Skip to content

Commit

Permalink
fix(sbom): export empty dependencies in CycloneDX (aquasecurity#4568)
Browse files Browse the repository at this point in the history
  • Loading branch information
@nikpivkin
nikpivkin committed Jun 6, 2023
1 parent 2796abe commit 17d7536
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 11 deletions.
2 changes: 1 addition & 1 deletion pkg/sbom/cyclonedx/core/cyclonedx.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ func (c *CycloneDX) MarshalComponent(component *Component, components map[string
}
}

var dependencies []string
dependencies := make([]string, 0) // Components that do not have their own dependencies must be declared as empty elements
for _, child := range component.Components {
childComponent := c.MarshalComponent(child, components, deps, vulns)
dependencies = append(dependencies, childComponent.BOMRef)
Expand Down
20 changes: 10 additions & 10 deletions pkg/sbom/cyclonedx/marshal_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -456,15 +456,15 @@ func TestMarshaler_Marshal(t *testing.T) {
},
{
Ref: "pkg:gem/actionpack@7.0.0",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
{
Ref: "pkg:golang/golang.org/x/crypto@v0.0.0-20210421170649-83a5a9bb288b",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
{
Ref: "pkg:nuget/Newtonsoft.Json@9.0.1",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
{
Ref: "pkg:oci/rails@sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177?repository_url=index.docker.io%2Flibrary%2Frails&arch=arm64",
Expand All @@ -478,7 +478,7 @@ func TestMarshaler_Marshal(t *testing.T) {
},
{
Ref: "pkg:rpm/centos/binutils@2.30-93.el8?arch=aarch64&distro=centos-8.3.2011",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
},
Vulnerabilities: &[]cdx.Vulnerability{
Expand Down Expand Up @@ -932,11 +932,11 @@ func TestMarshaler_Marshal(t *testing.T) {
},
{
Ref: "pkg:gem/actionpack@7.0.0?file_path=tools%2Fproject-john%2Fspecifications%2Factionpack.gemspec",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
{
Ref: "pkg:gem/actionpack@7.0.1?file_path=tools%2Fproject-doe%2Fspecifications%2Factionpack.gemspec",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
{
Ref: "pkg:rpm/centos/acl@2.2.53-1.el8?arch=aarch64&epoch=1&distro=centos-8.3.2011",
Expand All @@ -946,7 +946,7 @@ func TestMarshaler_Marshal(t *testing.T) {
},
{
Ref: "pkg:rpm/centos/glibc@2.28-151.el8?arch=aarch64&distro=centos-8.3.2011",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
},
Vulnerabilities: &[]cdx.Vulnerability{
Expand Down Expand Up @@ -1120,7 +1120,7 @@ func TestMarshaler_Marshal(t *testing.T) {
},
{
Ref: "pkg:gem/actioncable@6.1.4.1",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
},
},
Expand Down Expand Up @@ -1218,7 +1218,7 @@ func TestMarshaler_Marshal(t *testing.T) {
},
{
Ref: "pkg:npm/ruby-typeprof@0.20.1?file_path=usr%2Flocal%2Flib%2Fruby%2Fgems%2F3.1.0%2Fgems%2Ftypeprof-0.21.1%2Fvscode%2Fpackage.json",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
},
},
Expand Down Expand Up @@ -1263,7 +1263,7 @@ func TestMarshaler_Marshal(t *testing.T) {
Dependencies: &[]cdx.Dependency{
{
Ref: "3ff14136-e09f-4df9-80ea-000000000002",
Dependencies: lo.ToPtr([]string(nil)),
Dependencies: lo.ToPtr([]string{}),
},
},
},
Expand Down

0 comments on commit 17d7536

Please sign in to comment.