From 0725aa7e76baf37f7583ed12900b299d2749a7de Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Mon, 9 Dec 2024 14:57:56 +0100 Subject: [PATCH 01/11] feat: enabled vulnerability report with asset-descriptor --- documents/reports/example-report/pom.xml | 55 ++++--------------- .../asset-descriptor/asset-descriptor.yaml | 30 ++++++++++ .../src/main/dita/bm_report.ditamap | 5 +- 3 files changed, 41 insertions(+), 49 deletions(-) mode change 100755 => 100644 documents/reports/example-report/pom.xml create mode 100644 documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml diff --git a/documents/reports/example-report/pom.xml b/documents/reports/example-report/pom.xml old mode 100755 new mode 100644 index 0586de3..2a0f92f --- a/documents/reports/example-report/pom.xml +++ b/documents/reports/example-report/pom.xml @@ -1,6 +1,6 @@ + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 4.0.0 @@ -73,8 +73,8 @@ true - - + + com.metaeffekt.artifact.analysis @@ -115,58 +115,23 @@ - org.metaeffekt.core - ae-inventory-maven-plugin + com.metaeffekt.artifact.analysis + ae-asset-descriptor-maven-plugin ${ae.artifact.analysis.version} - create-report-ae + default-descriptor - create-inventory-report + generate-reports process-sources - ${project.build.directory}/inventories/inventory - ${project.artifactId}-summary.xlsx - ${project.build.directory}/inventories/inventory/${project.artifactId}-summary.xlsx - ${basedir}/src/main/dita/${project.artifactId}/gen + ${project.basedir}/src/main/asset-descriptor/asset-descriptor.yaml + + ${project.basedir}/src/main/dita/${project.artifactId}/gen - - - ${project.build.directory}/inventory-base - **/*.xls - - ${project.inventory} - - ${basedir}/src/main/dita/${project.artifactId}/gen - - ${project.basedir}/../../security-policy-report.json - - true - true - - - - false - false - false - false - false - false - false - false - false - false - false - false - - - [ {"name":"CERT_EU"} ] - - - diff --git a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml new file mode 100644 index 0000000..7814991 --- /dev/null +++ b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml @@ -0,0 +1,30 @@ +inventories: + - "reference": + file: "target/inventories/inventory/ae-example-report-summary.xlsx" + - "AE-Example": + file: "target/inventories/inventory/ae-example-report-summary.xlsx" + - "Test": + file: "target/inventories/inventory/ae-example-report-summary.xlsx" + + +documents: + - inventories: + - inventoryRef: "AE-Example" + assetName: "AE-Example" + assetVersion: "1.0" + reportContextTitle: "AE-Example" + reportContext: "AE-Example" + referenceInventory: "reference" + - inventoryRef: "Test" + assetName: "Test" + assetVersion: "1.0" + reportContextTitle: "Test" + reportContext: "Test" + referenceInventory: "reference" + type: VULNERABILITY_REPORT + params: + "targetLicensesDir": "license" + "targetComponentDir": "component" + "securityPolicyFile": "security-policy-report.json" + "generateOverviewTablesForAdvisories": "[ {\"name\":\"CERT_EU\"} ]" + language: "en" diff --git a/documents/reports/example-report/src/main/dita/bm_report.ditamap b/documents/reports/example-report/src/main/dita/bm_report.ditamap index 780172b..5d13244 100755 --- a/documents/reports/example-report/src/main/dita/bm_report.ditamap +++ b/documents/reports/example-report/src/main/dita/bm_report.ditamap @@ -29,10 +29,7 @@ - - - - + From 8f1ccdf43dd8230994f1aef47ff61a3e3fb37800 Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Thu, 23 Jan 2025 11:30:04 +0100 Subject: [PATCH 02/11] feat: reenabled vulnerability report --- documents/reports/example-report/pom.xml | 4 ++-- .../main/asset-descriptor/asset-descriptor.yaml | 15 ++++----------- .../tmp/tpc_vulnerability-report-notice.dita | 2 +- 3 files changed, 7 insertions(+), 14 deletions(-) diff --git a/documents/reports/example-report/pom.xml b/documents/reports/example-report/pom.xml index 2a0f92f..b45182b 100644 --- a/documents/reports/example-report/pom.xml +++ b/documents/reports/example-report/pom.xml @@ -100,8 +100,8 @@ true - 2021-05-01 - 2022-05-01 + 1 week + now [{"name":"CERT_FR"}, {"name":"CERT_SEI"}, {"name":"CERT_EU"}] diff --git a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml index 7814991..3d85749 100644 --- a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml @@ -1,26 +1,19 @@ inventories: - "reference": file: "target/inventories/inventory/ae-example-report-summary.xlsx" - - "AE-Example": + type: INPUT + - "ae-example": file: "target/inventories/inventory/ae-example-report-summary.xlsx" - - "Test": - file: "target/inventories/inventory/ae-example-report-summary.xlsx" - + type: INPUT documents: - inventories: - - inventoryRef: "AE-Example" + - inventoryRef: "ae-example" assetName: "AE-Example" assetVersion: "1.0" reportContextTitle: "AE-Example" reportContext: "AE-Example" referenceInventory: "reference" - - inventoryRef: "Test" - assetName: "Test" - assetVersion: "1.0" - reportContextTitle: "Test" - reportContext: "Test" - referenceInventory: "reference" type: VULNERABILITY_REPORT params: "targetLicensesDir": "license" diff --git a/documents/reports/example-report/src/main/dita/ae-example-report/tmp/tpc_vulnerability-report-notice.dita b/documents/reports/example-report/src/main/dita/ae-example-report/tmp/tpc_vulnerability-report-notice.dita index 6bab238..ead0e33 100644 --- a/documents/reports/example-report/src/main/dita/ae-example-report/tmp/tpc_vulnerability-report-notice.dita +++ b/documents/reports/example-report/src/main/dita/ae-example-report/tmp/tpc_vulnerability-report-notice.dita @@ -59,7 +59,7 @@
Insignificant Vulnerabilities Threshold -

+

From 02ad70e951c16526eac0fcabcc2365c73e4d3cec Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Thu, 23 Jan 2025 13:43:15 +0100 Subject: [PATCH 03/11] feat: enabled annex --- documents/annexes/ae-annex/pom.xml | 63 +++++++------------ .../asset-descriptor/asset-descriptor.yaml | 22 +++++++ documents/annexes/pom.xml | 4 +- documents/reports/example-report/pom.xml | 2 +- .../asset-descriptor/asset-descriptor.yaml | 13 +++- 5 files changed, 57 insertions(+), 47 deletions(-) create mode 100644 documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml diff --git a/documents/annexes/ae-annex/pom.xml b/documents/annexes/ae-annex/pom.xml index 1a23d28..bc22aa2 100755 --- a/documents/annexes/ae-annex/pom.xml +++ b/documents/annexes/ae-annex/pom.xml @@ -45,12 +45,12 @@ - - org.metaeffekt.core - ae-inventory-maven-plugin - - - + + + + --> + + + com.metaeffekt.artifact.analysis + ae-asset-descriptor-maven-plugin + ${ae.artifact.analysis.version} + - create-ae-dependency-inventory + default-descriptor - create-inventory-report + generate-documents process-sources - ${project.build.directory}/inventory-base - **/*.xls - ${project.build.directory}/inventories/inventory/ae-dependency-extractor-inventory.xls - ${basedir}/src/main/dita/ae-dependency/gen + ${project.basedir}/src/main/asset-descriptor/asset-descriptor.yaml + + ${project.basedir}/src/main/dita/ae-dependency/gen - - - ${annex.validation} - ${annex.validation} - ${annex.validation} - ${annex.validation} - ${annex.validation} - ${annex.validation} - ${annex.validation} - ${annex.validation} - ${annex.validation} - - false - false - - licenses - - ${project.build.directory}/licenses - ${project.build.directory}/components - - ${basedir}/src/main/dita/${project.artifactId}/gen - - ${project.basedir}/../../security-policy-report.json - - true - - @@ -145,7 +124,7 @@ ${project.basedir}/src/main/dita/ae-dependency - ${project.basedir}/src/main/dita/ae-dependency/gen + ${project.basedir}/src/main/dita/ae-dependency/gen/ae-dependency-extractor @@ -345,7 +324,7 @@ - ${project.basedir}/src/main/dita/ae-dependency/gen/inventory-report.properties + ${project.basedir}/src/main/dita/ae-dependency/gen/ae-dependency-extractor/inventory-report.properties diff --git a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml new file mode 100644 index 0000000..8d138ce --- /dev/null +++ b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml @@ -0,0 +1,22 @@ +inventories: + - "reference": + file: "../../../target/inventories/inventory/ae-dependency-extractor-inventory.xls" + type: INPUT + - "ae-dependency-extractor": + file: "../../../target/inventories/inventory/ae-dependency-extractor-inventory.xls" + type: INPUT + +documents: + - inventories: + - inventoryRef: "ae-dependency-extractor" + assetName: "ae-dependency-extractor" + assetVersion: "1.0" + reportContextTitle: "ae-dependency-extractor" + reportContext: "ae-dependency-extractor" + referenceInventory: "reference" + type: ANNEX + params: + "targetLicensesDir": "license" + "targetComponentDir": "component" + "securityPolicyFile": "security-policy-report.json" + language: "en" diff --git a/documents/annexes/pom.xml b/documents/annexes/pom.xml index e5cde80..3d72374 100755 --- a/documents/annexes/pom.xml +++ b/documents/annexes/pom.xml @@ -32,7 +32,7 @@ -nothing- - true + ${annex.validation} ${annex.validation} @@ -55,7 +55,7 @@ ${project.build.directory}/annex/licenses ${project.build.directory}/annex/components - ${basedir}/src/main/dita/${project.artifactId}/gen + diff --git a/documents/reports/example-report/pom.xml b/documents/reports/example-report/pom.xml index b45182b..59d4778 100644 --- a/documents/reports/example-report/pom.xml +++ b/documents/reports/example-report/pom.xml @@ -122,7 +122,7 @@ default-descriptor - generate-reports + generate-documents process-sources diff --git a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml index 3d85749..ba59b74 100644 --- a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml @@ -1,9 +1,12 @@ inventories: - "reference": - file: "target/inventories/inventory/ae-example-report-summary.xlsx" + file: "../../../target/inventories/inventory/ae-example-report-summary.xlsx" type: INPUT - "ae-example": - file: "target/inventories/inventory/ae-example-report-summary.xlsx" + file: "../../../target/inventories/inventory/ae-example-report-summary.xlsx" + type: INPUT + - "test": + file: "../../../target/inventories/inventory/ae-example-report-summary.xlsx" type: INPUT documents: @@ -14,6 +17,12 @@ documents: reportContextTitle: "AE-Example" reportContext: "AE-Example" referenceInventory: "reference" + - inventoryRef: "test" + assetName: "test" + assetVersion: "1.0" + reportContextTitle: "test" + reportContext: "test" + referenceInventory: "reference" type: VULNERABILITY_REPORT params: "targetLicensesDir": "license" From 6f0c7d6f03726aab43d8fbbbbc59a708252361f7 Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Thu, 23 Jan 2025 14:23:02 +0100 Subject: [PATCH 04/11] fix: removed HEAD-SNAPSHOT --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index eb5a514..653b310 100755 --- a/pom.xml +++ b/pom.xml @@ -18,8 +18,8 @@ - HEAD-SNAPSHOT - HEAD-SNAPSHOT + 0.134.0 + 0.134.0 0.29.0 false From f16617afa2db1647f5f67cd1c0f92e6b8704d369 Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Thu, 23 Jan 2025 14:26:33 +0100 Subject: [PATCH 05/11] fix: added HEAD-SNAPSHOT again since required features are not released yet --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 653b310..d1ae4d8 100755 --- a/pom.xml +++ b/pom.xml @@ -19,7 +19,7 @@ 0.134.0 - 0.134.0 + HEAD-SNAPSHOT 0.29.0 false From 67c26fe55408d39379eb0bbceddcc297f38aa2f2 Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Thu, 13 Feb 2025 12:49:46 +0100 Subject: [PATCH 06/11] feat: enabled vulnerability report with new asset descriptor structure --- documents/reports/example-report/pom.xml | 1 + .../asset-descriptor/asset-descriptor.yaml | 29 +++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/documents/reports/example-report/pom.xml b/documents/reports/example-report/pom.xml index 59d4778..f1ee631 100644 --- a/documents/reports/example-report/pom.xml +++ b/documents/reports/example-report/pom.xml @@ -14,6 +14,7 @@ 00.01 + ae-example-report/gen/map_ae-example-document.ditamap Draft Example diff --git a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml index ba59b74..aa0bda6 100644 --- a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml @@ -10,23 +10,22 @@ inventories: type: INPUT documents: - - inventories: - - inventoryRef: "ae-example" - assetName: "AE-Example" - assetVersion: "1.0" - reportContextTitle: "AE-Example" - reportContext: "AE-Example" - referenceInventory: "reference" - - inventoryRef: "test" - assetName: "test" - assetVersion: "1.0" - reportContextTitle: "test" - reportContext: "test" - referenceInventory: "reference" + "ae-example": type: VULNERABILITY_REPORT + language: "en" params: "targetLicensesDir": "license" "targetComponentDir": "component" "securityPolicyFile": "security-policy-report.json" - "generateOverviewTablesForAdvisories": "[ {\"name\":\"CERT_EU\"} ]" - language: "en" + "generateOverviewTablesForAdvisories": "CERT_EU" + parts: + "ae-example": + type: VULNERABILITY_REPORT + inventories: + - inventoryRef: "ae-example" + assetName: "AE-Example" + assetVersion: "1.0" + reportContextTitle: "AE-Example" + reportContext: "AE-Example" + referenceInventory: "reference" + From a62c8b59be934a7dc2ef8977d888a76c7e6605b8 Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Thu, 13 Feb 2025 14:36:48 +0100 Subject: [PATCH 07/11] feat: enabled annex with new asset descriptor structure --- documents/annexes/ae-annex/pom.xml | 2 +- .../asset-descriptor/asset-descriptor.yaml | 33 ++++++++++++------- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/documents/annexes/ae-annex/pom.xml b/documents/annexes/ae-annex/pom.xml index bc22aa2..94e0902 100755 --- a/documents/annexes/ae-annex/pom.xml +++ b/documents/annexes/ae-annex/pom.xml @@ -32,7 +32,7 @@ XXXX-YYY-ZZ - bill-of-materials.ditamap + ae-dependency/gen/map_annex-document.ditamap Software Distribution Annex 0.1 Preview diff --git a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml index 8d138ce..a9db02f 100644 --- a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml @@ -7,16 +7,27 @@ inventories: type: INPUT documents: - - inventories: - - inventoryRef: "ae-dependency-extractor" - assetName: "ae-dependency-extractor" - assetVersion: "1.0" - reportContextTitle: "ae-dependency-extractor" - reportContext: "ae-dependency-extractor" - referenceInventory: "reference" + annex: type: ANNEX + language: en params: - "targetLicensesDir": "license" - "targetComponentDir": "component" - "securityPolicyFile": "security-policy-report.json" - language: "en" + targetLicensesDir: license + targetComponentDir: component + securityPolicyFile: security-policy-report.json + parts: + annex: + type: ANNEX + inventories: + - inventoryRef: "ae-dependency-extractor" + assetName: "ae-dependency-extractor" + assetVersion: "1.0" + reportContextTitle: "ae-dependency-extractor" + reportContext: "ae-dependency-extractor" + referenceInventory: "reference" + - inventoryRef: "ae-dependency-extractor" + assetName: "ae-dependency-extractor" + assetVersion: "1.0" + reportContextTitle: "ae-dependency-extractor" + reportContext: "ae-dependency-extractor" + referenceInventory: "reference" + From a0cccbe060bff655e34f5e69e1311aca4bac2c8f Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Fri, 14 Feb 2025 13:15:30 +0100 Subject: [PATCH 08/11] feat: enabled annex and vulnerability report with asset descriptor structure --- documents/annexes/ae-annex/pom.xml | 2 +- .../main/asset-descriptor/asset-descriptor.yaml | 13 ++++--------- .../src/main/dita/bill-of-materials.ditamap | 9 +-------- documents/reports/example-report/pom.xml | 9 ++------- .../main/asset-descriptor/asset-descriptor.yaml | 14 ++++++++++---- .../example-report/src/main/dita/bm_report.ditamap | 2 +- 6 files changed, 19 insertions(+), 30 deletions(-) diff --git a/documents/annexes/ae-annex/pom.xml b/documents/annexes/ae-annex/pom.xml index 94e0902..bc22aa2 100755 --- a/documents/annexes/ae-annex/pom.xml +++ b/documents/annexes/ae-annex/pom.xml @@ -32,7 +32,7 @@ XXXX-YYY-ZZ - ae-dependency/gen/map_annex-document.ditamap + bill-of-materials.ditamap Software Distribution Annex 0.1 Preview diff --git a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml index a9db02f..1cf8c3c 100644 --- a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml @@ -19,15 +19,10 @@ documents: type: ANNEX inventories: - inventoryRef: "ae-dependency-extractor" - assetName: "ae-dependency-extractor" + assetName: "ae-dependency" assetVersion: "1.0" - reportContextTitle: "ae-dependency-extractor" - reportContext: "ae-dependency-extractor" - referenceInventory: "reference" - - inventoryRef: "ae-dependency-extractor" - assetName: "ae-dependency-extractor" - assetVersion: "1.0" - reportContextTitle: "ae-dependency-extractor" - reportContext: "ae-dependency-extractor" + reportContextTitle: "ae-dependency" + reportContext: "ae-dependency" referenceInventory: "reference" + diff --git a/documents/annexes/ae-annex/src/main/dita/bill-of-materials.ditamap b/documents/annexes/ae-annex/src/main/dita/bill-of-materials.ditamap index f761b4b..39593a7 100755 --- a/documents/annexes/ae-annex/src/main/dita/bill-of-materials.ditamap +++ b/documents/annexes/ae-annex/src/main/dita/bill-of-materials.ditamap @@ -32,14 +32,7 @@ - - - - - - - - + diff --git a/documents/reports/example-report/pom.xml b/documents/reports/example-report/pom.xml index f1ee631..0ef0d2b 100644 --- a/documents/reports/example-report/pom.xml +++ b/documents/reports/example-report/pom.xml @@ -14,7 +14,6 @@ 00.01 - ae-example-report/gen/map_ae-example-document.ditamap Draft Example @@ -101,8 +100,8 @@ true - 1 week - now + 2021-05-01 + 2022-05-01 [{"name":"CERT_FR"}, {"name":"CERT_SEI"}, {"name":"CERT_EU"}] @@ -138,10 +137,6 @@ - - org.metaeffekt.core - ae-inventory-maven-plugin - org.apache.maven.plugins maven-dependency-plugin diff --git a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml index aa0bda6..7f77275 100644 --- a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml @@ -5,9 +5,6 @@ inventories: - "ae-example": file: "../../../target/inventories/inventory/ae-example-report-summary.xlsx" type: INPUT - - "test": - file: "../../../target/inventories/inventory/ae-example-report-summary.xlsx" - type: INPUT documents: "ae-example": @@ -19,7 +16,16 @@ documents: "securityPolicyFile": "security-policy-report.json" "generateOverviewTablesForAdvisories": "CERT_EU" parts: - "ae-example": + "stat": + type: VULNERABILITY_STATISTICS_REPORT + inventories: + - inventoryRef: "ae-example" + assetName: "AE-Example" + assetVersion: "1.0" + reportContextTitle: "AE-Example" + reportContext: "AE-Example" + referenceInventory: "reference" + "vul": type: VULNERABILITY_REPORT inventories: - inventoryRef: "ae-example" diff --git a/documents/reports/example-report/src/main/dita/bm_report.ditamap b/documents/reports/example-report/src/main/dita/bm_report.ditamap index 5d13244..f72542e 100755 --- a/documents/reports/example-report/src/main/dita/bm_report.ditamap +++ b/documents/reports/example-report/src/main/dita/bm_report.ditamap @@ -29,7 +29,7 @@ - + From 391a10ad93736bae3abb1428d2718ad115fd8c21 Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Wed, 19 Feb 2025 11:08:56 +0100 Subject: [PATCH 09/11] feat: removed reportContextTitle, reportContext from assetDescriptor, made referenceInventory optional --- .../src/main/asset-descriptor/asset-descriptor.yaml | 6 ------ .../src/main/asset-descriptor/asset-descriptor.yaml | 9 --------- 2 files changed, 15 deletions(-) diff --git a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml index 1cf8c3c..f4fad32 100644 --- a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml @@ -1,7 +1,4 @@ inventories: - - "reference": - file: "../../../target/inventories/inventory/ae-dependency-extractor-inventory.xls" - type: INPUT - "ae-dependency-extractor": file: "../../../target/inventories/inventory/ae-dependency-extractor-inventory.xls" type: INPUT @@ -21,8 +18,5 @@ documents: - inventoryRef: "ae-dependency-extractor" assetName: "ae-dependency" assetVersion: "1.0" - reportContextTitle: "ae-dependency" - reportContext: "ae-dependency" - referenceInventory: "reference" diff --git a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml index 7f77275..c5cbd82 100644 --- a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml @@ -1,7 +1,4 @@ inventories: - - "reference": - file: "../../../target/inventories/inventory/ae-example-report-summary.xlsx" - type: INPUT - "ae-example": file: "../../../target/inventories/inventory/ae-example-report-summary.xlsx" type: INPUT @@ -22,16 +19,10 @@ documents: - inventoryRef: "ae-example" assetName: "AE-Example" assetVersion: "1.0" - reportContextTitle: "AE-Example" - reportContext: "AE-Example" - referenceInventory: "reference" "vul": type: VULNERABILITY_REPORT inventories: - inventoryRef: "ae-example" assetName: "AE-Example" assetVersion: "1.0" - reportContextTitle: "AE-Example" - reportContext: "AE-Example" - referenceInventory: "reference" From 2d487a5ae29d77fc90821f3f6c6f8763735a925b Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Wed, 19 Feb 2025 12:30:38 +0100 Subject: [PATCH 10/11] feat: made document params optional; enabled default settings for targetLicensesDir and targetComponentDir --- .../ae-annex/src/main/asset-descriptor/asset-descriptor.yaml | 2 -- .../src/main/asset-descriptor/asset-descriptor.yaml | 2 -- 2 files changed, 4 deletions(-) diff --git a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml index f4fad32..b0e4e18 100644 --- a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml @@ -8,8 +8,6 @@ documents: type: ANNEX language: en params: - targetLicensesDir: license - targetComponentDir: component securityPolicyFile: security-policy-report.json parts: annex: diff --git a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml index c5cbd82..a103145 100644 --- a/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/reports/example-report/src/main/asset-descriptor/asset-descriptor.yaml @@ -8,8 +8,6 @@ documents: type: VULNERABILITY_REPORT language: "en" params: - "targetLicensesDir": "license" - "targetComponentDir": "component" "securityPolicyFile": "security-policy-report.json" "generateOverviewTablesForAdvisories": "CERT_EU" parts: From 0b10b4f9e72c948af82933ce937da5f8e2884c28 Mon Sep 17 00:00:00 2001 From: rmtrms <91293797+rmtrms@users.noreply.github.com> Date: Fri, 21 Feb 2025 10:43:42 +0100 Subject: [PATCH 11/11] chore: added double quotes --- .../src/main/asset-descriptor/asset-descriptor.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml index b0e4e18..bbdb7c7 100644 --- a/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml +++ b/documents/annexes/ae-annex/src/main/asset-descriptor/asset-descriptor.yaml @@ -4,13 +4,13 @@ inventories: type: INPUT documents: - annex: + "annex": type: ANNEX - language: en + language: "en" params: - securityPolicyFile: security-policy-report.json + securityPolicyFile: "security-policy-report.json" parts: - annex: + "annex": type: ANNEX inventories: - inventoryRef: "ae-dependency-extractor"