sbom-cyclonedx 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +15 -0
- data/.gitlab-ci.yml +49 -0
- data/.rspec +3 -0
- data/.rubocop.yml +72 -0
- data/.vscode/settings.json +6 -0
- data/CHANGELOG.md +9 -0
- data/CODE_OF_CONDUCT.md +132 -0
- data/Gemfile +26 -0
- data/Gemfile.lock +179 -0
- data/LICENSE.txt +21 -0
- data/README.md +39 -0
- data/Rakefile +36 -0
- data/Steepfile +14 -0
- data/bin/console +11 -0
- data/bin/rbs_spec +9 -0
- data/bin/setup +8 -0
- data/bom-1.6.schema.json +7334 -0
- data/lib/email_address_extension.rb +26 -0
- data/lib/sbom/cyclone_dx/enum.rb +2178 -0
- data/lib/sbom/cyclone_dx/field.rb +404 -0
- data/lib/sbom/cyclone_dx/pattern.rb +43 -0
- data/lib/sbom/cyclone_dx/record/advisory.rb +17 -0
- data/lib/sbom/cyclone_dx/record/annotation.rb +46 -0
- data/lib/sbom/cyclone_dx/record/attachment.rb +21 -0
- data/lib/sbom/cyclone_dx/record/base.rb +244 -0
- data/lib/sbom/cyclone_dx/record/cipher_suite.rb +23 -0
- data/lib/sbom/cyclone_dx/record/co2_measure.rb +18 -0
- data/lib/sbom/cyclone_dx/record/command.rb +18 -0
- data/lib/sbom/cyclone_dx/record/commit.rb +25 -0
- data/lib/sbom/cyclone_dx/record/component.rb +126 -0
- data/lib/sbom/cyclone_dx/record/component_data.rb +46 -0
- data/lib/sbom/cyclone_dx/record/component_evidence.rb +68 -0
- data/lib/sbom/cyclone_dx/record/component_identity_evidence.rb +36 -0
- data/lib/sbom/cyclone_dx/record/composition.rb +33 -0
- data/lib/sbom/cyclone_dx/record/condition.rb +20 -0
- data/lib/sbom/cyclone_dx/record/copyright.rb +16 -0
- data/lib/sbom/cyclone_dx/record/crypto_properties.rb +137 -0
- data/lib/sbom/cyclone_dx/record/data_governance.rb +21 -0
- data/lib/sbom/cyclone_dx/record/data_governance_responsible_party.rb +22 -0
- data/lib/sbom/cyclone_dx/record/declarations.rb +193 -0
- data/lib/sbom/cyclone_dx/record/definitions.rb +17 -0
- data/lib/sbom/cyclone_dx/record/dependency.rb +21 -0
- data/lib/sbom/cyclone_dx/record/diff.rb +18 -0
- data/lib/sbom/cyclone_dx/record/energy_consumption.rb +31 -0
- data/lib/sbom/cyclone_dx/record/energy_measure.rb +18 -0
- data/lib/sbom/cyclone_dx/record/energy_provider.rb +31 -0
- data/lib/sbom/cyclone_dx/record/environmental_consideration.rb +20 -0
- data/lib/sbom/cyclone_dx/record/event.rb +31 -0
- data/lib/sbom/cyclone_dx/record/external_reference.rb +25 -0
- data/lib/sbom/cyclone_dx/record/fairness_assessment.rb +22 -0
- data/lib/sbom/cyclone_dx/record/formula.rb +29 -0
- data/lib/sbom/cyclone_dx/record/graphic.rb +19 -0
- data/lib/sbom/cyclone_dx/record/graphics_collection.rb +19 -0
- data/lib/sbom/cyclone_dx/record/hash_data.rb +18 -0
- data/lib/sbom/cyclone_dx/record/identifiable_action.rb +21 -0
- data/lib/sbom/cyclone_dx/record/input.rb +34 -0
- data/lib/sbom/cyclone_dx/record/input_output_ml_parameter.rb +17 -0
- data/lib/sbom/cyclone_dx/record/issue.rb +36 -0
- data/lib/sbom/cyclone_dx/record/license.rb +90 -0
- data/lib/sbom/cyclone_dx/record/license_choice.rb +35 -0
- data/lib/sbom/cyclone_dx/record/metadata.rb +55 -0
- data/lib/sbom/cyclone_dx/record/model_card.rb +89 -0
- data/lib/sbom/cyclone_dx/record/note.rb +20 -0
- data/lib/sbom/cyclone_dx/record/organizational_contact.rb +26 -0
- data/lib/sbom/cyclone_dx/record/organizational_entity.rb +28 -0
- data/lib/sbom/cyclone_dx/record/output.rb +34 -0
- data/lib/sbom/cyclone_dx/record/parameter.rb +20 -0
- data/lib/sbom/cyclone_dx/record/patch.rb +23 -0
- data/lib/sbom/cyclone_dx/record/performance_metric.rb +30 -0
- data/lib/sbom/cyclone_dx/record/postal_address.rb +34 -0
- data/lib/sbom/cyclone_dx/record/property.rb +18 -0
- data/lib/sbom/cyclone_dx/record/rating.rb +27 -0
- data/lib/sbom/cyclone_dx/record/release_notes.rb +44 -0
- data/lib/sbom/cyclone_dx/record/resource_reference_choice.rb +22 -0
- data/lib/sbom/cyclone_dx/record/risk.rb +18 -0
- data/lib/sbom/cyclone_dx/record/root.rb +63 -0
- data/lib/sbom/cyclone_dx/record/secured_by.rb +20 -0
- data/lib/sbom/cyclone_dx/record/service.rb +54 -0
- data/lib/sbom/cyclone_dx/record/service_data.rb +32 -0
- data/lib/sbom/cyclone_dx/record/signature.rb +85 -0
- data/lib/sbom/cyclone_dx/record/standard.rb +72 -0
- data/lib/sbom/cyclone_dx/record/step.rb +24 -0
- data/lib/sbom/cyclone_dx/record/swid.rb +29 -0
- data/lib/sbom/cyclone_dx/record/task.rb +56 -0
- data/lib/sbom/cyclone_dx/record/tools.rb +20 -0
- data/lib/sbom/cyclone_dx/record/trigger.rb +48 -0
- data/lib/sbom/cyclone_dx/record/version.rb +24 -0
- data/lib/sbom/cyclone_dx/record/volume.rb +33 -0
- data/lib/sbom/cyclone_dx/record/vulnerability.rb +119 -0
- data/lib/sbom/cyclone_dx/record/vulnerability_source.rb +20 -0
- data/lib/sbom/cyclone_dx/record/workflow.rb +59 -0
- data/lib/sbom/cyclone_dx/record/workspace.rb +45 -0
- data/lib/sbom/cyclone_dx/record.rb +12 -0
- data/lib/sbom/cyclone_dx/validator/array_validator.rb +66 -0
- data/lib/sbom/cyclone_dx/validator/base_validator.rb +43 -0
- data/lib/sbom/cyclone_dx/validator/boolean_validator.rb +16 -0
- data/lib/sbom/cyclone_dx/validator/date_time_validator.rb +29 -0
- data/lib/sbom/cyclone_dx/validator/email_address_validator.rb +31 -0
- data/lib/sbom/cyclone_dx/validator/float_validator.rb +30 -0
- data/lib/sbom/cyclone_dx/validator/integer_validator.rb +30 -0
- data/lib/sbom/cyclone_dx/validator/record_validator.rb +26 -0
- data/lib/sbom/cyclone_dx/validator/string_validator.rb +33 -0
- data/lib/sbom/cyclone_dx/validator/union_validator.rb +39 -0
- data/lib/sbom/cyclone_dx/validator/uri_validator.rb +32 -0
- data/lib/sbom/cyclone_dx/validator.rb +32 -0
- data/lib/sbom/cyclone_dx/version.rb +7 -0
- data/lib/sbom/cyclone_dx.rb +39 -0
- data/rbs_collection.lock.yaml +288 -0
- data/rbs_collection.yaml +31 -0
- data/sbom-cyclone_dx.gemspec +32 -0
- data/sig/email_address_extension.rbs +14 -0
- data/sig/sbom/cyclone_dx/enum.rbs +93 -0
- data/sig/sbom/cyclone_dx/field.rbs +434 -0
- data/sig/sbom/cyclone_dx/pattern.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/advisory.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/annotation.rbs +63 -0
- data/sig/sbom/cyclone_dx/record/attachment.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/base.rbs +62 -0
- data/sig/sbom/cyclone_dx/record/cipher_suite.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/co2_measure.rbs +14 -0
- data/sig/sbom/cyclone_dx/record/command.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/commit.rbs +34 -0
- data/sig/sbom/cyclone_dx/record/component.rbs +203 -0
- data/sig/sbom/cyclone_dx/record/component_data.rbs +73 -0
- data/sig/sbom/cyclone_dx/record/component_evidence.rbs +115 -0
- data/sig/sbom/cyclone_dx/record/component_identity_evidence.rbs +53 -0
- data/sig/sbom/cyclone_dx/record/composition.rbs +39 -0
- data/sig/sbom/cyclone_dx/record/condition.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/copyright.rbs +14 -0
- data/sig/sbom/cyclone_dx/record/crypto_properties.rbs +268 -0
- data/sig/sbom/cyclone_dx/record/data_governance.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/data_governance_responsible_party.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/declarations.rbs +352 -0
- data/sig/sbom/cyclone_dx/record/definitions.rbs +14 -0
- data/sig/sbom/cyclone_dx/record/dependency.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/diff.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/energy_consumption.rbs +39 -0
- data/sig/sbom/cyclone_dx/record/energy_measure.rbs +14 -0
- data/sig/sbom/cyclone_dx/record/energy_provider.rbs +39 -0
- data/sig/sbom/cyclone_dx/record/environmental_consideration.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/event.rbs +44 -0
- data/sig/sbom/cyclone_dx/record/external_reference.rbs +29 -0
- data/sig/sbom/cyclone_dx/record/fairness_assessment.rbs +29 -0
- data/sig/sbom/cyclone_dx/record/formula.rbs +34 -0
- data/sig/sbom/cyclone_dx/record/graphic.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/graphics_collection.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/hash_data.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/identifiable_action.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/input.rbs +44 -0
- data/sig/sbom/cyclone_dx/record/input_output_ml_parameter.rbs +14 -0
- data/sig/sbom/cyclone_dx/record/issue.rbs +53 -0
- data/sig/sbom/cyclone_dx/record/license.rbs +134 -0
- data/sig/sbom/cyclone_dx/record/license_choice.rbs +39 -0
- data/sig/sbom/cyclone_dx/record/metadata.rbs +82 -0
- data/sig/sbom/cyclone_dx/record/model_card.rbs +143 -0
- data/sig/sbom/cyclone_dx/record/note.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/organizational_contact.rbs +29 -0
- data/sig/sbom/cyclone_dx/record/organizational_entity.rbs +34 -0
- data/sig/sbom/cyclone_dx/record/output.rbs +44 -0
- data/sig/sbom/cyclone_dx/record/parameter.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/patch.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/performance_metric.rbs +43 -0
- data/sig/sbom/cyclone_dx/record/postal_address.rbs +44 -0
- data/sig/sbom/cyclone_dx/record/property.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/rating.rbs +39 -0
- data/sig/sbom/cyclone_dx/record/release_notes.rbs +64 -0
- data/sig/sbom/cyclone_dx/record/resource_reference_choice.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/risk.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/root.rbs +84 -0
- data/sig/sbom/cyclone_dx/record/secured_by.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/service.rbs +99 -0
- data/sig/sbom/cyclone_dx/record/service_data.rbs +44 -0
- data/sig/sbom/cyclone_dx/record/signature.rbs +130 -0
- data/sig/sbom/cyclone_dx/record/standard.rbs +132 -0
- data/sig/sbom/cyclone_dx/record/step.rbs +29 -0
- data/sig/sbom/cyclone_dx/record/swid.rbs +44 -0
- data/sig/sbom/cyclone_dx/record/task.rbs +84 -0
- data/sig/sbom/cyclone_dx/record/tools.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/trigger.rbs +69 -0
- data/sig/sbom/cyclone_dx/record/version.rbs +24 -0
- data/sig/sbom/cyclone_dx/record/volume.rbs +49 -0
- data/sig/sbom/cyclone_dx/record/vulnerability.rbs +209 -0
- data/sig/sbom/cyclone_dx/record/vulnerability_source.rbs +19 -0
- data/sig/sbom/cyclone_dx/record/workflow.rbs +94 -0
- data/sig/sbom/cyclone_dx/record/workspace.rbs +69 -0
- data/sig/sbom/cyclone_dx/record.rbs +161 -0
- data/sig/sbom/cyclone_dx/type.rbs +16 -0
- data/sig/sbom/cyclone_dx/validator/array_validator.rbs +31 -0
- data/sig/sbom/cyclone_dx/validator/base_validator.rbs +21 -0
- data/sig/sbom/cyclone_dx/validator/boolean_validator.rbs +9 -0
- data/sig/sbom/cyclone_dx/validator/date_time_validator.rbs +10 -0
- data/sig/sbom/cyclone_dx/validator/email_address_validator.rbs +10 -0
- data/sig/sbom/cyclone_dx/validator/float_validator.rbs +12 -0
- data/sig/sbom/cyclone_dx/validator/integer_validator.rbs +12 -0
- data/sig/sbom/cyclone_dx/validator/record_validator.rbs +12 -0
- data/sig/sbom/cyclone_dx/validator/string_validator.rbs +14 -0
- data/sig/sbom/cyclone_dx/validator/union_validator.rbs +24 -0
- data/sig/sbom/cyclone_dx/validator/uri_validator.rbs +10 -0
- data/sig/sbom/cyclone_dx/validator.rbs +66 -0
- data/sig/sbom/cyclone_dx.rbs +13 -0
- data/sig/types.rbs +45 -0
- data/spec/email_address_extension_spec.rb +27 -0
- data/spec/factories/factory_helper.rb +78 -0
- data/spec/factories/record/advisory_factory.rb +11 -0
- data/spec/factories/record/annotation_factory.rb +63 -0
- data/spec/factories/record/attachment_factory.rb +9 -0
- data/spec/factories/record/cipher_suite_factory.rb +26 -0
- data/spec/factories/record/co2_measure_factory.rb +9 -0
- data/spec/factories/record/command_factory.rb +10 -0
- data/spec/factories/record/commit_factory.rb +13 -0
- data/spec/factories/record/component_data_factory.rb +28 -0
- data/spec/factories/record/component_evidence_factory.rb +44 -0
- data/spec/factories/record/component_factory.rb +102 -0
- data/spec/factories/record/component_identity_evidence_factory.rb +25 -0
- data/spec/factories/record/composition_factory.rb +20 -0
- data/spec/factories/record/condition_factory.rb +11 -0
- data/spec/factories/record/copyright_factory.rb +9 -0
- data/spec/factories/record/crypto_properties_factory.rb +191 -0
- data/spec/factories/record/data_governance_factory.rb +11 -0
- data/spec/factories/record/data_governance_responsible_party_factory.rb +31 -0
- data/spec/factories/record/declarations_factory.rb +145 -0
- data/spec/factories/record/definitions_factory.rb +9 -0
- data/spec/factories/record/dependency_factory.rb +12 -0
- data/spec/factories/record/diff_factory.rb +24 -0
- data/spec/factories/record/energy_consumption_factory.rb +15 -0
- data/spec/factories/record/energy_measure_factory.rb +9 -0
- data/spec/factories/record/energy_provider_factory.rb +15 -0
- data/spec/factories/record/environmental_consideration_factory.rb +10 -0
- data/spec/factories/record/event_factory.rb +15 -0
- data/spec/factories/record/external_reference_factory.rb +13 -0
- data/spec/factories/record/fairness_assessment_factory.rb +12 -0
- data/spec/factories/record/formula_factory.rb +13 -0
- data/spec/factories/record/graphic_factory.rb +10 -0
- data/spec/factories/record/graphics_collection_factory.rb +10 -0
- data/spec/factories/record/hash_data_factory.rb +10 -0
- data/spec/factories/record/identifiable_action_factory.rb +11 -0
- data/spec/factories/record/input_factory.rb +36 -0
- data/spec/factories/record/input_output_ml_parameter_factory.rb +9 -0
- data/spec/factories/record/issue_factory.rb +22 -0
- data/spec/factories/record/license_choice_factory.rb +23 -0
- data/spec/factories/record/license_factory.rb +99 -0
- data/spec/factories/record/metadata_factory.rb +38 -0
- data/spec/factories/record/model_card_factory.rb +59 -0
- data/spec/factories/record/note_factory.rb +11 -0
- data/spec/factories/record/organizational_contact_factory.rb +12 -0
- data/spec/factories/record/organizational_entity_factory.rb +13 -0
- data/spec/factories/record/output_factory.rb +32 -0
- data/spec/factories/record/parameter_factory.rb +11 -0
- data/spec/factories/record/patch_factory.rb +12 -0
- data/spec/factories/record/performance_metric_factory.rb +20 -0
- data/spec/factories/record/postal_address_factory.rb +14 -0
- data/spec/factories/record/property_factory.rb +11 -0
- data/spec/factories/record/rating_factory.rb +14 -0
- data/spec/factories/record/release_notes_factory.rb +20 -0
- data/spec/factories/record/resource_reference_choice_factory.rb +27 -0
- data/spec/factories/record/risk_factory.rb +10 -0
- data/spec/factories/record/root_factory.rb +23 -0
- data/spec/factories/record/secured_by_factory.rb +10 -0
- data/spec/factories/record/service_data_factory.rb +16 -0
- data/spec/factories/record/service_factory.rb +27 -0
- data/spec/factories/record/signature_factory.rb +50 -0
- data/spec/factories/record/standard_factory.rb +37 -0
- data/spec/factories/record/step_factory.rb +12 -0
- data/spec/factories/record/swid_factory.rb +16 -0
- data/spec/factories/record/task_factory.rb +24 -0
- data/spec/factories/record/tools_factory.rb +10 -0
- data/spec/factories/record/trigger_factory.rb +21 -0
- data/spec/factories/record/version_factory.rb +19 -0
- data/spec/factories/record/volume_factory.rb +16 -0
- data/spec/factories/record/vulnerability_factory.rb +70 -0
- data/spec/factories/record/vulnerability_source_factory.rb +10 -0
- data/spec/factories/record/workflow_factory.rb +26 -0
- data/spec/factories/record/workspace_factory.rb +21 -0
- data/spec/factories/record_factory.rb +159 -0
- data/spec/fixtures/cipher_info.yml +948 -0
- data/spec/fixtures/purl_data.yml +0 -0
- data/spec/sbom/cyclone_dx/enum_spec.rb +30 -0
- data/spec/sbom/cyclone_dx/field_spec.rb +104 -0
- data/spec/sbom/cyclone_dx/pattern_spec.rb +18 -0
- data/spec/sbom/cyclone_dx/record/advisory_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/annotation_spec.rb +31 -0
- data/spec/sbom/cyclone_dx/record/attachment_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/base_spec.rb +363 -0
- data/spec/sbom/cyclone_dx/record/cipher_suite_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/co2_measure_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/command_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/commit_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/component_data_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/component_evidence_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/component_identity_evidence_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/component_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/composition_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/condition_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/copyright_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/crypto_properties_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/data_governance_responsible_party_spec.rb +19 -0
- data/spec/sbom/cyclone_dx/record/data_governance_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/declarations_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/definitions_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/dependency_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/diff_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/energy_consumption_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/energy_measure_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/energy_provider_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/environmental_consideration_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/event_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/external_reference_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/fairness_assessment_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/formula_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/graphic_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/graphics_collection_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/hash_data_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/identifiable_action_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/input_output_ml_parameter_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/input_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/issue_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/license_choice_spec.rb +26 -0
- data/spec/sbom/cyclone_dx/record/license_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/metadata_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/model_card_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/note_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/organizational_contact_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/organizational_entity_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/output_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/parameter_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/patch_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/performance_metric_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/postal_address_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/property_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/rating_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/release_notes_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/resource_reference_choice_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/risk_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/root_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/secured_by_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/service_data_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/service_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/signature_spec.rb +26 -0
- data/spec/sbom/cyclone_dx/record/standard_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/step_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/swid_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/task_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/tools_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/trigger_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/version_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/volume_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/vulnerability_source_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/vulnerability_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/workflow_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record/workspace_spec.rb +14 -0
- data/spec/sbom/cyclone_dx/record_spec.rb +7 -0
- data/spec/sbom/cyclone_dx/validator/array_validator_spec.rb +184 -0
- data/spec/sbom/cyclone_dx/validator/base_validator_spec.rb +71 -0
- data/spec/sbom/cyclone_dx/validator/boolean_validator_spec.rb +26 -0
- data/spec/sbom/cyclone_dx/validator/date_time_validator_spec.rb +28 -0
- data/spec/sbom/cyclone_dx/validator/email_address_validator_spec.rb +23 -0
- data/spec/sbom/cyclone_dx/validator/float_validator_spec.rb +71 -0
- data/spec/sbom/cyclone_dx/validator/integer_validator_spec.rb +71 -0
- data/spec/sbom/cyclone_dx/validator/record_validator_spec.rb +35 -0
- data/spec/sbom/cyclone_dx/validator/string_validator_spec.rb +94 -0
- data/spec/sbom/cyclone_dx/validator/union_validator_spec.rb +65 -0
- data/spec/sbom/cyclone_dx/validator/uri_validator_spec.rb +21 -0
- data/spec/sbom/cyclone_dx/validator_spec.rb +38 -0
- data/spec/sbom/cyclone_dx/version_spec.rb +9 -0
- data/spec/sbom/cyclone_dx_spec.rb +7 -0
- data/spec/spec_helper.rb +39 -0
- metadata +377 -6
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Type
|
|
4
|
+
module Boolean
|
|
5
|
+
end
|
|
6
|
+
|
|
7
|
+
class Union
|
|
8
|
+
@types: Array[fieldTypeLabel]
|
|
9
|
+
|
|
10
|
+
def self.[]: [T < fieldTypeLabel] (*T) -> instance
|
|
11
|
+
|
|
12
|
+
private def initialize: [T < fieldTypeLabel] (*T) -> void
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
class ArrayValidator < BaseValidator[::Array[fieldValue]]
|
|
5
|
+
type itemsValidator = ^(untyped) -> Array[String]
|
|
6
|
+
type validSingleTypeLabel =
|
|
7
|
+
:boolean
|
|
8
|
+
| :date_time
|
|
9
|
+
| :email_address
|
|
10
|
+
| :float
|
|
11
|
+
| :integer
|
|
12
|
+
| singleton(SBOM::CycloneDX::Record::Base)
|
|
13
|
+
| :string
|
|
14
|
+
| :uri
|
|
15
|
+
|
|
16
|
+
@items_validator: BaseValidator[fieldValue]
|
|
17
|
+
@unique: bool
|
|
18
|
+
|
|
19
|
+
def initialize: (
|
|
20
|
+
items: itemsValidator | validSingleTypeLabel | Validator::arrayItemValidatorParams,
|
|
21
|
+
?unique: bool,
|
|
22
|
+
?required: bool
|
|
23
|
+
) -> void
|
|
24
|
+
|
|
25
|
+
def valid?: (untyped) -> bool
|
|
26
|
+
private def validator_method: (SBOM::CycloneDX::Validator::BaseValidator[untyped]) -> ^(untyped) -> Array[String]
|
|
27
|
+
private def proc_validator: (^(untyped) -> (bool | Array[untyped] | String)) -> ^(untyped) -> Array[String]
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
class BaseValidator[in T < fieldValue]
|
|
5
|
+
MISSING_REQUIRED: String
|
|
6
|
+
INVALID_TYPE: String
|
|
7
|
+
|
|
8
|
+
@types: Array[fieldType]
|
|
9
|
+
@required: bool
|
|
10
|
+
@errors: Array[String]
|
|
11
|
+
|
|
12
|
+
def initialize: (*fieldType, ?required: bool) -> void
|
|
13
|
+
def valid?: (untyped) -> bool
|
|
14
|
+
def validate: (untyped) -> Array[String]
|
|
15
|
+
def required?: () -> bool
|
|
16
|
+
def const?: () -> bool
|
|
17
|
+
def raw_types: () -> Array[fieldType]
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
class FloatValidator < BaseValidator[Float]
|
|
5
|
+
@range: Range[number?]
|
|
6
|
+
|
|
7
|
+
def initialize: (?maximum: number?, ?minimum: number?, ?required: bool) -> void
|
|
8
|
+
def valid?: (untyped) -> bool
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
class IntegerValidator < BaseValidator[Integer]
|
|
5
|
+
@range: Range[number?]
|
|
6
|
+
|
|
7
|
+
def initialize: (?maximum: number?, ?minimum: number?, ?required: bool) -> void
|
|
8
|
+
def valid?: (untyped) -> bool
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
class RecordValidator < BaseValidator[Record::Base]
|
|
5
|
+
@record_type: singleton(SBOM::CycloneDX::Record::Base)
|
|
6
|
+
|
|
7
|
+
def initialize: (type: singleton(SBOM::CycloneDX::Record::Base), ?required: bool) -> void
|
|
8
|
+
def valid?: (untyped) -> bool
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
end
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
class StringValidator < BaseValidator[String]
|
|
5
|
+
@enum: Array[String]?
|
|
6
|
+
@length_range: Range[Integer?]
|
|
7
|
+
@pattern: Regexp
|
|
8
|
+
|
|
9
|
+
def initialize: (?enum: Array[String]?, ?max_length: Integer?, ?min_length: Integer?, ?pattern: Regexp, ?required: bool) -> void
|
|
10
|
+
def valid?: (untyped) -> bool
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
class UnionValidator < BaseValidator[fieldValue]
|
|
5
|
+
type unionableValidatorParams =
|
|
6
|
+
fieldTypeLabel
|
|
7
|
+
| [:array, arrayValidatorParams]
|
|
8
|
+
| [:boolean, booleanValidatorParams]
|
|
9
|
+
| [:date_time, dateTimeValidatorParams]
|
|
10
|
+
| [:email_address, emailAddressValidatorParams]
|
|
11
|
+
| [:float, floatValidatorParams]
|
|
12
|
+
| [:integer, integerValidatorParams]
|
|
13
|
+
| [singleton(SBOM::CycloneDX::Record::Base), recordValidatorParams]
|
|
14
|
+
| [:string, stringValidatorParams]
|
|
15
|
+
| [:uri, uriValidatorParams]
|
|
16
|
+
|
|
17
|
+
@nested_validators: Array[BaseValidator[untyped]]
|
|
18
|
+
|
|
19
|
+
def initialize: (of: Array[unionableValidatorParams], ?required: bool) -> void
|
|
20
|
+
def valid?: (untyped) -> bool
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
module Validator
|
|
4
|
+
type anyValidator =
|
|
5
|
+
ArrayValidator
|
|
6
|
+
| BooleanValidator
|
|
7
|
+
| DateTimeValidator
|
|
8
|
+
| EmailAddressValidator
|
|
9
|
+
| FloatValidator
|
|
10
|
+
| IntegerValidator
|
|
11
|
+
| RecordValidator
|
|
12
|
+
| StringValidator
|
|
13
|
+
| UnionValidator
|
|
14
|
+
| URIValidator
|
|
15
|
+
|
|
16
|
+
type arrayValidatorParams = { items: ^(untyped) -> bool | fieldTypeLabel | arrayItemValidatorParams, ?unique: bool, ?required: bool }
|
|
17
|
+
type booleanValidatorParams = { ?required: bool }
|
|
18
|
+
type dateTimeValidatorParams = { ?required: bool }
|
|
19
|
+
type emailAddressValidatorParams = { ?required: bool }
|
|
20
|
+
type floatValidatorParams = { ?maximum: number?, ?minimum: number, ?required: bool }
|
|
21
|
+
type integerValidatorParams = { ?maximum: Integer, ?minimum: Integer, ?required: bool }
|
|
22
|
+
type recordValidatorParams = { type: singleton(SBOM::CycloneDX::Record::Base), ?required: bool }
|
|
23
|
+
type stringValidatorParams = { ?enum: Array[String], ?max_length: Integer?, ?min_length: Integer?, ?pattern: Regexp, ?required: bool }
|
|
24
|
+
type unionValidatorParams = { of: Array[UnionValidator::unionableValidatorParams], ?required: bool }
|
|
25
|
+
type uriValidatorParams = { ?required: bool }
|
|
26
|
+
type anyValidatorParams =
|
|
27
|
+
arrayValidatorParams
|
|
28
|
+
| booleanValidatorParams
|
|
29
|
+
| dateTimeValidatorParams
|
|
30
|
+
| emailAddressValidatorParams
|
|
31
|
+
| floatValidatorParams
|
|
32
|
+
| integerValidatorParams
|
|
33
|
+
| recordValidatorParams
|
|
34
|
+
| stringValidatorParams
|
|
35
|
+
| unionValidatorParams
|
|
36
|
+
| uriValidatorParams
|
|
37
|
+
|
|
38
|
+
type arrayItemValidatorParams =
|
|
39
|
+
[:array, arrayValidatorParams]
|
|
40
|
+
| [:boolean, booleanValidatorParams]
|
|
41
|
+
| [:date_time, dateTimeValidatorParams]
|
|
42
|
+
| [:email_address, emailAddressValidatorParams]
|
|
43
|
+
| [:float, floatValidatorParams]
|
|
44
|
+
| [:integer, integerValidatorParams]
|
|
45
|
+
| [singleton(SBOM::CycloneDX::Record::Base), recordValidatorParams]
|
|
46
|
+
| [:string, stringValidatorParams]
|
|
47
|
+
| [:union, unionValidatorParams]
|
|
48
|
+
| [:uri, uriValidatorParams]
|
|
49
|
+
|
|
50
|
+
SIMPLE_TYPES: [:array, :boolean, :date_time, :email_address, :float, :integer, :string, :uri]
|
|
51
|
+
|
|
52
|
+
def self.for:
|
|
53
|
+
(:array type, **untyped) -> ArrayValidator
|
|
54
|
+
| (:boolean type, **untyped) -> BooleanValidator
|
|
55
|
+
| (:date_time type, **untyped) -> DateTimeValidator
|
|
56
|
+
| (:email_address type, **untyped) -> EmailAddressValidator
|
|
57
|
+
| (:float type, **untyped) -> FloatValidator
|
|
58
|
+
| (:integer type, **untyped) -> IntegerValidator
|
|
59
|
+
| (singleton(SBOM::CycloneDX::Record::Base) type, **untyped) -> RecordValidator
|
|
60
|
+
| (:string type, **untyped) -> StringValidator
|
|
61
|
+
| (:union type, **untyped) -> UnionValidator
|
|
62
|
+
| (:uri type, **untyped) -> URIValidator
|
|
63
|
+
| (fieldTypeLabel type, **untyped) -> BaseValidator[untyped]
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
end
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
module SBOM
|
|
2
|
+
module CycloneDX
|
|
3
|
+
VERSION: String
|
|
4
|
+
|
|
5
|
+
class Error < StandardError
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def self.create: (Hash[String | Symbol, fieldValue]) -> Record::Root
|
|
9
|
+
def self.load: (File) -> Record::Root
|
|
10
|
+
def self.parse: (String) -> Record::Root
|
|
11
|
+
def self.json_create: (::Hash[String | Symbol, untyped]) -> Record::Root
|
|
12
|
+
end
|
|
13
|
+
end
|
data/sig/types.rbs
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
type dateTime = DateTime | Time | String
|
|
2
|
+
type emailAddress = EmailAddress::Address | String
|
|
3
|
+
type number = Integer | Float
|
|
4
|
+
type uri = URI::Generic | String
|
|
5
|
+
type fieldValue =
|
|
6
|
+
bool
|
|
7
|
+
| dateTime
|
|
8
|
+
| emailAddress
|
|
9
|
+
| Float
|
|
10
|
+
| Integer
|
|
11
|
+
| SBOM::CycloneDX::Record::Base
|
|
12
|
+
| String
|
|
13
|
+
| URI::Generic
|
|
14
|
+
| nil
|
|
15
|
+
| Array[fieldValue]
|
|
16
|
+
type fieldTypeLabel =
|
|
17
|
+
:array
|
|
18
|
+
| :boolean
|
|
19
|
+
| :date_time
|
|
20
|
+
| :email_address
|
|
21
|
+
| :float
|
|
22
|
+
| :integer
|
|
23
|
+
| singleton(SBOM::CycloneDX::Record::Base)
|
|
24
|
+
| :string
|
|
25
|
+
| :union
|
|
26
|
+
| :uri
|
|
27
|
+
type fieldType = Class & (
|
|
28
|
+
singleton(Array)
|
|
29
|
+
| singleton(TrueClass)
|
|
30
|
+
| singleton(FalseClass)
|
|
31
|
+
| singleton(DateTime)
|
|
32
|
+
| singleton(Time)
|
|
33
|
+
| singleton(EmailAddress::Address)
|
|
34
|
+
| singleton(Float)
|
|
35
|
+
| singleton(Integer)
|
|
36
|
+
| singleton(String)
|
|
37
|
+
| singleton(URI::Generic)
|
|
38
|
+
| singleton(SBOM::CycloneDX::Record::Base)
|
|
39
|
+
)
|
|
40
|
+
|
|
41
|
+
type jsonObject = Float | Integer | String | bool | Array[jsonObject] | Hash[String, jsonObject] | nil
|
|
42
|
+
|
|
43
|
+
# Steep can't find this for some raeason
|
|
44
|
+
class Date::Error < Exception
|
|
45
|
+
end
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "spec_helper"
|
|
4
|
+
require "email_address_extension"
|
|
5
|
+
|
|
6
|
+
describe EmailAddressExtension do
|
|
7
|
+
let(:email_address_string) { Faker::Internet.email }
|
|
8
|
+
let(:email_address) { EmailAddress.new(email_address_string) }
|
|
9
|
+
|
|
10
|
+
it "disables dns lookup" do
|
|
11
|
+
expect(email_address.host.dns_enabled?).to be false
|
|
12
|
+
expect(email_address.host.config[:dns_lookup]).to eq(:off)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
it "disables host validation" do
|
|
16
|
+
expect(email_address.host.dns_enabled?).to be false
|
|
17
|
+
expect(email_address.host.config[:host_validation]).to eq(:syntax)
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
it "aliases #as_json to #to_s" do
|
|
21
|
+
expect(email_address.as_json).to eq(email_address_string)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
it "aliases #to_json to #to_s" do
|
|
25
|
+
expect(email_address.to_json).to eq(email_address_string)
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "faker"
|
|
4
|
+
|
|
5
|
+
module FactoryHelper
|
|
6
|
+
SEQUENCE_GENERATORS = {
|
|
7
|
+
# Generators for data not available through Faker, mostly matching Pattern:: constants
|
|
8
|
+
cdx_urn_fragment: ->(n) { "fragment-#{n}" },
|
|
9
|
+
cdx_bom_version: ->(n) { (n + 1).to_s },
|
|
10
|
+
cdx_urn_nss: ->(n) { "#{SecureRandom.uuid}/#{use_generator(:cdx_bom_version, n)}" },
|
|
11
|
+
cdx_urn_assigned_name: ->(n) { "urn:cdx:#{use_generator(:cdx_urn_nss, n)}" },
|
|
12
|
+
cdx_urn_with_fragment: lambda do |n|
|
|
13
|
+
"#{use_generator(:cdx_urn_assigned_name, n)}##{use_generator(:cdx_urn_fragment, n)}"
|
|
14
|
+
end,
|
|
15
|
+
cdx_urn: lambda do |n|
|
|
16
|
+
next use_generator(:cdx_urn_assigned_name, n) if Faker::Boolean.boolean
|
|
17
|
+
|
|
18
|
+
use_generator(:cdx_urn_with_fragment, n)
|
|
19
|
+
end,
|
|
20
|
+
bom_serial_number: ->(_) { "urn:uuid:#{SecureRandom.uuid}" },
|
|
21
|
+
ref_link: ->(n) { "ref-link-#{n}" },
|
|
22
|
+
ref_or_cdx_urn: lambda do |n|
|
|
23
|
+
Faker::Boolean.boolean ? use_generator(:ref_link, n) : use_generator(:cdx_urn_with_fragment, n)
|
|
24
|
+
end,
|
|
25
|
+
hash_value: ->(_) { SecureRandom.hex([32, 40, 64, 96, 128].sample) },
|
|
26
|
+
locale: ->(_) { I18n.available_locales.sample.to_s },
|
|
27
|
+
mime_type: ->(_) { Faker::File.mime_type },
|
|
28
|
+
open_cre: ->(_) { "CRE:#{rand(1..100)}-#{rand(1..100)}" },
|
|
29
|
+
content_type: lambda do |n|
|
|
30
|
+
mime_type = use_generator(:mime_type, n)
|
|
31
|
+
next mime_type if Faker::Boolean.boolean
|
|
32
|
+
|
|
33
|
+
"#{mime_type}; #{Faker::Lorem.word.downcase}=#{Faker::Lorem.word.downcase}-#{n}"
|
|
34
|
+
end,
|
|
35
|
+
url: lambda do |_|
|
|
36
|
+
gen_url = Faker::Internet.url
|
|
37
|
+
next gen_url if Faker::Boolean.boolean
|
|
38
|
+
|
|
39
|
+
URI.parse(gen_url)
|
|
40
|
+
end,
|
|
41
|
+
email: lambda do |_|
|
|
42
|
+
gen_email = Faker::Internet.email
|
|
43
|
+
next gen_email if Faker::Boolean.boolean
|
|
44
|
+
|
|
45
|
+
EmailAddress::Address.new(gen_email)
|
|
46
|
+
end
|
|
47
|
+
}.freeze
|
|
48
|
+
|
|
49
|
+
SEQUENCE_GENERATORS.each do |name, generator|
|
|
50
|
+
FactoryBot::Internal.register_sequence(FactoryBot::Sequence.new(name, &generator))
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def self.use_generator(name, n) # rubocop:disable Naming/MethodParameterName
|
|
54
|
+
SEQUENCE_GENERATORS.fetch(name).call(n)
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def generate_association(factories, *args, **kwargs)
|
|
58
|
+
association(factories.sample, *args, **kwargs)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def association_list(factory, count = nil, *args, **kwargs)
|
|
62
|
+
Array.new(count || rand(1..2)) { generate_association(Array(factory), *args, **kwargs) }
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def generate_license_choice(*args, **kwargs)
|
|
66
|
+
generate_association(%i[license_expression wrapped_license], *args, **kwargs)
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def license_choice_list(count = nil, *args, **kwargs)
|
|
70
|
+
association_list(%i[license_expression wrapped_license], count, *args, **kwargs)
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def generate_signature(*args, **kwargs)
|
|
74
|
+
generate_association(%i[jsf_signature signature_chain signer_list], *args, **kwargs)
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
FactoryBot::Evaluator.prepend(FactoryHelper)
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
FactoryBot.define do
|
|
4
|
+
factory :annotation, parent: :record, class: "SBOM::CycloneDX::Record::Annotation" do
|
|
5
|
+
subjects { Array.new(rand(1..4)) { generate(:ref_or_cdx_urn) } }
|
|
6
|
+
annotator
|
|
7
|
+
timestamp { Faker::Time.backward(days: 367) }
|
|
8
|
+
text { Faker::Lorem.sentence }
|
|
9
|
+
|
|
10
|
+
trait :all_fields do
|
|
11
|
+
bom_ref { generate(:ref_link) }
|
|
12
|
+
annotator
|
|
13
|
+
signature { generate_signature }
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
factory :annotator, parent: :record, class: "SBOM::CycloneDX::Record::Annotation::Annotator" do
|
|
18
|
+
transient do
|
|
19
|
+
annotator_type do
|
|
20
|
+
%i[
|
|
21
|
+
organization
|
|
22
|
+
individual
|
|
23
|
+
component
|
|
24
|
+
service
|
|
25
|
+
].sample
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
trait :all_fields
|
|
30
|
+
|
|
31
|
+
trait :organization do
|
|
32
|
+
transient { annotator_type { :organization } }
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
trait :contact do
|
|
36
|
+
transient { annotator_type { :contact } }
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
trait :component do
|
|
40
|
+
transient { annotator_type { :component } }
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
trait :service do
|
|
44
|
+
transient { annotator_type { :service } }
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
organization do
|
|
48
|
+
annotator_type == :organization ? association(:organizational_entity) : nil
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
individual do
|
|
52
|
+
annotator_type == :individual ? association(:organizational_contact) : nil
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
component do
|
|
56
|
+
annotator_type == :component ? association(:component) : nil
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
service do
|
|
60
|
+
annotator_type == :service ? association(:service) : nil
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
end
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "yaml"
|
|
4
|
+
|
|
5
|
+
FactoryBot.define do
|
|
6
|
+
factory :cipher_suite, parent: :record, class: "SBOM::CycloneDX::Record::CipherSuite" do
|
|
7
|
+
transient do
|
|
8
|
+
cipher_data { @cipher_data ||= YAML.load_file("spec/fixtures/cipher_info.yml") }
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
trait :all_fields do
|
|
12
|
+
name { cipher_data.keys.sample }
|
|
13
|
+
identifiers { cipher_data[name] }
|
|
14
|
+
algorithms do
|
|
15
|
+
name.split("_")[0..-2].each_with_object([]) do |word, memo|
|
|
16
|
+
case word
|
|
17
|
+
when "WITH", "TLS", "NULL" then next
|
|
18
|
+
when /\A[0-9]+\z/ then memo << "#{memo.pop}-#{word}"
|
|
19
|
+
when /\A[A-Z]+[0-9]{2,}\z/ then memo << word.gsub(/([A-Z])([0-9])/, '\1-\2').downcase
|
|
20
|
+
else memo << word.downcase
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
FactoryBot.define do
|
|
4
|
+
factory :command, parent: :record, class: "SBOM::CycloneDX::Record::Command" do
|
|
5
|
+
trait :all_fields do
|
|
6
|
+
executed { "echo '#{Faker::Lorem.sentence}'" }
|
|
7
|
+
properties { association_list(:property) }
|
|
8
|
+
end
|
|
9
|
+
end
|
|
10
|
+
end
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
FactoryBot.define do
|
|
4
|
+
factory :commit, parent: :record, class: "SBOM::CycloneDX::Record::Commit" do
|
|
5
|
+
trait :all_fields do
|
|
6
|
+
uid { Faker::Crypto.sha1 }
|
|
7
|
+
url { generate(:url) }
|
|
8
|
+
author factory: :identifiable_action
|
|
9
|
+
committer factory: :identifiable_action
|
|
10
|
+
message { Faker::Lorem.sentence }
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "sbom/cyclone_dx/enum"
|
|
4
|
+
|
|
5
|
+
FactoryBot.define do
|
|
6
|
+
factory :component_data, parent: :record, class: "SBOM::CycloneDX::Record::ComponentData" do
|
|
7
|
+
type { SBOM::CycloneDX::Enum::COMPONENT_DATA_TYPE.sample }
|
|
8
|
+
|
|
9
|
+
trait :all_fields do
|
|
10
|
+
bom_ref { generate(:ref_link) }
|
|
11
|
+
name { Faker::Lorem.word }
|
|
12
|
+
contents factory: :content
|
|
13
|
+
classification { Faker::Lorem.word }
|
|
14
|
+
sensitive_data { Array.new(rand(1..4)) { Faker::Lorem.word } }
|
|
15
|
+
graphics factory: :graphics_collection
|
|
16
|
+
description { Faker::Lorem.sentence }
|
|
17
|
+
governance factory: :data_governance
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
factory :content, parent: :record, class: "SBOM::CycloneDX::Record::ComponentData::Content" do
|
|
22
|
+
trait :all_fields do
|
|
23
|
+
attachment
|
|
24
|
+
url { generate(:url) }
|
|
25
|
+
properties { association_list(:property) }
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
FactoryBot.define do
|
|
4
|
+
factory :component_evidence, parent: :record, class: "SBOM::CycloneDX::Record::ComponentEvidence" do
|
|
5
|
+
trait :all_fields do
|
|
6
|
+
identity { association_list(:component_identity_evidence) }
|
|
7
|
+
occurrences { association_list(:occurrence) }
|
|
8
|
+
callstack
|
|
9
|
+
licenses { license_choice_list(rand(1..3)) }
|
|
10
|
+
copyright { association_list(:copyright) }
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
factory :callstack, parent: :record, class: "SBOM::CycloneDX::Record::ComponentEvidence::Callstack" do
|
|
15
|
+
trait :all_fields do
|
|
16
|
+
frames { association_list(:frame) }
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
factory :frame, parent: :record, class: "SBOM::CycloneDX::Record::ComponentEvidence::Frame" do
|
|
21
|
+
source_module { Faker::Lorem.word }
|
|
22
|
+
|
|
23
|
+
trait :all_fields do
|
|
24
|
+
package { Faker::Lorem.word }
|
|
25
|
+
function { Faker::Lorem.word }
|
|
26
|
+
parameters { Faker::Lorem.words(number: rand(1..4)) }
|
|
27
|
+
line { rand(1..1000) }
|
|
28
|
+
column { rand(1..200) }
|
|
29
|
+
full_filename { Faker::File.file_name }
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
factory :occurrence, parent: :record, class: "SBOM::CycloneDX::Record::ComponentEvidence::Occurrence" do
|
|
34
|
+
location { Faker::File.file_name }
|
|
35
|
+
|
|
36
|
+
trait :all_fields do
|
|
37
|
+
bom_ref { generate(:ref_link) }
|
|
38
|
+
line { rand(1..1000) }
|
|
39
|
+
offset { rand(1..200) }
|
|
40
|
+
symbol { Faker::Lorem.word }
|
|
41
|
+
additional_context { Faker::Lorem.sentence }
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|