diff --git a/cyclonedx/output/json.py b/cyclonedx/output/json.py index b1f937e6..7eab33de 100644 --- a/cyclonedx/output/json.py +++ b/cyclonedx/output/json.py @@ -89,6 +89,9 @@ def _specialise_output_for_schema_version(self, bom_json: Dict[Any, Any]) -> str # Iterate Components if 'components' in bom_json.keys(): for i in range(len(bom_json['components'])): + if 'version' not in bom_json['components'][i].keys() and not self.component_version_optional(): + bom_json['components'][i]['version'] = '' + if not self.component_supports_author() and 'author' in bom_json['components'][i].keys(): del bom_json['components'][i]['author'] diff --git a/cyclonedx/output/serializer/json.py b/cyclonedx/output/serializer/json.py index 5d0398c6..eefb2bf6 100644 --- a/cyclonedx/output/serializer/json.py +++ b/cyclonedx/output/serializer/json.py @@ -29,6 +29,7 @@ from packageurl import PackageURL # type: ignore from cyclonedx.model import XsUri +from cyclonedx.model.component import Component HYPHENATED_ATTRIBUTES = [ 'bom_ref', 'mime_type', 'x_trust_boundary' diff --git a/tests/fixtures/json/1.3/bom_setuptools_no_version.json b/tests/fixtures/json/1.3/bom_setuptools_no_version.json index 4de582cc..971a6462 100644 --- a/tests/fixtures/json/1.3/bom_setuptools_no_version.json +++ b/tests/fixtures/json/1.3/bom_setuptools_no_version.json @@ -17,16 +17,16 @@ "components": [ { "type": "library", - "bom-ref": "pkg:pypi/setuptools@50.3.2?extension=tar.gz", + "bom-ref": "pkg:pypi/setuptools?extension=tar.gz", "author": "Test Author", "name": "setuptools", - "version": "50.3.2", + "version": "", "licenses": [ { "expression": "MIT License" } ], - "purl": "pkg:pypi/setuptools@50.3.2?extension=tar.gz" + "purl": "pkg:pypi/setuptools?extension=tar.gz" } ] } \ No newline at end of file diff --git a/tests/test_component.py b/tests/test_component.py index c4072bd8..c5c6056f 100644 --- a/tests/test_component.py +++ b/tests/test_component.py @@ -24,6 +24,8 @@ from cyclonedx.model.bom import Bom from cyclonedx.model.component import Component +FIXTURES_DIRECTORY = 'fixtures/xml/1.4' + class TestComponent(TestCase): @@ -94,12 +96,12 @@ def test_purl_with_qualifiers(self) -> None: self.assertEqual(purl.qualifiers, {'extension': 'tar.gz'}) def test_from_file_with_path_for_bom(self) -> None: - test_file = join(dirname(__file__), 'fixtures/bom_setuptools.xml') + test_file = join(dirname(__file__), FIXTURES_DIRECTORY, 'bom_setuptools.xml') c = Component.for_file(absolute_file_path=test_file, path_for_bom='fixtures/bom_setuptools.xml') self.assertEqual(c.name, 'fixtures/bom_setuptools.xml') - self.assertEqual(c.version, '0.0.0-16932e52ed1e') + self.assertEqual(c.version, '0.0.0-38165abddb68') purl = PackageURL( - type='generic', name='fixtures/bom_setuptools.xml', version='0.0.0-16932e52ed1e' + type='generic', name='fixtures/bom_setuptools.xml', version='0.0.0-38165abddb68' ) self.assertEqual(c.purl, purl) self.assertEqual(len(c.hashes), 1) diff --git a/tests/test_output_generic.py b/tests/test_output_generic.py index dc293d7c..ee8c58da 100644 --- a/tests/test_output_generic.py +++ b/tests/test_output_generic.py @@ -19,7 +19,6 @@ from unittest import TestCase -from cyclonedx.exception.output import ComponentVersionRequiredException from cyclonedx.model.bom import Bom from cyclonedx.model.component import Component from cyclonedx.output import get_instance, OutputFormat, SchemaVersion @@ -46,6 +45,5 @@ def test_get_instance_xml_v1_3(self) -> None: self.assertIsInstance(i, XmlV1Dot3) def test_component_no_version_v1_3(self) -> None: - with self.assertRaises(ComponentVersionRequiredException): - outputter: Xml = get_instance(bom=TestOutputGeneric._bom, schema_version=SchemaVersion.V1_3) - outputter.output_as_string() + i = get_instance(bom=TestOutputGeneric._bom, schema_version=SchemaVersion.V1_3) + self.assertIsInstance(i, XmlV1Dot3)