Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: BOM validation fails when Components or Services are nested #276

Merged
merged 11 commits into from
Aug 1, 2022
Merged

fix: BOM validation fails when Components or Services are nested #276

merged 11 commits into from
Aug 1, 2022

Conversation

madpah
Copy link
Collaborator

@madpah madpah commented Jul 27, 2022
edited
Loading

@madpah madpah added the bug Something isn't working label Jul 27, 2022
@madpah madpah self-assigned this Jul 27, 2022
@madpah madpah marked this pull request as ready for review July 27, 2022 17:16
@madpah madpah requested a review from a team as a code owner July 27, 2022 17:16
jkowalleck
jkowalleck previously requested changes Jul 27, 2022
View reviewed changes
cyclonedx/model/component.py Show resolved Hide resolved
madpah added 10 commits July 28, 2022 09:40
@madpah
fix: properly support nested components and services #275
6597db7 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
addressed JSON output for #275 including test addiitions
692c005 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
updated XML output tests
356c37e 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
aded XML output tests for Issue #275
ebef5f2 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
removed tests where services are part of dependency tree - see #277
f26862b 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
chore: re-added isort to pre-commit hooks
051e543 
ran isort

Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
Revert "chore: re-added isort to pre-commit hooks"
5f7f30e 
This reverts commit f50ee1e.

Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
added tests to cover new Component.get_all_nested_components() method
75a77ed 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
chore: resolve hang issue with running isort as pre-commit hook
fb25b70 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah
fix: pinned mypy <= 0.961 due to #278
d6955cb 
Signed-off-by: Paul Horton <paul.horton@owasp.org>
@madpah madpah force-pushed the fix/bom-validation-nested-components-isue-275 branch from 907fec9 to d6955cb Compare July 28, 2022 08:40
@madpah madpah requested a review from jkowalleck July 28, 2022 08:48
@madpah madpah linked an issue Jul 28, 2022 that may be closed by this pull request
[BUG] Nested Components or Services breaks BOM validation #275
Closed
@madpah madpah dismissed jkowalleck’s stale review July 29, 2022 09:17

Comments address - review not dismissing?

@jkowalleck
Copy link
Member

jkowalleck commented Jul 29, 2022
edited
Loading

@madpah no issue with your implementation. it is solid. and i would not change it at all.
just another view on the problem:

but i thing a tree iterator algorithm on the Set of Component - let's call it ComponentRepository -
would be a better fit. it is similar to the thing you've built. but it shifts the iteration to the set, away from the tree root Component.

why i thing it fits better? Because the set is already a collection - that is iterated.

did this in the JS implementation: https://github.com/CycloneDX/cyclonedx-javascript-library/pull/136/files#diff-91e0bfb8ec98ef0ee09645d5c3ccbfec3d1fcafcc0d74e81c7e3cb08ed0aee31R141-R146
(ignore the strange method name - its just some way to "hide" methods in javascript - similar to the __-prefix in python)

@madpah madpah merged commit 68a0cdd into main Aug 1, 2022
@madpah madpah deleted the fix/bom-validation-nested-components-isue-275 branch March 30, 2023 07:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkowalleck jkowalleck jkowalleck approved these changes

Assignees

@madpah madpah

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] Nested Components or Services breaks BOM validation
2 participants
@madpah @jkowalleck