wip

Signed-off-by: Jan Kowalleck <[email protected]>

Author: jkowalleck

tests/_data/models.py

@@ -1400,6 +1400,35 @@ def get_bom_with_definitions_and_detailed_standards() -> Bom:
             )
         ]))
 
+def get_bom_regression_issue540() -> Bom:
+    bom = _make_bom()
+    bom.metadata.component = root_component = Component(
+        name='myApp',
+        type=ComponentType.APPLICATION,
+        bom_ref="myApp"
+    )
+    component1 = Component(
+        type=ComponentType.LIBRARY,
+        name='some-component',
+        bom_ref="some-component"
+    )
+    bom.components.add(component1)
+    bom.register_dependency(root_component, [component1])
+    component2 = Component(
+        type=ComponentType.LIBRARY,
+        name='some-library',
+        bom_ref="some-library1"
+    )
+    bom.components.add(component2)
+    bom.register_dependency(component1, [component2])
+    component3 = Component(
+        type=ComponentType.LIBRARY,
+        name='some-library',
+        bom_ref="some-library2"
+    )
+    bom.components.add(component3)
+    bom.register_dependency(component1, [component3])
+    return bom
 
 # ---
 

tests/_data/snapshots/get_bom_regression_issue540-1.0.xml.bin

@@ -0,0 +1,20 @@
+<?xml version="1.0" ?>
+<bom xmlns="http://cyclonedx.org/schema/bom/1.0" version="1">
+  <components>
+    <component type="library">
+      <name>some-component</name>
+      <version/>
+      <modified>false</modified>
+    </component>
+    <component type="library">
+      <name>some-library</name>
+      <version/>
+      <modified>false</modified>
+    </component>
+    <component type="library">
+      <name>some-library</name>
+      <version/>
+      <modified>false</modified>
+    </component>
+  </components>
+</bom>

tests/_data/snapshots/get_bom_regression_issue540-1.1.xml.bin

@@ -0,0 +1,17 @@
+<?xml version="1.0" ?>
+<bom xmlns="http://cyclonedx.org/schema/bom/1.1" serialNumber="urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac" version="1">
+  <components>
+    <component type="library" bom-ref="some-component">
+      <name>some-component</name>
+      <version/>
+    </component>
+    <component type="library" bom-ref="some-library1">
+      <name>some-library</name>
+      <version/>
+    </component>
+    <component type="library" bom-ref="some-library2">
+      <name>some-library</name>
+      <version/>
+    </component>
+  </components>
+</bom>

tests/_data/snapshots/get_bom_regression_issue540-1.2.json.bin

@@ -0,0 +1,57 @@
+{
+  "components": [
+    {
+      "bom-ref": "some-component",
+      "name": "some-component",
+      "type": "library",
+      "version": ""
+    },
+    {
+      "bom-ref": "some-library1",
+      "name": "some-library",
+      "type": "library",
+      "version": ""
+    },
+    {
+      "bom-ref": "some-library2",
+      "name": "some-library",
+      "type": "library",
+      "version": ""
+    }
+  ],
+  "dependencies": [
+    {
+      "dependsOn": [
+        "some-component"
+      ],
+      "ref": "myApp"
+    },
+    {
+      "dependsOn": [
+        "some-library1",
+        "some-library2"
+      ],
+      "ref": "some-component"
+    },
+    {
+      "ref": "some-library1"
+    },
+    {
+      "ref": "some-library2"
+    }
+  ],
+  "metadata": {
+    "component": {
+      "bom-ref": "myApp",
+      "name": "myApp",
+      "type": "application",
+      "version": ""
+    },
+    "timestamp": "2023-01-07T13:44:32.312678+00:00"
+  },
+  "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac",
+  "version": 1,
+  "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json",
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.2"
+}

tests/_data/snapshots/get_bom_regression_issue540-1.2.xml.bin

@@ -0,0 +1,35 @@
+<?xml version="1.0" ?>
+<bom xmlns="http://cyclonedx.org/schema/bom/1.2" serialNumber="urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac" version="1">
+  <metadata>
+    <timestamp>2023-01-07T13:44:32.312678+00:00</timestamp>
+    <component type="application" bom-ref="myApp">
+      <name>myApp</name>
+      <version/>
+    </component>
+  </metadata>
+  <components>
+    <component type="library" bom-ref="some-component">
+      <name>some-component</name>
+      <version/>
+    </component>
+    <component type="library" bom-ref="some-library1">
+      <name>some-library</name>
+      <version/>
+    </component>
+    <component type="library" bom-ref="some-library2">
+      <name>some-library</name>
+      <version/>
+    </component>
+  </components>
+  <dependencies>
+    <dependency ref="myApp">
+      <dependency ref="some-component"/>
+    </dependency>
+    <dependency ref="some-component">
+      <dependency ref="some-library1"/>
+      <dependency ref="some-library2"/>
+    </dependency>
+    <dependency ref="some-library1"/>
+    <dependency ref="some-library2"/>
+  </dependencies>
+</bom>

tests/_data/snapshots/get_bom_regression_issue540-1.3.json.bin

@@ -0,0 +1,57 @@
+{
+  "components": [
+    {
+      "bom-ref": "some-component",
+      "name": "some-component",
+      "type": "library",
+      "version": ""
+    },
+    {
+      "bom-ref": "some-library1",
+      "name": "some-library",
+      "type": "library",
+      "version": ""
+    },
+    {
+      "bom-ref": "some-library2",
+      "name": "some-library",
+      "type": "library",
+      "version": ""
+    }
+  ],
+  "dependencies": [
+    {
+      "dependsOn": [
+        "some-component"
+      ],
+      "ref": "myApp"
+    },
+    {
+      "dependsOn": [
+        "some-library1",
+        "some-library2"
+      ],
+      "ref": "some-component"
+    },
+    {
+      "ref": "some-library1"
+    },
+    {
+      "ref": "some-library2"
+    }
+  ],
+  "metadata": {
+    "component": {
+      "bom-ref": "myApp",
+      "name": "myApp",
+      "type": "application",
+      "version": ""
+    },
+    "timestamp": "2023-01-07T13:44:32.312678+00:00"
+  },
+  "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac",
+  "version": 1,
+  "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json",
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.3"
+}

tests/_data/snapshots/get_bom_regression_issue540-1.3.xml.bin

@@ -0,0 +1,35 @@
+<?xml version="1.0" ?>
+<bom xmlns="http://cyclonedx.org/schema/bom/1.3" serialNumber="urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac" version="1">
+  <metadata>
+    <timestamp>2023-01-07T13:44:32.312678+00:00</timestamp>
+    <component type="application" bom-ref="myApp">
+      <name>myApp</name>
+      <version/>
+    </component>
+  </metadata>
+  <components>
+    <component type="library" bom-ref="some-component">
+      <name>some-component</name>
+      <version/>
+    </component>
+    <component type="library" bom-ref="some-library1">
+      <name>some-library</name>
+      <version/>
+    </component>
+    <component type="library" bom-ref="some-library2">
+      <name>some-library</name>
+      <version/>
+    </component>
+  </components>
+  <dependencies>
+    <dependency ref="myApp">
+      <dependency ref="some-component"/>
+    </dependency>
+    <dependency ref="some-component">
+      <dependency ref="some-library1"/>
+      <dependency ref="some-library2"/>
+    </dependency>
+    <dependency ref="some-library1"/>
+    <dependency ref="some-library2"/>
+  </dependencies>
+</bom>

tests/_data/snapshots/get_bom_regression_issue540-1.4.json.bin

@@ -0,0 +1,53 @@
+{
+  "components": [
+    {
+      "bom-ref": "some-component",
+      "name": "some-component",
+      "type": "library"
+    },
+    {
+      "bom-ref": "some-library1",
+      "name": "some-library",
+      "type": "library"
+    },
+    {
+      "bom-ref": "some-library2",
+      "name": "some-library",
+      "type": "library"
+    }
+  ],
+  "dependencies": [
+    {
+      "dependsOn": [
+        "some-component"
+      ],
+      "ref": "myApp"
+    },
+    {
+      "dependsOn": [
+        "some-library1",
+        "some-library2"
+      ],
+      "ref": "some-component"
+    },
+    {
+      "ref": "some-library1"
+    },
+    {
+      "ref": "some-library2"
+    }
+  ],
+  "metadata": {
+    "component": {
+      "bom-ref": "myApp",
+      "name": "myApp",
+      "type": "application"
+    },
+    "timestamp": "2023-01-07T13:44:32.312678+00:00"
+  },
+  "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac",
+  "version": 1,
+  "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.4"
+}

tests/_data/snapshots/get_bom_regression_issue540-1.4.xml.bin

@@ -0,0 +1,31 @@
+<?xml version="1.0" ?>
+<bom xmlns="http://cyclonedx.org/schema/bom/1.4" serialNumber="urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac" version="1">
+  <metadata>
+    <timestamp>2023-01-07T13:44:32.312678+00:00</timestamp>
+    <component type="application" bom-ref="myApp">
+      <name>myApp</name>
+    </component>
+  </metadata>
+  <components>
+    <component type="library" bom-ref="some-component">
+      <name>some-component</name>
+    </component>
+    <component type="library" bom-ref="some-library1">
+      <name>some-library</name>
+    </component>
+    <component type="library" bom-ref="some-library2">
+      <name>some-library</name>
+    </component>
+  </components>
+  <dependencies>
+    <dependency ref="myApp">
+      <dependency ref="some-component"/>
+    </dependency>
+    <dependency ref="some-component">
+      <dependency ref="some-library1"/>
+      <dependency ref="some-library2"/>
+    </dependency>
+    <dependency ref="some-library1"/>
+    <dependency ref="some-library2"/>
+  </dependencies>
+</bom>