Skip to content

Commit

Permalink
deps: Update cyclonedx-core-java to version 8.0.1
Browse files Browse the repository at this point in the history 
This deprecates the `Tool` class in favor of `ToolInformation`, see [1].

[1]: CycloneDX/cyclonedx-core-java#316
  • Loading branch information
@renovate @sschuberth
renovate[bot] authored and sschuberth committed Oct 17, 2023
1 parent 012f099 commit 68e8e1f
Show file tree
Hide file tree
Showing 6 changed files with 49 additions and 35 deletions.
2 changes: 1 addition & 1 deletion gradle/libs.versions.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ asciidoctorjPdf = "2.3.9"
clikt = "4.2.1"
commonsCompress = "1.24.0"
cvssCalculator = "1.4.2"
cyclonedx = "7.3.2"
cyclonedx = "8.0.1"
diffUtils = "4.12"
diskLruCache = "2.0.2"
exposed = "0.44.0"
Expand Down
17 changes: 10 additions & 7 deletions ...orters/cyclonedx/src/funTest/assets/cyclonedx-reporter-expected-result-with-findings.json
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,19 @@
{
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"specVersion": "1.5",
"serialNumber": "urn:uuid:01234567-0123-0123-0123-01234567",
"version": 1,
"metadata": {
"timestamp": "1970-01-01T00:00:00Z",
"tools": [
{
"name": "OSS Review Toolkit",
"version": "deadbeef"
}
],
"tools": {
"components": [
{
"name": "OSS Review Toolkit",
"version": "deadbeef",
"type": "application"
}
]
},
"licenses": [
{
"expression": "CC0-1.0"
Expand Down
17 changes: 10 additions & 7 deletions ...ers/cyclonedx/src/funTest/assets/cyclonedx-reporter-expected-result-without-findings.json
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,19 @@
{
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"specVersion": "1.5",
"serialNumber": "urn:uuid:01234567-0123-0123-0123-01234567",
"version": 1,
"metadata": {
"timestamp": "1970-01-01T00:00:00Z",
"tools": [
{
"name": "OSS Review Toolkit",
"version": "deadbeef"
}
],
"tools": {
"components": [
{
"name": "OSS Review Toolkit",
"version": "deadbeef",
"type": "application"
}
]
},
"licenses": [
{
"expression": "CC0-1.0"
Expand Down
17 changes: 10 additions & 7 deletions plugins/reporters/cyclonedx/src/funTest/assets/cyclonedx-reporter-expected-result.json
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,19 @@
{
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"specVersion": "1.5",
"serialNumber": "urn:uuid:01234567-0123-0123-0123-01234567",
"version": 1,
"metadata": {
"timestamp": "1970-01-01T00:00:00Z",
"tools": [
{
"name": "OSS Review Toolkit",
"version": "deadbeef"
}
],
"tools": {
"components": [
{
"name": "OSS Review Toolkit",
"version": "deadbeef",
"type": "application"
}
]
},
"licenses": [
{
"expression": "CC0-1.0"
Expand Down
12 changes: 7 additions & 5 deletions plugins/reporters/cyclonedx/src/funTest/assets/cyclonedx-reporter-expected-result.xml
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<bom serialNumber="urn:uuid:01234567-0123-0123-0123-01234567" version="1" xmlns="http://cyclonedx.org/schema/bom/1.4">
<bom serialNumber="urn:uuid:01234567-0123-0123-0123-01234567" version="1" xmlns="http://cyclonedx.org/schema/bom/1.5">
<metadata>
<timestamp>1970-01-01T00:00:00Z</timestamp>
<tools>
<tool>
<name>OSS Review Toolkit</name>
<version>deadbeef</version>
</tool>
<components>
<component type="application">
<name>OSS Review Toolkit</name>
<version>deadbeef</version>
</component>
</components>
</tools>
<licenses>
<expression>CC0-1.0</expression>
Expand Down
19 changes: 11 additions & 8 deletions plugins/reporters/cyclonedx/src/main/kotlin/CycloneDxReporter.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ import org.cyclonedx.model.Hash
import org.cyclonedx.model.License
import org.cyclonedx.model.LicenseChoice
import org.cyclonedx.model.Metadata
import org.cyclonedx.model.Tool
import org.cyclonedx.model.metadata.ToolInformation

import org.ossreviewtoolkit.model.FileFormat
import org.ossreviewtoolkit.model.LicenseSource
Expand Down Expand Up @@ -66,7 +66,7 @@ import org.ossreviewtoolkit.utils.spdx.SpdxLicense
*/
class CycloneDxReporter : Reporter {
companion object {
val DEFAULT_SCHEMA_VERSION = CycloneDxSchema.Version.VERSION_14
val DEFAULT_SCHEMA_VERSION = CycloneDxSchema.Version.VERSION_15
val DEFAULT_DATA_LICENSE = SpdxLicense.CC0_1_0

const val REPORT_BASE_FILENAME = "bom.cyclonedx"
Expand Down Expand Up @@ -155,12 +155,15 @@ class CycloneDxReporter : Reporter {

val metadata = Metadata().apply {
timestamp = Date()
tools = listOf(
Tool().apply {
name = ORT_FULL_NAME
version = Environment.ORT_VERSION
}
)
toolChoice = ToolInformation().apply {
components = listOf(
Component().apply {
type = Component.Type.APPLICATION
name = ORT_FULL_NAME
version = Environment.ORT_VERSION
}
)
}
licenseChoice = LicenseChoice().apply { expression = dataLicense }
}

Expand Down

0 comments on commit 68e8e1f

Please sign in to comment.