RubyGems - sbom-cyclonedx - Versions diffs - 0.1.0 → 0.2.0 - Mend

sbom-cyclonedx 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (368) hide show

checksums.yaml +4 -4
data/.gitignore +15 -0
data/.gitlab-ci.yml +49 -0
data/.rspec +3 -0
data/.rubocop.yml +72 -0
data/.vscode/settings.json +6 -0
data/CHANGELOG.md +9 -0
data/CODE_OF_CONDUCT.md +132 -0
data/Gemfile +26 -0
data/Gemfile.lock +179 -0
data/LICENSE.txt +21 -0
data/README.md +39 -0
data/Rakefile +36 -0
data/Steepfile +14 -0
data/bin/console +11 -0
data/bin/rbs_spec +9 -0
data/bin/setup +8 -0
data/bom-1.6.schema.json +7334 -0
data/lib/email_address_extension.rb +26 -0
data/lib/sbom/cyclone_dx/enum.rb +2178 -0
data/lib/sbom/cyclone_dx/field.rb +404 -0
data/lib/sbom/cyclone_dx/pattern.rb +43 -0
data/lib/sbom/cyclone_dx/record/advisory.rb +17 -0
data/lib/sbom/cyclone_dx/record/annotation.rb +46 -0
data/lib/sbom/cyclone_dx/record/attachment.rb +21 -0
data/lib/sbom/cyclone_dx/record/base.rb +244 -0
data/lib/sbom/cyclone_dx/record/cipher_suite.rb +23 -0
data/lib/sbom/cyclone_dx/record/co2_measure.rb +18 -0
data/lib/sbom/cyclone_dx/record/command.rb +18 -0
data/lib/sbom/cyclone_dx/record/commit.rb +25 -0
data/lib/sbom/cyclone_dx/record/component.rb +126 -0
data/lib/sbom/cyclone_dx/record/component_data.rb +46 -0
data/lib/sbom/cyclone_dx/record/component_evidence.rb +68 -0
data/lib/sbom/cyclone_dx/record/component_identity_evidence.rb +36 -0
data/lib/sbom/cyclone_dx/record/composition.rb +33 -0
data/lib/sbom/cyclone_dx/record/condition.rb +20 -0
data/lib/sbom/cyclone_dx/record/copyright.rb +16 -0
data/lib/sbom/cyclone_dx/record/crypto_properties.rb +137 -0
data/lib/sbom/cyclone_dx/record/data_governance.rb +21 -0
data/lib/sbom/cyclone_dx/record/data_governance_responsible_party.rb +22 -0
data/lib/sbom/cyclone_dx/record/declarations.rb +193 -0
data/lib/sbom/cyclone_dx/record/definitions.rb +17 -0
data/lib/sbom/cyclone_dx/record/dependency.rb +21 -0
data/lib/sbom/cyclone_dx/record/diff.rb +18 -0
data/lib/sbom/cyclone_dx/record/energy_consumption.rb +31 -0
data/lib/sbom/cyclone_dx/record/energy_measure.rb +18 -0
data/lib/sbom/cyclone_dx/record/energy_provider.rb +31 -0
data/lib/sbom/cyclone_dx/record/environmental_consideration.rb +20 -0
data/lib/sbom/cyclone_dx/record/event.rb +31 -0
data/lib/sbom/cyclone_dx/record/external_reference.rb +25 -0
data/lib/sbom/cyclone_dx/record/fairness_assessment.rb +22 -0
data/lib/sbom/cyclone_dx/record/formula.rb +29 -0
data/lib/sbom/cyclone_dx/record/graphic.rb +19 -0
data/lib/sbom/cyclone_dx/record/graphics_collection.rb +19 -0
data/lib/sbom/cyclone_dx/record/hash_data.rb +18 -0
data/lib/sbom/cyclone_dx/record/identifiable_action.rb +21 -0
data/lib/sbom/cyclone_dx/record/input.rb +34 -0
data/lib/sbom/cyclone_dx/record/input_output_ml_parameter.rb +17 -0
data/lib/sbom/cyclone_dx/record/issue.rb +36 -0
data/lib/sbom/cyclone_dx/record/license.rb +90 -0
data/lib/sbom/cyclone_dx/record/license_choice.rb +35 -0
data/lib/sbom/cyclone_dx/record/metadata.rb +55 -0
data/lib/sbom/cyclone_dx/record/model_card.rb +89 -0
data/lib/sbom/cyclone_dx/record/note.rb +20 -0
data/lib/sbom/cyclone_dx/record/organizational_contact.rb +26 -0
data/lib/sbom/cyclone_dx/record/organizational_entity.rb +28 -0
data/lib/sbom/cyclone_dx/record/output.rb +34 -0
data/lib/sbom/cyclone_dx/record/parameter.rb +20 -0
data/lib/sbom/cyclone_dx/record/patch.rb +23 -0
data/lib/sbom/cyclone_dx/record/performance_metric.rb +30 -0
data/lib/sbom/cyclone_dx/record/postal_address.rb +34 -0
data/lib/sbom/cyclone_dx/record/property.rb +18 -0
data/lib/sbom/cyclone_dx/record/rating.rb +27 -0
data/lib/sbom/cyclone_dx/record/release_notes.rb +44 -0
data/lib/sbom/cyclone_dx/record/resource_reference_choice.rb +22 -0
data/lib/sbom/cyclone_dx/record/risk.rb +18 -0
data/lib/sbom/cyclone_dx/record/root.rb +63 -0
data/lib/sbom/cyclone_dx/record/secured_by.rb +20 -0
data/lib/sbom/cyclone_dx/record/service.rb +54 -0
data/lib/sbom/cyclone_dx/record/service_data.rb +32 -0
data/lib/sbom/cyclone_dx/record/signature.rb +85 -0
data/lib/sbom/cyclone_dx/record/standard.rb +72 -0
data/lib/sbom/cyclone_dx/record/step.rb +24 -0
data/lib/sbom/cyclone_dx/record/swid.rb +29 -0
data/lib/sbom/cyclone_dx/record/task.rb +56 -0
data/lib/sbom/cyclone_dx/record/tools.rb +20 -0
data/lib/sbom/cyclone_dx/record/trigger.rb +48 -0
data/lib/sbom/cyclone_dx/record/version.rb +24 -0
data/lib/sbom/cyclone_dx/record/volume.rb +33 -0
data/lib/sbom/cyclone_dx/record/vulnerability.rb +119 -0
data/lib/sbom/cyclone_dx/record/vulnerability_source.rb +20 -0
data/lib/sbom/cyclone_dx/record/workflow.rb +59 -0
data/lib/sbom/cyclone_dx/record/workspace.rb +45 -0
data/lib/sbom/cyclone_dx/record.rb +12 -0
data/lib/sbom/cyclone_dx/validator/array_validator.rb +66 -0
data/lib/sbom/cyclone_dx/validator/base_validator.rb +43 -0
data/lib/sbom/cyclone_dx/validator/boolean_validator.rb +16 -0
data/lib/sbom/cyclone_dx/validator/date_time_validator.rb +29 -0
data/lib/sbom/cyclone_dx/validator/email_address_validator.rb +31 -0
data/lib/sbom/cyclone_dx/validator/float_validator.rb +30 -0
data/lib/sbom/cyclone_dx/validator/integer_validator.rb +30 -0
data/lib/sbom/cyclone_dx/validator/record_validator.rb +26 -0
data/lib/sbom/cyclone_dx/validator/string_validator.rb +33 -0
data/lib/sbom/cyclone_dx/validator/union_validator.rb +39 -0
data/lib/sbom/cyclone_dx/validator/uri_validator.rb +32 -0
data/lib/sbom/cyclone_dx/validator.rb +32 -0
data/lib/sbom/cyclone_dx/version.rb +7 -0
data/lib/sbom/cyclone_dx.rb +39 -0
data/rbs_collection.lock.yaml +288 -0
data/rbs_collection.yaml +31 -0
data/sbom-cyclone_dx.gemspec +32 -0
data/sig/email_address_extension.rbs +14 -0
data/sig/sbom/cyclone_dx/enum.rbs +93 -0
data/sig/sbom/cyclone_dx/field.rbs +434 -0
data/sig/sbom/cyclone_dx/pattern.rbs +24 -0
data/sig/sbom/cyclone_dx/record/advisory.rbs +19 -0
data/sig/sbom/cyclone_dx/record/annotation.rbs +63 -0
data/sig/sbom/cyclone_dx/record/attachment.rbs +24 -0
data/sig/sbom/cyclone_dx/record/base.rbs +62 -0
data/sig/sbom/cyclone_dx/record/cipher_suite.rbs +24 -0
data/sig/sbom/cyclone_dx/record/co2_measure.rbs +14 -0
data/sig/sbom/cyclone_dx/record/command.rbs +19 -0
data/sig/sbom/cyclone_dx/record/commit.rbs +34 -0
data/sig/sbom/cyclone_dx/record/component.rbs +203 -0
data/sig/sbom/cyclone_dx/record/component_data.rbs +73 -0
data/sig/sbom/cyclone_dx/record/component_evidence.rbs +115 -0
data/sig/sbom/cyclone_dx/record/component_identity_evidence.rbs +53 -0
data/sig/sbom/cyclone_dx/record/composition.rbs +39 -0
data/sig/sbom/cyclone_dx/record/condition.rbs +24 -0
data/sig/sbom/cyclone_dx/record/copyright.rbs +14 -0
data/sig/sbom/cyclone_dx/record/crypto_properties.rbs +268 -0
data/sig/sbom/cyclone_dx/record/data_governance.rbs +24 -0
data/sig/sbom/cyclone_dx/record/data_governance_responsible_party.rbs +19 -0
data/sig/sbom/cyclone_dx/record/declarations.rbs +352 -0
data/sig/sbom/cyclone_dx/record/definitions.rbs +14 -0
data/sig/sbom/cyclone_dx/record/dependency.rbs +24 -0
data/sig/sbom/cyclone_dx/record/diff.rbs +19 -0
data/sig/sbom/cyclone_dx/record/energy_consumption.rbs +39 -0
data/sig/sbom/cyclone_dx/record/energy_measure.rbs +14 -0
data/sig/sbom/cyclone_dx/record/energy_provider.rbs +39 -0
data/sig/sbom/cyclone_dx/record/environmental_consideration.rbs +19 -0
data/sig/sbom/cyclone_dx/record/event.rbs +44 -0
data/sig/sbom/cyclone_dx/record/external_reference.rbs +29 -0
data/sig/sbom/cyclone_dx/record/fairness_assessment.rbs +29 -0
data/sig/sbom/cyclone_dx/record/formula.rbs +34 -0
data/sig/sbom/cyclone_dx/record/graphic.rbs +19 -0
data/sig/sbom/cyclone_dx/record/graphics_collection.rbs +19 -0
data/sig/sbom/cyclone_dx/record/hash_data.rbs +19 -0
data/sig/sbom/cyclone_dx/record/identifiable_action.rbs +24 -0
data/sig/sbom/cyclone_dx/record/input.rbs +44 -0
data/sig/sbom/cyclone_dx/record/input_output_ml_parameter.rbs +14 -0
data/sig/sbom/cyclone_dx/record/issue.rbs +53 -0
data/sig/sbom/cyclone_dx/record/license.rbs +134 -0
data/sig/sbom/cyclone_dx/record/license_choice.rbs +39 -0
data/sig/sbom/cyclone_dx/record/metadata.rbs +82 -0
data/sig/sbom/cyclone_dx/record/model_card.rbs +143 -0
data/sig/sbom/cyclone_dx/record/note.rbs +19 -0
data/sig/sbom/cyclone_dx/record/organizational_contact.rbs +29 -0
data/sig/sbom/cyclone_dx/record/organizational_entity.rbs +34 -0
data/sig/sbom/cyclone_dx/record/output.rbs +44 -0
data/sig/sbom/cyclone_dx/record/parameter.rbs +24 -0
data/sig/sbom/cyclone_dx/record/patch.rbs +24 -0
data/sig/sbom/cyclone_dx/record/performance_metric.rbs +43 -0
data/sig/sbom/cyclone_dx/record/postal_address.rbs +44 -0
data/sig/sbom/cyclone_dx/record/property.rbs +19 -0
data/sig/sbom/cyclone_dx/record/rating.rbs +39 -0
data/sig/sbom/cyclone_dx/record/release_notes.rbs +64 -0
data/sig/sbom/cyclone_dx/record/resource_reference_choice.rbs +19 -0
data/sig/sbom/cyclone_dx/record/risk.rbs +19 -0
data/sig/sbom/cyclone_dx/record/root.rbs +84 -0
data/sig/sbom/cyclone_dx/record/secured_by.rbs +19 -0
data/sig/sbom/cyclone_dx/record/service.rbs +99 -0
data/sig/sbom/cyclone_dx/record/service_data.rbs +44 -0
data/sig/sbom/cyclone_dx/record/signature.rbs +130 -0
data/sig/sbom/cyclone_dx/record/standard.rbs +132 -0
data/sig/sbom/cyclone_dx/record/step.rbs +29 -0
data/sig/sbom/cyclone_dx/record/swid.rbs +44 -0
data/sig/sbom/cyclone_dx/record/task.rbs +84 -0
data/sig/sbom/cyclone_dx/record/tools.rbs +19 -0
data/sig/sbom/cyclone_dx/record/trigger.rbs +69 -0
data/sig/sbom/cyclone_dx/record/version.rbs +24 -0
data/sig/sbom/cyclone_dx/record/volume.rbs +49 -0
data/sig/sbom/cyclone_dx/record/vulnerability.rbs +209 -0
data/sig/sbom/cyclone_dx/record/vulnerability_source.rbs +19 -0
data/sig/sbom/cyclone_dx/record/workflow.rbs +94 -0
data/sig/sbom/cyclone_dx/record/workspace.rbs +69 -0
data/sig/sbom/cyclone_dx/record.rbs +161 -0
data/sig/sbom/cyclone_dx/type.rbs +16 -0
data/sig/sbom/cyclone_dx/validator/array_validator.rbs +31 -0
data/sig/sbom/cyclone_dx/validator/base_validator.rbs +21 -0
data/sig/sbom/cyclone_dx/validator/boolean_validator.rbs +9 -0
data/sig/sbom/cyclone_dx/validator/date_time_validator.rbs +10 -0
data/sig/sbom/cyclone_dx/validator/email_address_validator.rbs +10 -0
data/sig/sbom/cyclone_dx/validator/float_validator.rbs +12 -0
data/sig/sbom/cyclone_dx/validator/integer_validator.rbs +12 -0
data/sig/sbom/cyclone_dx/validator/record_validator.rbs +12 -0
data/sig/sbom/cyclone_dx/validator/string_validator.rbs +14 -0
data/sig/sbom/cyclone_dx/validator/union_validator.rbs +24 -0
data/sig/sbom/cyclone_dx/validator/uri_validator.rbs +10 -0
data/sig/sbom/cyclone_dx/validator.rbs +66 -0
data/sig/sbom/cyclone_dx.rbs +13 -0
data/sig/types.rbs +45 -0
data/spec/email_address_extension_spec.rb +27 -0
data/spec/factories/factory_helper.rb +78 -0
data/spec/factories/record/advisory_factory.rb +11 -0
data/spec/factories/record/annotation_factory.rb +63 -0
data/spec/factories/record/attachment_factory.rb +9 -0
data/spec/factories/record/cipher_suite_factory.rb +26 -0
data/spec/factories/record/co2_measure_factory.rb +9 -0
data/spec/factories/record/command_factory.rb +10 -0
data/spec/factories/record/commit_factory.rb +13 -0
data/spec/factories/record/component_data_factory.rb +28 -0
data/spec/factories/record/component_evidence_factory.rb +44 -0
data/spec/factories/record/component_factory.rb +102 -0
data/spec/factories/record/component_identity_evidence_factory.rb +25 -0
data/spec/factories/record/composition_factory.rb +20 -0
data/spec/factories/record/condition_factory.rb +11 -0
data/spec/factories/record/copyright_factory.rb +9 -0
data/spec/factories/record/crypto_properties_factory.rb +191 -0
data/spec/factories/record/data_governance_factory.rb +11 -0
data/spec/factories/record/data_governance_responsible_party_factory.rb +31 -0
data/spec/factories/record/declarations_factory.rb +145 -0
data/spec/factories/record/definitions_factory.rb +9 -0
data/spec/factories/record/dependency_factory.rb +12 -0
data/spec/factories/record/diff_factory.rb +24 -0
data/spec/factories/record/energy_consumption_factory.rb +15 -0
data/spec/factories/record/energy_measure_factory.rb +9 -0
data/spec/factories/record/energy_provider_factory.rb +15 -0
data/spec/factories/record/environmental_consideration_factory.rb +10 -0
data/spec/factories/record/event_factory.rb +15 -0
data/spec/factories/record/external_reference_factory.rb +13 -0
data/spec/factories/record/fairness_assessment_factory.rb +12 -0
data/spec/factories/record/formula_factory.rb +13 -0
data/spec/factories/record/graphic_factory.rb +10 -0
data/spec/factories/record/graphics_collection_factory.rb +10 -0
data/spec/factories/record/hash_data_factory.rb +10 -0
data/spec/factories/record/identifiable_action_factory.rb +11 -0
data/spec/factories/record/input_factory.rb +36 -0
data/spec/factories/record/input_output_ml_parameter_factory.rb +9 -0
data/spec/factories/record/issue_factory.rb +22 -0
data/spec/factories/record/license_choice_factory.rb +23 -0
data/spec/factories/record/license_factory.rb +99 -0
data/spec/factories/record/metadata_factory.rb +38 -0
data/spec/factories/record/model_card_factory.rb +59 -0
data/spec/factories/record/note_factory.rb +11 -0
data/spec/factories/record/organizational_contact_factory.rb +12 -0
data/spec/factories/record/organizational_entity_factory.rb +13 -0
data/spec/factories/record/output_factory.rb +32 -0
data/spec/factories/record/parameter_factory.rb +11 -0
data/spec/factories/record/patch_factory.rb +12 -0
data/spec/factories/record/performance_metric_factory.rb +20 -0
data/spec/factories/record/postal_address_factory.rb +14 -0
data/spec/factories/record/property_factory.rb +11 -0
data/spec/factories/record/rating_factory.rb +14 -0
data/spec/factories/record/release_notes_factory.rb +20 -0
data/spec/factories/record/resource_reference_choice_factory.rb +27 -0
data/spec/factories/record/risk_factory.rb +10 -0
data/spec/factories/record/root_factory.rb +23 -0
data/spec/factories/record/secured_by_factory.rb +10 -0
data/spec/factories/record/service_data_factory.rb +16 -0
data/spec/factories/record/service_factory.rb +27 -0
data/spec/factories/record/signature_factory.rb +50 -0
data/spec/factories/record/standard_factory.rb +37 -0
data/spec/factories/record/step_factory.rb +12 -0
data/spec/factories/record/swid_factory.rb +16 -0
data/spec/factories/record/task_factory.rb +24 -0
data/spec/factories/record/tools_factory.rb +10 -0
data/spec/factories/record/trigger_factory.rb +21 -0
data/spec/factories/record/version_factory.rb +19 -0
data/spec/factories/record/volume_factory.rb +16 -0
data/spec/factories/record/vulnerability_factory.rb +70 -0
data/spec/factories/record/vulnerability_source_factory.rb +10 -0
data/spec/factories/record/workflow_factory.rb +26 -0
data/spec/factories/record/workspace_factory.rb +21 -0
data/spec/factories/record_factory.rb +159 -0
data/spec/fixtures/cipher_info.yml +948 -0
data/spec/fixtures/purl_data.yml +0 -0
data/spec/sbom/cyclone_dx/enum_spec.rb +30 -0
data/spec/sbom/cyclone_dx/field_spec.rb +104 -0
data/spec/sbom/cyclone_dx/pattern_spec.rb +18 -0
data/spec/sbom/cyclone_dx/record/advisory_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/annotation_spec.rb +31 -0
data/spec/sbom/cyclone_dx/record/attachment_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/base_spec.rb +363 -0
data/spec/sbom/cyclone_dx/record/cipher_suite_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/co2_measure_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/command_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/commit_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/component_data_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/component_evidence_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/component_identity_evidence_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/component_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/composition_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/condition_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/copyright_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/crypto_properties_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/data_governance_responsible_party_spec.rb +19 -0
data/spec/sbom/cyclone_dx/record/data_governance_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/declarations_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/definitions_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/dependency_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/diff_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/energy_consumption_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/energy_measure_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/energy_provider_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/environmental_consideration_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/event_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/external_reference_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/fairness_assessment_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/formula_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/graphic_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/graphics_collection_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/hash_data_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/identifiable_action_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/input_output_ml_parameter_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/input_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/issue_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/license_choice_spec.rb +26 -0
data/spec/sbom/cyclone_dx/record/license_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/metadata_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/model_card_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/note_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/organizational_contact_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/organizational_entity_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/output_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/parameter_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/patch_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/performance_metric_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/postal_address_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/property_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/rating_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/release_notes_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/resource_reference_choice_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/risk_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/root_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/secured_by_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/service_data_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/service_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/signature_spec.rb +26 -0
data/spec/sbom/cyclone_dx/record/standard_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/step_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/swid_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/task_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/tools_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/trigger_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/version_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/volume_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/vulnerability_source_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/vulnerability_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/workflow_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record/workspace_spec.rb +14 -0
data/spec/sbom/cyclone_dx/record_spec.rb +7 -0
data/spec/sbom/cyclone_dx/validator/array_validator_spec.rb +184 -0
data/spec/sbom/cyclone_dx/validator/base_validator_spec.rb +71 -0
data/spec/sbom/cyclone_dx/validator/boolean_validator_spec.rb +26 -0
data/spec/sbom/cyclone_dx/validator/date_time_validator_spec.rb +28 -0
data/spec/sbom/cyclone_dx/validator/email_address_validator_spec.rb +23 -0
data/spec/sbom/cyclone_dx/validator/float_validator_spec.rb +71 -0
data/spec/sbom/cyclone_dx/validator/integer_validator_spec.rb +71 -0
data/spec/sbom/cyclone_dx/validator/record_validator_spec.rb +35 -0
data/spec/sbom/cyclone_dx/validator/string_validator_spec.rb +94 -0
data/spec/sbom/cyclone_dx/validator/union_validator_spec.rb +65 -0
data/spec/sbom/cyclone_dx/validator/uri_validator_spec.rb +21 -0
data/spec/sbom/cyclone_dx/validator_spec.rb +38 -0
data/spec/sbom/cyclone_dx/version_spec.rb +9 -0
data/spec/sbom/cyclone_dx_spec.rb +7 -0
data/spec/spec_helper.rb +39 -0
metadata +377 -6

data/spec/factories/record/external_reference_factory.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :external_reference, parent: :record, class: "SBOM::CycloneDX::Record::ExternalReference" do
+    url { generate(:url) }
+    type { SBOM::CycloneDX::Enum::EXTERNAL_REFERENCE_TYPE.sample }
+    trait :all_fields do
+      comment { Faker::Lorem.sentence }
+      hashes { association_list(:hash_data) }
+    end
+  end
+end

data/spec/factories/record/fairness_assessment_factory.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :fairness_assessment, parent: :record, class: "SBOM::CycloneDX::Record::FairnessAssessment" do
+    trait :all_fields do
+      group_at_risk { Faker::Lorem.word }
+      benefits { Faker::Lorem.words(number: rand(0..4)).join(", ") }
+      harms { Faker::Lorem.words(number: rand(0..4)).join(", ") }
+      mitigation_strategy { Faker::Lorem.sentence }
+    end
+  end
+end

data/spec/factories/record/formula_factory.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :formula, parent: :record, class: "SBOM::CycloneDX::Record::Formula" do
+    trait :all_fields do
+      bom_ref { generate(:ref_link) }
+      components { association_list(:component) }
+      services { association_list(:service) }
+      workflows { association_list(:workflow) }
+      properties { association_list(:property) }
+    end
+  end
+end

data/spec/factories/record/graphic_factory.rb ADDED Viewed

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :graphic, parent: :record, class: "SBOM::CycloneDX::Record::Graphic" do
+    trait :all_fields do
+      name { Faker::Lorem.word }
+      image { association(:attachment) }
+    end
+  end
+end

data/spec/factories/record/graphics_collection_factory.rb ADDED Viewed

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :graphics_collection, parent: :record, class: "SBOM::CycloneDX::Record::GraphicsCollection" do
+    trait :all_fields do
+      description { Faker::Lorem.sentence }
+      collection { association_list(:graphic) }
+    end
+  end
+end

data/spec/factories/record/hash_data_factory.rb ADDED Viewed

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :hash_data, parent: :record, class: "SBOM::CycloneDX::Record::HashData" do
+    alg { SBOM::CycloneDX::Enum::HASH_ALG.sample }
+    content { generate(:hash_value) }
+    trait :all_fields
+  end
+end

data/spec/factories/record/identifiable_action_factory.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :identifiable_action, parent: :record, class: "SBOM::CycloneDX::Record::IdentifiableAction" do
+    trait :all_fields do
+      timestamp { Faker::Time.backward(days: 367) }
+      name { Faker::Lorem.word }
+      email { generate(:email) }
+    end
+  end
+end

data/spec/factories/record/input_factory.rb ADDED Viewed

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :input, parent: :record, class: "SBOM::CycloneDX::Record::Input" do
+    transient do
+      input_type { %i[resource parameters environment_vars data].sample }
+    end
+    trait :resource do
+      input_type { :resource }
+    end
+    trait :parameters do
+      input_type { :parameters }
+    end
+    trait :environment_vars do
+      input_type { :environment_vars }
+    end
+    trait :data do
+      input_type { :data }
+    end
+    resource { input_type == :resource ? association(:resource_reference_choice) : nil }
+    parameters { input_type == :parameters ? association_list(:parameter) : nil }
+    environment_vars { input_type == :environment_vars ? association_list(:property) : nil }
+    data { input_type == :data ? association(:attachment) : nil }
+    trait :all_fields do
+      source { association(:resource_reference_choice) }
+      target { association(:resource_reference_choice) }
+      properties { association_list(:property) }
+    end
+  end
+end

data/spec/factories/record/input_output_ml_parameter_factory.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :input_output_ml_parameter, parent: :record, class: "SBOM::CycloneDX::Record::InputOutputMLParameter" do
+    trait :all_fields do
+      format { %w[string image time-series].sample }
+    end
+  end
+end

data/spec/factories/record/issue_factory.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :issue, parent: :record, class: "SBOM::CycloneDX::Record::Issue" do
+    type { SBOM::CycloneDX::Enum::ISSUE_TYPE.sample }
+    trait :all_fields do
+      id { SecureRandom.uuid }
+      name { Faker::Lorem.word }
+      description { Faker::Lorem.sentence }
+      source { association(:source) }
+      references { Array.new(rand(1..3)) { generate(:url) } }
+    end
+  end
+  factory :source, parent: :record, class: "SBOM::CycloneDX::Record::Issue::Source" do
+    trait :all_fields do
+      name { Faker::Lorem.word }
+      url { generate(:url) }
+    end
+  end
+end

data/spec/factories/record/license_choice_factory.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :license_expression, parent: :record, class: "SBOM::CycloneDX::Record::LicenseChoice::LicenseExpression" do
+    expression do
+      first_license = SBOM::CycloneDX::Enum::LICENSE_ID.sample
+      next first_license if Faker::Boolean.boolean
+      "#{first_license} #{%w[WITH AND OR].sample} #{SBOM::CycloneDX::Enum::LICENSE_ID.sample}"
+    end
+    trait :all_fields do
+      acknowledgement { SBOM::CycloneDX::Enum::LICENSE_ACKNOWLEDGEMENT.sample }
+      bom_ref { generate(:ref_link) }
+    end
+  end
+  factory :wrapped_license, parent: :record, class: "SBOM::CycloneDX::Record::LicenseChoice::WrappedLicense" do
+    license
+    trait :all_fields
+  end
+end

data/spec/factories/record/license_factory.rb ADDED Viewed

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :license, parent: :record, class: "SBOM::CycloneDX::Record::License" do
+    transient do
+      license_specifier { %i[id name].sample }
+    end
+    trait :id do
+      license_specifier { :id }
+    end
+    trait :name do
+      license_specifier { :name }
+    end
+    id { license_specifier == :id ? SBOM::CycloneDX::Enum::LICENSE_ID.sample : nil }
+    name { license_specifier == :name ? Faker::Lorem.word : nil }
+    trait :all_fields do
+      bom_ref { generate(:ref_link) }
+      acknowledgement { SBOM::CycloneDX::Enum::LICENSE_ACKNOWLEDGEMENT.sample }
+      text { association(:attachment) }
+      url { generate(:url) }
+      licensing { association(:licensing) }
+      properties { association_list(:property) }
+    end
+  end
+  factory :licensing, parent: :record, class: "SBOM::CycloneDX::Record::License::Licensing" do
+    trait :all_fields do
+      alt_ids { Array.new(rand(1..3)) { Faker::Lorem.word } }
+      licensor { association(:licensor) }
+      licensee { association(:licensee) }
+      purchaser { association(:purchaser) }
+      purchase_order { Faker::Lorem.word }
+      license_types { Array.new(rand(1..3)) { SBOM::CycloneDX::Enum::LICENSE_TYPE.sample } }
+      last_renewal { Faker::Time.backward(days: 367) }
+      expiration { last_renewal + rand(1..730).days }
+    end
+  end
+  factory :licensor, parent: :record, class: "SBOM::CycloneDX::Record::License::Licensing::Licensor" do
+    transient do
+      licensor_type { %i[organization individual] }
+    end
+    trait :organization do
+      licensor_type { :organization }
+    end
+    trait :individual do
+      licensor_type { :individual }
+    end
+    organization { licensor_type == :organization ? association(:organizational_entity) : nil }
+    individual { licensor_type == :individual ? association(:organizational_contact) : nil }
+    trait :all_fields
+  end
+  factory :licensee, parent: :record, class: "SBOM::CycloneDX::Record::License::Licensing::Licensee" do
+    transient do
+      licensee_type { %i[organization individual] }
+    end
+    trait :organization do
+      licensee_type { :organization }
+    end
+    trait :individual do
+      licensee_type { :individual }
+    end
+    organization { licensee_type == :organization ? association(:organizational_entity) : nil }
+    individual { licensee_type == :individual ? association(:organizational_contact) : nil }
+    trait :all_fields
+  end
+  factory :purchaser, parent: :record, class: "SBOM::CycloneDX::Record::License::Licensing::Purchaser" do
+    transient do
+      purchaser_type { %i[organization individual] }
+    end
+    trait :organization do
+      purchaser_type { :organization }
+    end
+    trait :individual do
+      purchaser_type { :individual }
+    end
+    organization { purchaser_type == :organization ? association(:organizational_entity) : nil }
+    individual { purchaser_type == :individual ? association(:organizational_contact) : nil }
+    trait :all_fields
+  end
+end

data/spec/factories/record/metadata_factory.rb ADDED Viewed

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :metadata, parent: :record, class: "SBOM::CycloneDX::Record::Metadata" do
+    trait :all_fields do
+      timestamp { Faker::Time.backward(days: 4) }
+      lifecycles do
+        Array.new(rand(1..3)) do
+          next association(:pre_defined_phase) if Faker::Boolean.boolean
+          association(:custom_phase)
+        end
+      end
+      tools { association(:tools) }
+      manufacturer { association(:organizational_entity) }
+      authors { association_list(:organizational_contact) }
+      component { association(:component) }
+      manufacture { association(:organizational_entity) }
+      supplier { association(:organizational_entity) }
+      licenses { license_choice_list }
+      properties { association_list(:property) }
+    end
+  end
+  factory :custom_phase, parent: :record, class: "SBOM::CycloneDX::Record::Metadata::CustomPhase" do
+    name { Faker::Lorem.word }
+    trait :all_fields do
+      description { Faker::Lorem.sentence }
+    end
+  end
+  factory :pre_defined_phase, parent: :record, class: "SBOM::CycloneDX::Record::Metadata::PreDefinedPhase" do
+    phase { SBOM::CycloneDX::Enum::PHASE.sample }
+    trait :all_fields
+  end
+end

data/spec/factories/record/model_card_factory.rb ADDED Viewed

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :model_card, parent: :record, class: "SBOM::CycloneDX::Record::ModelCard" do
+    trait :all_fields do
+      bom_ref { generate(:ref_link) }
+      model_parameters { association(:model_parameters) }
+      quantitative_analysis { association(:quantitative_analysis) }
+      considerations { association(:considerations) }
+      properties { association_list(:property) }
+    end
+  end
+  factory :considerations, parent: :record, class: "SBOM::CycloneDX::Record::ModelCard::Considerations" do
+    trait :all_fields do
+      users { Array.new(rand(1..3)) { Faker::Lorem.word } }
+      use_cases { Array.new(rand(1..3)) { Faker::Lorem.word } }
+      technical_limitations { Array.new(rand(1..3)) { Faker::Lorem.word } }
+      performance_tradeoffs { Array.new(rand(1..3)) { Faker::Lorem.word } }
+      ethical_considerations { association_list(:risk) }
+      environmental_considerations { association(:environmental_consideration) }
+      fairness_assessments { association_list(:fairness_assessment) }
+    end
+  end
+  factory :model_parameters, parent: :record, class: "SBOM::CycloneDX::Record::ModelCard::ModelParameters" do
+    trait :all_fields do
+      approach { association(:approach) }
+      task { Faker::Lorem.word }
+      architecture_family { Faker::Lorem.word }
+      model_architecture { Faker::Lorem.word }
+      datasets do
+        Array.new(1..3) { Faker::Boolean.boolean ? association(:component_data) : association(:data_reference) }
+      end
+      inputs { association_list(:input_output_ml_parameter) }
+      outputs { association_list(:input_output_ml_parameter) }
+    end
+  end
+  factory :approach, parent: :record, class: "SBOM::CycloneDX::Record::ModelCard::ModelParameters::Approach" do
+    trait :all_fields do
+      type { SBOM::CycloneDX::Enum::LEARNING_TYPE.sample }
+    end
+  end
+  factory :data_reference, parent: :record,
+                           class: "SBOM::CycloneDX::Record::ModelCard::ModelParameters::DataReference" do
+    trait :all_fields do
+      ref { generate(:ref_or_cdx_urn) }
+    end
+  end
+  factory :quantitative_analysis, parent: :record, class: "SBOM::CycloneDX::Record::ModelCard::QuantitativeAnalysis" do
+    trait :all_fields do
+      performance_metrics { association_list(:performance_metric) }
+      graphics { association(:graphics_collection) }
+    end
+  end
+end

data/spec/factories/record/note_factory.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :note, parent: :record, class: "SBOM::CycloneDX::Record::Note" do
+    text { association(:attachment) }
+    trait :all_fields do
+      locale { generate(:locale) }
+    end
+  end
+end

data/spec/factories/record/organizational_contact_factory.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :organizational_contact, parent: :record, class: "SBOM::CycloneDX::Record::OrganizationalContact" do
+    trait :all_fields do
+      bom_ref { generate(:ref_link) }
+      name { Faker::Name.name }
+      email { generate(:email) }
+      phone { Faker::PhoneNumber.phone_number }
+    end
+  end
+end

data/spec/factories/record/organizational_entity_factory.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :organizational_entity, parent: :record, class: "SBOM::CycloneDX::Record::OrganizationalEntity" do
+    trait :all_fields do
+      bom_ref { generate(:ref_link) }
+      name { Faker::Company.name }
+      address { association(:postal_address) }
+      url { [Faker::Internet.url] }
+      contact { association_list(:organizational_contact) }
+    end
+  end
+end

data/spec/factories/record/output_factory.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :output, parent: :record, class: "SBOM::CycloneDX::Record::Output" do
+    transient do
+      reference_type { %i[resource data environment_vars].sample }
+    end
+    trait :resource do
+      reference_type { :resource }
+    end
+    trait :data do
+      reference_type { :data }
+    end
+    trait :environment_vars do
+      reference_type { :environment_vars }
+    end
+    type { SBOM::CycloneDX::Enum::OUTPUT_TYPE.sample }
+    resource { association(:resource_reference_choice) if reference_type == :resource }
+    data { association(:attachment) if reference_type == :data }
+    environment_vars { association_list(:property) if reference_type == :environment_vars }
+    trait :all_fields do
+      source { association(:resource_reference_choice) }
+      target { association(:resource_reference_choice) }
+      properties { association_list(:property) }
+    end
+  end
+end

data/spec/factories/record/parameter_factory.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :parameter, parent: :record, class: "SBOM::CycloneDX::Record::Parameter" do
+    trait :all_fields do
+      name { Faker::Lorem.word }
+      value { Faker::Lorem.word }
+      data_type { Faker::Lorem.word }
+    end
+  end
+end

data/spec/factories/record/patch_factory.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :patch, parent: :record, class: "SBOM::CycloneDX::Record::Patch" do
+    type { SBOM::CycloneDX::Enum::PATCH_TYPE.sample }
+    trait :all_fields do
+      diff { association(:diff) }
+      resolves { association_list(:issue) }
+    end
+  end
+end

data/spec/factories/record/performance_metric_factory.rb ADDED Viewed

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :performance_metric, parent: :record, class: "SBOM::CycloneDX::Record::PerformanceMetric" do
+    trait :all_fields do
+      type { Faker::Lorem.word }
+      value { Faker::Lorem.word }
+      slice { Faker::Lorem.word }
+      confidence_interval { association(:confidence_interval) }
+    end
+  end
+  factory :confidence_interval, parent: :record,
+                                class: "SBOM::CycloneDX::Record::PerformanceMetric::ConfidenceInterval" do
+    trait :all_fields do
+      lower_bound { Faker::Lorem.word }
+      upper_bound { Faker::Lorem.word }
+    end
+  end
+end

data/spec/factories/record/postal_address_factory.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :postal_address, parent: :record, class: "SBOM::CycloneDX::Record::PostalAddress" do
+    trait :all_fields do
+      country { Faker::Address.country }
+      region { Faker::Address.state }
+      locality { Faker::Address.city }
+      post_office_box_number { Faker::Address.building_number }
+      postal_code { Faker::Address.zip_code }
+      street_address { Faker::Address.street_address }
+    end
+  end
+end

data/spec/factories/record/property_factory.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :property, parent: :record, class: "SBOM::CycloneDX::Record::Property" do
+    name { Faker::Lorem.word }
+    trait :all_fields do
+      value { Faker::Lorem.word }
+    end
+  end
+end

data/spec/factories/record/rating_factory.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :rating, parent: :record, class: "SBOM::CycloneDX::Record::Rating" do
+    trait :all_fields do
+      source { association(:vulnerability_source) }
+      score { rand(0.0..10.0) }
+      severity { SBOM::CycloneDX::Enum::SEVERITY.sample }
+      score_method { SBOM::CycloneDX::Enum::SCORE_METHOD.sample }
+      vector { Faker::Lorem.sentence }
+      justification { Faker::Lorem.sentence }
+    end
+  end
+end

data/spec/factories/record/release_notes_factory.rb ADDED Viewed

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :release_notes, parent: :record, class: "SBOM::CycloneDX::Record::ReleaseNotes" do
+    type { Faker::Lorem.word }
+    trait :all_fields do
+      title { Faker::Lorem.sentence }
+      featured_image { Faker::LoremFlickr.image }
+      social_image { Faker::LoremFlickr.image }
+      description { Faker::Lorem.paragraph }
+      timestamp { Faker::Time.backward }
+      aliases { Array.new(rand(0..3)) { Faker::Lorem.word } }
+      tags { Array.new(rand(0..3)) { Faker::Lorem.word } }
+      resolves { association_list(:issue) }
+      notes { association_list(:note) }
+      properties { association_list(:property) }
+    end
+  end
+end

data/spec/factories/record/resource_reference_choice_factory.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :resource_reference_choice, parent: :record, class: "SBOM::CycloneDX::Record::ResourceReferenceChoice" do
+    transient do
+      reference_type { %i[ref external_reference].sample }
+    end
+    trait :ref do
+      transient { reference_type { :ref } }
+    end
+    trait :external_reference do
+      transient { reference_type { :external_reference } }
+    end
+    ref do
+      reference_type == :ref ? generate(:ref_or_cdx_urn) : nil
+    end
+    external_reference do
+      reference_type == :external_reference ? association(:external_reference) : nil
+    end
+    trait :all_fields
+  end
+end

data/spec/factories/record/risk_factory.rb ADDED Viewed

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :risk, parent: :record, class: "SBOM::CycloneDX::Record::Risk" do
+    trait :all_fields do
+      name { Faker::Lorem.word }
+      mitigation_strategy { Faker::Lorem.sentence }
+    end
+  end
+end

data/spec/factories/record/root_factory.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :root, parent: :record, class: "SBOM::CycloneDX::Record::Root" do
+    trait :all_fields do
+      serial_number { generate(:bom_serial_number) }
+      version { rand(1..10_000) }
+      metadata { association(:metadata) }
+      components { association_list(:component) }
+      services { association_list(:service) }
+      external_references { association_list(:external_reference) }
+      dependencies { association_list(:dependency) }
+      compositions { association_list(:composition) }
+      vulnerabilities { association_list(:vulnerability) }
+      annotations { association_list(:annotation) }
+      formulation { association_list(:formula) }
+      declarations { association(:declarations) }
+      definitions { association(:definitions) }
+      properties { association_list(:property) }
+      signature { generate_signature }
+    end
+  end
+end

data/spec/factories/record/secured_by_factory.rb ADDED Viewed

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :secured_by, parent: :record, class: "SBOM::CycloneDX::Record::SecuredBy" do
+    trait :all_fields do
+      mechanism { Faker::Lorem.word }
+      algorithm_ref { generate(:ref_link) }
+    end
+  end
+end

data/spec/factories/record/service_data_factory.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :service_data, parent: :record, class: "SBOM::CycloneDX::Record::ServiceData" do
+    flow { SBOM::CycloneDX::Enum::DATA_FLOW_DIRECTION.sample }
+    classification { Faker::Lorem.word }
+    source { Faker::Boolean.boolean ? generate(:url) : generate(:cdx_urn) }
+    destination { Faker::Boolean.boolean ? generate(:url) : generate(:cdx_urn) }
+    trait :all_fields do
+      name { Faker::Lorem.word }
+      description { Faker::Lorem.sentence }
+      governance { association(:data_governance) }
+    end
+  end
+end