CycloneDX
diff --git a/‎tools/src/test/resources/1.6/valid-annotation-1.6.json
+7 b/‎tools/src/test/resources/1.6/valid-annotation-1.6.json
+7
diff --git a/‎tools/src/test/resources/1.6/valid-annotation-1.6.textproto
+10-10 b/‎tools/src/test/resources/1.6/valid-annotation-1.6.textproto
+10-10
diff --git a/‎tools/src/test/resources/1.6/valid-annotation-1.6.xml
+7-7 b/‎tools/src/test/resources/1.6/valid-annotation-1.6.xml
+7-7
diff --git a/‎tools/src/test/resources/1.6/valid-attestation-1.6.textproto
+6-6 b/‎tools/src/test/resources/1.6/valid-attestation-1.6.textproto
+6-6
diff --git a/‎tools/src/test/resources/1.6/valid-attestation-1.6.xml
+4-4 b/‎tools/src/test/resources/1.6/valid-attestation-1.6.xml
+4-4
diff --git a/‎tools/src/test/resources/1.6/valid-bom-1.6.textproto
+8-9 b/‎tools/src/test/resources/1.6/valid-bom-1.6.textproto
+8-9
diff --git a/‎tools/src/test/resources/1.6/valid-component-identifiers-1.6.textproto
+1-1 b/‎tools/src/test/resources/1.6/valid-component-identifiers-1.6.textproto
+1-1
diff --git a/‎tools/src/test/resources/1.6/valid-component-ref-1.6.json
+10-2 b/‎tools/src/test/resources/1.6/valid-component-ref-1.6.json
+10-2
diff --git a/‎tools/src/test/resources/1.6/valid-component-ref-1.6.textproto
+7-1 b/‎tools/src/test/resources/1.6/valid-component-ref-1.6.textproto
+7-1
diff --git a/‎tools/src/test/resources/1.6/valid-compositions-1.6.xml
+4-4 b/‎tools/src/test/resources/1.6/valid-compositions-1.6.xml
+4-4
diff --git a/‎tools/src/test/resources/1.6/valid-cryptography-full-1.6.textproto
+12-12 b/‎tools/src/test/resources/1.6/valid-cryptography-full-1.6.textproto
+12-12
diff --git a/‎tools/src/test/resources/1.6/valid-cryptography-implementation-1.6.xml
+2-2 b/‎tools/src/test/resources/1.6/valid-cryptography-implementation-1.6.xml
+2-2
diff --git a/‎tools/src/test/resources/1.6/valid-dependency-1.6.xml
+3-3 b/‎tools/src/test/resources/1.6/valid-dependency-1.6.xml
+3-3
diff --git a/‎tools/src/test/resources/1.6/valid-evidence-1.6.textproto
-1 b/‎tools/src/test/resources/1.6/valid-evidence-1.6.textproto
-1
@@ -77,6 +77,13 @@
             "name": "Partner Org",
             "url": [
               "https://partner.org"
+            ],
+            "contact" : [
+              {
+                "name": "Support",
+                "email": "support@partner.org",
+                "phone": "800-555-1212"
+              }
             ]
           },
           "group": "org.partner",
 
@@ -24,8 +24,8 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
   text: "This is a sample annotation made by an organization"
 }
@@ -40,10 +40,10 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
-  text: "This is a sample annotation made by an person"
+  text: "This is a sample annotation made by a person"
 }
 annotations {
   bom_ref: "annotation-3"
@@ -56,8 +56,8 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
   text: "This is a sample annotation made by a component"
 }
@@ -72,7 +72,7 @@ annotations {
         url: "https://partner.org"
         contact {
           name: "Support"
-          email: "support@partner"
+          email: "support@partner.org"
           phone: "800-555-1212"
         }
       }
@@ -90,8 +90,8 @@ annotations {
     }
   }
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1640995200
+    nanos: 0
   }
   text: "This is a sample annotation made by a service"
 }
@@ -21,7 +21,7 @@
                     </contact>
                 </organization>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
             <text>This is a sample annotation made by an organization</text>
         </annotation>
         <annotation bom-ref="annotation-2">
@@ -35,8 +35,8 @@
                     <phone>800-555-1212</phone>
                 </individual>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
-            <text>This is a sample annotation made by an person</text>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
+            <text>This is a sample annotation made by a person</text>
         </annotation>
         <annotation bom-ref="annotation-3">
             <subjects>
@@ -48,7 +48,7 @@
                     <version>9.1.2</version>
                 </component>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
             <text>This is a sample annotation made by a component</text>
         </annotation>
         <annotation bom-ref="annotation-4">
@@ -62,7 +62,7 @@
                         <url>https://partner.org</url>
                         <contact>
                             <name>Support</name>
-                            <email>support@partner</email>
+                            <email>support@partner.org</email>
                             <phone>800-555-1212</phone>
                         </contact>
                     </provider>
@@ -76,11 +76,11 @@
                     <authenticated>true</authenticated>
                     <x-trust-boundary>true</x-trust-boundary>
                     <data>
-                        <classification flow="bi-directional">pubic</classification>
+                        <classification flow="bi-directional">public</classification>
                     </data>
                 </service>
             </annotator>
-            <timestamp>2020-04-07T07:01:00Z</timestamp>
+            <timestamp>2022-01-01T00:00:00Z</timestamp>
             <text>This is a sample annotation made by a service</text>
         </annotation>
     </annotations>
 
@@ -72,11 +72,11 @@ declarations: {
         }
       ]
       created {
-        seconds: 1714003200
+        seconds: 1682380800
         nanos: 0
       }
       expires {
-        seconds: 1712102400
+        seconds: 1684972800
         nanos: 0
       }
       author: {
@@ -104,11 +104,11 @@ declarations: {
         }
       ]
       created {
-        seconds: 1714003200
+        seconds: 1682380800
         nanos: 0
       }
       expires {
-        seconds: 1712102400
+        seconds: 1684972800
         nanos: 0
       }
       author: {
@@ -136,11 +136,11 @@ declarations: {
         }
       ]
       created {
-        seconds: 1714003200
+        seconds: 1682380800
         nanos: 0
       }
       expires {
-        seconds: 1712102400
+        seconds: 1684972800
         nanos: 0
       }
       author: {
 
@@ -3,9 +3,9 @@
     <declarations>
         <assessors>
             <assessor bom-ref="assessor-1">
-                <thirdParty>false</thirdParty>
+                <thirdParty>true</thirdParty>
                 <organization>
-                    <name>Acme Inc</name>
+                    <name>Assessors Inc</name>
                 </organization>
             </assessor>
         </assessors>
@@ -25,7 +25,7 @@
                         <score>0.8</score>
                         <rationale>Conformance rationale here</rationale>
                         <mitigationStrategies>
-                            <mitigationStrategy>mitigations-1</mitigationStrategy>
+                            <mitigationStrategy>mitigationStrategy-1</mitigationStrategy>
                         </mitigationStrategies>
                     </conformance>
                     <confidence>
@@ -110,7 +110,7 @@
                     <contents>
                         <attachment content-type="text/plain">Mitigation strategy here</attachment>
                     </contents>
-                    <classification>Public</classification>
+                    <classification>Company Confidential</classification>
                     <sensitiveData>Describe sensitive data here</sensitiveData>
                 </data>
                 <created>2023-04-25T00:00:00+00:00</created>
 
@@ -6,8 +6,8 @@ version: 1
 serial_number: "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
 metadata {
   timestamp {
-    seconds: 3173618478
-    nanos: 3
+    seconds: 1586809239
+    nanos: 0
   }
   tools {
     vendor: "Awesome Vendor"
@@ -112,15 +112,15 @@ components {
       version: "9.0.14"
     }
     commits {
-      uid: "123"
-      url: ""
+      uid: "7638417db6d59f3c431d3e1f261cc637155684cd"
+      url: "https://location/to/7638417db6d59f3c431d3e1f261cc637155684cd"
       author {
         timestamp {
-          seconds: 3084280878
-          nanos: 3
+          seconds: 1542140439
+          nanos: 0
         }
-        name: ""
-        email: ""
+        name: "me"
+        email: "me@acme.org"
       }
     }
   }
@@ -141,7 +141,6 @@ components {
       email: "support@apac.example.com"
     }
   }
-  author: "Example Super Heros"
   group: "org.example"
   name: "mylibrary"
   version: "1.0.0"
 
@@ -7,7 +7,7 @@ serial_number: "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
 components {
   type: CLASSIFICATION_LIBRARY
   group: "com.example"
-  name: "acme-example"
+  name: "acme-library"
   version: "1.0.0"
   cpe: "cpe:2.3:a:example:acme-library:1.0.0:*:*:*:*:*:*:*"
   purl: "pkg:maven/com.example/acme-library@1.0.0"
 
@@ -9,11 +9,19 @@
       "type": "library",
       "bom-ref": "123",
       "name": "acme-library",
-      "version": "1.0.0"
+      "version": "1.0.0",
+      "components" : [
+        {
+          "type": "library",
+          "bom-ref": "456",
+          "name": "acme-library",
+          "version": "1.0.0"
+        }
+      ]
     },
     {
       "type": "library",
-      "bom-ref": "456",
+      "bom-ref": "789",
       "name": "acme-library",
       "version": "1.0.0"
     }
 
@@ -9,10 +9,16 @@ components {
   bom_ref: "123"
   name: "acme-library"
   version: "1.0.0"
+  components {
+    type: CLASSIFICATION_LIBRARY
+      bom_ref: "456"
+      name: "acme-library"
+      version: "1.0.0"
+  }
 }
 components {
   type: CLASSIFICATION_LIBRARY
-  bom_ref: "456"
+  bom_ref: "789"
   name: "acme-library"
   version: "1.0.0"
 }
@@ -21,7 +21,7 @@
         </component>
         <component type="library" bom-ref="pkg:maven/acme/library@3.0">
             <name>Acme Library</name>
-            <version>2.0</version>
+            <version>3.0</version>
             <purl>pkg:maven/acme/library@3.0</purl>
         </component>
     </components>
@@ -49,9 +49,9 @@
         </composition>
         <composition>
             <aggregate>incomplete_first_party_only</aggregate>
-            <assemblies>
-                <assembly ref="vulnerability-1"/>
-            </assemblies>
+            <vulnerabilities>
+                <vulnerability ref="vulnerability-1"/>
+            </vulnerabilities>
         </composition>
     </compositions>
     <vulnerabilities>
 
@@ -42,12 +42,12 @@ components: [
         subjectName: "Subject name here"
         issuerName: "Issuer name here"
         notValidBefore {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1640995200
+          nanos: 0
         }
         notValidAfter {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704067200
+          nanos: 0
         }
         signatureAlgorithmRef: "bom-ref-to-algorithm"
         subjectPublicKeyRef: "bom-ref-to-public-key"
@@ -93,20 +93,20 @@ components: [
         state: CRYPTO_RELATED_STATE_ACTIVE
         algorithmRef: "bom-ref-to-algorithm"
         creationDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704067200
+          nanos: 0
         }
         activationDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704153600
+          nanos: 0
         }
         updateDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704240000
+          nanos: 0
         }
         expirationDate {
-          seconds: 3173618478
-          nanos: 3
+          seconds: 1704326400
+          nanos: 0
         }
         value: "Value here"
         size: 1024
 
@@ -31,11 +31,11 @@
             </cryptoProperties>
         </component>
         <component type="library" bom-ref="crypto-library">
-            <name>Crypto Library</name>
+            <name>Crypto library</name>
             <version>1.0.0</version>
         </component>
         <component type="library" bom-ref="some-library">
-            <name>Some Library</name>
+            <name>Some library</name>
             <version>1.0.0</version>
         </component>
     </components>
 
@@ -2,15 +2,15 @@
 <bom serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79" version="1" xmlns="http://cyclonedx.org/schema/bom/1.6">
     <components>
         <component type="library" bom-ref="library-a">
-            <name>acme-library-a</name>
+            <name>library-a</name>
             <version>1.0.0</version>
         </component>
         <component type="library" bom-ref="library-b">
-            <name>acme-library-b</name>
+            <name>library-b</name>
             <version>1.0.0</version>
         </component>
         <component type="library" bom-ref="library-c">
-            <name>acme-library-b</name>
+            <name>library-c</name>
             <version>1.0.0</version>
         </component>
     </components>
 
@@ -42,7 +42,6 @@ components [
           }
         ],
         tools: [
-          "bom-ref-of-tool-that-performed-analysis",
           "bom-ref-of-tool-that-performed-analysis"
         ]
       },
Original file line number	Diff line number	Diff line change
`@@ -24,8 +24,8 @@ annotations {`
`24`	`24`	`}`
`25`	`25`	`}`
`26`	`26`	`timestamp {`
`27`		`- seconds: 3173618478`
`28`		`- nanos: 3`
	`27`	`+ seconds: 1640995200`
	`28`	`+ nanos: 0`
`29`	`29`	`}`
`30`	`30`	`text: "This is a sample annotation made by an organization"`
`31`	`31`	`}`
`@@ -40,10 +40,10 @@ annotations {`
`40`	`40`	`}`
`41`	`41`	`}`
`42`	`42`	`timestamp {`
`43`		`- seconds: 3173618478`
`44`		`- nanos: 3`
	`43`	`+ seconds: 1640995200`
	`44`	`+ nanos: 0`
`45`	`45`	`}`
`46`		`- text: "This is a sample annotation made by an person"`
	`46`	`+ text: "This is a sample annotation made by a person"`
`47`	`47`	`}`
`48`	`48`	`annotations {`
`49`	`49`	`bom_ref: "annotation-3"`
`@@ -56,8 +56,8 @@ annotations {`
`56`	`56`	`}`
`57`	`57`	`}`
`58`	`58`	`timestamp {`
`59`		`- seconds: 3173618478`
`60`		`- nanos: 3`
	`59`	`+ seconds: 1640995200`
	`60`	`+ nanos: 0`
`61`	`61`	`}`
`62`	`62`	`text: "This is a sample annotation made by a component"`
`63`	`63`	`}`
`@@ -72,7 +72,7 @@ annotations {`
`72`	`72`	`url: "https://partner.org"`
`73`	`73`	`contact {`
`74`	`74`	`name: "Support"`
`75`		`- email: "support@partner"`
	`75`	`+ email: "support@partner.org"`
`76`	`76`	`phone: "800-555-1212"`
`77`	`77`	`}`
`78`	`78`	`}`
`@@ -90,8 +90,8 @@ annotations {`
`90`	`90`	`}`
`91`	`91`	`}`
`92`	`92`	`timestamp {`
`93`		`- seconds: 3173618478`
`94`		`- nanos: 3`
	`93`	`+ seconds: 1640995200`
	`94`	`+ nanos: 0`
`95`	`95`	`}`
`96`	`96`	`text: "This is a sample annotation made by a service"`
`97`	`97`	`}`
Original file line number	Diff line number	Diff line change
`@@ -72,11 +72,11 @@ declarations: {`
`72`	`72`	`}`
`73`	`73`	`]`
`74`	`74`	`created {`
`75`		`- seconds: 1714003200`
	`75`	`+ seconds: 1682380800`
`76`	`76`	`nanos: 0`
`77`	`77`	`}`
`78`	`78`	`expires {`
`79`		`- seconds: 1712102400`
	`79`	`+ seconds: 1684972800`
`80`	`80`	`nanos: 0`
`81`	`81`	`}`
`82`	`82`	`author: {`
`@@ -104,11 +104,11 @@ declarations: {`
`104`	`104`	`}`
`105`	`105`	`]`
`106`	`106`	`created {`
`107`		`- seconds: 1714003200`
	`107`	`+ seconds: 1682380800`
`108`	`108`	`nanos: 0`
`109`	`109`	`}`
`110`	`110`	`expires {`
`111`		`- seconds: 1712102400`
	`111`	`+ seconds: 1684972800`
`112`	`112`	`nanos: 0`
`113`	`113`	`}`
`114`	`114`	`author: {`
`@@ -136,11 +136,11 @@ declarations: {`
`136`	`136`	`}`
`137`	`137`	`]`
`138`	`138`	`created {`
`139`		`- seconds: 1714003200`
	`139`	`+ seconds: 1682380800`
`140`	`140`	`nanos: 0`
`141`	`141`	`}`
`142`	`142`	`expires {`
`143`		`- seconds: 1712102400`
	`143`	`+ seconds: 1684972800`
`144`	`144`	`nanos: 0`
`145`	`145`	`}`
`146`	`146`	`author: {`
Original file line number	Diff line number	Diff line change
`@@ -6,8 +6,8 @@ version: 1`
`6`	`6`	`serial_number: "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"`
`7`	`7`	`metadata {`
`8`	`8`	`timestamp {`
`9`		`- seconds: 3173618478`
`10`		`- nanos: 3`
	`9`	`+ seconds: 1586809239`
	`10`	`+ nanos: 0`
`11`	`11`	`}`
`12`	`12`	`tools {`
`13`	`13`	`vendor: "Awesome Vendor"`
`@@ -112,15 +112,15 @@ components {`
`112`	`112`	`version: "9.0.14"`
`113`	`113`	`}`
`114`	`114`	`commits {`
`115`		`- uid: "123"`
`116`		`- url: ""`
	`115`	`+ uid: "7638417db6d59f3c431d3e1f261cc637155684cd"`
	`116`	`+ url: "https://location/to/7638417db6d59f3c431d3e1f261cc637155684cd"`
`117`	`117`	`author {`
`118`	`118`	`timestamp {`
`119`		`- seconds: 3084280878`
`120`		`- nanos: 3`
	`119`	`+ seconds: 1542140439`
	`120`	`+ nanos: 0`
`121`	`121`	`}`
`122`		`- name: ""`
`123`		`- email: ""`
	`122`	`+ name: "me"`
	`123`	`+ email: "me@acme.org"`
`124`	`124`	`}`
`125`	`125`	`}`
`126`	`126`	`}`
`@@ -141,7 +141,6 @@ components {`
`141`	`141`	`email: "support@apac.example.com"`
`142`	`142`	`}`
`143`	`143`	`}`
`144`		`- author: "Example Super Heros"`
`145`	`144`	`group: "org.example"`
`146`	`145`	`name: "mylibrary"`
`147`	`146`	`version: "1.0.0"`
Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,6 @@ components [`
`42`	`42`	`}`
`43`	`43`	`],`
`44`	`44`	`tools: [`
`45`		`- "bom-ref-of-tool-that-performed-analysis",`
`46`	`45`	`"bom-ref-of-tool-that-performed-analysis"`
`47`	`46`	`]`
`48`	`47`	`},`