`BomRef.value` default to `None` #504

jkowalleck · 2023-12-04T14:25:03Z

instead of defaulting to a "random" UUIDv4, bom-ref models should not have any default value.
the already implemented bom-ref-discriminator MUST assign values on serialization-time, if needed....

### Breaking Changes * Removed symbols that were already marked as deprecated (via [#493]) * Removed symbols in `parser.*` ([#489] via [#495]) * Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) * Serialization of unsupported enum values might downgrade/migrate/omit them ([#490] via [#496]) Handling might raise warnings if a data loss occurred due to omitting. The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered. * Serialization of any `model.component.Component` with unsupported `type` raises `exception.serialization.SerializationOfUnsupportedComponentTypeException` ([#490] via [#496]) * Object `model.bom_ref.BomRef`'s property `value` defaults to `Null`, was arbitrary `UUID` ([#504] via [#505]) This change does not affect serialization. All `bom-ref`s are guaranteed to have unique values on rendering. * Removed helpers from public API ([#503] via [#506]) ### Added * Basic support for CycloneDX 1.5 ([#404] via [#488]) * No data models were enhanced nor added, yet. Pull requests to add functionality are welcome. * Existing enumerable got new cases, to reflect features of CycloneDX 1.5 ([#404] via [#488]) * Outputters were enabled to render CycloneDX 1.5 ([#404] via [#488]) ### Tests * Created (regression/unit/integration/functional) tests for CycloneDX 1.5 ([#404] via [#488]) * Created (regression/functional) tests for Enums' handling and completeness ([#490] via [#496]) ### Misc * Bumped dependency `py-serializable@^0.16`, was `@^0.15` (via [#496]) ---- ### API Changes — the details for migration * Added new sub-package `exception.serialization` (via [#496]) * Removed class `models.ComparableTuple` ([#503] via [#506]) * Enum `model.ExternalReferenceType` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) * Removed function `models.get_now_utc` ([#503] via [#506]) * Removed function `models.sha1sum` ([#503] via [#506]) * Enum `model.component.ComponentType` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) * Removed `model.component.Component.__init__()`'s deprecated optional kwarg `namespace` (via [#493]) Use kwarg `group` instead. * Removed `model.component.Component.__init__()`'s deprecated optional kwarg `license_str` (via [#493]) Use kwarg `licenses` instead. * Removed deprecated method `model.component.Component.get_namespace()` (via [#493]) * Removed class `models.dependency.DependencyDependencies` ([#503] via [#506]) * Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `source_name` (via [#493]) Use kwarg `source` instead. * Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `source_url` (via [#493]) Use kwarg `source` instead. * Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `recommendations` (via [#493]) Use kwarg `recommendation` instead. * Removed `model.vulnerability.VulnerabilityRating.__init__()`'s deprecated optional kwarg `score_base` (via [#493]) Use kwarg `score` instead. * Enum `model.vulnerability.VulnerabilityScoreSource` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) * Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) * Removed deprecated function `output.get_instance()` (via [#493]) Use function `output.make_outputter()` instead. * Added new class `output.json.JsonV1Dot5`, to reflect CycloneDX 1.5 ([#404] via [#488]) * Added new item to dict `output.json.BY_SCHEMA_VERSION`, to reflect CycloneDX 1.5 ([#404] via [#488]) * Added new class `output.xml.XmlV1Dot5`, to reflect CycloneDX 1.5 ([#404] via [#488]) * Added new item to dict `output.xml.BY_SCHEMA_VERSION`, to reflect CycloneDX 1.5 ([#404] via [#488]) * Removed class `parser.ParserWarning` ([#489] via [#495]) * Removed class `parser.BaseParser` ([#489] via [#495]) * Enum `schema.SchemaVersion` got new case `V1_5`, to reflect CycloneDX 1.5 ([#404] via [#488]) [#404]: #404 [#488]: #488 [#489]: #489 [#490]: #490 [#491]: #491 [#493]: #493 [#494]: #494 [#495]: #495 [#496]: #496 [#503]: #503 [#504]: #504 [#505]: #505 [#506]: #506 --------- Signed-off-by: Johannes Feichtner <[email protected]> Signed-off-by: Jan Kowalleck <[email protected]> Signed-off-by: semantic-release <semantic-release> Co-authored-by: Johannes Feichtner <[email protected]> Co-authored-by: semantic-release <semantic-release>

jkowalleck added the breaking change label Dec 4, 2023

jkowalleck added this to the 6.0.0 milestone Dec 4, 2023

jkowalleck mentioned this issue Dec 4, 2023

BomRef.value default None #505

Merged

jkowalleck linked a pull request Dec 4, 2023 that will close this issue

BomRef.value default None #505

Merged

jkowalleck changed the title ~~BomRef default to None~~ BomRef.value default to None Dec 4, 2023

jkowalleck mentioned this issue Dec 4, 2023

feat!: v6.0.0 #492

Merged

jkowalleck linked a pull request Dec 4, 2023 that will close this issue

feat!: v6.0.0 #492

Merged

jkowalleck closed this as completed Dec 4, 2023

jkowalleck self-assigned this Dec 4, 2023

jkowalleck mentioned this issue Oct 29, 2024

docs: remove invalid docsting note about auto-assigned bom-ref values #733

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

`BomRef.value` default to `None` #504

`BomRef.value` default to `None` #504

jkowalleck commented Dec 4, 2023 •

edited

Loading

BomRef.value default to None #504

BomRef.value default to None #504

Comments

jkowalleck commented Dec 4, 2023 • edited Loading

`BomRef.value` default to `None` #504

`BomRef.value` default to `None` #504

jkowalleck commented Dec 4, 2023 •

edited

Loading