npm - @cyclonedx/cyclonedx-library - Versions diffs - 1.2.0 → 1.3.0 - Mend

@cyclonedx/cyclonedx-library 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/dist.node/models/component.js +2 -0
package/dist.node/models/component.js.map +1 -1
package/dist.node/models/index.js +1 -0
package/dist.node/models/index.js.map +1 -1
package/dist.node/models/property.js +37 -0
package/dist.node/models/property.js.map +1 -0
package/dist.node/serialize/json/normalize.js +21 -1
package/dist.node/serialize/json/normalize.js.map +1 -1
package/dist.node/serialize/xml/normalize.js +31 -2
package/dist.node/serialize/xml/normalize.js.map +1 -1
package/dist.web/lib.dev.js +102 -4
package/dist.web/lib.dev.js.map +1 -1
package/dist.web/lib.js +1 -1
package/package.json +2 -2
package/res/README.md +1 -1
package/res/bom-1.4.SNAPSHOT.schema.json +1 -1
package/res/bom-1.4.SNAPSHOT.xsd +12 -2
package/res/spdx.SNAPSHOT.schema.json +487 -482
package/res/spdx.SNAPSHOT.xsd +1069 -1044
package/src/models/component.ts +5 -1
package/src/models/index.ts +1 -0
package/src/models/property.ts +42 -0
package/src/serialize/json/normalize.ts +24 -0
package/src/serialize/json/types.ts +6 -0
package/src/serialize/xml/normalize.ts +34 -1

package/src/models/component.ts CHANGED Viewed

@@ -27,6 +27,7 @@ import { OrganizationalEntity } from './organizationalEntity'
 import { ExternalReferenceRepository } from './externalReference'
 import { LicenseRepository } from './license'
 import { SWID } from './swid'
+import { PropertyRepository } from './property'
 import { Comparable, SortableSet } from '../helpers/sortableSet'
 import { treeIterator } from '../helpers/tree'
@@ -48,6 +49,7 @@ interface OptionalProperties {
   dependencies?: Component['dependencies']
   components?: Component['components']
   cpe?: Component['cpe']
+  properties?: Component['properties']
 }
 export class Component implements Comparable {
@@ -68,6 +70,7 @@ export class Component implements Comparable {
   version?: string
   dependencies: BomRefRepository
   components: ComponentRepository
+  properties: PropertyRepository
   /** @see bomRef */
   readonly #bomRef: BomRef
@@ -78,7 +81,7 @@ export class Component implements Comparable {
   /**
    * @throws {TypeError} if {@see op.cpe} is neither {@see CPE} nor {@see undefined}
    */
-  constructor (type: ComponentType, name: string, op: OptionalProperties = {}) {
+  constructor (type: Component['type'], name: Component['name'], op: OptionalProperties = {}) {
     this.#bomRef = new BomRef(op.bomRef)
     this.type = type
     this.name = name
@@ -98,6 +101,7 @@ export class Component implements Comparable {
     this.dependencies = op.dependencies ?? new BomRefRepository()
     this.components = op.components ?? new ComponentRepository()
     this.cpe = op.cpe
+    this.properties = op.properties ?? new PropertyRepository()
   }
   get bomRef (): BomRef {

package/src/models/index.ts CHANGED Viewed

@@ -27,5 +27,6 @@ export * from './license'
 export * from './metadata'
 export * from './organizationalContact'
 export * from './organizationalEntity'
+export * from './property'
 export * from './swid'
 export * from './tool'

package/src/models/property.ts ADDED Viewed

@@ -0,0 +1,42 @@
+/*!
+This file is part of CycloneDX JavaScript Library.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+   http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+import { Comparable, SortableSet } from '../helpers/sortableSet'
+/**
+ * @see {@link https://github.com/CycloneDX/cyclonedx-property-taxonomy property-taxonomy}
+ */
+export class Property implements Comparable {
+  name: string
+  value: string
+  constructor (name: Property['name'], value: Property['value']) {
+    this.name = name
+    this.value = value
+  }
+  compare (other: Property): number {
+    /* eslint-disable-next-line @typescript-eslint/strict-boolean-expressions -- run compares in weighted order */
+    return this.name.localeCompare(other.name) ||
+      this.value.localeCompare(other.value)
+  }
+}
+export class PropertyRepository extends SortableSet<Property> {
+}

package/src/serialize/json/normalize.ts CHANGED Viewed

@@ -80,6 +80,10 @@ export class Factory {
     return new AttachmentNormalizer(this)
   }
+  makeForProperty (): PropertyNormalizer {
+    return new PropertyNormalizer(this)
+  }
   makeForDependencyGraph (): DependencyGraphNormalizer {
     return new DependencyGraphNormalizer(this)
   }
@@ -278,6 +282,9 @@ export class ComponentNormalizer extends Base {
             : undefined,
           components: data.components.size > 0
             ? this.normalizeRepository(data.components, options)
+            : undefined,
+          properties: data.properties.size > 0
+            ? this._factory.makeForProperty().normalizeRepository(data.properties, options)
             : undefined
         }
       : undefined
@@ -397,6 +404,23 @@ export class AttachmentNormalizer extends Base {
   }
 }
+export class PropertyNormalizer extends Base {
+  normalize (data: Models.Property, options: NormalizerOptions): Normalized.Property {
+    return {
+      name: data.name,
+      value: data.value
+    }
+  }
+  normalizeRepository (data: Models.PropertyRepository, options: NormalizerOptions): Normalized.Property[] {
+    return (
+      options.sortLists ?? false
+        ? data.sorted()
+        : Array.from(data)
+    ).map(p => this.normalize(p, options))
+  }
+}
 export class DependencyGraphNormalizer extends Base {
   normalize (data: Models.Bom, options: NormalizerOptions): Normalized.Dependency[] | undefined {
     const allRefs = new Map<Models.BomRef, Models.BomRefRepository>()

package/src/serialize/json/types.ts CHANGED Viewed

@@ -132,6 +132,7 @@ export namespace Normalized {
     modified?: boolean
     externalReferences?: ExternalReference[]
     components?: Component[]
+    properties?: Property[]
   }
   export interface NamedLicense {
@@ -179,6 +180,11 @@ export namespace Normalized {
     encoding?: Enums.AttachmentEncoding
   }
+  export interface Property {
+    name?: string
+    value?: string
+  }
   export interface Dependency {
     ref: RefType
     dependsOn?: RefType[]

package/src/serialize/xml/normalize.ts CHANGED Viewed

@@ -80,6 +80,10 @@ export class Factory {
     return new AttachmentNormalizer(this)
   }
+  makeForProperty (): PropertyNormalizer {
+    return new PropertyNormalizer(this)
+  }
   makeForDependencyGraph (): DependencyGraphNormalizer {
     return new DependencyGraphNormalizer(this)
   }
@@ -347,6 +351,13 @@ export class ComponentNormalizer extends Base {
           children: this.normalizeRepository(data.components, options, 'component')
         }
       : undefined
+    const properties: SimpleXml.Element | undefined = data.properties.size > 0
+      ? {
+          type: 'element',
+          name: 'properties',
+          children: this._factory.makeForProperty().normalizeRepository(data.properties, options, 'property')
+        }
+      : undefined
     return {
       type: 'element',
       name: elementName,
@@ -370,7 +381,8 @@ export class ComponentNormalizer extends Base {
         makeOptionalTextElement(data.purl, 'purl'),
         swid,
         extRefs,
-        components
+        components,
+        properties
       ].filter(isNotUndefined)
     }
   }
@@ -517,6 +529,27 @@ export class AttachmentNormalizer extends Base {
   }
 }
+export class PropertyNormalizer extends Base {
+  normalize (data: Models.Property, options: NormalizerOptions, elementName: string): SimpleXml.Element {
+    return {
+      type: 'element',
+      name: elementName,
+      attributes: {
+        name: data.name
+      },
+      children: data.value
+    }
+  }
+  normalizeRepository (data: Models.PropertyRepository, options: NormalizerOptions, elementName: string): SimpleXml.Element[] {
+    return (
+      options.sortLists ?? false
+        ? data.sorted()
+        : Array.from(data)
+    ).map(p => this.normalize(p, options, elementName))
+  }
+}
 export class DependencyGraphNormalizer extends Base {
   normalize (data: Models.Bom, options: NormalizerOptions, elementName: string): SimpleXml.Element | undefined {
     const allRefs = new Map<Models.BomRef, Models.BomRefRepository>()