feat: `metadata.tools` support `components`&`services`

[maitrey]

Hi !

Version cyclonedx-python-lib:6.4.1
Platform: Windows
Python Version: 3.12
Input(s):

1. My goal is to achieve the xml output in the format:

<?xml version="1.0" ?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.5" serialNumber="urn:uuid:dcfe183f-da82-43c3-93f4-8dcdb80a6796" version="1">
  <metadata>
    <timestamp>2024-02-29T15:03:19.775602+00:00</timestamp>
    <tools>
        <components>
          <component type="application" bom-ref="None">
            <supplier>
              <name>Test Company</name>
            </supplier>
            <name>testtool</name>
            <version>1.0.0</version>
          </component>
        </components>
      </tools>

For which the code written is:

testcomp = Component(
    name='testtool',
    type=ComponentType.APPLICATION,
    version='1.0.0',
    supplier=OrganizationalEntity(
        name='Test Company'),)
toollist = Component(name="Test",components = [testcomp])
bom.metadata.tools.add(toollist)

Expected Output(s):

<?xml version="1.0" ?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.5" serialNumber="urn:uuid:dcfe183f-da82-43c3-93f4-8dcdb80a6796" version="1">
  <metadata>
    <timestamp>2024-02-29T15:03:19.775602+00:00</timestamp>
    <tools>
        <components>
          <component type="application" bom-ref="None">
            <supplier>
              <name>Test Company</name>
            </supplier>
            <name>testtool</name>
            <version>1.0.0</version>
          </component>
        </components>
      </tools>

Actual Output(s):

<?xml version="1.0" ?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.5" serialNumber="urn:uuid:dcfe183f-da82-43c3-93f4-8dcdb80a6796" version="1">
  <metadata>
    <timestamp>2024-02-29T15:03:19.775602+00:00</timestamp>
    <tools>
      <tool type="library" bom-ref="None">
        <name>Test</name>
        <components>
          <component type="application" bom-ref="None">
            <supplier>
              <name>Test Company</name>
            </supplier>
            <name>testtool</name>
            <version>1.0.0</version>
          </component>
        </components>
      </tool>
   </tools>

So far it looks to me the tool class does not support adding components.
https://cyclonedx.org/docs/1.5/json/#metadata_tools_oneOf_i0_components
https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/cyclonedx/model/__init__.py#L1231
Rather it supports the older formats : https://cyclonedx.org/docs/1.5/json/#tab-pane_metadata_tools_oneOf_i1
My code fails at the XMLValidation step as the Tool Class expects the legacy format tags.
Could you please check this issue and get back? Many Thanks!

[jkowalleck]

Current state of this library does not support Components not Services in $.metadata.tools.

This library is a community effort.
Feel free to donate the missing feature. Please follow our guidelines: https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CONTRIBUTING.md

[jkowalleck]

related: #597

[saquibsaifee]

I am working on this feat as time permits.

[jkugler]

I am also working on this. Hope to have something soon.