f --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.json.bin new file mode 100644 index 00000000..cb84c64f --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.json.bin @@ -0,0 +1,80 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "bom-ref": "dummy", + "id": "dummy", + "ratings": [ + { + "severity": "critical" + }, + { + "severity": "high" + }, + { + "severity": "info" + }, + { + "severity": "low" + }, + { + "severity": "medium" + }, + { + "severity": "none" + }, + { + "severity": "unknown" + } + ] + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.xml.bin new file mode 100644 index 00000000..7b169e4a --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.xml.bin @@ -0,0 +1,67 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + critical + + + high + + + info + + + low + + + medium + + + none + + + unknown + + + + + diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.json.bin new file mode 100644 index 00000000..3b73d89f --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.json.bin @@ -0,0 +1,80 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "vulnerabilities": [ + { + "bom-ref": "dummy", + "id": "dummy", + "ratings": [ + { + "severity": "critical" + }, + { + "severity": "high" + }, + { + "severity": "info" + }, + { + "severity": "low" + }, + { + "severity": "medium" + }, + { + "severity": "none" + }, + { + "severity": "unknown" + } + ] + } + ], + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.xml.bin new file mode 100644 index 00000000..7d50f5ea --- /dev/null +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.xml.bin @@ -0,0 +1,67 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + + + + dummy + + + critical + + + high + + + info + + + low + + + medium + + + none + + + unknown + + + + + diff --git a/tests/test_enums.py b/tests/test_enums.py new file mode 100644 index 00000000..958e2138 --- /dev/null +++ b/tests/test_enums.py @@ -0,0 +1,500 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +from enum import Enum +from itertools import chain +from json import load as json_load +from typing import Any, Generator, Iterable, Tuple, Type +from unittest import TestCase +from unittest.mock import patch +from warnings import warn +from xml.etree.ElementTree import parse as xml_parse # nosec B405 + +from ddt import ddt, idata, named_data + +from cyclonedx.exception import MissingOptionalDependencyException +from cyclonedx.exception.serialization import SerializationOfUnsupportedComponentTypeException +from cyclonedx.model import AttachedText, ExternalReference, HashType, XsUri +from cyclonedx.model.bom import Bom +from cyclonedx.model.component import Component, Patch, Pedigree +from cyclonedx.model.issue import IssueType +from cyclonedx.model.license import DisjunctiveLicense +from cyclonedx.model.service import DataClassification, Service +from cyclonedx.model.vulnerability import ( + BomTarget, + BomTargetVersionRange, + Vulnerability, + VulnerabilityAnalysis, + VulnerabilityRating, +) +from cyclonedx.output import make_outputter +from cyclonedx.schema import OutputFormat, SchemaVersion +from cyclonedx.schema._res import BOM_JSON as SCHEMA_JSON, BOM_XML as SCHEMA_XML +from cyclonedx.validation import make_schemabased_validator +from tests import SnapshotMixin, uuid_generator +from tests._data.models import _make_bom + +# region SUT: all the enums + +from cyclonedx.model import ( # isort:skip + DataFlow, + Encoding, + ExternalReferenceType, + HashAlgorithm, +) +from cyclonedx.model.component import ( # isort:skip + ComponentScope, + ComponentType, + PatchClassification, +) +from cyclonedx.model.impact_analysis import ( # isort:skip + ImpactAnalysisAffectedStatus, + ImpactAnalysisJustification, + ImpactAnalysisResponse, + ImpactAnalysisState, +) +from cyclonedx.model.issue import ( # isort:skip + IssueClassification, +) +from cyclonedx.model.vulnerability import ( # isort:skip + VulnerabilityScoreSource, + VulnerabilitySeverity, +) + +# endregion SUT + + +SCHEMA_NS = '{http://www.w3.org/2001/XMLSchema}' + + +def dp_cases_from_xml_schema(sf: str, xpath: str) -> Generator[str, None, None]: + for el in xml_parse(sf).iterfind(f'{xpath}/{SCHEMA_NS}restriction/{SCHEMA_NS}enumeration'): # nosec B314 + yield el.get('value') + + +def dp_cases_from_xml_schemas(xpath: str) -> Generator[str, None, None]: + for sf in SCHEMA_XML.values(): + if sf is None: + continue + yield from dp_cases_from_xml_schema(sf, xpath) + + +def dp_cases_from_json_schema(sf: str, jsonpointer: Iterable[str]) -> Generator[str, None, None]: + with open(sf) as sfh: + data = json_load(sfh) + try: + for pp in jsonpointer: + data = data[pp] + except KeyError: + return + for value in data['enum']: + yield value + + +def dp_cases_from_json_schemas(*jsonpointer: str) -> Generator[str, None, None]: + for sf in SCHEMA_JSON.values(): + if sf is None: + continue + yield from dp_cases_from_json_schema(sf, jsonpointer) + + +UNSUPPORTED_OF_SV = frozenset([ + (OutputFormat.JSON, SchemaVersion.V1_1), + (OutputFormat.JSON, SchemaVersion.V1_0), +]) + +NAMED_OF_SV = tuple( + (f'{of.name}-{sv.to_version()}', of, sv) + for of in OutputFormat + for sv in SchemaVersion + if (of, sv) not in UNSUPPORTED_OF_SV +) + + +class _EnumTestCase(TestCase, SnapshotMixin): + + def _test_knows_value(self, enum: Type[Enum], value: str) -> None: + ec = enum(value) # throws valueError if value unknown + self.assertTrue(ec.name) # TODO test for an expected name + + @staticmethod + def __str_rmp(s: str, p: str) -> str: + # str.removeprefix() for all py versions + pl = len(p) + return s[pl:] if s[:pl] == p else s + + def _test_cases_render(self, bom: Bom, of: OutputFormat, sv: SchemaVersion) -> None: + snapshot_name = f'enum_{self.__str_rmp(type(self).__name__, "TestEnum")}-{sv.to_version()}.{of.name.lower()}' + + output = make_outputter(bom, of, sv).output_as_string(indent=2) + + try: + validation_errors = make_schemabased_validator(of, sv).validate_str(output) + except MissingOptionalDependencyException: + warn('!!! skipped schema validation', + category=UserWarning, stacklevel=0) + else: + self.assertIsNone(validation_errors) + + self.assertEqualSnapshot(output, snapshot_name) + + +@ddt +class TestEnumDataFlow(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='dataFlowType']"), + dp_cases_from_json_schemas('definitions', 'dataFlowDirection'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(DataFlow, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(services=[Service(name='dummy', bom_ref='dummy', data=( + DataClassification(flow=df, classification=df.name) + for df in DataFlow + ))]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumEncoding(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='encoding']"), + dp_cases_from_json_schemas('definitions', 'attachment', 'properties', 'encoding'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(Encoding, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(components=[Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', licenses=( + DisjunctiveLicense(name=f'att.encoding: {encoding.name}', text=AttachedText( + content=f'att.encoding: {encoding.name}', encoding=encoding + )) for encoding in Encoding + ))]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumExternalReferenceType(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='externalReferenceType']"), + dp_cases_from_json_schemas('definitions', 'externalReference', 'properties', 'type'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(ExternalReferenceType, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(components=[ + Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', external_references=( + ExternalReference(type=extref, url=XsUri(f'tests/{extref.name}')) + for extref in ExternalReferenceType + )) + ]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumHashAlgorithm(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='hashAlg']"), + dp_cases_from_json_schemas('definitions', 'hash-alg'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(HashAlgorithm, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(components=[Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', hashes=( + HashType(alg=alg, content='ae2b1fca515949e5d54fb22b8ed95575') + for alg in HashAlgorithm + ))]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumComponentScope(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='scope']"), + dp_cases_from_json_schemas('definitions', 'component', 'properties', 'scope'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(ComponentScope, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(components=( + Component(bom_ref=f'scoped-{scope.name}', name=f'dummy-{scope.name}', + type=ComponentType.LIBRARY, scope=scope) + for scope in ComponentScope + )) + super()._test_cases_render(bom, of, sv) + + +class _DP_ComponentType(): # noqa: N801 + XML_SCHEMA_XPATH = f"./{SCHEMA_NS}simpleType[@name='classification']" + JSON_SCHEMA_POINTER = ('definitions', 'component', 'properties', 'type') + + @classmethod + def unsupported_cases(cls) -> Generator[Tuple[str, OutputFormat, SchemaVersion, ComponentType], None, None]: + for name, of, sv in NAMED_OF_SV: + if OutputFormat.XML is of: + schema_cases = set(dp_cases_from_xml_schema(SCHEMA_XML[sv], cls.XML_SCHEMA_XPATH)) + elif OutputFormat.JSON is of: + schema_cases = set(dp_cases_from_json_schema(SCHEMA_JSON[sv], cls.JSON_SCHEMA_POINTER)) + else: + raise ValueError(f'unexpected of: {of!r}') + for ct in ComponentType: + if ct.value not in schema_cases: + yield f'{name}-{ct.name}', of, sv, ct + + +@ddt +class TestEnumComponentType(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(_DP_ComponentType.XML_SCHEMA_XPATH), + dp_cases_from_json_schemas(*_DP_ComponentType.JSON_SCHEMA_POINTER), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(ComponentType, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + if OutputFormat.XML is of: + schema_cases = set(dp_cases_from_xml_schema(SCHEMA_XML[sv], _DP_ComponentType.XML_SCHEMA_XPATH)) + elif OutputFormat.JSON is of: + schema_cases = set(dp_cases_from_json_schema(SCHEMA_JSON[sv], _DP_ComponentType.JSON_SCHEMA_POINTER)) + else: + raise ValueError(f'unexpected of: {of!r}') + bom = _make_bom(components=( + Component(bom_ref=f'typed-{ct.name}', name=f'dummy {ct.name}', type=ct) + for ct in ComponentType + if ct.value in schema_cases + )) + super()._test_cases_render(bom, of, sv) + + @named_data(*_DP_ComponentType.unsupported_cases()) + def test_cases_render_raises_on_unsupported(self, of: OutputFormat, sv: SchemaVersion, + ct: ComponentType, + *_: Any, **__: Any) -> None: + bom = _make_bom(components=[ + Component(bom_ref=f'typed-{ct.name}', name=f'dummy {ct.name}', type=ct) + ]) + with self.assertRaises(SerializationOfUnsupportedComponentTypeException): + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumPatchClassification(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='patchClassification']"), + dp_cases_from_json_schemas('definitions', 'patch', 'properties', 'type'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(PatchClassification, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(components=[ + Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', pedigree=Pedigree(patches=( + Patch(type=pc) + for pc in PatchClassification + ))) + ]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumImpactAnalysisAffectedStatus(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='impactAnalysisAffectedStatusType']"), + dp_cases_from_json_schemas('definitions', 'affectedStatus'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(ImpactAnalysisAffectedStatus, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(vulnerabilities=[Vulnerability( + bom_ref='dummy', id='dummy', affects=[BomTarget(ref='urn:cdx:bom23/1#comp42', versions=( + BomTargetVersionRange(version=f'1.33.7+{iaas.name}', status=iaas) + for iaas in ImpactAnalysisAffectedStatus + ))] + )]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumImpactAnalysisJustification(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='impactAnalysisJustificationType']"), + dp_cases_from_json_schemas('definitions', 'impactAnalysisJustification'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(ImpactAnalysisJustification, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(vulnerabilities=( + Vulnerability( + bom_ref=f'vuln-with-{iaj.name}', id=f'vuln-with-{iaj.name}', + analysis=VulnerabilityAnalysis(justification=iaj) + ) for iaj in ImpactAnalysisJustification + )) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumImpactAnalysisResponse(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='impactAnalysisResponsesType']"), + dp_cases_from_json_schemas('definitions', 'vulnerability', 'properties', 'analysis', 'properties', 'response', + 'items'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(ImpactAnalysisResponse, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(vulnerabilities=[Vulnerability( + bom_ref='dummy', id='dummy', + analysis=VulnerabilityAnalysis(responses=( + iar for iar in ImpactAnalysisResponse + )) + )]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumImpactAnalysisState(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='impactAnalysisStateType']"), + dp_cases_from_json_schemas('definitions', 'impactAnalysisState'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(ImpactAnalysisState, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(vulnerabilities=( + Vulnerability( + bom_ref=f'vuln-wit-state-{ias.name}', id=f'vuln-wit-state-{ias.name}', + analysis=VulnerabilityAnalysis(state=ias) + ) for ias in ImpactAnalysisState + )) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumIssueClassification(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='issueClassification']"), + dp_cases_from_json_schemas('definitions', 'issue', 'properties', 'type'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(IssueClassification, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(components=[ + Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', pedigree=Pedigree(patches=[ + Patch(type=PatchClassification.BACKPORT, resolves=( + IssueType(type=ic, id=f'issue-{ic.name}') + for ic in IssueClassification + )) + ])) + ]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumVulnerabilityScoreSource(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='scoreSourceType']"), + dp_cases_from_json_schemas('definitions', 'scoreMethod'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(VulnerabilityScoreSource, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(vulnerabilities=[Vulnerability(bom_ref='dummy', id='dummy', ratings=( + VulnerabilityRating(method=vss) + for vss in VulnerabilityScoreSource + ))]) + super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumVulnerabilitySeverity(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='severityType']"), + dp_cases_from_json_schemas('definitions', 'severity'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(VulnerabilitySeverity, value) + + @named_data(*NAMED_OF_SV) + @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.model.bom_ref.uuid4', side_effect=uuid_generator(0, version=4)) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(vulnerabilities=[Vulnerability(bom_ref='dummy', id='dummy', ratings=( + VulnerabilityRating(severity=vs) + for vs in VulnerabilitySeverity + ))]) + super()._test_cases_render(bom, of, sv) diff --git a/tests/test_model_vulnerability.py b/tests/test_model_vulnerability.py index 50a6c03f..fb10d82e 100644 --- a/tests/test_model_vulnerability.py +++ b/tests/test_model_vulnerability.py @@ -156,12 +156,6 @@ def test_v_source_get_localised_vector_owasp_3(self) -> None: 'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N' ) - def test_v_source_get_localised_vector_other_1(self) -> None: - self.assertEqual( - VulnerabilityScoreSource.OPEN_FAIR.get_localised_vector(vector='SOMETHING_OR_OTHER'), - 'SOMETHING_OR_OTHER' - ) - def test_v_source_get_localised_vector_other_2(self) -> None: self.assertEqual( VulnerabilityScoreSource.OTHER.get_localised_vector(vector='SOMETHING_OR_OTHER'), diff --git a/tests/test_output_json.py b/tests/test_output_json.py index 259b55d4..1c90ae00 100644 --- a/tests/test_output_json.py +++ b/tests/test_output_json.py @@ -20,6 +20,7 @@ from typing import Any, Callable from unittest import TestCase from unittest.mock import Mock, patch +from warnings import warn from ddt import data, ddt, idata, named_data, unpack @@ -61,8 +62,10 @@ def test_valid(self, get_bom: Callable[[], Bom], sv: SchemaVersion, *_: Any, **_ try: errors = JsonStrictValidator(sv).validate_str(json) except MissingOptionalDependencyException: - errors = None # skipped validation - self.assertIsNone(errors) + warn('!!! skipped schema validation', + category=UserWarning, stacklevel=0) + else: + self.assertIsNone(errors) self.assertEqualSnapshot(json, snapshot_name) @named_data(*((f'{n}-{sv.to_version()}', gb, sv) diff --git a/tests/test_output_xml.py b/tests/test_output_xml.py index 88aae932..a17df084 100644 --- a/tests/test_output_xml.py +++ b/tests/test_output_xml.py @@ -19,6 +19,7 @@ from typing import Any, Callable from unittest import TestCase from unittest.mock import Mock, patch +from warnings import warn from ddt import ddt, idata, named_data, unpack @@ -48,8 +49,10 @@ def test_valid(self, get_bom: Callable[[], Bom], sv: SchemaVersion, *_: Any, **_ try: errors = XmlValidator(sv).validate_str(xml) except MissingOptionalDependencyException: - errors = None # skipped validation - self.assertIsNone(errors) + warn('!!! skipped schema validation', + category=UserWarning, stacklevel=0) + else: + self.assertIsNone(errors) self.assertEqualSnapshot(xml, snapshot_name) @named_data(*(