Skip to content

Commit

Permalink
Fix metadata tools components
Browse files Browse the repository at this point in the history 
Signed-off-by: andreas hilti <andreas.hilti@bluewin.ch>
  • Loading branch information
@andreas-hilti
andreas-hilti committed Jun 1, 2024
1 parent 57972c2 commit 40735fb
Show file tree
Hide file tree
Showing 2 changed files with 133 additions and 1 deletion.
24 changes: 23 additions & 1 deletion src/CycloneDX.Utils/Merge.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,13 +67,19 @@ public static Bom FlatMerge(Bom bom1, Bom bom2)
var toolsMerger = new ListMergeHelper<Tool>();
#pragma warning restore 618
var tools = toolsMerger.Merge(bom1.Metadata?.Tools?.Tools, bom2.Metadata?.Tools?.Tools);
if (tools != null)
var toolsComponentsMerger = new ListMergeHelper<Component>();
var toolsComponents = toolsComponentsMerger.Merge(bom1.Metadata?.Tools?.Components, bom2.Metadata?.Tools?.Components);
var toolsServicesMerger = new ListMergeHelper<Service>();
var toolsServices = toolsServicesMerger.Merge(bom1.Metadata?.Tools?.Services, bom2.Metadata?.Tools?.Services);
if (tools != null || toolsComponents != null || toolsServices != null)
{
result.Metadata = new Metadata
{
Tools = new ToolChoices
{
Tools = tools,
Components = toolsComponents,
Services = toolsServices,
}
};
}
Expand Down Expand Up @@ -230,6 +236,22 @@ bom.SerialNumber is null
{
result.Metadata.Tools.Tools.AddRange(bom.Metadata.Tools.Tools);
}
if (bom.Metadata?.Tools?.Components?.Count > 0)
{
if (result.Metadata.Tools.Components == null)
{
result.Metadata.Tools.Components = new List<Component>();
}
result.Metadata.Tools.Components.AddRange(bom.Metadata.Tools.Components);
}
if (bom.Metadata?.Tools?.Services?.Count > 0)
{
if (result.Metadata.Tools.Services == null)
{
result.Metadata.Tools.Services = new List<Service>();
}
result.Metadata.Tools.Services.AddRange(bom.Metadata.Tools.Services);
}

var thisComponent = bom.Metadata.Component;
if (thisComponent.Components is null) bom.Metadata.Component.Components = new List<Component>();
Expand Down
110 changes: 110 additions & 0 deletions tests/CycloneDX.Utils.Tests/MergeTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -263,6 +263,116 @@ public void HierarchicalMergeComponentsTest()
Snapshot.Match(result);
}

[Fact]
public void HierarchicalMergeToolsComponentsTest()
{
var subject = new Component
{
Name = "Thing",
Version = "1",
};

var sbom1 = new Bom
{
Metadata = new Metadata
{
Component = new Component
{
Name = "System1",
Version = "1",
BomRef = "System1@1"
},
Tools = new ToolChoices
{
Components = new List<Component>
{
new Component
{
Name = "ToolComponent1",
Version = "1",
BomRef = "ToolComponent1@1",
}
}
}
},
Components = new List<Component>
{
new Component
{
Name = "Component1",
Version = "1",
BomRef = "Component1@1"
}
},
Dependencies = new List<Dependency>
{
new Dependency
{
Ref = "System1@1",
Dependencies = new List<Dependency>
{
new Dependency
{
Ref = "Component1@1"
}
}
}
},
};
var sbom2 = new Bom
{
Metadata = new Metadata
{
Component = new Component
{
Name = "System2",
Version = "1",
BomRef = "System2@1"
},
Tools = new ToolChoices
{
Components = new List<Component>
{
new Component
{
Name = "ToolComponent2",
Version = "1",
BomRef = "ToolComponent2@1",
}
}
}
},
Components = new List<Component>
{
new Component
{
Name = "Component2",
Version = "1",
BomRef = "Component2@1"
}
},
Dependencies = new List<Dependency>
{
new Dependency
{
Ref = "System2@1",
Dependencies = new List<Dependency>
{
new Dependency
{
Ref = "Component2@1"
}
}
}
},
};

var result = CycloneDXUtils.HierarchicalMerge(new[] { sbom1, sbom2 }, subject);

Snapshot.Match(result);
}


[Fact]
public void HierarchicalMergeVulnerabilitiesTest()
{
Expand Down

0 comments on commit 40735fb

Please sign in to comment.