Skip to content

Commit 298587a

Browse files
AradhyaTiwari10AradhyaTiwari10
authored
feat: render property cdx:reproducible (#1373)
--------- Signed-off-by: AradhyaTiwari10 <[email protected]>
1 parent 0d02f67 commit 298587a

File tree

146 files changed

+980
-135
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

146 files changed

+980
-135
lines changed

src/builders.ts

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -267,12 +267,25 @@ export class BomBuilder {
267267
for (const toolC of this.makeToolCs()) {
268268
bom.metadata.tools.components.add(toolC)
269269
}
270-
if (!this.reproducible) {
270+
if (this.reproducible) {
271+
bom.metadata.properties.add(
272+
new Models.Property(
273+
PropertyNames.BomReproducible,
274+
PropertyValueBool.True
275+
)
276+
)
277+
} else {
271278
bom.serialNumber = Utils.BomUtility.randomSerialNumber()
272279
bom.metadata.timestamp = new Date()
280+
bom.metadata.properties.add(
281+
new Models.Property(
282+
PropertyNames.BomReproducible,
283+
PropertyValueBool.False
284+
)
285+
)
273286
}
274-
// endregion metadata
275287

288+
// endregion metadata
276289
// region components
277290
if (this.flattenComponents) {
278291
for (const c of allComponents.values()) {

src/properties.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ export const enum PropertyNames {
2929
PackagePrivate = 'cdx:npm:package:private',
3030
PackageDevelopment = 'cdx:npm:package:development',
3131
PackageInstallPath = 'cdx:npm:package:path',
32+
BomReproducible = 'cdx:reproducible',
3233
}
3334

3435
/**

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node20_macos-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node20_ubuntu-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node20_windows-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node22_windows-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_macos-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_ubuntu-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_windows-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node22_windows-latest.snap.json

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)