From f014d7c4411de9ed5e9cb877878ae416d85b2d92 Mon Sep 17 00:00:00 2001 From: Paul Horton Date: Mon, 21 Feb 2022 13:35:06 +0000 Subject: [PATCH] fix: `license_url` not serialised in XML output #179 (#180) Signed-off-by: Paul Horton --- cyclonedx/model/__init__.py | 3 +++ cyclonedx/output/xml.py | 3 ++- tests/data.py | 10 +++++++--- tests/fixtures/json/1.3/bom_with_full_metadata.json | 10 +++++++++- tests/fixtures/json/1.4/bom_with_full_metadata.json | 10 +++++++++- tests/fixtures/xml/1.3/bom_with_full_metadata.xml | 6 +++++- tests/fixtures/xml/1.4/bom_with_full_metadata.xml | 6 +++++- 7 files changed, 40 insertions(+), 8 deletions(-) diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py index 47e3eed1..fae2284b 100644 --- a/cyclonedx/model/__init__.py +++ b/cyclonedx/model/__init__.py @@ -376,6 +376,9 @@ def __hash__(self) -> int: return hash(self._uri) def __repr__(self) -> str: + return f'' + + def __str__(self) -> str: return self._uri diff --git a/cyclonedx/output/xml.py b/cyclonedx/output/xml.py index 4af463bd..94192c62 100644 --- a/cyclonedx/output/xml.py +++ b/cyclonedx/output/xml.py @@ -356,8 +356,9 @@ def _add_licenses_to_element(self, licenses: Set[LicenseChoice], parent_element: license_text_e_attrs['encoding'] = license_.license.text.encoding.value ElementTree.SubElement(license_e, 'text', license_text_e_attrs).text = license_.license.text.content + if license_.license.url: + ElementTree.SubElement(license_e, 'url').text = str(license_.license.url) - ElementTree.SubElement(license_e, 'text').text = license_.license.id license_output = True else: if self.license_supports_expression(): diff --git a/tests/data.py b/tests/data.py index 2e5fc805..0ecf6887 100644 --- a/tests/data.py +++ b/tests/data.py @@ -24,8 +24,8 @@ from packageurl import PackageURL from cyclonedx.model import AttachedText, DataClassification, DataFlow, Encoding, ExternalReference, \ - ExternalReferenceType, HashType, LicenseChoice, Note, NoteText, OrganizationalContact, OrganizationalEntity, \ - Property, Tool, XsUri + ExternalReferenceType, HashType, LicenseChoice, License, Note, NoteText, OrganizationalContact, \ + OrganizationalEntity, Property, Tool, XsUri from cyclonedx.model.bom import Bom from cyclonedx.model.component import Commit, Component, ComponentEvidence, ComponentType, Copyright, Patch, \ PatchClassification, Pedigree, Swid, ComponentScope @@ -166,7 +166,11 @@ def get_bom_just_complete_metadata() -> Bom: ) bom.metadata.manufacture = get_org_entity_1() bom.metadata.supplier = get_org_entity_2() - bom.metadata.licenses = [LicenseChoice(license_expression='Commercial')] + bom.metadata.licenses = [LicenseChoice(license_=License( + spdx_license_id='Apache-2.0', license_text=AttachedText( + content='VGVzdCBjb250ZW50IC0gdGhpcyBpcyBub3QgdGhlIEFwYWNoZSAyLjAgbGljZW5zZSE=', encoding=Encoding.BASE_64 + ), license_url=XsUri('https://www.apache.org/licenses/LICENSE-2.0.txt') + ))] bom.metadata.properties = get_properties_1() return bom diff --git a/tests/fixtures/json/1.3/bom_with_full_metadata.json b/tests/fixtures/json/1.3/bom_with_full_metadata.json index 21baef21..f23a5703 100644 --- a/tests/fixtures/json/1.3/bom_with_full_metadata.json +++ b/tests/fixtures/json/1.3/bom_with_full_metadata.json @@ -62,7 +62,15 @@ }, "licenses": [ { - "expression": "Commercial" + "license": { + "id": "Apache-2.0", + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "VGVzdCBjb250ZW50IC0gdGhpcyBpcyBub3QgdGhlIEFwYWNoZSAyLjAgbGljZW5zZSE=" + }, + "url": "https://www.apache.org/licenses/LICENSE-2.0.txt" + } } ], "properties": [ diff --git a/tests/fixtures/json/1.4/bom_with_full_metadata.json b/tests/fixtures/json/1.4/bom_with_full_metadata.json index 230f4f26..0a4ce155 100644 --- a/tests/fixtures/json/1.4/bom_with_full_metadata.json +++ b/tests/fixtures/json/1.4/bom_with_full_metadata.json @@ -96,7 +96,15 @@ }, "licenses": [ { - "expression": "Commercial" + "license": { + "id": "Apache-2.0", + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "VGVzdCBjb250ZW50IC0gdGhpcyBpcyBub3QgdGhlIEFwYWNoZSAyLjAgbGljZW5zZSE=" + }, + "url": "https://www.apache.org/licenses/LICENSE-2.0.txt" + } } ], "properties": [ diff --git a/tests/fixtures/xml/1.3/bom_with_full_metadata.xml b/tests/fixtures/xml/1.3/bom_with_full_metadata.xml index be3a90f1..639e270a 100644 --- a/tests/fixtures/xml/1.3/bom_with_full_metadata.xml +++ b/tests/fixtures/xml/1.3/bom_with_full_metadata.xml @@ -47,7 +47,11 @@ - Commercial + + Apache-2.0 + VGVzdCBjb250ZW50IC0gdGhpcyBpcyBub3QgdGhlIEFwYWNoZSAyLjAgbGljZW5zZSE= + https://www.apache.org/licenses/LICENSE-2.0.txt + val1 diff --git a/tests/fixtures/xml/1.4/bom_with_full_metadata.xml b/tests/fixtures/xml/1.4/bom_with_full_metadata.xml index 395ae6d3..dd333058 100644 --- a/tests/fixtures/xml/1.4/bom_with_full_metadata.xml +++ b/tests/fixtures/xml/1.4/bom_with_full_metadata.xml @@ -73,7 +73,11 @@ - Commercial + + Apache-2.0 + VGVzdCBjb250ZW50IC0gdGhpcyBpcyBub3QgdGhlIEFwYWNoZSAyLjAgbGljZW5zZSE= + https://www.apache.org/licenses/LICENSE-2.0.txt + val1