Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: Support CBOM (1.6 specification) (#140) #142

Draft
wants to merge 4 commits into
base: spec/1.6
Choose a base branch
from
Draft

Feat: Support CBOM (1.6 specification) (#140) #142

wants to merge 4 commits into from

Conversation

Petzys
Copy link

@Petzys Petzys commented Apr 24, 2024

馃毀 WIP 馃毀
This PR is meant to implement the CBOM specification from specification 1.6. It might be extended to include to full scope of 1.6.

As I mainly use this module to decode JSON BOMs, I might or might not continue development on this PR. Contributions of any kind are highly appreciated.

Partly addresses #140.

@Petzys
Feat(CBOM Types): Added CBOM types
e8a52d8 
Signed-off-by: Petzys <87223648+Petzys@users.noreply.github.com>
@Petzys
Feat(spec type): Added v1.6 spec type
f13799c 
Signed-off-by: Petzys <87223648+Petzys@users.noreply.github.com>
@Petzys
Fix(CBOM Types): Removed omitempty where zero values are needed
eb5f576 
Signed-off-by: Petzys <87223648+Petzys@users.noreply.github.com>
nscuro
nscuro reviewed Apr 25, 2024
View reviewed changes
cyclonedx.go Outdated
AssetTypeRelatedCryptoMaterial AssetType = "related-crypto-material"
)

type Primitive string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some of these types have rather generic names (e.g. Primitive, Mode). We need to pay attention that we won't cause naming collisions as the spec grows. Consider prefixing some of these types so they're "pseudo-namespaced". For example CryptoPrimitive instead of Primitive.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, I see your point and I agree. I think Crypto works as a prefix. I will work on that.

@Petzys
Fix(CBOM Types): Added "Crypto" prefix to generic sounding types
988f215 
Signed-off-by: Petzys <87223648+Petzys@users.noreply.github.com>
@javirln javirln mentioned this pull request Apr 25, 2024
Open
@jkowalleck jkowalleck changed the base branch from master to spec/1.6 May 7, 2024 16:30
This was referenced May 8, 2024
Open
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nscuro nscuro nscuro left review comments

Assignees
No one assigned
Labels
spec/1.6
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Petzys @nscuro @jkowalleck