Adapt test samples to ensure consistency between the different formats

Signed-off-by: andreas hilti <[email protected]>
CycloneDX · Aug 31, 2024 · e417920 · e417920
1 parent bfb6f8b
commit e417920
Show file tree

Hide file tree

Showing 42 changed files with 405 additions and 175 deletions.
diff --git a/tools/src/test/resources/1.6/valid-annotation-1.6.json b/tools/src/test/resources/1.6/valid-annotation-1.6.json
@@ -77,6 +77,13 @@
             "name": "Partner Org",
             "url": [
               "https://partner.org"
+            ],
+            "contact" : [
+              {
+                "name": "Support",
+                "email": "[email protected]",
+                "phone": "800-555-1212"
+              }
             ]
           },
           "group": "org.partner",

diff --git a/tools/src/test/resources/1.6/valid-annotation-1.6.textproto b/tools/src/test/resources/1.6/valid-annotation-1.6.textproto
@@ -24,8 +24,8 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
   text: "This is a sample annotation made by an organization"
 }
@@ -40,10 +40,10 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
-  text: "This is a sample annotation made by an person"
+  text: "This is a sample annotation made by a person"
 }
 annotations {
   bom_ref: "annotation-3"
@@ -56,8 +56,8 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
   text: "This is a sample annotation made by a component"
 }
@@ -72,7 +72,7 @@ annotations {
         url: "https://partner.org"
         contact {
           name: "Support"
-          email: "support@partner"
+          email: "support@partner.org"
           phone: "800-555-1212"
         }
       }
@@ -90,8 +90,8 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
   text: "This is a sample annotation made by a service"
 }
diff --git a/tools/src/test/resources/1.6/valid-annotation-1.6.xml b/tools/src/test/resources/1.6/valid-annotation-1.6.xml
@@ -21,7 +21,7 @@
                     </contact>
                 </organization>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
             <text>This is a sample annotation made by an organization</text>
         </annotation>
         <annotation bom-ref="annotation-2">
@@ -35,8 +35,8 @@
                     <phone>800-555-1212</phone>
                 </individual>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
-            <text>This is a sample annotation made by an person</text>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
+            <text>This is a sample annotation made by a person</text>
         </annotation>
         <annotation bom-ref="annotation-3">
             <subjects>
@@ -48,7 +48,7 @@
                     <version>9.1.2</version>
                 </component>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
             <text>This is a sample annotation made by a component</text>
         </annotation>
         <annotation bom-ref="annotation-4">
@@ -62,7 +62,7 @@
                         <url>https://partner.org</url>
                         <contact>
                             <name>Support</name>
-                            <email>support@partner</email>
+                            <email>support@partner.org</email>
                             <phone>800-555-1212</phone>
                         </contact>
                     </provider>
@@ -76,11 +76,11 @@
                     <authenticated>true</authenticated>
                     <x-trust-boundary>true</x-trust-boundary>
                     <data>
-                        <classification flow="bi-directional">pubic</classification>
+                        <classification flow="bi-directional">public</classification>
                     </data>
                 </service>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
             <text>This is a sample annotation made by a service</text>
         </annotation>
     </annotations>

diff --git a/tools/src/test/resources/1.6/valid-attestation-1.6.textproto b/tools/src/test/resources/1.6/valid-attestation-1.6.textproto
@@ -72,11 +72,11 @@ declarations: {
         }
       ]
       created {
-        seconds: 1714003200
+        seconds: 1682380800
         nanos: 0
       }
       expires {
-        seconds: 1712102400
+        seconds: 1684972800
         nanos: 0
       }
       author: {
@@ -104,11 +104,11 @@ declarations: {
         }
       ]
       created {
-        seconds: 1714003200
+        seconds: 1682380800
         nanos: 0
       }
       expires {
-        seconds: 1712102400
+        seconds: 1684972800
         nanos: 0
       }
       author: {
@@ -136,11 +136,11 @@ declarations: {
         }
       ]
       created {
-        seconds: 1714003200
+        seconds: 1682380800
         nanos: 0
       }
       expires {
-        seconds: 1712102400
+        seconds: 1684972800
         nanos: 0
       }
       author: {

diff --git a/tools/src/test/resources/1.6/valid-attestation-1.6.xml b/tools/src/test/resources/1.6/valid-attestation-1.6.xml
@@ -3,9 +3,9 @@
     <declarations>
         <assessors>
             <assessor bom-ref="assessor-1">
-                <thirdParty>false</thirdParty>
+                <thirdParty>true</thirdParty>
                 <organization>
-                    <name>Acme Inc</name>
+                    <name>Assessors Inc</name>
                 </organization>
             </assessor>
         </assessors>
@@ -25,7 +25,7 @@
                         <score>0.8</score>
                         <rationale>Conformance rationale here</rationale>
                         <mitigationStrategies>
-                            <mitigationStrategy>mitigations-1</mitigationStrategy>
+                            <mitigationStrategy>mitigationStrategy-1</mitigationStrategy>
                         </mitigationStrategies>
                     </conformance>
                     <confidence>
@@ -110,7 +110,7 @@
                     <contents>
                         <attachment content-type="text/plain">Mitigation strategy here</attachment>
                     </contents>
-                    <classification>Public</classification>
+                    <classification>Company Confidential</classification>
                     <sensitiveData>Describe sensitive data here</sensitiveData>
                 </data>
                 <created>2023-04-25T00:00:00+00:00</created>

diff --git a/tools/src/test/resources/1.6/valid-bom-1.6.textproto b/tools/src/test/resources/1.6/valid-bom-1.6.textproto
@@ -6,8 +6,8 @@ version: 1
 serial_number: "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
 metadata {
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1586809239
+    nanos: 0
   }
   tools {
     vendor: "Awesome Vendor"
@@ -112,15 +112,15 @@ components {
       version: "9.0.14"
     }
     commits {
-      uid: "123"
-      url: ""
+      uid: "7638417db6d59f3c431d3e1f261cc637155684cd"
+      url: "https://location/to/7638417db6d59f3c431d3e1f261cc637155684cd"
       author {
         timestamp {
-          seconds: 3084280878
-          nanos: 3
+          seconds: 1542140439
+          nanos: 0
         }
-        name: ""
-        email: ""
+        name: "me"
+        email: "[email protected]"
       }
     }
   }
@@ -141,7 +141,6 @@ components {
       email: "[email protected]"
     }
   }
-  author: "Example Super Heros"
   group: "org.example"
   name: "mylibrary"
   version: "1.0.0"

diff --git a/tools/src/test/resources/1.6/valid-component-identifiers-1.6.textproto b/tools/src/test/resources/1.6/valid-component-identifiers-1.6.textproto
@@ -7,7 +7,7 @@ serial_number: "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
 components {
   type: CLASSIFICATION_LIBRARY
   group: "com.example"
-  name: "acme-example"
+  name: "acme-library"
   version: "1.0.0"
   cpe: "cpe:2.3:a:example:acme-library:1.0.0:*:*:*:*:*:*:*"
   purl: "pkg:maven/com.example/[email protected]"

diff --git a/tools/src/test/resources/1.6/valid-component-ref-1.6.json b/tools/src/test/resources/1.6/valid-component-ref-1.6.json
@@ -9,11 +9,19 @@
       "type": "library",
       "bom-ref": "123",
       "name": "acme-library",
-      "version": "1.0.0"
+      "version": "1.0.0",
+      "components" : [
+        {
+          "type": "library",
+          "bom-ref": "456",
+          "name": "acme-library",
+          "version": "1.0.0"
+        }
+      ]
     },
     {
       "type": "library",
-      "bom-ref": "456",
+      "bom-ref": "789",
       "name": "acme-library",
       "version": "1.0.0"
     }

diff --git a/tools/src/test/resources/1.6/valid-component-ref-1.6.textproto b/tools/src/test/resources/1.6/valid-component-ref-1.6.textproto
@@ -9,10 +9,16 @@ components {
   bom_ref: "123"
   name: "acme-library"
   version: "1.0.0"
+  components {
+    type: CLASSIFICATION_LIBRARY
+      bom_ref: "456"
+      name: "acme-library"
+      version: "1.0.0"
+  }
 }
 components {
   type: CLASSIFICATION_LIBRARY
-  bom_ref: "456"
+  bom_ref: "789"
   name: "acme-library"
   version: "1.0.0"
 }
diff --git a/tools/src/test/resources/1.6/valid-compositions-1.6.xml b/tools/src/test/resources/1.6/valid-compositions-1.6.xml
@@ -21,7 +21,7 @@
         </component>
         <component type="library" bom-ref="pkg:maven/acme/[email protected]">
             <name>Acme Library</name>
-            <version>2.0</version>
+            <version>3.0</version>
             <purl>pkg:maven/acme/[email protected]</purl>
         </component>
     </components>
@@ -49,9 +49,9 @@
         </composition>
         <composition>
             <aggregate>incomplete_first_party_only</aggregate>
-            <assemblies>
-                <assembly ref="vulnerability-1"/>
-            </assemblies>
+            <vulnerabilities>
+                <vulnerability ref="vulnerability-1"/>
+            </vulnerabilities>
         </composition>
     </compositions>
     <vulnerabilities>

diff --git a/tools/src/test/resources/1.6/valid-cryptography-full-1.6.textproto b/tools/src/test/resources/1.6/valid-cryptography-full-1.6.textproto
@@ -42,12 +42,12 @@ components: [
         subjectName: "Subject name here"
         issuerName: "Issuer name here"
         notValidBefore {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1640995200
+          nanos: 0
         }
         notValidAfter {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704067200
+          nanos: 0
         }
         signatureAlgorithmRef: "bom-ref-to-algorithm"
         subjectPublicKeyRef: "bom-ref-to-public-key"
@@ -93,20 +93,20 @@ components: [
         state: CRYPTO_RELATED_STATE_ACTIVE
         algorithmRef: "bom-ref-to-algorithm"
         creationDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704067200
+          nanos: 0
         }
         activationDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704153600
+          nanos: 0
         }
         updateDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704240000
+          nanos: 0
         }
         expirationDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704326400
+          nanos: 0
         }
         value: "Value here"
         size: 1024

diff --git a/tools/src/test/resources/1.6/valid-cryptography-implementation-1.6.xml b/tools/src/test/resources/1.6/valid-cryptography-implementation-1.6.xml
@@ -31,11 +31,11 @@
             </cryptoProperties>
         </component>
         <component type="library" bom-ref="crypto-library">
-            <name>Crypto Library</name>
+            <name>Crypto library</name>
             <version>1.0.0</version>
         </component>
         <component type="library" bom-ref="some-library">
-            <name>Some Library</name>
+            <name>Some library</name>
             <version>1.0.0</version>
         </component>
     </components>

diff --git a/tools/src/test/resources/1.6/valid-dependency-1.6.xml b/tools/src/test/resources/1.6/valid-dependency-1.6.xml
@@ -2,15 +2,15 @@
 <bom serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79" version="1" xmlns="http://cyclonedx.org/schema/bom/1.6">
     <components>
         <component type="library" bom-ref="library-a">
-            <name>acme-library-a</name>
+            <name>library-a</name>
             <version>1.0.0</version>
         </component>
         <component type="library" bom-ref="library-b">
-            <name>acme-library-b</name>
+            <name>library-b</name>
             <version>1.0.0</version>
         </component>
         <component type="library" bom-ref="library-c">
-            <name>acme-library-b</name>
+            <name>library-c</name>
             <version>1.0.0</version>
         </component>
     </components>

diff --git a/tools/src/test/resources/1.6/valid-evidence-1.6.textproto b/tools/src/test/resources/1.6/valid-evidence-1.6.textproto
@@ -42,7 +42,6 @@ components [
           }
         ],
         tools: [
-          "bom-ref-of-tool-that-performed-analysis",
           "bom-ref-of-tool-that-performed-analysis"
         ]
       },