Skip to content

Commit 0d82c01

Browse files
madpahmadpah
authored
Continuation of #170 - missed updating Vulnerability to use BomRef (#175)
* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references Signed-off-by: Paul Horton <[email protected]> * updated Vulnerability to also use new `BomRef` model Signed-off-by: Paul Horton <[email protected]>
1 parent d189f2c commit 0d82c01

File tree

3 files changed

+7
-11
lines changed

3 files changed

+7
-11
lines changed

cyclonedx/model/vulnerability.py

Lines changed: 4 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,9 @@
2222
from decimal import Decimal
2323
from enum import Enum
2424
from typing import Iterable, Optional, Set, Tuple, Union
25-
from uuid import uuid4
2625

2726
from . import OrganizationalContact, OrganizationalEntity, Tool, XsUri
27+
from .bom_ref import BomRef
2828
from .impact_analysis import ImpactAnalysisAffectedStatus, ImpactAnalysisJustification, ImpactAnalysisResponse, \
2929
ImpactAnalysisState
3030
from ..exception.model import MutuallyExclusivePropertiesException, NoPropertiesProvidedException
@@ -745,7 +745,7 @@ def __init__(self, *, bom_ref: Optional[str] = None, id: Optional[str] = None,
745745
# Deprecated Parameters kept for backwards compatibility
746746
source_name: Optional[str] = None, source_url: Optional[str] = None,
747747
recommendations: Optional[Iterable[str]] = None) -> None:
748-
self.bom_ref = bom_ref or str(uuid4())
748+
self._bom_ref = BomRef(value=bom_ref)
749749
self.id = id
750750
self.source = source
751751
self.references = set(references or [])
@@ -774,21 +774,17 @@ def __init__(self, *, bom_ref: Optional[str] = None, id: Optional[str] = None,
774774
self.recommendation = next(iter(recommendations))
775775

776776
@property
777-
def bom_ref(self) -> Optional[str]:
777+
def bom_ref(self) -> BomRef:
778778
"""
779779
Get the unique reference for this Vulnerability in this BOM.
780780
781781
If a value was not provided in the constructor, a UUIDv4 will have been assigned.
782782
783783
Returns:
784-
`str` if set else `None`
784+
`BomRef`
785785
"""
786786
return self._bom_ref
787787

788-
@bom_ref.setter
789-
def bom_ref(self, bom_ref: Optional[str]) -> None:
790-
self._bom_ref = bom_ref
791-
792788
@property
793789
def id(self) -> Optional[str]:
794790
"""

cyclonedx/output/xml.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -526,7 +526,7 @@ def _add_service_element(self, service: Service) -> ElementTree.Element:
526526
def _get_vulnerability_as_xml_element_post_1_4(self, vulnerability: Vulnerability) -> ElementTree.Element:
527527
vulnerability_element = ElementTree.Element(
528528
'vulnerability',
529-
{'bom-ref': vulnerability.bom_ref} if vulnerability.bom_ref else {}
529+
{'bom-ref': str(vulnerability.bom_ref)} if vulnerability.bom_ref else {}
530530
)
531531

532532
# id

tests/test_model_vulnerability.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -170,11 +170,11 @@ def test_v_source_get_localised_vector_other_2(self) -> None:
170170
'SOMETHING_OR_OTHER'
171171
)
172172

173-
@patch('cyclonedx.model.vulnerability.uuid4', return_value='0afa65bc-4acd-428b-9e17-8e97b1969745')
173+
@patch('cyclonedx.model.bom_ref.uuid4', return_value='0afa65bc-4acd-428b-9e17-8e97b1969745')
174174
def test_empty_vulnerability(self, mock_uuid: Mock) -> None:
175175
v = Vulnerability()
176176
mock_uuid.assert_called()
177-
self.assertEqual(v.bom_ref, '0afa65bc-4acd-428b-9e17-8e97b1969745')
177+
self.assertEqual(str(v.bom_ref), '0afa65bc-4acd-428b-9e17-8e97b1969745')
178178
self.assertIsNone(v.id)
179179
self.assertIsNone(v.source)
180180
self.assertFalse(v.references)

0 commit comments

Comments
 (0)