This is an automated email from the ASF dual-hosted git repository.
asf-gitbox-commits pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/ant-antlibs-cyclonedx.git
The following commit(s) were added to refs/heads/main by this push:
new 6c3217f support for component's of external references
6c3217f is described below
commit 6c3217fdfe4874aa7ff9d13f64aaf87e5231f883
Author: Stefan Bodewig <[email protected]>
AuthorDate: Fri May 1 15:58:30 2026 +0200
support for component's of external references
---
src/main/org/apache/ant/cyclonedx/Component.java | 34 ++++++++++++++++++++++++
src/main/org/apache/ant/cyclonedx/ToolData.java | 6 +++++
src/tests/antunit/componentbom-test.xml | 13 +++++++++
3 files changed, 53 insertions(+)
diff --git a/src/main/org/apache/ant/cyclonedx/Component.java
b/src/main/org/apache/ant/cyclonedx/Component.java
index 39242b3..b590674 100644
--- a/src/main/org/apache/ant/cyclonedx/Component.java
+++ b/src/main/org/apache/ant/cyclonedx/Component.java
@@ -26,6 +26,7 @@ public class Component {
private List<org.cyclonedx.model.License> licenses = new ArrayList<>();
private String purl;
private String bomRef;
+ private List<org.cyclonedx.model.ExternalReference> externalReferences =
new ArrayList<>();
public void add(Resource resource) {
if (this.resource != null) {
@@ -91,6 +92,10 @@ public class Component {
return bomRef;
}
+ public void addConfiguredExternalReference(ExternalReference ref) {
+ externalReferences.add(ref.toCycloneDxExternalReference());
+ }
+
public org.cyclonedx.model.Component toCycloneDxComponent(Version
bomVersion)
throws IOException {
if (name == null) {
@@ -126,6 +131,9 @@ public class Component {
if (bomRef != null) {
component.setBomRef(bomRef);
}
+ if (!externalReferences.isEmpty()) {
+ component.setExternalReferences(externalReferences);
+ }
addHashes(component, bomVersion);
return component;
}
@@ -202,4 +210,30 @@ public class Component {
return l;
}
}
+
+ public static class ExternalReference {
+ private String url;
+ private org.cyclonedx.model.ExternalReference.Type type;
+
+ public void setUrl(String url) {
+ this.url = url;
+ }
+
+ public void setType(org.cyclonedx.model.ExternalReference.Type type) {
+ this.type = type;
+ }
+
+ public org.cyclonedx.model.ExternalReference
toCycloneDxExternalReference() {
+ if (url == null) {
+ throw new BuildException("external references must have an
url");
+ }
+ if (type == null) {
+ throw new BuildException("external references must have a
type");
+ }
+ org.cyclonedx.model.ExternalReference r = new
org.cyclonedx.model.ExternalReference();
+ r.setUrl(url);
+ r.setType(type);
+ return r;
+ }
+ }
}
diff --git a/src/main/org/apache/ant/cyclonedx/ToolData.java
b/src/main/org/apache/ant/cyclonedx/ToolData.java
index 5ac2b40..fe441b8 100644
--- a/src/main/org/apache/ant/cyclonedx/ToolData.java
+++ b/src/main/org/apache/ant/cyclonedx/ToolData.java
@@ -12,6 +12,7 @@ import org.apache.tools.ant.types.resources.FileResource;
import org.apache.tools.ant.types.resources.URLResource;
import org.cyclonedx.Version;
+import org.cyclonedx.model.ExternalReference;
import org.cyclonedx.model.metadata.ToolInformation;
/**
@@ -45,6 +46,11 @@ public class ToolData {
license.setLicenseId("Apache-2.0");
antlibComponent.addConfiguredLicense(license);
+ Component.ExternalReference repo = new Component.ExternalReference();
+ repo.setUrl("https://github.com/apache/ant-antlibs-cyclonedx";);
+ repo.setType(ExternalReference.Type.VCS);
+ antlibComponent.addConfiguredExternalReference(repo);
+
File antlib = findAntlib();
if (antlib != null) {
antlibComponent.add(new FileResource(antlib));
diff --git a/src/tests/antunit/componentbom-test.xml
b/src/tests/antunit/componentbom-test.xml
index 7d1e1f2..0113821 100644
--- a/src/tests/antunit/componentbom-test.xml
+++ b/src/tests/antunit/componentbom-test.xml
@@ -49,6 +49,10 @@
xmlns:au="antlib:org.apache.ant.antunit"
resource="${output}/bom.json"
value='"content" : "${sha256hash}"'/>
+ <au:assertResourceContains
+ xmlns:au="antlib:org.apache.ant.antunit"
+ resource="${output}/bom.json"
+ value='"url" : "https://github.com/apache/ant-antlibs-cyclonedx";'/>
</target>
<target name="testToolMetadataInXmlFormat">
@@ -100,6 +104,10 @@
xmlns:au="antlib:org.apache.ant.antunit"
resource="${output}/bom.xml"
value='<hash alg="SHA-256">${sha256hash}</hash>'/>
+ <au:assertResourceContains
+ xmlns:au="antlib:org.apache.ant.antunit"
+ resource="${output}/bom.xml"
+
value='<url>https://github.com/apache/ant-antlibs-cyclonedx</url>'/>
</target>
<target name="testComponentIsRequired">
@@ -208,6 +216,7 @@
<url url="https://example.org/"/>
</manufacturer>
<license licenseId="Apache-2.0"/>
+ <externalReference type="WEBSITE" url="https://example.com/"/>
</component>
</cdx:componentbom>
<xmlproperty file="${output}/bom.xml"/>
@@ -251,6 +260,10 @@
xmlns:au="antlib:org.apache.ant.antunit"
resource="${output}/bom.xml"
value='<hash alg="SHA-256">${ant.file.sha256}</hash>'/>
+ <au:assertResourceContains
+ xmlns:au="antlib:org.apache.ant.antunit"
+ resource="${output}/bom.xml"
+ value='<url>https://example.com/</url>'/>
</target>
</project>
