Serialize SPDX reference category with hyphens so it matches spdx 2.2.2 (breaking!)

src/CycloneDX.Spdx/Models/v2_2/ExternalRef.cs

@@ -16,6 +16,9 @@
 // Copyright (c) OWASP Foundation. All Rights Reserved.
 
 using System;
+using System.Reflection;
+using System.Runtime.Serialization;
+using System.Text.Json.Serialization;
 using System.Xml.Serialization;
 
 namespace CycloneDX.Spdx.Models.v2_2
@@ -28,8 +31,45 @@ public class ExternalRef
         /// <summary>
         /// Category for the external reference
         /// </summary>
-        [XmlElement("referenceCategory")]
+        [XmlIgnore]
         public ExternalRefCategory ReferenceCategory { get; set; }
+
+        /// <summary>
+        /// Category for the external reference, adjusted to allow values with hyphens and underscores
+        /// </summary>
+        [XmlElement("referenceCategory")]
+        [JsonIgnore]
+        public string ReferenceCategoryAsString
+        {
+            get
+            {
+                switch (ReferenceCategory)
+                {
+                    case ExternalRefCategory.PACKAGE_MANAGER:
+                        return "PACKAGE-MANAGER";
+                    default:
+                        return ReferenceCategory.ToString();
+                }
+            }
+            set
+            {
+                switch (value.ToUpperInvariant())
+                {
+                    case "OTHER":
+                        ReferenceCategory = ExternalRefCategory.OTHER;
+                        break;
+                    case "SECURITY":
+                        ReferenceCategory = ExternalRefCategory.SECURITY;
+                        break;
+                    case "PACKAGE_MANAGER":
+                    case "PACKAGE-MANAGER":
+                        ReferenceCategory = ExternalRefCategory.PACKAGE_MANAGER;
+                        break;
+                    default:
+                        throw new InvalidOperationException();
+                }
+            }
+        }
 
         /// <summary>
         /// The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location. The format of the locator is subject to constraints defined by the &lt;type&gt;.

src/CycloneDX.Spdx/Models/v2_2/ExternalRefCategory.cs

@@ -16,13 +16,15 @@
 // Copyright (c) OWASP Foundation. All Rights Reserved.
 
 using System;
+using System.Runtime.Serialization;
 
 namespace CycloneDX.Spdx.Models.v2_2
 {
     public enum ExternalRefCategory
     {
         OTHER,
         SECURITY,
+        [EnumMember(Value = "PACKAGE-MANAGER")]
         PACKAGE_MANAGER,
     }
 }

src/CycloneDX.Spdx/Schemas/spdx-2.2.schema.json

@@ -317,7 +317,7 @@
                 "referenceCategory" : {
                   "description" : "Category for the external reference",
                   "type" : "string",
-                  "enum" : [ "OTHER", "PERSISTENT_ID", "SECURITY", "PACKAGE_MANAGER" ]
+                  "enum" : [ "OTHER", "PERSISTENT_ID", "SECURITY", "PACKAGE_MANAGER", "PACKAGE-MANAGER", "PERSISTENT-ID" ]
                 },
                 "referenceLocator" : {
                   "description" : "The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location. The format of the locator is subject to constraints defined by the <type>.",

src/CycloneDX.Spdx/Serialization/Converters/HyphenEnumConverter.cs

@@ -0,0 +1,62 @@
+// This file is part of CycloneDX Library for .NET
+//
+// Licensed under the Apache License, Version 2.0 (the “License”);
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an “AS IS” BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (c) OWASP Foundation. All Rights Reserved.
+
+using System;
+using System.Diagnostics.Contracts;
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace CycloneDX.Spdx.Serialization.Converters
+{
+
+    public class HyphenEnumConverter<T> : JsonConverter<T> where T: struct
+    {
+        public override T Read(
+            ref Utf8JsonReader reader,
+            Type typeToConvert,
+            JsonSerializerOptions options)
+        {
+            if (reader.TokenType == JsonTokenType.Null
+                || reader.TokenType != JsonTokenType.String)
+            {
+                throw new JsonException();
+            }
+
+            var enumString = reader.GetString();
+
+            T enumValue;
+            var success = Enum.TryParse<T>(enumString.Replace("-", "_"), ignoreCase: true, out enumValue);
+            if (success)
+            {
+                return enumValue;
+            }
+            else
+            {
+                throw new JsonException();
+            }
+        }
+
+        public override void Write(
+            Utf8JsonWriter writer,
+            T value,
+            JsonSerializerOptions options)
+        {
+            Contract.Requires(writer != null);
+            writer.WriteStringValue(value.ToString().Replace('_', '-'));
+        }
+    }
+}

src/CycloneDX.Spdx/Serialization/JsonSerializer.cs

@@ -21,6 +21,8 @@
 using System.Text.Json;
 using System.Text.Json.Serialization;
 using System.Threading.Tasks;
+using CycloneDX.Spdx.Models.v2_2;
+using CycloneDX.Spdx.Serialization.Converters;
 
 namespace CycloneDX.Spdx.Serialization
 {
@@ -38,6 +40,7 @@ public static JsonSerializerOptions GetJsonSerializerOptions_v2_2()
                 PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
                 DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull,
             };
+            options.Converters.Add(new HyphenEnumConverter<ExternalRefCategory>());
             options.Converters.Add(new JsonStringEnumConverter());
             return options;
         }

tests/CycloneDX.Spdx.Tests/CycloneDX.Spdx.Tests.csproj

@@ -33,4 +33,8 @@
     <ProjectReference Include="..\..\src\CycloneDX.Spdx\CycloneDX.Spdx.csproj" />
   </ItemGroup>
 
+  <ItemGroup>
+    <Folder Include="__snapshots__\" />
+  </ItemGroup>
+
 </Project>

tests/CycloneDX.Spdx.Tests/JsonSerializerTests.cs

@@ -29,6 +29,7 @@ public class JsonSerializerTests
     {
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public void JsonRoundTripTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");
@@ -42,6 +43,7 @@ public void JsonRoundTripTest(string baseFilename)
 
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public async Task JsonAsyncRoundTripTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");

tests/CycloneDX.Spdx.Tests/JsonValidatorTests.cs

@@ -29,6 +29,7 @@ public class JsonValidatorTests
     {
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public void ValidateJsonStringTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");
@@ -41,6 +42,7 @@ public void ValidateJsonStringTest(string baseFilename)
 
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public async Task ValidateJsonStreamTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");