Skip to content

feat: add support for component's evidences according to spec #810

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 28 commits into from
Jun 7, 2025
Merged

feat: add support for component's evidences according to spec #810

merged 28 commits into from
Jun 7, 2025

Conversation

OxPirates
Copy link
Contributor

@OxPirates OxPirates commented May 3, 2025
edited by jkowalleck
Loading

fixes #737

@OxPirates OxPirates requested a review from a team as a code owner May 3, 2025 10:26
@jkowalleck
Copy link
Member

jkowalleck commented May 5, 2025
edited
Loading

Thank you for providing this feature, @OxPirates

could you

jkowalleck
jkowalleck requested changes May 5, 2025
View reviewed changes
@OxPirates
Copy link
Contributor Author

@jkowalleck Thank you for your time, Will work on it and submit the changes.

jkowalleck
jkowalleck requested changes May 8, 2025
View reviewed changes
@OxPirates
Copy link
Contributor Author

@jkowalleck Thank you for the detailed review. All comments have been addressed except the one regarding ToolReference

@OxPirates OxPirates requested a review from jkowalleck May 10, 2025 16:24
jkowalleck
jkowalleck reviewed May 14, 2025
View reviewed changes
jkowalleck
jkowalleck requested changes May 19, 2025
View reviewed changes
@OxPirates OxPirates requested a review from jkowalleck May 19, 2025 13:57
@jkowalleck
Copy link
Member

the amend/squash of the changes makes review hard.
please bare with me, review takes a while

jkowalleck
jkowalleck requested changes May 26, 2025
View reviewed changes
Copy link
Member

@jkowalleck jkowalleck left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please move all these new symbols to an own module called component_evidence.
Thanks in advance

@jkowalleck
Copy link
Member

please move all these new symbols to an own module called component_evidence.
Thanks in advance

did that for you. will continue the review

jkowalleck added 3 commits May 27, 2025 17:08
@jkowalleck
wip
ec89ae7 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
tests
da433b6 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
564b3e6 
Signed-off-by: Jan Kowalleck <[email protected]>
jkowalleck
jkowalleck reviewed May 27, 2025
View reviewed changes
jkowalleck
jkowalleck reviewed May 31, 2025
View reviewed changes
@jkowalleck
cleanup
78fd4db 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
Copy link
Member

jkowalleck commented May 31, 2025
edited
Loading

@OxPirates, i fixed the normalizers implementation so that it also works for multiple identities in CycloneDX 1.5 XML.

CI/CT fails, since the implementation of the serialization library needs a little tweak - will add this soon.

PS: fixed and created madpah/serializable#172

@jkowalleck
typing for serialization lib
7aef6e1 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
Copy link
Member

@OxPirates I think we have a solid implementation, now.
could you review and see if something is missing or if additional test might be needed?

@jkowalleck jkowalleck self-requested a review May 31, 2025 09:55
@jkowalleck jkowalleck mentioned this pull request May 31, 2025
Open
15 tasks
@jkowalleck
remove TODO
de6d628 
Signed-off-by: Jan Kowalleck <[email protected]>
@OxPirates
Copy link
Contributor Author

@OxPirates I think we have a solid implementation, now. could you review and see if something is missing or if additional test might be needed?

Yes, Alredy doing so..

@OxPirates
Copy link
Contributor Author

@OxPirates I think we have a solid implementation, now. could you review and see if something is missing or if additional test might be needed?

Yes, Alredy doing so..

Can we promote this change now?

@jkowalleck
Copy link
Member

@OxPirates I think we have a solid implementation, now. could you review and see if something is missing or if additional test might be needed?

Yes, Alredy doing so..

Can we promote this change now?

sure. I was just waiting for your review.
If you agree to the change set, I will merge and release it early next week

@OxPirates
Copy link
Contributor Author

@OxPirates I think we have a solid implementation, now. could you review and see if something is missing or if additional test might be needed?

Yes, Alredy doing so..

Can we promote this change now?

sure. I was just waiting for your review. If you agree to the change set, I will merge and release it early next week

Yes, Please go ahead, No further comment

@jkowalleck jkowalleck merged commit 3395fda into CycloneDX:main Jun 7, 2025
42 checks passed
@jkowalleck
Copy link
Member

this feature was released in https://github.com/CycloneDX/cyclonedx-python-lib/releases/tag/v10.2.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkowalleck jkowalleck jkowalleck approved these changes

Assignees
No one assigned
Labels
schema 1.5
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

implement component.evidence.identity
2 participants
@OxPirates @jkowalleck