Final feature addition

jkugler · jkugler · commit ea9003481a9f · 2024-06-20T09:39:48.000-08:00
I think the fetaure addition is done.
Now, on to adding tests.
diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py
@@ -1196,8 +1196,9 @@ def __hash__(self) -> int:
     def __repr__(self) -> str:
         return f'<Copyright text={self.text}>'
 
+
 # Importing here to avoid a circular import
-from .tool import Tool  # pylint: disable=wrong-import-position
+from .tool import Tool  # pylint: disable=wrong-import-position # noqa: E402
 
 ThisTool = Tool(
     vendor='CycloneDX',
diff --git a/cyclonedx/model/bom.py b/cyclonedx/model/bom.py
@@ -26,11 +26,8 @@
 from sortedcontainers import SortedSet
 
 from .._internal.time import get_now_utc as _get_now_utc
-from ..exception.model import (
-    LicenseExpressionAlongWithOthersException,
-    UnknownComponentDependencyException,
-)
-from ..model.tool import Tool, ToolsRepository, ToolsRepositoryHelper
+from ..exception.model import LicenseExpressionAlongWithOthersException, UnknownComponentDependencyException
+from .tool import Tool, ToolsRepository, ToolsRepositoryHelper
 from ..schema.schema import (
     SchemaVersion1Dot0,
     SchemaVersion1Dot1,
@@ -89,7 +86,7 @@ def __init__(self, *, tools: Optional[Union[Iterable[Tool], Dict[AnyStr, Any]]]
                 DeprecationWarning)
 
         if not tools:
-            self.tools.add(ThisTool)   # type: ignore[attr-defined]
+            self.tools.add(ThisTool)
 
     @property
     @serializable.type_mapping(serializable.helpers.XsdDateTime)
diff --git a/cyclonedx/model/tool.py b/cyclonedx/model/tool.py
@@ -241,16 +241,17 @@ def json_normalize(cls, o: ToolsRepository, *,
             return None
 
         if o._tools:  # pylint: disable=protected-access
-            return [json_loads(Tool.as_json(t)) for t in o]  # type: ignore[attr-defined]
+            return [json_loads(Tool.as_json(t, view_=view)) for t in o]  # type: ignore[attr-defined]
 
         result = {}
 
         if o.components:
-            result['components'] = [json_loads(Component.as_json(c))
-                                    for c in o.components]  # type: ignore[attr-defined]
+            result['components'] = [json_loads(Component.as_json(c, view_=view))  # type: ignore[attr-defined]
+                                    for c in o.components]
 
         if o.services:
-            result['services'] = [json_loads(Service.as_json(s)) for s in o.services]  # type: ignore[attr-defined]
+            result['services'] = [json_loads(Service.as_json(s, view_=view))  # type: ignore[attr-defined]
+                                  for s in o.services]
 
         return result
 
@@ -323,19 +324,19 @@ def xml_denormalize(cls, o: Element, *,
                         prop_info: ObjectMetadataLibrary.SerializableProperty,
                         ctx: Type[Any],
                         **kwargs: Any) -> ToolsRepository:
-        tools: list[Tool] = []
-        components: list[Component] = []
-        services: list[Service] = []
+        tools: List[Tool] = []
+        components: List[Component] = []
+        services: List[Service] = []
 
         for e in o:
             tag = e.tag if default_ns is None else e.tag.replace(f'{{{default_ns}}}', '')
             if tag == 'tool':
-                tools.append(Tool.from_xml(e))
+                tools.append(Tool.from_xml(e))  # type: ignore[attr-defined]
             if tag == 'components':
                 for c in e:
-                    components.append(Component.from_xml(c))
+                    components.append(Component.from_xml(c))  # type: ignore[attr-defined]
             if tag == 'services':
                 for s in e:
-                    services.append(Service.from_xml(s))
+                    services.append(Service.from_xml(s))  # type: ignore[attr-defined]
 
         return ToolsRepository(tools=tools, components=components, services=services)
diff --git a/cyclonedx/model/vulnerability.py b/cyclonedx/model/vulnerability.py
@@ -33,7 +33,7 @@
 from datetime import datetime
 from decimal import Decimal
 from enum import Enum
-from typing import Any, Dict, FrozenSet, Iterable, Optional, Tuple, Type, Union
+from typing import Any, AnyStr, Dict, FrozenSet, Iterable, Optional, Tuple, Type, Union
 
 import serializable
 from sortedcontainers import SortedSet
@@ -42,7 +42,7 @@
 from ..exception.model import MutuallyExclusivePropertiesException, NoPropertiesProvidedException
 from ..schema.schema import SchemaVersion1Dot4, SchemaVersion1Dot5, SchemaVersion1Dot6
 from ..serialization import BomRefHelper
-from . import Property, Tool, XsUri
+from . import Property, XsUri
 from .bom_ref import BomRef
 from .contact import OrganizationalContact, OrganizationalEntity
 from .impact_analysis import (
@@ -51,7 +51,7 @@
     ImpactAnalysisResponse,
     ImpactAnalysisState,
 )
-
+from .tool import Tool, ToolsRepository, ToolsRepositoryHelper
 
 @serializable.serializable_class
 class BomTargetVersionRange:
@@ -911,7 +911,8 @@ def __init__(self, *,
                  advisories: Optional[Iterable[VulnerabilityAdvisory]] = None, created: Optional[datetime] = None,
                  published: Optional[datetime] = None, updated: Optional[datetime] = None,
                  credits: Optional[VulnerabilityCredits] = None,
-                 tools: Optional[Iterable[Tool]] = None, analysis: Optional[VulnerabilityAnalysis] = None,
+                 tools: Optional[Union[Iterable[Tool], Dict[AnyStr, Any]]] = None,
+                 analysis: Optional[VulnerabilityAnalysis] = None,
                  affects: Optional[Iterable[BomTarget]] = None,
                  properties: Optional[Iterable[Property]] = None
                  ) -> None:
@@ -932,7 +933,7 @@ def __init__(self, *,
         self.published = published
         self.updated = updated
         self.credits = credits
-        self.tools = tools or []  # type:ignore[assignment]
+        self.tools = tools or ToolsRepository()  # type:ignore[assignment]  # type:ignore[assignment]
         self.analysis = analysis
         self.affects = affects or []  # type:ignore[assignment]
         self.properties = properties or []  # type:ignore[assignment]
@@ -1193,20 +1194,24 @@ def credits(self, credits: Optional[VulnerabilityCredits]) -> None:
         self._credits = credits
 
     @property
+    @serializable.type_mapping(ToolsRepositoryHelper)
     @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'tool')
     @serializable.xml_sequence(17)
-    def tools(self) -> 'SortedSet[Tool]':
+    def tools(self) -> ToolsRepository:
         """
-        The tool(s) used to identify, confirm, or score the vulnerability.
+        Tools used to create this BOM.
 
         Returns:
-            Set of `Tool`
+            `ToolsRepository` objects.
         """
         return self._tools
 
     @tools.setter
-    def tools(self, tools: Iterable[Tool]) -> None:
-        self._tools = SortedSet(tools)
+    def tools(self, tools: Union[Iterable[Tool], ToolsRepository]) -> None:
+        if isinstance(tools, ToolsRepository):
+            self._tools = tools
+        else:
+            self._tools = ToolsRepository(tools=tools)
 
     @property
     @serializable.xml_sequence(18)
