add option to make sbom reproducible & more privates & various fixes #288
Conversation
![sonatype-lift[bot]](https://avatars.githubusercontent.com/in/9843?s=60&v=4){kind=small}
| } | ||
|
|
||
| toXML () { | ||
| return { hash: { '@alg': this._algorithm, '#text': this._value } } | ||
| return { hash: { '@alg': this.#algorithm, '#text': this.#value } } |
There was a problem hiding this comment.
E020: Expected '}' to match '{' from line 89 and instead saw 'algorithm'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| toJSON () { | ||
| return { alg: this._algorithm, content: this._value } | ||
| return { alg: this.#algorithm, content: this.#value } |
There was a problem hiding this comment.
E020: Expected '}' to match '{' from line 85 and instead saw 'algorithm'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| const hashes = this.#hashes.length > 0 && process.env.BOM_REPRODUCIBLE | ||
| ? Array.from(this.#hashes).sort((a, b) => a.compare(b)) | ||
| : this.#hashes | ||
| return hashes.map(h => h.toJSON()) |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw ')'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| @@ -20,8 +20,11 @@ | |||
| const ExternalReference = require('./ExternalReference') | |||
|
|
|||
| class ExternalReferenceList { | |||
| /** @type {Array<ExternalReference>} */ | |||
| #externalReferences | |||
|
|
|||
| constructor (pkg) { | |||
There was a problem hiding this comment.
E054: Class properties must be methods. Expected '(' but instead saw 'constructor'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| toJSON () { | ||
| return { alg: this._algorithm, content: this._value } | ||
| return { alg: this.#algorithm, content: this.#value } |
There was a problem hiding this comment.
E020: Expected '}' to match '{' from line 84 and instead saw ':'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| return this._externalReferences | ||
| ? this._externalReferences.length | ||
| return this.#externalReferences | ||
| ? this.#externalReferences.length | ||
| : 0 |
There was a problem hiding this comment.
E020: Expected '}' to match '{' from line 37 and instead saw ':'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| @@ -21,8 +21,11 @@ const ssri = require('ssri') | |||
| const Hash = require('./Hash') | |||
|
|
|||
| class HashList { | |||
| /** @type {Array<Hash>} */ | |||
| #hashes | |||
There was a problem hiding this comment.
E024: Unexpected '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| toXML () { | ||
| return { reference: { '@type': this._type, url: this._url } } | ||
| return { reference: { '@type': this.#type, url: this.#url } } |
There was a problem hiding this comment.
E041: Unrecoverable syntax error. (86% scanned).
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| return this._hashes | ||
| ? this._hashes.length | ||
| return this.#hashes | ||
| ? this.#hashes.length | ||
| : 0 | ||
| } |
There was a problem hiding this comment.
E054: Class properties must be methods. Expected '(' but instead saw '}'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| toXML () { | ||
| return { reference: { '@type': this._type, url: this._url } } | ||
| return { reference: { '@type': this.#type, url: this.#url } } |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| toXML () { | ||
| return { reference: { '@type': this._type, url: this._url } } | ||
| return { reference: { '@type': this.#type, url: this.#url } } |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| toJSON () { | ||
| return { type: this._type, url: this._url } | ||
| return { type: this.#type, url: this.#url } |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| set comment (value) { | ||
| this._comment = this.validateType('Comment', value, String) | ||
| this.#comment = this.validateType('Comment', value, String) |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| get comment () { | ||
| return this._comment | ||
| return this.#comment |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| set type (value) { | ||
| this._type = this.validateChoice('Reference type', value, this.validChoices()) | ||
| this.#type = this.validateChoice('Reference type', value, this.validChoices()) |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| get type () { | ||
| return this._type | ||
| return this.#type |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| set url (value) { | ||
| this._url = this.validateType('URL', value, String) | ||
| this.#url = this.validateType('URL', value, String, true) |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| get url () { | ||
| return this._url | ||
| return this.#url |
There was a problem hiding this comment.
E030: Expected an identifier and instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| /** @type {ExternalReference.ExternalReferenceType} */ | ||
| #type | ||
| /** @type {string} */ | ||
| #url |
There was a problem hiding this comment.
E054: Class properties must be methods. Expected '(' but instead saw '#'.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| toJSON () { | ||
| return { type: this._type, url: this._url } | ||
| return { type: this.#type, url: this.#url } |
There was a problem hiding this comment.
E058: Missing semicolon.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| set comment (value) { | ||
| this._comment = this.validateType('Comment', value, String) | ||
| this.#comment = this.validateType('Comment', value, String) |
There was a problem hiding this comment.
E058: Missing semicolon.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| get comment () { | ||
| return this._comment | ||
| return this.#comment |
There was a problem hiding this comment.
E058: Missing semicolon.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| set type (value) { | ||
| this._type = this.validateChoice('Reference type', value, this.validChoices()) | ||
| this.#type = this.validateChoice('Reference type', value, this.validChoices()) |
There was a problem hiding this comment.
E058: Missing semicolon.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| get type () { | ||
| return this._type | ||
| return this.#type |
There was a problem hiding this comment.
E058: Missing semicolon.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| set url (value) { | ||
| this._url = this.validateType('URL', value, String) | ||
| this.#url = this.validateType('URL', value, String, true) |
There was a problem hiding this comment.
E058: Missing semicolon.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| get url () { | ||
| return this._url | ||
| return this.#url |
There was a problem hiding this comment.
E058: Missing semicolon.
(at-me in a reply with help or ignore)
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
jkowalleck
changed the title
BOM_REPRODUCIBLEcause resulting files to be more reproducibleby omitting time/rand-based, and sorting lists. (via [add option to make sbom reproducible & more privates & various fixes #288])
Component.compare()compares self bypurlorgroup/name/version. (via [add option to make sbom reproducible & more privates & various fixes #288])ExternalReference.compare()compares self bytype/url. (via [add option to make sbom reproducible & more privates & various fixes #288])Hash.compare()compares self byalgorithm/value. (via [add option to make sbom reproducible & more privates & various fixes #288])ExternalReference,ExternalReferenceList,Hash,HashList. (via [add option to make sbom reproducible & more privates & various fixes #288])ExternalReference.urlis now correctly treated as mandatory. (via [add option to make sbom reproducible & more privates & various fixes #288])Hash.valueis now correctly treated as mandatory. (via [add option to make sbom reproducible & more privates & various fixes #288])ExternalReferenceList.isEligibleHomepagenow returns the correct result, was inverted. (via [add option to make sbom reproducible & more privates & various fixes #288])ExternalReference,ExternalReferenceList,Hash,HashListbecame inaccessible. ([use private properties with
##233] via [add option to make sbom reproducible & more privates & various fixes #288])