Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: use the non-deprecated version of metadata/tools for 1.5+ #1343

Closed
wants to merge 1 commit into from
Closed

fix: use the non-deprecated version of metadata/tools for 1.5+ #1343

wants to merge 1 commit into from

Conversation

jeremylong
Copy link

@jeremylong jeremylong commented Dec 18, 2024
edited by jkowalleck
Loading

  • Update to the latest @cyclonedx/cyclonedx-library - 7.0.0
  • If the generating schema is 1.5+ generate the non-deprecated version of the metadata/tools section

fixes #1330
closes #1331

@jeremylong jeremylong requested a review from a team as a code owner December 18, 2024 21:46
jkowalleck
jkowalleck requested changes Dec 19, 2024
View reviewed changes
src/plugin.ts
@@ -332,10 +337,15 @@ export class CycloneDxWebpackPlugin {
? undefined
: new Date()

for (const tool of this.#makeTools(cdxToolBuilder, logger.getChildLogger('ToolMaker'))) {
bom.metadata.tools.add(tool)
if (this.specVersion >= CDX.Spec.Version.v1dot5) {
Copy link
Member

@jkowalleck jkowalleck Dec 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no need for code branching.
the library knows how to transform a component to atool, if required.

see existing art:

@jkowalleck
Copy link
Member

jkowalleck commented Dec 19, 2024
edited
Loading

the changes in this PR are considered a breaking change.
⬆️ this is just a remark, not a blocker.

@jkowalleck jkowalleck added enhancement New feature or request schema 1.5 labels Dec 19, 2024
@jkowalleck jkowalleck added this to the v4.0.0 milestone Dec 19, 2024
@jkowalleck

This comment was marked as outdated.

Sign in to view
@jkowalleck
Copy link
Member

jkowalleck commented Dec 19, 2024
edited
Loading

thank you for the contribution, @jeremylong

It looks like your changes duplicate #1331.
Could you check and see if your PR adds any new value, so we can deice whether yours or #1331 shall be merged?

@jkowalleck jkowalleck mentioned this pull request Dec 19, 2024
Open
4 tasks
jkowalleck
jkowalleck requested changes Dec 19, 2024
View reviewed changes
tests/integration/__snapshots__/index.test.js.snap
"type": "library",
"name": "cyclonedx-library",
"group": "@cyclonedx",
"version": "7.0.0",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be "version": "libVersion-testing",

tests/integration/__snapshots__/index.test.js.snap
"type": "library",
"name": "webpack-plugin",
"group": "@cyclonedx",
"version": "3.15.1",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be "version": "thisVersion-testing",

@jeremylong
Copy link
Author

This PR is being closed as a duplicate. I didn't see you had already started implementing this. Any idea what your timeline is for the next release with your PRs?

@jeremylong jeremylong closed this Dec 19, 2024
@jeremylong jeremylong deleted the feat/update-tools branch December 19, 2024 12:21
@jkowalleck
Copy link
Member

next release is planned for January 2025.
this will include all of milestone 4.0.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkowalleck jkowalleck jkowalleck requested changes

Assignees
No one assigned
Labels
breaking-change enhancement New feature or request schema 1.5
Projects
None yet
Milestone
v4.0.0
Development

Successfully merging this pull request may close these issues.

[FEAT] emit tools as metadata.tools.components
2 participants
@jeremylong @jkowalleck