Cdx1.6 #318
Merged
Cdx1.6 #318
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CI/CD: Fix wrong snapshooter path. Snapshooter was incorrectly searching for snapshots under /_/ on all operating systems. This was resolved on Linux and Windows by creating a symlink to /_/ or [Drive]:/_/. However, macOS does not permit this symlink, so I have decided to skip tests on macOS for now and prioritize other issues. --- Signed-off-by: Michael Tsfoni <80639729+mtsfoni@users.noreply.github.com>
CycloneDX#265 Update to newer version of JsonSchema.Net --------- Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch>
Properties needs to be in front of Components. Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch>
Apparently, when implementing 1.5 the enum was implemented twice for two different locations. => remove one implementaion Signed-off-by: Jim Klimov <jimklimov@gmail.com>
…ing with capital letters (CycloneDX#289) Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch>
Reflects the update in the specification repo: CycloneDX/specification@4017ce4 Signed-off-by: Akshay Bhat <nodeax@gmail.com>
Fix serialization of enums VolumeMode and DataType Add test to validate SBOM after round trip --------- Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> Co-authored-by: MTsfoni <mibau89@gmail.com> Signed-off-by: MTsfoni <mibau89@gmail.com>
E.g. after downgrading a bom, tools was null, and thus a null value was written. However, an empty array was expected. Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch>
The combination of CycloneDX#246 (add testcase) and CycloneDX#286 (activate strict mode) caused this 'conflict' Signed-off-by: MTsfoni <mibau89@gmail.com>
also added roundtrip validation tests for xml Signed-off-by: MTsfoni <mibau89@gmail.com>
Signed-off-by: Michael Tsfoni <80639729+mtsfoni@users.noreply.github.com>
CVSSv3.1 was used instead of the correct CVSSv31 Signed-off-by: Bálint József Jánvári <4534880+dzsibi@users.noreply.github.com>
See CycloneDX#285 for more info Signed-off-by: Michael Tsfoni <80639729+mtsfoni@users.noreply.github.com>
* Fix serializing multiple licenses to XML Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * Address Static Code Analysis issues Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * Fix tests (remove empty licenses elements) Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * Fix Codacy Static Code Analysis issue Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * Postrebase fixes Signed-off-by: MTsfoni <mibau89@gmail.com> * Fixing testcases after rebase + adding Protoignore to LicenseChoiceList Somehow without protoIgnore an error was thrown in the deep copy. I assumed that everything that has no ProtoMember was excluded automatically. Seems that assumption was wrong. --------- Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> Signed-off-by: MTsfoni <mibau89@gmail.com> Co-authored-by: andreas hilti <andreas.hilti@bluewin.ch>
Signed-off-by: Michael Tsfoni <80639729+mtsfoni@users.noreply.github.com>
Bumps System.Text.Json from 7.0.2 to 8.0.4. --- updated-dependencies: - dependency-name: System.Text.Json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Michael Tsfoni <80639729+mtsfoni@users.noreply.github.com>
* improve merge performance Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * Override also Equals(object) Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> --------- Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch>
* Fix metadata tools components Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * namespace tool components and services Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * avoid writing null value in tools Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> * namespace also nested tools components Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch> --------- Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch>
Reflects the update in the specification repo: CycloneDX/specification@5f3ee80 Signed-off-by: Akshay Bhat <nodeax@gmail.com>
Signed-off-by: andreas hilti <69210561+andreas-hilti@users.noreply.github.com>
Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.6.3 to 17.10.0. - [Release notes](https://github.com/microsoft/vstest/releases) - [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md) - [Commits](microsoft/vstest@v17.6.3...v17.10.0) --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps xunit.runner.visualstudio from 2.5.0 to 2.8.2. --- updated-dependencies: - dependency-name: xunit.runner.visualstudio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Michael Tsfoni <80639729+mtsfoni@users.noreply.github.com>
Signed-off-by: andreas hilti <69210561+andreas-hilti@users.noreply.github.com>
Signed-off-by: andreas hilti <69210561+andreas-hilti@users.noreply.github.com>
Signed-off-by: andreas hilti <69210561+andreas-hilti@users.noreply.github.com>
Signed-off-by: andreas hilti <69210561+andreas-hilti@users.noreply.github.com>
Contributor
Author
|
@mtsfoni I have merged main and I have fixed most tests. There are at the moment only 7 failures. One issue is for sure that something goes wrong when downgrading metadata tools (which is based on the protobuf serialization). |
Member
|
The 1.6 branch is a wip with failing tests itself, so it's natuiral that this pr would have failing tests too. Thank you a lot for the help. Is this ready to merge? |
Signed-off-by: andreas hilti <69210561+andreas-hilti@users.noreply.github.com>
Contributor
Author
Yes, from my point of view the above 4 commits are fine and can be merged into your branch. cyclonedx-dotnet-library/src/CycloneDX.Core/Models/Metadata.cs Lines 40 to 66 in a42f0bf |
Contributor
Author
|
The remaining issues are related to CycloneDX/specification#276. |
Contributor
Author
|
@mtsfoni andreas-hilti@c3a4c70 would be a workaround for the above issue (it does not fix the underlying issue, though). Like this, all tests would pass. |
Member
Black magic. But the tests are green. I take it |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.