Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix support for CycloneDX 1.5 #362

Merged
merged 2 commits into from
Nov 6, 2023
Merged

Fix support for CycloneDX 1.5 #362

merged 2 commits into from
Nov 6, 2023

Conversation

ThomasVitale
Copy link
Contributor

Fix bug causing the CycloneDX 1.5 schema version
to be ignored by the plugin with fallback to 1.4.

Update docs with spec references to version 1.5.

Fixes gh-361

@ThomasVitale
Fix support for CycloneDX 1.5
c15286c 
Fix bug causing the CycloneDX 1.5 schema version
to be ignored by the plugin with fallback to 1.4.

Update docs with spec references to version 1.5.

Fixes gh-361

Signed-off-by: Thomas Vitale <ThomasVitale@users.noreply.github.com>
@ThomasVitale ThomasVitale mentioned this pull request Nov 5, 2023
Closed
ThomasVitale
ThomasVitale commented Nov 5, 2023
View reviewed changes
src/main/java/org/cyclonedx/gradle/utils/CycloneDxUtils.java
@@ -4,6 +4,8 @@

public class CycloneDxUtils {

public static final CycloneDxSchema.Version DEFAULT_SCHEMA_VERSION = CycloneDxSchema.Version.VERSION_15;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Centralising the default version here should reduce the likelihood to change the default version in the Task property without also updating this util class, preventing the current bug to happen again.

It's also possible to configure the default directly to CycloneDxSchema.VERSION_LATEST, but it would be less obvious which version is that just by reading the code, so I opted for a more explicit configuration. Thoughts?

jkowalleck
jkowalleck approved these changes Nov 5, 2023
View reviewed changes
Copy link
Member

@jkowalleck jkowalleck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ThomasVitale
Update tests for default spec version
3c3665b 
Fixes gh-361

Signed-off-by: Thomas Vitale <ThomasVitale@users.noreply.github.com>
@ThomasVitale
Copy link
Contributor Author

It looks like I missed a couple of tests to update to check against the default version rather than hard-coded 1.4. I'm about to push the missing change.

@glefloch
Copy link
Member

glefloch commented Nov 6, 2023

Thanks @ThomasVitale!

@glefloch glefloch merged commit a0e6324 into CycloneDX:master Nov 6, 2023
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@glefloch glefloch glefloch approved these changes

@jkowalleck jkowalleck jkowalleck approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Version 1.8.0 doesn't actually produce SBOMs with 1.5 schema version
3 participants
@ThomasVitale @glefloch @jkowalleck