Merge pull request #177 from CycloneDX/v1.5-dev-license-properties

stevespringett · web-flow · commit 32e87a93bfec · 2023-02-20T16:24:45.000-06:00
Added property support to license along with unit tests
diff --git a/schema/bom-1.5.proto b/schema/bom-1.5.proto
@@ -279,6 +279,8 @@ message License {
   optional string bom_ref = 5;
   // Licensing details describing the licensor/licensee, license type, renewal and expiration dates, and other important metadata
   optional Licensing licensing = 6;
+  // Specifies optional, custom, properties
+  repeated Property properties = 7;  
 }
 
 message Licensing {
diff --git a/schema/bom-1.5.schema.json b/schema/bom-1.5.schema.json
@@ -783,6 +783,13 @@
               "description": "The timestamp indicating when the current license expires (if applicable)."
             }
           }
+        },
+        "properties": {
+          "type": "array",
+          "title": "Properties",
+          "description": "Provides the ability to document properties in a name-value store. This provides flexibility to include data not officially supported in the standard without having to use additional namespaces or create extensions. Unlike key-value stores, properties support duplicate names, each potentially having different values. Property names of interest to the general public are encouraged to be registered in the [CycloneDX Property Taxonomy](https://github.com/CycloneDX/cyclonedx-property-taxonomy). Formal registration is OPTIONAL.",
+          "additionalItems": false,
+          "items": {"$ref": "#/definitions/property"}
         }
       }
     },
diff --git a/schema/bom-1.5.xsd b/schema/bom-1.5.xsd
@@ -89,7 +89,7 @@ limitations under the License.
             <xs:element name="licenses" type="bom:licenseChoiceType" minOccurs="0" maxOccurs="1"/>
             <xs:element name="properties" type="bom:propertiesType" minOccurs="0" maxOccurs="1">
                 <xs:annotation>
-                    <xs:documentation>Provides the ability to document properties in a key/value store.
+                    <xs:documentation>Provides the ability to document properties in a name/value store.
                         This provides flexibility to include data not officially supported in the standard
                         without having to use additional namespaces or create extensions. Property names
                         of interest to the general public are encouraged to be registered in the
@@ -358,7 +358,7 @@ limitations under the License.
             </xs:element>
             <xs:element name="properties" type="bom:propertiesType" minOccurs="0" maxOccurs="1">
                 <xs:annotation>
-                    <xs:documentation>Provides the ability to document properties in a key/value store.
+                    <xs:documentation>Provides the ability to document properties in a name/value store.
                         This provides flexibility to include data not officially supported in the standard
                         without having to use additional namespaces or create extensions. Property names
                         of interest to the general public are encouraged to be registered in the
@@ -588,6 +588,16 @@ limitations under the License.
                     </xs:sequence>
                 </xs:complexType>
             </xs:element>
+            <xs:element name="properties" type="bom:propertiesType" minOccurs="0" maxOccurs="1">
+                <xs:annotation>
+                    <xs:documentation>Provides the ability to document properties in a name/value store.
+                        This provides flexibility to include data not officially supported in the standard
+                        without having to use additional namespaces or create extensions. Property names
+                        of interest to the general public are encouraged to be registered in the
+                        CycloneDX Property Taxonomy - https://github.com/CycloneDX/cyclonedx-property-taxonomy.
+                        Formal registration is OPTIONAL.</xs:documentation>
+                </xs:annotation>  
+            </xs:element>    
             <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
                 <xs:annotation>
                     <xs:documentation>
@@ -1046,8 +1056,8 @@ limitations under the License.
                         are URIs and therefore can accept any URL scheme including https, mailto, tel, and dns.
                         External references may also include formally registered URNs such as CycloneDX BOM-Link to
                         reference CycloneDX BOMs or any object within a BOM. BOM-Link transforms applicable external
-                        references into relationships that can be expressed in a BOM or across BOMs. Refer to:</xs:documentation>
-                        https://cyclonedx.org/capabilities/bomlink/
+                        references into relationships that can be expressed in a BOM or across BOMs. Refer to:
+                        https://cyclonedx.org/capabilities/bomlink/</xs:documentation>
                 </xs:annotation>
             </xs:element>
             <xs:element name="comment" type="xs:string" minOccurs="0" maxOccurs="1">
@@ -1548,7 +1558,7 @@ limitations under the License.
             </xs:element>
             <xs:element name="properties" type="bom:propertiesType" minOccurs="0" maxOccurs="1">
                 <xs:annotation>
-                    <xs:documentation>Provides the ability to document properties in a key/value store.
+                    <xs:documentation>Provides the ability to document properties in a name/value store.
                         This provides flexibility to include data not officially supported in the standard
                         without having to use additional namespaces or create extensions. Property names
                         of interest to the general public are encouraged to be registered in the
@@ -1900,7 +1910,7 @@ limitations under the License.
             </xs:element>
             <xs:element name="properties" type="bom:propertiesType" minOccurs="0" maxOccurs="1">
                 <xs:annotation>
-                    <xs:documentation>Provides the ability to document properties in a key/value store.
+                    <xs:documentation>Provides the ability to document properties in a name/value store.
                         This provides flexibility to include data not officially supported in the standard
                         without having to use additional namespaces or create extensions. Property names
                         of interest to the general public are encouraged to be registered in the
@@ -2271,7 +2281,7 @@ limitations under the License.
             </xs:element>
             <xs:element name="properties" type="bom:propertiesType" minOccurs="0" maxOccurs="1">
                 <xs:annotation>
-                    <xs:documentation>Provides the ability to document properties in a key/value store.
+                    <xs:documentation>Provides the ability to document properties in a name/value store.
                         This provides flexibility to include data not officially supported in the standard
                         without having to use additional namespaces or create extensions. Property names
                         of interest to the general public are encouraged to be registered in the
@@ -2621,7 +2631,7 @@ limitations under the License.
                 </xs:element>
                 <xs:element name="properties" type="bom:propertiesType" minOccurs="0" maxOccurs="1">
                     <xs:annotation>
-                        <xs:documentation>Provides the ability to document properties in a key/value store.
+                        <xs:documentation>Provides the ability to document properties in a name/value store.
                             This provides flexibility to include data not officially supported in the standard
                             without having to use additional namespaces or create extensions. Property names
                             of interest to the general public are encouraged to be registered in the
diff --git a/tools/src/test/resources/1.5/valid-properties-1.5.json b/tools/src/test/resources/1.5/valid-properties-1.5.json
@@ -28,6 +28,31 @@
       "type": "library",
       "name": "acme-library",
       "version": "1.0.0",
+      "licenses": [
+        {
+          "license": {
+            "id": "Apache-2.0",
+            "properties": [
+              {
+                "name": "Foo",
+                "value": "Bar"
+              },
+              {
+                "name": "Foo",
+                "value": "You"
+              },
+              {
+                "name": "Foo",
+                "value": "Two"
+              },
+              {
+                "name": "Bar",
+                "value": "Foo"
+              }
+            ]
+          }
+        }
+      ],
       "properties": [
         {
           "name": "Foo",
diff --git a/tools/src/test/resources/1.5/valid-properties-1.5.textproto b/tools/src/test/resources/1.5/valid-properties-1.5.textproto
@@ -23,6 +23,27 @@ components {
   type: CLASSIFICATION_LIBRARY
   name: "acme-library"
   version: "1.0.0"
+  licenses {
+    license {
+      id: "Apache-2.0"
+      properties {
+        name: "Foo"
+        value: "Bar"
+      }
+      properties {
+        name: "Foo"
+        value: "You"
+      }
+      properties {
+        name: "Foo"
+        value: "Two"
+      }
+      properties {
+        name: "Bar"
+        value: "Foo"
+      }
+    }
+  }
   properties {
     name: "Foo"
     value: "Bar"
diff --git a/tools/src/test/resources/1.5/valid-properties-1.5.xml b/tools/src/test/resources/1.5/valid-properties-1.5.xml
@@ -12,6 +12,17 @@
         <component type="library">
             <name>acme-library</name>
             <version>1.0.0</version>
+            <licenses>
+                <license>
+                    <id>Apache-2.0</id>
+                    <properties>
+                        <property name="Foo">Bar</property>
+                        <property name="Foo">You</property>
+                        <property name="Foo">Two</property>
+                        <property name="Bar">Foo</property>
+                    </properties>
+                </license>
+            </licenses>
             <properties>
                 <property name="Foo">Bar</property>
                 <property name="Bar">Foo</property>

Original file line number	Diff line number	Diff line change
`@@ -279,6 +279,8 @@ message License {`
`279`	`279`	`optional string bom_ref = 5;`
`280`	`280`	`// Licensing details describing the licensor/licensee, license type, renewal and expiration dates, and other important metadata`
`281`	`281`	`optional Licensing licensing = 6;`
	`282`	`+ // Specifies optional, custom, properties`
	`283`	`+ repeated Property properties = 7;`
`282`	`284`	`}`
`283`	`285`
`284`	`286`	`message Licensing {`
Original file line number	Diff line number	Diff line change
`@@ -783,6 +783,13 @@`
`783`	`783`	`"description": "The timestamp indicating when the current license expires (if applicable)."`
`784`	`784`	`}`
`785`	`785`	`}`
	`786`	`+ },`
	`787`	`+ "properties": {`
	`788`	`+ "type": "array",`
	`789`	`+ "title": "Properties",`
	`790`	+ "description": "Provides the ability to document properties in a name-value store. This provides flexibility to include data not officially supported in the standard without having to use additional namespaces or create extensions. Unlike key-value stores, properties support duplicate names, each potentially having different values. Property names of interest to the general public are encouraged to be registered in the [CycloneDX Property Taxonomy](https://github.com/CycloneDX/cyclonedx-property-taxonomy). Formal registration is OPTIONAL.",
	`791`	`+ "additionalItems": false,`
	`792`	`+ "items": {"$ref": "#/definitions/property"}`
`786`	`793`	`}`
`787`	`794`	`}`
`788`	`795`	`},`