cyclonedx-go icon indicating copy to clipboard operation
cyclonedx-go copied to clipboard
verified publisher icon CycloneDX

[ISSUE-196] Fix JSON schema inconsistency

Open jameskim0987 opened this issue 1 year ago • 4 comments

Fixes #196

Changes made in this PR: ~~1. fix type array to object since Data is of type pointer to ComponentData~~

jameskim0987 avatar Sep 25 '24 16:09 jameskim0987

Thanks for the PR @jameskim0987! Unfortunately it's the opposite of what needs to be done.

The schema is defined by the CycloneDX specification: https://github.com/CycloneDX/specification/tree/master/schema

But our Go code is not adhering to it correctly, as detailed in #196. So the solution would be to modify the Go code, not the schema.

nscuro avatar Sep 26 '24 09:09 nscuro

@nscuro Thanks for the clarification. I made the small change to the field type. I have some questions:

  1. In the code base, I see if conditions for checking spec version. For examplebom-1.6.schema.json, does it belong to if specVersion < SpecVersion1_6 blocks or if specVersion < SpecVersion1_7 blocks (which doesn't seem to exist yet).
  2. How should I go about patching/adding tests for this specific field?
  3. I see a recursive func for Component https://github.com/CycloneDX/cyclonedx-go/blob/0a811bd89c4f709bfed304efd4245ce277f1d28c/convert.go#L554. From top level overview how does it work and would we have to do something similar for Data *[]ComponentData?

jameskim0987 avatar Sep 26 '24 18:09 jameskim0987

@nscuro Hi, would you be able to address the comment above when you get a chance? Thank you!

jameskim0987 avatar Oct 02 '24 21:10 jameskim0987

Hello @nscuro We have a problem with this field too.

Is there a chance this PR will be merged? I am ready to help with changes if needed.

Best regards, Dmitriy

DmitriyLewen avatar Jul 08 '25 10:07 DmitriyLewen