Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for metadata introduced in CycloneDX v1.2 #9

Closed
stevespringett opened this issue Jul 1, 2019 · 7 comments
Closed

Add support for metadata introduced in CycloneDX v1.2 #9

stevespringett opened this issue Jul 1, 2019 · 7 comments
Labels
enhancement New feature or request

Comments

@stevespringett
Copy link
Member

No description provided.

@stevespringett stevespringett added the enhancement New feature or request label Jul 1, 2019
@CleanHit
Copy link

CleanHit commented Mar 11, 2020
edited
Loading

Does my problem in #54 occurs because there is not support for v1.1 meta data?

@stevespringett stevespringett mentioned this issue Mar 8, 2021
Closed
@sbs2001
Copy link

sbs2001 commented Mar 13, 2021

@stevespringett referring to https://cyclonedx.org/docs/1.2/#type_metadata IMHO creating component and authors nodes would be easy. Would that be enough ?

@stevespringett
Copy link
Member Author

@sbs2001 authors is intended for human creators of the SBOM. This tool produces them through automation, so I'd recommend having support for the metadata\component and metadata\tools\tool

In fact, the metadata section wasn't added to the spec until v1.2, so I'm updating the description.

@stevespringett stevespringett changed the title Add support for metadata introduced in CycloneDX v1.1 Add support for metadata introduced in CycloneDX v1.2 Mar 14, 2021
@sbs2001
Copy link

sbs2001 commented Mar 14, 2021

@stevespringett awesome !

For metadata\component , we could borrow the code at https://github.com/nexB/scancode-toolkit/blob/839964c205fa76562ec3c24c667183b3d0bb9f5a/src/packagedcode/pypi.py#L302 as a start ?

@sbs2001
Copy link

sbs2001 commented Mar 19, 2021

@coderpatros @stevespringett ping

@coderpatros
Copy link
Member

Sounds like a reasonable approach to me.

@madpah madpah mentioned this issue Sep 16, 2021
Closed
@madpah
Copy link
Collaborator

madpah commented Sep 16, 2021

Given PR #221, this issue now relates to the CycloneDX Python Library and not this repository.

Worth noting that the CycloneDX Python Library includes support for metadata.timestamp as of version 0.1.0.

New issue raised in the library project: CycloneDX/cyclonedx-python-lib#6.

@madpah madpah closed this as completed Sep 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@coderpatros @stevespringett @madpah @CleanHit @sbs2001