Cdx1.6 #318
Merged
Cdx1.6 #318
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CI/CD: Fix wrong snapshooter path. Snapshooter was incorrectly searching for snapshots under /_/ on all operating systems. This was resolved on Linux and Windows by creating a symlink to /_/ or [Drive]:/_/. However, macOS does not permit this symlink, so I have decided to skip tests on macOS for now and prioritize other issues. --- Signed-off-by: Michael Tsfoni <[email protected]>
CycloneDX#265 Update to newer version of JsonSchema.Net --------- Signed-off-by: andreas hilti <[email protected]>
Properties needs to be in front of Components. Signed-off-by: andreas hilti <[email protected]>
Apparently, when implementing 1.5 the enum was implemented twice for two different locations. => remove one implementaion Signed-off-by: Jim Klimov <[email protected]>
…ing with capital letters (CycloneDX#289) Signed-off-by: andreas hilti <[email protected]>
Reflects the update in the specification repo: CycloneDX/specification@4017ce4 Signed-off-by: Akshay Bhat <[email protected]>
Fix serialization of enums VolumeMode and DataType Add test to validate SBOM after round trip --------- Signed-off-by: andreas hilti <[email protected]> Co-authored-by: MTsfoni <[email protected]> Signed-off-by: MTsfoni <[email protected]>
E.g. after downgrading a bom, tools was null, and thus a null value was written. However, an empty array was expected. Signed-off-by: andreas hilti <[email protected]>
The combination of CycloneDX#246 (add testcase) and CycloneDX#286 (activate strict mode) caused this 'conflict' Signed-off-by: MTsfoni <[email protected]>
also added roundtrip validation tests for xml Signed-off-by: MTsfoni <[email protected]>
Signed-off-by: Michael Tsfoni <[email protected]>
CVSSv3.1 was used instead of the correct CVSSv31 Signed-off-by: Bálint József Jánvári <[email protected]>
See CycloneDX#285 for more info Signed-off-by: Michael Tsfoni <[email protected]>
* Fix serializing multiple licenses to XML Signed-off-by: andreas hilti <[email protected]> * Address Static Code Analysis issues Signed-off-by: andreas hilti <[email protected]> * Fix tests (remove empty licenses elements) Signed-off-by: andreas hilti <[email protected]> * Fix Codacy Static Code Analysis issue Signed-off-by: andreas hilti <[email protected]> * Postrebase fixes Signed-off-by: MTsfoni <[email protected]> * Fixing testcases after rebase + adding Protoignore to LicenseChoiceList Somehow without protoIgnore an error was thrown in the deep copy. I assumed that everything that has no ProtoMember was excluded automatically. Seems that assumption was wrong. --------- Signed-off-by: andreas hilti <[email protected]> Signed-off-by: MTsfoni <[email protected]> Co-authored-by: andreas hilti <[email protected]>
Signed-off-by: Michael Tsfoni <[email protected]>
Bumps System.Text.Json from 7.0.2 to 8.0.4. --- updated-dependencies: - dependency-name: System.Text.Json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Michael Tsfoni <[email protected]>
* improve merge performance Signed-off-by: andreas hilti <[email protected]> * Override also Equals(object) Signed-off-by: andreas hilti <[email protected]> --------- Signed-off-by: andreas hilti <[email protected]>
* Fix metadata tools components Signed-off-by: andreas hilti <[email protected]> * namespace tool components and services Signed-off-by: andreas hilti <[email protected]> * avoid writing null value in tools Signed-off-by: andreas hilti <[email protected]> * namespace also nested tools components Signed-off-by: andreas hilti <[email protected]> --------- Signed-off-by: andreas hilti <[email protected]>
Reflects the update in the specification repo: CycloneDX/specification@5f3ee80 Signed-off-by: Akshay Bhat <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.6.3 to 17.10.0. - [Release notes](https://github.com/microsoft/vstest/releases) - [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md) - [Commits](microsoft/vstest@v17.6.3...v17.10.0) --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps xunit.runner.visualstudio from 2.5.0 to 2.8.2. --- updated-dependencies: - dependency-name: xunit.runner.visualstudio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Michael Tsfoni <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
Signed-off-by: andreas hilti <[email protected]>
|
@mtsfoni I have merged main and I have fixed most tests. There are at the moment only 7 failures. One issue is for sure that something goes wrong when downgrading metadata tools (which is based on the protobuf serialization). |
|
The 1.6 branch is a wip with failing tests itself, so it's natuiral that this pr would have failing tests too. Thank you a lot for the help. Is this ready to merge? |
Signed-off-by: andreas hilti <[email protected]>
Yes, from my point of view the above 4 commits are fine and can be merged into your branch. cyclonedx-dotnet-library/src/CycloneDX.Core/Models/Metadata.cs Lines 40 to 66 in a42f0bf |
|
The remaining issues are related to CycloneDX/specification#276. |
|
@mtsfoni andreas-hilti@c3a4c70 would be a workaround for the above issue (it does not fix the underlying issue, though). Like this, all tests would pass. |
Black magic. But the tests are green. I take it |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.