Skip to content

Commit

Permalink
Continuation of #170 - missed updating Vulnerability to use BomRef (#…
Browse files Browse the repository at this point in the history
…175)

* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references

Signed-off-by: Paul Horton <[email protected]>

* updated Vulnerability to also use new `BomRef` model

Signed-off-by: Paul Horton <[email protected]>
  • Loading branch information
madpah authored Feb 17, 2022
1 parent d189f2c commit 0d82c01
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 11 deletions.
12 changes: 4 additions & 8 deletions cyclonedx/model/vulnerability.py
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@
from decimal import Decimal
from enum import Enum
from typing import Iterable, Optional, Set, Tuple, Union
from uuid import uuid4

from . import OrganizationalContact, OrganizationalEntity, Tool, XsUri
from .bom_ref import BomRef
from .impact_analysis import ImpactAnalysisAffectedStatus, ImpactAnalysisJustification, ImpactAnalysisResponse, \
ImpactAnalysisState
from ..exception.model import MutuallyExclusivePropertiesException, NoPropertiesProvidedException
Expand Down Expand Up @@ -745,7 +745,7 @@ def __init__(self, *, bom_ref: Optional[str] = None, id: Optional[str] = None,
# Deprecated Parameters kept for backwards compatibility
source_name: Optional[str] = None, source_url: Optional[str] = None,
recommendations: Optional[Iterable[str]] = None) -> None:
self.bom_ref = bom_ref or str(uuid4())
self._bom_ref = BomRef(value=bom_ref)
self.id = id
self.source = source
self.references = set(references or [])
Expand Down Expand Up @@ -774,21 +774,17 @@ def __init__(self, *, bom_ref: Optional[str] = None, id: Optional[str] = None,
self.recommendation = next(iter(recommendations))

@property
def bom_ref(self) -> Optional[str]:
def bom_ref(self) -> BomRef:
"""
Get the unique reference for this Vulnerability in this BOM.
If a value was not provided in the constructor, a UUIDv4 will have been assigned.
Returns:
`str` if set else `None`
`BomRef`
"""
return self._bom_ref

@bom_ref.setter
def bom_ref(self, bom_ref: Optional[str]) -> None:
self._bom_ref = bom_ref

@property
def id(self) -> Optional[str]:
"""
Expand Down
2 changes: 1 addition & 1 deletion cyclonedx/output/xml.py
Original file line number Diff line number Diff line change
Expand Up @@ -526,7 +526,7 @@ def _add_service_element(self, service: Service) -> ElementTree.Element:
def _get_vulnerability_as_xml_element_post_1_4(self, vulnerability: Vulnerability) -> ElementTree.Element:
vulnerability_element = ElementTree.Element(
'vulnerability',
{'bom-ref': vulnerability.bom_ref} if vulnerability.bom_ref else {}
{'bom-ref': str(vulnerability.bom_ref)} if vulnerability.bom_ref else {}
)

# id
Expand Down
4 changes: 2 additions & 2 deletions tests/test_model_vulnerability.py
Original file line number Diff line number Diff line change
Expand Up @@ -170,11 +170,11 @@ def test_v_source_get_localised_vector_other_2(self) -> None:
'SOMETHING_OR_OTHER'
)

@patch('cyclonedx.model.vulnerability.uuid4', return_value='0afa65bc-4acd-428b-9e17-8e97b1969745')
@patch('cyclonedx.model.bom_ref.uuid4', return_value='0afa65bc-4acd-428b-9e17-8e97b1969745')
def test_empty_vulnerability(self, mock_uuid: Mock) -> None:
v = Vulnerability()
mock_uuid.assert_called()
self.assertEqual(v.bom_ref, '0afa65bc-4acd-428b-9e17-8e97b1969745')
self.assertEqual(str(v.bom_ref), '0afa65bc-4acd-428b-9e17-8e97b1969745')
self.assertIsNone(v.id)
self.assertIsNone(v.source)
self.assertFalse(v.references)
Expand Down

0 comments on commit 0d82c01

Please sign in to comment.