Skip to content

Commit

Permalink
complete tests in XML for #155
Browse files Browse the repository at this point in the history 
Signed-off-by: Paul Horton <[email protected]>
  • Loading branch information
@madpah
madpah committed Feb 2, 2022
1 parent d2f8ebe commit 100dd51
Show file tree
Hide file tree
Showing 7 changed files with 357 additions and 24 deletions.
6 changes: 6 additions & 0 deletions cyclonedx/output/schema.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,9 @@ def component_supports_swid(self) -> bool:
def component_supports_pedigree(self) -> bool:
return True

def pedigree_supports_patches(self) -> bool:
return True

def component_supports_external_references(self) -> bool:
return True

Expand Down Expand Up @@ -184,6 +187,9 @@ def bom_supports_services(self) -> bool:
def services_supports_properties(self) -> bool:
return False

def pedigree_supports_patches(self) -> bool:
return False

def services_supports_release_notes(self) -> bool:
return False

Expand Down
2 changes: 1 addition & 1 deletion cyclonedx/output/xml.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -267,7 +267,7 @@ def _add_component_element(self, component: Component) -> ElementTree.Element:
))
if commit.message:
ElementTree.SubElement(commit_element, 'message').text = commit.message
if component.pedigree.patches:
if self.pedigree_supports_patches() and component.pedigree.patches:
patches_element = ElementTree.SubElement(pedigree_element, 'patches')
for patch in component.pedigree.patches:
patches_element.append(Xml.add_patch_element(patch=patch))
Expand Down
12 changes: 12 additions & 0 deletions tests/fixtures/xml/1.0/bom_setuptools_complete.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.0" version="1">
<components>
<component type="library">
<name>setuptools</name>
<version>50.3.2</version>
<cpe>cpe:2.3:a:python:setuptools:50.3.2:*:*:*:*:*:*:*</cpe>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<modified>false</modified>
</component>
</components>
</bom>
89 changes: 89 additions & 0 deletions tests/fixtures/xml/1.1/bom_setuptools_complete.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
<?xml version="1.0" encoding="UTF-8"?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.1" version="1">
<components>
<component type="library" bom-ref="pkg:pypi/[email protected]?extension=tar.gz">
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<cpe>cpe:2.3:a:python:setuptools:50.3.2:*:*:*:*:*:*:*</cpe>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<pedigree>
<ancestors>
<component type="library" bom-ref="ccc8d7ee-4b9c-4750-aee0-a72585152291">
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
</component>
<component type="library" bom-ref="8a3893b3-9923-4adb-a1d3-47456636ba0a">
<name>setuptools</name>
<version />
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/setuptools?extension=tar.gz</purl>
</component>
</ancestors>
<descendants>
<component type="library" bom-ref="28b2d8ce-def0-446f-a221-58dee0b44acc">
<name>setuptools</name>
<version />
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/setuptools?extension=tar.gz</purl>
</component>
<component type="library" bom-ref="555ca729-93c6-48f3-956e-bdaa4a2f0bfa">
<name>toml</name>
<version>0.10.2</version>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<externalReferences>
<reference type="distribution">
<url>https://cyclonedx.org</url>
<comment>No comment</comment>
</reference>
</externalReferences>
</component>
</descendants>
<variants>
<component type="library" bom-ref="e7abdcca-5ba2-4f29-b2cf-b1e1ef788e66">
<name>toml</name>
<version>0.10.2</version>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<externalReferences>
<reference type="distribution">
<url>https://cyclonedx.org</url>
<comment>No comment</comment>
</reference>
</externalReferences>
</component>
<component type="library" bom-ref="ded1d73e-1fca-4302-b520-f1bc53979958">
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
</component>
</variants>
<commits>
<commit>
<uid>a-random-uid</uid>
<message>A commit message</message>
</commit>
</commits>
<notes>Some notes here please</notes>
</pedigree>
</component>
</components>
</bom>
110 changes: 110 additions & 0 deletions tests/fixtures/xml/1.2/bom_setuptools_complete.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
<?xml version="1.0" encoding="UTF-8"?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.2" version="1">
<metadata>
<timestamp>2021-09-01T10:50:42.051979+00:00</timestamp>
<tools>
<tool>
<vendor>CycloneDX</vendor>
<name>cyclonedx-python-lib</name>
<version>VERSION</version>
</tool>
</tools>
</metadata>
<components>
<component type="library" bom-ref="pkg:pypi/[email protected]?extension=tar.gz">
<author>Test Author</author>
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<cpe>cpe:2.3:a:python:setuptools:50.3.2:*:*:*:*:*:*:*</cpe>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<swid tagId="swidgen-242eb18a-503e-ca37-393b-cf156ef09691_9.1.1" name="Test Application" version="3.4.5">
<text content-type="text/xml" encoding="base64">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==</text>
</swid>
<pedigree>
<ancestors>
<component type="library" bom-ref="ccc8d7ee-4b9c-4750-aee0-a72585152291">
<author>Test Author</author>
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
</component>
<component type="library" bom-ref="8a3893b3-9923-4adb-a1d3-47456636ba0a">
<author>Test Author</author>
<name>setuptools</name>
<version />
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/setuptools?extension=tar.gz</purl>
</component>
</ancestors>
<descendants>
<component type="library" bom-ref="28b2d8ce-def0-446f-a221-58dee0b44acc">
<author>Test Author</author>
<name>setuptools</name>
<version />
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/setuptools?extension=tar.gz</purl>
</component>
<component type="library" bom-ref="555ca729-93c6-48f3-956e-bdaa4a2f0bfa">
<name>toml</name>
<version>0.10.2</version>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<externalReferences>
<reference type="distribution">
<url>https://cyclonedx.org</url>
<comment>No comment</comment>
</reference>
</externalReferences>
</component>
</descendants>
<variants>
<component type="library" bom-ref="e7abdcca-5ba2-4f29-b2cf-b1e1ef788e66">
<name>toml</name>
<version>0.10.2</version>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<externalReferences>
<reference type="distribution">
<url>https://cyclonedx.org</url>
<comment>No comment</comment>
</reference>
</externalReferences>
</component>
<component type="library" bom-ref="ded1d73e-1fca-4302-b520-f1bc53979958">
<author>Test Author</author>
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
</component>
</variants>
<commits>
<commit>
<uid>a-random-uid</uid>
<message>A commit message</message>
</commit>
</commits>
<patches>
<patch type="backport"></patch>
</patches>
<notes>Some notes here please</notes>
</pedigree>
</component>
</components>
</bom>
116 changes: 116 additions & 0 deletions tests/fixtures/xml/1.3/bom_setuptools_complete.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
<?xml version="1.0" encoding="UTF-8"?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.3" version="1">
<metadata>
<timestamp>2021-09-01T10:50:42.051979+00:00</timestamp>
<tools>
<tool>
<vendor>CycloneDX</vendor>
<name>cyclonedx-python-lib</name>
<version>VERSION</version>
</tool>
</tools>
</metadata>
<components>
<component type="library" bom-ref="pkg:pypi/[email protected]?extension=tar.gz">
<author>Test Author</author>
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<cpe>cpe:2.3:a:python:setuptools:50.3.2:*:*:*:*:*:*:*</cpe>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<swid tagId="swidgen-242eb18a-503e-ca37-393b-cf156ef09691_9.1.1" name="Test Application" version="3.4.5">
<text content-type="text/xml" encoding="base64">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==</text>
</swid>
<pedigree>
<ancestors>
<component type="library" bom-ref="ccc8d7ee-4b9c-4750-aee0-a72585152291">
<author>Test Author</author>
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
</component>
<component type="library" bom-ref="8a3893b3-9923-4adb-a1d3-47456636ba0a">
<author>Test Author</author>
<name>setuptools</name>
<version />
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/setuptools?extension=tar.gz</purl>
</component>
</ancestors>
<descendants>
<component type="library" bom-ref="28b2d8ce-def0-446f-a221-58dee0b44acc">
<author>Test Author</author>
<name>setuptools</name>
<version />
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/setuptools?extension=tar.gz</purl>
</component>
<component type="library" bom-ref="555ca729-93c6-48f3-956e-bdaa4a2f0bfa">
<name>toml</name>
<version>0.10.2</version>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<externalReferences>
<reference type="distribution">
<url>https://cyclonedx.org</url>
<comment>No comment</comment>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
</reference>
</externalReferences>
</component>
</descendants>
<variants>
<component type="library" bom-ref="e7abdcca-5ba2-4f29-b2cf-b1e1ef788e66">
<name>toml</name>
<version>0.10.2</version>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
<externalReferences>
<reference type="distribution">
<url>https://cyclonedx.org</url>
<comment>No comment</comment>
<hashes>
<hash alg="SHA-256">806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b</hash>
</hashes>
</reference>
</externalReferences>
</component>
<component type="library" bom-ref="ded1d73e-1fca-4302-b520-f1bc53979958">
<author>Test Author</author>
<name>setuptools</name>
<version>50.3.2</version>
<licenses>
<expression>MIT License</expression>
</licenses>
<purl>pkg:pypi/[email protected]?extension=tar.gz</purl>
</component>
</variants>
<commits>
<commit>
<uid>a-random-uid</uid>
<message>A commit message</message>
</commit>
</commits>
<patches>
<patch type="backport"></patch>
</patches>
<notes>Some notes here please</notes>
</pedigree>
</component>
</components>
</bom>
Loading

0 comments on commit 100dd51

Please sign in to comment.