feat(spec1-5): add support for adversary-model and `risk-assessment…

…` external ref types Signed-off-by: nscuro <nscuro@protonmail.com>
CycloneDX · Jun 17, 2023 · cb23c44 · cb23c44
1 parent 7be18ae
commit cb23c44
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/convert.go b/convert.go
@@ -323,10 +323,10 @@ func (sv SpecVersion) supportsComponentType(cType ComponentType) bool {
 
 func (sv SpecVersion) supportsExternalReferenceType(ert ExternalReferenceType) bool {
 	switch ert {
-	case ERTypeAttestation, ERTypeCertificationReport, ERTypeCodifiedInfrastructure, ERTypeComponentAnalysisReport,
-		ERTypeDistributionIntake, ERTypeDynamicAnalysisReport, ERTypeExploitabilityStatement, ERTypeMaturityReport,
-		ERTypePentestReport, ERTypeQualityMetrics, ERTypeRuntimeAnalysisReport, ERTypeStaticAnalysisReport,
-		ERTypeThreatModel, ERTypeVulnerabilityAssertion:
+	case ERTypeAdversaryModel, ERTypeAttestation, ERTypeCertificationReport, ERTypeCodifiedInfrastructure,
+		ERTypeComponentAnalysisReport, ERTypeDistributionIntake, ERTypeDynamicAnalysisReport, ERTypeExploitabilityStatement,
+		ERTypeMaturityReport, ERTypePentestReport, ERTypeQualityMetrics, ERTypeRiskAssessment, ERTypeRuntimeAnalysisReport,
+		ERTypeStaticAnalysisReport, ERTypeThreatModel, ERTypeVulnerabilityAssertion:
 		return sv >= SpecVersion1_5
 	}
 

diff --git a/cyclonedx.go b/cyclonedx.go
@@ -214,6 +214,7 @@ type ExternalReference struct {
 type ExternalReferenceType string
 
 const (
+	ERTypeAdversaryModel          ExternalReferenceType = "adversary-model"
 	ERTypeAdvisories              ExternalReferenceType = "advisories"
 	ERTypeAttestation             ExternalReferenceType = "attestation"
 	ERTypeBOM                     ExternalReferenceType = "bom"
@@ -236,6 +237,7 @@ const (
 	ERTypePentestReport           ExternalReferenceType = "pentest-report"
 	ERTypeQualityMetrics          ExternalReferenceType = "quality-metrics"
 	ERTypeReleaseNotes            ExternalReferenceType = "release-notes"
+	ERTypeRiskAssessment          ExternalReferenceType = "risk-assessment"
 	ERTypeRuntimeAnalysisReport   ExternalReferenceType = "runtime-analysis-report"
 	ERTypeSecurityContact         ExternalReferenceType = "security-contact"
 	ERTypeSocial                  ExternalReferenceType = "social"