Add support for metadata component

[artem-smotrakov]

Part of #6

[madpah]

Thanks for the PR @artem-smotrakov. We're in the process of a notable update at present to support the forthcoming CycloneDX 1.4 schema - so please forgive us if we wait for that work to stabilise before we look at merging your PR.

Cheers!

[jkowalleck]

Thanks for the PR @artem-smotrakov. We're in the process of a notable update at present to support the forthcoming CycloneDX 1.4 schema - so please forgive us if we wait for that work to stabilise before we look at merging your PR.

Cheers!

enabled CI to run CT/QA.

in the meantime: could you check that all tests pass, @artem-smotrakov ?
see https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CONTRIBUTING.md for more.

[artem-smotrakov]

Hmm, I read the contributing guidelines and ran tests and poetry run autopep8 --in-place -r . before opening the PR. They passed. Let me check again.

[artem-smotrakov]

I've fixed several formatting and typing issues. poetry run tox passed. Please re-run the CI/CD jobs.

[madpah]

Hi @artem-smotrakov - we've just merged changes for CycloneDX 1.4 - are you willing to rebase this branch from main?

Thanks, Paul

[artem-smotrakov]

@madpah I've rebased it -- please rerun CI/CD and have a look at the updates.

I am not sure about this one:

https://github.com/CycloneDX/cyclonedx-python-lib/pull/118/files#diff-9c84a99c5332704dd6a90a4defadfd9df437336f07b79b91033e0a96bbd8fbf1R95

I've noticed that if a BOM doesn't have components, _specialise_output_for_schema_version() fails with a key error. I've updated it to always add components element. That is how XML encoder behaves.

[madpah]

@artem-smotrakov - thanks again for the PR.

It's interesting you have pointed out that components is output as an empty element in some cases - ideally this should not be output if there are no Components - but we are happy to resolve this as a separate bug later.

[artem-smotrakov]

@madpah I've addressed your comments -- thanks for the review!