specification icon indicating copy to clipboard operation
specification copied to clipboard
Published 1 month ago verified publisher icon CycloneDX

wrong proto3 schema default values for enums

Open jkowalleck opened this issue 1 year ago • 0 comments

per proto3 schema definition, enum values of 0 are, per definition, used as "unspecified" or "fallback" values.

see https://protobuf.dev/programming-guides/enum/

enum Enum {
  A = 0;
  B = 1;
}

message Msg {
  optional Enum enum = 1;
}

Closed enums will parse the value 2 and store it in the message’s unknown field set. Accessors will report the field as being unset and will return the enum’s default value.

Therefore, enum value of 0 MUST be revisited.

The CDX v1.x protobuf schema has default values for enums, where XML/JSON does not. And this is for the fact, that protobuf schema uses value 0, where it should not.

When these enum values would be changed, this would be a breaking change.

This is a followup of https://github.com/CycloneDX/specification/pull/385

examples for wrong usage of 0 in enums:

  • EvidenceTechnique defaults to EVIDENCE_TECHNIQUE_SOURCE_CODE_ANALYSIS
    https://github.com/CycloneDX/specification/blob/8af880d5f2ba0a107de88a920a76cedd5ba75083/schema/bom-1.5.proto#L720-L731
  • ModelParameterApproachType defaults to MODEL_PARAMETER_APPROACH_TYPE_SUPERVISED
    https://github.com/CycloneDX/specification/blob/8af880d5f2ba0a107de88a920a76cedd5ba75083/schema/bom-1.5.proto#L1096-L1102
  • ComponentDataType defaults to COMPONENT_DATA_TYPE_SOURCE_CODE https://github.com/CycloneDX/specification/blob/8af880d5f2ba0a107de88a920a76cedd5ba75083/schema/bom-1.5.proto#L1150-L1161

jkowalleck avatar Mar 02 '24 14:03 jkowalleck