-
-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cdx1.6 #318
Cdx1.6 #318
Conversation
CI/CD: Fix wrong snapshooter path. Snapshooter was incorrectly searching for snapshots under /_/ on all operating systems. This was resolved on Linux and Windows by creating a symlink to /_/ or [Drive]:/_/. However, macOS does not permit this symlink, so I have decided to skip tests on macOS for now and prioritize other issues. --- Signed-off-by: Michael Tsfoni <[email protected]>
CycloneDX#265 Update to newer version of JsonSchema.Net --------- Signed-off-by: andreas hilti <[email protected]>
Properties needs to be in front of Components. Signed-off-by: andreas hilti <[email protected]>
Apparently, when implementing 1.5 the enum was implemented twice for two different locations. => remove one implementaion Signed-off-by: Jim Klimov <[email protected]>
…ing with capital letters (CycloneDX#289) Signed-off-by: andreas hilti <[email protected]>
Reflects the update in the specification repo: CycloneDX/specification@4017ce4 Signed-off-by: Akshay Bhat <[email protected]>
Fix serialization of enums VolumeMode and DataType Add test to validate SBOM after round trip --------- Signed-off-by: andreas hilti <[email protected]> Co-authored-by: MTsfoni <[email protected]> Signed-off-by: MTsfoni <[email protected]>
E.g. after downgrading a bom, tools was null, and thus a null value was written. However, an empty array was expected. Signed-off-by: andreas hilti <[email protected]>
The combination of CycloneDX#246 (add testcase) and CycloneDX#286 (activate strict mode) caused this 'conflict' Signed-off-by: MTsfoni <[email protected]>
also added roundtrip validation tests for xml Signed-off-by: MTsfoni <[email protected]>
Signed-off-by: Michael Tsfoni <[email protected]>
CVSSv3.1 was used instead of the correct CVSSv31 Signed-off-by: Bálint József Jánvári <[email protected]>
See CycloneDX#285 for more info Signed-off-by: Michael Tsfoni <[email protected]>
* Fix serializing multiple licenses to XML Signed-off-by: andreas hilti <[email protected]> * Address Static Code Analysis issues Signed-off-by: andreas hilti <[email protected]> * Fix tests (remove empty licenses elements) Signed-off-by: andreas hilti <[email protected]> * Fix Codacy Static Code Analysis issue Signed-off-by: andreas hilti <[email protected]> * Postrebase fixes Signed-off-by: MTsfoni <[email protected]> * Fixing testcases after rebase + adding Protoignore to LicenseChoiceList Somehow without protoIgnore an error was thrown in the deep copy. I assumed that everything that has no ProtoMember was excluded automatically. Seems that assumption was wrong. --------- Signed-off-by: andreas hilti <[email protected]> Signed-off-by: MTsfoni <[email protected]> Co-authored-by: andreas hilti <[email protected]>
Signed-off-by: Michael Tsfoni <[email protected]>
Bumps System.Text.Json from 7.0.2 to 8.0.4. --- updated-dependencies: - dependency-name: System.Text.Json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Michael Tsfoni <[email protected]>
* improve merge performance Signed-off-by: andreas hilti <[email protected]> * Override also Equals(object) Signed-off-by: andreas hilti <[email protected]> --------- Signed-off-by: andreas hilti <[email protected]>
* Fix metadata tools components Signed-off-by: andreas hilti <[email protected]> * namespace tool components and services Signed-off-by: andreas hilti <[email protected]> * avoid writing null value in tools Signed-off-by: andreas hilti <[email protected]> * namespace also nested tools components Signed-off-by: andreas hilti <[email protected]> --------- Signed-off-by: andreas hilti <[email protected]>
Reflects the update in the specification repo: CycloneDX/specification@5f3ee80 Signed-off-by: Akshay Bhat <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.6.3 to 17.10.0. - [Release notes](https://github.com/microsoft/vstest/releases) - [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md) - [Commits](microsoft/vstest@v17.6.3...v17.10.0) --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps xunit.runner.visualstudio from 2.5.0 to 2.8.2. --- updated-dependencies: - dependency-name: xunit.runner.visualstudio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Michael Tsfoni <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
@mtsfoni I have merged main and I have fixed most tests. There are at the moment only 7 failures. One issue is for sure that something goes wrong when downgrading metadata tools (which is based on the protobuf serialization). |
The 1.6 branch is a wip with failing tests itself, so it's natuiral that this pr would have failing tests too. Thank you a lot for the help. Is this ready to merge? |
Signed-off-by: andreas hilti <[email protected]>
Yes, from my point of view the above 4 commits are fine and can be merged into your branch. cyclonedx-dotnet-library/src/CycloneDX.Core/Models/Metadata.cs Lines 40 to 66 in a42f0bf
|
The remaining issues are related to CycloneDX/specification#276. |
@mtsfoni andreas-hilti@c3a4c70 would be a workaround for the above issue (it does not fix the underlying issue, though). Like this, all tests would pass. |
Black magic. But the tests are green. I take it |
No description provided.