From a1db67584a1b5b30873ba88fa4f21fb25d3247c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maximilian=20Comb=C3=BCchen?= <max.combuchen@snyk.io>
Date: Thu, 2 Mar 2023 11:45:08 +0100
Subject: [PATCH] feat: add JSON Schema to JSON output (#79)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Maximilian Combüchen <max.combuchen@snyk.io>
---
 convert.go                                                | 1 +
 cyclonedx.go                                              | 2 ++
 cyclonedx_json.go                                         | 8 ++++++++
 encode_test.go                                            | 3 +++
 ...go-TestJsonBOMEncoder_EncodeVersion-func3-1.2.bom.json | 1 +
 ...go-TestJsonBOMEncoder_EncodeVersion-func3-1.3.bom.json | 1 +
 ...go-TestJsonBOMEncoder_EncodeVersion-func3-1.4.bom.json | 1 +
 7 files changed, 17 insertions(+)

diff --git a/convert.go b/convert.go
index f0da0c8..791de0b 100644
--- a/convert.go
+++ b/convert.go
@@ -78,6 +78,7 @@ func (b *BOM) convert(specVersion SpecVersion) {
 
 	b.SpecVersion = specVersion
 	b.XMLNS = xmlNamespaces[specVersion]
+	b.JSONSchema = jsonSchemas[specVersion]
 }
 
 // componentConverter modifies a Component such that it adheres to a given SpecVersion.
diff --git a/cyclonedx.go b/cyclonedx.go
index 50d23cf..c7e0429 100644
--- a/cyclonedx.go
+++ b/cyclonedx.go
@@ -60,6 +60,7 @@ type BOM struct {
 	XMLNS   string   `json:"-" xml:"xmlns,attr"`
 
 	// JSON specific fields
+	JSONSchema  string      `json:"$schema,omitempty" xml:"-"`
 	BOMFormat   string      `json:"bomFormat" xml:"-"`
 	SpecVersion SpecVersion `json:"specVersion" xml:"-"`
 
@@ -77,6 +78,7 @@ type BOM struct {
 
 func NewBOM() *BOM {
 	return &BOM{
+		JSONSchema:  jsonSchemas[SpecVersion1_4],
 		XMLNS:       xmlNamespaces[SpecVersion1_4],
 		BOMFormat:   BOMFormat,
 		SpecVersion: SpecVersion1_4,
diff --git a/cyclonedx_json.go b/cyclonedx_json.go
index 3d3e71f..6205904 100644
--- a/cyclonedx_json.go
+++ b/cyclonedx_json.go
@@ -49,3 +49,11 @@ func (sv *SpecVersion) UnmarshalJSON(bytes []byte) error {
 
 	return nil
 }
+
+var jsonSchemas = map[SpecVersion]string{
+	SpecVersion1_0: "",
+	SpecVersion1_1: "",
+	SpecVersion1_2: "http://cyclonedx.org/schema/bom-1.2.schema.json",
+	SpecVersion1_3: "http://cyclonedx.org/schema/bom-1.3.schema.json",
+	SpecVersion1_4: "http://cyclonedx.org/schema/bom-1.4.schema.json",
+}
diff --git a/encode_test.go b/encode_test.go
index 89c6da2..3f6b729 100644
--- a/encode_test.go
+++ b/encode_test.go
@@ -51,6 +51,7 @@ func TestJsonBOMEncoder_SetPretty(t *testing.T) {
 	require.NoError(t, encoder.Encode(bom))
 
 	assert.Equal(t, `{
+  "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.4",
   "version": 1,
@@ -83,6 +84,7 @@ func TestJsonBOMEncoder_SetEscapeHTML_true(t *testing.T) {
 	require.NoError(t, encoder.Encode(bom))
 
 	assert.Equal(t, `{
+  "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.4",
   "version": 1,
@@ -115,6 +117,7 @@ func TestJsonBOMEncoder_SetEscapeHTML_false(t *testing.T) {
 	require.NoError(t, encoder.Encode(bom))
 
 	assert.Equal(t, `{
+  "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.4",
   "version": 1,
diff --git a/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.2.bom.json b/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.2.bom.json
index 3052825..f95dcb7 100644
--- a/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.2.bom.json
+++ b/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.2.bom.json
@@ -1,4 +1,5 @@
 {
+  "$schema": "http://cyclonedx.org/schema/bom-1.2.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.2",
   "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",
diff --git a/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.3.bom.json b/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.3.bom.json
index 3caa4a7..e71d0ab 100644
--- a/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.3.bom.json
+++ b/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.3.bom.json
@@ -1,4 +1,5 @@
 {
+  "$schema": "http://cyclonedx.org/schema/bom-1.3.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.3",
   "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",
diff --git a/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.4.bom.json b/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.4.bom.json
index 1cdfef1..e757fe6 100644
--- a/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.4.bom.json
+++ b/testdata/snapshots/cyclonedx-go-TestJsonBOMEncoder_EncodeVersion-func3-1.4.bom.json
@@ -1,4 +1,5 @@
 {
+  "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.4",
   "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",