From 30b70763b6c2f43ee937133fb5ca11e8a099ec80 Mon Sep 17 00:00:00 2001 From: andreas hilti <69210561+andreas-hilti@users.noreply.github.com> Date: Sun, 15 Sep 2024 17:55:58 +0200 Subject: [PATCH] Add protobuf deserialization tests Signed-off-by: andreas hilti <69210561+andreas-hilti@users.noreply.github.com> --- .../Protobuf/ProtocResult.cs | 10 +- .../Protobuf/ProtocRunner.cs | 97 +- .../Protobuf/v1.6/SerializationTests.cs | 113 +++ ...onTest_valid-annotation-1.6.textproto.snap | 227 +++++ ...tionTest_valid-assembly-1.6.textproto.snap | 103 +++ ...nTest_valid-attestation-1.6.textproto.snap | 250 +++++ ...alizationTest_valid-bom-1.6.textproto.snap | 380 ++++++++ ..._valid-component-hashes-1.6.textproto.snap | 91 ++ ...d-component-identifiers-1.6.textproto.snap | 49 + ...est_valid-component-ref-1.6.textproto.snap | 67 ++ ...st_valid-component-swid-1.6.textproto.snap | 50 + ...lid-component-swid-full-1.6.textproto.snap | 54 ++ ...t_valid-component-types-1.6.textproto.snap | 223 +++++ ...Test_valid-compositions-1.6.textproto.snap | 202 ++++ ...valid-cryptography-full-1.6.textproto.snap | 211 +++++ ...tography-implementation-1.6.textproto.snap | 186 ++++ ...onTest_valid-dependency-1.6.textproto.snap | 111 +++ ..._valid-empty-components-1.6.textproto.snap | 14 + ...tionTest_valid-evidence-1.6.textproto.snap | 342 +++++++ ...alid-external-reference-1.6.textproto.snap | 64 ++ ...nTest_valid-formulation-1.6.textproto.snap | 450 +++++++++ ...alid-license-expression-1.6.textproto.snap | 58 ++ ...onTest_valid-license-id-1.6.textproto.snap | 72 ++ ...valid-license-licensing-1.6.textproto.snap | 162 ++++ ...Test_valid-license-name-1.6.textproto.snap | 68 ++ ..._valid-machine-learning-1.6.textproto.snap | 123 +++ ...ning-considerations-env-1.6.textproto.snap | 105 +++ ...t_valid-metadata-author-1.6.textproto.snap | 28 + ..._valid-metadata-license-1.6.textproto.snap | 79 ++ ...alid-metadata-lifecycle-1.6.textproto.snap | 37 + ...id-metadata-manufacture-1.6.textproto.snap | 52 ++ ...d-metadata-manufacturer-1.6.textproto.snap | 37 + ...valid-metadata-supplier-1.6.textproto.snap | 36 + ...alid-metadata-timestamp-1.6.textproto.snap | 22 + ...est_valid-metadata-tool-1.6.textproto.snap | 165 ++++ ...etadata-tool-deprecated-1.6.textproto.snap | 58 ++ ...st_valid-minimal-viable-1.6.textproto.snap | 41 + ...izationTest_valid-patch-1.6.textproto.snap | 141 +++ ...onTest_valid-properties-1.6.textproto.snap | 184 ++++ ...est_valid-release-notes-1.6.textproto.snap | 294 ++++++ ...ationTest_valid-saasbom-1.6.textproto.snap | 863 ++++++++++++++++++ ...ationTest_valid-service-1.6.textproto.snap | 258 ++++++ ...d-service-empty-objects-1.6.textproto.snap | 37 + ...tionTest_valid-standard-1.6.textproto.snap | 169 ++++ ...lizationTest_valid-tags-1.6.textproto.snap | 71 ++ ...est_valid-vulnerability-1.6.textproto.snap | 240 +++++ 46 files changed, 6689 insertions(+), 5 deletions(-) create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/SerializationTests.cs create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-annotation-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-assembly-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-attestation-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-bom-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-hashes-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-identifiers-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-ref-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-full-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-types-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-compositions-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-full-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-implementation-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-dependency-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-empty-components-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-evidence-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-external-reference-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-formulation-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-expression-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-id-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-licensing-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-name-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-considerations-env-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-author-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-license-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-lifecycle-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacture-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacturer-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-supplier-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-timestamp-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-deprecated-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-minimal-viable-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-patch-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-properties-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-release-notes-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-saasbom-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-empty-objects-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-standard-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-tags-1.6.textproto.snap create mode 100644 tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-vulnerability-1.6.textproto.snap diff --git a/tests/CycloneDX.Core.Tests/Protobuf/ProtocResult.cs b/tests/CycloneDX.Core.Tests/Protobuf/ProtocResult.cs index be6ad540..7701004e 100644 --- a/tests/CycloneDX.Core.Tests/Protobuf/ProtocResult.cs +++ b/tests/CycloneDX.Core.Tests/Protobuf/ProtocResult.cs @@ -16,13 +16,21 @@ // Copyright (c) OWASP Foundation. All Rights Reserved. using System; +using System.IO; namespace CycloneDX.Core.Tests.Protobuf { - public class ProtocResult + public class ProtocTextResult { public string Output { get; set; } public string Errors { get; set; } public int ExitCode { get; set; } } + + public class ProtocBinaryResult + { + public Stream Output { get; set; } + public string Errors { get; set; } + public int ExitCode { get; set; } + } } diff --git a/tests/CycloneDX.Core.Tests/Protobuf/ProtocRunner.cs b/tests/CycloneDX.Core.Tests/Protobuf/ProtocRunner.cs index fd9a8c7b..00846da4 100644 --- a/tests/CycloneDX.Core.Tests/Protobuf/ProtocRunner.cs +++ b/tests/CycloneDX.Core.Tests/Protobuf/ProtocRunner.cs @@ -26,7 +26,7 @@ namespace CycloneDX.Core.Tests.Protobuf { public class ProtocRunner { - internal ProtocResult Run(string workingDirectory, byte[] input, string[] arguments) + internal ProtocTextResult Run(string workingDirectory, byte[] input, string[] arguments) { var protocFilename = "protoc"; @@ -77,7 +77,7 @@ internal ProtocResult Run(string workingDirectory, byte[] input, string[] argume { p.Kill(); - return new ProtocResult + return new ProtocTextResult { Output = output.ToString(), Errors = errors.ToString(), @@ -87,7 +87,7 @@ internal ProtocResult Run(string workingDirectory, byte[] input, string[] argume Task.WaitAll(outputTask, errorTask); - return new ProtocResult + return new ProtocTextResult { Output = output.ToString(), Errors = errors.ToString(), @@ -96,7 +96,7 @@ internal ProtocResult Run(string workingDirectory, byte[] input, string[] argume } catch { - return new ProtocResult + return new ProtocTextResult { Output = "", Errors = "Unable to execute protoc, ensure you have the protobuf compiler installed", @@ -109,6 +109,88 @@ internal ProtocResult Run(string workingDirectory, byte[] input, string[] argume } } + internal ProtocBinaryResult Run(string workingDirectory, string input, string[] arguments) + { + var protocFilename = "protoc"; + + if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) + { + var enviromentPath = Environment.GetEnvironmentVariable("PATH"); + var paths = enviromentPath.Split(';'); + foreach (var path in paths) + { + var filename = Path.Combine(path, "protoc.exe"); + if (File.Exists(filename)) + { + protocFilename = filename; + break; + } + } + } + + var psi = new ProcessStartInfo(protocFilename, string.Join(" ", arguments)) + { + WorkingDirectory = workingDirectory, + UseShellExecute = false, + CreateNoWindow = true, + RedirectStandardInput = true, + RedirectStandardOutput = true, + RedirectStandardError = true + }; + + var p = new Process(); + try + { + p.StartInfo = psi; + p.Start(); + + var output = new MemoryStream(); + var errors = new StringBuilder(); + var outputTask = ConsumeStreamAsync(p.StandardOutput.BaseStream, output); + var errorTask = ConsumeStreamReaderAsync(p.StandardError, errors); + + p.StandardInput.Write(input); + p.StandardInput.Close(); + + var processExited = p.WaitForExit(20000); + + if (processExited == false) + { + p.Kill(); + + return new ProtocBinaryResult + { + Output = output, + Errors = errors.ToString(), + ExitCode = -1 + }; + } + + Task.WaitAll(outputTask, errorTask); + + return new ProtocBinaryResult + { + Output = output, + Errors = errors.ToString(), + ExitCode = p.ExitCode + }; + } + catch + { + return new ProtocBinaryResult + { + Output = null, + Errors = "Unable to execute protoc, ensure you have the protobuf compiler installed", + ExitCode = -1 + }; + } + finally + { + p.Dispose(); + } + } + + private static async Task ConsumeStreamReaderAsync(StreamReader reader, StringBuilder lines) { await Task.Yield(); @@ -119,5 +201,12 @@ private static async Task ConsumeStreamReaderAsync(StreamReader reader, StringBu lines.AppendLine(line); } } + + private static async Task ConsumeStreamAsync(Stream reader, Stream output) + { + await Task.Yield(); + + reader.CopyTo(output); + } } } diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/SerializationTests.cs b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/SerializationTests.cs new file mode 100644 index 00000000..44157d6a --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/SerializationTests.cs @@ -0,0 +1,113 @@ +// This file is part of CycloneDX Library for .NET +// +// Licensed under the Apache License, Version 2.0 (the “License”); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an “AS IS” BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// SPDX-License-Identifier: Apache-2.0 +// Copyright (c) OWASP Foundation. All Rights Reserved. + +using System; +using System.IO; +using Snapshooter; +using Snapshooter.Xunit; +using Xunit; +using Xunit.Abstractions; + +namespace CycloneDX.Core.Tests.Protobuf.v1_6 +{ + [Collection("Protoc Serialization")] + public class SerializationTests + { + private readonly ITestOutputHelper output; + + public SerializationTests(ITestOutputHelper output) + { + this.output = output; + } + + // I can't be bothered setting up protoc in the github workflow for all platforms + // if anyone wants to have a crack at it please go for it + [LinuxOnlyForCITheory] + [InlineData("valid-annotation-1.6.textproto")] + [InlineData("valid-assembly-1.6.textproto")] + [InlineData("valid-attestation-1.6.textproto")] + [InlineData("valid-bom-1.6.textproto")] + [InlineData("valid-component-hashes-1.6.textproto")] + [InlineData("valid-component-identifiers-1.6.textproto")] + [InlineData("valid-component-ref-1.6.textproto")] + [InlineData("valid-component-swid-1.6.textproto")] + [InlineData("valid-component-swid-full-1.6.textproto")] + [InlineData("valid-component-types-1.6.textproto")] + [InlineData("valid-compositions-1.6.textproto")] + [InlineData("valid-cryptography-full-1.6.textproto")] + [InlineData("valid-cryptography-implementation-1.6.textproto")] + [InlineData("valid-dependency-1.6.textproto")] + [InlineData("valid-empty-components-1.6.textproto")] + [InlineData("valid-evidence-1.6.textproto")] + [InlineData("valid-external-reference-1.6.textproto")] + [InlineData("valid-formulation-1.6.textproto")] + [InlineData("valid-license-expression-1.6.textproto")] + [InlineData("valid-license-id-1.6.textproto")] + [InlineData("valid-license-licensing-1.6.textproto")] + [InlineData("valid-license-name-1.6.textproto")] + [InlineData("valid-machine-learning-1.6.textproto")] + [InlineData("valid-machine-learning-considerations-env-1.6.textproto")] + [InlineData("valid-metadata-author-1.6.textproto")] + [InlineData("valid-metadata-license-1.6.textproto")] + [InlineData("valid-metadata-lifecycle-1.6.textproto")] + [InlineData("valid-metadata-manufacture-1.6.textproto")] + [InlineData("valid-metadata-manufacturer-1.6.textproto")] + [InlineData("valid-metadata-supplier-1.6.textproto")] + [InlineData("valid-metadata-timestamp-1.6.textproto")] + [InlineData("valid-metadata-tool-1.6.textproto")] + [InlineData("valid-metadata-tool-deprecated-1.6.textproto")] + [InlineData("valid-minimal-viable-1.6.textproto")] + [InlineData("valid-patch-1.6.textproto")] + [InlineData("valid-properties-1.6.textproto")] + [InlineData("valid-release-notes-1.6.textproto")] + [InlineData("valid-saasbom-1.6.textproto")] + [InlineData("valid-service-1.6.textproto")] + [InlineData("valid-service-empty-objects-1.6.textproto")] + [InlineData("valid-standard-1.6.textproto")] + [InlineData("valid-tags-1.6.textproto")] + [InlineData("valid-vulnerability-1.6.textproto")] + public void ProtobufDeserializationTest(string filename) + { + using (var tempDir = new CycloneDX.Core.Tests.Protobuf.TempDirectoryWithProtoSchemas()) + { + var protobufResourceFilename = Path.Join("Resources", "v1.6", filename); + var protobufTextString = File.ReadAllText(protobufResourceFilename); + + var runner = new ProtocRunner(); + var result = runner.Run(tempDir.DirectoryPath, protobufTextString, new[] + { + "--proto_path=./", + "--encode=cyclonedx.v1_6.Bom", + "bom-1.6.proto" + }); + + if (result.ExitCode == 0) + { + result.Output.Seek(0, SeekOrigin.Begin); + var bom = CycloneDX.Protobuf.Serializer.Deserialize(result.Output); + + Snapshot.Match(bom, SnapshotNameExtension.Create(filename)); + } + else + { + output.WriteLine(result.Errors); + Assert.Equal(0, result.ExitCode); + } + } + } + } +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-annotation-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-annotation-1.6.textproto.snap new file mode 100644 index 00000000..9915312a --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-annotation-1.6.textproto.snap @@ -0,0 +1,227 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "component-a", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Component A", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Annotations": [ + { + "BomRef": "annotation-1", + "Subjects": [ + "component-a" + ], + "XmlSubjects": [ + { + "Ref": "component-a" + } + ], + "Annotator": { + "Organization": { + "Name": "Acme, Inc.", + "Url": [ + "https://example.com" + ], + "Contact": [ + { + "Name": "Acme Professional Services", + "Email": "professional.services@example.com", + "Phone": null, + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Individual": null, + "Component": null, + "Service": null + }, + "Timestamp": "2070-07-26T16:41:18Z", + "Text": "This is a sample annotation made by an organization" + }, + { + "BomRef": "annotation-2", + "Subjects": [ + "component-a" + ], + "XmlSubjects": [ + { + "Ref": "component-a" + } + ], + "Annotator": { + "Organization": null, + "Individual": { + "Name": "Samantha Wright", + "Email": "samantha.wright@example.com", + "Phone": "800-555-1212", + "BomRef": null + }, + "Component": null, + "Service": null + }, + "Timestamp": "2070-07-26T16:41:18Z", + "Text": "This is a sample annotation made by an person" + }, + { + "BomRef": "annotation-3", + "Subjects": [ + "component-a" + ], + "XmlSubjects": [ + { + "Ref": "component-a" + } + ], + "Annotator": { + "Organization": null, + "Individual": null, + "Component": { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Awesome Tool", + "Version": "9.1.2", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + "Service": null + }, + "Timestamp": "2070-07-26T16:41:18Z", + "Text": "This is a sample annotation made by a component" + }, + { + "BomRef": "annotation-4", + "Subjects": [ + "component-a" + ], + "XmlSubjects": [ + { + "Ref": "component-a" + } + ], + "Annotator": { + "Organization": null, + "Individual": null, + "Component": null, + "Service": { + "BomRef": "b2a46a4b-8367-4bae-9820-95557cfe03a8", + "Provider": { + "Name": "Partner Org", + "Url": [ + "https://partner.org" + ], + "Contact": [ + { + "Name": "Support", + "Email": "support@partner", + "Phone": "800-555-1212", + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Group": "org.partner", + "Name": "BOM Annotation Service", + "Version": "2020-Q2", + "Description": null, + "Endpoints": [ + "https://partner.org/api/v1/inspect", + "https://partner.org/api/v1/annotate" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": true, + "NonNullableXTrustBoundary": true, + "TrustZone": null, + "Data": [ + { + "Flow": "Bi_Directional", + "Classification": "public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "public" + }, + "Name": null, + "Description": null, + "Governance": null + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Bi_Directional", + "Classification": "public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "public" + }, + "Name": null, + "Description": null, + "Governance": null + } + ] + }, + "Licenses": null, + "XmlSignature": null, + "Signature": null + } + }, + "Timestamp": "2070-07-26T16:41:18Z", + "Text": "This is a sample annotation made by a service" + } + ], + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-assembly-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-assembly-1.6.textproto.snap new file mode 100644 index 00000000..872f3944 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-assembly-1.6.textproto.snap @@ -0,0 +1,103 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-library-a", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-library-b", + "Version": "2.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": null, + "Provider": null, + "Group": null, + "Name": "acme-service-a", + "Version": null, + "Description": null, + "Endpoints": null, + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "Services": [ + { + "BomRef": null, + "Provider": null, + "Group": null, + "Name": "acme-service-b", + "Version": null, + "Description": null, + "Endpoints": null, + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "XmlSignature": null, + "Signature": null + } + ], + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-attestation-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-attestation-1.6.textproto.snap new file mode 100644 index 00000000..616baa47 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-attestation-1.6.textproto.snap @@ -0,0 +1,250 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": null, + "Compositions": null, + "Declarations": { + "Assessors": [ + { + "BomRef": "assessor-1", + "ThirdParty": true, + "Organization": { + "Name": "Assessors Inc", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + } + } + ], + "Attestations": [ + { + "Summary": "Attestation summary here", + "Assessor": "assessor-1", + "Map": [ + { + "Requirement": "requirement-1", + "Claims": [ + "claim-1" + ], + "CounterClaims": [ + "counterClaim-1" + ], + "Conformance": { + "Score": 0.8, + "Rationale": "Conformance rationale here", + "MitigationStrategies": [ + "mitigationStrategy-1" + ] + }, + "Confidence": { + "Score": 1.0, + "Rationale": "Confidence rationale here" + } + } + ], + "Any": null, + "Signature": null + } + ], + "Claims": [ + { + "BomRef": "claim-1", + "Target": "acme-inc", + "Predicate": "Predicate here", + "MitigationStrategies": [ + "mitigationStrategy-1" + ], + "Reasoning": "Reasoning here", + "Evidence": [ + "evidence-1" + ], + "CounterEvidence": [ + "counterEvidence-1" + ], + "ExternalReferences": [ + { + "Url": "https://alm.example.com", + "Type": "Issue_Tracker", + "Comment": null + } + ], + "XmlSignature": null, + "Signature": null + } + ], + "Evidence": [ + { + "BomRef": "evidence-1", + "PropertyName": "internal.com.acme.someProperty", + "Description": "Description here", + "Data": [ + { + "Name": "Name of the data", + "Contents": { + "Attachment": { + "ContentType": "text/plain", + "Encoding": null, + "Content": "Evidence here" + }, + "Url": null + }, + "Classification": "PII", + "SensitiveData": [ + "Describe sensitive data here" + ], + "Governance": null + } + ], + "Created": "2024-04-25T00:00:00Z", + "Expires": "2024-04-03T00:00:00Z", + "Author": { + "Name": "Mary", + "Email": null, + "Phone": null, + "BomRef": null + }, + "Reviewer": { + "Name": "Jane", + "Email": null, + "Phone": null, + "BomRef": null + }, + "XmlSignature": null, + "Signature": null + }, + { + "BomRef": "counterEvidence-1", + "PropertyName": "internal.com.acme.someProperty", + "Description": "Description here", + "Data": [ + { + "Name": "Name of the data", + "Contents": { + "Attachment": { + "ContentType": "text/plain", + "Encoding": null, + "Content": "Counter evidence here" + }, + "Url": null + }, + "Classification": "Public", + "SensitiveData": [ + "Describe sensitive data here" + ], + "Governance": null + } + ], + "Created": "2024-04-25T00:00:00Z", + "Expires": "2024-04-03T00:00:00Z", + "Author": { + "Name": "Mary", + "Email": null, + "Phone": null, + "BomRef": null + }, + "Reviewer": { + "Name": "Jane", + "Email": null, + "Phone": null, + "BomRef": null + }, + "XmlSignature": null, + "Signature": null + }, + { + "BomRef": "mitigationStrategy-1", + "PropertyName": "internal.com.acme.someProperty", + "Description": "Description here", + "Data": [ + { + "Name": "Name of the data", + "Contents": { + "Attachment": { + "ContentType": "text/plain", + "Encoding": null, + "Content": "Mitigation strategy here" + }, + "Url": null + }, + "Classification": "Company Confidential", + "SensitiveData": [ + "Describe sensitive data here" + ], + "Governance": null + } + ], + "Created": "2024-04-25T00:00:00Z", + "Expires": "2024-04-03T00:00:00Z", + "Author": { + "Name": "Mary", + "Email": null, + "Phone": null, + "BomRef": null + }, + "Reviewer": { + "Name": "Jane", + "Email": null, + "Phone": null, + "BomRef": null + }, + "XmlSignature": null, + "Signature": null + } + ], + "Targets": { + "Organizations": [ + { + "Name": "Acme Inc", + "Url": null, + "Contact": null, + "BomRef": "acme-inc", + "Address": null + } + ] + }, + "Affirmation": { + "Statement": "I certify, to the best of my knowledge, that all information is correct...", + "Signatories": [ + { + "Name": "Tom", + "Role": "CEO", + "Organization": null, + "ExternalReference": null, + "XmlSignature": null, + "Signature": null + }, + { + "Name": "Jerry", + "Role": "COO", + "Organization": { + "Name": "Acme Inc", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "ExternalReference": { + "Url": "https://example.com/coo-sig.png", + "Type": "Electronic_Signature", + "Comment": null + }, + "XmlSignature": null, + "Signature": null + } + ], + "XmlSignature": null, + "Signature": null + }, + "XmlSignature": null, + "Signature": null + }, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-bom-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-bom-1.6.textproto.snap new file mode 100644 index 00000000..55dfd588 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-bom-1.6.textproto.snap @@ -0,0 +1,380 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Timestamp": "2070-07-26T16:41:18Z", + "Tools": { + "Tools": [ + { + "Vendor": "Awesome Vendor", + "Name": "Awesome Tool", + "Version": "9.1.2", + "Hashes": [ + { + "Alg": "SHA_1", + "Content": "25ed8e31b995bb927966616df2a42b979a2717f0" + }, + { + "Alg": "SHA_256", + "Content": "a74f733635a19aefb1f73e5947cef59cd7440c6952ef0f03d09d974274cbd6df" + } + ] + } + ] + }, + "ProtobufTools": [ + { + "Vendor": "Awesome Vendor", + "Name": "Awesome Tool", + "Version": "9.1.2", + "Hashes": [ + { + "Alg": "SHA_1", + "Content": "25ed8e31b995bb927966616df2a42b979a2717f0" + }, + { + "Alg": "SHA_256", + "Content": "a74f733635a19aefb1f73e5947cef59cd7440c6952ef0f03d09d974274cbd6df" + } + ], + "ExternalReferences": null, + "Components": null, + "Services": null + } + ], + "Authors": [ + { + "Name": "Samantha Wright", + "Email": "samantha.wright@example.com", + "Phone": "800-555-1212", + "BomRef": null + } + ], + "Component": { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": "Acme Super Heros", + "Author_Xml": "Acme Super Heros", + "Publisher": null, + "Group": null, + "Name": "Acme Application", + "Version": "9.1.1", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": { + "TagId": "swidgen-242eb18a-503e-ca37-393b-cf156ef09691_9.1.1", + "Name": "Acme Application", + "Version": "9.1.1", + "TagVersion": 0, + "Patch": false, + "Text": { + "ContentType": "text/xml", + "Encoding": "base64", + "Content": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==" + }, + "Url": null + }, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + "Manufacturer": { + "Name": "Acme, Inc.", + "Url": [ + "https://example.com" + ], + "Contact": [ + { + "Name": "Acme Professional Services", + "Email": "professional.services@example.com", + "Phone": null, + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Manufacture": null, + "Supplier": { + "Name": "Acme, Inc.", + "Url": [ + "https://example.com" + ], + "Contact": [ + { + "Name": "Acme Distribution", + "Email": "distribution@example.com", + "Phone": null, + "BomRef": null + } + ], + "BomRef": null, + "Address": null + } + }, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "pkg:npm/acme/component@1.0.0", + "Supplier": null, + "Author": "Joane Doe et al.", + "Author_Xml": "Joane Doe et al.", + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "tomcat-catalina", + "Version": "9.0.14", + "Description": null, + "Scope": null, + "Hashes": [ + { + "Alg": "MD5", + "Content": "3942447fac867ae5cdb3229b658f4d48" + }, + { + "Alg": "SHA_1", + "Content": "e6b1000b94e835ffd37f4c6dcbdad43f4b48a02a" + }, + { + "Alg": "SHA_256", + "Content": "f498a8ff2dd007e29c2074f5e4b01a9a01775c3ff3aeaf6906ea503bc5791b7b" + }, + { + "Alg": "SHA_512", + "Content": "e8f33e424f3f4ed6db76a482fde1a5298970e442c531729119e37991884bdffab4f9426b7ee11fccd074eeda0634d71697d6f88a460dce0ac8d627a29f7d1282" + } + ], + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": { + "ContentType": "text/plain", + "Encoding": "base64", + "Content": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==" + }, + "Url": "https://www.apache.org/licenses/LICENSE-2.0.txt", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": { + "ContentType": "text/plain", + "Encoding": "base64", + "Content": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==" + }, + "Url": "https://www.apache.org/licenses/LICENSE-2.0.txt", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:npm/acme/component@1.0.0", + "Swid": null, + "Modified": null, + "Pedigree": { + "Ancestors": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "tomcat-catalina", + "Version": "9.0.14", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "tomcat-catalina", + "Version": "9.0.14", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Descendants": null, + "Variants": null, + "Commits": [ + { + "Uid": "123", + "Url": "", + "Author": { + "Timestamp": "2067-09-26T16:41:18Z", + "Name": "", + "Email": "" + }, + "Committer": null, + "Message": null + } + ], + "Notes": null + }, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": { + "Name": "Example, Inc.", + "Url": [ + "https://example.com", + "https://example.net" + ], + "Contact": [ + { + "Name": "Example Support AMER Distribution", + "Email": "support@example.com", + "Phone": "800-555-1212", + "BomRef": null + }, + { + "Name": "Example Support APAC", + "Email": "support@apac.example.com", + "Phone": null, + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Manufacturer": { + "Name": "Example-2, Inc.", + "Url": [ + "https://example.org" + ], + "Contact": [ + { + "Name": null, + "Email": "support@example.org", + "Phone": null, + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Authors": [ + { + "Name": "Anthony Edward Stark", + "Email": "ironman@example.org", + "Phone": "555-212-970-4133", + "BomRef": null + }, + { + "Name": "Peter Benjamin Parker", + "Email": "spiderman@example.org", + "Phone": null, + "BomRef": null + } + ], + "Author": "Example Super Heros", + "Author_Xml": "Example Super Heros", + "Publisher": null, + "Group": "org.example", + "Name": "mylibrary", + "Version": "1.0.0", + "Description": null, + "Scope": "Required", + "NonNullableScope": "Required", + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Dependencies": [ + { + "Ref": "pkg:npm/acme/component@1.0.0", + "Dependencies": [ + { + "Ref": "pkg:npm/acme/component@1.0.0", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-hashes-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-hashes-1.6.textproto.snap new file mode 100644 index 00000000..891e3a1c --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-hashes-1.6.textproto.snap @@ -0,0 +1,91 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-example", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Hashes": [ + { + "Alg": "MD5", + "Content": "641b6e166f8b33c5e959e2adcc18b1c7" + }, + { + "Alg": "SHA_1", + "Content": "9188560f22e0b73070d2efce670c74af2bdf30af" + }, + { + "Alg": "SHA_256", + "Content": "d88bc4e70bfb34d18b5542136639acbb26a8ae2429aa1e47489332fb389cc964" + }, + { + "Alg": "SHA_384", + "Content": "d4835048a0f57c74b8fb617d5366ab81376fc92bebe9a93bf24ba7f9da6c9aeeb6179f5d1361f6533211b15f3224cbad" + }, + { + "Alg": "SHA_512", + "Content": "74a51ff45e4c11df9ba1f0094282c80489649cb157a75fa337992d2d4592a5a1b8cb4525de8db0ae25233553924d76c36e093ea7fa9df4e5b8b07fd2e074efd6" + }, + { + "Alg": "SHA3_256", + "Content": "7478c7cf41c883a04ee89f1813f687886d53fa86f791fff90690c6221e3853aa" + }, + { + "Alg": "SHA3_384", + "Content": "a1eea7229716487ad2ebe96b2f997a8408f32f14047994fbcc99b49012cf86c96dbd518e5d57a61b0e57dd37dd0b48f5" + }, + { + "Alg": "SHA3_512", + "Content": "7d584825bc1767dfabe7e82b45ccb7a1119b145fa17e76b885e71429c706cef0a3171bc6575b968eec5da56a7966c02fec5402fcee55097ac01d40c550de9d20" + }, + { + "Alg": "BLAKE2b_256", + "Content": "d8779633380c050bccf4e733b763ab2abd8ad2db60b517d47fd29bbf76433237" + }, + { + "Alg": "BLAKE2b_384", + "Content": "e728ba56c2da995a559a178116c594e8bee4894a79ceb4399d8f479e5563cb1942b85936f646d14170717c576b14db7a" + }, + { + "Alg": "BLAKE2b_512", + "Content": "f8ce8d612a6c85c96cf7cebc230f6ddef26e6cedcfbc4a41c766033cc08c6ba097d1470948226807fb2d88d2a2b6fc0ff5e5440e93a603086fdd568bafcd1a9d" + }, + { + "Alg": "BLAKE3", + "Content": "26cdc7fb3fd65fc3b621a4ef70bc7d2489d5c19e70c76cf7ec20e538df0047cf" + } + ], + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-identifiers-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-identifiers-1.6.textproto.snap new file mode 100644 index 00000000..2f092937 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-identifiers-1.6.textproto.snap @@ -0,0 +1,49 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "com.example", + "Name": "acme-example", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": "cpe:2.3:a:example:acme-library:1.0.0:*:*:*:*:*:*:*", + "Purl": "pkg:maven/com.example/acme-library@1.0.0", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "OmniborId": [ + "gitoid:blob:sha1:261eeb9e9f8b2b4b0d119366dda99c6fd7d35c64", + "gitoid:blob:sha256:9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08" + ], + "Swhid": [ + "swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2", + "swh:1:dir:d198bc9d7a6bcf6db04f476d29314f157507d505" + ], + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-ref-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-ref-1.6.textproto.snap new file mode 100644 index 00000000..acdb7d28 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-ref-1.6.textproto.snap @@ -0,0 +1,67 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "123", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-library", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": "456", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-library", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-1.6.textproto.snap new file mode 100644 index 00000000..b372c2e6 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-1.6.textproto.snap @@ -0,0 +1,50 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": "Acme Super Heros", + "Author_Xml": "Acme Super Heros", + "Publisher": null, + "Group": null, + "Name": "Acme Application", + "Version": "9.1.1", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": { + "TagId": "swidgen-242eb18a-503e-ca37-393b-cf156ef09691_9.1.1", + "Name": "Acme Application", + "Version": "9.1.1", + "TagVersion": 0, + "Patch": false, + "Text": null, + "Url": null + }, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-full-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-full-1.6.textproto.snap new file mode 100644 index 00000000..701d461f --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-swid-full-1.6.textproto.snap @@ -0,0 +1,54 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": "Acme Super Heros", + "Author_Xml": "Acme Super Heros", + "Publisher": null, + "Group": null, + "Name": "Acme Application", + "Version": "9.1.1", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": { + "TagId": "swidgen-242eb18a-503e-ca37-393b-cf156ef09691_9.1.1", + "Name": "Acme Application", + "Version": "9.1.1", + "TagVersion": 0, + "Patch": false, + "Text": { + "ContentType": "text/xml", + "Encoding": "base64", + "Content": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiID8+CjxTb2Z0d2FyZUlkZW50aXR5IHhtbDpsYW5nPSJFTiIgbmFtZT0iQWNtZSBBcHBsaWNhdGlvbiIgdmVyc2lvbj0iOS4xLjEiIAogdmVyc2lvblNjaGVtZT0ibXVsdGlwYXJ0bnVtZXJpYyIgCiB0YWdJZD0ic3dpZGdlbi1iNTk1MWFjOS00MmMwLWYzODItM2YxZS1iYzdhMmE0NDk3Y2JfOS4xLjEiIAogeG1sbnM9Imh0dHA6Ly9zdGFuZGFyZHMuaXNvLm9yZy9pc28vMTk3NzAvLTIvMjAxNS9zY2hlbWEueHNkIj4gCiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiAKIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL3N0YW5kYXJkcy5pc28ub3JnL2lzby8xOTc3MC8tMi8yMDE1LWN1cnJlbnQvc2NoZW1hLnhzZCBzY2hlbWEueHNkIiA+CiAgPE1ldGEgZ2VuZXJhdG9yPSJTV0lEIFRhZyBPbmxpbmUgR2VuZXJhdG9yIHYwLjEiIC8+IAogIDxFbnRpdHkgbmFtZT0iQWNtZSwgSW5jLiIgcmVnaWQ9ImV4YW1wbGUuY29tIiByb2xlPSJ0YWdDcmVhdG9yIiAvPiAKPC9Tb2Z0d2FyZUlkZW50aXR5Pg==" + }, + "Url": null + }, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-types-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-types-1.6.textproto.snap new file mode 100644 index 00000000..8ce66abf --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-component-types-1.6.textproto.snap @@ -0,0 +1,223 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "application-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "library-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Framework", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "framework-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Container", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "container-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Operating_System", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "operating-system-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Firmware", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "firmware-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Device", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "device-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "File", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "file-a", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-compositions-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-compositions-1.6.textproto.snap new file mode 100644 index 00000000..006dfaf2 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-compositions-1.6.textproto.snap @@ -0,0 +1,202 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": { + "Type": "Application", + "MimeType": null, + "BomRef": "acme-application-1.0", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Acme Application", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + "Manufacture": null, + "Supplier": null + }, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "pkg:maven/partner/shaded-library@1.0", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Partner Shaded Library", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:maven/partner/shaded-library@1.0", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "pkg:maven/ossproject/library@2.0", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Some Opensource Library", + "Version": "2.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:maven/ossproject/library@2.0", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": "pkg:maven/acme/library@3.0", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Acme Library", + "Version": "3.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:maven/acme/library@3.0", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Dependencies": [ + { + "Ref": "acme-application-1.0", + "Dependencies": [ + { + "Ref": "pkg:maven/partner/shaded-library@1.0", + "Dependencies": null, + "Provides": null + }, + { + "Ref": "pkg:maven/acme/library@3.0", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ], + "Compositions": [ + { + "Aggregate": "Complete", + "Assemblies": [ + "pkg:maven/partner/shaded-library@1.0" + ], + "Dependencies": [ + "acme-application-1.0" + ], + "Vulnerabilities": null, + "BomRef": "composition-1", + "XmlSignature": null, + "Signature": null + }, + { + "Aggregate": "Unknown", + "Assemblies": [ + "pkg:maven/acme/library@3.0" + ], + "Dependencies": null, + "Vulnerabilities": null, + "BomRef": null, + "XmlSignature": null, + "Signature": null + }, + { + "Aggregate": "Incomplete_First_Party_Only", + "Assemblies": null, + "Dependencies": null, + "Vulnerabilities": [ + "vulnerability-1" + ], + "BomRef": null, + "XmlSignature": null, + "Signature": null + } + ], + "Vulnerabilities": [ + { + "BomRef": "vulnerability-1", + "Id": "ACME-12345", + "Source": { + "Name": "Acme Inc", + "Url": null + }, + "Ratings": null, + "CWES": null, + "Description": null, + "Detail": null, + "Recommendation": null, + "Workaround": null, + "ProofOfConcept": null, + "Advisories": null, + "Credits": null, + "Analysis": null, + "Affects": null + } + ], + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-full-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-full-1.6.textproto.snap new file mode 100644 index 00000000..82e7070e --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-full-1.6.textproto.snap @@ -0,0 +1,211 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Cryptographic_Asset", + "MimeType": null, + "BomRef": "asset-1", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Name here", + "Version": null, + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": { + "AssetType": "Algorithm", + "AlgorithmProperties": { + "Primitive": "AE", + "Primitive_XML": "AE", + "ParameterSetIdentifier": "128", + "Curve": "brainpoolP160r1", + "ExecutionEnvironment": "Software_Plain_Ram", + "ImplementationPlatform": "x86_64", + "CertificationLevel": [ + "FIPS140_1_L4" + ], + "CertificationLevel_Protobuf": [ + "fips140-1-l4" + ], + "Mode": "Gcm", + "Padding": "PKCS5", + "Padding_XML": "PKCS5", + "CryptoFunctions": [ + "Keygen", + "Encrypt", + "Decrypt", + "Tag" + ], + "ClassicalSecurityLevel": 128, + "NistQuantumSecurityLevel": 1 + }, + "CertificateProperties": null, + "RelatedCryptoMaterialProperties": null, + "ProtocolProperties": null, + "ObjectIdentifier": "oid:1.2.3.4.5.6.7.8.9" + }, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Cryptographic_Asset", + "MimeType": null, + "BomRef": "asset-2", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Name here", + "Version": null, + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": { + "AssetType": "Certificate", + "AlgorithmProperties": null, + "CertificateProperties": { + "SubjectName": "Subject name here", + "IssuerName": "Issuer name here", + "NotValidBefore": "2070-07-26T16:41:18Z", + "NotValidAfter": "2070-07-26T16:41:18Z", + "SignatureAlgorithmRef": "bom-ref-to-algorithm", + "SubjectPublicKeyRef": "bom-ref-to-public-key", + "CertificateFormat": "X.509", + "CertificateExtension": "crt" + }, + "RelatedCryptoMaterialProperties": null, + "ProtocolProperties": null, + "ObjectIdentifier": "oid:1.2.3.4.5.6.7.8.9" + }, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Cryptographic_Asset", + "MimeType": null, + "BomRef": "asset-3", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Name here", + "Version": null, + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": { + "AssetType": "Protocol", + "AlgorithmProperties": null, + "CertificateProperties": null, + "RelatedCryptoMaterialProperties": null, + "ProtocolProperties": { + "Type": "Tls", + "Version": "1.3", + "CipherSuites": [ + { + "Name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "Algorithms": [ + "bom-ref-to-algorithm" + ], + "Identifiers": [ + "0xC0" + ] + } + ], + "Ikev2TransformTypes": null + }, + "ObjectIdentifier": "oid:1.2.3.4.5.6.7.8.9" + }, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Cryptographic_Asset", + "MimeType": null, + "BomRef": "asset-4", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Name here", + "Version": null, + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": { + "AssetType": "Related_Crypto_Material", + "AlgorithmProperties": null, + "CertificateProperties": null, + "RelatedCryptoMaterialProperties": { + "Type": "Private_Key", + "Id": "12345", + "State": "Active", + "AlgorithmRef": "bom-ref-to-algorithm", + "CreationDate": "2070-07-26T16:41:18Z", + "ActivationDate": "2070-07-26T16:41:18Z", + "UpdateDate": "2070-07-26T16:41:18Z", + "ExpirationDate": "2070-07-26T16:41:18Z", + "Value": "Value here", + "Size": 1024, + "Format": "PEM", + "SecuredBy": { + "Mechanism": "HSM", + "AlgorithmRef": "bom-ref-to-algorithm" + } + }, + "ProtocolProperties": null, + "ObjectIdentifier": "oid:1.2.3.4.5.6.7.8.9" + }, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-implementation-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-implementation-1.6.textproto.snap new file mode 100644 index 00000000..58de8007 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-cryptography-implementation-1.6.textproto.snap @@ -0,0 +1,186 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": { + "Type": "Application", + "MimeType": null, + "BomRef": "acme-application", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Acme Application", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + "Manufacture": null, + "Supplier": null + }, + "Components": [ + { + "Type": "Cryptographic_Asset", + "MimeType": null, + "BomRef": "aes128gcm", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "AES", + "Version": null, + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": { + "AssetType": "Algorithm", + "AlgorithmProperties": { + "Primitive": "AE", + "Primitive_XML": "AE", + "ParameterSetIdentifier": "128", + "Curve": null, + "ExecutionEnvironment": "Software_Plain_Ram", + "ImplementationPlatform": "x86_64", + "CertificationLevel": [ + "None" + ], + "CertificationLevel_Protobuf": [ + "none" + ], + "Mode": "Gcm", + "Padding": null, + "CryptoFunctions": [ + "Keygen", + "Encrypt", + "Decrypt", + "Tag" + ], + "ClassicalSecurityLevel": 128, + "NistQuantumSecurityLevel": 1 + }, + "CertificateProperties": null, + "RelatedCryptoMaterialProperties": null, + "ProtocolProperties": null, + "ObjectIdentifier": "oid:2.16.840.1.101.3.4.1.6" + }, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": "crypto-library", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Crypto library", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": "some-library", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Some library", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Dependencies": [ + { + "Ref": "acme-application", + "Dependencies": [ + { + "Ref": "crypto-library", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + }, + { + "Ref": "crypto-library", + "Dependencies": [ + { + "Ref": "some-library", + "Dependencies": null, + "Provides": null + } + ], + "Provides": [ + { + "Ref": "aes128gcm" + } + ], + "Provides_Protobuf": [ + "aes128gcm" + ] + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-dependency-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-dependency-1.6.textproto.snap new file mode 100644 index 00000000..7ed2dcb7 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-dependency-1.6.textproto.snap @@ -0,0 +1,111 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "library-a", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "library-a", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": "library-b", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "library-b", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Library", + "MimeType": null, + "BomRef": "library-c", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "library-c", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Dependencies": [ + { + "Ref": "library-a", + "Dependencies": null, + "Provides": null + }, + { + "Ref": "library-b", + "Dependencies": [ + { + "Ref": "library-c", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-empty-components-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-empty-components-1.6.textproto.snap new file mode 100644 index 00000000..b4c4ff25 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-empty-components-1.6.textproto.snap @@ -0,0 +1,14 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-evidence-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-evidence-1.6.textproto.snap new file mode 100644 index 00000000..f8c9db76 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-evidence-1.6.textproto.snap @@ -0,0 +1,342 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "com.google.code.findbugs", + "Name": "findbugs-project", + "Version": "3.0.0", + "Description": null, + "Scope": null, + "Licenses": [ + { + "License": { + "Id": "LGPL-3.0-or-later", + "Text": null, + "Url": "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Id": "LGPL-3.0-or-later", + "Text": null, + "Url": "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:maven/com.google.code.findbugs/findbugs-project@3.0.0", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": { + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": "http://www.apache.org/licenses/LICENSE-2.0", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + }, + { + "License": { + "Id": "LGPL-2.1-only", + "Text": null, + "Url": "https://opensource.org/licenses/LGPL-2.1", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": "http://www.apache.org/licenses/LICENSE-2.0", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + }, + { + "License": { + "Id": "LGPL-2.1-only", + "Text": null, + "Url": "https://opensource.org/licenses/LGPL-2.1", + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": [ + { + "Text": "Copyright 2012 Google Inc. All Rights Reserved." + }, + { + "Text": "Copyright (C) 2004,2005 Dave Brosius " + }, + { + "Text": "Copyright (C) 2005 William Pugh" + }, + { + "Text": "Copyright (C) 2004,2005 University of Maryland" + } + ], + "Identity": [ + { + "Field": "Purl", + "Confidence": 1.0, + "ConcludedValue": null, + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "findbugs-project-3.0.0.jar" + }, + { + "Technique": "Ast_Fingerprint", + "Confidence": 0.9, + "Value": "61e4bc08251761c3a73b606b9110a65899cb7d44f3b14c81ebc1e67c98e1d9ab" + }, + { + "Technique": "Hash_Comparison", + "Confidence": 0.7, + "Value": "7c547a9d67cc7bc315c93b6e2ff8e4b6b41ae5be454ac249655ecb5ca2a85abf" + } + ], + "Tools": [ + "bom-ref-of-tool-that-performed-analysis", + "bom-ref-of-tool-that-performed-analysis" + ] + } + ], + "IdentitySerialized": { + "Identities": [ + { + "Field": "Purl", + "Confidence": 1.0, + "ConcludedValue": null, + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "findbugs-project-3.0.0.jar" + }, + { + "Technique": "Ast_Fingerprint", + "Confidence": 0.9, + "Value": "61e4bc08251761c3a73b606b9110a65899cb7d44f3b14c81ebc1e67c98e1d9ab" + }, + { + "Technique": "Hash_Comparison", + "Confidence": 0.7, + "Value": "7c547a9d67cc7bc315c93b6e2ff8e4b6b41ae5be454ac249655ecb5ca2a85abf" + } + ], + "Tools": [ + "bom-ref-of-tool-that-performed-analysis", + "bom-ref-of-tool-that-performed-analysis" + ] + } + ] + }, + "Occurrences": [ + { + "BomRef": "d6bf237e-4e11-4713-9f62-56d18d5e2079", + "Location": "/path/to/component" + }, + { + "BomRef": "b574d5d1-e3cf-4dcd-9ba5-f3507eb1b175", + "Location": "/another/path/to/component" + } + ], + "Callstack": { + "Frames": [ + { + "Package": "com.apache.logging.log4j.core", + "Module": "Logger.class", + "Function": "logMessage", + "Parameters": [ + "com.acme.HelloWorld", + "Level.INFO", + "null", + "Hello World" + ], + "Line": 150, + "Column": 17, + "FullFilename": "/path/to/log4j-core-2.14.0.jar!/org/apache/logging/log4j/core/Logger.class" + }, + { + "Package": null, + "Module": "HelloWorld.class", + "Function": "main", + "Line": 20, + "Column": 12, + "FullFilename": "/path/to/HelloWorld.class" + } + ] + } + }, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "com.example", + "Name": "example-project", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:maven/com.example/example-project@1.0.0", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": { + "Licenses": null, + "Copyright": null, + "Identity": [ + { + "Field": "Group", + "Confidence": 0.1, + "ConcludedValue": "com.example", + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "example-project-1.0.0.jar" + } + ], + "Tools": null + }, + { + "Field": "Name", + "Confidence": 0.1, + "ConcludedValue": "example-project", + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "example-project-1.0.0.jar" + } + ], + "Tools": null + }, + { + "Field": "Version", + "Confidence": 0.1, + "ConcludedValue": "1.0.0", + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "example-project-1.0.0.jar" + } + ], + "Tools": null + } + ], + "IdentitySerialized": { + "Identities": [ + { + "Field": "Group", + "Confidence": 0.1, + "ConcludedValue": "com.example", + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "example-project-1.0.0.jar" + } + ], + "Tools": null + }, + { + "Field": "Name", + "Confidence": 0.1, + "ConcludedValue": "example-project", + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "example-project-1.0.0.jar" + } + ], + "Tools": null + }, + { + "Field": "Version", + "Confidence": 0.1, + "ConcludedValue": "1.0.0", + "Methods": [ + { + "Technique": "Filename", + "Confidence": 0.1, + "Value": "example-project-1.0.0.jar" + } + ], + "Tools": null + } + ] + }, + "Occurrences": null, + "Callstack": null + }, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-external-reference-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-external-reference-1.6.textproto.snap new file mode 100644 index 00000000..712c329c --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-external-reference-1.6.textproto.snap @@ -0,0 +1,64 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "org.example", + "Name": "mylibrary", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "ExternalReferences": [ + { + "Url": "https://example.org/security/feed/csaf", + "Type": "Advisories", + "Comment": "Security advisories from the vendor" + }, + { + "Url": "https://example.org/support/sbom/portal-server/1.0.0", + "Type": "Bom", + "Comment": "An external SBOM that describes what this component includes", + "Hashes": [ + { + "Alg": "SHA_256", + "Content": "708f1f53b41f11f02d12a11b1a38d2905d47b099afc71a0f1124ef8582ec7313" + } + ] + }, + { + "Url": "https://example.org/support/documentation/portal-server/1.0.0", + "Type": "Documentation", + "Comment": "Vendor provided documentation for the product" + } + ], + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-formulation-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-formulation-1.6.textproto.snap new file mode 100644 index 00000000..920c4022 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-formulation-1.6.textproto.snap @@ -0,0 +1,450 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "org.example", + "Name": "mylibrary", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Formulation": [ + { + "BomRef": "formula-1", + "Components": [ + { + "Type": "Platform", + "MimeType": null, + "BomRef": "component-1", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Pipeline controller image", + "Version": "v0.47.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Workflows": [ + { + "BomRef": "workflow-1", + "Uid": "8edb2b08-e2c7-11ed-b5ea-0242ac120002", + "Name": "My workflow", + "Description": "Workflow description here", + "ResourceReferences": [ + { + "Ref": "component-a", + "ExternalReference": null + } + ], + "Tasks": [ + { + "BomRef": "task-1", + "Uid": "task-uid-1", + "Name": "fetch-repository", + "Description": "Description here", + "ResourceReferences": [ + { + "Ref": "component-a", + "ExternalReference": null + } + ], + "TaskTypes": [ + "Clone", + "Clone", + "Build" + ], + "Trigger": { + "BomRef": "trigger-1", + "Uid": "trigger-1", + "Name": null, + "Description": null, + "Type": "Api", + "Event": null + }, + "Steps": [ + { + "Name": "My step", + "Description": null + } + ], + "Inputs": [ + { + "Resource": { + "Ref": "component-a", + "ExternalReference": null + }, + "Source": null, + "Target": null, + "Data": null + } + ], + "Outputs": [ + { + "Resource": { + "Ref": "component-a", + "ExternalReference": null + }, + "Source": null, + "Target": null, + "Data": null + } + ], + "TimeStart": "2070-07-26T16:41:18Z", + "TimeEnd": "2070-07-26T16:41:18Z", + "Workspaces": [ + { + "BomRef": "workspace-1", + "Uid": "workspace-uid-1", + "Name": "workspace", + "Description": null, + "AccessMode": null, + "MountPath": null, + "ManagedDataType": null, + "VolumeRequest": null, + "Volume": null + } + ], + "RuntimeTopology": [ + { + "Ref": "task-1", + "Dependencies": [ + { + "Ref": "task-2", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ] + } + ], + "TaskDependencies": [ + { + "Ref": "task-1", + "Dependencies": [ + { + "Ref": "task-2", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ], + "TaskTypes": [ + "Clone", + "Build" + ], + "Trigger": { + "BomRef": "trigger-2", + "Uid": "trigger-uid-2", + "Name": "My trigger", + "Description": "Description here", + "ResourceReferences": [ + { + "Ref": "component-a", + "ExternalReference": null + } + ], + "Type": "Webhook", + "Event": { + "Uid": "event-1", + "Description": "Description here", + "TimeReceived": "2070-07-26T16:41:18Z", + "Data": { + "ContentType": "text/plain", + "Encoding": null, + "Content": "Foo/Bar" + }, + "Source": { + "Ref": "component-g", + "ExternalReference": null + }, + "Target": { + "Ref": "component-h", + "ExternalReference": null + }, + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + } + ] + }, + "Conditions": [ + { + "Description": "Description here", + "Expression": "1 == 1", + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + } + ] + } + ], + "TimeActivated": "2070-07-26T16:41:18Z", + "Inputs": [ + { + "Resource": { + "Ref": "component-10", + "ExternalReference": null + }, + "Source": { + "Ref": "component-11", + "ExternalReference": null + }, + "Target": { + "Ref": "component-12", + "ExternalReference": null + }, + "Data": null + } + ], + "Outputs": [ + { + "Resource": { + "Ref": "component-14", + "ExternalReference": null + }, + "Type": "Artifact", + "Source": { + "Ref": "component-15", + "ExternalReference": null + }, + "Target": { + "Ref": "component-16", + "ExternalReference": null + }, + "Data": null + } + ] + }, + "Steps": [ + { + "Name": "My step", + "Description": "Description here", + "Commands": [ + { + "Executed": "ls -las", + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + } + ] + } + ], + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + } + ] + } + ], + "Inputs": [ + { + "Resource": null, + "Source": null, + "Target": null, + "EnvironmentVars": [ + { + "Property": { + "Name": "Foo", + "Value": "Bar" + }, + "Value": null + } + ], + "Data": null + }, + { + "Resource": null, + "Source": null, + "Target": null, + "EnvironmentVars": [ + { + "Property": null, + "Value": "FooBar" + } + ], + "Data": null + }, + { + "Resource": null, + "Source": null, + "Target": null, + "EnvironmentVars": [ + { + "Property": { + "Name": "Foo", + "Value": "Bar" + }, + "Value": null + }, + { + "Property": null, + "Value": "FooBar" + } + ], + "Data": null + } + ], + "Outputs": [ + { + "Resource": null, + "Source": null, + "Target": null, + "Data": null, + "EnvironmentVars": [ + { + "Property": { + "Name": "Foo", + "Value": "Bar" + }, + "Value": null + } + ] + }, + { + "Resource": null, + "Source": null, + "Target": null, + "Data": null, + "EnvironmentVars": [ + { + "Property": null, + "Value": "FooBar" + } + ] + }, + { + "Resource": null, + "Source": null, + "Target": null, + "Data": null, + "EnvironmentVars": [ + { + "Property": { + "Name": "Foo", + "Value": "Bar" + }, + "Value": null + }, + { + "Property": null, + "Value": "FooBar" + } + ] + } + ], + "TimeStart": "2070-07-26T16:41:18Z", + "TimeEnd": "2070-07-26T16:41:18Z", + "Workspaces": [ + { + "BomRef": "workspace-1", + "Uid": "workspace-1", + "Name": "My workspace", + "Aliases": [ + "default-workspace" + ], + "Description": "Description here", + "ResourceReferences": [ + { + "Ref": "component-t", + "ExternalReference": null + } + ], + "AccessMode": "Read_Write", + "NonNullableAccessMode": "Read_Write", + "MountPath": "/tmp/workspace", + "ManagedDataType": "ConfigMap", + "VolumeRequest": "requestedVolumeClaim", + "Volume": { + "Uid": "volume-1", + "Name": "My volume", + "Mode": "Filesystem", + "Path": "/", + "SizeAllocated": "10GB", + "Persistent": true, + "NonNullablePersistent": true, + "Remote": false, + "NonNullableRemote": false + } + } + ], + "RuntimeTopology": [ + { + "Ref": "component-s", + "Dependencies": [ + { + "Ref": "component-r", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ], + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + }, + { + "Name": "Foo", + "Value": "Bar" + } + ] + } + ] + } + ], + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-expression-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-expression-1.6.textproto.snap new file mode 100644 index 00000000..0c6011ca --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-expression-1.6.textproto.snap @@ -0,0 +1,58 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "tomcat-catalina", + "Version": "9.0.14", + "Description": null, + "Scope": null, + "Licenses": [ + { + "License": null, + "Expression": "EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0", + "BomRef": null, + "Acknowledgement": "Declared" + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": null, + "Expression": "EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0", + "BomRef": null, + "Acknowledgement": "Declared" + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-id-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-id-1.6.textproto.snap new file mode 100644 index 00000000..da18aa88 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-id-1.6.textproto.snap @@ -0,0 +1,72 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "tomcat-catalina", + "Version": "9.0.14", + "Description": null, + "Scope": null, + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null, + "Acknowledgement": "Declared", + "NonNullableAcknowledgement": "Declared" + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null, + "Acknowledgement": "Declared", + "NonNullableAcknowledgement": "Declared" + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-licensing-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-licensing-1.6.textproto.snap new file mode 100644 index 00000000..aeccabf3 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-licensing-1.6.textproto.snap @@ -0,0 +1,162 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "cryptographic-provider", + "Version": "2.2.0", + "Description": null, + "Scope": null, + "Licenses": [ + { + "License": { + "Name": "Acme Commercial License", + "Text": null, + "Url": null, + "BomRef": "acme-license-1", + "Licensing": { + "AltIds": [ + "acme", + "acme-license" + ], + "Licensor": { + "Organization": { + "Name": "Acme Inc", + "Url": null, + "Contact": [ + { + "Name": "Acme Licensing Fulfillment", + "Email": "licensing@example.com", + "Phone": null, + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Individual": null + }, + "Licensee": { + "Organization": { + "Name": "Example Co.", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "Individual": null + }, + "Purchaser": { + "Organization": null, + "Individual": { + "Name": "Samantha Wright", + "Email": "samantha.wright@gmail.com", + "Phone": "800-555-1212", + "BomRef": null + } + }, + "PurchaseOrder": "PO-12345", + "LicenseTypes": [ + "Appliance" + ], + "LastRenewal": "2022-04-13T20:20:39Z", + "Expiration": "2023-04-13T20:20:39Z" + } + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Name": "Acme Commercial License", + "Text": null, + "Url": null, + "BomRef": "acme-license-1", + "Licensing": { + "AltIds": [ + "acme", + "acme-license" + ], + "Licensor": { + "Organization": { + "Name": "Acme Inc", + "Url": null, + "Contact": [ + { + "Name": "Acme Licensing Fulfillment", + "Email": "licensing@example.com", + "Phone": null, + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Individual": null + }, + "Licensee": { + "Organization": { + "Name": "Example Co.", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "Individual": null + }, + "Purchaser": { + "Organization": null, + "Individual": { + "Name": "Samantha Wright", + "Email": "samantha.wright@gmail.com", + "Phone": "800-555-1212", + "BomRef": null + } + }, + "PurchaseOrder": "PO-12345", + "LicenseTypes": [ + "Appliance" + ], + "LastRenewal": "2022-04-13T20:20:39Z", + "Expiration": "2023-04-13T20:20:39Z" + } + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-name-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-name-1.6.textproto.snap new file mode 100644 index 00000000..969bf119 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-license-name-1.6.textproto.snap @@ -0,0 +1,68 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "tomcat-catalina", + "Version": "9.0.14", + "Description": null, + "Scope": null, + "Licenses": [ + { + "License": { + "Name": "Apache License 2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Name": "Apache License 2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-1.6.textproto.snap new file mode 100644 index 00000000..b6b7223d --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-1.6.textproto.snap @@ -0,0 +1,123 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Machine_Learning_Model", + "MimeType": null, + "BomRef": "component-a", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "CompVis", + "Name": "stable-diffusion", + "Version": "1.4", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": { + "BomRef": null, + "ModelParameters": { + "Approach": { + "Type": "Supervised" + }, + "Task": "task goes here", + "ArchitectureFamily": "the architecture family goes here", + "ModelArchitecture": "The architecture of the model.", + "Datasets": [ + { + "DataSet": { + "BomRef": null, + "Type": "Dataset", + "Name": "Training Data", + "Contents": { + "Attachment": null, + "Url": "https://example.com/path/to/dataset" + }, + "Classification": "public", + "SensitiveData": null, + "Graphics": null, + "Description": null, + "Governance": null + }, + "Ref": null + } + ], + "Inputs": [ + { + "Format": "string" + } + ], + "Outputs": [ + { + "Format": "string" + } + ] + }, + "QuantitativeAnalysis": { + "PerformanceMetrics": [ + { + "Type": "The type of performance metric", + "Value": "The value of the performance metric", + "Slice": "The name of the slice this metric was computed on. By default, assume this metric is not sliced", + "ConfidenceInterval": { + "LowerBound": "The lower bound of the confidence interval", + "UpperBound": "The upper bound of the confidence interval" + } + } + ], + "Graphics": null + }, + "Considerations": { + "Users": [ + "Who are the intended users of the model?" + ], + "UseCases": [ + "Who are the intended users of the model?" + ], + "TechnicalLimitations": [ + "What are the known technical limitations of the model? E.g. What kind(s) of data should the model be expected not to perform well on? What are the factors that might degrade model performance?" + ], + "PerformanceTradeoffs": [ + "What are the known tradeoffs in accuracy/performance of the model?" + ], + "EthicalConsiderations": [ + { + "Name": "The name of the risk", + "MitigationStrategy": "Strategy used to address this risk" + } + ], + "FairnessAssessments": [ + { + "GroupAtRisk": "The groups or individuals at risk of being systematically disadvantaged by the model", + "Benefits": "Expected benefits to the identified groups", + "Harms": "Expected harms to the identified groups", + "MitigationStrategy": "With respect to the benefits and harms outlined, please describe any mitigation strategy implemented." + } + ], + "EnvironmentalConsiderations": null + } + }, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-considerations-env-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-considerations-env-1.6.textproto.snap new file mode 100644 index 00000000..d11bafe2 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-machine-learning-considerations-env-1.6.textproto.snap @@ -0,0 +1,105 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:ed5c5ba0-2be6-4b58-ac29-01a7fd375123", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Machine_Learning_Model", + "MimeType": null, + "BomRef": "huggingface.co-meta-llama-Llama-2-7b", + "Supplier": { + "Name": "Hugging Face", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "Author": null, + "Publisher": "meta", + "Group": "meta-llama", + "Name": "Llama-2-7b", + "Version": null, + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "ExternalReferences": [ + { + "Url": "https://huggingface.co/meta-llama/Llama-2-7b", + "Type": "Distribution", + "Comment": null + } + ], + "Evidence": null, + "ModelCard": { + "BomRef": null, + "ModelParameters": null, + "QuantitativeAnalysis": null, + "Considerations": { + "EnvironmentalConsiderations": { + "EnergyConsumptions": [ + { + "Activity": "Training", + "EnergyProviders": [ + { + "Description": "Meta data-center, US-East", + "Organization": { + "Name": "Meta", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": { + "BomRef": null, + "Country": "United States", + "Region": "New Jersey", + "Locality": "Newark", + "PostOfficeBoxNumber": null, + "PostalCode": null, + "StreetAddress": null + } + }, + "EnergySource": "Natural_Gas", + "EnergyProvided": { + "Value": 0.4, + "Unit": "kWh" + }, + "BomRef": null + } + ], + "ActivityEnergyCost": { + "Value": 0.4, + "Unit": "kWh" + }, + "Co2CostEquivalent": { + "Value": 31.22, + "Unit": "tCO2eq" + }, + "Co2CostOffset": { + "Value": 31.22, + "Unit": "tCO2eq" + } + } + ] + } + } + }, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-author-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-author-1.6.textproto.snap new file mode 100644 index 00000000..4120df06 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-author-1.6.textproto.snap @@ -0,0 +1,28 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": [ + { + "Name": "Samantha Wright", + "Email": "samantha.wright@example.com", + "Phone": "800-555-1212", + "BomRef": null + } + ], + "Component": null, + "Manufacture": null, + "Supplier": null + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-license-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-license-1.6.textproto.snap new file mode 100644 index 00000000..b1529363 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-license-1.6.textproto.snap @@ -0,0 +1,79 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": null, + "Manufacture": null, + "Supplier": null, + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + }, + { + "License": { + "Name": "My License", + "Text": { + "ContentType": "text/plain", + "Encoding": null, + "Content": "My License Text" + }, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + }, + { + "License": { + "Name": "My License", + "Text": { + "ContentType": "text/plain", + "Encoding": null, + "Content": "My License Text" + }, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + } + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-lifecycle-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-lifecycle-1.6.textproto.snap new file mode 100644 index 00000000..869aaa22 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-lifecycle-1.6.textproto.snap @@ -0,0 +1,37 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": null, + "Manufacture": null, + "Supplier": null, + "Lifecycles": [ + { + "Phase": "Build", + "Name": null, + "Description": null + }, + { + "Phase": "Post_Build", + "Name": null, + "Description": null + }, + { + "Name": "platform-integration-testing", + "Description": "Integration testing specific to the runtime platform" + } + ] + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacture-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacture-1.6.textproto.snap new file mode 100644 index 00000000..d185d6b6 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacture-1.6.textproto.snap @@ -0,0 +1,52 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": null, + "Manufacture": { + "Name": "Acme, Inc. // deprecated", + "Url": [ + "https://example.com" + ], + "Contact": [ + { + "Name": "Acme Professional Services", + "Email": "professional.services@example.com", + "Phone": null, + "BomRef": "contact-1" + } + ], + "BomRef": "manufacturer-1", + "Address": null + }, + "Manufacture_Xml": { + "Name": "Acme, Inc. // deprecated", + "Url": [ + "https://example.com" + ], + "Contact": [ + { + "Name": "Acme Professional Services", + "Email": "professional.services@example.com", + "Phone": null, + "BomRef": "contact-1" + } + ], + "BomRef": "manufacturer-1", + "Address": null + }, + "Supplier": null + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacturer-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacturer-1.6.textproto.snap new file mode 100644 index 00000000..803f740b --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-manufacturer-1.6.textproto.snap @@ -0,0 +1,37 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": null, + "Manufacturer": { + "Name": "Acme, Inc.", + "Url": [ + "https://example.com" + ], + "Contact": [ + { + "Name": "Acme Professional Services", + "Email": "professional.services@example.com", + "Phone": null, + "BomRef": "contact-1" + } + ], + "BomRef": "manufacturer-1", + "Address": null + }, + "Manufacture": null, + "Supplier": null + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-supplier-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-supplier-1.6.textproto.snap new file mode 100644 index 00000000..a3ea8bb9 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-supplier-1.6.textproto.snap @@ -0,0 +1,36 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": null, + "Manufacture": null, + "Supplier": { + "Name": "Acme, Inc.", + "Url": [ + "https://example.com" + ], + "Contact": [ + { + "Name": "Acme Distribution", + "Email": "distribution@example.com", + "Phone": null, + "BomRef": "contact-1" + } + ], + "BomRef": "supplier-1", + "Address": null + } + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-timestamp-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-timestamp-1.6.textproto.snap new file mode 100644 index 00000000..2bf2408f --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-timestamp-1.6.textproto.snap @@ -0,0 +1,22 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Timestamp": "2070-07-26T16:41:18Z", + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": null, + "Manufacture": null, + "Supplier": null + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-1.6.textproto.snap new file mode 100644 index 00000000..55fac02d --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-1.6.textproto.snap @@ -0,0 +1,165 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": { + "Tools": null, + "Components": [ + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "Awesome Vendor", + "Name": "Awesome Tool", + "Version": "9.1.2", + "Description": null, + "Scope": null, + "Hashes": [ + { + "Alg": "SHA_1", + "Content": "25ed8e31b995bb927966616df2a42b979a2717f0" + }, + { + "Alg": "SHA_256", + "Content": "a74f733635a19aefb1f73e5947cef59cd7440c6952ef0f03d09d974274cbd6df" + } + ], + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": null, + "Provider": { + "Name": "Acme Org", + "Url": [ + "https://example.com" + ], + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": "com.example", + "Name": "Acme Signing Server", + "Version": null, + "Description": "Signs artifacts", + "Endpoints": [ + "https://example.com/sign", + "https://example.com/verify", + "https://example.com/tsa" + ], + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "XmlSignature": null, + "Signature": null + } + ] + }, + "ProtobufTools": [ + { + "Vendor": null, + "Name": null, + "Version": null, + "Hashes": null, + "ExternalReferences": null, + "Components": [ + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "Awesome Vendor", + "Name": "Awesome Tool", + "Version": "9.1.2", + "Description": null, + "Scope": null, + "Hashes": [ + { + "Alg": "SHA_1", + "Content": "25ed8e31b995bb927966616df2a42b979a2717f0" + }, + { + "Alg": "SHA_256", + "Content": "a74f733635a19aefb1f73e5947cef59cd7440c6952ef0f03d09d974274cbd6df" + } + ], + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": null, + "Provider": { + "Name": "Acme Org", + "Url": [ + "https://example.com" + ], + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": "com.example", + "Name": "Acme Signing Server", + "Version": null, + "Description": "Signs artifacts", + "Endpoints": [ + "https://example.com/sign", + "https://example.com/verify", + "https://example.com/tsa" + ], + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "XmlSignature": null, + "Signature": null + } + ] + } + ], + "Authors": null, + "Component": null, + "Manufacture": null, + "Supplier": null + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-deprecated-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-deprecated-1.6.textproto.snap new file mode 100644 index 00000000..9cc39a42 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-metadata-tool-deprecated-1.6.textproto.snap @@ -0,0 +1,58 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": { + "Tools": [ + { + "Vendor": "Awesome Vendor", + "Name": "Awesome Tool", + "Version": "9.1.2", + "Hashes": [ + { + "Alg": "SHA_1", + "Content": "25ed8e31b995bb927966616df2a42b979a2717f0" + }, + { + "Alg": "SHA_256", + "Content": "a74f733635a19aefb1f73e5947cef59cd7440c6952ef0f03d09d974274cbd6df" + } + ] + } + ] + }, + "ProtobufTools": [ + { + "Vendor": "Awesome Vendor", + "Name": "Awesome Tool", + "Version": "9.1.2", + "Hashes": [ + { + "Alg": "SHA_1", + "Content": "25ed8e31b995bb927966616df2a42b979a2717f0" + }, + { + "Alg": "SHA_256", + "Content": "a74f733635a19aefb1f73e5947cef59cd7440c6952ef0f03d09d974274cbd6df" + } + ], + "ExternalReferences": null, + "Components": null, + "Services": null + } + ], + "Authors": null, + "Component": null, + "Manufacture": null, + "Supplier": null + }, + "Components": null, + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-minimal-viable-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-minimal-viable-1.6.textproto.snap new file mode 100644 index 00000000..c0958c66 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-minimal-viable-1.6.textproto.snap @@ -0,0 +1,41 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-library", + "Version": null, + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-patch-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-patch-1.6.textproto.snap new file mode 100644 index 00000000..d57cc7de --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-patch-1.6.textproto.snap @@ -0,0 +1,141 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "com.acme", + "Name": "sample-library", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": { + "Ancestors": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "org.example", + "Name": "sample-library", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Descendants": null, + "Variants": null, + "Commits": null, + "Patches": [ + { + "Type": "Unofficial", + "Diff": { + "Text": { + "ContentType": "text/plain", + "Encoding": "base64", + "Content": "blah" + }, + "Url": "uri/to/changes.diff" + }, + "Resolves": [ + { + "Type": "Enhancement", + "Id": "JIRA-17240", + "Name": null, + "Description": "Great new feature that does something", + "Source": { + "Name": "Acme Org", + "Url": "https://issues.acme.org/17240" + }, + "References": null + } + ] + }, + { + "Type": "Backport", + "Diff": { + "Text": { + "ContentType": "text/plain", + "Encoding": "base64", + "Content": "blah" + }, + "Url": "uri/to/changes.diff" + }, + "Resolves": [ + { + "Type": "Security", + "Id": "CVE-2019-9997", + "Name": "CVE-2019-9997", + "Description": "blah blah", + "Source": { + "Name": "NVD", + "Url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9997" + }, + "References": [ + "http://some/other/site-1", + "http://some/other/site-2" + ] + }, + { + "Type": "Defect", + "Id": "JIRA-874319", + "Name": null, + "Description": "Enable to do something", + "Source": { + "Name": "Example Org", + "Url": "https://issues.example.org/874319" + }, + "References": [ + "http://some/other/site-1", + "http://some/other/site-2" + ] + } + ] + } + ], + "Notes": null + }, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-properties-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-properties-1.6.textproto.snap new file mode 100644 index 00000000..39df7328 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-properties-1.6.textproto.snap @@ -0,0 +1,184 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": null, + "Manufacture": null, + "Supplier": null, + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + }, + { + "Name": "Foo", + "Value": "Two" + }, + { + "Name": "Bar", + "Value": "Foo" + }, + { + "Name": "value-is-optional", + "Value": null + } + ] + }, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-library", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null, + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + }, + { + "Name": "Foo", + "Value": "Two" + }, + { + "Name": "Bar", + "Value": "Foo" + }, + { + "Name": "value-is-optional", + "Value": null + } + ] + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null, + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + }, + { + "Name": "Foo", + "Value": "Two" + }, + { + "Name": "Bar", + "Value": "Foo" + }, + { + "Name": "value-is-optional", + "Value": null + } + ] + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + }, + { + "Name": "Foo", + "Value": "Two" + }, + { + "Name": "Bar", + "Value": "Foo" + }, + { + "Name": "value-is-optional", + "Value": null + } + ], + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": "b2a46a4b-8367-4bae-9820-95557cfe03a8", + "Provider": null, + "Group": "org.partner", + "Name": "Stock ticker service", + "Version": null, + "Description": null, + "Endpoints": [ + "https://partner.org/api/v1/stock" + ], + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + }, + { + "Name": "Foo", + "Value": "Two" + }, + { + "Name": "Bar", + "Value": "Foo" + }, + { + "Name": "value-is-optional", + "Value": null + } + ], + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-release-notes-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-release-notes-1.6.textproto.snap new file mode 100644 index 00000000..6e25cc68 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-release-notes-1.6.textproto.snap @@ -0,0 +1,294 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "acme-example", + "Version": "1.0.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ReleaseNotes": { + "Type": "major", + "Title": "My new release", + "FeaturedImage": "https://example.com/featured_image.png", + "SocialImage": "https://example.com/social_image.png", + "Description": "The main description of your release", + "Aliases": [ + "Project Orion" + ], + "Tags": [ + "CMS", + "SEO", + "wysiwyg" + ], + "Resolves": [ + { + "Type": "Enhancement", + "Id": "JIRA-17240", + "Name": null, + "Description": "Great new feature that does something", + "Source": { + "Name": "Acme Org", + "Url": "https://issues.acme.org/17240" + }, + "References": null + }, + { + "Type": "Security", + "Id": "CVE-2019-9997", + "Name": "CVE-2019-9997", + "Description": "Great new feature that does something", + "Source": { + "Name": "NVD", + "Url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9997" + }, + "References": null + } + ], + "Notes": null, + "Properties": null + }, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": "b2a46a4b-8367-4bae-9820-95557cfe03a8", + "Provider": { + "Name": "Partner Org", + "Url": [ + "https://partner.org" + ], + "Contact": [ + { + "Name": "Support", + "Email": "support@partner", + "Phone": "800-555-1212", + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Group": "org.partner", + "Name": "Stock ticker service", + "Version": "2020-Q2", + "Description": "Provides real-time stock information", + "Endpoints": [ + "https://partner.org/api/v1/lookup", + "https://partner.org/api/v1/stock" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": true, + "NonNullableXTrustBoundary": true, + "TrustZone": null, + "Data": [ + { + "Flow": "Inbound", + "Classification": "PII", + "XmlClassification": { + "Flow": "Inbound", + "Classification": "PII" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Outbound", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Outbound", + "Classification": "PIFI" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Bi_Directional", + "Classification": "public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "public" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Unknown", + "Classification": "partner-data", + "XmlClassification": { + "Flow": "Unknown", + "Classification": "partner-data" + }, + "Name": null, + "Description": null, + "Governance": null + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Inbound", + "Classification": "PII", + "XmlClassification": { + "Flow": "Inbound", + "Classification": "PII" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Outbound", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Outbound", + "Classification": "PIFI" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Bi_Directional", + "Classification": "public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "public" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Unknown", + "Classification": "partner-data", + "XmlClassification": { + "Flow": "Unknown", + "Classification": "partner-data" + }, + "Name": null, + "Description": null, + "Governance": null + } + ] + }, + "Licenses": [ + { + "License": { + "Name": "Partner license", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Name": "Partner license", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + }, + "ExternalReferences": [ + { + "Url": "http://partner.org", + "Type": "Website", + "Comment": null + }, + { + "Url": "http://api.partner.org/swagger", + "Type": "Documentation", + "Comment": null + } + ], + "ReleaseNotes": { + "Type": "major", + "Title": "My new release", + "FeaturedImage": "https://example.com/featured_image.png", + "SocialImage": "https://example.com/social_image.png", + "Description": "The main description of your release", + "Aliases": [ + "Project Orion" + ], + "Tags": [ + "CMS", + "SEO", + "wysiwyg" + ], + "Resolves": [ + { + "Type": "Enhancement", + "Id": "JIRA-17240", + "Name": null, + "Description": "Great new feature that does something", + "Source": { + "Name": "Acme Org", + "Url": "https://issues.acme.org/17240" + }, + "References": null + }, + { + "Type": "Security", + "Id": "CVE-2019-9997", + "Name": "CVE-2019-9997", + "Description": "Great new feature that does something", + "Source": { + "Name": "NVD", + "Url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9997" + }, + "References": null + } + ], + "Notes": null, + "Properties": null + }, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-saasbom-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-saasbom-1.6.textproto.snap new file mode 100644 index 00000000..c67ee8a1 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-saasbom-1.6.textproto.snap @@ -0,0 +1,863 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": { + "Timestamp": "2070-07-26T16:41:18Z", + "Tools": null, + "ProtobufTools": null, + "Authors": null, + "Component": { + "Type": "Application", + "MimeType": null, + "BomRef": "acme-stock-application", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "Acme SaaSBOM Example", + "Version": "2022-1", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + }, + "Manufacture": null, + "Supplier": null + }, + "Components": null, + "Services": [ + { + "BomRef": "stock-ticker-service", + "Provider": { + "Name": "Acme Inc", + "Url": [ + "https://example.com" + ], + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": "com.example", + "Name": "Stock Ticker Service", + "Version": "2022-1", + "Description": null, + "Endpoints": [ + "https://example.com/", + "https://example.com/app" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": null, + "TrustZone": "Acme Public Zone", + "Data": [ + { + "Flow": "Bi_Directional", + "Classification": "Customer", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "Customer" + }, + "Name": "Consumer to Stock Service", + "Description": "Traffic to/from consumer to service", + "Governance": { + "Owners": [ + { + "Organization": { + "Name": "Customer Name", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "Individual": null + } + ] + }, + "Source": [ + { + "Url": "https://0.0.0.0" + } + ], + "Source_Protobuf": [ + "https://0.0.0.0" + ], + "Destination": [ + { + "Url": "https://0.0.0.0" + } + ], + "Destination_Protobuf": [ + "https://0.0.0.0" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "Stock Service to MS-1", + "Description": "Traffic to/from stock service to microservice-1", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PIFI" + }, + "Name": "Stock Service to MS-2", + "Description": "Traffic to/from stock service to microservice-2", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "Public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "Public" + }, + "Name": "Stock Service to MS-3", + "Description": "Traffic to/from stock service to microservice-3", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + ] + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Bi_Directional", + "Classification": "Customer", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "Customer" + }, + "Name": "Consumer to Stock Service", + "Description": "Traffic to/from consumer to service", + "Governance": { + "Owners": [ + { + "Organization": { + "Name": "Customer Name", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "Individual": null + } + ] + }, + "Source": [ + { + "Url": "https://0.0.0.0" + } + ], + "Source_Protobuf": [ + "https://0.0.0.0" + ], + "Destination": [ + { + "Url": "https://0.0.0.0" + } + ], + "Destination_Protobuf": [ + "https://0.0.0.0" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "Stock Service to MS-1", + "Description": "Traffic to/from stock service to microservice-1", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PIFI" + }, + "Name": "Stock Service to MS-2", + "Description": "Traffic to/from stock service to microservice-2", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-2.example.com" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "Public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "Public" + }, + "Name": "Stock Service to MS-3", + "Description": "Traffic to/from stock service to microservice-3", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + ] + } + ] + }, + "Licenses": null, + "ExternalReferences": [ + { + "Url": "https://example.com/app/swagger", + "Type": "Documentation", + "Comment": null + } + ], + "Services": [ + { + "BomRef": "ms-1.example.com", + "Provider": { + "Name": "Acme Inc", + "Url": [ + "https://example.com" + ], + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": "com.example", + "Name": "Microservice 1", + "Version": "2022-1", + "Description": null, + "Endpoints": [ + "https://ms-1.example.com" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": null, + "TrustZone": "Acme Private Zone", + "Data": [ + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "Stock Service to MS-1", + "Description": "Traffic to/from stock service to microservice-1", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "MS-1 to Database", + "Description": "Traffic to/from microservice-1 to database", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + ] + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "Stock Service to MS-1", + "Description": "Traffic to/from stock service to microservice-1", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ] + }, + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "MS-1 to Database", + "Description": "Traffic to/from microservice-1 to database", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1-pgsql.example.com" + ] + } + ] + }, + "Licenses": null, + "ExternalReferences": [ + { + "Url": "https://ms-1.example.com/swagger", + "Type": "Documentation", + "Comment": null + } + ], + "XmlSignature": null, + "Signature": null + }, + { + "BomRef": "ms-2.example.com", + "Provider": { + "Name": "Acme Inc", + "Url": [ + "https://example.com" + ], + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": "com.example", + "Name": "Microservice 2", + "Version": "2022-1", + "Description": null, + "Endpoints": [ + "https://ms-2.example.com" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": null, + "TrustZone": "Acme Private Zone", + "Data": [ + { + "Flow": "Bi_Directional", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PIFI" + }, + "Name": "Stock Service to MS-2", + "Description": "Traffic to/from stock service to microservice-2", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ] + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Bi_Directional", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PIFI" + }, + "Name": "Stock Service to MS-2", + "Description": "Traffic to/from stock service to microservice-2", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ] + } + ] + }, + "Licenses": null, + "ExternalReferences": [ + { + "Url": "https://ms-2.example.com/swagger", + "Type": "Documentation", + "Comment": null + } + ], + "XmlSignature": null, + "Signature": null + }, + { + "BomRef": "ms-3.example.com", + "Provider": { + "Name": "Acme Inc", + "Url": [ + "https://example.com" + ], + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": "com.example", + "Name": "Microservice 3", + "Version": "2022-1", + "Description": null, + "Endpoints": [ + "https://ms-3.example.com" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": null, + "TrustZone": "Acme Private Zone", + "Data": [ + { + "Flow": "Bi_Directional", + "Classification": "Public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "Public" + }, + "Name": "Stock Service to MS-3", + "Description": "Traffic to/from stock service to microservice-3", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ] + }, + { + "Flow": "Outbound", + "Classification": "Public", + "XmlClassification": { + "Flow": "Outbound", + "Classification": "Public" + }, + "Name": "MS-3 to S3", + "Description": "Data pushed from microservice-3 to S3 bucket", + "Governance": null, + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#s3-example.amazon.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#s3-example.amazon.com" + ] + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Bi_Directional", + "Classification": "Public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "Public" + }, + "Name": "Stock Service to MS-3", + "Description": "Traffic to/from stock service to microservice-3", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service" + ] + }, + { + "Flow": "Outbound", + "Classification": "Public", + "XmlClassification": { + "Flow": "Outbound", + "Classification": "Public" + }, + "Name": "MS-3 to S3", + "Description": "Data pushed from microservice-3 to S3 bucket", + "Governance": null, + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#s3-example.amazon.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#s3-example.amazon.com" + ] + } + ] + }, + "Licenses": null, + "ExternalReferences": [ + { + "Url": "https://ms-3.example.com/swagger", + "Type": "Documentation", + "Comment": null + } + ], + "XmlSignature": null, + "Signature": null + }, + { + "BomRef": "ms-1-pgsql.example.com", + "Provider": null, + "Group": "org.postgresql", + "Name": "Postgres", + "Version": "14.1", + "Description": "Postgres database for Microservice #1", + "Endpoints": [ + "https://ms-1-pgsql.example.com:5432" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": null, + "TrustZone": "Acme Private Zone", + "Data": [ + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "MS-1 to Database", + "Description": "Traffic to/from microservice-1 to database", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ] + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Bi_Directional", + "Classification": "PII", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "PII" + }, + "Name": "MS-1 to Database", + "Description": "Traffic to/from microservice-1 to database", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ], + "Destination": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + } + ], + "Destination_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-1.example.com" + ] + } + ] + }, + "Licenses": null, + "XmlSignature": null, + "Signature": null + }, + { + "BomRef": "s3-example.amazon.com", + "Provider": null, + "Group": "com.amazon", + "Name": "S3", + "Version": null, + "Description": "S3 bucket", + "Endpoints": [ + "https://s3-example.amazon.com" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": null, + "TrustZone": "Public Internet", + "Data": [ + { + "Flow": "Inbound", + "Classification": "PII", + "XmlClassification": { + "Flow": "Inbound", + "Classification": "PII" + }, + "Name": "MS-3 to S3", + "Description": "Data pushed from microservice-3 to S3 bucket", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + ] + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Inbound", + "Classification": "PII", + "XmlClassification": { + "Flow": "Inbound", + "Classification": "PII" + }, + "Name": "MS-3 to S3", + "Description": "Data pushed from microservice-3 to S3 bucket", + "Governance": null, + "Source": [ + { + "Url": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + } + ], + "Source_Protobuf": [ + "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#ms-3.example.com" + ] + } + ] + }, + "Licenses": null, + "XmlSignature": null, + "Signature": null + } + ], + "XmlSignature": null, + "Signature": null + } + ], + "Dependencies": [ + { + "Ref": "pkg:maven/com.acme/stock-java-client@1.0.12", + "Dependencies": [ + { + "Ref": "b2a46a4b-8367-4bae-9820-95557cfe03a8", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-1.6.textproto.snap new file mode 100644 index 00000000..3a7617d8 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-1.6.textproto.snap @@ -0,0 +1,258 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "pkg:maven/com.acme/stock-java-client@1.0.12", + "Supplier": null, + "Author": null, + "Publisher": "Acme Inc", + "Group": "com.acme", + "Name": "stock-java-client", + "Version": "1.0.12", + "Description": null, + "Scope": null, + "Hashes": [ + { + "Alg": "SHA_1", + "Content": "e6b1000b94e835ffd37f4c6dcbdad43f4b48a02a" + } + ], + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Id": "Apache-2.0", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + }, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:maven/com.acme/stock-java-client@1.0.12", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": "b2a46a4b-8367-4bae-9820-95557cfe03a8", + "Provider": { + "Name": "Partner Org", + "Url": [ + "https://partner.org" + ], + "Contact": [ + { + "Name": "Support", + "Email": "support@partner", + "Phone": "800-555-1212", + "BomRef": null + } + ], + "BomRef": null, + "Address": null + }, + "Group": "org.partner", + "Name": "Stock ticker service", + "Version": "2020-Q2", + "Description": "Provides real-time stock information", + "Endpoints": [ + "https://partner.org/api/v1/lookup", + "https://partner.org/api/v1/stock" + ], + "Authenticated": true, + "NonNullableAuthenticated": true, + "XTrustBoundary": true, + "NonNullableXTrustBoundary": true, + "TrustZone": null, + "Data": [ + { + "Flow": "Inbound", + "Classification": "PII", + "XmlClassification": { + "Flow": "Inbound", + "Classification": "PII" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Outbound", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Outbound", + "Classification": "PIFI" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Bi_Directional", + "Classification": "public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "public" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Unknown", + "Classification": "partner-data", + "XmlClassification": { + "Flow": "Unknown", + "Classification": "partner-data" + }, + "Name": null, + "Description": null, + "Governance": null + } + ], + "XmlData": { + "DataClassifications": null, + "DataFlows": [ + { + "Flow": "Inbound", + "Classification": "PII", + "XmlClassification": { + "Flow": "Inbound", + "Classification": "PII" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Outbound", + "Classification": "PIFI", + "XmlClassification": { + "Flow": "Outbound", + "Classification": "PIFI" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Bi_Directional", + "Classification": "public", + "XmlClassification": { + "Flow": "Bi_Directional", + "Classification": "public" + }, + "Name": null, + "Description": null, + "Governance": null + }, + { + "Flow": "Unknown", + "Classification": "partner-data", + "XmlClassification": { + "Flow": "Unknown", + "Classification": "partner-data" + }, + "Name": null, + "Description": null, + "Governance": null + } + ] + }, + "Licenses": [ + { + "License": { + "Name": "Partner license", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ], + "LicensesSerialized": { + "Licenses": [ + { + "License": { + "Name": "Partner license", + "Text": null, + "Url": null, + "BomRef": null, + "Licensing": null + }, + "Expression": null, + "BomRef": null + } + ] + }, + "ExternalReferences": [ + { + "Url": "http://partner.org", + "Type": "Website", + "Comment": null + }, + { + "Url": "http://api.partner.org/swagger", + "Type": "Documentation", + "Comment": null + } + ], + "XmlSignature": null, + "Signature": null + } + ], + "Dependencies": [ + { + "Ref": "pkg:maven/com.acme/stock-java-client@1.0.12", + "Dependencies": [ + { + "Ref": "b2a46a4b-8367-4bae-9820-95557cfe03a8", + "Dependencies": null, + "Provides": null + } + ], + "Provides": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-empty-objects-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-empty-objects-1.6.textproto.snap new file mode 100644 index 00000000..a8cd181a --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-service-empty-objects-1.6.textproto.snap @@ -0,0 +1,37 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": null, + "Services": [ + { + "BomRef": "b2a46a4b-8367-4bae-9820-95557cfe03a8", + "Provider": { + "Name": null, + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": null, + "Name": "Stock ticker service", + "Version": null, + "Description": null, + "Endpoints": null, + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-standard-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-standard-1.6.textproto.snap new file mode 100644 index 00000000..25a60343 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-standard-1.6.textproto.snap @@ -0,0 +1,169 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": null, + "Compositions": null, + "Definitions": { + "Standards_XML": { + "Standards": [ + { + "BomRef": "standard-1", + "Name": "Sample Standard", + "Version": "1.0.0", + "Description": "Description here", + "Owner": "Acme Inc", + "Requirements": [ + { + "BomRef": "requirement-1", + "Identifier": "v1", + "Title": "Title here", + "Text": null, + "OpenCre": null, + "Parent": null + }, + { + "BomRef": "requirement-1.1", + "Identifier": "v1.1", + "Title": "Title here", + "Text": null, + "OpenCre": null, + "Parent": "requirement-1" + }, + { + "BomRef": "requirement-1.1.1", + "Identifier": "v1.1.1", + "Title": null, + "Text": "Text of the requirement here", + "Descriptions": [ + "Supplemental text here" + ], + "OpenCre": [ + "CRE:616-305" + ], + "Parent": "requirement-1.1" + } + ], + "Levels": [ + { + "BomRef": "level-1", + "Identifier": "Level 1", + "Title": null, + "Description": "Description here", + "Requirements": [ + "requirement-1.1.1" + ], + "AnyAttr": null + }, + { + "BomRef": "level-2", + "Identifier": "Level 2", + "Title": null, + "Description": "Description here", + "Requirements": [ + "requirement-1.1.1" + ], + "AnyAttr": null + }, + { + "BomRef": "level-3", + "Identifier": "Level 3", + "Title": null, + "Description": "Description here", + "Requirements": [ + "requirement-1.1.1" + ], + "AnyAttr": null + } + ], + "Any": null, + "AnyAttr": null, + "Signature": null + } + ], + "Any": null, + "AnyAttr": null + }, + "Standards": [ + { + "BomRef": "standard-1", + "Name": "Sample Standard", + "Version": "1.0.0", + "Description": "Description here", + "Owner": "Acme Inc", + "Requirements": [ + { + "BomRef": "requirement-1", + "Identifier": "v1", + "Title": "Title here", + "Text": null, + "OpenCre": null, + "Parent": null + }, + { + "BomRef": "requirement-1.1", + "Identifier": "v1.1", + "Title": "Title here", + "Text": null, + "OpenCre": null, + "Parent": "requirement-1" + }, + { + "BomRef": "requirement-1.1.1", + "Identifier": "v1.1.1", + "Title": null, + "Text": "Text of the requirement here", + "Descriptions": [ + "Supplemental text here" + ], + "OpenCre": [ + "CRE:616-305" + ], + "Parent": "requirement-1.1" + } + ], + "Levels": [ + { + "BomRef": "level-1", + "Identifier": "Level 1", + "Title": null, + "Description": "Description here", + "Requirements": [ + "requirement-1.1.1" + ], + "AnyAttr": null + }, + { + "BomRef": "level-2", + "Identifier": "Level 2", + "Title": null, + "Description": "Description here", + "Requirements": [ + "requirement-1.1.1" + ], + "AnyAttr": null + }, + { + "BomRef": "level-3", + "Identifier": "Level 3", + "Title": null, + "Description": "Description here", + "Requirements": [ + "requirement-1.1.1" + ], + "AnyAttr": null + } + ], + "Any": null, + "AnyAttr": null, + "Signature": null + } + ] + }, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-tags-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-tags-1.6.textproto.snap new file mode 100644 index 00000000..03bf6c9b --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-tags-1.6.textproto.snap @@ -0,0 +1,71 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": null, + "Name": "my-json-parser", + "Version": "1.0", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "Tags": [ + "json-parser", + "javascript", + "node.js" + ], + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": null, + "Provider": null, + "Group": null, + "Name": "my service", + "Version": null, + "Description": null, + "Endpoints": [ + "https://example.com/myservice" + ], + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "XmlSignature": null, + "Signature": null, + "Tags": [ + "microservice", + "golang", + "aws", + "us-east-1" + ] + } + ], + "Compositions": null, + "Definitions": null, + "XmlSignature": null, + "Signature": null +} diff --git a/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-vulnerability-1.6.textproto.snap b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-vulnerability-1.6.textproto.snap new file mode 100644 index 00000000..732811b5 --- /dev/null +++ b/tests/CycloneDX.Core.Tests/Protobuf/v1.6/__snapshots__/SerializationTests.ProtobufDeserializationTest_valid-vulnerability-1.6.textproto.snap @@ -0,0 +1,240 @@ +{ + "BomFormat": "CycloneDX", + "SpecVersion": "v1_6", + "SpecVersionString": "1.6", + "SerialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", + "Version": 1, + "NonNullableVersion": 1, + "Metadata": null, + "Components": [ + { + "Type": "Library", + "MimeType": null, + "BomRef": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4", + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "com.fasterxml.jackson.core", + "Name": "jackson-databind", + "Version": "2.9.4", + "Description": null, + "Scope": null, + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4", + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Compositions": null, + "Vulnerabilities": [ + { + "BomRef": "6eee14da-8f42-4cc4-bb65-203235f02415", + "Id": "SNYK-JAVA-COMFASTERXMLJACKSONCORE-32111", + "Source": { + "Name": "Snyk", + "Url": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-32111" + }, + "References": [ + { + "Id": "CVE-2018-7489", + "Source": { + "Name": "NVD", + "Url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9997" + } + } + ], + "Ratings": [ + { + "Source": { + "Name": "NVD", + "Url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.0" + }, + "Score": 9.8, + "Severity": "Critical", + "Method": "CVSSV3", + "Vector": "AN/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "Justification": "An optional reason for rating the vulnerability as it was" + } + ], + "CWES": [ + 184, + 502 + ], + "Description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", + "Detail": "", + "Recommendation": "Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.6.7.5, 2.8.11.1, 2.9.5 or higher.", + "Workaround": "Describe the workarounds here", + "ProofOfConcept": { + "ReproductionSteps": "Precise steps to reproduce go here", + "Environment": "Describe the environment", + "SupportingMaterials": [ + { + "ContentType": "image/jpeg", + "Encoding": "base64", + "Content": "/9j/4AAQSkZJRgABAQAASABIAAD/4QBYRXhpZgAATU0AKgAAAAgAAgESAAMAAAABAAEAAIdpAAQAAAABAAAAJgAAAAAAA6ABAAMAAAABAAEAAKACAAQAAAABAAABQKADAAQAAAABAAABQAAAAAD/wAARCAFAAUADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9sAQwACAgICAgIDAgIDBQMDAwUGBQUFBQYIBgYGBgYICggICAgICAoKCgoKCgoKDAwMDAwMDg4ODg4PDw8PDw8PDw8P/9sAQwECAgIEBAQHBAQHEAsJCxAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQ/90ABAAU/9oADAMBAAIRAxEAPwD9xKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9xKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9H9xKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9L9xKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9P9xKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9T9xKKKKACiiigAooooAKKKKACiiigAooooAKKzdY1jSfD2lXWua7eRafp9jG0s9xO4SONF6szHgCvyK+P/APwUJ1zV7i68MfAxTpmnKTG2sTJ/pU3Ym3jbIiU9mYFz1AWmkB+qvjL4ieA/h5Z/bvHPiCy0OEjK/a51jZv91CdzfgDXy3r/APwUA/Zw0WVobPUr/WWXvZ2T7D9GmMQNfitofhT4ofGXX5ptHsdR8V6rK2Zrht85BPeSaQ7V/wCBMK+nvDv7Afxk1WJZtcvtL0PdzskmeeQfUQqVz/wI185nXF+VZc+XG4mMH2b1+5Xf4HTRwlWprCLZ9xW//BSD4DSy7JtO12Bf77WsBH5LOT+leweEP2yv2cfGc0drZeL4tNuJOBHqUclmST23yKI//H6/Om4/4J2eOli3Wvi/TJJP7rwzoPzAb+VeL+NP2NPjx4Ohku00aPXrWPJL6ZKJ2x/1yYLIfwU15WX+JeQYqfs6OMhfzfL/AOlJGk8trxV3Bn9Ctpd2t/bR3thPHc28w3JLEweNwe6spII+lWK/me+G3xr+LfwN1hj4P1e50zyXxcadcBmtnI6rLbScA+4CsOxr9mP2bv2x/Bfxz8rwzrUaeHfGIX/jzd8wXeBy1q7ck9zG3zDtuGTX2+6ujiPsmiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1f3EooooAKKKKACiiigAooooAKKKKACop54LWCS6upFhhhVnkdyFVEUZZmJ4AAGSalr88P8AgoV8aJ/BXgCz+F+hXBi1PxeGa7ZDho9OiOGX285/k91DChAfDv7Xn7Uuo/GzxHN4V8LXL2/gbSZSIUUlft8qHH2mUd1z/qlPAHzH5jx1P7NH7HM/j21tfHvxQWWy8Py4ktbBSY571ezu3WOE9sfMw5GBgnhP2PfgTB8WfGsviHxJb+b4Z8NsjzIw+W6uTzFAfVRjc49MD+Kv2w/dxR/wxxxr7Kqqo/IAD8q/nbxl8VauAm8pyyVqlvfkt432S/vNat9Fa2r0+hyjK1Ne1qbdEZWgeHtB8K6VDofhrT4NL0+3GI4LeMRoPfA6n1J5Pc1sV8+X/wC1V+z9pustoV14ytTOjbGeNJZIFYcYMyIU/EEj3r3iw1Cw1Wyg1LS7mO8tLpBJFNC4eORG5DKy5BB9q/lbM8px1C1XG0px59U5Jrm+bWp9NTqwlpBrTsW6KKK8k1PD/jD+z78OvjRp8ieI7IWurBcQanbKFuoz23HpInqr59sHmvxc+K/wl8c/AbxlHpWtFo3VvP0/UbYsiTqjZWSJxyrqcblzuU+2Cf6E68r+Mnwn0H4yeBb3wfraqkrAyWVzjL2t0o+SRT1x2cd1JHpX7D4ZeKuJyevHDYqTlhno09eTzj6dY7P1PJzLLI1k5RVpfmef/sZftQn41aA/gvxnMo8Z6JEGaQ4X+0LZcL54H/PRTgSgeoYdSB9yV/MPoWs+M/gP8U4dTgU2XiDwnfFZIySFYxNtkjb1jkXI91Oa/pQ8E+LtI8feENG8a6C++w1u1iuovVRIuSp91OVPuDX9ywqRnFTg7p6pnxTTTszqKKKKoQUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH//W/cSiiigAooooAKKKKACiiigD8fP2q/21fiZo/wAStW+Hnwsvl0LTvD0xtZ7pYkkuLm4T/WYaQMERW+UBRk4yTg4r5Z/4bJ/aZ/6Hu6/79W//AMbr6u/a+/Yz8cX3jLWfi18L7U63Zau5u77Tov8Aj7gnI/ePEn/LVHI3bV+YEkYIr8z9Ovrnw9qhe4soppYGKS295CHGQeVZGAKkfgRTe2iNKUYuSU3Zd9z6C/4bJ/aZ/wCh7uv+/Vv/APG68Z8e/EXxr8T9dHiXx7qsusaksKQCaUKCIoySqgIFAAJJ6d6+gPBPiT4Q+KvLs9Q0Gx0rUWwPLliTy3P+xIQB+BwfrWR8efDHh3Q9E0u40bTYLGWS5ZGaGMIWXYTg468ivIp5x+/VCdNxbPv8TwBbLp5lh8VCpCO9r33StqtHrsz9EP2G9X8J33wOt9M8PKY7/TbqZdUV8bmuZTvWTjqjR7QvptI7VN+3B4o1vw18C7iHRZHg/tm+gsbmRCQRburu65HQOUCn1BI714P/AME5Wbb48TJ2/wDEvOO2f33NfoJ8QvAXh74m+D9R8E+KImksNRQAlDiSN1O5JEJzhkYAj8jwTX8Y8WTw+VcaTr105041Izd9X7yUn62b0XkkcOFUquDSjo7W/Q/m/wCnAr9XP+CePifWr/wx4q8KXkjy6bpM9tPa7iSImuQ/mIvoCUDY9cnvXll//wAE8PiAmsmDTPFGmS6UW4nmWZJwnvEqspbHo+K/Qz4KfBrw58EfBq+FdBka7mmk8+8u5AFe4nIA3YGdqqBhVycDuSSa/UfF/wASMlx2SywmEqqpUm4tWT92zTbd0rO11bfXseblOXVoVueaskev0UUV/JR9SFFFFAH5F/8ABQLwFDovj7RvH1lGEj8R2zQ3GBgG5tMAMfdo2X/vmvrj/gnD43l174Qat4NupN8vhfUT5QJ5FveL5qj6CQSfnXHf8FBNPiuPg/o+oMP3llrEQU9wssMqsPxwPyrzP/gmNqEqeNvHWlZ/dTabazkf7UU5Qfo5r+9vBfNJ4rh2h7R3cLw+Sen3JpfI+Hziko4iVuup+xNFFFfqR5YUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH//1/3EooooAKKKKACiiigAooooAK+cPjd+yz8KfjnBJda9Y/2Zr+3Eeq2QVLgHt5o+7Mvs/Powr6Pr57/aW+PFp+z78PB4s+wjU9SvrhbOxtmYpG8zKzlpGHIRFUk45JwBjOQ0B+MHxz/ZJ+KvwOabVL+1GueGkPy6rZKWjRScD7RHy0J+uVz0Y18+XvibXdS0i30LULt7mztH8yFZDuKHG3AY84x26V6f8Wf2iPi18abpm8ba3I1gG3R6fbfuLKP0xEp+Yj+85Y+9eJU3BOza2NqWIqQUowk0no7dV2fc/Tr/AIJy/wDM+f8AcP8A/a1fp1X5mf8ABOa2mFt47vCP3RewjB/2gJmI/Kv0zr+CPGlp8S4q39z/ANIifZ5P/u8fn+YUUUV+WHphRRRQAUUUUAfAv/BQrWIbX4X+H9DLfvtQ1YSgf7FvC+4/m61xv/BMXSJX8SePNf2nyobOztM9t0sryY/KOvDP26PiNB4x+LMfhXTpRJZeEYDbMQcqbuUh5/8AvnCofdTX6Ff8E+/AE3hD4EJ4hvY/LuvF15JfjIwfs0YEMH4EKzD2av798H8nnguH8PCorSneb/7ed1/5LY+Fzasp15NdND7looor9LPNCiiigAooooAKK5rxf4x8MeAfD134r8Y6lFpWlWK7pZ5jhRngKAMlmY8KqgknoK+KW/4KOfAVdW+wCy1prPdt+2C1j8vH97yzL5mP+A59qLAffdFcp4K8ceE/iL4ctfFngrU4tV0q7zsmiJ4ZfvIynDK691YAiuroAKKKKACiiigAooooAKKKKAP/0P3EooooAKKKKACiiigAooooAK8J/aH+Bej/ALQHw/bwdqN42m3dtOt3Y3arv8mdVK/MmRuRlYqwBB7jkV7tRQB+MDf8EzPiiCQvi/RiOx2XIz+Gyuf8V/8ABOn4seGfC+q+IrbXNN1ibTLd7hbK1Sfz5xHyyx7lA3bckDuRgcmv2/r5b/ay+P8AqX7Pnw+ste0Cwiv9Y1i8Fnai43GCLCNI8jhSC2AMBQRknk4FVcD8Xv2cvjbefA/x/HrMwebQ9RAttTt16tDnIkUf89IjyPUZXvX7xaLrWk+I9JtNe0K7jvtOv41mgniO5JEbkEH+Y6g8Hmv5yPG3iqXxv4p1HxZc6faaZcapIZpobFGit/Nb77IjM23efmIBxknAFe2fAH9prxh8Drv+z1U6x4ZuH3z6fI+0ox6yW7nOxz3GNrdxnkfhni54UvOF9fwFlXirNbKaW2vSS6N6NaPZHt5Vmnsv3c/h/I/d6iuY8F+LtG8e+FNL8ZeH3Z9P1eBZ4t42uA3BVhzhlIIPuK6ev4tr0J0pypVFaUW00+jW6PsIyTV0FFFRT3EFpBJdXUqQwxKWeSRgqKo6lmOAAPU1mlfRDJa+bP2lvj5pnwS8GyCzlSXxTqqNHp1v1KE8G4kHZI+2fvNgDvjzP40/tt+A/A9vcaN8Onj8U69gqJUJ+wQN6tIMeaR/dTg92FflvHH8S/j78RViQT+IvE+uSYHoAP8Ax2KKMfRVFfv3hj4NYnG1oY3NabhRWqi9JT+W6j3vutFvdeFmWbxgnCk7v8ja+Cnws8Q/Hv4qWPhOB5Jft0xutTuzljFbBt08zMf4jnC56uwr+k3SdK07QdKstD0iEW1jp8MdvBEvRIolCoo+gFfP/wCzL+zpo37P/go6bEVv/EWqBJNUvlXh3UfLDFnkRR5OP7xyx64H0kUcdVI/Cv7J0WiPkBtFGCKKACilCk9Bmql/e2WlWz3uq3EVlbxjc8k7rEij1LMQAKALVVb6+stMs59R1K4jtLS2QySzTOI440XkszNgAD1NfGHxa/bw+C/w7jmsPDFyfGespkCKwbFqrf8ATS6IK4/65hz9K/Jf40/tMfFb473f2fxPf/ZdI35h0qy3R2qnPy7lyWlf3cn2A6U0gPbP25P2idC+MfijS/C3gPUHvPDPh5ZGeUApDdXrnBkTPLIiDarEDqxHBzXgi/AbxF/wol/jxJewx6cLsW62jKwmeMy+T5ob7uN/AHoCc9q92+Af7FninxzNbeJvidHLoHh7IkW1YbL27XqBtPMKHuzfMR0HevsD9suw0rw1+zLd6Bo1tHZWMFzp1tbwRDakcaSghVH0WvxziLxToLNcJlOWTUpyqRU2rNKLdnFPu+62t329jD5ZL2U6tRWSTsfPH/BNjxlrNl8TNe8BrKX0nVdOe9aIn5UuLV0VZFHqyOVPrgegr9oa/D3/AIJvW5l+OuqTgcQaHck/8CmhFfuFX7HI8cKKKKQBRRRQAUUUUAFFFFAH/9H9xKKKKACiiigAooooAKKKKACiiigAr83P+CmUBf4WeEbgDiLW2B/4FbSf4V+kdfBX/BRjS2vfgBb36jJ07WrOQ+yyJLGf1YU0B+ef7JXwK8DfHG58UWPjGW8hfSYrWS3a0lWMjzWdW3BkcH7ox0r6suv+Cd/w5kmV7PxTq0MWRuRkgcle4DbVwfcg14p/wTw1IQfEbxRpRODeaUkoHqYJ1H8pK/XCv5D8WeOs6yzPq1DCYmUYWi0tGtYq9k0+tz6zK8FRqUFKcbvU5zwh4U0bwN4Y0zwh4eiMOm6TAsEKsdzbV7se7Mckn1NdHRRX871q06k5VKjvJu7b3be7PfSSVkFfOX7VXgLxn8R/g5qPhvwKTJqHnwTvbBwhuoYiS8QJIGScMATglcelfRtFd2TZrUwOLpYykk5QkpK+qunfUitSU4uD6n88t78BPjZp2ftfgXWEx/ds5H/9ABrmZvAvxE0d/Mn8PatYuv8AEbS4jI/HYDX9IOSOhpwkkHRiPxr+gaP0ksYv4mEi/STX5pngvh6HSbP5u49e+I+lf6rUtZstvpPcxY/UVpQ/GD4s2J2weNdahI7DULgf+z1/RbIkcv8ArkWT/eAP86oy6RpE4xPYW8g/2oUb+Yr06f0lV9vA/dU/+0M3w72n+H/BP59ov2g/jlBxF8Q9dUf9hKf/AOLqz/w0d8eiMf8ACxddx/2EJv8A4qv3tk8HeEJuZtB09/8AetIT/Nag/wCEE8DZz/wjemZ/68oP/iK6l9JSh1wT/wDA1/8AIk/6uv8An/A/Am6+PHxpvVK3fj/XJQeobUrj/wCLrnmHxF8eTrC/9r+I5nPyq32i8JPsDur+iS38L+F7QhrXRrGEjulrEv8AJa11MFmm1NsK+igKPyFc1f6Sd1ajgdfOf6KBcOHO8/w/4J+Kvw1/Yk+MHjZ4rrxHAnhHTGwS9781yV/2LdTuz/vlK/ST4SfsufCn4RGLUNNsTq+tx4P9o34WSVW9Ykxsi/4CN3+0a96l1KMcRLuPqeBVq2nFxHvxgg4Ir8s4w8T89zSDjWn7Ok/sw0Xzd+Z+jdvI9fD5NTormtd92WCSTk18M/8ABQDUha/BjTdPzhr/AFiAY9RFFK5/XFfc1fmL/wAFF9eGPBPhZG5/0y+df++IkP8A6HXF4RYJ1+I8JFdG5f8AgMW/0JzWfLh5srf8EytMM3xC8aaxji10qCDPvPOG/wDaVfsnX5h/8EyfD7W/g3xt4odcfbb+2tEb1FtEXb9ZRX6eV/oDI+DCiiikAUUUUAFFFFABRRRQB//S/cSiiigAooooAKKKKACiiigAooooAK+aP2w/DreJv2bfG9nGm+SztUvkHvZypMT+Cqa+l6yte0a08R6FqXh6/GbbVLaa1kB/uToUP6GgD+fv9i3xEugftBaHFK22PWIbmwPpuljLp+boB+NfuTX841jNq3wn+JcMsylNQ8I6qN69DvspsMPx2kfQ1/RZpuo2esadaavp7iS1voY54mHIaOVQ6n8jX8ifSNylwx+HxqWk4uPzi7/lJfcfWcP1b05Q7P8AMu0UUV/OR9AFFFFAGHNfXAlYKdoBxjFMGoXI/iB/Ctp4IZDudASe9Rmztj/yzH617EMbh7JOH5HUqsLaozBqVx/sn8KX+05v7q/rV/7Ban+D9TSf2fa/3T+dV9awv8g/aU+xS/tOb+4v60h1Oc9FUfnV3+z7b0P50o0+1H8JP40fWMJ/KHPS7GU95cvwXwPbiokimmPyqW966BLW3j+6gz781PQ80hFWpQB4hL4UczNA8BAkxkjPFa2mjEBPq1Z19J5lw2Oi8flWxaJ5dug7kZP41rj6reHjzbsqtJ8iuWa/ED9tjxcvij486pZQvvt/D0EGnLg8B0HmS/8Aj7kH6V+zni/xRp/grwrq/i/VWC2mj2st1JnuI1JCj3Y4A9zX88+l2GvfFv4kW2nrmbV/F2phSev728lyx+i7ifoK/cfo55E6mNr5jJaQjyr1lq/uS/8AJj5HiCvaEaffU/df9iDwi3hL9m/w0Zo/LuNba41OTPXFxIRH/wCQ1SvrSsvRNGsfDui6f4f0xAlnplvFawqO0cKBF/QVqV/XDPlAooooAKKKKACiiigAooooA//T/cSiiigAooooAKKKKACiiigAooooAKKKKAPwj/4KAfDGTwT8bH8XWkOzTPGcIu1YD5RdxAR3C/U/K/8AwKvrz9h/4oR+NfhSvg++m3ar4RYWxUn5ms3y0D/ReY/+Aj1r6M/at+Cg+OHwkv8AQtPjDa9pRN/pbdzcRqd0OfSZMp/vbT2r8Mvgn8U9Y+CPxJs/FMcUhhiZrXUbQ/K0luxxKhB6OhG5c9GUe9fn3ifwe86ymeHpr95H3oeq6fNXXrZ9D0Mtxfsaqk9noz+hGisfw94g0fxXodj4k8PXS3um6lEs0EyHhkYcfQjoR1ByDWxX+fdSnKEnCas1o0+jPu076oKKKKgYUUUUAFFFFABRRR70AFVrq4FvGT/Efuio576KLIT529un51jM0tzLk/MzdK9TB5e5PmqaI6aVBvV7C28RnmC9up+ldLVW1thbpg8s3U15p8ZPi14f+DPgi78X64wkmAMdla5w91ckfJGvsOrn+Fcn0rZ0quOxMMNho80m7RS6tmWKxEVeTeiPjP8Ab6+LkdlpFh8HtHn/ANJvyl7qe0/cgQ5gib/fYbyPRV9a4r/gnP8ACZ/EXxA1H4ranDnT/C8Zt7RmHD31yuCR/wBcoiSfQutfEUj+NvjZ8Scqrap4l8VXoCqvQySnAA/uxov4Ki+1f0Y/Bf4WaR8Gfhto3w/0giT7BHuuZwMG4upPmmlP+83T0UAdq/0A4E4UhkuWU8DHWW8n3k936dF5JH51jsU61Rz+49Sooor645AooooAKKKKACiiigAooooA/9T9xKKKKACiiigAooooAKKKKACiiigAooooAK/Ij9u79ly4sr28+Ofw/szJZ3B8zXLSJeYpO94ij+Bv+WuOjfP0Jx+u9MkjjmjeGZBJHICrKwBVlIwQQeCCOoppgfz5/syftO6n8FdQ/wCEe8QCTUPB99JulhX5pLSRus0APUH+NP4uo+br+0fhvxN4f8Y6Ja+I/C9/Fqem3i7op4W3KfUHuGHQqcEHgivz4/ah/YPvLa4vPH/wLtPtFtIWlutDT/WRE8s1n/eX/pl1H8GR8o+Bvhr8XviT8FNcluPCd9JYsJNt3YXCkwSsvBWaFsYYdMjDD1r8Q8SvBujm8pY3AtQr9b/DP17Pz69V1Pay7N3S9yesfyP6HKQ5wcda+Ffhl+3j8N/E8cVh8QraTwrqJwGmAa4smb1DqN6fRlIH96vs/wAP+J/DfiyzXUPC+q2ur2zDIktZkmX8dhOPxr+SM+4RzLK58mOoSh5291+klo/kz6qhiqdRXg7ldp7lJCWdlbvzUq6hcr1Ib6it1kR+HUH6ioGs7Zv+WYH0rlWYUZL34Hp+3g90Zo1Kfuqn86Dqc3ZV/Wrx0+29D+dH9n23ofzp/WMJ/KPnpdjObULk9CB9BVZ5ZpjhmLe1bq2Vsv8ABn6mrCRonEagfQUf2hRh8EA9vBfCjCisZ5OWGwep/wAK2ILaO3GEGSepPWuS8Y/EbwH8PrVrzxrr1npCAZCzygSt/uxjLsfopr4H+LH7f9jDHNpPwe0xriY5X+0tQTbGv+1Fb5y3sZCB/smvoci4SznO5KODovk/m2ivWT0forvyPOxmaQgvfl8j7X+LXxk8D/Bnw82ueL7sCaQH7LZREG5unH8Ma9hnq5+Ve57V+Hnxf+L/AIx+OHjD+3/EBIUHybCxhy0dvGx+WONerOxxubGWP4AYLv8AEb40eNVU/bfFXiXVX2qoBllb2AHCIv4Ko9BX7Dfsr/sVaX8J5Lbx98SRDqvi9QHt7dcSW2nE91PSSYf3/ur/AA5PzV/XPhz4VYXIY+3qP2ldrWXReUf1e78lofGZhmkq/urSJJ+xT+yzJ8JdI/4WP48tgvi/V4dsEDjJ061cZKn0mk/j/uj5eu6vvyiiv1Q8sKKKKACiiigAooooAKKKKACiiigD/9X9xKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvnL40fssfCP44LJe+I9OOna4y4XVLHEVzkdPM4KSgf7YJ9CK+jaKAPwv+Jv8AwT3+Mvg55rzwS8HjLTkyVFuRBehf9qCQ4Y/7jtn0r45v9L8e/DXVtmo2upeFtSjPV1ms5c+x+Un8DX9S1UdT0vS9atWsdasoNQtm4MVxEsyEf7rgiiSUk4yV0xp2P5zPD/7Vf7QHhxUSz8ZXV1EvRLxY7sfnKrN+terad+3x8crQBb2HSb8Du9q0bH8Y5FH6V+sniP8AZO/Z08UO8upeBNPhlfkvaB7Rs+v7hkH6V5Fqf/BPP9nS+YtZwarp2f8AnjfFgPoJVevlMbwHkmId62Dpt9+VJ/ekmdUMdWjtN/efEEP/AAUP+JiDE3hfR5D6g3C/+1KfL/wUQ+JLLiLwto6H1LXDf+1BX1fP/wAE1vgw7E2/iDXYh6NLbP8A+0RUcP8AwTU+DitmfxFrkg9A9uv6+Sa8n/iFHDl7/U4/fL/M1/tXEfznxVqf7fPxwvAVsINJ04Hulq0jD8ZJGH6V474m/ae+PPipHi1TxleQQv1jtClomD2/cqhx+NfrLpf/AATw/Z2sGDXseraljtPfbAfqIUjr2Xwz+yp+zx4SdJtJ8CadJMnIku0a8fPrm4aQfpXr4DgTJMM+ahg6afflTf3u7MZ46tL4pv7z+fPw34J+IfxN1Qx+F9G1HxJfTH5nhikuDk93lOQPqzV93fCr/gnH49154dS+K+qReGrE4ZrO1K3N6w9Cw/dR/XLn2r9l7Ozs9OtlstOt47S3ThYoUWNAPZVAA/KrNfVrRWRynlXwr+Cnw1+DGknSvh/o0di0gAnun/eXdxjvLM3zH/dGFHYCvVaKKQBRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/1v3EooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/1/3EooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/0P3EooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/0f3EooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/0v3Eoq9/Z15/zz/UUf2def8APP8AUUAUaKvf2def88/1FH9nXn/PP9RQBRoq9/Z15/zz/UUf2def88/1FAFGir39nXn/ADz/AFFH9nXn/PP9RQBRoq9/Z15/zz/UUf2def8APP8AUUAUaKvf2def88/1FH9nXn/PP9RQBRoq9/Z15/zz/UUf2def88/1FAFGir39nXn/ADz/AFFH9nXn/PP9RQBRoq9/Z15/zz/UUf2def8APP8AUUAUaKvf2def88/1FH9nXn/PP9RQBRoq9/Z15/zz/UUf2def88/1FAFGir39nXn/ADz/AFFH9nXn/PP9RQBRoq9/Z15/zz/UUf2def8APP8AUUAUaKvf2def88/1FH9nXn/PP9RQBRoq9/Z15/zz/UUf2def88/1FAFGir39nXn/ADz/AFFH9nXn/PP9RQBRoq9/Z15/zz/UUf2def8APP8AUUAUaKvf2def88/1FH9nXn/PP9RQBRoq9/Z15/zz/UUf2def88/1FAFGir39nXn/ADz/AFFH9nXn/PP9RQB//9k=" + } + ] + }, + "Advisories": [ + { + "Title": "GitHub Commit", + "Url": "https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2" + }, + { + "Title": "GitHub Issue", + "Url": "https://github.com/FasterXML/jackson-databind/issues/1931" + } + ], + "Created": "2070-07-26T16:41:18Z", + "Published": "2070-07-26T16:41:18Z", + "Updated": "2070-07-26T16:41:18Z", + "Rejected": "2070-07-26T16:41:18Z", + "Credits": { + "Organizations": [ + { + "Name": "Acme, Inc.", + "Url": [ + "https://example.com" + ], + "Contact": null, + "BomRef": null, + "Address": null + } + ], + "Individuals": [ + { + "Name": "Jane Doe", + "Email": "jane.doe@example.com", + "Phone": null, + "BomRef": null + } + ] + }, + "Tools": { + "Tools": null, + "Components": [ + { + "Type": "Application", + "MimeType": null, + "BomRef": null, + "Supplier": null, + "Author": null, + "Publisher": null, + "Group": "Snyk", + "Name": "Snyk CLI (Linux)", + "Version": "1.729.0", + "Description": null, + "Scope": null, + "Hashes": [ + { + "Alg": "SHA_256", + "Content": "2eaf8c62831a1658c95d41fdc683cd177c147733c64a93e59cb2362829e45b7d" + } + ], + "Licenses": null, + "Copyright": null, + "Cpe": null, + "Purl": null, + "Swid": null, + "Modified": null, + "Pedigree": null, + "Evidence": null, + "ModelCard": null, + "Data": null, + "CryptoProperties": null, + "XmlSignature": null, + "Signature": null + } + ], + "Services": [ + { + "BomRef": null, + "Provider": { + "Name": "Acme Inc", + "Url": null, + "Contact": null, + "BomRef": null, + "Address": null + }, + "Group": null, + "Name": "Acme BOM Analyzer", + "Version": null, + "Description": null, + "Endpoints": [ + "https://example.com/analyze" + ], + "Authenticated": null, + "XTrustBoundary": null, + "TrustZone": null, + "Licenses": null, + "XmlSignature": null, + "Signature": null + } + ] + }, + "Analysis": { + "State": "Not_Affected", + "Justification": "Code_Not_Reachable", + "Response": [ + "Will_Not_Fix", + "Update" + ], + "Detail": "An optional explanation of why the application is not affected by the vulnerable component.", + "FirstIssued": "2022-01-01T13:00:00Z", + "LastUpdated": "2022-02-01T13:00:00Z" + }, + "Affects": [ + { + "Ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4", + "Versions": [ + { + "Version": null, + "Range": "vers:semver/<2.6.7.5", + "Status": "Affected" + }, + { + "Version": null, + "Range": "vers:semver/2.7.0|<2.8.11.1", + "Status": "Affected" + }, + { + "Version": null, + "Range": "vers:semver/2.9.0|<2.9.5", + "Status": "Affected" + } + ] + } + ], + "Properties": [ + { + "Name": "Foo", + "Value": "Bar" + }, + { + "Name": "Foo", + "Value": "You" + }, + { + "Name": "Foo", + "Value": "Two" + }, + { + "Name": "Bar", + "Value": "Foo" + } + ] + } + ], + "Definitions": null, + "XmlSignature": null, + "Signature": null +}