Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[K9VULN-2435] Add support for Cyclone DX 1.6 #1513

Merged
merged 5 commits into from
Jan 2, 2025
Merged

[K9VULN-2435] Add support for Cyclone DX 1.6 #1513

merged 5 commits into from
Jan 2, 2025
+5,765 −18

Conversation

juli1
Copy link
Contributor

@juli1 juli1 commented Dec 25, 2024

What and why?

Support CycloneDX 1.6 as this is now requested by customers.

How?

Check SBOM files against the schema. Make sure that library and framework types from CycloneDX are being uploaded.

Testing

Added unit tests

Tested upload manually

Screenshot 2024-12-25 at 6 03 50 PM

Dependencies show up

Screenshot 2024-12-25 at 5 57 09 PM

@juli1 juli1 requested review from a team as code owners December 25, 2024 23:04
@juli1 juli1 requested a review from dd-colin December 25, 2024 23:04
@juli1 juli1 added the static-analysis Related to [sarif, sbom] label Dec 25, 2024
@datadog-datadog-prod-us1
Copy link

datadog-datadog-prod-us1 bot commented Dec 25, 2024
edited
Loading

Datadog Report

Branch report: juli1/STAL-2435
Commit report: aacda63
Test service: datadog-ci-tests

✅ 0 Failed, 428 Passed, 0 Skipped, 1m 50.61s Total duration (1m 58.22s time saved)

marcwieserdev
marcwieserdev reviewed Dec 26, 2024
View reviewed changes
src/commands/sbom/validation.ts Outdated Show resolved Hide resolved
src/commands/sbom/validation.ts Outdated Show resolved Hide resolved
dastrong
dastrong approved these changes Dec 30, 2024
View reviewed changes
Copy link
Contributor

@dastrong dastrong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Non-blocking, but we can make this error messaging a bit nicer.

src/commands/sbom/validation.ts Show resolved Hide resolved
@juli1 juli1 merged commit a77fc93 into master Jan 2, 2025
17 checks passed
@juli1 juli1 deleted the juli1/STAL-2435 branch January 2, 2025 15:29
@AntoineDona AntoineDona mentioned this pull request Jan 8, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dastrong dastrong dastrong approved these changes

@marcwieserdev marcwieserdev marcwieserdev approved these changes

@dd-colin dd-colin Awaiting requested review from dd-colin dd-colin was automatically assigned from DataDog/static-analysis-core

Assignees
No one assigned
Labels
static-analysis Related to [sarif, sbom]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@juli1 @marcwieserdev @dastrong