wip

Signed-off-by: Jan Kowalleck <[email protected]>

Author: jkowalleck

src/models/bom.ts

@@ -20,8 +20,8 @@ Copyright (c) OWASP Foundation. All Rights Reserved.
 import type { PositiveInteger } from '../types/integer'
 import { isPositiveInteger } from '../types/integer'
 import { ComponentRepository } from './component'
-import { ServiceRepository } from './service'
 import { Metadata } from './metadata'
+import { ServiceRepository } from './service'
 import { VulnerabilityRepository } from './vulnerability/vulnerability'
 
 export interface OptionalBomProperties {

src/serialize/json/normalize.ts

@@ -56,6 +56,10 @@ export class Factory {
     return new ComponentNormalizer(this)
   }
 
+  makeForService (): ServiceNormalizer {
+    return new ServiceNormalizer(this)
+  }
+
   makeForComponentEvidence (): ComponentEvidenceNormalizer {
     return new ComponentEvidenceNormalizer(this)
   }
@@ -189,6 +193,9 @@ export class BomNormalizer extends BaseJsonNormalizer<Models.Bom> {
         ? this._factory.makeForComponent().normalizeIterable(data.components, options)
         // spec < 1.4 requires `component` to be array
         : [],
+      services: this._factory.spec.supportsServices && data.services.size > 0
+        ? this._factory.makeForService().normalizeIterable(data.services, options)
+        : undefined,
       dependencies: this._factory.spec.supportsDependencyGraph
         ? this._factory.makeForDependencyGraph().normalize(data, options)
         : undefined,
@@ -406,6 +413,10 @@ export class ComponentNormalizer extends BaseJsonNormalizer<Models.Component> {
   }
 }
 
+export class ServiceNormalizer extends BaseJsonNormalizer<Models.Service> {
+  // TODO
+}
+
 export class ComponentEvidenceNormalizer extends BaseJsonNormalizer<Models.ComponentEvidence> {
   normalize (data: Models.ComponentEvidence, options: NormalizerOptions): Normalized.ComponentEvidence {
     return {

src/serialize/json/types.ts

@@ -80,6 +80,7 @@ export namespace Normalized {
     serialNumber?: string
     metadata?: Metadata
     components?: Component[]
+    services?: Service[]
     externalReferences?: ExternalReference[]
     dependencies?: Dependency[]
     vulnerabilities?: Vulnerability[]
@@ -158,6 +159,18 @@ export namespace Normalized {
     properties?: Property[]
   }
 
+  export interface Service {
+    'bom-ref'?: RefType
+    provider?: OrganizationalEntity
+    group?: string
+    name: string
+    version?: string
+    description?: string
+    externalReferences?: ExternalReference[]
+    services?: Service[]
+    properties?: Property[]
+  }
+
   export interface ComponentEvidence {
     licenses?: License[]
     copyright?: Copyright[]

src/serialize/xml/normalize.ts

@@ -61,6 +61,12 @@ export class Factory {
     return new ComponentNormalizer(this)
   }
 
+  makeForService (): ServiceNormalizer {
+    return new ServiceNormalizer(this)
+  }
+
+
+
   makeForComponentEvidence (): ComponentEvidenceNormalizer {
     return new ComponentEvidenceNormalizer(this)
   }
@@ -189,6 +195,13 @@ export class BomNormalizer extends BaseXmlNormalizer<Models.Bom> {
         ? this._factory.makeForComponent().normalizeIterable(data.components, options, 'component')
         : undefined
     }
+    const services: SimpleXml.Element | undefined = this._factory.spec.supportsServices  && data.services.size > 0
+    ? {
+        type: 'element',
+        name: 'services',
+        children: this._factory.makeForService().normalizeIterable(data.services, options, 'service')
+      }
+      : undefined
     const vulnerabilities: SimpleXml.Element | undefined = this._factory.spec.supportsVulnerabilities && data.vulnerabilities.size > 0
       ? {
           type: 'element',
@@ -212,6 +225,7 @@ export class BomNormalizer extends BaseXmlNormalizer<Models.Bom> {
           ? this._factory.makeForMetadata().normalize(data.metadata, options, 'metadata')
           : undefined,
         components,
+        services,
         this._factory.spec.supportsDependencyGraph
           ? this._factory.makeForDependencyGraph().normalize(data, options, 'dependencies')
           : undefined,
@@ -528,6 +542,11 @@ export class ComponentNormalizer extends BaseXmlNormalizer<Models.Component> {
   }
 }
 
+export class ServiceNormalizer extends BaseXmlNormalizer<Models.Service> {
+  //TODO
+}
+
+
 export class ComponentEvidenceNormalizer extends BaseXmlNormalizer<Models.ComponentEvidence> {
   normalize (data: Models.ComponentEvidence, options: NormalizerOptions, elementName: string): SimpleXml.Element {
     const licenses: SimpleXml.Element | undefined = data.licenses.size > 0